mirror of
https://github.com/falcosecurity/falco.git
synced 2025-06-28 15:47:25 +00:00
chore(ci): multiple fixes to new master and release ci jobs.
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
This commit is contained in:
Federico Di Pierro
poiana
parent
18372323d9
commit
1c3aa7a83b
4
.github/workflows/master.yaml
vendored
4
.github/workflows/master.yaml
vendored
@ -34,7 +34,6 @@ jobs:
|
||||
uses: falcosecurity/falco/.github/workflows/reusable_build_docker.yaml@main
|
||||
with:
|
||||
arch: x86_64
|
||||
tagname: master
|
||||
bucket: '-dev'
|
||||
version: ${{ needs.build-dev-packages.outputs.version }}
|
||||
secrets: inherit
|
||||
@ -44,7 +43,6 @@ jobs:
|
||||
uses: falcosecurity/falco/.github/workflows/reusable_build_docker.yaml@main
|
||||
with:
|
||||
arch: aarch64
|
||||
tagname: master
|
||||
bucket: '-dev'
|
||||
version: ${{ needs.build-dev-packages.outputs.version }}
|
||||
secrets: inherit
|
||||
@ -52,6 +50,4 @@ jobs:
|
||||
publish-dev-docker:
|
||||
needs: [build-dev-docker, build-dev-docker-arm64]
|
||||
uses: falcosecurity/falco/.github/workflows/reusable_publish_docker.yaml@main
|
||||
with:
|
||||
tagname: master
|
||||
secrets: inherit
|
||||
|
||||
4
.github/workflows/release.yaml
vendored
4
.github/workflows/release.yaml
vendored
@ -34,7 +34,6 @@ jobs:
|
||||
uses: falcosecurity/falco/.github/workflows/reusable_build_docker.yaml@main
|
||||
with:
|
||||
arch: x86_64
|
||||
tagname: ${{ github.ref_name }}
|
||||
version: ${{ needs.build-packages.outputs.version }}
|
||||
secrets: inherit
|
||||
|
||||
@ -43,14 +42,11 @@ jobs:
|
||||
uses: falcosecurity/falco/.github/workflows/reusable_build_docker.yaml@main
|
||||
with:
|
||||
arch: aarch64
|
||||
tagname: ${{ github.ref_name }}
|
||||
version: ${{ needs.build-packages.outputs.version }}
|
||||
secrets: inherit
|
||||
|
||||
publish-docker:
|
||||
needs: [build-docker, build-docker-arm64]
|
||||
uses: falcosecurity/falco/.github/workflows/reusable_publish_docker.yaml@main
|
||||
with:
|
||||
tagname: ${{ github.ref_name }}
|
||||
secrets: inherit
|
||||
|
||||
|
||||
27
.github/workflows/reusable_build_docker.yaml
vendored
27
.github/workflows/reusable_build_docker.yaml
vendored
@ -24,13 +24,10 @@ jobs:
|
||||
build-docker:
|
||||
# See https://github.com/actions/runner/issues/409#issuecomment-1158849936
|
||||
runs-on: ${{ (inputs.arch == "aarch64") && fromJSON('[ "self-hosted", "linux", "ARM64" ]') || 'ubuntu-latest' }}
|
||||
container:
|
||||
image: ubuntu:22.04
|
||||
container: ubuntu:22.04
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v3
|
||||
with:
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Install deps
|
||||
run: |
|
||||
@ -57,10 +54,10 @@ jobs:
|
||||
VERSION_BUCKET=bin${{ inputs.bucket }}
|
||||
FALCO_VERSION=${{ inputs.version }}
|
||||
tags: |
|
||||
falcosecurity/falco-no-driver:${{ inputs.arch }}-${{ inputs.tagname }}
|
||||
falcosecurity/falco:${{ inputs.arch }}-${{ inputs.tagname }}-slim
|
||||
public.ecr.aws/falcosecurity/falco-no-driver:${{ inputs.arch }}-${{ inputs.tagname }}
|
||||
public.ecr.aws/falcosecurity/falco:${{ inputs.arch }}-${{ inputs.tagname }}-slim
|
||||
falcosecurity/falco-no-driver:${{ inputs.arch }}-${{ github.ref_name }}
|
||||
falcosecurity/falco:${{ inputs.arch }}-${{ github.ref_name }}-slim
|
||||
