Merge branch 'main' into bump-actions

This commit is contained in:
Beth Brennan
2025-01-14 13:13:27 -05:00
committed by GitHub
8 changed files with 120 additions and 119 deletions
+1 -1
View File
@@ -77,7 +77,7 @@ jobs:
contents: read # for actions/checkout to fetch code
security-events: write # for redhat-actions/crda to upload SARIF results
name: Scan project vulnerabilities with CRDA
runs-on: ubuntu-20.04
runs-on: ubuntu-latest
steps:
- name: Check out repository
+1 -1
View File
@@ -16,7 +16,7 @@ on:
jobs:
lint:
name: DevSkim
runs-on: ubuntu-20.04
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
+1 -1
View File
@@ -17,7 +17,7 @@ on:
jobs:
lint:
name: Kubesec
runs-on: ubuntu-20.04
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
+1 -1
View File
@@ -46,7 +46,7 @@ jobs:
contents: read # for actions/checkout to fetch code
security-events: write # for stackhawk/hawkscan-action to upload code scanning alert info
name: StackHawk
runs-on: ubuntu-20.04
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
+1 -1
View File
@@ -24,7 +24,7 @@ jobs:
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
name: Build
runs-on: "ubuntu-20.04"
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
+112 -112
View File
@@ -1,112 +1,112 @@
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by separate terms of service,
# privacy policy, and support documentation.
#
# This workflow will build and publish a Docker container which is then deployed through Octopus Deploy.
#
# The build job in this workflow currently assumes that there is a Dockerfile that generates the relevant application image.
# If required, this job can be modified to generate whatever alternative build artifact is required for your deployment.
#
# This workflow assumes you have already created a Project in Octopus Deploy.
# For instructions see https://octopus.com/docs/projects/setting-up-projects
#
# To configure this workflow:
#
# 1. Decide where you are going to host your image.
# This template uses the GitHub Registry for simplicity but if required you can update the relevant DOCKER_REGISTRY variables below.
#
# 2. Create and configure an OIDC credential for a service account in Octopus.
# This allows for passwordless authentication to your Octopus instance through a trust relationship configured between Octopus, GitHub and your GitHub Repository.
# https://octopus.com/docs/octopus-rest-api/openid-connect/github-actions
#
# 3. Configure your Octopus project details below:
# OCTOPUS_URL: update to your Octopus Instance Url
# OCTOPUS_SERVICE_ACCOUNT: update to your service account Id
# OCTOPUS_SPACE: update to the name of the space your project is configured in
# OCTOPUS_PROJECT: update to the name of your Octopus project
# OCTOPUS_ENVIRONMENT: update to the name of the environment to recieve the first deployment
name: 'Build and Deploy to Octopus Deploy'
on:
push:
branches:
- '$default-branch'
jobs:
build:
name: Build
runs-on: ubuntu-latest
permissions:
packages: write
contents: read
env:
DOCKER_REGISTRY: ghcr.io # TODO: Update to your docker registry uri
DOCKER_REGISTRY_USERNAME: ${{ github.actor }} # TODO: Update to your docker registry username
DOCKER_REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }} # TODO: Update to your docker registry password
outputs:
image_tag: ${{ steps.meta.outputs.version }}
steps:
- uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0
- name: Log in to the Container registry
uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
with:
registry: ${{ env.DOCKER_REGISTRY }}
username: ${{ env.DOCKER_REGISTRY_USERNAME }}
password: ${{ env.DOCKER_REGISTRY_PASSWORD }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
with:
images: ${{ env.DOCKER_REGISTRY }}/${{ github.repository }}
tags: type=semver,pattern={{version}},value=v1.0.0-{{sha}}
- name: Build and push Docker image
id: push
uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4
with:
context: .
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
deploy:
name: Deploy
permissions:
id-token: write
runs-on: ubuntu-latest
needs: [ build ]
env:
OCTOPUS_URL: 'https://your-octopus-url' # TODO: update to your Octopus Instance url
OCTOPUS_SERVICE_ACCOUNT: 'your-service-account-id' # TODO: update to your service account Id
OCTOPUS_SPACE: 'your-space' # TODO: update to the name of the space your project is configured in
OCTOPUS_PROJECT: 'your-project' # TODO: update to the name of your Octopus project
OCTOPUS_ENVIRONMENT: 'your-environment' # TODO: update to the name of the environment to recieve the first deployment
steps:
- name: Login to Octopus Deploy
uses: OctopusDeploy/login@34b6dcc1e86fa373c14e6a28c5507d221e4de629 #v1.0.2
with:
server: '${{ env.OCTOPUS_URL }}'
service_account_id: '${{ env.OCTOPUS_SERVICE_ACCOUNT }}'
- name: Create Release
id: create_release
uses: OctopusDeploy/create-release-action@fea7e7b45c38c021b6bc5a14bd7eaa2ed5269214 #v3.2.2
with:
project: '${{ env.OCTOPUS_PROJECT }}'
space: '${{ env.OCTOPUS_SPACE }}'
packages: '*:${{ needs.build.outputs.image_tag }}'
- name: Deploy Release
uses: OctopusDeploy/deploy-release-action@b10a606c903b0a5bce24102af9d066638ab429ac #v3.2.1
with:
project: '${{ env.OCTOPUS_PROJECT }}'
space: '${{ env.OCTOPUS_SPACE }}'
release_number: '${{ steps.create_release.outputs.release_number }}'
environments: ${{ env.OCTOPUS_ENVIRONMENT }}
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by separate terms of service,
# privacy policy, and support documentation.
#
# This workflow will build and publish a Docker container which is then deployed through Octopus Deploy.
#
# The build job in this workflow currently assumes that there is a Dockerfile that generates the relevant application image.
