-
Notifications
You must be signed in to change notification settings - Fork 218
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
60f5023
commit 03ecb35
Showing
1 changed file
with
25 additions
and
86 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,3 +1,5 @@ | ||
| # This is a basic workflow to help you get started with Actions | ||
|
|
||
| name: Production | ||
|
|
||
| # Controls when the workflow will run | ||
|
|
@@ -17,7 +19,7 @@ jobs: | |
|
|
||
| # Steps represent a sequence of tasks that will be executed as part of the job | ||
| steps: | ||
| # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it | ||
| # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it | ||
| - uses: actions/checkout@v2 | ||
| - uses: actions/setup-java@v2 | ||
| with: | ||
|
|
@@ -27,102 +29,39 @@ jobs: | |
| - uses: actions/setup-node@v2 | ||
| with: | ||
| node-version: '17' | ||
| - name: Download Akto templates zip and PII files | ||
| working-directory: ./apps/dashboard/src/main/resources | ||
| run: | | ||
| wget -O tests-library-master.zip https://github.com/akto-api-security/tests-library/archive/refs/heads/master.zip | ||
| wget -O general.json https://raw.githubusercontent.com/akto-api-security/pii-types/master/general.json | ||
| wget -O fintech.json https://raw.githubusercontent.com/akto-api-security/akto/master/pii-types/fintech.json | ||
| wget -O filetypes.json https://raw.githubusercontent.com/akto-api-security/akto/master/pii-types/filetypes.json | ||
|
|
||
| - name: Prepare Dashboard polaris UI | ||
| working-directory: ./apps/dashboard/web/polaris_web | ||
| run: npm install && export RELEASE_VERSION=${{github.event.inputs.release_version}} && npm run build | ||
| - name: mvn package command | ||
| run: mvn package | ||
|
|
||
| - name: Configure AWS Credentials | ||
| uses: aws-actions/configure-aws-credentials@v1 | ||
| with: | ||
| aws-access-key-id: ${{secrets.AWS_ACCESS_KEY_ID}} | ||
| aws-secret-access-key: ${{secrets.AWS_SECRET_ACCESS_KEY}} | ||
| aws-region: ap-south-1 | ||
|
|
||
| - name: Deploy polaris site to S3 bucket | ||
| run: aws s3 sync ./apps/dashboard/web/polaris_web/web/dist s3://dashboard-on-cdn/polaris_web/${{github.event.inputs.release_version}}/dist --delete | ||
| - run: mvn package -Dakto-image-tag=${{ github.event.inputs.release_version }} -Dakto-build-time=$(eval "date +%s") -Dakto-release-version=${{github.event.inputs.release_version}} | ||
| - name: DockerHub login | ||
| env: | ||
| DOCKER_USERNAME: ${{secrets.DOCKER_USERNAME}} | ||
| DOCKER_PASSWORD: ${{secrets.DOCKER_PASSWORD}} | ||
| run: | | ||
| docker login -u $DOCKER_USERNAME -p $DOCKER_PASSWORD | ||
| - name: Configure AWS Credentials for ECR | ||
| uses: aws-actions/configure-aws-credentials@v1 | ||
| with: | ||
| aws-access-key-id: ${{secrets.AWS_ACCESS_KEY_ID}} | ||
| aws-secret-access-key: ${{secrets.AWS_SECRET_ACCESS_KEY}} | ||
| aws-region: us-east-1 | ||
| - name: Login to Amazon ECR | ||
| id: login-ecr | ||
| uses: aws-actions/amazon-ecr-login@v1 | ||
| with: | ||
| mask-password: 'true' | ||
| registry-type: public | ||
|
|
||
| - name: Build, tag, and push the image to DockerHub | ||
| id: build-image-dockerhub | ||
| - name: Build, tag, and push docker image to Amazon ECR | ||
| env: | ||
| ECR_REGISTRY: aktosecurity | ||
| ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | ||
| ECR_REPOSITORY: akto-api-security | ||
| IMAGE_TAG_1: local | ||
| IMAGE_TAG_2: ${{ github.event.inputs.release_version }}_local | ||
| REGISTRY_ALIAS: p7q3h0z2 | ||
| IMAGE_TAG: kafkalatest | ||
| run: | | ||
| docker buildx create --use | ||