public.ecr.aws/falcosecurity/falco-no-driver:${{ inputs.arch }}-${{ github.ref_name }}
|
||||
public.ecr.aws/falcosecurity/falco:${{ inputs.arch }}-${{ github.ref_name }}-slim
|
||||
|
||||
- name: Build and publish falco
|
||||
uses: docker/build-push-action@v3
|
||||
@ -72,8 +69,8 @@ jobs:
|
||||
VERSION_BUCKET=deb${{ inputs.bucket }}
|
||||
FALCO_VERSION=${{ inputs.version }}
|
||||
tags: |
|
||||
falcosecurity/falco:${{ inputs.arch }}-${{ inputs.tagname }}
|
||||
public.ecr.aws/falcosecurity/falco:${{ inputs.arch }}-${{ inputs.tagname }}
|
||||
falcosecurity/falco:${{ inputs.arch }}-${{ github.ref_name }}
|
||||
public.ecr.aws/falcosecurity/falco:${{ inputs.arch }}-${{ github.ref_name }}
|
||||
|
||||
- name: Build and publish falco-driver-loader
|
||||
uses: docker/build-push-action@v3
|
||||
@ -82,10 +79,10 @@ jobs:
|
||||
push: true
|
||||
provenance: false # https://github.com/Noelware/docker-manifest-action/issues/131
|
||||
build-args: |
|
||||
FALCO_IMAGE_TAG=${{ inputs.arch }}-${{ inputs.tagname }}
|
||||
FALCO_IMAGE_TAG=${{ inputs.arch }}-${{ github.ref_name }}
|
||||
tags: |
|
||||
falcosecurity/falco-driver-loader:${{ inputs.arch }}-${{ inputs.tagname }}
|
||||
public.ecr.aws/falcosecurity/falco-driver-loader:${{ inputs.arch }}-${{ inputs.tagname }}
|
||||
falcosecurity/falco-driver-loader:${{ inputs.arch }}-${{ github.ref_name }}
|
||||
public.ecr.aws/falcosecurity/falco-driver-loader:${{ inputs.arch }}-${{ github.ref_name }}
|
||||
|
||||
- name: Build and publish no-driver latest
|
||||
if: ${{ inputs.tagname != 'master' }}
|
||||
@ -96,7 +93,7 @@ jobs:
|
||||
provenance: false # https://github.com/Noelware/docker-manifest-action/issues/131
|
||||
build-args: |
|
||||
VERSION_BUCKET=bin
|
||||
FALCO_VERSION=${{ inputs.tagname }}
|
||||
FALCO_VERSION=${{ github.ref_name }}
|
||||
tags: |
|
||||
falcosecurity/falco-no-driver:${{ inputs.arch }}-latest
|
||||
falcosecurity/falco:${{ inputs.arch }}-latest-slim
|
||||
@ -112,7 +109,7 @@ jobs:
|
||||
provenance: false # https://github.com/Noelware/docker-manifest-action/issues/131
|
||||
build-args: |
|
||||
VERSION_BUCKET=deb
|
||||
FALCO_VERSION=${{ inputs.tagname }}
|
||||
FALCO_VERSION=${{ github.ref_name }}
|
||||
tags: |
|
||||
falcosecurity/falco:${{ inputs.arch }}-latest
|
||||
public.ecr.aws/falcosecurity/falco:${{ inputs.arch }}-latest
|
||||
|
||||
106
.github/workflows/reusable_build_packages.yaml
vendored
106
.github/workflows/reusable_build_packages.yaml
vendored
@ -12,11 +12,37 @@ on:
|
||||
value: ${{ jobs.build-packages.outputs.version }}
|
||||
|
||||
jobs:
|
||||
build-modern-bpf-skeleton:
|
||||
# See https://github.com/actions/runner/issues/409#issuecomment-1158849936
|
||||
runs-on: ${{ (inputs.arch == "aarch64") && fromJSON('[ "self-hosted", "linux", "ARM64" ]') || 'ubuntu-latest' }}
|
||||
container: fedora:latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v3
|
||||
with:
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Install build dependencies
|
||||
run: |
|
||||
dnf install -y bpftool ca-certificates cmake make automake gcc gcc-c++ kernel-devel clang git pkg-config autoconf automake libbpf-devel
|
||||
|
||||
- name: Build modern BPF skeleton
|
||||
run: |
|
||||
mkdir skeleton-build && cd skeleton-build
|
||||
cmake -DUSE_BUNDLED_DEPS=ON -DBUILD_FALCO_MODERN_BPF=ON -DCREATE_TEST_TARGETS=Off ..
