Add dry-run flag to 'begin trail' command (#26) #8
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Main - reports Trails to https://staging.app.kosli.com | |
| on: | |
| push: | |
| branches: | |
| - main | |
| env: | |
| KOSLI_DRY_RUN: ${{ vars.KOSLI_DRY_RUN }} | |
| KOSLI_HOST: https://staging.app.kosli.com | |
| KOSLI_ORG: cyber-dojo-trails | |
| KOSLI_FLOW: ${{ vars.KOSLI_FLOW }} | |
| KOSLI_API_TOKEN: ${{ secrets.KOSLI_API_TOKEN_TRAILS }} | |
| jobs: | |
| variables: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| image_tag: ${{ steps.vars.outputs.image_tag }} | |
| kosli_host: ${{ steps.vars.outputs.kosli_host }} | |
| kosli_org: ${{ steps.vars.outputs.kosli_org }} | |
| steps: | |
| - name: Prepare | |
| id: vars | |
| run: | | |
| echo "image_tag=$(echo $GITHUB_SHA | head -c7)" >> ${GITHUB_OUTPUT} | |
| echo "kosli_host=${{ env.KOSLI_HOST }}" >> ${GITHUB_OUTPUT} | |
| echo "kosli_org=${{ env.KOSLI_ORG }}" >> ${GITHUB_OUTPUT} | |
| create-kosli-flow: | |
| needs: [variables] | |
| uses: ./.github/workflows/sub_create_kosli_flow_trails.yml | |
| secrets: | |
| KOSLI_API_TOKEN: ${{ secrets.KOSLI_API_TOKEN_TRAILS }} | |
| with: | |
| KOSLI_HOST: ${{ needs.variables.outputs.kosli_host }} | |
| KOSLI_ORG: ${{ needs.variables.outputs.kosli_org }} | |
| wait-for-image: | |
| needs: [create-kosli-flow] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Wait for image to be built in main.yml | |
| run: | |
| ./sh/wait_for_image.sh | |
| - name: Setup Kosli CLI | |
| uses: kosli-dev/setup-cli-action@v2 | |
| with: | |
| version: ${{ vars.KOSLI_CLI_VERSION }} | |
| - name: Report image to Kosli flow | |
| run: | | |
| IMAGE_TAG="$(echo $GITHUB_SHA | head -c7)" | |
| IMAGE_NAME="cyberdojo/${{ env.KOSLI_FLOW }}:${IMAGE_TAG}" | |
| docker pull "${IMAGE_NAME}" | |
| kosli attest artifact "${IMAGE_NAME}" \ | |
| --artifact-type=docker \ | |
| --name=dashboard \ | |
| --trail="${GITHUB_SHA}" | |
| test: | |
| needs: [variables, wait-for-image] | |
| uses: ./.github/workflows/sub_test_trails.yml | |
| secrets: | |
| KOSLI_API_TOKEN: ${{ secrets.KOSLI_API_TOKEN_TRAILS }} | |
| SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} | |
| with: | |
| KOSLI_HOST: ${{ needs.variables.outputs.kosli_host }} | |
| KOSLI_ORG: ${{ needs.variables.outputs.kosli_org }} | |
| IMAGE_TAG: ${{ needs.variables.outputs.image_tag }} | |
| sdlc-gate: | |
| needs: [variables, test] | |
| uses: ./.github/workflows/sub_sdlc_gate.yml | |
| secrets: | |
| KOSLI_API_TOKEN: ${{ secrets.KOSLI_API_TOKEN_TRAILS }} | |
| with: | |
| KOSLI_HOST: ${{ needs.variables.outputs.kosli_host }} | |
| KOSLI_ORG: ${{ needs.variables.outputs.kosli_org }} | |
| IMAGE_TAG: ${{ needs.variables.outputs.image_tag }} | |
| approve-deployment-to-beta: | |
| needs: [variables, sdlc-gate] | |
| uses: ./.github/workflows/sub_approve_deployment.yml | |
| secrets: | |
| KOSLI_API_TOKEN: ${{ secrets.KOSLI_API_TOKEN_TRAILS }} | |
| with: | |
| KOSLI_HOST: ${{ needs.variables.outputs.kosli_host }} | |
| KOSLI_ORG: ${{ needs.variables.outputs.kosli_org }} | |
| KOSLI_ENVIRONMENT: aws-beta | |
| IMAGE_TAG: ${{ needs.variables.outputs.image_tag }} | |
| approve-deployment-to-prod: | |
| needs: [variables, approve-deployment-to-beta] | |
| uses: ./.github/workflows/sub_approve_deployment.yml | |
| secrets: | |
| KOSLI_API_TOKEN: ${{ secrets.KOSLI_API_TOKEN_TRAILS }} | |
| with: | |
| KOSLI_HOST: ${{ needs.variables.outputs.kosli_host }} | |
| KOSLI_ORG: ${{ needs.variables.outputs.kosli_org }} | |
| KOSLI_ENVIRONMENT: aws-prod | |
| IMAGE_TAG: ${{ needs.variables.outputs.image_tag }} | |
| push-latest: | |
| needs: [variables, approve-deployment-to-prod] | |
| uses: ./.github/workflows/sub_push_latest.yml | |
| secrets: | |
| DOCKER_PASS: ${{ secrets.DOCKER_PASS }} | |
| DOCKER_USER: ${{ secrets.DOCKER_USER }} | |
| with: | |
| IMAGE_TAG: ${{ needs.variables.outputs.image_tag }} | |