Fix checking device defender config #215
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Release CI | |
# When all workflows have passed and the pre-release branch is merged to main branch this workflow will build and publish | |
# the Docker images to the aws-iot-device-client repository as part of the public release of that Device Client version. | |
on: | |
push: | |
branches: ['main'] | |
pull_request: | |
branches: ['main'] | |
types: [opened, closed] | |
env: | |
PACKAGE_NAME: aws-iot-device-client | |
IMAGE_NAME: aws-iot-device-client | |
ECR_BASE_REPO: aws-iot-device-client/aws-iot-device-client-base-images | |
ECR_REPO: aws-iot-device-client/aws-iot-device-client | |
jobs: | |
# This job builds the Device Client Docker image using the ubuntu base image in the ECR repository | |
# It then runs the Device Client to output the version to be used in the subsequent jobs. | |
versioning: | |
runs-on: ubuntu-latest | |
if: github.event.pull_request.merged == true | |
outputs: | |
version: ${{ steps.get-version.outputs.version }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
with: | |
fetch-depth: 0 | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} | |
aws-region: us-east-1 | |
- name: Login to ECR | |
run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws | |
- name: Build Device Client | |
id: build-device-client | |
uses: docker/build-push-action@v3 | |
with: | |
file: .github/docker-images/Dockerfile | |
context: . | |
target: deploy | |
build-args: | | |
OS=ubuntu:18.04 | |
BASE_IMAGE=public.ecr.aws/${{ env.ECR_BASE_REPO }}:x86_64-ubuntu-latest | |
push: false | |
- name: Get Version | |
id: get-version | |
run: | | |
version=$(docker run ${{ steps.build-device-client.outputs.imageid }} --version) | |
echo "::set-output name=version::$version" | |
build-docker-image-ubuntu-x86_64: | |
runs-on: ubuntu-latest | |
if: github.event.pull_request.merged == true | |
needs: [versioning] | |
permissions: | |
id-token: write | |
contents: read | |
steps: | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} | |
aws-region: us-east-1 | |
- name: Login to ECR | |
run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws | |
- name: Checkout | |
uses: actions/checkout@v2 | |
with: | |
fetch-depth: 0 | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v2 | |
- name: Docker meta | |
id: meta | |
uses: docker/metadata-action@v4 | |
with: | |
images: public.ecr.aws/${{ env.ECR_REPO }} | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Build Device Client Image | |
uses: docker/build-push-action@v3 | |
with: | |
file: .github/docker-images/Dockerfile | |
context: . | |
build-args: | | |
OS=ubuntu:18.04 | |
BASE_IMAGE=public.ecr.aws/${{ env.ECR_BASE_REPO }}:x86_64-ubuntu-latest | |
push: true | |
tags: | | |
public.ecr.aws/${{ env.ECR_REPO }}:x86_64-ubuntu-${{ needs.versioning.outputs.version }} | |
public.ecr.aws/${{ env.ECR_REPO }}:x86_64-ubuntu-latest | |
platforms: linux/amd64 | |
build-docker-image-ubuntu-aarch64: | |
runs-on: ubuntu-latest | |
if: github.event.pull_request.merged == true | |
needs: [versioning] | |
permissions: | |
id-token: write | |
contents: read | |
steps: | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} | |
aws-region: us-east-1 | |
- name: Login to ECR | |
run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws | |
- name: Checkout | |
uses: actions/checkout@v2 | |
with: | |
fetch-depth: 0 | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v2 | |
- name: Docker meta | |
id: meta | |
uses: docker/metadata-action@v4 | |
with: | |
images: public.ecr.aws/${{ env.ECR_REPO }} | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Build Device Client Image | |
uses: docker/build-push-action@v3 | |
with: | |
file: .github/docker-images/Dockerfile | |
context: . | |
build-args: | | |
OS=ubuntu:18.04 | |
BASE_IMAGE=public.ecr.aws/${{ env.ECR_BASE_REPO }}:aarch64-ubuntu-latest | |
push: true | |
tags: | | |
public.ecr.aws/${{ env.ECR_REPO }}:aarch64-ubuntu-${{ needs.versioning.outputs.version }} | |
public.ecr.aws/${{ env.ECR_REPO }}:aarch64-ubuntu-latest | |
platforms: linux/arm64 | |
build-docker-image-ubuntu-armv7: | |
runs-on: ubuntu-latest | |
if: github.event.pull_request.merged == true | |
needs: [versioning] | |
permissions: | |
id-token: write | |
contents: read | |
steps: | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} | |
aws-region: us-east-1 | |
- name: Login to ECR | |
run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws | |
- name: Checkout | |
uses: actions/checkout@v2 | |
with: | |
fetch-depth: 0 | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v2 | |
- name: Docker meta | |
id: meta | |
uses: docker/metadata-action@v4 | |
with: | |
images: public.ecr.aws/${{ env.ECR_REPO }} | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Build Device Client Image | |
uses: docker/build-push-action@v3 | |
with: | |
file: .github/docker-images/Dockerfile | |
context: . | |
build-args: | | |
OS=ubuntu:18.04 | |
