Skip to content
Build

Merge pull request #98 from SpecterOps/steve/bi-1102/tag-push-ecr #252

Sign in to view logs

Merge pull request #98 from SpecterOps/steve/bi-1102/tag-push-ecr

Merge pull request #98 from SpecterOps/steve/bi-1102/tag-push-ecr #252

Workflow file for this run

.github/workflows/build.yml at 00c7a01
name: Build
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
jobs:
test:
runs-on: ubuntu-latest
defaults:
run:
shell: bash
steps:
- uses: actions/checkout@v3
- name: Setup Go
uses: actions/setup-go@v3
with:
go-version-file: go.mod
check-latest: true
cache: true
- name: Test
run: go test ./...
containerize:
runs-on: ubuntu-latest
permissions:
packages: write
defaults:
run:
shell: bash
steps:
- uses: actions/checkout@v3
- name: Log in to the Container registry
uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata
id: meta
uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
with:
images: ghcr.io/bloodhoundad/azurehound
tags: |
type=edge,branch=main
- name: Build Container Image
uses: docker/build-push-action@v3
with:
context: .
build-args: VERSION=v0.0.0-rolling+${{ github.sha }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
push: ${{ ! startsWith(github.event_name, 'pull_request') }}
- name: Configure AWS credentials
if: ${{ ! startsWith(github.event_name, 'pull_request') }}
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.ECR_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.ECR_AWS_SECRET_ACCESS_KEY }}
aws-region: 'us-east-1'
- name: Login to Amazon ECR
if: ${{ ! startsWith(github.event_name, 'pull_request') }}
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2
- name: Retag and push image to Amazon ECR
if: ${{ ! startsWith(github.event_name, 'pull_request') }}
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: production/azurehound
IMAGE_TAG: 'edge'
run: |
docker image tag ghcr.io/bloodhoundad/azurehound:edge $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
build:
runs-on: ubuntu-latest
defaults:
run:
shell: bash
strategy:
matrix:
os:
- darwin
- linux
- windows
arch:
- amd64
- arm64
steps:
- uses: actions/checkout@v3
- name: Setup Go
uses: actions/setup-go@v3
with:
go-version-file: go.mod
check-latest: true
cache: true
- name: Build
run: 'go build -ldflags="-s -w -X github.com/bloodhoundad/azurehound/v2/constants.Version=v0.0.0-rolling+${{ github.sha }}"'
env:
GOOS: ${{ matrix.os }}
GOARCH: ${{ matrix.arch }}
- name: Zip
if: "! startsWith(github.event_name, 'pull_request')"
run: 7z a -tzip -mx9 azurehound-${{ matrix.os }}-${{ matrix.arch }}.zip azurehound*
- name: Compute Checksum
if: "! startsWith(github.event_name, 'pull_request')"
run: sha256sum azurehound-${{ matrix.os }}-${{ matrix.arch }}.zip > azurehound-${{ matrix.os }}-${{ matrix.arch }}.zip.sha256
- name: Update Rolling Release
if: "! startsWith(github.event_name, 'pull_request')"
uses: softprops/action-gh-release@v1
with:
name: Rolling Release (unstable)
tag_name: rolling
prerelease: true
files: |
azurehound-${{ matrix.os }}-${{ matrix.arch }}.zip
azurehound-${{ matrix.os }}-${{ matrix.arch }}.zip.sha256
body: |
Rolling release of AzureHound compiled from source (${{ github.sha }})
This is automatically kept up-to-date with the `${{ github.ref_name }}` ${{ github.ref_type }}