Skip to content

Fix the timeout option in Build and Deploy OCI Image workflow #82

Fix the timeout option in Build and Deploy OCI Image workflow

Fix the timeout option in Build and Deploy OCI Image workflow #82

# This workflow will build a steampipe plugin image and publish it to Google Container Registry
#
# To configure this workflow:
#
# 1. Share the following secrets with your repository:
# - STEAMPIPE_REGISTRY_SA_KEY with the Base64 encoded JSON service account key (https://github.com/GoogleCloudPlatform/github-actions/tree/docs/service-account-key/setup-gcloud#inputs).
# 2. Change the values for the environment variables (below) if required.
name: Build and Deploy OCI Image
on:
push:
tags:
- 'v*'
env:
PROJECT_ID: steampipe
ORG: turbot
PLUGIN_REPO: us-docker.pkg.dev/steampipe/plugins
CONFIG_SCHEMA_VERSION: '2020-11-18'
ORAS_VERSION: '0.14.0'
jobs:
build:
name: Build
runs-on:
labels: ubuntu_4_core
steps:
- name: Checkout
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Set environment variables
run: |
plugin_name=$(echo $GITHUB_REPOSITORY | cut -d'-' -f 3)
echo $plugin_name
echo "PLUGIN_NAME=${plugin_name}" >> $GITHUB_ENV
- name: Exit if goreleaser file is missing
run: |
test -f .goreleaser.yml
- name: Set up Go
uses: actions/setup-go@v3
with:
go-version: 1.21
- name: Get latest version tag
run: |-
echo "VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
- name: Trim tag
run: |-
echo $VERSION
trim=${VERSION#"v"}
echo $trim
echo "VERSION=${trim}" >> $GITHUB_ENV
- name: Validate Version String
run: |-
if [[ $VERSION =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
echo "Version OK: $VERSION"
else
echo "Invalid version: $VERSION"
exit 1
fi
- name: Ensure Version Does Not Exist
run: |-
URL=https://$(echo $PLUGIN_REPO | sed 's/\//\/v2\//')/$ORG/$PLUGIN_NAME/tags/list
IDX=$(curl -L $URL | jq ".tags | index(\"$VERSION\")")
if [ $IDX == "null" ]; then
echo "OK - Version does not exist: $VERSION"
else
echo "Version already exists: $VERSION"
exit 1
fi
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@v2
with:
version: latest
args: release --rm-dist --skip-publish --timeout=60
- name: List Build Artifacts
run: ls -laR ./dist
- name: Save Linux Build Artifact - AMD64
uses: actions/upload-artifact@v2
with:
name: steampipe-${{ env.PLUGIN_NAME }}_linux_amd64
path: ./dist/steampipe-plugin-${{ env.PLUGIN_NAME }}_linux_amd64.gz
if-no-files-found: error
- name: Save Linux Build Artifact - ARM64
uses: actions/upload-artifact@v2
with:
name: steampipe-${{ env.PLUGIN_NAME }}_linux_arm64
path: ./dist/steampipe-plugin-${{ env.PLUGIN_NAME }}_linux_arm64.gz
if-no-files-found: error
- name: Save MacOS Build Artifact - AMD64
uses: actions/upload-artifact@v2
with:
name: steampipe-${{ env.PLUGIN_NAME }}_darwin_amd64
path: ./dist/steampipe-plugin-${{ env.PLUGIN_NAME }}_darwin_amd64.gz
if-no-files-found: error
- name: Save MacOS Build Artifact - ARM64
uses: actions/upload-artifact@v2
with:
name: steampipe-${{ env.PLUGIN_NAME }}_darwin_arm64
path: ./dist/steampipe-plugin-${{ env.PLUGIN_NAME }}_darwin_arm64.gz
if-no-files-found: error
publish-deploy:
name: Publish and Deploy
runs-on:
labels: ubuntu_4_core
needs:
- build
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Set environment variables
run: |
plugin_name=$(echo $GITHUB_REPOSITORY | cut -d'-' -f 3)
echo $plugin_name
echo "PLUGIN_NAME=${plugin_name}" >> $GITHUB_ENV
# Setup gcloud CLI
- uses: google-github-actions/[email protected]
with:
service_account_key: ${{ secrets.STEAMPIPE_REGISTRY_SA_KEY }}
project_id: ${{ env.PROJECT_ID }}
- run: gcloud config list
- run: gcloud components install beta
# Configure Docker to use the gcloud command-line tool as a credential
# helper for authentication
- run: |-
gcloud beta auth configure-docker us-docker.pkg.dev
# oras is pre-installed on the image, but we should install a specific version
# to protect against unexpected breaking changes
- run: |
curl -LO https://github.com/oras-project/oras/releases/download/v${ORAS_VERSION}/oras_${ORAS_VERSION}_linux_amd64.tar.gz
sudo tar xzf oras_${ORAS_VERSION}_linux_amd64.tar.gz -C /usr/local/bin oras
oras version
- name: Download linux-amd64 artifact
uses: actions/download-artifact@v2
with:
name: steampipe-${{ env.PLUGIN_NAME }}_linux_amd64
- name: Download linux_arm64 artifact
uses: actions/download-artifact@v2
with:
name: steampipe-${{ env.PLUGIN_NAME }}_linux_arm64
- name: Download darwin_amd64 artifact
uses: actions/download-artifact@v2
with:
name: steampipe-${{ env.PLUGIN_NAME }}_darwin_amd64
- name: Download darwin_arm64 artifact
uses: actions/download-artifact@v2
with:
name: steampipe-${{ env.PLUGIN_NAME }}_darwin_arm64
- name: List files
run: ls -l
- name: Get latest version tag
run: |-
echo "VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
- name: Trim tag
run: |-
echo $VERSION
trim=${VERSION#"v"}
echo $trim
echo "VERSION=${trim}" >> $GITHUB_ENV
- name: Validate Version String
run: |-
if [[ $VERSION =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
echo "Version OK: $VERSION"
else
echo "Invalid version: $VERSION"
exit 1
fi
# create the config file
- run: |-
JSON_STRING=$( jq -n \
--arg name "$PLUGIN_NAME" \
--arg organization "$ORG" \
--arg version "$VERSION" \
--arg schemaVersion "$CONFIG_SCHEMA_VERSION" \
'{schemaVersion: $schemaVersion, plugin: { name: $name, organization: $organization, version: $version} }' )
echo $JSON_STRING > config.json
- run: cat config.json
# create the annotations file
- run: |-
JSON_STRING=$( jq -n \
--arg title "$PLUGIN_NAME" \
--arg desc "$ORG" \
--arg version "$VERSION" \
--arg timestamp "$(date +%FT%T%z)" \
--arg repo "$GITHUB_SERVER_URL/$GITHUB_REPOSITORY" \
--arg commit "$GITHUB_SHA" \
--arg vendor "Turbot HQ, Inc." \
'{
"$manifest": {
"org.opencontainers.image.title": $title,
"org.opencontainers.image.description": $desc,
"org.opencontainers.image.version": $version,
"org.opencontainers.image.created": $timestamp,
"org.opencontainers.image.source": $repo,
"org.opencontainers.image.revision": $commit,
"org.opencontainers.image.vendor": $vendor
}
}' )
echo $JSON_STRING > annotations.json
- run: cat annotations.json
- run: cat README.md
# push to the registry
- run: |-
REF="$PLUGIN_REPO/$ORG/$PLUGIN_NAME:$GITHUB_RUN_ID"
oras push $REF \
--config config.json:application/vnd.turbot.steampipe.config.v1+json \
--annotation-file annotations.json \
steampipe-plugin-${PLUGIN_NAME}_darwin_amd64.gz:application/vnd.turbot.steampipe.plugin.darwin-amd64.layer.v1+gzip \
steampipe-plugin-${PLUGIN_NAME}_darwin_arm64.gz:application/vnd.turbot.steampipe.plugin.darwin-arm64.layer.v1+gzip \
steampipe-plugin-${PLUGIN_NAME}_linux_amd64.gz:application/vnd.turbot.steampipe.plugin.linux-amd64.layer.v1+gzip \
steampipe-plugin-${PLUGIN_NAME}_linux_arm64.gz:application/vnd.turbot.steampipe.plugin.linux-arm64.layer.v1+gzip \
docs:application/vnd.turbot.steampipe.plugin.docs.layer.v1+tar \
config:application/vnd.turbot.steampipe.plugin.spc.layer.v1+tar
tag-versions:
name: Set Version tags
runs-on:
labels: ubuntu_4_core
needs:
- publish-deploy
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Set environment variables
run: |
plugin_name=$(echo $GITHUB_REPOSITORY | cut -d'-' -f 3)
echo $plugin_name
echo "PLUGIN_NAME=${plugin_name}" >> $GITHUB_ENV
# Setup gcloud CLI
- uses: google-github-actions/[email protected]
with:
service_account_key: ${{ secrets.STEAMPIPE_REGISTRY_SA_KEY }}
project_id: ${{ env.PROJECT_ID }}
- run: gcloud config list --quiet
- run: gcloud components install alpha --quiet
- name: Get latest version tag
run: |-
echo "VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
- name: Trim tag
run: |-
echo $VERSION
trim=${VERSION#"v"}
echo $trim
echo "VERSION=${trim}" >> $GITHUB_ENV
- name: Validate Version String
run: |-
if [[ $VERSION =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
echo "Version OK: $VERSION"
else
echo "Invalid version: $VERSION"
exit 1
fi
- name: Ensure Version Does Not Exist
run: |-
URL=https://$(echo $PLUGIN_REPO | sed 's/\//\/v2\//')/$ORG/$PLUGIN_NAME/tags/list
IDX=$(curl -L $URL | jq ".tags | index(\"$VERSION\")")
if [ $IDX == "null" ]; then
echo "OK - Version does not exist: $VERSION"
else
echo "Version already exists: $VERSION"
exit 1
fi
- name: Set version tags
uses: turbot/steampipe-workflows/.github/actions/semver-tags@main
id: semver
with:
image-to-tag: '${{ env.PLUGIN_REPO }}/${{ env.ORG }}/${{ env.PLUGIN_NAME }}:${{ github.run_id }}'
image-version: ${{ env.VERSION }}