Skip to content

fix pipeline for slides (#218) #35

fix pipeline for slides (#218)

fix pipeline for slides (#218) #35

name: Push Slides for Training and Publish to Prod Env
on:
push:
branches:
- master
paths:
- 'slides/**'
jobs:
push-slides:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v3
with:
submodules: recursive
-
name: Set up QEMU
uses: docker/setup-qemu-action@v2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
-
name: Login to Quay.io Container Registry
uses: docker/login-action@v2
with:
registry: quay.io
username: ${{ secrets.QUAYIO_USERNAME }}
password: ${{ secrets.QUAYIO_TOKEN }}
-
name: Build Slides Prod
uses: docker/build-push-action@v3
with:
context: .
file: ./slides/Dockerfile
secrets: |
"gitlab_pullsecret=${{ secrets.GITLAB_PULLSECRET }}"
push: true
tags: |
quay.io/puzzle/ansible-training-slides:latest
-
name: Run vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
image-ref: 'quay.io/puzzle/ansible-training-slides:latest'
format: 'table'
output: 'trivy-results.txt'
exit-code: '0'
ignore-unfixed: true
vuln-type: 'os'
severity: 'CRITICAL,HIGH'
-
name: Archive vulnerability scan results
uses: actions/upload-artifact@v3
with:
name: trivy-results-build
path: trivy-results.txt
-
name: Install Kubectl
uses: azure/setup-kubectl@v3
with:
version: v1.21.2
-
name: Deploy RevealJS Prod
env:
TRAINING_NAMESPACE: 'pitc-ansible-training-prod'
KUBE_TOKEN: '${{ secrets.OPENSHIFT_SA_TOKEN_PROD }}'
KUBE_URL: '${{ secrets.OPENSHIFT_API_URL }}'
run: |
kubectl rollout restart deployment/ansible-slides --server=$KUBE_URL --token=$KUBE_TOKEN --namespace $TRAINING_NAMESPACE