action #92
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# name: Helm Charts Push to AWS ECR | |
# on: | |
# push: | |
# branches: | |
# - test | |
# pull_request_target: | |
# branches: | |
# - "*" # This ensures it runs on all branches for pull requests | |
# jobs: | |
# helm_chart_validation: | |
# runs-on: ubuntu-latest | |
# steps: | |
# - name: Checkout code | |
# uses: actions/checkout@v2 | |
# - name: Install Helm | |
# run: | | |
# curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | |
# chmod 700 get_helm.sh | |
# ./get_helm.sh | |
# - name: Validate k8s-risk-assessment-job | |
# run: | | |
# helm lint k8s-risk-assessment-job | |
# helm template k8s-risk-assessment-job --dry-run > /dev/null | |
# - name: Validate k8tls-job | |
# run: | | |
# helm lint k8tls-job | |
# helm template k8tls-job --dry-run > /dev/null | |
# - name: Validate kiem-job | |
# run: | | |
# helm lint kiem-job | |
# helm template kiem-job --dry-run > /dev/null | |
# # - name: Validate cis-k8s-job | |
# # run: | | |
# # helm lint cis-k8s-job | |
# # helm template cis-k8s-job --dry-run > /dev/null | |
# helm_push_to_ecr: | |
# runs-on: ubuntu-latest | |
# needs: [helm_chart_validation] # Ensure this job runs after tag validation and chart validation | |
# steps: | |
# - name: Checkout code | |
# uses: actions/checkout@v2 | |
# - name: Set up AWS Credentials | |
# uses: aws-actions/configure-aws-credentials@v2 | |
# with: | |
# aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
# aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
# aws-region: us-east-1 | |
# - name: Install Helm | |
# run: | | |
# curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | |
# chmod 700 get_helm.sh | |
# ./get_helm.sh | |
# - name: Package k8s-risk-assessment-job | |
# run: | | |
# helm package k8s-risk-assessment-job | |
# K8S_RISK_ASSESSMENT_JOB=$(ls k8s-risk-assessment-job-*.tgz) | |
# # echo "CHART_PACKAGE_1=$CHART_PACKAGE_1" >> $GITHUB_ENV | |
# - name: Package k8tls-job | |
# run: | | |
# helm package k8tls-job | |
# CHART_PACKAGE_2=$(ls k8tls-job-*.tgz) | |
# # echo "CHART_PACKAGE_2=$CHART_PACKAGE_2" >> $GITHUB_ENV | |
# - name: Package kiem-job | |
# run: | | |
# helm package kiem-job | |
# CHART_PACKAGE_3=$(ls kiem-job-*.tgz) | |
# # echo "CHART_PACKAGE_3=$CHART_PACKAGE_3" >> $GITHUB_ENV | |
# # - name: Package cis-k8s-job | |
# # run: | | |
# # helm package cis-k8s-job | |
# # CHART_PACKAGE_4=$(ls cis-k8s-job-*.tgz) | |
# # echo "CHART_PACKAGE_4=$CHART_PACKAGE_4" >> $GITHUB_ENV | |
# - name: Login to AWS ECR | |
# run: | | |
# aws ecr-public get-login-password --region us-east-1 | helm registry login --username AWS --password-stdin ${{ secrets.REPO }} | |
# - name: Push k8s-risk-assessment-job to ECR | |
# run: | | |
# helm push ${{ env.K8S_RISK_ASSESSMENT_JOB }} oci://${{ secrets.REPO }} | |
# # - name: Push k8tls-job to ECR | |
# # run: | | |
# # helm push ${{ env.CHART_PACKAGE_2 }} oci://${{ secrets.REPO }} | |
# # - name: Push kiem-job to ECR | |
# # run: | | |
# # helm push ${{ env.CHART_PACKAGE_3 }} oci://${{ secrets.REPO }} | |
# # - name: Push cis-k8s-job to ECR | |
# # run: | | |
# # helm push ${{ env.CHART_PACKAGE_4 }} oci://${{ secrets.REPO }} | |
name: Helm Charts Push to AWS ECR | |
on: | |
push: | |
branches: | |
- test | |
jobs: | |
helm_push_to_ecr: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v2 | |
- name: Set up AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: us-east-1 | |
- name: Install Helm | |
run: | | |
curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | |
chmod 700 get_helm.sh | |
./get_helm.sh | |
- name: Login to AWS ECR | |
run: | | |
aws ecr-public get-login-password --region us-east-1 | helm registry login --username AWS --password-stdin ${{ secrets.REPO }} | |
- name: Package and Push Helm Charts | |
run: | | |
for CHART_DIR in k8tls-job kiem-job; do | |
helm package $CHART_DIR | |
CHART_PACKAGE=$(ls $CHART_DIR-*.tgz) | |
helm push $CHART_PACKAGE oci://${{ secrets.REPO }} | |
done |