Skip to content

Fix checking device defender config (#474) #214

Fix checking device defender config (#474)

Fix checking device defender config (#474) #214

Workflow file for this run

name: Release CI
# When all workflows have passed and the pre-release branch is merged to main branch this workflow will build and publish
# the Docker images to the aws-iot-device-client repository as part of the public release of that Device Client version.
on:
push:
branches: ['main']
pull_request:
branches: ['main']
types: [opened, closed]
env:
PACKAGE_NAME: aws-iot-device-client
IMAGE_NAME: aws-iot-device-client
ECR_BASE_REPO: aws-iot-device-client/aws-iot-device-client-base-images
ECR_REPO: aws-iot-device-client/aws-iot-device-client
jobs:
# This job builds the Device Client Docker image using the ubuntu base image in the ECR repository
# It then runs the Device Client to output the version to be used in the subsequent jobs.
versioning:
runs-on: ubuntu-latest
if: github.event.pull_request.merged == true
outputs:
version: ${{ steps.get-version.outputs.version }}
steps:
- name: Checkout
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }}
aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }}
aws-region: us-east-1
- name: Login to ECR
run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws
- name: Build Device Client
id: build-device-client
uses: docker/build-push-action@v3
with:
file: .github/docker-images/Dockerfile
context: .
target: deploy
build-args: |
OS=ubuntu:18.04
BASE_IMAGE=public.ecr.aws/${{ env.ECR_BASE_REPO }}:x86_64-ubuntu-latest
push: false
- name: Get Version
id: get-version
run: |
version=$(docker run ${{ steps.build-device-client.outputs.imageid }} --version)
echo "::set-output name=version::$version"
build-docker-image-ubuntu-x86_64:
runs-on: ubuntu-latest
if: github.event.pull_request.merged == true
needs: [versioning]
permissions:
id-token: write
contents: read
steps:
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }}
aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }}
aws-region: us-east-1
- name: Login to ECR
run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws
- name: Checkout
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Docker meta
id: meta
uses: docker/metadata-action@v4
with:
images: public.ecr.aws/${{ env.ECR_REPO }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Build Device Client Image
uses: docker/build-push-action@v3
with:
file: .github/docker-images/Dockerfile
context: .
build-args: |
OS=ubuntu:18.04
BASE_IMAGE=public.ecr.aws/${{ env.ECR_BASE_REPO }}:x86_64-ubuntu-latest
push: true
tags: |
public.ecr.aws/${{ env.ECR_REPO }}:x86_64-ubuntu-${{ needs.versioning.outputs.version }}
public.ecr.aws/${{ env.ECR_REPO }}:x86_64-ubuntu-latest
platforms: linux/amd64
build-docker-image-ubuntu-aarch64:
runs-on: ubuntu-latest
if: github.event.pull_request.merged == true
needs: [versioning]
permissions:
id-token: write
contents: read
steps:
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }}
aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }}
aws-region: us-east-1
- name: Login to ECR
run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws
- name: Checkout
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Docker meta
id: meta
uses: docker/metadata-action@v4
with:
images: public.ecr.aws/${{ env.ECR_REPO }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Build Device Client Image
uses: docker/build-push-action@v3
with:
file: .github/docker-images/Dockerfile
context: .
build-args: |
OS=ubuntu:18.04
BASE_IMAGE=public.ecr.aws/${{ env.ECR_BASE_REPO }}:aarch64-ubuntu-latest
push: true
tags: |
public.ecr.aws/${{ env.ECR_REPO }}:aarch64-ubuntu-${{ needs.versioning.outputs.version }}
public.ecr.aws/${{ env.ECR_REPO }}:aarch64-ubuntu-latest
platforms: linux/arm64
build-docker-image-ubuntu-armv7:
runs-on: ubuntu-latest
if: github.event.pull_request.merged == true
needs: [versioning]
permissions:
id-token: write
contents: read
steps:
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }}
aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }}
aws-region: us-east-1
- name: Login to ECR
run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws
- name: Checkout
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Docker meta
id: meta
uses: docker/metadata-action@v4
with:
images: public.ecr.aws/${{ env.ECR_REPO }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Build Device Client Image
uses: docker/build-push-action@v3
with:
file: .github/docker-images/Dockerfile
context: .
build-args: |
OS=ubuntu:18.04
BASE_IMAGE=public.ecr.aws/${{ env.ECR_BASE_REPO }}:armv7-ubuntu-latest
push: true
tags: |
public.ecr.aws/${{ env.ECR_REPO }}:armv7-ubuntu-${{ needs.versioning.outputs.version }}
public.ecr.aws/${{ env.ECR_REPO }}:armv7-ubuntu-latest
platforms: linux/arm/v7
build-docker-image-amazonlinux-x86_64:
runs-on: ubuntu-latest
if: github.event.pull_request.merged == true
needs: [versioning]
permissions:
id-token: write
contents: read
steps:
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }}
aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }}
aws-region: us-east-1
- name: Login to ECR
run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws
- name: Checkout
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Docker meta
id: meta
uses: docker/metadata-action@v4
with:
images: public.ecr.aws/${{ env.ECR_REPO }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Build Device Client Image
uses: docker/build-push-action@v3
with:
file: .github/docker-images/Dockerfile
context: .
build-args: |
OS=amazonlinux:latest
BASE_IMAGE=public.ecr.aws/${{ env.ECR_BASE_REPO }}:x86_64-amazonlinux-latest
push: true
tags: |
public.ecr.aws/${{ env.ECR_REPO }}:x86_64-amazonlinux-${{ needs.versioning.outputs.version }}
public.ecr.aws/${{ env.ECR_REPO }}:x86_64-amazonlinux-latest
platforms: linux/amd64
build-docker-image-amazonlinux-aarch64:
runs-on: ubuntu-latest
if: github.event.pull_request.merged == true
needs: [versioning]
permissions:
id-token: write
contents: read
steps:
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }}
aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }}
aws-region: us-east-1
- name: Login to ECR
run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws
- name: Checkout
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Docker meta
id: meta
uses: docker/metadata-action@v4
with:
images: public.ecr.aws/${{ env.ECR_REPO }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Build Device Client Image
uses: docker/build-push-action@v3
with:
file: .github/docker-images/Dockerfile
context: .
build-args: |
OS=amazonlinux:latest
BASE_IMAGE=public.ecr.aws/${{ env.ECR_BASE_REPO }}:aarch64-amazonlinux-latest
push: true
tags: |
public.ecr.aws/${{ env.ECR_REPO }}:aarch64-amazonlinux-${{ needs.versioning.outputs.version }}
public.ecr.aws/${{ env.ECR_REPO }}:aarch64-amazonlinux-latest
platforms: linux/arm64
build-docker-image-ubi8-x86_64:
runs-on: ubuntu-latest
if: github.event.pull_request.merged == true
needs: [versioning]
permissions:
id-token: write
contents: read
steps:
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }}
aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }}
aws-region: us-east-1
- name: Login to ECR
run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws
- name: Checkout
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Docker meta
id: meta
uses: docker/metadata-action@v4
with:
images: public.ecr.aws/${{ env.ECR_REPO }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Build Device Client Image
uses: docker/build-push-action@v3
with:
file: .github/docker-images/Dockerfile
context: .
build-args: |
OS=registry.access.redhat.com/ubi8/ubi
BASE_IMAGE=public.ecr.aws/${{ env.ECR_BASE_REPO }}:x86_64-ubi8-latest
push: true
tags: |
public.ecr.aws/${{ env.ECR_REPO }}:x86_64-ubi8-${{ needs.versioning.outputs.version }}
public.ecr.aws/${{ env.ECR_REPO }}:x86_64-ubi8-latest
platforms: linux/amd64
build-docker-image-ubi8-aarch64:
runs-on: ubuntu-latest
if: github.event.pull_request.merged == true
needs: [versioning]
permissions:
id-token: write
contents: read
steps:
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }}
aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }}
aws-region: us-east-1
- name: Login to ECR
run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws
- name: Checkout
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Docker meta
id: meta
uses: docker/metadata-action@v4
with:
images: public.ecr.aws/${{ env.ECR_REPO }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Build Device Client Image
uses: docker/build-push-action@v3
with:
file: .github/docker-images/Dockerfile
context: .
build-args: |
OS=registry.access.redhat.com/ubi8/ubi
BASE_IMAGE=public.ecr.aws/${{ env.ECR_BASE_REPO }}:aarch64-ubi8-latest
push: true
tags: |
public.ecr.aws/${{ env.ECR_REPO }}:aarch64-ubi8-${{ needs.versioning.outputs.version }}
public.ecr.aws/${{ env.ECR_REPO }}:aarch64-ubi8-latest
platforms: linux/arm64