Update build.yml #254
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build | |
| on: | |
| push: | |
| branches: [ main ] | |
| pull_request: | |
| branches: [ main ] | |
| jobs: | |
| test: | |
| runs-on: ubuntu-latest | |
| defaults: | |
| run: | |
| shell: bash | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Setup Go | |
| uses: actions/setup-go@v3 | |
| with: | |
| go-version-file: go.mod | |
| check-latest: true | |
| cache: true | |
| - name: Test | |
| run: go test ./... | |
| containerize: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| packages: write | |
| defaults: | |
| run: | |
| shell: bash | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Login to GHCR | |
| uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.PACKAGE_SCOPE }} | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ secrets.ECR_AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.ECR_AWS_SECRET_ACCESS_KEY }} | |
| aws-region: 'us-east-1' | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| - name: Extract metadata | |
| id: meta | |
| uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38 | |
| with: | |
| images: | | |
| ghcr.io/bloodhoundad/azurehound | |
| ${{ steps.login-ecr.outputs.registry }}/production/azurehound | |
| tags: | | |
| type=edge,branch=main | |
| - name: Build Container Image | |
| uses: docker/build-push-action@v3 | |
| with: | |
| context: . | |
| build-args: VERSION=v0.0.0-rolling+${{ github.sha }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| push: ${{ ! startsWith(github.event_name, 'pull_request') }} | |
| build: | |
| runs-on: ubuntu-latest | |
| defaults: | |
| run: | |
| shell: bash | |
| strategy: | |
| matrix: | |
| os: | |
| - darwin | |
| - linux | |
| - windows | |
| arch: | |
| - amd64 | |
| - arm64 | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Setup Go | |
| uses: actions/setup-go@v3 | |
| with: | |
| go-version-file: go.mod | |
| check-latest: true | |
| cache: true | |
| - name: Build | |
| run: 'go build -ldflags="-s -w -X github.com/bloodhoundad/azurehound/v2/constants.Version=v0.0.0-rolling+${{ github.sha }}"' | |
| env: | |
| GOOS: ${{ matrix.os }} | |
| GOARCH: ${{ matrix.arch }} | |
| - name: Zip | |
| if: "! startsWith(github.event_name, 'pull_request')" | |
| run: 7z a -tzip -mx9 azurehound-${{ matrix.os }}-${{ matrix.arch }}.zip azurehound* | |
| - name: Compute Checksum | |
| if: "! startsWith(github.event_name, 'pull_request')" | |
| run: sha256sum azurehound-${{ matrix.os }}-${{ matrix.arch }}.zip > azurehound-${{ matrix.os }}-${{ matrix.arch }}.zip.sha256 | |
| - name: Update Rolling Release | |
| if: "! startsWith(github.event_name, 'pull_request')" | |
| uses: softprops/action-gh-release@v1 | |
| with: | |
| name: Rolling Release (unstable) | |
| tag_name: rolling | |
| prerelease: true | |
| files: | | |
| azurehound-${{ matrix.os }}-${{ matrix.arch }}.zip | |
| azurehound-${{ matrix.os }}-${{ matrix.arch }}.zip.sha256 | |
| body: | | |
| Rolling release of AzureHound compiled from source (${{ github.sha }}) | |
| This is automatically kept up-to-date with the `${{ github.ref_name }}` ${{ github.ref_type }} |