1+ name : Build and Deploy
2+
3+ on :
4+ workflow_dispatch :
5+ push :
6+ branches : ["main", "dev"]
7+
8+ jobs :
9+ build :
10+ environment : main
11+ env :
12+ GH_ACCESS_TOKEN : ${{ secrets.GH_ACCESS_TOKEN }}
13+ runs-on : ubuntu-latest
14+ outputs :
15+ latest_tag : ${{ steps.set_latest_tag.outputs.latest_tag }}
16+ steps :
17+ - name : Checkout Code
18+ uses : actions/checkout@v4
19+ - name : Install musl cc
20+ uses : awalsh128/cache-apt-pkgs-action@v1
21+ with :
22+ packages : musl-tools musl-dev musl
23+ - name : Setup Go
24+ uses : actions/setup-go@v5
25+ with :
26+ go-version-file : ' ./go.mod'
27+ cache : false # Disable built-in caching to use custom caching
28+ - name : Tag Version
29+ id : tag_version
30+ uses :
mathieudutour/[email protected] 31+ with :
32+ github_token : ${{ secrets.GH_ACCESS_TOKEN }}
33+ release_branches : main
34+ tag_prefix : v
35+ - name : Cache Go Modules and Build Cache
36+ uses : actions/cache@v4
37+ with :
38+ path : |
39+ ~/go/pkg/mod
40+ ~/.cache/go-build
41+ key : ${{ runner.os }}-go-${{ hashFiles('**/go.mod') }}-${{ hashFiles('**/go.sum') }}
42+ restore-keys : |
43+ ${{ runner.os }}-go-${{ hashFiles('**/go.mod') }}-
44+ ${{ runner.os }}-go-
45+ name : Configure Git for Private Repos
46+ run : |
47+ git config --global url.https://[email protected] /opengovern.insteadOf https://github.com/opengovern 48+ name : Build Github Plugin App
49+ working-directory : ./cloudql
50+ run : make build
51+ - name : Pack Github Plugin Build
52+ working-directory : ./cloudql
53+ run : |
54+ tar -cvf build.tar build
55+ name : Upload Github Plugin Artifact
56+ 57+ with :
58+ name : steampipe-plugin-github
59+ path : ./cloudql/build.tar
60+ retention-days : 1
61+ - name : Build Local Describer App
62+ working-directory : ./discovery
63+ run : make build-describer
64+ - name : Pack Local Describer Build
65+ working-directory : ./discovery
66+ run : |
67+ tar -cvf local.tar local
68+ name : Upload Local Artifact
69+ 70+ with :
71+ name : local-og-describer-github
72+ path : ./discovery/local.tar
73+ retention-days : 1
74+ - name : Build Integration Plugin
75+ working-directory : ./platform
76+ run : make build
77+ - name : Create output directory
78+ working-directory : .
79+ run : mkdir -p github-plugin
80+ - name : Copy steampipe plugin to output directory
81+ working-directory : .
82+ run : cp ./cloudql/build/steampipe-plugin-github.plugin ./github-plugin/cloudql-plugin
83+ - name : Copy integration plugin to output directory
84+ working-directory : .
85+ run : cp ./platform/build/integration-plugin ./github-plugin/
86+ - name : Copy manifest to output directory
87+ working-directory : .
88+ run : cp ./platform/constants/manifest.yaml ./github-plugin/
89+ - name : Pack output
90+ working-directory : .
91+ run : |
92+ tar -czf github-plugin.tar github-plugin
93+ name : Upload github outputs artifact
94+ 95+ with :
96+ name : github-plugins
97+ path : ./github-plugin.tar
98+ retention-days : 1
99+
100+ - name : Set Latest Tag Output
101+ id : set_latest_tag
102+ run : |
103+ if [[ -z "${{ steps.tag_version.outputs.new_tag }}" ]]; then
104+ echo "latest_tag=${{ steps.tag_version.outputs.previous_tag }}" >> "$GITHUB_OUTPUT"
105+ else
106+ echo "latest_tag=${{ steps.tag_version.outputs.new_tag }}" >> "$GITHUB_OUTPUT"
107+ fi
108+ deploy-github-plugin :
109+ needs : build
110+ runs-on : ubuntu-latest
111+ permissions :
112+ id-token : write
113+ contents : read
114+ environment : main
115+ steps :
116+ - name : Checkout Code
117+ uses : actions/checkout@v4
118+ - name : Download Github Plugin Artifact
119+ 120+ with :
121+ name : steampipe-plugin-github
122+ path : .
123+ - name : Unpack Github Plugin Artifact
124+ run : |
125+ tar -xvf build.tar
126+ name : Log in to Container Registry
127+ uses : docker/login-action@v2
128+ with :
129+ registry : ghcr.io
130+ username : ${{ github.actor }}
131+ password : ${{ secrets.GHCR_PAT }}
132+ - name : Build and Push Docker Image for Github Plugin
133+ uses : docker/build-push-action@v4
134+ with :
135+ push : true
136+ tags : |
137+ ghcr.io/${{ github.repository_owner }}/steampipe-plugin-github:0.0.1
138+ ghcr.io/${{ github.repository_owner }}/steampipe-plugin-github:${{ needs.build.outputs.latest_tag }}
139+ file : cloudql/docker/Dockerfile
140+ context : .
141+ deploy-local-describer :
142+ needs :
143+ - build
144+ runs-on : ubuntu-latest
145+ permissions :
146+ id-token : write
147+ contents : read
148+ environment : main
149+ steps :
150+ - name : Checkout Code
151+ uses : actions/checkout@v4
152+ - name : Download Local Describer Artifact
153+ 154+ with :
155+ name : local-og-describer-github
156+ path : .
157+ - name : Unpack Local Describer Artifact
158+ run : |
159+ tar -xvf local.tar
160+ name : Log in to Container Registry
161+ uses : docker/login-action@v2
162+ with :
163+ registry : ghcr.io
164+ username : ${{ github.actor }}
165+ password : ${{ secrets.GHCR_PAT }}
166+ - name : Build and Push Docker Image for Local Describer
167+ uses : docker/build-push-action@v4
168+ with :
169+ push : true
170+ tags : |
171+ ghcr.io/${{ github.repository_owner }}/og-describer-github:local-latest
172+ ghcr.io/${{ github.repository_owner }}/og-describer-github:local-${{ needs.build.outputs.latest_tag }}
173+ file : discovery/DockerFile
174+ context : .
175+ release-integration-plugin :
176+ needs :
177+ - build
178+ runs-on : ubuntu-latest
179+ permissions :
180+ id-token : write
181+ contents : write
182+ environment : main
183+ steps :
184+ - name : Checkout Code
185+ uses : actions/checkout@v4
186+ - name : Download Integration Plugin Artifact
187+ 188+ with :
189+ name : github-plugins
190+ - name : Unpack Integration Plugin Artifact
191+ run : |
192+ tar -xvf github-plugin.tar
193+ name : Pack folder content into a zip file for release
194+ run : |
195+ cd github-plugin
196+ zip -r github-plugin.zip .
197+ name : Release Integration Plugin
198+ uses : softprops/action-gh-release@v2
199+ with :
200+ files : ./github-plugin/github-plugin.zip
201+ tag_name : ${{ needs.build.outputs.latest_tag }}
0 commit comments