diff --git a/.github/workflows/publish-docker-images.yml b/.github/workflows/publish-docker-images.yml new file mode 100644 index 0000000..fff1415 --- /dev/null +++ b/.github/workflows/publish-docker-images.yml @@ -0,0 +1,81 @@ +name: publish-docker-images + +on: + push: + branches: ['master'] + tags: ['v*.*.*'] + +concurrency: ${{ github.ref }} + +env: + IMAGE_NAME: applause/strongdm-log-export + +jobs: + build-and-push-image: + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + steps: + - uses: actions/checkout@v2 + - name: qemu + uses: docker/setup-qemu-action@v2 + - uses: docker/setup-buildx-action@v2 + - name: Login to Docker Hub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKER_HUB_USERNAME }} + password: ${{ secrets.DOCKER_HUB_PASSWORD }} + - id: meta + uses: docker/metadata-action@v4 + with: + images: | + ${{ env.IMAGE_NAME }} + tags: | + # Only version, no revision + type=match,pattern=v(.*)-(.*),group=1 + # branch + type=ref,event=branch + # semver + type=semver,pattern={{version}} + - name: push + uses: docker/build-push-action@v3 + with: + context: . + push: true + platforms: linux/amd64,linux/arm64 + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + # Update Docker Hub from README + - name: Docker Hub Description + uses: peter-evans/dockerhub-description@v3 + with: + username: ${{ secrets.DOCKER_HUB_USERNAME }} + password: ${{ secrets.DOCKER_HUB_PASSWORD }} + repository: ${{ env.IMAGE_NAME }} + readme-filepath: ./README.md + short-description: "Log export using fluentd to publish strongdm query logs" + + github-release: + runs-on: ubuntu-latest + needs: [build-and-push-image] + steps: + - run: "echo \"RELEASE_TAG=${GITHUB_REF#refs/tags/}\" >> $GITHUB_ENV" + - uses: actions/github-script@v5 + if: startsWith(github.ref, 'refs/tags/') + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + script: | + try { + await github.rest.repos.createRelease({ + draft: false, + generate_release_notes: true, + name: process.env.RELEASE_TAG, + owner: context.repo.owner, + prerelease: false, + repo: context.repo.repo, + tag_name: process.env.RELEASE_TAG, + }); + } catch (error) { + core.setFailed(error.message); + } diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml deleted file mode 100644 index a5ca908..0000000 --- a/.github/workflows/release.yml +++ /dev/null @@ -1,56 +0,0 @@ -on: - workflow_run: - workflows: ["tests"] - branches: [ main ] - types: - - completed - workflow_dispatch: - -name: main-release - -jobs: - release: - name: Release - runs-on: ubuntu-latest - if: ${{ github.event.workflow_run.conclusion == 'success' }} - - steps: - - name: Checkout - uses: actions/checkout@v2 - with: - fetch-depth: '0' - - - name: Bump version and push tag - id: version - uses: anothrNick/github-tag-action@1.36.0 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - WITH_V: false - RELEASE_BRANCHES: main - DEFAULT_BUMP: patch - TAG_CONTEXT: branch - - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: us-east-1 - - - name: Build, tag, and push the image to Amazon ECR - id: build-image - env: - ECR_REGISTRY: public.ecr.aws/strongdm - ECR_REPOSITORY: log-export-container - IMAGE_TAG: ${{ steps.version.outputs.new_tag }} - run: | - # Adding version - echo _version_=\"$IMAGE_TAG\" > fluentd/_version.rb - # Building docker image - docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG . - # Pushing image to ECR - aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws - docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG - docker tag $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG $ECR_REGISTRY/$ECR_REPOSITORY:latest - docker push $ECR_REGISTRY/$ECR_REPOSITORY:latest - echo "::set-output name=image::$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" diff --git a/VERSION b/VERSION deleted file mode 100644 index b6c5a47..0000000 --- a/VERSION +++ /dev/null @@ -1 +0,0 @@ -1.0.43.2