|
||||
make ProbeSkeleton -j6
|
||||
|
||||
- name: Upload skeleton
|
||||
uses: actions/upload-artifact@v3
|
||||
with:
|
||||
name: bpf_probe_${{ inputs.arch }}.skel.h
|
||||
path: skeleton-build/skel_dir/bpf_probe.skel.h
|
||||
|
||||
build-packages:
|
||||
# See https://github.com/actions/runner/issues/409#issuecomment-1158849936
|
||||
runs-on: ${{ (inputs.arch == "aarch64") && fromJSON('[ "self-hosted", "linux", "ARM64" ]') || 'ubuntu-latest' }}
|
||||
container:
|
||||
image: ubuntu:22.04
|
||||
needs: build-modern-bpf-skeleton
|
||||
container: centos:7
|
||||
# Map the job outputs to step outputs
|
||||
outputs:
|
||||
version: ${{ steps.store_version.outputs.version }}
|
||||
@ -24,88 +50,92 @@ jobs:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v3
|
||||
with:
|
||||
path: source
|
||||
fetch-depth: 0
|
||||
ref: ${{ github.event.pull_request.head.sha }}
|
||||
|
||||
- name: Download skeleton
|
||||
uses: actions/download-artifact@v3
|
||||
with:
|
||||
name: bpf_probe_${{ inputs.arch }}.skel.h
|
||||
path: /tmp
|
||||
|
||||
- name: Install build dependencies
|
||||
run: |
|
||||
mkdir deps && cd deps
|
||||
apt update -y
|
||||
DEBIAN_FRONTEND=noninteractive apt install -y --no-install-recommends ca-certificates cmake build-essential clang-14 git pkg-config autoconf automake libelf-dev
|
||||
update-alternatives --install /usr/bin/clang clang /usr/bin/clang-14 90
|
||||
update-alternatives --install /usr/bin/llvm-strip llvm-strip /usr/bin/llvm-strip-14 90
|
||||
git clone https://github.com/libbpf/bpftool.git --branch v7.0.0 --single-branch
|
||||
cd bpftool
|
||||
git submodule update --init
|
||||
cd src && make install
|
||||
yum -y install centos-release-scl
|
||||
yum -y install devtoolset-9-gcc devtoolset-9-gcc-c++
|
||||
source /opt/rh/devtoolset-9/enable
|
||||
yum install -y git wget make m4 rpm-build
|
||||
|
||||
- name: Build modern BPF skeleton
|
||||
- name: Install updated cmake
|
||||
run: |
|
||||
cd source
|
||||
mkdir skeleton-build && cd skeleton-build
|
||||
cmake -DUSE_BUNDLED_DEPS=ON -DBUILD_FALCO_MODERN_BPF=ON -DCREATE_TEST_TARGETS=Off ..
