We use cookies to ensure you get the best experience on our website
Home Explore Help
Register Sign In
0ct0pu5
/
crowdsec
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

ci: authenticate when looking up release information (#1936)

mmetc 2 years ago
parent
5d2c99bb17
commit
7d6523db29
4 changed files with 83 additions and 55 deletions
Split View Show Diff Stats
  1. 13 6
      .github/workflows/ci-windows-build-msi.yml
  2. 18 8
      .github/workflows/dispatch_create_branch_hub.yaml
  3. 18 8
      .github/workflows/dispatch_delete_branch_hub.yaml
  4. 34 33
      .github/workflows/release_publish-package.yml

+ 13 - 6
.github/workflows/ci-windows-build-msi.yml
View File 

@@ -11,6 +11,18 @@ on:
 
       - 'README.md'
 
 
 jobs:
 
+  get_latest_release:
 
+    name: get_latest_release
 
+    runs-on: ubuntu-latest
 
+    permissions:
 
+      contents: read
 
+    steps:
 
+    - id: get_latest_release
 
+      uses: cardinalby/git-get-release-action@cedef2faf69cb7c55b285bad07688d04430b7ada
 
+      env:
 
+        GITHUB_TOKEN: ${{ github.token }}
 
+      with:
 
+        latest: true
 
 
   build:
 
     name: Build
 
@@ -23,13 +35,8 @@ jobs:
 
       id: go
 
     - name: Check out code into the Go module directory
 
       uses: actions/checkout@v2
 
-    - id: get_latest_release
 
-      uses: pozetroninc/github-action-get-latest-release@master
 
-      with:
 
-        repository: crowdsecurity/crowdsec
 
-        excludes: draft
 
     - id: set_release_in_env
 
-      run: echo "BUILD_VERSION=${{ steps.get_latest_release.outputs.release }}" >> $env:GITHUB_ENV
 
+      run: echo "BUILD_VERSION=${{ jobs.get_latest_release.outputs.tag_name }}" >> $env:GITHUB_ENV
 
     - name: Build
 
       run: make windows_installer
 
     - name: Upload MSI

+ 18 - 8
.github/workflows/dispatch_create_branch_hub.yaml
View File 

@@ -2,23 +2,33 @@ name: Dispatch to hub when creating pre-release
 
 
 on:
 
   release:
 
-    types: prereleased
 
+    types:
 
+      - prereleased
 
 
 jobs:
 
+  get_latest_release:
 
+    name: get_latest_release
 
+    runs-on: ubuntu-latest
 
+    permissions:
 
+      contents: read
 
+    steps:
 
+    - id: get_latest_release
 
+      uses: cardinalby/git-get-release-action@cedef2faf69cb7c55b285bad07688d04430b7ada
 
+      env:
 
+        GITHUB_TOKEN: ${{ github.token }}
 
+      with:
 
+        latest: true
 
+        draft: false
 
+        prerelease: false
 
+
 
   dispatch:
 
     name: dispatch to hub-tests
 
     runs-on: ubuntu-latest
 
     steps:
 
-      - id: keydb
 
-        uses: pozetroninc/github-action-get-latest-release@master
 
-        with:
 
-          owner: crowdsecurity
 
-          repo: crowdsec
 
-          excludes: prerelease, draft
 
       - name: Repository Dispatch
 
         uses: peter-evans/repository-dispatch@v1
 
         with:
 
           token: ${{ secrets.DISPATCH_TOKEN }}
 
           event-type: create_branch
 
           repository: crowdsecurity/hub
 
-          client-payload: '{"version": "${{ steps.keydb.outputs.release }}"}'
 
+          client-payload: '{"version": "${{ jobs.get_latest_release.outputs.tag_name }}"}'

+ 18 - 8
.github/workflows/dispatch_delete_branch_hub.yaml
View File 

@@ -2,23 +2,33 @@ name: Dispatch to hub when deleting pre-release
 
 
 on:
 
   release:
 
-    types: deleted
 
+    types:
 
+      - deleted
 
 
 jobs:
 
+  get_latest_release:
 
