From 6915621d3bc70dd81e077b342ff07483f979a93e Mon Sep 17 00:00:00 2001 From: tscuite Date: Fri, 9 Sep 2022 15:40:20 +0800 Subject: [PATCH] fix: action --- .github/workflows/deploy-dev.yaml | 20 -------- .github/workflows/release_dongtai.yml | 59 +++++++++++++++++------- .github/workflows/release_helm_chart.yml | 46 ------------------ 3 files changed, 42 insertions(+), 83 deletions(-) delete mode 100644 .github/workflows/release_helm_chart.yml diff --git a/.github/workflows/deploy-dev.yaml b/.github/workflows/deploy-dev.yaml index aab7883ae..09255a643 100644 --- a/.github/workflows/deploy-dev.yaml +++ b/.github/workflows/deploy-dev.yaml @@ -1,13 +1,9 @@ -# This is a basic workflow to help you get started with Actions - name: Deploy DongTai Server To Dev on: push: branches: [ "main" ] - -# A workflow run is made up of one or more jobs that can run sequentially or in parallel jobs: Deploy-to-dev: if: ${{ github.event_name == 'push' && github.repository_owner == 'HXSecurity' }} @@ -16,8 +12,6 @@ jobs: max-parallel: 4 matrix: python-version: [3.7] - - # Steps represent a sequence of tasks that will be executed as part of the job steps: - name: Checkout uses: actions/checkout@v2 @@ -65,20 +59,6 @@ jobs: tags: | registry.cn-hongkong.aliyuncs.com/secnium/dongtai-server-test:latest registry.cn-hongkong.aliyuncs.com/secnium/dongtai-server-test:1.0.${{github.run_number}} - # - name: Build - # run: | - # docker build -t registry.cn-beijing.aliyuncs.com/secnium/dongtai-server-test:latest . - # docker tag registry.cn-beijing.aliyuncs.com/secnium/dongtai-server-test:latest registry.cn-beijing.aliyuncs.com/secnium/dongtai-server-test:1.0.${{github.run_number}} - - # - name: push - # uses: nick-invision/retry@v2 - # with: - # timeout_seconds: 300 - # max_attempts: 10 - # #retry_on: timeout - # command: | - # docker push registry.cn-beijing.aliyuncs.com/secnium/dongtai-server-test:latest - # docker push registry.cn-beijing.aliyuncs.com/secnium/dongtai-server-test:1.0.${{github.run_number}} - uses: actions/checkout@master - name: deploy to cluster diff --git a/.github/workflows/release_dongtai.yml b/.github/workflows/release_dongtai.yml index 300c12d5e..e9f75f0f0 100644 --- a/.github/workflows/release_dongtai.yml +++ b/.github/workflows/release_dongtai.yml @@ -6,6 +6,7 @@ on: jobs: build: + if: ${{ github.repository_owner == 'HXSecurity' }} runs-on: ubuntu-latest permissions: contents: write @@ -51,11 +52,8 @@ jobs: - name: Setup Ossutil uses: manyuanrong/setup-ossutil@v2.0 with: - # 填写Bucket所在地域的域名信息,可参考访问域名和数据中心。 endpoint: ${{ secrets.ALIYUN_OSS_ENDPOINT }} - # AccessKeyID access-key-id: ${{ secrets.ALIYUN_OSS_KEY_ID }} - # AccessKeySceret access-key-secret: ${{ secrets.ALIYUN_OSS_KEY_SECRET }} - run: | echo "${{ github.event.repository.name }},version,${{ steps.release.outputs.version }}" >> version.txt && \ @@ -68,19 +66,8 @@ jobs: [ ! -f ./dongtai-agent.jar ] && echo "$FILE does not exist." ossutil cp oss://dongtai/agent/python/ ./ --include "*.tar.gz" -r ossutil cp oss://dongtai/agent/php/ ./ --include "*.tar.gz" -r - #ossutil cp oss://huoqi-public/iast/release-version/DongTai-agent-python/${{ steps.release.outputs.VERSION }}/version.txt DongTai-agent-python.version.txt || true - #ossutil cp oss://huoqi-public/iast/release-version/DongTai-agent-java/${{ steps.release.outputs.VERSION }}/version.txt DongTai-agent-java.version.txt || true - #ossutil cp oss://huoqi-public/iast/release-version/DongTai-agent-php/${{ steps.release.outputs.VERSION }}/version.txt DongTai-agent-php.version.txt || true - #DONGTAI_JAVA_AGENT_REPONAME=`cat DongTai-agent-java.version.txt | awk '{split($0,a,",");print a[1]}' | sed -n "1p"` - #DONGTAI_JAVA_AGENT_VERSION=`cat DongTai-agent-java.version.txt | awk '{split($0,a,",");print a[3]}' | sed -n "1p"` - #DONGTAI_JAVA_AGENT_HASH=`cat DongTai-agent-java.version.txt | awk '{split($0,a,",");print a[3]}' | sed -n "2p"` - #DONGTAI_PYTHON_AGENT_REPONAME=`cat DongTai-agent-python.version.txt | awk '{split($0,a,",");print a[1]}' | sed -n "1p"` - #DONGTAI_PYTHON_AGENT_VERSION=`cat DongTai-agent-python.version.txt | awk '{split($0,a,",");print a[3]}' | sed -n "1p"` - #DONGTAI_PYTHON_AGENT_HASH=`cat DongTai-agent-python.version.txt | awk '{split($0,a,",");print a[3]}' | sed -n "2p"` echo "REPLACE INTO project_version_control (version, component_name, component_version_hash) VALUES('${{ steps.release.outputs.version }}', '${{ github.event.repository.name }}', '${GITHUB_SHA}');" >> ./deploy/docker/version.sql - #echo "REPLACE INTO project_version_control (version, component_name, component_version_hash) VALUES('$DONGTAI_JAVA_AGENT_VERSION', '$DONGTAI_JAVA_AGENT_REPONAME', '$DONGTAI_JAVA_AGENT_HASH');" >> ./deploy/docker/version.sql - #echo "REPLACE INTO project_version_control (version, component_name, component_version_hash) VALUES('$DONGTAI_PYTHON_AGENT_VERSION', '$DONGTAI_PYTHON_AGENT_REPONAME', '$DONGTAI_PYTHON_AGENT_HASH');" >> ./deploy/docker/version.sql - + - name: Build and push uses: docker/build-push-action@v2 with: @@ -88,10 +75,9 @@ jobs: context: . push: true tags: | - registry.cn-beijing.aliyuncs.com/huoxian_pub/dongtai-server:latest - registry.cn-beijing.aliyuncs.com/huoxian_pub/dongtai-server:${{ steps.release.outputs.version }} dongtai/dongtai-server:latest dongtai/dongtai-server:${{ steps.release.outputs.version }} + #- uses: actions/checkout@master #- name: deploy to cluster # uses: wahyd4/kubectl-helm-action@master @@ -107,3 +93,42 @@ jobs: with: url: ${{ secrets.DONGTAI_WEBHOOK_URL }} body: '{"msg_type": "interactive","card": {"config": {"wide_screen_mode": true,"enable_forward": true},"elements": [{"tag": "div","text": {"content": "状态:项目${{github.repository}}构建成功\n分支:${{github.ref}}\n流程:${{github.workflow}}\n构建编号:${{github.run_number}}\n触发事件:${{github.event_name}}\n提交人:${{github.actor}}\nSHA-1:${{github.sha}}\n","tag": "lark_md"}}]}}' + + + helm: + name: Build + runs-on: ubuntu-latest + + steps: + - name: Checkout repo + uses: actions/checkout@v2 + + - uses: azure/setup-helm@v1 + with: + version: 'latest' + id: install + + - name: Get the release version + id: get_version + run: echo ::set-output name=VERSION::${GITHUB_REF#refs/tags/} + + - name: Setup ossutil + uses: manyuanrong/setup-ossutil@v2.0 + with: + endpoint: ${{ secrets.CHART_OSS_ENDPOINT }} + access-key-id: ${{ secrets.CHART_OSS_ACCESS_KEY_ID }} + access-key-secret: ${{ secrets.CHART_OSS_ACCESS_KEY_SECRET }} + + - name: Download existed repo files + run: | + ossutil cp -rf oss://dongtai-helm-charts/iast/ ~/helm/repo/ --include dongtai-iast-*.tgz --exclude "index.yaml" + + - name: Create helm package + run: | + helm package deploy/kubernetes/helm -d ~/helm/repo --app-version ${{ steps.get_version.outputs.VERSION }} --version ${{ steps.get_version.outputs.VERSION }} + helm repo index ~/helm/repo/ --url ${{ secrets.DONGTAI_IAST_CHART_REPO_URL }} + + - name: Push helm chart to repo + run: | + ossutil cp -rf ~/helm/repo/dongtai-iast-${{ steps.get_version.outputs.VERSION }}.tgz oss://dongtai-helm-charts/iast/ + ossutil cp -rf ~/helm/repo/index.yaml oss://dongtai-helm-charts/iast/ \ No newline at end of file diff --git a/.github/workflows/release_helm_chart.yml b/.github/workflows/release_helm_chart.yml deleted file mode 100644 index d38927cc0..000000000 --- a/.github/workflows/release_helm_chart.yml +++ /dev/null @@ -1,46 +0,0 @@ -name: Release helm chart -on: - push: - tags: - - "v*" -jobs: - build: - name: Build - runs-on: ubuntu-latest - - steps: - - name: Checkout repo - uses: actions/checkout@v2 - - - uses: azure/setup-helm@v1 - with: - version: 'latest' # default is latest stable - id: install - - - name: Get the release version - id: get_version - run: echo ::set-output name=VERSION::${GITHUB_REF#refs/tags/} - - - name: Setup ossutil - uses: manyuanrong/setup-ossutil@v2.0 - with: - endpoint: ${{ secrets.CHART_OSS_ENDPOINT }} - access-key-id: ${{ secrets.CHART_OSS_ACCESS_KEY_ID }} - access-key-secret: ${{ secrets.CHART_OSS_ACCESS_KEY_SECRET }} - - - name: Download existed repo files - run: | - ossutil cp -rf oss://dongtai-helm-charts/iast/ ~/helm/repo/ --include dongtai-iast-*.tgz --exclude "index.yaml" - - - name: Create helm package - run: | - helm package deploy/kubernetes/helm -d ~/helm/repo --app-version ${{ steps.get_version.outputs.VERSION }} --version ${{ steps.get_version.outputs.VERSION }} - helm repo index ~/helm/repo/ --url ${{ secrets.DONGTAI_IAST_CHART_REPO_URL }} - - - - - name: Push helm chart to repo - run: | - ossutil cp -rf ~/helm/repo/dongtai-iast-${{ steps.get_version.outputs.VERSION }}.tgz oss://dongtai-helm-charts/iast/ - ossutil cp -rf ~/helm/repo/index.yaml oss://dongtai-helm-charts/iast/ -