This repository has been archived by the owner on May 23, 2024. It is now read-only.
forked from hypoport/docker-kibana-search-guard
-
Notifications
You must be signed in to change notification settings - Fork 0
57 lines (53 loc) · 2.39 KB
/
release-pipeline.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
name: "Build and Release Pipeline"
on:
push:
schedule:
# * is a special character in YAML so you have to quote this string
- cron: '30 5 * * *'
env:
IMAGE_NAME: "xtermi2/kibana-searchguard"
jobs:
build-and-test:
runs-on: ubuntu-20.04
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Setup Docker Env
uses: docker-practice/actions-setup-docker@v1
- name: Docker build
run: docker build --build-arg VCS_REF=`git rev-parse HEAD` --build-arg BUILD_DATE=`date --iso-8601=seconds` -t $IMAGE_NAME:latest --no-cache .
- name: print image details
run: docker inspect $IMAGE_NAME
- name: run Aqua's trivy - scan for vulnerabilities
run: docker run -i --rm -u 0 $IMAGE_NAME:latest bash -c 'curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /tmp && /tmp/trivy filesystem --no-progress --severity HIGH,CRITICAL /'
release:
# Release to dockerhub and create Github release
needs: [build-and-test]
if: ${{ github.repository == 'xtermi2/kibana-searchguard' && github.event_name == 'push' && startsWith(github.ref, 'refs/tags/') }}
runs-on: ubuntu-20.04
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Setup Docker Env
uses: docker-practice/actions-setup-docker@v1
- name: Docker build
run: docker build --build-arg VCS_REF=`git rev-parse HEAD` --build-arg BUILD_DATE=`date --iso-8601=seconds` -t $IMAGE_NAME:latest --no-cache .
- name: Get the curent tag
id: get_tag
run: echo ::set-output name=TAG_VERSION::${GITHUB_REF/refs\/tags\//}
- name: Push image to dockerhub
env:
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
run: ./deployToDockerhub.sh "${{ steps.get_tag.outputs.TAG_VERSION }}" "$IMAGE_NAME"
- name: Create Github Release
id: create_release
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token
with:
tag_name: ${{ steps.get_tag.outputs.TAG_VERSION }}
release_name: ${{ steps.get_tag.outputs.TAG_VERSION }}
body: "Support Kibana ${{ steps.get_tag.outputs.TAG_VERSION }}"
draft: false
prerelease: false