This repository has been archived by the owner on Nov 5, 2024. It is now read-only.
forked from goauthentik/authentik
-
Notifications
You must be signed in to change notification settings - Fork 0
74 lines (68 loc) · 2.31 KB
/
build-authentik.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
name: Build-Authentik
run-name: Build Authentik for ${{ inputs.environment }} environment from ${{ github.ref_name }} branch
permissions:
id-token: write
contents: read
on:
workflow_dispatch:
inputs:
environment:
description: Select the Environment for Building the Image
required: true
options:
- dev
- dev2
- ci
- test
- staging
type: choice
with-sbom:
type: boolean
default: true
description: Build with SBOM?
workflow_call:
inputs:
environment:
type: string
required: true
jobs:
# Build-Authentik:
# name: Build Authentik Image
# runs-on: ubuntu-latest
# environment: ${{ inputs.environment }}
# env:
# ENVIRONMENT: ${{ inputs.environment }}
# steps:
# - name: Checkout
# uses: actions/checkout@v4
# - name: Configure AWS credentials
# uses: aws-actions/configure-aws-credentials@v4
# with:
# role-to-assume: ${{ secrets.SCRIBE2_GITHUB_ROLE }}
# role-session-name: Github
# aws-region: ${{ secrets.AWS_REGION }}
# - name: Login to Amazon ECR
# id: login-ecr
# uses: aws-actions/amazon-ecr-login@v2
# with:
# mask-password: 'true'
# - name: Build, Tag and Push Authentik Image to Amazon ECR
# id: build-image
# run: |
# DOCKER_BUILDKIT=1 docker build -t ${{ steps.login-ecr.outputs.registry }}/authentik:${{ github.sha }} .
# docker push ${{ steps.login-ecr.outputs.registry }}/authentik:${{ github.sha }}
Update-Environment-Variable:
if: ${{ always() && (needs.Build-Authentik.result == 'success') }}
name: Update Environment Variable with Docker Image Tag
runs-on: ubuntu-latest
# needs: [Build-Authentik]
steps:
- name: Update Environment Variable
run: |
ENV=${{ inputs.environment }}
curl -X PATCH \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer ${{ secrets.K8S_GH_TOKEN }}" \
-H "X-GitHub-Api-Version: 2022-11-28" \
"https://api.github.com/repos/scribe-security/scribe2/actions/variables/AUTHENTIK_TAG_${ENV^^}" \
-d '{"name":"AUTHENTIK_TAG_'${ENV^^}'","value":"${{ github.sha }}"}'