rapid7 · igorski-r7 · Nov 13, 2023 · Nov 10, 2023 · Nov 13, 2023
diff --git a/.github/workflows/plugin_production_build.yml b/.github/workflows/plugin_production_build.yml
@@ -0,0 +1,114 @@
+name: Create Production Release
+on:
+  workflow_dispatch:
+    inputs:
+      PLUGIN_NAME:
+        description: 'Plugin to build and tag. The name must match the plugin directory name in GitHub.'
+        required: false
+  pull_request:
+    types: [closed]
+    branches:
+      - master
+
+env:
+  PACKAGECLOUD_PYTHON_TOOLING_STABLE: ${{ secrets.PACKAGECLOUD_PYTHON_TOOLING_STABLE }}
+
+permissions:
+  contents: write
+  actions: read
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Check if merged
+        id: checkIfMerged
+        run: |
+          echo "INSIGHT_KOMAND_BRANCH=master" >> $GITHUB_ENV
+          if [[ "${{ github.event.pull_request.merged }}" == "true" ]]; then
+            echo "Pull requst has been merged. Starting release process..."
+            echo "ROOT_BUILD_CAUSE=SCMTRIGGER" >> $GITHUB_ENV
+          elif [ "${{ github.event_name }}" == "workflow_dispatch" ]; then
+            echo "Workflow was manually triggered. Starting release process..."
+            echo "ROOT_BUILD_CAUSE=MANUALTRIGGER" >> $GITHUB_ENV
+            echo "INSIGHT_KOMAND_PLUGIN_NAME=${{ github.event.inputs.PLUGIN_NAME || '' }}" >> $GITHUB_ENV
+          else
+            echo "Pull request has not been merged. Stopping workflow..."
+            exit 1
+          fi
+
+      - name: Checkout Repository
+        id: checkoutRepository
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 5
+          ref: "refs/heads/${{ env.INSIGHT_KOMAND_BRANCH }}"
+
+      - name: Setup Python
+        id: setupPython
+        uses: actions/setup-python@v4
+        with:
+          python-version: '3.8'
+
+      - name: Setup venv
+        id: setUpVenv
+        run: |
+          python3 -m venv .ci_venv
+          source .ci_venv/bin/activate
+          pip install --upgrade pip
+
+      - name: Set up environment variables
+        id: setUpEnvironmentVariables
+        run: |
+          # Setup environment variables from input
+          echo "BUILD_OUTPUT_DIRECTORY=builds" >> $GITHUB_ENV
+          echo "BUILD_OUTPUT_FULL_PATH=plugins/builds" >> $GITHUB_ENV
+
+      - name: Install CI/CD Tool
+        id: installCICDTool
+        run: |
+          # Install CI Tooling
+          curl -s https://${PACKAGECLOUD_PYTHON_TOOLING_STABLE}:@packagecloud.io/install/repositories/rapid7/insightconnect_internal_python_tooling/script.python.sh | bash
+          .ci_venv/bin/pip install icon-integrations-ci~=3.0
+
+      - name: Build Plugin Image
+        id: buildPluginImage
+        if: success()
+        run: |
+          cd plugins
+          ../.ci_venv/bin/icon-ci build -d ${{ env.BUILD_OUTPUT_DIRECTORY }}
+
+      - name: Find Release Asset
+        id: findReleaseAsset
+        run: |
+          # Navigate to the build directory
+          cd ${{ env.BUILD_OUTPUT_FULL_PATH }}
+          # Use find to get the filename and set it as an environment variable
+          filename=$(find . -type f -maxdepth 1 | xargs basename)
+          echo "RELEASE_ASSET=${filename}" >> $GITHUB_ENV
+          echo "GIT_TAG=${filename%.tar.gz}" >> $GITHUB_ENV
+
+      - name: Create release
+        id: createRelease
+        uses: actions/create-release@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          tag_name: ${{ env.GIT_TAG }}
+          release_name: ${{ env.GIT_TAG }}
+          body: |
+            ${{ env.GIT_TAG }}
+          draft: false
+          prerelease: false
+
+      - name: Upload release asset
+        id: uploadReleaseAsset
+        uses: actions/upload-release-asset@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ steps.createRelease.outputs.upload_url }}
+          asset_path: ${{ env.BUILD_OUTPUT_FULL_PATH }}/${{ env.RELEASE_ASSET }}
+          asset_name: ${{ env.RELEASE_ASSET }}
+          asset_content_type: application/gzip
diff --git a/.github/workflows/plugin_staging_build.yml b/.github/workflows/plugin_staging_build.yml
@@ -0,0 +1,122 @@
+name: Create Staging Release
+on:
+  workflow_dispatch:
+    inputs:
+      PLUGIN_NAME:
+        description: 'Plugin to build and tag. The name must match the plugin directory name in GitHub.'
