forked from corazawaf/coraza-spoa
-
Notifications
You must be signed in to change notification settings - Fork 0
111 lines (98 loc) · 4.53 KB
/
package.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
---
name: Package Build
on:
push:
branches:
- main
tags:
- 'v*.*.*'
jobs:
build:
strategy:
matrix:
arch: [amd64, arm64]
runs-on: ubuntu-22.04
steps:
- name: Print Go version and environment
id: vars
run: |
printf "Using go at: $(which go)\n"
printf "Go version: $(go version)\n"
printf "\n\nGo environment:\n\n"
go env
printf "\n\nSystem environment:\n\n"
env
SEMVER_RE='[^0-9]*\([0-9]*\)[.]\([0-9]*\)[.]\([0-9]*\)\([0-9A-Za-z\.-]*\)'
echo TAG_MAJOR=`echo ${TAG#v} | sed -e "s#$SEMVER_RE#\1#"` >> $GITHUB_ENV
echo TAG_MINOR=`echo ${TAG#v} | sed -e "s#$SEMVER_RE#\2#"` >> $GITHUB_ENV
echo TAG_PATCH=`echo ${TAG#v} | sed -e "s#$SEMVER_RE#\3#"` >> $GITHUB_ENV
echo TAG_SPECIAL=`echo ${TAG#v} | sed -e "s#$SEMVER_RE#\4#"` >> $GITHUB_ENV
if [[ $GITHUB_REF_TYPE == "branch" ]]; then
echo "PACKAGE_VERSION=$(date +%Y%m%d%H%M)-${GITHUB_SHA:0:7}" >> $GITHUB_ENV
else
echo "PACKAGE_VERSION=${GITHUB_REF/refs\/tags\/v/}" >> $GITHUB_ENV
fi
- uses: actions/checkout@v3
- name: Install dependencies
run: |
sudo apt update && sudo apt -y install make pkg-config rubygems && sudo gem install fpm
# Download corazawaf/coraza/coraza.conf for distribution
curl https://raw.githubusercontent.com/corazawaf/coraza/v3.0.0/coraza.conf-recommended > coraza.conf
- name: Build binary
run: VERSION=${PACKAGE_VERSION} ARCH=${{ matrix.arch }} make
- name: Build package
run: |
fpm -s dir -t deb -a ${{ matrix.arch }} -n coraza-spoa -v $PACKAGE_VERSION \
--description "Coraza HAProxy SPOA" \
--url "https://www.coraza.io" \
--maintainer "OWASP Coraza Team" \
--license Apache-2.0 \
--vendor OWASP \
--after-install ./contrib/coraza-spoa.postinst \
--deb-systemd ./contrib/coraza-spoa.service \
--deb-systemd-enable \
--config-files /etc/coraza-spoa/config.yaml \
./coraza-spoa_${{matrix.arch}}=/usr/bin/coraza-spoa \
./doc/config/=/usr/share/doc/coraza-spoa/haproxy-config \
./LICENSE=/usr/share/doc/coraza-spoa/ \
./config.yaml.default=/etc/coraza-spoa/config.yaml \
./coraza.conf=/etc/coraza-spoa/coraza.conf
## Publish to the "testing" repo
- name: Cloudsmith Push:debian/coraza-spoa-snapshots
if: ${{ github.ref_type == 'branch' }}
uses: cloudsmith-io/action@master
with:
api-key: ${{ secrets.CLOUDSMITH_API_KEY }}
command: "push"
format: "deb"
owner: "corazawaf" # Your Cloudsmith account name or org name (namespace)
repo: "coraza-spoa-snapshots" # Your Cloudsmith Repository name (slug)
distro: "any-distro" # Your Distribution (i.e Debian, Ubuntu)
release: "any-version" # Your Distribution Release (i.e xenial, buster)
file: "coraza-spoa_${PACKAGE_VERSION}_${{matrix.arch}}.deb" # debian package filename
## Publish tags to the "main" repo
- name: Cloudsmith Push:debian/coraza-spoa
if: ${{ github.ref_type == 'tag' }}
uses: cloudsmith-io/action@master
with:
api-key: ${{ secrets.CLOUDSMITH_API_KEY }}
command: "push"
format: "deb"
owner: "corazawaf" # Your Cloudsmith account name or org name (namespace)
repo: "coraza-spoa" # Your Cloudsmith Repository name (slug)
distro: "any-distro" # Your Distribution (i.e Debian, Ubuntu)
release: "any-version" # Your Distribution Release (i.e xenial, buster)
file: "coraza-spoa_${PACKAGE_VERSION}_${{matrix.arch}}.deb" # debian package filename
#- name: cloudsmith/rpm
# id: cloudsmith-rpm
# uses: cloudsmith-io/action@master
# with:
# api-key: ${{ secrets.CLOUDSMITH_API_KEY }}
# command: "push"
# format: "rpm"
# owner: "ono" # Your Cloudsmith account name or org name (namespace)
# repo: "coraza-spoa" # Your Cloudsmith Repository name (slug)
# distro: "any-distro" # Your Distribution (i.e el, fedora)
# release: "any-distro" # Your Distribution Release (i.e 7, 32)
# republish: "true" # needed ONLY if version is not changing
# file: "YOUR-FILENAME.rpm" #rpm package filename