Merge pull request #7 from arunaccuknox/main

Github Action push helm chart
accuknox · Mar 29, 2024 · 8317eda · 8317eda
2 parents 6085b50 + 8582938
commit 8317eda
Showing 1 changed file with 123 additions and 0 deletions.
diff --git a/.github/workflows/action.yaml b/.github/workflows/action.yaml
@@ -0,0 +1,123 @@
+name: Accuknox-Job Workflow
+on:
+  push:
+    tags:
+    - "v[0-9]+.[0-9]+.[0-9]+"
+    - "v[0-9]+.[0-9]+.[0-9]+-*"
+  pull_request_target:
+    branches:
+    - "*"
+
+
+env:
+  REPO: public.ecr.aws/k9v9d5v2
+  CHART_NAME_K8S: accuknox-cis-k8s
+  CHART_PATH_K8S: ./accuknox-cis-k8s
+  CHART_REVISION_NAME_K8S: accuknox-cis-k8s
+  CHART_NAME_K8TLS: accuknox-k8tls-job
+  CHART_PATH_K8TLS: ./accuknox-k8tls-job
+  CHART_REVISION_NAME_K8TLS: accuknox-k8tls-job
+  CHART_NAME_KIEM: accuknox-kiem-job
+  CHART_PATH_KIEM: ./accuknox-kiem-job
+  CHART_REVISION_NAME_KIEM: accuknox-kiem-job
+  AWS_ACCESS_KEY_ID: ${{ secrets.AWS_DEV_ACCESS_ID }}
+  AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_DEV_SECRET_ID }} 
+  AWS_REGION: us-east-1
+
+
+jobs:
+  tag-validate:
+    runs-on: ubuntu-latest
+    if: startsWith(github.ref, 'refs/tags/v')
+    steps:
+    - uses: rubenesp87/[email protected]
+      with:
+       version: ${{ github.ref_name }}
+
+
+  chart-validate-k8s:
+    runs-on: ubuntu-latest
+    if: always() && !contains(needs.tag-validate.result, 'failure')
+    needs: [tag-validate]
+    steps:
+    - name: Checkout source
+      uses: accuknox/common-gh-actions/actions/checkout-source@main 
+    - name: Validate helm chart 
+      uses: accuknox/common-gh-actions/actions/helm-check@main
+      with:
+        chart-path: ${{ env.CHART_PATH_K8S }}        
+        revision-name: ${{ env.CHART_REVISION_NAME_K8S }}         
+
+  chart-validate-k8tls:
+    runs-on: ubuntu-latest
+    if: always() && !contains(needs.tag-validate.result, 'failure')
+    needs: [tag-validate]
+    steps:
+    - name: Checkout source
+      uses: accuknox/common-gh-actions/actions/checkout-source@main 
+    - name: Validate helm chart 
+      uses: accuknox/common-gh-actions/actions/helm-check@main
+      with:
+        chart-path: ${{ env.CHART_PATH_K8TLS }}        
+        revision-name: ${{ env.CHART_REVISION_NAME_K8TLS }}  
+
+  chart-validate-kiem:
+    runs-on: ubuntu-latest
+    if: always() && !contains(needs.tag-validate.result, 'failure')
+    needs: [tag-validate]
+    steps:
+    - name: Checkout source
+      uses: accuknox/common-gh-actions/actions/checkout-source@main 
+    - name: Validate helm chart 
+      uses: accuknox/common-gh-actions/actions/helm-check@main
+      with:
+        chart-path: ${{ env.CHART_PATH_KIEM }}        
+        revision-name: ${{ env.CHART_REVISION_NAME_KIEM}}         
+
+  chart-push-k8s:
+    runs-on: ubuntu-latest 
+    needs: [chart-validate-k8s]
+    if: startsWith(github.ref, 'refs/tags/v')
+    steps:
+    - name: Checkout source
+      uses: accuknox/common-gh-actions/actions/checkout-source@main 
+    - name: Push helm chart to ECR
+      uses: accuknox/common-gh-actions/actions/helm-push@main
+      with:
+        chart-path: ${{ env.CHART_PATH_K8S }}
+        version: ${{ github.ref_name }}
+        ecr-region: ${{ env.AWS_REGION }}
+        ecr-repo: ${{ env.REPO }}
+        type: public
+
+  chart-push-k8tls:
+    runs-on: ubuntu-latest 
+    needs: [chart-validate-k8tls]
+    if: startsWith(github.ref, 'refs/tags/v')
+    steps:
+    - name: Checkout source
+      uses: accuknox/common-gh-actions/actions/checkout-source@main 
+    - name: Push helm chart to ECR
+      uses: accuknox/common-gh-actions/actions/helm-push@main
+      with:
+        chart-path: ${{ env.CHART_PATH_K8TLS }}
+        version: ${{ github.ref_name }}
+        ecr-region: ${{ env.AWS_REGION }}
+        ecr-repo: ${{ env.REPO }}
+        type: public
+
+  chart-push-kiem:
+    runs-on: ubuntu-latest 
+    needs: [chart-validate-kiem]
+    if: startsWith(github.ref, 'refs/tags/v')
+    steps:
+    - name: Checkout source
+      uses: accuknox/common-gh-actions/actions/checkout-source@main 
+    - name: Push helm chart to ECR
+      uses: accuknox/common-gh-actions/actions/helm-push@main
+      with:
+        chart-path: ${{ env.CHART_PATH_KIEM }}
+        version: ${{ github.ref_name }}
+        ecr-region: ${{ env.AWS_REGION }}
+        ecr-repo: ${{ env.REPO }}
+        type: public