|
||||
make ProbeSkeleton
|
||||
curl -L -o /tmp/cmake.tar.gz https://github.com/Kitware/CMake/releases/download/v3.22.5/cmake-3.22.5-linux-$(uname -m).tar.gz
|
||||
gzip -d /tmp/cmake.tar.gz
|
||||
tar -xpf /tmp/cmake.tar --directory=/tmp
|
||||
cp -R /tmp/cmake-3.22.5-linux-$(uname -m)/* /usr
|
||||
rm -rf /tmp/cmake-3.22.5-linux-$(uname -m)
|
||||
|
||||
- name: Build Falco packages
|
||||
- name: Prepare project
|
||||
run: |
|
||||
mkdir -p source/build
|
||||
DOCKER_BUILDKIT=1 docker build \
|
||||
-f ${{ github.workspace }}/source/docker/builder/modern-falco-builder.Dockerfile \
|
||||
--output type=local,dest=${{ github.workspace }}/source/build \
|
||||
--build-arg CMAKE_OPTIONS="\
|
||||
mv /tmp/bpf_probe_${{ inputs.arch }}.skel.h /tmp/bpf_probe.skel.h
|
||||
mkdir build && cd build
|
||||
source /opt/rh/devtoolset-9/enable
|
||||
cmake \
|
||||
-DCMAKE_BUILD_TYPE=Release \
|
||||
-DUSE_BUNDLED_DEPS=On \
|
||||
-DFALCO_ETC_DIR=/etc/falco \
|
||||
-DBUILD_FALCO_MODERN_BPF=ON \
|
||||
-DMODERN_BPF_SKEL_DIR=/source/skeleton-build/skel_dir \
|
||||
-DMODERN_BPF_SKEL_DIR=/tmp \
|
||||
-DBUILD_DRIVER=Off \
|
||||
-DBUILD_BPF=Off" \
|
||||
--build-arg DEST_BUILD_DIR=${{ github.workspace }}/source/build \
|
||||
${{ github.workspace }}/source
|
||||
-DBUILD_BPF=Off \
|
||||
..
|
||||
|
||||
- name: Load and store Falco version output
|
||||
id: store_version
|
||||
run: |
|
||||
FALCO_VERSION=$(cat ${{ github.workspace }}/source/build/userspace/falco/config_falco.h | grep 'FALCO_VERSION ' | cut -d' ' -f3 | sed -e 's/^"//' -e 's/"$//')
|
||||
FALCO_VERSION=$(cat build/userspace/falco/config_falco.h | grep 'FALCO_VERSION ' | cut -d' ' -f3 | sed -e 's/^"//' -e 's/"$//')
|
||||
echo "version=${FALCO_VERSION}" >> $GITHUB_OUTPUT
|
||||
|
||||
- name: Build project
|
||||
run: |
|
||||
cd build
|
||||
make falco -j6
|
||||
|
||||
- name: Build packages
|
||||
run: |
|
||||
cd build
|
||||
make package
|
||||
|
||||
- name: Upload Falco tar.gz package
|
||||
uses: actions/upload-artifact@v3
|
||||
with:
|
||||
name: falco-${{ steps.store_version.outputs.version }}-${{ inputs.arch }}.tar.gz
|
||||
path: |
|
||||
${{ github.workspace }}/source/build/packages/falco-*.tar.gz
|
||||
${{ github.workspace }}/build/packages/falco-*.tar.gz
|
||||
|
||||
- name: Upload Falco deb package
|
||||
uses: actions/upload-artifact@v3
|
||||
with:
|
||||
name: falco-${{ steps.store_version.outputs.version }}-${{ inputs.arch }}.deb
|
||||
path: |
|
||||
${{ github.workspace }}/source/build/packages/falco-*.deb
|
||||
${{ github.workspace }}/build/packages/falco-*.deb
|
||||
|
||||
- name: Upload Falco rpm package
|
||||
uses: actions/upload-artifact@v3
|
||||
with:
|
||||
name: falco-${{ steps.store_version.outputs.version }}-${{ inputs.arch }}.rpm
|
||||
path: |
|
||||
${{ github.workspace }}/source/build/packages/falco-*.rpm
|
||||
${{ github.workspace }}/build/packages/falco-*.rpm
|
||||
|
||||
build-musl-package:
|
||||
needs: build-packages
|
||||
# x86_64 only for now
|
||||
if: ${{ inputs.arch == 'x86_64' }}
|
||||
runs-on: ubuntu-latest
|
||||
container:
|
||||
image: alpine:3.17
|
||||
|
||||
container: alpine:3.17
