Skip to content

CI: upload the .snyk policy file in the [kosli attest snyk] command #78

CI: upload the .snyk policy file in the [kosli attest snyk] command

CI: upload the .snyk policy file in the [kosli attest snyk] command #78

Workflow file for this run

name: Main
on:
push:
branches:
- main
jobs:
pre-build:
runs-on: ubuntu-latest
outputs:
image_tag: ${{ steps.prep.outputs.image_tag }}
steps:
- uses: actions/checkout@v3
- name: Prepare
id: prep
run: |
TAG=$(echo $GITHUB_SHA | head -c7)
echo "image_tag=${TAG}" >> ${GITHUB_OUTPUT}
build-test-push:
needs: [pre-build]
uses: cyber-dojo/reusable-actions-workflows/.github/workflows/[email protected]
secrets:
KOSLI_API_TOKEN: ${{ secrets.KOSLI_API_TOKEN }}
KOSLI_API_TOKEN_STAGING: ${{ secrets.KOSLI_API_TOKEN_STAGING }}
DOCKER_PASS: ${{ secrets.DOCKER_PASS }}
DOCKER_USER: ${{ secrets.DOCKER_USER }}
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
BUILD_COMMAND: build_test_publish.sh
image_tag: ${{ needs.pre-build.outputs.image_tag }}
AWS_ACCOUNT_ID: 244531986313
AWS_REGION: eu-central-1
ecr_registry: 244531986313.dkr.ecr.eu-central-1.amazonaws.com
service_name: nginx
gh_actions_iam_role_name: gh_actions_services
deploy-staging:
needs: [pre-build, build-test-push]
uses: cyber-dojo/reusable-actions-workflows/.github/workflows/[email protected]
secrets:
KOSLI_API_TOKEN: ${{ secrets.KOSLI_API_TOKEN }}
KOSLI_API_TOKEN_STAGING: ${{ secrets.KOSLI_API_TOKEN_STAGING }}
with:
tagged_image: 244531986313.dkr.ecr.eu-central-1.amazonaws.com/nginx:${{ needs.pre-build.outputs.image_tag }}
AWS_ACCOUNT_ID: 244531986313
AWS_REGION: eu-central-1
gh_actions_iam_role_name: gh_actions_services
environment_url: https://beta.cyber-dojo.org
environment_name: staging
cyber_dojo_env_name_aws: aws-beta
kosli_host_production: https://app.kosli.com
kosli_host_staging: https://staging.app.kosli.com
deploy-prod:
needs: [pre-build, build-test-push, deploy-staging]
uses: cyber-dojo/reusable-actions-workflows/.github/workflows/[email protected]
secrets:
KOSLI_API_TOKEN: ${{ secrets.KOSLI_API_TOKEN }}
KOSLI_API_TOKEN_STAGING: ${{ secrets.KOSLI_API_TOKEN_STAGING }}
with:
tagged_image: 274425519734.dkr.ecr.eu-central-1.amazonaws.com/nginx:${{ needs.pre-build.outputs.image_tag }}
AWS_ACCOUNT_ID: 274425519734
AWS_REGION: eu-central-1
gh_actions_iam_role_name: gh_actions_services
environment_url: https://cyber-dojo.org
environment_name: production
cyber_dojo_env_name_aws: aws-prod
kosli_host_production: https://app.kosli.com
kosli_host_staging: https://staging.app.kosli.com