Skip to content
This repository has been archived by the owner on Mar 29, 2024. It is now read-only.

chore: bump gitlab version #114

chore: bump gitlab version

chore: bump gitlab version #114

Workflow file for this run

name: build-and-publish
permissions:
id-token: write
contents: read
packages: write
defaults:
run:
# We need -e -o pipefail for consistency with GitHub Actions' default behavior
shell: bash -e -o pipefail {0}
on:
push:
tags: [ "*" ]
workflow_dispatch:
jobs:
build-test-and-publish-bundle:
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@v3
with:
token: ${{ secrets.PAT }}
repository: ${{ github.repository }}
ref: ${{ github.ref_name }}
# Run this step first so we can fail fast in case an invalid package name is provided
- name: Get latest package version
id: latest-package-version
uses: ./.github/actions/latest-package-version
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
package-name: uds-package/software-factory-demo
- name: Compare latest version with current
run: |
NEW_VERSION="$(cat uds-bundle.yaml | grep version | cut -d ':' -f2 | tr -d " ")"
CURRENT_VERSION="${{ steps.latest-package-version.outputs.latest-package-version }}"
CURRENT_VERSION=${CURRENT_VERSION//v/}
CURRENT_VERSION=${CURRENT_VERSION//-amd64/}
echo "Current version: ${CURRENT_VERSION}"
NEWER_VERSION=$(echo -e "${CURRENT_VERSION}\n${NEW_VERSION}" | sort -V | tail -n1)
# Fail if newer tag version is the same as upstream tag version
if [[ "${NEWER_VERSION}" == "${CURRENT_VERSION}" ]]; then
echo "Bundle version was not updated"
exit 1
else
echo "Bundle version was updated"
exit 0
fi
- name: Init zarf cache
uses: actions/cache@v3
with:
path: "~/.zarf-cache"
key: zarf-cache
- name: Free GH runner build space
run: |
df -h
sudo rm -rf /usr/share/dotnet
sudo rm -rf /usr/local/lib/android
sudo rm -rf /opt/ghc
sudo rm -rf /opt/hostedtoolcache/CodeQL
sudo docker image prune --all --force
df -h
- name: Install zarf
uses: supplypike/setup-bin@v3
with:
# renovate: zarf-uri datasource=github-tags depName=defenseunicorns/zarf
uri: 'https://github.com/defenseunicorns/zarf/releases/download/v0.31.4/zarf_v0.31.4_Linux_amd64'
name: 'zarf'
# renovate: datasource=github-tags depName=defenseunicorns/zarf versioning=semver
version: 'v0.31.4'
- name: Install uds-cli
uses: supplypike/setup-bin@v3
with:
# renovate: uds-cli-uri datasource=github-tags depName=defenseunicorns/uds-cli
uri: 'https://github.com/defenseunicorns/uds-cli/releases/download/v0.5.1/uds-cli_v0.5.1_Linux_amd64 '
name: 'uds'
# renovate: datasource=github-tags depName=defenseunicorns/uds-cli versioning=semver
version: 'v0.5.1'
- name: Login to GHCR
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Login to registry1
uses: docker/login-action@v2
with:
registry: registry1.dso.mil
username: ${{ secrets.REGISTRY1_USERNAME }}
password: ${{ secrets.REGISTRY1_PASSWORD }}
- name: Build Software Factory Dependencies Packages
run: |
mkdir -p build
zarf package create packages/idam-dns --confirm --no-progress --output-directory build
zarf package create packages/idam-gitlab --confirm --no-progress --output-directory build
zarf package create packages/idam-sonarqube --confirm --no-progress --output-directory build
zarf package create packages/idam-realm --confirm --no-progress --output-directory build
zarf package create packages/idam-postgres --confirm --no-progress --output-directory build
zarf package create packages/namespaces --confirm --no-progress --output-directory build
zarf package create packages/additional-kyverno-exceptions --confirm --no-progress --output-directory build
- name: Build software factory bundle
run: uds create --confirm --no-progress
- name: Run clean install test on created artifact
uses: ./.github/actions/e2e
with:
upgrade: "no"
token: ${{ secrets.PAT }}
role-to-assume: ${{ secrets.AWS_COMMERCIAL_ROLE_TO_ASSUME }}
region: ${{ vars.AWS_REGION }}
github-context: "test / e2e (${{github.event_name}})"
aws-availability-zone: ${{ vars.AWS_AVAILABILITY_ZONE }}
ghcr-username: ${{ github.actor }}
ghcr-password: ${{ secrets.GITHUB_TOKEN }}
registry1-username: ${{ secrets.REGISTRY1_USERNAME }}
registry1-password: ${{ secrets.REGISTRY1_PASSWORD }}
latest-version: ""
copy-bundle: "yes"
- name: Publish software factory bundle
run: uds publish uds-bundle-software-factory-demo-amd64-*.tar.zst oci://ghcr.io/defenseunicorns/uds-package --no-progress