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v3
|
||||
with:
|
||||
path: source
|
||||
fetch-depth: 0
|
||||
ref: ${{ github.event.pull_request.head.sha }}
|
||||
|
||||
- name: Install build dependencies
|
||||
run: |
|
||||
@ -114,7 +144,7 @@ jobs:
|
||||
- name: Prepare project
|
||||
run: |
|
||||
mkdir build && cd build
|
||||
cmake -DCPACK_GENERATOR=TGZ -DBUILD_BPF=Off -DBUILD_DRIVER=Off -DCMAKE_BUILD_TYPE=Release -DUSE_BUNDLED_DEPS=On -DUSE_BUNDLED_LIBELF=Off -DBUILD_LIBSCAP_MODERN_BPF=ON -DMUSL_OPTIMIZED_BUILD=On -DFALCO_ETC_DIR=/etc/falco /source-static/falco
|
||||
cmake -DCPACK_GENERATOR=TGZ -DBUILD_BPF=Off -DBUILD_DRIVER=Off -DCMAKE_BUILD_TYPE=Release -DUSE_BUNDLED_DEPS=On -DUSE_BUNDLED_LIBELF=Off -DBUILD_LIBSCAP_MODERN_BPF=ON -DMUSL_OPTIMIZED_BUILD=On -DFALCO_ETC_DIR=/etc/falco ../
|
||||
|
||||
- name: Build project
|
||||
run: |
|
||||
|
||||
37
.github/workflows/reusable_publish_docker.yaml
vendored
37
.github/workflows/reusable_publish_docker.yaml
vendored
@ -1,11 +1,6 @@
|
||||
# This is a reusable workflow used by master and release CI
|
||||
on:
|
||||
workflow_call:
|
||||
inputs:
|
||||
tagname:
|
||||
description: master or tag name
|
||||
required: true
|
||||
type: string
|
||||
|
||||
jobs:
|
||||
publish-docker:
|
||||
@ -24,29 +19,29 @@ jobs:
|
||||
- name: Create and push no-driver manifest
|
||||
uses: Noelware/docker-manifest-action@master
|
||||
with:
|
||||
inputs: falcosecurity/falco-no-driver:${{ inputs.tagname }}
|
||||
images: falcosecurity/falco-no-driver:aarch64-${{ inputs.tagname }},falcosecurity/falco-no-driver:x86_64-${{ inputs.tagname }}
|
||||
inputs: falcosecurity/falco-no-driver:${{ github.ref_name }}
|
||||
images: falcosecurity/falco-no-driver:aarch64-${{ github.ref_name }},falcosecurity/falco-no-driver:x86_64-${{ github.ref_name }}
|
||||
push: true
|
||||
|
||||
- name: Create and push slim manifest
|
||||
uses: Noelware/docker-manifest-action@master
|
||||
with:
|
||||
inputs: falcosecurity/falco:${{ inputs.tagname }}-slim
|
||||
images: falcosecurity/falco:aarch64-${{ inputs.tagname }}-slim,falcosecurity/falco:x86_64-${{ inputs.tagname }}-slim
|
||||
inputs: falcosecurity/falco:${{ github.ref_name }}-slim
|
||||
images: falcosecurity/falco:aarch64-${{ github.ref_name }}-slim,falcosecurity/falco:x86_64-${{ github.ref_name }}-slim
|
||||
push: true
|
||||
|
||||
- name: Create and push no-driver manifest for ecr
|
||||
uses: Noelware/docker-manifest-action@master
|
||||
with:
|
||||
inputs: public.ecr.aws/falcosecurity/falco-no-driver:${{ inputs.tagname }}
|
||||
images: public.ecr.aws/falcosecurity/falco-no-driver:aarch64-${{ inputs.tagname }},public.ecr.aws/falcosecurity/falco-no-driver:x86_64-${{ inputs.tagname }}
|
||||
inputs: public.ecr.aws/falcosecurity/falco-no-driver:${{ github.ref_name }}
|
||||
images: public.ecr.aws/falcosecurity/falco-no-driver:aarch64-${{ github.ref_name }},public.ecr.aws/falcosecurity/falco-no-driver:x86_64-${{ github.ref_name }}
|
||||
push: true
|
||||
|
||||
- name: Create and push slim manifest for ecr
|
||||
uses: Noelware/docker-manifest-action@master
|
||||
with:
|
||||
inputs: public.ecr.aws/falcosecurity/falco:${{ inputs.tagname }}-slim