+        required: false
+  pull_request:
+    types: [closed]
+    branches:
+      - develop
+
+env:
+  PACKAGECLOUD_PYTHON_TOOLING_STABLE: ${{ secrets.PACKAGECLOUD_PYTHON_TOOLING_STABLE }}
+
+permissions:
+  contents: write
+  actions: read
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Check if merged
+        id: checkIfMerged
+        run: |
+          echo "INSIGHT_KOMAND_BRANCH=develop" >> $GITHUB_ENV
+          if [[ "${{ github.event.pull_request.merged }}" == "true" ]]; then
+            echo "Pull requst has been merged. Starting release process..."
+            echo "ROOT_BUILD_CAUSE=SCMTRIGGER" >> $GITHUB_ENV
+          elif [ "${{ github.event_name }}" == "workflow_dispatch" ]; then
+            echo "Workflow was manually triggered. Starting release process..."
+            echo "ROOT_BUILD_CAUSE=MANUALTRIGGER" >> $GITHUB_ENV
+            echo "INSIGHT_KOMAND_PLUGIN_NAME=${{ github.event.inputs.PLUGIN_NAME || '' }}" >> $GITHUB_ENV
+          else
+            echo "Pull request has not been merged. Stopping workflow..."
+            exit 1
+          fi
+
+      - name: Checkout Repository
+        id: checkoutRepository
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 5
+          ref: "refs/heads/${{ env.INSIGHT_KOMAND_BRANCH }}"
+
+      - name: Setup Python
+        id: setupPython
+        uses: actions/setup-python@v4
+        with:
+          python-version: '3.8'
+
+      - name: Setup venv
+        id: setUpVenv
+        run: |
+          python3 -m venv .ci_venv
+          source .ci_venv/bin/activate
+          pip install --upgrade pip
+
+      - name: Set up environment variables
+        id: setUpEnvironmentVariables
+        run: |
+          # Setup environment variables from input
+          echo "BUILD_OUTPUT_DIRECTORY=builds" >> $GITHUB_ENV
+          echo "BUILD_OUTPUT_FULL_PATH=plugins/builds" >> $GITHUB_ENV
+
+      - name: Prerelease Timestamp
+        id: prereleaseTimestamp
+        run: |
+            TIMESTAMP=$(date +%s%1N | cut -b1-10)
+            echo "PRERELEASE=true" >> $GITHUB_ENV
+            echo "PRERELEASE_TIMESTAMP=$TIMESTAMP" >> $GITHUB_ENV
+
+      - name: Install CI/CD Tool
+        id: installCICDTool
+        run: |
+          # Install CI Tooling
+          curl -s https://${PACKAGECLOUD_PYTHON_TOOLING_STABLE}:@packagecloud.io/install/repositories/rapid7/insightconnect_internal_python_tooling/script.python.sh | bash
+          .ci_venv/bin/pip install icon-integrations-ci~=3.0
+
+      - name: Build Plugin Image
+        id: buildPluginImage
+        if: success()
+        run: |
+          cd plugins
+          ../.ci_venv/bin/icon-ci build -d ${{ env.BUILD_OUTPUT_DIRECTORY }}
+
+      - name: Find Release Asset
+        id: findReleaseAsset
+        run: |
+          # Navigate to the build directory
+          cd ${{ env.BUILD_OUTPUT_FULL_PATH }}
+          # Use find to get the filename
+          filename=$(find . -type f -maxdepth 1 | xargs basename)
+          echo "RELEASE_ASSET=${filename}" >> $GITHUB_ENV
+          echo "GIT_TAG=${filename%.tar.gz}" >> $GITHUB_ENV
+
+      - name: Create release
+        id: createRelease
+        uses: actions/create-release@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          tag_name: ${{ env.GIT_TAG }}
+          release_name: ${{ env.GIT_TAG }}
+          body: |
+            ${{ env.GIT_TAG }}
+          draft: false
+          prerelease: false
+
+      - name: Upload release asset
+        id: uploadReleaseAsset
+        uses: actions/upload-release-asset@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ steps.createRelease.outputs.upload_url }}
+          asset_path: ${{ env.BUILD_OUTPUT_FULL_PATH }}/${{ env.RELEASE_ASSET }}
+          asset_name: ${{ env.RELEASE_ASSET }}
+          asset_content_type: application/gzip