Skip to content
Release (Nightly)

Release (Nightly) #333

Sign in to view logs

Release (Nightly)

Release (Nightly) #333

Workflow file for this run

.github/workflows/nightly.yml at f0a8d8c
name: Release (Nightly)
on:
workflow_dispatch:
schedule:
- cron: "30 22 * * *" # nightly @ 10:30 PM UTC
permissions:
contents: write
packages: write
jobs:
nightly-build:
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
include:
- os: ubuntu-latest
name: linux
- os: macos-latest
name: darwin
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: actions/setup-go@v4
with:
go-version: "1.20"
check-latest: true
cache: true
- uses: actions/cache@v3
with:
path: _tools/
key: ${{ runner.os }}-go-tools${{ hashFiles('_tools/go.sum') }}
restore-keys: |
${{ runner.os }}-go-tools-
- uses: actions/setup-node@v3
with:
node-version: "18"
- name: Install GCC for arm64
if: matrix.os == 'ubuntu-latest'
run: |
sudo apt-get update && \
sudo apt-get install -y gcc-aarch64-linux-gnu
- name: Install Quill
if: matrix.os == 'macos-latest'
run: |
curl -sSfL https://raw.githubusercontent.com/anchore/quill/main/install.sh | sh -s -- -b $GITHUB_WORKSPACE/bin
echo "${GITHUB_WORKSPACE}/bin" >> $GITHUB_PATH
- name: Install Mage
uses: magefile/mage-action@v3
with:
install-only: true
- name: Prep Build
run: mage prep
- name: GoReleaser (Nightly) Build
uses: goreleaser/goreleaser-action@v5
with:
distribution: goreleaser-pro
version: latest
args: release --clean --nightly -f .goreleaser.${{ matrix.name }}.yml
env:
GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
ANALYTICS_KEY: ${{ secrets.ANALYTICS_KEY }}
QUILL_SIGN_P12: ${{ secrets.QUILL_SIGN_P12 }}
QUILL_SIGN_PASSWORD: ${{ secrets.QUILL_SIGN_PASSWORD }}
- uses: actions/upload-artifact@v3
with:
name: flipt-nightly-${{ matrix.name }}
path: dist/flipt_${{ matrix.name }}_*/flipt
nightly-release:
runs-on: ubuntu-latest
needs: nightly-build
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: actions/setup-go@v4
with:
go-version: "1.20"
check-latest: true
cache: true
- uses: docker/setup-qemu-action@v3
- uses: docker/setup-buildx-action@v3
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_TOKEN }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: "${{ github.repository_owner }}"
password: ${{ secrets.GITHUB_TOKEN }}
- uses: actions/download-artifact@v3
with:
name: flipt-nightly-linux
path: tmp/dist
- uses: actions/download-artifact@v3
with:
name: flipt-nightly-darwin
path: tmp/dist
- name: Install Syft
run: |
curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin
- name: GoReleaser (Nightly) Release
uses: goreleaser/goreleaser-action@v5
with:
distribution: goreleaser-pro
version: latest
args: release --nightly -f .goreleaser.nightly.yml
env:
GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
stackhawk:
name: HawkScan
runs-on: ubuntu-latest
needs: nightly-release
services:
flipt:
image: flipt/flipt:nightly # <-- this is the image name from the previous job
ports:
- 8080:8080
steps:
- uses: actions/checkout@v4
- name: Download OpenAPI Spec
run: |
curl -s -o openapi.yml https://raw.githubusercontent.com/flipt-io/flipt-openapi/main/openapi.yml
- name: Update HawkScan Configuration
uses: mikefarah/yq@master
with:
cmd: yq -i '.app.env = "Nightly"' stackhawk.yml
- name: Run HawkScan
uses: stackhawk/[email protected]
with:
apiKey: ${{ secrets.HAWK_API_KEY }}