Nightly Manager #497
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 'Nightly Manager' | |
| on: | |
| workflow_dispatch: {} | |
| schedule: | |
| - cron: '0 20 * * *' | |
| permissions: | |
| contents: read | |
| jobs: | |
| master_basic_poc: | |
| uses: imperva/dsfkit/.github/workflows/nightly_sonar_poc_basic_cli.yml@master | |
| with: | |
| branch: master | |
| workspace: simple_cli_master_nightly | |
| secrets: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| DEPLOYMENT_TAGS: ${{ secrets.DEPLOYMENT_TAGS }} | |
| dev_basic_poc: | |
| uses: imperva/dsfkit/.github/workflows/nightly_sonar_poc_basic_cli.yml@dev | |
| with: | |
| branch: dev | |
| workspace: simple_cli_dev_nightly | |
| secrets: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| DEPLOYMENT_TAGS: ${{ secrets.DEPLOYMENT_TAGS }} | |
| master_single_account: | |
| uses: imperva/dsfkit/.github/workflows/sonar_single_account_cli.yml@master | |
| with: | |
| branch: master | |
| secrets: | |
| AWS_ACCESS_KEY_ID_STAGE: ${{ secrets.AWS_ACCESS_KEY_ID_STAGE }} | |
| AWS_SECRET_ACCESS_KEY_STAGE: ${{ secrets.AWS_SECRET_ACCESS_KEY_STAGE }} | |
| JUMP_SERVER_KEY: ${{ secrets.JUMP_SERVER_KEY }} | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| DEPLOYMENT_TAGS: ${{ secrets.DEPLOYMENT_TAGS }} | |
| dev_single_account: | |
| uses: imperva/dsfkit/.github/workflows/sonar_single_account_cli.yml@dev | |
| with: | |
| branch: dev | |
| secrets: | |
| AWS_ACCESS_KEY_ID_STAGE: ${{ secrets.AWS_ACCESS_KEY_ID_STAGE }} | |
| AWS_SECRET_ACCESS_KEY_STAGE: ${{ secrets.AWS_SECRET_ACCESS_KEY_STAGE }} | |
| JUMP_SERVER_KEY: ${{ secrets.JUMP_SERVER_KEY }} | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| DEPLOYMENT_TAGS: ${{ secrets.DEPLOYMENT_TAGS }} | |
| master_multi_account: | |
| uses: imperva/dsfkit/.github/workflows/sonar_multi_account_cli.yml@master | |
| with: | |
| branch: master | |
| secrets: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| AWS_ACCESS_KEY_ID_STAGE: ${{ secrets.AWS_ACCESS_KEY_ID_STAGE }} | |
| AWS_SECRET_ACCESS_KEY_STAGE: ${{ secrets.AWS_SECRET_ACCESS_KEY_STAGE }} | |
| JUMP_SERVER_KEY: ${{ secrets.JUMP_SERVER_KEY }} | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| DEPLOYMENT_TAGS: ${{ secrets.DEPLOYMENT_TAGS }} | |
| # dev waits for master since they use the same constant resources - NAT, VPC, etc. | |
| # In addition, dev can't run if master fails since master resources may still be up if the failure happened after | |
| # apply, otherwise we could have added 'if: always()'. | |
| dev_multi_account: | |
| needs: master_multi_account | |
| uses: imperva/dsfkit/.github/workflows/sonar_multi_account_cli.yml@dev | |
| with: | |
| branch: dev | |
| secrets: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| AWS_ACCESS_KEY_ID_STAGE: ${{ secrets.AWS_ACCESS_KEY_ID_STAGE }} | |
| AWS_SECRET_ACCESS_KEY_STAGE: ${{ secrets.AWS_SECRET_ACCESS_KEY_STAGE }} | |
| JUMP_SERVER_KEY: ${{ secrets.JUMP_SERVER_KEY }} | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| DEPLOYMENT_TAGS: ${{ secrets.DEPLOYMENT_TAGS }} | |
| master_dsf_single_account: | |
| uses: imperva/dsfkit/.github/workflows/dsf_single_account_cli.yml@master | |
| with: | |
| branch: master | |
