Build & Release Providers #29
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: 'Build & Release Providers' | |
on: | |
workflow_dispatch: | |
inputs: | |
build_all: | |
description: 'Force build all providers' | |
type: boolean | |
required: false | |
default: 'false' | |
skip_publish: | |
description: 'Skip publishing' | |
type: boolean | |
required: false | |
default: 'false' | |
env: | |
BUCKET: releases-us.mondoo.io | |
jobs: | |
scoping: | |
runs-on: self-hosted | |
timeout-minutes: 10 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Detect providers | |
id: providers | |
run: | | |
providers=$(find providers -mindepth 1 -maxdepth 1 -type d -exec basename {} \;) | |
echo "::set-output name=providers::$providers" | |
echo "PROVIDERS=$providers" >> $GITHUB_ENV | |
echo "Detected providers: $providers" | |
provider-build: | |
name: "${{ matrix.provider }}" | |
runs-on: self-hosted | |
timeout-minutes: 120 | |
needs: scoping | |
strategy: | |
max-parallel: 2 | |
matrix: | |
provider: ${{ needs.scoping.outputs.providers }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Check for changes | |
id: version | |
run: | | |
echo "Checking for changes in ${{ matrix.provider }}" | |
cd providers/${{ matrix.provider }} | |
REPO_VERSION=$(grep Version config/config.go | cut -f2 -d\") | |
echo "REPO_VERSION=$REPO_VERSION" >> $GITHUB_ENV | |
DIST_VERSION=$(curl -s https://releases-us.mondoo.io/providers/${{ matrix.provider }}/latest.json | jq -r .version) | |
echo "DIST_VERSION=$DIST_VERSION" >> $GITHUB_ENV | |
- name: Skip if no changes | |
if: ${{ github.event.inputs.build_all == 'false' }} | |
run: | | |
if [ "$REPO_VERSION" == "$DIST_VERSION" ]; then | |
echo "No change to version detected for ${{ matrix.provider }}. Skipping build." | |
exit 78 | |
fi | |
- name: Set up Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version: ">=1.21.0" | |
cache: false | |
- name: 'Authenticate to Google Cloud' | |
uses: 'google-github-actions/auth@v1' | |
with: | |
credentials_json: ${{ secrets.GCP_RELEASE_SERVICE_ACCOUNT}} | |
- name: 'Set up gcloud CLI' | |
uses: 'google-github-actions/setup-gcloud@v1' | |
- name: 'Build dependencies' | |
run: | | |
make providers/proto | |
go build -o lr ./providers-sdk/v1/lr/cli/main.go | |
- name: 'Build Provider' | |
run: | | |
rm -rf ./dist | |
scripts/provider_bundler.sh ${{ matrix.provider }} | |
- name: 'Publish Provider' | |
if: ${{ github.event.inputs.skip_publish == 'false' }} | |
run: | | |
for pkg in $(ls dist | cut -f1,2 -d_ | uniq); do | |
echo "Publishing $pkg" | |
PROVIDER=$(echo $pkg | cut -f1 -d_) | |
VERSION=$REPO_VERSION | |
echo "Publishing $pkg to gs://${BUCKET}/providers/${PROVIDER}/${VERSION}/" | |
gsutil -m cp -c dist/${pkg}*.xz gs://${BUCKET}/providers/${PROVIDER}/${VERSION}/ | |
gsutil -m cp -c dist/${pkg}_SHA256SUMS gs://${BUCKET}/providers/${PROVIDER}/${VERSION}/ | |
done | |
- name: 'Save Artifacts' | |
if: ${{ github.event.inputs.skip_publish == 'false' }} | |
uses: actions/upload-artifact@v2 | |
with: | |
name: ${{ matrix.provider }} | |
path: dist | |
provider-index: | |
needs: provider-build | |
runs-on: self-hosted | |
steps: | |
- name: Trigger Reindex of releases.mondoo.com | |
uses: peter-evans/repository-dispatch@v2 | |
with: | |
token: ${{ secrets.RELEASR_ACTION_TOKEN }} | |
repository: "mondoohq/releasr" | |
event-type: reindex | |
client-payload: '{ }' |