first check (#24)

* first check Signed-off-by: Matan Avital <[email protected]> * added a secret validation mechanism Signed-off-by: Matan Avital <[email protected]> * updating permissions * fix to write * permissions update to release * update permissions * updating id-token * update release file * remove tags * fixing steps * fix * permissions fix #1 * modified: .github/workflows/package-release.yaml * addign actions * removing write-all * fix * fix * updates * fix * add write * modified: .github/workflows/package-release.yaml * retrieve * remove env * adding issues * json format test * fix * remove permissions * test with contents permissions * updates * modified: .github/workflows/package-release.yaml * per, upodate * none submit * modified: .github/workflows/package-release.yaml * modified: .github/workflows/package-release.yaml * modified: .github/workflows/package-release.yaml * modified: .github/workflows/package-release.yaml * modified: .github/workflows/package-release.yaml modified: .github/workflows/pr.yaml * modified: .github/workflows/package-release.yaml modified: .github/workflows/pr.yaml * updating release tag * fixing * modified: .github/workflows/pr.yaml * adding create_release process * modified: .github/workflows/package-release.yaml * modified: .github/workflows/package-release.yaml * fix release version * modified: .github/workflows/package-release.yaml * modified: .github/workflows/package-release.yaml fixes * fix release name * modified: .github/workflows/package-release.yaml * modified: .github/workflows/package-release.yaml * fix set_tag_name * modified: .github/workflows/package-release.yaml * modified: .github/workflows/package-release.yaml * syntax fix * modified: .github/workflows/package-release.yaml * modified: .github/workflows/package-release.yaml * updates --------- Signed-off-by: Matan Avital <[email protected]> Co-authored-by: Matan Avital <[email protected]>
kubescape · May 14, 2023 · ac4f475 · ac4f475
1 parent 2be2178
commit ac4f475
Show file tree

Hide file tree

Showing 4 changed files with 42 additions and 30 deletions.
diff --git a/.github/workflows/go-basic-tests.yaml b/.github/workflows/go-basic-tests.yaml
@@ -118,7 +118,7 @@ jobs:
     runs-on: ubuntu-latest
     needs: [Check-secret, Environment-Test]
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
 
     - uses: actions/setup-go@v3
       name: Setup Go 

diff --git a/.github/workflows/kubescape-cli-e2e-tests.yaml b/.github/workflows/kubescape-cli-e2e-tests.yaml
@@ -55,7 +55,18 @@ jobs:
           SECRET_KEY: ${{ secrets.SECRET_KEY_PROD }}
           REGISTRY_USERNAME: ${{ secrets.REGISTRY_USERNAME }}
           REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}
-        run: "echo \"is-secret-set=${{ env.CUSTOMER != '' && \n                        env.USERNAME != '' &&\n                        env.PASSWORD != '' &&\n                        env.CLIENT_ID != '' &&\n                        env.SECRET_KEY != '' &&\n                        env.REGISTRY_USERNAME != '' &&\n                        env.REGISTRY_PASSWORD != ''\n                      }}\" >> $GITHUB_OUTPUT\n"
+        run: |
+              env_vars=("CUSTOMER" "USERNAME" "PASSWORD" "CLIENT_ID" "SECRET_KEY" "REGISTRY_USERNAME" "REGISTRY_PASSWORD")
+              
+              for var_name in "${env_vars[@]}"; do
+                var_value="${!var_name}"
+                if [[ -z "${var_value// /}" ]]; then
+                  echo "Environment variable '$var_name' is empty, null, or contains only whitespace. Failing the workflow."
+                  exit 1
+                fi
+              done
+              
+              echo "All environment variables are valid. Proceeding with the workflow."
 
       - id: export_tests_to_env
         name: set test name

diff --git a/.github/workflows/package-release.yaml b/.github/workflows/package-release.yaml
@@ -31,11 +31,13 @@ on:
       #   required: false
       #   type: boolean
       #   default: true
+  # push:
+  #   branches: [ main, master ]
+  #   tags:
+  #     - 'v*.*.*'
 
 jobs:
   test:
-    permissions:
-      pull-requests: write
     uses: ./.github/workflows/go-basic-tests.yaml
     with:
       GO_VERSION: ${{ inputs.GO_VERSION }}
@@ -46,20 +48,28 @@ jobs:
       # TEST_MULTI_ENVIRONMENTS: ${{ inputs.TEST_MULTI_ENVIRONMENTS }}
     secrets: inherit
 
-  release:
+  create_release:
     needs: test
-    env:
-      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v3
+      - name: Checkout code
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
 
-    - name: Create a release
-      id: create_release
-      uses: actions/create-release@v1
-      with:
-        release_name: "Release: ${{ inputs.RELEASE }}"
-        tag_name: ${{ inputs.RELEASE }}
-        draft: ${{ inputs.IS_DRAFT }}
-        prerelease: false
+      - name: Create release
+        id: create_release
+        uses: actions/create-release@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          # tag_name: ${{ steps.set_tag_name.outputs.tag_name }}
+          # release_name: Release ${{ steps.set_tag_name.outputs.tag_name }}
+          tag_name: ${{ inputs.RELEASE }}
+          release_name: "Release ${{ inputs.RELEASE }}"
+          body: |
+            Release ${{ inputs.RELEASE }}
+            -------------------------------
+            Add release notes here.
+          draft: false
+          prerelease: false
diff --git a/.github/workflows/pr.yaml b/.github/workflows/pr.yaml
@@ -18,26 +18,17 @@ jobs:
       # TEST_MULTI_ENVIRONMENTS: true
     secrets: inherit
 
-  # validate-go-basic-tests-file-single-os:
-  #   permissions:
-  #     pull-requests: write
-  #   uses: ./.github/workflows/go-basic-tests.yaml
-  #   with:
-  #     GO_VERSION: 1.19
-  #     BUILD_PATH: "./testdata/."
-  #     UNIT_TESTS_PATH: "./testdata/."
-  #     TEST_MULTI_ENVIRONMENTS: false
-  #   secrets: inherit
-
+  # Validate release files and release pkg. 
   validate-package-releaser-file:
     needs: validate-go-basic-tests-file
     permissions:
+      contents: write
       pull-requests: write
     uses: ./.github/workflows/package-release.yaml
     with:
-      RELEASE: "v0.0.${{ github.run_number }}"
+      RELEASE: "v1.0.${{ github.run_number }}"
       GO_VERSION: 1.19
-      IS_DRAFT: true
+      IS_DRAFT: false
       BUILD_PATH: "./testdata/."
       UNIT_TESTS_PATH: "./testdata/."
     secrets: inherit