BASE_IMAGE=public.ecr.aws/${{ env.ECR_BASE_REPO }}:armv7-ubuntu-latest | |
push: true | |
tags: | | |
public.ecr.aws/${{ env.ECR_REPO }}:armv7-ubuntu-${{ needs.versioning.outputs.version }} | |
public.ecr.aws/${{ env.ECR_REPO }}:armv7-ubuntu-latest | |
platforms: linux/arm/v7 | |
build-docker-image-amazonlinux-x86_64: | |
runs-on: ubuntu-latest | |
if: github.event.pull_request.merged == true | |
needs: [versioning] | |
permissions: | |
id-token: write | |
contents: read | |
steps: | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} | |
aws-region: us-east-1 | |
- name: Login to ECR | |
run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws | |
- name: Checkout | |
uses: actions/checkout@v2 | |
with: | |
fetch-depth: 0 | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v2 | |
- name: Docker meta | |
id: meta | |
uses: docker/metadata-action@v4 | |
with: | |
images: public.ecr.aws/${{ env.ECR_REPO }} | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Build Device Client Image | |
uses: docker/build-push-action@v3 | |
with: | |
file: .github/docker-images/Dockerfile | |
context: . | |
build-args: | | |
OS=amazonlinux:latest | |
BASE_IMAGE=public.ecr.aws/${{ env.ECR_BASE_REPO }}:x86_64-amazonlinux-latest | |
push: true | |
tags: | | |
public.ecr.aws/${{ env.ECR_REPO }}:x86_64-amazonlinux-${{ needs.versioning.outputs.version }} | |
public.ecr.aws/${{ env.ECR_REPO }}:x86_64-amazonlinux-latest | |
platforms: linux/amd64 | |
build-docker-image-amazonlinux-aarch64: | |
runs-on: ubuntu-latest | |
if: github.event.pull_request.merged == true | |
needs: [versioning] | |
permissions: | |
id-token: write | |
contents: read | |
steps: | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} | |
aws-region: us-east-1 | |
- name: Login to ECR | |
run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws | |
- name: Checkout | |
uses: actions/checkout@v2 | |
with: | |
fetch-depth: 0 | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v2 | |
- name: Docker meta | |
id: meta | |
uses: docker/metadata-action@v4 | |
with: | |
images: public.ecr.aws/${{ env.ECR_REPO }} | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Build Device Client Image | |
uses: docker/build-push-action@v3 | |
with: | |
file: .github/docker-images/Dockerfile | |
context: . | |
build-args: | | |
OS=amazonlinux:latest | |
BASE_IMAGE=public.ecr.aws/${{ env.ECR_BASE_REPO }}:aarch64-amazonlinux-latest | |
push: true | |
tags: | | |
public.ecr.aws/${{ env.ECR_REPO }}:aarch64-amazonlinux-${{ needs.versioning.outputs.version }} | |
public.ecr.aws/${{ env.ECR_REPO }}:aarch64-amazonlinux-latest | |
platforms: linux/arm64 | |
build-docker-image-ubi8-x86_64: | |
runs-on: ubuntu-latest | |
if: github.event.pull_request.merged == true | |
needs: [versioning] | |
permissions: | |
id-token: write | |
contents: read | |
steps: | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} | |
aws-region: us-east-1 | |
- name: Login to ECR | |
run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws | |
- name: Checkout | |
uses: actions/checkout@v2 | |
with: | |
fetch-depth: 0 | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v2 | |
- name: Docker meta | |
id: meta | |
uses: docker/metadata-action@v4 | |
with: | |
images: public.ecr.aws/${{ env.ECR_REPO }} | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Build Device Client Image | |
uses: docker/build-push-action@v3 | |
with: | |
file: .github/docker-images/Dockerfile | |
context: . | |
build-args: | | |
OS=registry.access.redhat.com/ubi8/ubi | |
BASE_IMAGE=public.ecr.aws/${{ env.ECR_BASE_REPO }}:x86_64-ubi8-latest | |
push: true | |
tags: | | |
public.ecr.aws/${{ env.ECR_REPO }}:x86_64-ubi8-${{ needs.versioning.outputs.version }} | |
public.ecr.aws/${{ env.ECR_REPO }}:x86_64-ubi8-latest | |
platforms: linux/amd64 | |
build-docker-image-ubi8-aarch64: | |
runs-on: ubuntu-latest | |
if: github.event.pull_request.merged == true | |
needs: [versioning] | |
permissions: | |
id-token: write | |
contents: read | |
steps: | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }} | |
aws-region: us-east-1 | |
- name: Login to ECR | |
run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws | |
- name: Checkout | |
uses: actions/checkout@v2 | |
with: | |
fetch-depth: 0 | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v2 | |
- name: Docker meta | |
id: meta | |
uses: docker/metadata-action@v4 | |
with: | |
images: public.ecr.aws/${{ env.ECR_REPO }} | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Build Device Client Image | |
uses: docker/build-push-action@v3 | |
with: | |
file: .github/docker-images/Dockerfile | |
context: . | |
build-args: | | |
OS=registry.access.redhat.com/ubi8/ubi | |
BASE_IMAGE=public.ecr.aws/${{ env.ECR_BASE_REPO }}:aarch64-ubi8-latest | |
push: true | |
tags: | | |
public.ecr.aws/${{ env.ECR_REPO }}:aarch64-ubi8-${{ needs.versioning.outputs.version }} | |
public.ecr.aws/${{ env.ECR_REPO }}:aarch64-ubi8-latest | |
platforms: linux/arm64 |