feat: add ci #401
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build And Push DongTai Base Image To Aliyun Repo | |
on: | |
push: | |
branches: | |
- main | |
- beta | |
- develop | |
jobs: | |
build: | |
if: ${{ github.event_name == 'push' && github.repository_owner == 'HXSecurity' }} | |
runs-on: ubuntu-latest | |
strategy: | |
max-parallel: 4 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v2 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Login to Aliyun | |
uses: docker/login-action@v1 | |
with: | |
registry: ${{ secrets.ALIYUN_REGISTRY }} | |
username: ${{ secrets.ALIYUN_DOCKERHUB_USER }} | |
password: ${{ secrets.ALIYUN_DOCKERHUB_PASSWORD }} | |
- name: Get the release version | |
id: version | |
run: echo ::set-output name=GITHUB_REF::${GITHUB_REF##*/} | |
- name: Login to DockerHub | |
uses: docker/login-action@v1 | |
with: | |
username: ${{ secrets.DONGTAI_DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DONGTAI_DOCKERHUB_TOKEN }} | |
- name: SQL LINT | |
run: | | |
sudo apt install npm -y | |
sudo npm i -g sql-lint | |
sql-lint . trailing-whitespace || true | |
- name: Build and push mysql | |
uses: docker/build-push-action@v3 | |
with: | |
context: ./mysql | |
push: true | |
# platforms: linux/amd64,linux/arm64 | |
tags: | | |
registry.cn-hongkong.aliyuncs.com/secnium/dongtai-mysql:${{ steps.version.outputs.GITHUB_REF }}-latest | |
registry.cn-hongkong.aliyuncs.com/secnium/dongtai-mysql:${{ steps.version.outputs.GITHUB_REF }}-1.0.${{github.run_number}} | |
dongtai/dongtai-mysql-unittest:1.0.${{github.run_number}}-${{ steps.version.outputs.GITHUB_REF }} | |
dongtai/dongtai-mysql-unittest:latest | |
- name: Build and push logstash | |
uses: docker/build-push-action@v3 | |
with: | |
context: ./logstash | |
file: ./logstash/Dockerfile | |
push: true | |
tags: | | |
registry.cn-hongkong.aliyuncs.com/secnium/dongtai-logstash:${{ steps.version.outputs.GITHUB_REF }}-latest | |
registry.cn-hongkong.aliyuncs.com/secnium/dongtai-logstash:${{ steps.version.outputs.GITHUB_REF }}-1.0.${{github.run_number}} | |
- name: Build and push logrotate | |
uses: docker/build-push-action@v3 | |
with: | |
context: ./logrotate | |
file: ./logrotate/Dockerfile | |
push: true | |
tags: | | |
registry.cn-hongkong.aliyuncs.com/secnium/dongtai-logrotate:${{ steps.version.outputs.GITHUB_REF }}-latest | |
registry.cn-hongkong.aliyuncs.com/secnium/dongtai-logrotate:${{ steps.version.outputs.GITHUB_REF }}-1.0.${{github.run_number}} | |
- name: Build and push Redis | |
uses: docker/build-push-action@v2 | |
with: | |
context: ./redis | |
push: true | |
tags: | | |
registry.cn-hongkong.aliyuncs.com/secnium/dongtai-redis:${{ steps.version.outputs.GITHUB_REF }}-latest | |
registry.cn-hongkong.aliyuncs.com/secnium/dongtai-redis:${{ steps.version.outputs.GITHUB_REF }}-1.0.${{github.run_number}} | |
- name: Set the value | |
id: release | |
run: | | |
if [ ${{ steps.version.outputs.GITHUB_REF }} = develop ] ; then echo "helm_ns=test" >> $GITHUB_ENV | |
elif [ ${{ steps.version.outputs.GITHUB_REF }} = beta ] ; then echo "helm_ns=beta" >> $GITHUB_ENV | |
else echo "helm_ns=main" >> $GITHUB_ENV ;fi | |
- name: deploy to cluster | |
uses: wahyd4/kubectl-helm-action@master | |
env: | |
KUBE_CONFIG_DATA: ${{ secrets.KUBE_CONFIG_TEST_DATA }} | |
with: | |
args: | | |
git clone https://github.com/HXSecurity/DongTai.git | |
helm upgrade --install huoxian --create-namespace -n iast-${{ env.helm_ns }} ./DongTai/deploy/kubernetes/helm/ \ | |
--set sca.sca_token=${{ secrets.TOKEN_SCA }} --set usb.usb_token=${{ secrets.TOKEN_SCA }} --set mysql.host=iast-mysql-test.huoxian.cn \ | |
--set tag=${{ steps.version.outputs.GITHUB_REF }}-latest --set build.mysql_number=iast${{github.run_number}} \ | |
--set build.redis_number=iast${{github.run_number}} --set build.logstash_number=iast${{github.run_number}} --values https://charts.dongtai.io/devops.yaml |