Staging #5005
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Staging | |
| # Controls when the workflow will run | |
| on: | |
| push: | |
| branches: [ master ] | |
| pull_request: | |
| workflow_dispatch: | |
| concurrency: | |
| group: "staging${{ github.head_ref }}" | |
| cancel-in-progress: true | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| IMAGE_TAG: ${{ steps.docker_tag.outputs.IMAGE_TAG }} | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - uses: actions/setup-java@v2 | |
| with: | |
| distribution: "adopt" | |
| java-version: "8" | |
| architecture: x64 | |
| - uses: actions/setup-node@v2 | |
| with: | |
| node-version: '17' | |
| - uses: bufbuild/buf-action@v1 | |
| with: | |
| setup_only: true | |
| - name: Generate Proto files | |
| run: make proto-gen | |
| - name: Convert github branch name to be compatible with docker tag name convention and generate tag name | |
| id: docker_tag | |
| run: echo "IMAGE_TAG=a-$(echo ${{ github.ref_name }} | sed 's/[^a-zA-Z0-9]/-/g')" >> $GITHUB_OUTPUT | |
| - name: Download Akto templates zip and PII files | |
| working-directory: ./apps/dashboard/src/main/resources | |
| run: | | |
| wget -O tests-library-master.zip https://github.com/akto-api-security/tests-library/archive/refs/heads/master.zip | |
| wget -O general.json https://raw.githubusercontent.com/akto-api-security/pii-types/master/general.json | |
| wget -O fintech.json https://raw.githubusercontent.com/akto-api-security/akto/master/pii-types/fintech.json | |
| wget -O filetypes.json https://raw.githubusercontent.com/akto-api-security/akto/master/pii-types/filetypes.json | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v1 | |
| with: | |
| aws-access-key-id: ${{secrets.AWS_ACCESS_KEY_ID}} | |
| aws-secret-access-key: ${{secrets.AWS_SECRET_ACCESS_KEY}} | |
| aws-region: ap-south-1 | |
| - run: mvn package -Dakto-image-tag=${{ github.event.inputs.Tag }} -Dakto-build-time=$(eval "date +%s") -Dakto-release-version=${{steps.docker_tag.outputs.IMAGE_TAG}} -DskipTests | |
| - name: DockerHub login | |
| env: | |
| DOCKER_USERNAME: ${{secrets.DOCKER_USERNAME}} | |
| DOCKER_PASSWORD: ${{secrets.DOCKER_PASSWORD}} | |
| run: | | |
| docker login -u $DOCKER_USERNAME -p $DOCKER_PASSWORD | |
| - name: Build, tag, and push the image to DockerHub | |
| id: build-image-dockerhub | |
| env: | |
| ECR_REGISTRY: aktosecurity | |
| ECR_REPOSITORY: akto-api-security | |
| IMAGE_TAG: ${{ steps.docker_tag.outputs.IMAGE_TAG }} | |
| IMAGE_TAG_DASHBOARD: ${{ github.event.inputs.Deploy == 'true' && '-t aktosecurity/akto-api-security-dashboard:flash' || '' }} | |
| IMAGE_TAG_TESTING: ${{ github.event.inputs.Deploy == 'true' && '-t aktosecurity/akto-api-testing:flash' || '' }} | |
| IMAGE_TAG_TESTING_CLI: ${{ github.event.inputs.Deploy == 'true' && '-t aktosecurity/akto-api-testing-cli:flash' || '' }} | |
| run: | | |
| echo $IMAGE_TAG >> $GITHUB_STEP_SUMMARY | |
| docker buildx create --use | |
| # Build a docker container and push it to DockerHub | |
| cd apps/threat-detection | |
| docker buildx build --platform linux/arm64/v8,linux/amd64 -t $ECR_REGISTRY/akto-threat-detection:$IMAGE_TAG . --push | |
| cd ../threat-detection-backend | |
| docker buildx build --platform linux/arm64/v8,linux/amd64 -t $ECR_REGISTRY/akto-threat-detection-backend:$IMAGE_TAG . --push | |
| - name: Set up JDK 11 | |
| uses: actions/setup-java@v1 | |
| with: | |
| java-version: 11 | |
| - name: Cache SonarCloud packages | |
| uses: actions/cache@v1 | |
| with: | |
| path: ~/.sonar/cache | |
| key: ${{ runner.os }}-sonar | |
| restore-keys: ${{ runner.os }}-sonar | |
| - name: Cache Maven packages | |
| uses: actions/cache@v1 | |
| with: | |
| path: ~/.m2 | |
| key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} | |
| restore-keys: ${{ runner.os }}-m2 |