| secrets: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| AWS_ACCESS_KEY_ID_STAGE: ${{ secrets.AWS_ACCESS_KEY_ID_STAGE }} | |
| AWS_SECRET_ACCESS_KEY_STAGE: ${{ secrets.AWS_SECRET_ACCESS_KEY_STAGE }} | |
| JUMP_SERVER_KEY: ${{ secrets.JUMP_SERVER_KEY }} | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| DAM_LICENSE: ${{ secrets.DAM_LICENSE }} | |
| DEPLOYMENT_TAGS: ${{ secrets.DEPLOYMENT_TAGS }} | |
| dev_dsf_single_account: | |
| uses: imperva/dsfkit/.github/workflows/dsf_single_account_cli.yml@dev | |
| with: | |
| branch: dev | |
| secrets: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| AWS_ACCESS_KEY_ID_STAGE: ${{ secrets.AWS_ACCESS_KEY_ID_STAGE }} | |
| AWS_SECRET_ACCESS_KEY_STAGE: ${{ secrets.AWS_SECRET_ACCESS_KEY_STAGE }} | |
| JUMP_SERVER_KEY: ${{ secrets.JUMP_SERVER_KEY }} | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| DAM_LICENSE: ${{ secrets.DAM_LICENSE }} | |
| DEPLOYMENT_TAGS: ${{ secrets.DEPLOYMENT_TAGS }} | |
| master_dsf_poc: | |
| uses: imperva/dsfkit/.github/workflows/dsf_poc_cli.yml@master | |
| with: | |
| use_modules_from_terraform_registry: true | |
| explicit_ref: master | |
| secrets: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| DAM_LICENSE: ${{ secrets.DAM_LICENSE }} | |
| ALLOWED_SSH_CIDRS: ${{secrets.ALLOWED_SSH_CIDRS }} | |
| DEPLOYMENT_TAGS: ${{ secrets.DEPLOYMENT_TAGS }} | |
| dev_dsf_poc: | |
| uses: imperva/dsfkit/.github/workflows/dsf_poc_cli.yml@dev | |
| with: | |
| use_modules_from_terraform_registry: false | |
| explicit_ref: dev | |
| secrets: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| DAM_LICENSE: ${{ secrets.DAM_LICENSE }} | |
| ALLOWED_SSH_CIDRS: ${{secrets.ALLOWED_SSH_CIDRS }} | |
| DEPLOYMENT_TAGS: ${{ secrets.DEPLOYMENT_TAGS }} | |
| master_dsf_poc_azure: | |
| uses: imperva/dsfkit/.github/workflows/dsf_poc_cli_azure.yml@master | |
| with: | |
| use_modules_from_terraform_registry: true | |
| explicit_ref: master | |
| secrets: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }} | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| DAM_LICENSE: ${{ secrets.DAM_LICENSE }} | |
| dev_dsf_poc_azure: | |
| uses: imperva/dsfkit/.github/workflows/dsf_poc_cli_azure.yml@dev | |
| with: | |
| use_modules_from_terraform_registry: false | |
| explicit_ref: dev | |
| secrets: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }} | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| DAM_LICENSE: ${{ secrets.DAM_LICENSE }} | |
| master_sonar_upgrade: | |
| uses: imperva/dsfkit/.github/workflows/sonar_upgrade.yml@master | |
| with: | |
| use_modules_from_terraform_registry: true | |
| explicit_ref: master | |
| secrets: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| DAM_LICENSE: ${{ secrets.DAM_LICENSE }} | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| DEPLOYMENT_TAGS: ${{ secrets.DEPLOYMENT_TAGS }} | |
| dev_sonar_upgrade: | |
| uses: imperva/dsfkit/.github/workflows/sonar_upgrade.yml@dev | |
| with: | |
| use_modules_from_terraform_registry: false | |
| explicit_ref: dev | |
| secrets: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| DAM_LICENSE: ${{ secrets.DAM_LICENSE }} | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| DEPLOYMENT_TAGS: ${{ secrets.DEPLOYMENT_TAGS }} |