Skip to content

feat: add manifest content to sbom' metadata #137

feat: add manifest content to sbom' metadata

feat: add manifest content to sbom' metadata #137

Workflow file for this run

---
name: Stage
env:
# 🖊️ EDIT to change the image build settings.
IMAGE_NAME: exhort-javascript-api
IMAGE_REGISTRY: quay.io/ecosystem-appeng
DOCKERFILE_PATH: ./docker-image/Dockerfiles/Dockerfile
on:
pull_request_target:
types:
- closed
branches:
- main
paths:
- "generated/**"
- "src/**"
- "test/**"
- "package-lock.json"
- "package.json"
- "tsconfig.json"
- ".github/workflows/stage.yml"
- "docker-image/**"
jobs:
stage:
runs-on: ubuntu-latest
# Branches that starts with `release/` shouldn't trigger this workflow, as these are triggering the release workflow.
if: github.repository_owner == 'RHEcosystemAppEng' && github.event.pull_request.merged == true && !startsWith(github.head_ref, 'release/')
environment: staging
name: Stage the project
steps:
- name: Checkout sources
uses: actions/checkout@v3
with:
ssh-key: ${{ secrets.DEPLOY_KEY }}
fetch-depth: 0
- name: Install node 18
uses: actions/setup-node@v3
with:
node-version: 18
cache: npm
registry-url: 'https://npm.pkg.github.com'
- name: Setup Java 17
uses: actions/setup-java@v3
with:
distribution: temurin
java-version: 17
cache: maven
- name: setup go
uses: actions/setup-go@v5
with:
go-version: '1.20.1'
- name: Setup Gradle
uses: gradle/gradle-build-action@v3
- name: Configure git
run: |
git config user.name "${{ github.actor }}"
git config user.email "${{ github.actor }}@users.noreply.github.com"
- name: Update package with new version
id: bump
run: |
echo "version=$(npm version prerelease --no-git-tag-version --preid ea)" >> "$GITHUB_OUTPUT"
- name: Install project modules
run: npm ci
- name: Compile project
run: npm run compile
- name: Check if re-test is needed
id: test-check
uses: zvigrinberg/[email protected]
with:
base-ref: ${{ github.base_ref }}
pr-ref: ${{ github.head_ref }}
file-pattern-regex: "^src/.*|^test/.*"
- name: setup Python
uses: actions/setup-python@v4
with:
python-version: '3.9'
cache: 'pip'
- name: get Python location
id: python-location
run: |
echo "python-bin-location=$(echo $pythonLocation)/bin" >> $GITHUB_OUTPUT
- name: re-test Unit-Tests + Integration Tests
env:
RETEST_IS_NECESSARY: ${{ steps.test-check.outputs.retest-is-needed}}
TRIGGERING_FILE: ${{ steps.test-check.outputs.triggering-file}}
run: |
if [[ $RETEST_IS_NECESSARY == "true" ]]; then
echo "Re-test was triggered!!, triggering changed file - $TRIGGERING_FILE"
echo "Running Again Unit-tests =>"
npm run test
echo "Running Again Integration tests =>"
npm run integration-tests
else
echo "Re-test of library is not needed, continuing to deployment!"
fi
- name: Publish package
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_MAVEN_TOKEN }}
run: npm publish
- name: Commit and push package modifications
run: |
git add package.json
git add package-lock.json
git commit -m "build: updated package with ${{ steps.bump.outputs.version }} [skip ci]"
git push
- name: Create and push new tag
run: |
git tag ${{ steps.bump.outputs.version }} -m "${{ steps.bump.outputs.version }}"
git push origin ${{ steps.bump.outputs.version }}
- name: Create a release
uses: actions/[email protected]
with:
github-token: ${{ secrets.STAGING_PAT }}
script: |
const repo_name = context.payload.repository.full_name
const response = await github.request('POST /repos/' + repo_name + '/releases', {
tag_name: '${{ steps.bump.outputs.version }}',
name: '${{ steps.bump.outputs.version }}',
prerelease: true,
generate_release_notes: true
})
- name: Build Image With buildah
id: build-image
uses: redhat-actions/buildah-build@v2
with:
image: ${{ env.IMAGE_NAME }}
tags: ${{ steps.bump.outputs.version }}
dockerfiles: |
${{ env.DOCKERFILE_PATH }}
build-args: |
PACKAGE_REGISTRY_ACCESS_TOKEN=${{ secrets.PACKAGE_REGISTRY_ACCESS_TOKEN }}
context: docker-image
- name: Push Image To Registry
uses: redhat-actions/push-to-registry@v2
with:
image: ${{ steps.build-image.outputs.image }}
tags: ${{ steps.build-image.outputs.tags }}
registry: ${{ env.IMAGE_REGISTRY }}
username: ${{ secrets.IMAGE_REGISTRY_USER }}
password: ${{ secrets.IMAGE_REGISTRY_PASSWORD }}