CI #1724
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches: [master] | |
workflow_dispatch: | |
schedule: | |
- cron: "0 7 * * *" | |
permissions: | |
contents: write | |
issues: read | |
#pull-requests: write # to be able to comment on released pull requests | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
persist-credentials: false # This is important if you have branch protection rules! | |
- name: Semantic Release | |
uses: cycjimmy/semantic-release-action@v4 | |
with: | |
branch: 'master' | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Get Semantic Release Version | |
id: get-version | |
run: echo "::set-output name=version::$(grep -oP '\[\d+\.\d+\.\d+\]' CHANGELOG.md | tr -d '[]')" | |
- name: show version | |
run: | | |
echo "Semantic Release Version: ${{ steps.get-version.outputs.version }}" | |
- name: setup qemu for multi-arch build | |
uses: docker/setup-qemu-action@v2 | |
with: | |
platforms: amd64,arm64 | |
- name: setup buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Log in to Docker Hub | |
uses: docker/login-action@v2 | |
with: | |
#registry: registry.hub.docker.com | |
username: wurstbrot | |
password: ${{ secrets.HUB_TOKEN }} | |
- name: create and push dsomm image | |
uses: docker/build-push-action@v3 | |
with: | |
push: true | |
platforms: linux/amd64,linux/arm64 | |
tags: wurstbrot/dsomm:${{ steps.get-version.outputs.version }},wurstbrot/dsomm:latest | |
# Commit all changed files back to the repository | |
- uses: planetscale/ghcommit-action@v0.1.6 | |
with: | |
commit_message: "🤖 fmt" | |
repo: ${{ github.repository }} | |
branch: ${{ github.head_ref || github.ref_name }} | |
env: | |
GITHUB_TOKEN: ${{secrets.ACCESS_TOKEN}} | |
heroku: | |
if: github.repository == 'devsecopsmaturitymodel/DevSecOps-MaturityModel' && github.event_name == 'push' && github.ref == 'refs/heads/master' | |
runs-on: ubuntu-latest | |
steps: | |
- name: "Check out Git repository" | |
uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac #v4.0.0 | |
- name: "Set Heroku app & branch for ${{ github.ref }}" | |
run: | | |
echo $GITHUB_REF | |
if [ "$GITHUB_REF" == "refs/heads/master" ]; then | |
echo "HEROKU_APP=" >> $GITHUB_ENV | |
echo "HEROKU_BRANCH=master" >> $GITHUB_ENV | |
fi | |
echo "HEROKU_BRANCH=master" >> $GITHUB_ENV | |
- name: "Deploy ${{ github.ref }} to Heroku" | |
uses: akhileshns/heroku-deploy@9fd0f9faae4aa93a38d6f5e25b9128589f1371b0 #v3.12.14 | |
with: | |
heroku_api_key: ${{ secrets.HEROKU_API_KEY }} | |
heroku_app_name: "dsomm" | |
heroku_email: timo.pagel@owasp.org | |
branch: ${{ env.HEROKU_BRANCH }} | |
usedocker: true |