Skip to content
Build And Push DongTai Base Image To Aliyun Repo

feat: add ci #401

Sign in to view logs

feat: add ci

feat: add ci #401

Workflow file for this run

.github/workflows/build_base_image.yaml at 8784691
name: Build And Push DongTai Base Image To Aliyun Repo
on:
push:
branches:
- main
- beta
- develop
jobs:
build:
if: ${{ github.event_name == 'push' && github.repository_owner == 'HXSecurity' }}
runs-on: ubuntu-latest
strategy:
max-parallel: 4
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to Aliyun
uses: docker/login-action@v1
with:
registry: ${{ secrets.ALIYUN_REGISTRY }}
username: ${{ secrets.ALIYUN_DOCKERHUB_USER }}
password: ${{ secrets.ALIYUN_DOCKERHUB_PASSWORD }}
- name: Get the release version
id: version
run: echo ::set-output name=GITHUB_REF::${GITHUB_REF##*/}
- name: Login to DockerHub
uses: docker/login-action@v1
with:
username: ${{ secrets.DONGTAI_DOCKERHUB_USERNAME }}
password: ${{ secrets.DONGTAI_DOCKERHUB_TOKEN }}
- name: SQL LINT
run: |
sudo apt install npm -y
sudo npm i -g sql-lint
sql-lint . trailing-whitespace || true
- name: Build and push mysql
uses: docker/build-push-action@v3
with:
context: ./mysql
push: true
# platforms: linux/amd64,linux/arm64
tags: |
registry.cn-hongkong.aliyuncs.com/secnium/dongtai-mysql:${{ steps.version.outputs.GITHUB_REF }}-latest
registry.cn-hongkong.aliyuncs.com/secnium/dongtai-mysql:${{ steps.version.outputs.GITHUB_REF }}-1.0.${{github.run_number}}
dongtai/dongtai-mysql-unittest:1.0.${{github.run_number}}-${{ steps.version.outputs.GITHUB_REF }}
dongtai/dongtai-mysql-unittest:latest
- name: Build and push logstash
uses: docker/build-push-action@v3
with:
context: ./logstash
file: ./logstash/Dockerfile
push: true
tags: |
registry.cn-hongkong.aliyuncs.com/secnium/dongtai-logstash:${{ steps.version.outputs.GITHUB_REF }}-latest
registry.cn-hongkong.aliyuncs.com/secnium/dongtai-logstash:${{ steps.version.outputs.GITHUB_REF }}-1.0.${{github.run_number}}
- name: Build and push logrotate
uses: docker/build-push-action@v3
with:
context: ./logrotate
file: ./logrotate/Dockerfile
push: true
tags: |
registry.cn-hongkong.aliyuncs.com/secnium/dongtai-logrotate:${{ steps.version.outputs.GITHUB_REF }}-latest
registry.cn-hongkong.aliyuncs.com/secnium/dongtai-logrotate:${{ steps.version.outputs.GITHUB_REF }}-1.0.${{github.run_number}}
- name: Build and push Redis
uses: docker/build-push-action@v2
with:
context: ./redis
push: true
tags: |
registry.cn-hongkong.aliyuncs.com/secnium/dongtai-redis:${{ steps.version.outputs.GITHUB_REF }}-latest
registry.cn-hongkong.aliyuncs.com/secnium/dongtai-redis:${{ steps.version.outputs.GITHUB_REF }}-1.0.${{github.run_number}}
- name: Set the value
id: release
run: |
if [ ${{ steps.version.outputs.GITHUB_REF }} = develop ] ; then echo "helm_ns=test" >> $GITHUB_ENV
elif [ ${{ steps.version.outputs.GITHUB_REF }} = beta ] ; then echo "helm_ns=beta" >> $GITHUB_ENV
else echo "helm_ns=main" >> $GITHUB_ENV ;fi
- name: deploy to cluster
uses: wahyd4/kubectl-helm-action@master
env:
KUBE_CONFIG_DATA: ${{ secrets.KUBE_CONFIG_TEST_DATA }}
with:
args: |
git clone https://github.com/HXSecurity/DongTai.git
helm upgrade --install huoxian --create-namespace -n iast-${{ env.helm_ns }} ./DongTai/deploy/kubernetes/helm/ \
--set sca.sca_token=${{ secrets.TOKEN_SCA }} --set usb.usb_token=${{ secrets.TOKEN_SCA }} --set mysql.host=iast-mysql-test.huoxian.cn \
--set tag=${{ steps.version.outputs.GITHUB_REF }}-latest --set build.mysql_number=iast${{github.run_number}} \
--set build.redis_number=iast${{github.run_number}} --set build.logstash_number=iast${{github.run_number}} --values https://charts.dongtai.io/devops.yaml