Fixed zip command #18
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: release | |
on: | |
push: | |
tags: | |
- '[0-9]+.[0-9]+.[0-9]+\-?*' | |
jobs: | |
compile: | |
name: Cross compile binaries | |
runs-on: ubuntu-latest | |
container: | |
image: golangci/golangci-lint:latest | |
steps: | |
- name: Checkout Code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Make repo safe | |
run: git config --global --add safe.directory /__w/SOARCA/SOARCA | |
- name: Install swaggo | |
run: go install github.com/swaggo/swag/cmd/swag@latest | |
- name: Build with make | |
run: | | |
go install github.com/swaggo/swag/cmd/swag@latest | |
go install github.com/CycloneDX/cyclonedx-gomod/cmd/cyclonedx-gomod@latest | |
make compile | |
make sbom | |
- name: 'Upload Artifact' | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{ github.sha }} | |
path: bin/* | |
retention-days: 1 | |
docker-build: | |
needs: compile | |
name: Build docker image and release it to docker hub | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout Code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Make repo safe | |
run: git config --global --add safe.directory /__w/SOARCA/SOARCA | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Download bin | |
uses: actions/download-artifact@v4 | |
with: | |
pattern: ${{ github.sha }} | |
- name: Move files to bin folder | |
run: | | |
mkdir -p bin | |
mv ${{ github.sha }}/* ./bin/ | |
- name: Login to Docker Hub | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKER_HUB_USER }} | |
password: ${{ secrets.DOCKER_HUB_TOKEN }} | |
- name: Get version | |
run: | | |
export VERSION=$(git describe --tags --dirty) | |
echo "describe_version=$(git describe --tags --dirty)" >> "$GITHUB_ENV" | |
- name: Build and push | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
build-args: | | |
VERSION=${{ env.describe_version }} | |
push: true | |
tags: cossas/soarca:${{ env.describe_version }} | |
release-binary: | |
needs: compile | |
name: Create release artifacts | |
runs-on: ubuntu-latest | |
steps: | |
- name: Setup Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version: '1.21.x' | |
- name: Import GPG key | |
uses: crazy-max/ghaction-import-gpg@v6 | |
with: | |
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} | |
passphrase: ${{ secrets.GPG_PASSPHRASE }} | |
- name: Checkout Code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Make repo safe | |
run: git config --global --add safe.directory /__w/SOARCA/SOARCA | |
- name: Build and sbom swagger | |
run: | | |
go install github.com/swaggo/swag/cmd/swag@latest | |
go install github.com/CycloneDX/cyclonedx-gomod/cmd/cyclonedx-gomod@latest | |
swag init -o swaggerdocs | |
mkdir -p sbom | |
make sbom | |
zip -r sbom.zip bin | |
- name: Release soarca binary | |
uses: goreleaser/goreleaser-action@v5 | |
with: | |
distribution: goreleaser | |
version: latest | |
args: release --clean | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} | |
- name: Upload release sbom | |
uses: actions/github-script@v4 | |
with: | |
script: | | |
const fs = require('fs'); | |
const tag = context.ref.replace("refs/tags/", ""); | |
// Get release for this tag | |
const release = await github.repos.getReleaseByTag({ | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
tag | |
}); | |
// Upload the release asset | |
await github.repos.uploadReleaseAsset({ | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
release_id: release.data.id, | |
name: "sbom.zip", | |
data: await fs.readFileSync("sbom.zip") | |
}); |