| # Build a docker container and push it to DockerHub | ||
| cd apps/dashboard | ||
| docker buildx build --platform linux/arm64/v8,linux/amd64 -t $ECR_REGISTRY/$ECR_REPOSITORY-dashboard:$IMAGE_TAG_1 -t $ECR_REGISTRY/$ECR_REPOSITORY-dashboard:$IMAGE_TAG_2 . --push | ||
| echo "::set-output name=image::$ECR_REGISTRY/$ECR_REPOSITORY-dashboard:$IMAGE_TAG" | ||
| cd ../testing | ||
| docker buildx build --platform linux/arm64/v8,linux/amd64 -t $ECR_REGISTRY/akto-api-testing:$IMAGE_TAG_1 -t $ECR_REGISTRY/akto-api-testing:$IMAGE_TAG_2 . --push | ||
| echo "::set-output name=image::$ECR_REGISTRY/akto-api-testing:$IMAGE_TAG" | ||
| cd ../testing-cli | ||
| docker buildx build --platform linux/arm64/v8,linux/amd64 -t $ECR_REGISTRY/akto-api-testing-cli:$IMAGE_TAG_1 -t $ECR_REGISTRY/akto-api-testing-cli:$IMAGE_TAG_2 . --push | ||
| echo "::set-output name=image::$ECR_REGISTRY/akto-api-testing-cli:$IMAGE_TAG" | ||
| cd ../billing | ||
| docker buildx build --platform linux/arm64/v8,linux/amd64 -t $ECR_REGISTRY/akto-billing:$IMAGE_TAG_1 -t $ECR_REGISTRY/akto-billing:$IMAGE_TAG_2 . --push | ||
| echo "::set-output name=image::$ECR_REGISTRY/akto-billing:$IMAGE_TAG" | ||
| cd ../internal | ||
| docker buildx build --platform linux/arm64/v8,linux/amd64 -t $ECR_REGISTRY/akto-internal:$IMAGE_TAG_1 -t $ECR_REGISTRY/akto-internal:$IMAGE_TAG_2 . --push | ||
| echo "::set-output name=image::$ECR_REGISTRY/akto-internal:$IMAGE_TAG" | ||
| cd ../mini-runtime | ||
| docker buildx build --platform linux/arm64/v8,linux/amd64 -t $ECR_REGISTRY/mini-runtime:$IMAGE_TAG_1 -t $ECR_REGISTRY/mini-runtime:$IMAGE_TAG_2 . --push | ||
| echo "::set-output name=image::$ECR_REGISTRY/mini-runtime:$IMAGE_TAG" | ||
| cd ../mini-testing | ||
| docker buildx build --platform linux/arm64/v8,linux/amd64 -t $ECR_REGISTRY/mini-testing:$IMAGE_TAG_1 -t $ECR_REGISTRY/mini-testing:$IMAGE_TAG_2 . --push | ||
| echo "::set-output name=image::$ECR_REGISTRY/mini-testing:$IMAGE_TAG" | ||
| - name: Push git tag | ||
| id: tag_version | ||
| uses: mathieudutour/[email protected] | ||
| with: | ||
| github_token: ${{ secrets.GITHUB_TOKEN }} | ||
| custom_tag: ${{ github.event.inputs.release_version }} | ||
| - name: Create a GitHub release | ||
| uses: ncipollo/[email protected] | ||
| with: | ||
| tag: ${{ steps.tag_version.outputs.new_tag }} | ||
| name: Release ${{ steps.tag_version.outputs.new_tag }} | ||
| omitBody: true | ||
| - name: Send Github release notification to Slack | ||
| id: slack | ||
| uses: slackapi/[email protected] | ||
| with: | ||
| payload: | | ||
| { | ||
| "text": "Akto Open Source v${{ github.event.inputs.release_version }} released!" | ||
| } | ||
| env: | ||
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | ||
| SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK | ||
| - name: Set up JDK 11 | ||
| uses: actions/setup-java@v1 | ||
| with: | ||
| java-version: 11 | ||
| - name: Cache SonarCloud packages | ||
| uses: actions/cache@v1 | ||
| with: | ||
| path: ~/.sonar/cache | ||
| key: ${{ runner.os }}-sonar | ||
| restore-keys: ${{ runner.os }}-sonar | ||
| - name: Cache Maven packages | ||
| uses: actions/cache@v1 | ||
| with: | ||
| path: ~/.m2 | ||
| key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} | ||
| restore-keys: ${{ runner.os }}-m2 | ||
| cd apps/database-abstractor | ||
| docker buildx build --platform linux/arm64/v8,linux/amd64 -t $ECR_REGISTRY/$REGISTRY_ALIAS/akto-api-security-database-abstractor:$IMAGE_TAG . --push | ||
| echo "::set-output name=image::$ECR_REGISTRY/akto-api-security-database-abstractor:$IMAGE_TAG" | ||