|
||||
images: public.ecr.aws/falcosecurity/falco:aarch64-${{ inputs.tagname }}-slim,public.ecr.aws/falcosecurity/falco:x86_64-${{ inputs.tagname }}-slim
|
||||
inputs: public.ecr.aws/falcosecurity/falco:${{ github.ref_name }}-slim
|
||||
images: public.ecr.aws/falcosecurity/falco:aarch64-${{ github.ref_name }}-slim,public.ecr.aws/falcosecurity/falco:x86_64-${{ github.ref_name }}-slim
|
||||
push: true
|
||||
|
||||
- name: Create and push no-driver latest manifest
|
||||
@ -84,15 +79,15 @@ jobs:
|
||||
- name: Create and push falco manifest
|
||||
uses: Noelware/docker-manifest-action@master
|
||||
with:
|
||||
inputs: falcosecurity/falco:${{ inputs.tagname }}
|
||||
images: falcosecurity/falco:aarch64-${{ inputs.tagname }},falcosecurity/falco:x86_64-${{ inputs.tagname }}
|
||||
inputs: falcosecurity/falco:${{ github.ref_name }}
|
||||
images: falcosecurity/falco:aarch64-${{ github.ref_name }},falcosecurity/falco:x86_64-${{ github.ref_name }}
|
||||
push: true
|
||||
|
||||
- name: Create and push falco manifest for ecr
|
||||
uses: Noelware/docker-manifest-action@master
|
||||
with:
|
||||
inputs: public.ecr.aws/falcosecurity/falco:${{ inputs.tagname }}
|
||||
images: public.ecr.aws/falcosecurity/falco:aarch64-${{ inputs.tagname }},public.ecr.aws/falcosecurity/falco:x86_64-${{ inputs.tagname }}
|
||||
inputs: public.ecr.aws/falcosecurity/falco:${{ github.ref_name }}
|
||||
images: public.ecr.aws/falcosecurity/falco:aarch64-${{ github.ref_name }},public.ecr.aws/falcosecurity/falco:x86_64-${{ github.ref_name }}
|
||||
push: true
|
||||
|
||||
- name: Create and push falco latest manifest
|
||||
@ -114,15 +109,15 @@ jobs:
|
||||
- name: Create and push falco-driver-loader manifest
|
||||
uses: Noelware/docker-manifest-action@master
|
||||
with:
|
||||
inputs: falcosecurity/falco-driver-loader:${{ inputs.tagname }}
|
||||
images: falcosecurity/falco-driver-loader:aarch64-${{ inputs.tagname }},falcosecurity/falco-driver-loader:x86_64-${{ inputs.tagname }}
|
||||
inputs: falcosecurity/falco-driver-loader:${{ github.ref_name }}
|
||||
images: falcosecurity/falco-driver-loader:aarch64-${{ github.ref_name }},falcosecurity/falco-driver-loader:x86_64-${{ github.ref_name }}
|
||||
push: true
|
||||
|
||||
- name: Create and push falco-driver-loader manifest for ecr
|
||||
uses: Noelware/docker-manifest-action@master
|
||||
with:
|
||||
inputs: public.ecr.aws/falcosecurity/falco-driver-loader:${{ inputs.tagname }}
|
||||
images: public.ecr.aws/falcosecurity/falco-driver-loader:aarch64-${{ inputs.tagname }},public.ecr.aws/falcosecurity/falco-driver-loader:x86_64-${{ inputs.tagname }}
|
||||
inputs: public.ecr.aws/falcosecurity/falco-driver-loader:${{ github.ref_name }}
|
||||
images: public.ecr.aws/falcosecurity/falco-driver-loader:aarch64-${{ github.ref_name }},public.ecr.aws/falcosecurity/falco-driver-loader:x86_64-${{ github.ref_name }}
|
||||
push: true
|
||||
|
||||
- name: Create and push falco-driver-loader latest manifest
|
||||
|
||||
33
.github/workflows/reusable_publish_packages.yaml
vendored
33
.github/workflows/reusable_publish_packages.yaml
vendored
@ -15,15 +15,10 @@ on:
|
||||
jobs:
|
||||
