Skip to content
cd

Bump version for jet asset #161

Sign in to view logs

Bump version for jet asset

Bump version for jet asset #161

Workflow file for this run

.github/workflows/cd.yml at 910cfdd
name: cd
on:
push:
tags:
- '*'
jobs:
release:
name: Release
strategy:
matrix:
# Quotes are required: https://github.com/actions/setup-go/issues/326#issuecomment-1415719692
go-version: ['1.22']
os: [ubuntu-latest]
runs-on: ${{ matrix.os }}
env:
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Install Go
uses: actions/setup-go@v3
with:
go-version: ${{ matrix.go-version }}
check-latest: true
cache: true
- name: Run linter
run: make lint
- name: Extract tag version from ref, and project version from file
id: version
run: |
echo ::set-output name=VERSION_FILE::"refs/tags/$(cat VERSION)"
- name: Fail if version mismatch
id: check_version
if: ${{ github.ref != steps.version.outputs.VERSION_FILE }}
run: |
echo "VERSION file ${{steps.version.outputs.VERSION_FILE}} does not match tagged version ${{ github.ref }}"
exit 1
- name: Install ngrok
run: |
mkdir -p $GITHUB_WORKSPACE/bin
wget https://bin.equinox.io/c/4VmDzA7iaHb/ngrok-stable-linux-amd64.zip && unzip ngrok-stable-linux-amd64.zip -d $GITHUB_WORKSPACE/bin/
$GITHUB_WORKSPACE/bin/ngrok authtoken ${{ secrets.NGROK_TOKEN }}
- name: Setup integration resources
run: export NGROK_DIR=$GITHUB_WORKSPACE/bin/ && make integration-up
- name: Run integration & unit tests
run: make integration-test
- name: Compile all targets
run: make all
- name: Setup e2e resources
run: make e2e-up
- name: Run e2e tests
run: make e2e-test
- name: Snyk Setup
uses: snyk/actions/setup@master
- name: Run Snyk to check for vulnerabilities in main Docker image
run: snyk container test snowplow/snowbridge:${{ github.ref_name }} --severity-threshold=high
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
- name: Run Snyk to check for vulnerabilities in aws-only Docker image
run: snyk container test snowplow/snowbridge:${{ github.ref_name }}-aws-only --severity-threshold=high
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
- name: Run Snyk to monitor for vulnerabilities in main Docker image
uses: snyk/actions/docker@master
if: ${{ !contains(github.ref, 'rc') }}
with:
image: "snowplow/snowbridge:${{ github.ref_name }}"
args: "--app-vulns --org=data-processing-new --project-name=snowbridge-main"
command: monitor
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
- name: Run Snyk to monitor for vulnerabilities in aws-only Docker image
uses: snyk/actions/docker@master
if: ${{ !contains(github.ref, 'rc') }}
with:
image: "snowplow/snowbridge:${{ github.ref_name }}-aws-only"
args: "--app-vulns --org=data-processing-new --project-name=snowbridge-aws-only"
command: monitor
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
- name: Create GitHub release and attach artifacts
uses: softprops/action-gh-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
draft: true
prerelease: ${{ contains(github.ref , '-') }}
name: Release ${{ github.ref_name }}
tag_name: ${{ github.ref_name }}
files: |
build/compiled/snowbridge_${{ github.ref_name }}-aws-only_darwin_amd64.zip
build/compiled/snowbridge_${{ github.ref_name }}-aws-only_darwin_arm64.zip
build/compiled/snowbridge_${{ github.ref_name }}-aws-only_linux_amd64.zip
build/compiled/snowbridge_${{ github.ref_name }}-aws-only_linux_arm64.zip
build/compiled/snowbridge_${{ github.ref_name }}-aws-only_windows_amd64.zip
build/compiled/snowbridge_${{ github.ref_name }}_darwin_amd64.zip
build/compiled/snowbridge_${{ github.ref_name }}_darwin_arm64.zip
build/compiled/snowbridge_${{ github.ref_name }}_linux_amd64.zip
build/compiled/snowbridge_${{ github.ref_name }}_linux_arm64.zip
build/compiled/snowbridge_${{ github.ref_name }}_windows_amd64.zip
- name: Publish to DockerHub
run: make container-release
shell: bash