mirror of
https://github.com/empayre/fleet.git
synced 2024-11-06 08:55:24 +00:00
65 lines
2.2 KiB
YAML
65 lines
2.2 KiB
YAML
name: Build docker image and publish to ECR
|
|
|
|
on:
|
|
workflow_dispatch:
|
|
inputs:
|
|
enroll_secret:
|
|
description: 'Enroll Secret'
|
|
required: true
|
|
url:
|
|
description: 'Fleet server URL'
|
|
required: true
|
|
host_count:
|
|
description: 'Amount of hosts to emulate'
|
|
required: true
|
|
default: 20
|
|
tag:
|
|
description: 'docker image tag'
|
|
required: true
|
|
default: latest
|
|
|
|
# This allows a subsequently queued workflow run to interrupt previous runs
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
|
|
cancel-in-progress: true
|
|
|
|
defaults:
|
|
run:
|
|
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference
|
|
shell: bash
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
build-docker:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Harden Runner
|
|
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
|
|
with:
|
|
egress-policy: audit
|
|
|
|
- name: Checkout Code
|
|
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
|
|
|
- name: Configure AWS credentials
|
|
uses: aws-actions/configure-aws-credentials@05b148adc31e091bafbaf404f745055d4d3bc9d2 # v1
|
|
with:
|
|
aws-access-key-id: ${{ secrets.LOADTEST_AWS_ACCESS_KEY_ID }}
|
|
aws-secret-access-key: ${{ secrets.LOADTEST_AWS_SECRET_ACCESS_KEY }}
|
|
aws-region: us-east-2
|
|
|
|
- name: Login to Amazon ECR
|
|
id: login-ecr
|
|
uses: aws-actions/amazon-ecr-login@2f9f10ea3fa2eed41ac443fee8bfbd059af2d0a4 # v1
|
|
|
|
- name: Build, tag, and push image to Amazon ECR
|
|
env:
|
|
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
|
|
ECR_REPOSITORY: osquery-perf
|
|
IMAGE_TAG: ${{ github.event.inputs.tag }}
|
|
run: |
|
|
docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG --build-arg ENROLL_SECRET=${{ github.event.inputs.enroll_secret }} --build-arg HOST_COUNT=${{ github.event.inputs.host_count }} --build-arg SERVER_URL=${{ github.event.inputs.url }} -f Dockerfile.osquery-perf .
|
|
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
|