-
Notifications
You must be signed in to change notification settings - Fork 1
64 lines (60 loc) · 2 KB
/
build-deploy-clamav-to-tools.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
name: Build And Deploy ClamAV To Tools
on:
workflow_dispatch:
jobs:
builds:
name: Builds
runs-on: ubuntu-22.04
permissions:
packages: write
strategy:
matrix:
package: [ clamav-service/clamav,
clamav-service/clamav-node
]
include:
- package: clamav-service/clamav
build_file: ./clamav-service/clamav/Dockerfile
triggers: ('clamav-service/')
build_context: ./clamav-service/clamav
- package: clamav-service/clamav-node
build_file: ./clamav-service/Dockerfile
triggers: ('clamav-service/')
build_context: ./clamav-service
steps:
- uses: actions/checkout@v4
- uses: bcgov-nr/action-builder-ghcr@v2.2.0
with:
package: ${{ matrix.package }}
tag: latest
tag_fallback: latest
build_context: ${{ matrix.build_context }}
triggers: ${{ matrix.triggers }}
deploy:
name: Deploy
runs-on: ubuntu-22.04
needs: builds
environment: tools
timeout-minutes: 10
steps:
- uses: actions/checkout@v4
name: checkout
- name: Login to OpenShift
shell: bash
run: |
# Allow pipefail, since we could be catching oc create errors
set +o pipefail
# Login to OpenShift (NOTE: project command is a safeguard)
oc login --token=${{ secrets.oc_token }} --server=${{ vars.oc_server }}
oc project ${{ vars.oc_namespace }}
- name: Package ClamAV Helm Chart
shell: bash
run: |
helm package -u ./clamav-service/charts/clamav-service
- name: Deploy ClamAV Helm Chart
shell: bash
run: |
# CLAMAV_API_KEY is a secret stored in GitHub at repo level
helm upgrade --debug --install --wait --atomic clamav-service \
--set-string global.secrets.apiKey=${{ secrets.CLAMAV_API_KEY }} \
--timeout 9m ./clamav-service-1.0.0.tgz