[DPE-3350] Add first changes for trivy #1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build ROCK | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| on: | |
| pull_request: | |
| workflow_call: | |
| outputs: | |
| rock: | |
| description: "The rock output of build process." | |
| value: ${{ jobs.build.outputs.rock }} | |
| jobs: | |
| build: | |
| name: Build Rock | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| - name: Setup LXD | |
| uses: canonical/setup-lxd@main | |
| - name: Install dependencies | |
| run: | | |
| # docker | |
| sudo snap install docker | |
| sudo addgroup --system docker; sudo adduser $USER docker | |
| newgrp docker | |
| sudo snap disable docker; sudo snap enable docker | |
| # skopeo | |
| sudo snap install --devmode --channel edge skopeo | |
| # rockcraft | |
| sudo snap install rockcraft --classic --edge | |
| # jq and yq | |
| sudo snap install jq yq | |
| - name: Build ROCK | |
| id: build | |
| run: | | |
| rockcraft pack --verbose | |
| VERSION=$(yq '.version' rockcraft.yaml) | |
| echo "rock=charmed-opensearch_${VERSION}_amd64.rock" >> $GITHUB_OUTPUT | |
| - name: Upload locally built ROCK artifact | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: charmed-opensearch | |
| path: ${{ steps.build.outputs.rock }} | |
| outputs: | |
| rock: ${{ steps.build.outputs.rock }} |