Skip to content

try again

try again #19

name: Build and test osctrl
on:
push:
branches:
- main
env:
GOLANG_VERSION: 1.21.3
OSQUERY_VERSION: 5.12.1
jobs:
build_and_test:
runs-on: ubuntu-22.04
strategy:
matrix:
components: ['tls', 'admin', 'api', 'cli']
goos: ['linux', 'darwin', 'windows']
goarch: ['amd64', 'arm64']
steps:
########################### Checkout code ###########################
- name: Checkout code
uses: actions/[email protected]
with:
fetch-depth: 2
########################### Generate SHA1 commit hash ###########################
# https://newbedev.com/getting-current-branch-and-commit-hash-in-github-action
- name: Declare GIT hash and branch
id: vars
shell: bash
run: |
echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_OUTPUT
echo "branch=$(echo ${GITHUB_REF#refs/heads/})" >> $GITHUB_OUTPUT
echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
########################### Build osctrl ###########################
- name: Build osctrl binaries
# Build all osctrl components for linux for all archs
# Build all osctrl components for darwin for all archs
# Build osctrl cli for windows for all archs
if: matrix.goos == 'linux' || matrix.goos == 'darwin' || (matrix.goos == 'windows' && matrix.components == 'cli')
uses: ./.github/actions/build/binaries
with:
go_os: "${{ matrix.goos }}"
go_arch: "${{ matrix.goarch }}"
osctrl_component: "${{ matrix.components }}"
commit_sha: "${{ steps.vars.outputs.sha_short }}"
commit_branch: "${{ steps.vars.outputs.branch }}"
golang_version: "${{ env.GOLANG_VERSION }}"
########################### Test binaries ###########################
# - name: Run tests
# id: bin_tests
# uses: .github/actions/test/binaries
# with:
# go_os: "${{ matrix.goos }}"
# go_arch: "${{ matrix.goarch }}"
# osctrl_component: "${{ matrix.components }}"
# commit_sha: "${{ steps.vars.outputs.sha_short }}"
# commit_branch: "${{ steps.vars.outputs.branch }}"
# golang_version: "${{ env.GOLANG_VERSION }}"
create_deb_packages:
strategy:
matrix:
components: ['tls', 'admin', 'api', 'cli']
goos: ['linux']
goarch: ['amd64']
needs: [build_and_test]
runs-on: ubuntu-22.04
steps:
########################### Checkout code ###########################
- name: Checkout code
uses: actions/[email protected]
with:
fetch-depth: 2
########################### Generate SHA1 commit hash ###########################
# https://newbedev.com/getting-current-branch-and-commit-hash-in-github-action
- name: Declare GIT hash and branch
id: vars
shell: bash
run: |
echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_OUTPUT
echo "branch=$(echo ${GITHUB_REF#refs/heads/})" >> $GITHUB_OUTPUT
echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
########################### Build DEB packages ###########################
- name: Build osctrl DEB packages
uses: ./.github/actions/build/dpkg
with:
go_os: ${{ matrix.goos }}
go_arch: ${{ matrix.goarch }}
osctrl_component: ${{ matrix.components }}
commit_sha: ${{ steps.vars.outputs.sha_short }}
osquery_version: ${{ env.OSQUERY_VERSION }}
create_docker_images:
needs: [build_and_test]
runs-on: ubuntu-22.04
strategy:
matrix:
components: ['tls', 'admin', 'api', 'cli']
goos: ['linux']
goarch: ['amd64', 'arm64']
steps:
########################### Checkout code ###########################
- name: Checkout code
uses: actions/[email protected]
with:
fetch-depth: 2
########################### Generate SHA1 commit hash ###########################
# https://newbedev.com/getting-current-branch-and-commit-hash-in-github-action
- name: Declare GIT hash and branch
id: vars
shell: bash
run: |
echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_OUTPUT
echo "branch=$(echo ${GITHUB_REF#refs/heads/})" >> $GITHUB_OUTPUT
echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
########################### Build Docker containers ###########################
- name: Build and deploy osctrl Docker containers
uses: ./.github/actions/build/docker
with:
#### golang env vars ####
go_os: ${{ matrix.goos }}
go_arch: ${{ matrix.goarch }}
#### Build vars ####
osctrl_component: ${{ matrix.components }}
commit_sha: ${{ steps.vars.outputs.sha_short }}
docker_tag: ${{ steps.vars.outputs.sha_short }}
#### Dockerhub creds ####
docker_hub_org: ${{ secrets.DOCKER_HUB_ORG }}
docker_hub_username: ${{ secrets.DOCKER_HUB_USERNAME }}
docker_hub_access_token: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
########################### Export image digest to tmp ###########################
- name: Export digest
run: |
mkdir -p /tmp/digests
digest="${{ steps.create_docker_images.outputs.digest }}"
touch "/tmp/digests/${digest#sha256:}"
########################### Upload digest ###########################
- name: Upload digest
uses: actions/upload-artifact@v3
with:
name: digests
path: /tmp/digests/*
if-no-files-found: error
retention-days: 1
push_docker_images:
needs: [create_docker_images]
runs-on: ubuntu-22.04
strategy:
matrix:
components: ['tls', 'admin', 'api', 'cli']
steps:
- name: Download digests
uses: actions/download-artifact@v3
with:
name: digests
path: /tmp/digests
- name: Set up Docker Buildx
uses: docker/[email protected]
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ secrets.DOCKER_HUB_ORG }}/osctrl-${{ matrix.components }}
tags: |
type=sha
type=semver,pattern={{version}}
# tag latest version for tagged_releases
type=raw,value=latest,enable=${{ !startsWith(github.ref, 'refs/tags/v0.') }}
########################### Log into Dockerhub ###########################
- name: Login to Docker Hub
uses: docker/[email protected]
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
- name: Create manifest list and push
working-directory: /tmp/digests
run: |
docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
$(printf '${{ secrets.DOCKER_HUB_ORG }}/osctrl-${{ matrix.components }}@sha256:%s ' *)
- name: Inspect image
run: |
docker buildx imagetools inspect ${{ secrets.DOCKER_HUB_ORG }}/osctrl-${{ matrix.components }}:${{ steps.meta.outputs.version }}