publish-packages:
|
||||
runs-on: ubuntu-latest
|
||||
container:
|
||||
image: docker.io/centos:7
|
||||
container: docker.io/centos:7
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v3
|
||||
with:
|
||||
path: source
|
||||
fetch-depth: 0
|
||||
ref: ${{ github.event.pull_request.head.sha }}
|
||||
|
||||
- name: Install dependencies
|
||||
run: |
|
||||
@ -35,7 +30,8 @@ jobs:
|
||||
- name: Download all artifacts
|
||||
uses: actions/download-artifact@v3
|
||||
with:
|
||||
path: $RUNNER_TEMP
|
||||
name: falco-*
|
||||
path: /tmp
|
||||
|
||||
- name: Import gpg key
|
||||
run: |
|
||||
@ -54,33 +50,28 @@ jobs:
|
||||
expect eof
|
||||
EOF
|
||||
chmod +x ~/sign
|
||||
~/sign $RUNNER_TEMP/falco-*.rpm
|
||||
rpm --qf %{SIGPGP:pgpsig} -qp $RUNNER_TEMP/falco-*.rpm | grep SHA256
|
||||
~/sign /tmp/falco-*.rpm
|
||||
rpm --qf %{SIGPGP:pgpsig} -qp /tmp/falco-*.rpm | grep SHA256
|
||||
|
||||
- name: Publish rpm
|
||||
run: |
|
||||
./scripts/publish-rpm -f $RUNNER_TEMP/falco-${{ inputs.version }}-x86_64.rpm -f $RUNNER_TEMP/falco-${{ inputs.version }}-aarch64.rpm -r rpm${{ inputs.bucket }}
|
||||
./scripts/publish-rpm -f /tmp/falco-${{ inputs.version }}-x86_64.rpm -f /tmp/falco-${{ inputs.version }}-aarch64.rpm -r rpm${{ inputs.bucket }}
|
||||
|
||||
- name: Publish bin
|
||||
run: |
|
||||
./scripts/publish-bin -f $RUNNER_TEMP/falco-${{ inputs.version }}-x86_64.tar.gz -r bin${{ inputs.bucket }} -a x86_64
|
||||
./scripts/publish-bin -f $RUNNER_TEMP/falco-${{ inputs.version }}-aarch64.tar.gz -r bin${{ inputs.bucket }} -a aarch64
|
||||
./scripts/publish-bin -f /tmp/falco-${{ inputs.version }}-x86_64.tar.gz -r bin${{ inputs.bucket }} -a x86_64
|
||||
./scripts/publish-bin -f /tmp/falco-${{ inputs.version }}-aarch64.tar.gz -r bin${{ inputs.bucket }} -a aarch64
|
||||
|
||||
- name: Publish static
|
||||
run: |
|
||||
./scripts/publish-bin -f $RUNNER_TEMP/falco-${{ inputs.version }}-static-x86_64.tar.gz -r bin${{ inputs.bucket }} -a x86_64
|
||||
./scripts/publish-bin -f /tmp/falco-${{ inputs.version }}-static-x86_64.tar.gz -r bin${{ inputs.bucket }} -a x86_64
|
||||
|
||||
publish-packages-deb:
|
||||
runs-on: ubuntu-latest
|
||||
container:
|
||||
image: docker.io/debian:stable
|
||||
container: docker.io/debian:stable
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v3
|
||||
with:
|
||||
path: source
|
||||
fetch-depth: 0
|
||||
ref: ${{ github.event.pull_request.head.sha }}
|
||||
|
||||
- name: Install dependencies
|
||||
run: |
|
||||
@ -92,7 +83,7 @@ jobs:
|
||||
uses: actions/download-artifact@v3
|
||||
with:
|
||||
name: falco-${{ inputs.version }}-*.deb
|
||||
path: $RUNNER_TEMP
|
||||
path: /tmp
|
||||
|
||||
- name: Import gpg key
|
||||
run: |
|
||||
@ -100,6 +91,6 @@ jobs:
|
||||
|
||||
- name: Publish deb
|
||||
run: |
|
||||
./scripts/publish-deb -f $RUNNER_TEMP/falco-${{ inputs.version }}-x86_64.deb -f $RUNNER_TEMP/falco-${{ inputs.version }}-aarch64.deb -r deb${{ inputs.bucket }}
|
||||
./scripts/publish-deb -f /tmp/falco-${{ inputs.version }}-x86_64.deb -f /tmp/falco-${{ inputs.version }}-aarch64.deb -r deb${{ inputs.bucket }}
|
||||
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user