Skip to content

Nightly Manager

Nightly Manager #470

name: 'Nightly Manager'
on:
workflow_dispatch: {}
schedule:
- cron: '0 20 * * *'
permissions:
contents: read
jobs:
master_basic_poc:
uses: imperva/dsfkit/.github/workflows/nightly_sonar_poc_basic_cli.yml@master
with:
branch: master
workspace: simple_cli_master_nightly
secrets:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
dev_basic_poc:
uses: imperva/dsfkit/.github/workflows/nightly_sonar_poc_basic_cli.yml@dev
with:
branch: dev
workspace: simple_cli_dev_nightly
secrets:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
master_single_account:
uses: imperva/dsfkit/.github/workflows/sonar_single_account_cli.yml@master
with:
branch: master
secrets:
AWS_ACCESS_KEY_ID_STAGE: ${{ secrets.AWS_ACCESS_KEY_ID_STAGE }}
AWS_SECRET_ACCESS_KEY_STAGE: ${{ secrets.AWS_SECRET_ACCESS_KEY_STAGE }}
JUMP_SERVER_KEY: ${{ secrets.JUMP_SERVER_KEY }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
dev_single_account:
uses: imperva/dsfkit/.github/workflows/sonar_single_account_cli.yml@dev
with:
branch: dev
secrets:
AWS_ACCESS_KEY_ID_STAGE: ${{ secrets.AWS_ACCESS_KEY_ID_STAGE }}
AWS_SECRET_ACCESS_KEY_STAGE: ${{ secrets.AWS_SECRET_ACCESS_KEY_STAGE }}
JUMP_SERVER_KEY: ${{ secrets.JUMP_SERVER_KEY }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
master_multi_account:
uses: imperva/dsfkit/.github/workflows/sonar_multi_account_cli.yml@master
with:
branch: master
secrets:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_ACCESS_KEY_ID_STAGE: ${{ secrets.AWS_ACCESS_KEY_ID_STAGE }}
AWS_SECRET_ACCESS_KEY_STAGE: ${{ secrets.AWS_SECRET_ACCESS_KEY_STAGE }}
JUMP_SERVER_KEY: ${{ secrets.JUMP_SERVER_KEY }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
# dev waits for master since they use the same constant resources - NAT, VPC, etc.
# In addition, dev can't run if master fails since master resources may still be up if the failure happened after
# apply, otherwise we could have added 'if: always()'.
dev_multi_account:
needs: master_multi_account
uses: imperva/dsfkit/.github/workflows/sonar_multi_account_cli.yml@dev
with:
branch: dev
secrets:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_ACCESS_KEY_ID_STAGE: ${{ secrets.AWS_ACCESS_KEY_ID_STAGE }}
AWS_SECRET_ACCESS_KEY_STAGE: ${{ secrets.AWS_SECRET_ACCESS_KEY_STAGE }}
JUMP_SERVER_KEY: ${{ secrets.JUMP_SERVER_KEY }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
master_dsf_single_account:
uses: imperva/dsfkit/.github/workflows/dsf_single_account_cli.yml@master
with:
branch: master
secrets:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_ACCESS_KEY_ID_STAGE: ${{ secrets.AWS_ACCESS_KEY_ID_STAGE }}
AWS_SECRET_ACCESS_KEY_STAGE: ${{ secrets.AWS_SECRET_ACCESS_KEY_STAGE }}
JUMP_SERVER_KEY: ${{ secrets.JUMP_SERVER_KEY }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
DAM_LICENSE: ${{ secrets.DAM_LICENSE }}
dev_dsf_single_account:
uses: imperva/dsfkit/.github/workflows/dsf_single_account_cli.yml@dev
with:
branch: dev
secrets:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_ACCESS_KEY_ID_STAGE: ${{ secrets.AWS_ACCESS_KEY_ID_STAGE }}
AWS_SECRET_ACCESS_KEY_STAGE: ${{ secrets.AWS_SECRET_ACCESS_KEY_STAGE }}
JUMP_SERVER_KEY: ${{ secrets.JUMP_SERVER_KEY }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
DAM_LICENSE: ${{ secrets.DAM_LICENSE }}
master_dsf_poc:
uses: imperva/dsfkit/.github/workflows/dsf_poc_cli.yml@master
with:
use_modules_from_terraform_registry: true
explicit_ref: master
secrets:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
DAM_LICENSE: ${{ secrets.DAM_LICENSE }}
ALLOWED_SSH_CIDRS: ${{secrets.ALLOWED_SSH_CIDRS }}
dev_dsf_poc:
uses: imperva/dsfkit/.github/workflows/dsf_poc_cli.yml@dev
with:
use_modules_from_terraform_registry: false
explicit_ref: dev
secrets:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
DAM_LICENSE: ${{ secrets.DAM_LICENSE }}
ALLOWED_SSH_CIDRS: ${{secrets.ALLOWED_SSH_CIDRS }}
master_dsf_poc_azure:
uses: imperva/dsfkit/.github/workflows/dsf_poc_cli_azure.yml@master
with:
use_modules_from_terraform_registry: true
explicit_ref: master
secrets:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
DAM_LICENSE: ${{ secrets.DAM_LICENSE }}
dev_dsf_poc_azure:
uses: imperva/dsfkit/.github/workflows/dsf_poc_cli_azure.yml@dev
with:
use_modules_from_terraform_registry: false
explicit_ref: dev
secrets:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
DAM_LICENSE: ${{ secrets.DAM_LICENSE }}
master_sonar_upgrade:
uses: imperva/dsfkit/.github/workflows/sonar_upgrade.yml@master
with:
use_modules_from_terraform_registry: true
explicit_ref: master
secrets:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
DAM_LICENSE: ${{ secrets.DAM_LICENSE }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
dev_sonar_upgrade:
uses: imperva/dsfkit/.github/workflows/sonar_upgrade.yml@dev
with:
use_modules_from_terraform_registry: false
explicit_ref: dev
secrets:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
DAM_LICENSE: ${{ secrets.DAM_LICENSE }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}