+    name: get_latest_release
 
+    runs-on: ubuntu-latest
 
+    permissions:
 
+      contents: read
 
+    steps:
 
+      - id: get_latest_release
 
+        uses: cardinalby/git-get-release-action@cedef2faf69cb7c55b285bad07688d04430b7ada
 
+        env:
 
+          GITHUB_TOKEN: ${{ github.token }}
 
+        with:
 
+          latest: true
 
+          draft: false
 
+          prerelease: false
 
+
 
   dispatch:
 
     name: dispatch to hub-tests
 
     runs-on: ubuntu-latest
 
     steps:
 
-      - id: keydb
 
-        uses: pozetroninc/github-action-get-latest-release@master
 
-        with:
 
-          owner: crowdsecurity
 
-          repo: crowdsec
 
-          excludes: prerelease, draft
 
       - name: Repository Dispatch
 
         uses: peter-evans/repository-dispatch@v1
 
         with:
 
           token: ${{ secrets.DISPATCH_TOKEN }}
 
           event-type: delete_branch
 
           repository: crowdsecurity/hub
 
-          client-payload: '{"version": "${{ steps.keydb.outputs.release }}"}'
 
+          client-payload: '{"version": "${{ jobs.get_latest_release.outputs.tag_name }}"}'

+ 34 - 33
.github/workflows/release_publish-package.yml
View File 

@@ -3,46 +3,47 @@ name: build
 
 
 on:
 
   release:
 
-    types: prereleased
 
+    types:
 
+      - prereleased
 
 
 jobs:
 
   build:
 
     name: Build and upload binary package
 
     runs-on: ubuntu-latest
 
     steps:
 
-    - name: Set up Go 1.19
 
-      uses: actions/setup-go@v3
 
-      with:
 
-        go-version: 1.19
 
-      id: go
 
-    - name: Check out code into the Go module directory
 
-      uses: actions/checkout@v3
 
-    - name: Build the binaries
 
-      run: make release
 
-    - name: Upload to release
 
-      uses: JasonEtco/upload-to-release@master
 
-      with:
 
-        args: crowdsec-release.tgz application/x-gzip
 
-      env:
 
-        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
+      - name: Set up Go 1.19
 
+        uses: actions/setup-go@v3
 
+        with:
 
+          go-version: 1.19
 
+        id: go
 
+      - name: Check out code into the Go module directory
 
+        uses: actions/checkout@v3
 
+      - name: Build the binaries
 
+        run: make release
 
+      - name: Upload to release
 
+        uses: JasonEtco/upload-to-release@master
 
+        with:
 
+          args: crowdsec-release.tgz application/x-gzip
 
+        env:
 
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
   build_static:
 
     name: Build and upload binary package
 
     runs-on: ubuntu-latest
 
     steps:
 
-    - name: Set up Go 1.19
 
-      uses: actions/setup-go@v3
 
-      with:
 
-        go-version: 1.19
 
-      id: go
 
-    - name: Check out code into the Go module directory
 
-      uses: actions/checkout@v3
 
-    - name: Build the binaries
 
-      run: |
 
-        make release BUILD_STATIC=yes
 
-        mv crowdsec-release.tgz crowdsec-release-static.tgz
 
-    - name: Upload to release
 
-      uses: JasonEtco/upload-to-release@master
 
-      with:
 
-        args: crowdsec-release-static.tgz application/x-gzip
 
-      env:
 
-        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
+      - name: Set up Go 1.19
 
+        uses: actions/setup-go@v3
 
+        with:
 
+          go-version: 1.19
 
+        id: go
 
+      - name: Check out code into the Go module directory
 
+        uses: actions/checkout@v3
 
+      - name: Build the binaries
 
+        run: |
 
+          make release BUILD_STATIC=yes
 
+          mv crowdsec-release.tgz crowdsec-release-static.tgz
 
+      - name: Upload to release
 
+        uses: JasonEtco/upload-to-release@master
 
+        with:
 
+          args: crowdsec-release-static.tgz application/x-gzip
 
+        env:
 
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5