cogni #9
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # this is our action playground which is triggered whenever this file is changes | |
| name: playground | |
| on: | |
| push: | |
| paths: [ '.github/workflows/playground.yml' ] | |
| env: | |
| CONFLUENT_TOPIC: angkor.system.dev | |
| jobs: | |
| test: | |
| name: Play | |
| strategy: | |
| matrix: | |
| # platform: [ubuntu-latest, macos-latest, windows-latest] | |
| platform: [ubuntu-latest] | |
| runs-on: ${{matrix.platform}} | |
| steps: | |
| - name: Install latest rubin Kafka Record producer | |
| if: github.ref == format('refs/heads/{0}', github.event.repository.default_branch) # run only on main | |
| run: | | |
| curl -LsSo ${{ runner.temp }}/rubin.zip $(curl -LsS 'https://api.github.com/repos/tillkuhn/rubin/releases/latest' | jq -r '.assets[] | select(.name|endswith("linux_amd64.zip")).browser_download_url') | |
| unzip ${{ runner.temp }}/rubin.zip -d ${{ runner.temp }} && chmod u+g ${{ runner.temp }}/rubin | |
| - name: Publish additional Kafka Event | |
| id: test-kafka-messaging | |
| if: github.ref == format('refs/heads/{0}', github.event.repository.default_branch) # run only on main | |
| run: | | |
| ${{ runner.temp }}/rubin -ce -key "${GITHUB_REPOSITORY}/$GITHUB_JOB" \ | |
| -source "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" \ | |
| -type "net.timafe.event.ci.published.v1" -subject "${{ secrets.DOCKER_USERNAME }}/angkor-ui:latest" \ | |
| -record "{\"cognito\":\"${{secrets.SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_COGNITO_ISSUER_URI}}\",\"version\":\"${GITHUB_REF#refs/*/}\",\"commit\":\"$GITHUB_SHA\",\"repository\":\"$GITHUB_REPOSITORY\",\"actor\":\"$GITHUB_ACTOR\"}" \ | |
| -header "producer=rubin" | |
| env: | |
| KAFKA_PRODUCER_TOPIC_URL: ${{ secrets.KAFKA_PRODUCER_TOPIC_URL }} | |
| KAFKA_PRODUCER_API_SECRET: ${{ secrets.KAFKA_PRODUCER_API_SECRET }} | |
| # # test hcp secrets integration | |
| # - shell: bash | |
| # env: | |
| # # shared with HCP Vault | |
| # CONFLUENT_CLUSTER_ID: ${{ secrets.CONFLUENT_CLUSTER_ID }} | |
| # CONFLUENT_CLUSTER_REST_ENDPOINT: ${{ secrets.CONFLUENT_CLUSTER_REST_ENDPOINT }} | |
| # CONFLUENT_PRODUCER_BASIC_AUTH: ${{ secrets.CONFLUENT_PRODUCER_BASIC_AUTH }} | |
| # # default variables: https://docs.github.com/en/actions/learn-github-actions/variables#default-environment-variables | |
| # # optimize json quoting https://superuser.com/questions/1650325/setting-variable-inside-curl-json-request-with-single-quotes-in-bash | |
| # run: | | |
| # curl -isSH "Content-Type:application/json" -H "Authorization:Basic $CONFLUENT_PRODUCER_BASIC_AUTH" \ | |
| # "$CONFLUENT_CLUSTER_REST_ENDPOINT/kafka/v3/clusters/$CONFLUENT_CLUSTER_ID/topics/$CONFLUENT_TOPIC/records" \ | |
| # -d '{"key":{"type":"BINARY","data":"'$key'"},"value":{"type":"JSON","data":{"sha":"'$GITHUB_SHA'","workflow":"'$GITHUB_WORKFLOW'"}}}' |