# If required, this job can be modified to generate whatever alternative build artifact is required for your deployment.
#
# This workflow assumes you have already created a Project in Octopus Deploy.
# For instructions see https://octopus.com/docs/projects/setting-up-projects
#
# To configure this workflow:
#
# 1. Decide where you are going to host your image.
# This template uses the GitHub Registry for simplicity but if required you can update the relevant DOCKER_REGISTRY variables below.
#
# 2. Create and configure an OIDC credential for a service account in Octopus.
# This allows for passwordless authentication to your Octopus instance through a trust relationship configured between Octopus, GitHub and your GitHub Repository.
# https://octopus.com/docs/octopus-rest-api/openid-connect/github-actions
#
# 3. Configure your Octopus project details below:
# OCTOPUS_URL: update to your Octopus Instance Url
# OCTOPUS_SERVICE_ACCOUNT: update to your service account Id
# OCTOPUS_SPACE: update to the name of the space your project is configured in
# OCTOPUS_PROJECT: update to the name of your Octopus project
# OCTOPUS_ENVIRONMENT: update to the name of the environment to recieve the first deployment
name: 'Build and Deploy to Octopus Deploy'
on:
push:
branches:
- '$default-branch'
jobs:
build:
name: Build
runs-on: ubuntu-latest
permissions:
packages: write
contents: read
env:
DOCKER_REGISTRY: ghcr.io # TODO: Update to your docker registry uri
DOCKER_REGISTRY_USERNAME: ${{ github.actor }} # TODO: Update to your docker registry username
DOCKER_REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }} # TODO: Update to your docker registry password
outputs:
image_tag: ${{ steps.meta.outputs.version }}
steps:
- uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0
- name: Log in to the Container registry
uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
with:
registry: ${{ env.DOCKER_REGISTRY }}
username: ${{ env.DOCKER_REGISTRY_USERNAME }}
password: ${{ env.DOCKER_REGISTRY_PASSWORD }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
with:
images: ${{ env.DOCKER_REGISTRY }}/${{ github.repository }}
tags: type=semver,pattern={{version}},value=v1.0.0-{{sha}}
- name: Build and push Docker image
id: push
uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4
with:
context: .
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
deploy:
name: Deploy
permissions:
id-token: write
runs-on: ubuntu-latest
needs: [ build ]
env:
OCTOPUS_URL: 'https://your-octopus-url' # TODO: update to your Octopus Instance url
OCTOPUS_SERVICE_ACCOUNT: 'your-service-account-id' # TODO: update to your service account Id
OCTOPUS_SPACE: 'your-space' # TODO: update to the name of the space your project is configured in
OCTOPUS_PROJECT: 'your-project' # TODO: update to the name of your Octopus project
OCTOPUS_ENVIRONMENT: 'your-environment' # TODO: update to the name of the environment to recieve the first deployment
steps:
- name: Log in to Octopus Deploy
uses: OctopusDeploy/login@34b6dcc1e86fa373c14e6a28c5507d221e4de629 #v1.0.2
with:
server: '${{ env.OCTOPUS_URL }}'
service_account_id: '${{ env.OCTOPUS_SERVICE_ACCOUNT }}'
- name: Create Release
id: create_release
uses: OctopusDeploy/create-release-action@fea7e7b45c38c021b6bc5a14bd7eaa2ed5269214 #v3.2.2
with:
project: '${{ env.OCTOPUS_PROJECT }}'
space: '${{ env.OCTOPUS_SPACE }}'
packages: '*:${{ needs.build.outputs.image_tag }}'
- name: Deploy Release
uses: OctopusDeploy/deploy-release-action@b10a606c903b0a5bce24102af9d066638ab429ac #v3.2.1
with:
project: '${{ env.OCTOPUS_PROJECT }}'
space: '${{ env.OCTOPUS_SPACE }}'
release_number: '${{ steps.create_release.outputs.release_number }}'
environments: ${{ env.OCTOPUS_ENVIRONMENT }}
+1 -1
View File
@@ -77,7 +77,7 @@ jobs:
# 🖊️ Uncomment this if you are using CRDA scan step above
# needs: crda-scan
name: Build and deploy to OpenShift
runs-on: ubuntu-20.04
runs-on: ubuntu-latest
environment: production
outputs:
+2 -1
View File
@@ -34,7 +34,8 @@ jobs:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Ruby
uses: ruby/setup-ruby@8575951200e472d5f2d95c625da0c7bec8217c42 # v1.161.0
# https://github.com/ruby/setup-ruby/releases/tag/v1.207.0
uses: ruby/setup-ruby@4a9ddd6f338a97768b8006bf671dfbad383215f4
with:
ruby-version: '3.1' # Not needed with a .ruby-version file
bundler-cache: true # runs 'bundle install' and caches installed gems automatically