Don't use dot name for snyk policy file #62
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Main | |
| on: | |
| push: | |
| branches: | |
| - main | |
| jobs: | |
| pre-build: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| image_tag: ${{ steps.prep.outputs.image_tag }} | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Prepare | |
| id: prep | |
| run: | | |
| TAG=$(echo $GITHUB_SHA | head -c7) | |
| echo "image_tag=${TAG}" >> ${GITHUB_OUTPUT} | |
| build-test-push: | |
| needs: [pre-build] | |
| uses: cyber-dojo/reusable-actions-workflows/.github/workflows/kosli_build_test_push.yml@v0.0.11 | |
| secrets: | |
| KOSLI_API_TOKEN: ${{ secrets.KOSLI_API_TOKEN }} | |
| KOSLI_API_TOKEN_STAGING: ${{ secrets.KOSLI_API_TOKEN_STAGING }} | |
| DOCKER_PASS: ${{ secrets.DOCKER_PASS }} | |
| DOCKER_USER: ${{ secrets.DOCKER_USER }} | |
| SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} | |
| with: | |
| BUILD_COMMAND: "build_test_publish.sh" | |
| image_tag: ${{ needs.pre-build.outputs.image_tag }} | |
| AWS_ACCOUNT_ID: 244531986313 | |
| AWS_REGION: eu-central-1 | |
| ecr_registry: 244531986313.dkr.ecr.eu-central-1.amazonaws.com | |
| service_name: runner | |
| gh_actions_iam_role_name: gh_actions_services | |
| deploy-staging: | |
| needs: [pre-build, build-test-push] | |
| uses: cyber-dojo/reusable-actions-workflows/.github/workflows/kosli_deploy.yml@v0.0.11 | |
| permissions: | |
| id-token: write | |
| contents: write | |
| secrets: | |
| KOSLI_API_TOKEN: ${{ secrets.KOSLI_API_TOKEN }} | |
| KOSLI_API_TOKEN_STAGING: ${{ secrets.KOSLI_API_TOKEN_STAGING }} | |
| with: | |
| tagged_image: 244531986313.dkr.ecr.eu-central-1.amazonaws.com/runner:${{ needs.pre-build.outputs.image_tag }} | |
| AWS_ACCOUNT_ID: 244531986313 | |
| AWS_REGION: eu-central-1 | |
| gh_actions_iam_role_name: gh_actions_services | |
| environment_url: https://beta.cyber-dojo.org | |
| environment_name: staging | |
| cyber_dojo_env_name_aws: aws-beta | |
| kosli_host_staging: https://staging.app.kosli.com | |
| kosli_host_production: https://app.kosli.com | |
| deploy-prod: | |
| needs: [pre-build, build-test-push, deploy-staging] | |
| uses: cyber-dojo/reusable-actions-workflows/.github/workflows/kosli_deploy.yml@v0.0.11 | |
| permissions: | |
| id-token: write | |
| contents: write | |
| secrets: | |
| KOSLI_API_TOKEN: ${{ secrets.KOSLI_API_TOKEN }} | |
| KOSLI_API_TOKEN_STAGING: ${{ secrets.KOSLI_API_TOKEN_STAGING }} | |
| with: | |
| tagged_image: 274425519734.dkr.ecr.eu-central-1.amazonaws.com/runner:${{ needs.pre-build.outputs.image_tag }} | |
| AWS_ACCOUNT_ID: 274425519734 | |
| AWS_REGION: eu-central-1 | |
| gh_actions_iam_role_name: gh_actions_services | |
| environment_url: https://cyber-dojo.org | |
| environment_name: production | |
| cyber_dojo_env_name_aws: aws-prod | |
| kosli_host_staging: https://staging.app.kosli.com | |
| kosli_host_production: https://app.kosli.com |