Build Agent and Upload To OSS #2179
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow will build a Java project with Maven | |
| # For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven | |
| name: Build Agent and Upload To OSS | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - beta | |
| - develop | |
| pull_request: | |
| branches: | |
| - main | |
| - beta | |
| - develop | |
| paths-ignore: | |
| - '.github/**' | |
| - 'changes/**' | |
| - 'deploy/**' | |
| - '**.md' | |
| - '**.yml' | |
| - '**.xml' | |
| - 'LICENSE' | |
| - '.gitignore' | |
| schedule: | |
| - cron: '0 10 * * *' | |
| jobs: | |
| Cache-Dependencies: | |
| name: Cache dependencies | |
| if: github.repository == 'HXSecurity/DongTai-agent-java' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - name: Set up JDK 1.8 | |
| uses: actions/setup-java@v1 | |
| with: | |
| java-version: 1.8 | |
| - name: Set up Maven | |
| uses: stCarolas/setup-maven@v4 | |
| with: | |
| maven-version: 3.2.5 | |
| - uses: actions/cache@v2 | |
| id: mvn-cache # use this to check for `cache-hit` (`steps.mvn-cache.outputs.cache-hit != 'true'`) | |
| with: | |
| path: ~/.m2 # !WARN does not work if running multiple node versions, instead use https://github.com/actions/cache/blob/master/examples.md#node---yarn | |
| key: ${{ runner.os }}-mvn-${{ hashFiles('**/pom.xml') }} | |
| restore-keys: | | |
| ${{ runner.os }}-mvn- | |
| - name: Mvn Install | |
| if: steps.mvn-cache.outputs.cache-hit != 'true' | |
| run: mvn -B compile -Dmaven.test.skip=true | |
| Build-Agent: | |
| name: Build Java Agent | |
| if: github.event_name == 'pull_request' || github.event_name == 'schedule' | |
| runs-on: ubuntu-latest | |
| needs: [ Cache-Dependencies ] | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - name: Set up JDK 1.8 | |
| uses: actions/setup-java@v1 | |
| with: | |
| java-version: 1.8 | |
| - name: Set up Maven | |
| uses: stCarolas/setup-maven@v4 | |
| with: | |
| maven-version: 3.2.5 | |
| - name: Restore dependencies from cache | |
| uses: actions/cache@v2 | |
| with: | |
| path: ~/.m2 | |
| key: ${{ runner.os }}-mvn-${{ hashFiles('**/pom.xml') }} | |
| restore-keys: | | |
| ${{ runner.os }}-mvn- | |
| - name: Build DongTai-Java-Agent With Maven | |
| run: | | |
| mvn -version | |
| mvn -B package -Dmaven.test.skip=true | |
| - uses: shogo82148/actions-setup-mysql@v1 | |
| with: | |
| mysql-version: '8.0' | |
| auto-start: true | |
| root-password: yuhjnbGYUI | |
| user: test | |
| password: test | |
| # - name: OpenRASP-Vulns-Test | |
| # run: bash .github/workflows/scripts/openrasp-test.sh "OpenRASP" "${{ github.event_name }}-${{ github.run_number }}" | |
| # | |
| # - name: Benchmark-Vulns-Test | |
| # run: bash .github/workflows/scripts/benchmark-test.sh "OWASP-Benchmark" "${{ github.event_name }}-${{ github.run_number }}" | |
| Upload-To-OSS: | |
| name: Upload To TEST OSS | |
| if: github.event_name == 'push' | |
| runs-on: ubuntu-latest | |
| needs: [ Cache-Dependencies ] | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - name: Set up JDK 1.8 | |
| uses: actions/setup-java@v1 | |
| with: | |
| java-version: 1.8 | |
| - name: Set up Maven | |
| uses: stCarolas/setup-maven@v4 | |
| with: | |
| maven-version: 3.2.5 | |
| - name: Get the release version | |
| id: version | |
| run: echo ::set-output name=GITHUB_REF::${GITHUB_REF##*/} | |
| - name: Restore dependencies from cache | |
| uses: actions/cache@v2 | |
| with: | |
| path: ~/.m2 | |
| key: ${{ runner.os }}-mvn-${{ hashFiles('**/pom.xml') }} | |
| restore-keys: | | |
| ${{ runner.os }}-mvn- | |
| - name: Build DongTai-Java-Agent With Maven | |
| run: | | |
| mvn -version | |
| mvn -B package -Dmaven.test.skip=true | |
| - name: Upload Assets | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: dongtai-agent | |
| path: | | |
| dongtai-agent/target/dongtai-agent.jar | |
| dongtai-agent/src/main/resources/bin/* | |
| - uses: manyuanrong/[email protected] | |
| with: | |
| endpoint: ${{ secrets.CHART_OSS_ENDPOINT }} | |
| access-key-id: ${{ secrets.OSS_KEY_ID }} | |
| access-key-secret: ${{ secrets.OSS_KEY_SECRET }} | |
| - name: Upload COS | |
| if: ${{ steps.version.outputs.GITHUB_REF }} == develop | |
| uses: zkqiang/[email protected] | |
| with: | |
| args: upload -rs dongtai-agent/target/dongtai-agent.jar /agent_test/java/latest/dongtai-agent.jar && upload -rs dongtai-agent/src/main/resources/bin/ /agent_test/java/latest/ | |
| secret_id: ${{ secrets.TENSECRET_ID }} | |
| secret_key: ${{ secrets.TENSECRET_KEY }} | |
| bucket: dongtai-helm-charts-1251882848 | |
| region: ap-hongkong | |
| - name: Upload COS beta | |
| if: ${{ steps.version.outputs.GITHUB_REF }} == beta || ${{ steps.version.outputs.GITHUB_REF }} == main | |
| uses: zkqiang/[email protected] | |
| with: | |
| args: upload -rs dongtai-agent/target/dongtai-agent.jar /agent_${{ steps.version.outputs.GITHUB_REF }}/java/latest/dongtai-agent.jar && upload -rs dongtai-agent/src/main/resources/bin/ /agent_${{ steps.version.outputs.GITHUB_REF }}/java/latest/ | |
| secret_id: ${{ secrets.TENSECRET_ID }} | |
| secret_key: ${{ secrets.TENSECRET_KEY }} | |
| bucket: dongtai-helm-charts-1251882848 | |
| region: ap-hongkong | |
| - name: deploy to cluster A | |
| uses: tscuite/kubectl-helm-action@main | |
| env: | |
| MAX: false | |
| PROJECT: agent | |
| TOKEN_SCA: ${{ secrets.TOKEN_SCA }} | |
| KUBE_CONFIG_DATA: ${{ secrets.KUBE_CONFIG_TEST_DATA }} | |
| - name: deploy to cluster B | |
| uses: tscuite/kubectl-helm-action@main | |
| env: | |
| MAX: true | |
| PROJECT: agent | |
| TOKEN_SCA: ${{ secrets.MAX_TOKEN_SCA }} | |
| KUBE_CONFIG_DATA: ${{ secrets.KUBE_CONFIG_TEST_DATA }} |