This repository has been archived by the owner on Aug 7, 2024. It is now read-only.

build-release #54

Workflow file for this run

.github/workflows/build-release.yaml at 7b5f478

	# Builds and pushes server image to prod ECR
	# Builds client binaries
	# Runs in reponse to successful integration tests that were triggered by a release only
	# NB: workflows that run on workflow_run use the workflow file from the main branch

	name: build-release

	on:
	workflow_run:
	workflows: [integration]
	types: [completed]

	jobs:
	build_server_image:
	# only run this job if the dependency workflow was a success and was triggered as part of a release
	if: github.event.workflow_run.conclusion == 'success' && github.event.workflow_run.event == 'release'
	runs-on: ubuntu-latest
	environment: prod
	env:
	ECR_REPOSITORY: orion-security-engineering/kiss
	TAG: ${{ github.event.workflow_run.head_branch }}
	steps:
	- name: Checkout code
	uses: actions/checkout@v2
	with:
	ref: ${{ github.event.workflow_run.head_branch }}

	# using this action makes Docker layer caching easier:
	# https://www.docker.com/blog/docker-github-actions/
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v1

	- name: Cache Docker layers
	uses: actions/cache@v2
	with:
	path: /tmp/.buildx-cache
	key: ${{ runner.os }}-buildx-${{ github.sha }}
	restore-keys: \|
	${{ runner.os }}-buildx-

	- name: Configure AWS Credentials
	uses: aws-actions/configure-aws-credentials@v1
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	aws-region: eu-west-1

	- name: Login to Amazon ECR
	id: login-ecr
	uses: aws-actions/amazon-ecr-login@v1

	- name: Build and push
	uses: docker/build-push-action@v2
	with:
	context: ./
	file: server/Dockerfile
	push: true
	tags: ${{ steps.login-ecr.outputs.registry }}/${{ env.ECR_REPOSITORY }}:${{ env.TAG }}
	cache-from: type=local,src=/tmp/.buildx-cache
	cache-to: type=local,dest=/tmp/.buildx-cache-new
	builder: ${{ steps.buildx.outputs.name }}

	# prevent cache from growing too large
	# https://github.com/docker/build-push-action/issues/252
	- name: Move cache
	run: \|
	rm -rf /tmp/.buildx-cache
	mv /tmp/.buildx-cache-new /tmp/.buildx-cache

	build_linux_client:
	# only run this job if the dependency workflow was a success and was triggered as part of a release
	if: github.event.workflow_run.conclusion == 'success' && github.event.workflow_run.event == 'release'
	runs-on: ubuntu-latest
	env:
	TAG: ${{ github.event.workflow_run.head_branch }}
	GOARCH: amd64
	GOOS: linux
	steps:
	- name: Install Go
	uses: actions/setup-go@v2
	with:
	go-version: 1.16

	- name: Checkout code
	uses: actions/checkout@v2
	with:
	ref: ${{ github.event.workflow_run.head_branch }}

	- uses: actions/cache@v2
	with:
	path: \|
	~/go/pkg/mod
	~/.cache/go-build
	key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
	restore-keys: ${{ runner.os }}-go-

	- name: Compile
	working-directory: ./client/cmd
	run: \|
	go build -o /tmp/kiss-client-${{ env.GOOS }}-${{ env.GOARCH }} .

	- name: Release
	uses: softprops/action-gh-release@v1
	with:
	tag_name: ${{ env.TAG }}
	files: \|
	/tmp/kiss-client-${{ env.GOOS }}-${{ env.GOARCH }}
	LICENSE
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	build_darwin_client:
	# only run this job if the dependency workflow was a success and was triggered as part of a release
	if: github.event.workflow_run.conclusion == 'success' && github.event.workflow_run.event == 'release'
	runs-on: ubuntu-latest
	env:
	TAG: ${{ github.event.workflow_run.head_branch }}
	GOARCH: amd64
	GOOS: darwin
	steps:
	- name: Install Go
	uses: actions/setup-go@v2
	with:
	go-version: 1.16

	- name: Checkout code
	uses: actions/checkout@v2
	with:
	ref: ${{ github.event.workflow_run.head_branch }}

	- uses: actions/cache@v2
	with:
	path: \|
	~/go/pkg/mod
	~/.cache/go-build
	key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
	restore-keys: ${{ runner.os }}-go-

	- name: Compile
	working-directory: ./client/cmd
	run: \|
	go build -o /tmp/kiss-client-${{ env.GOOS }}-${{ env.GOARCH }} .

	- name: Release
	uses: softprops/action-gh-release@v1
	with:
	tag_name: ${{ env.TAG }}
	files: \|
	/tmp/kiss-client-${{ env.GOOS }}-${{ env.GOARCH }}
	LICENSE
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	build_windows_client:
	# only run this job if the dependency workflow was a success and was triggered as part of a release
	if: github.event.workflow_run.conclusion == 'success' && github.event.workflow_run.event == 'release'
	runs-on: ubuntu-latest
	env:
	TAG: ${{ github.event.workflow_run.head_branch }}
	GOARCH: amd64
	GOOS: windows
	steps:
	- name: Install Go
	uses: actions/setup-go@v2
	with:
	go-version: 1.16

	- name: Checkout code
	uses: actions/checkout@v2
	with:
	ref: ${{ github.event.workflow_run.head_branch }}

	- uses: actions/cache@v2
	with:
	path: \|
	~/go/pkg/mod
	~/.cache/go-build
	key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
	restore-keys: ${{ runner.os }}-go-

	- name: Compile
	working-directory: ./client/cmd
	run: \|
	go build -o /tmp/kiss-client-${{ env.GOOS }}-${{ env.GOARCH }} .

	- name: Release
	uses: softprops/action-gh-release@v1
	with:
	tag_name: ${{ env.TAG }}
	files: \|
	/tmp/kiss-client-${{ env.GOOS }}-${{ env.GOARCH }}
	LICENSE
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build-release #54

Workflow file

build-release #54

Jobs

Run details

Workflow file for this run