Skip to content
.github/workflows/smurf.yml

feat: commented helm deploy command #12

Sign in to view logs

feat: commented helm deploy command

feat: commented helm deploy command #12

Workflow file for this run

.github/workflows/smurf.yml at 797d1b5
name: Smurf
on:
workflow_call:
secrets:
docker-username:
description: 'Docker Hub username'
required: false
docker-password:
description: 'Docker Hub token'
required: false
ecr-registry:
description: 'ECR registry URL'
required: false
AWS_ACCESS_KEY_ID:
required: false
description: 'AWS Access Key ID for direct authentication'
AWS_SECRET_ACCESS_KEY:
required: false
description: 'AWS Secret Access Key for direct authentication'
AWS_SESSION_TOKEN:
required: false
description: 'AWS Session Token for direct authentication'
AZURE_CREDENTIALS:
required: false
description: 'Azure credentials for authentication'
GCP_CREDENTIALS:
required: false
description: 'GCP credentials JSON for authentication'
DIGITALOCEAN_ACCESS_TOKEN:
required: false
description: 'DigitalOcean Personal Access Token'
WORKLOAD_IDENTITY_PROVIDER:
required: false
description: 'GCP Workload Identity Provider identifier'
SERVICE_ACCOUNT:
required: false
description: 'GCP Service Account to use'
DOCKERHUB_USERNAME:
required: false
description: 'Dockerhub Username'
DOCKERHUB_PASSWORD:
required: false
description: 'Dockerhub Password'
env-vars:
required: false
description: 'Additional environment variables in JSON format'
inputs:

Check failure on line 48 in .github/workflows/smurf.yml

View workflow run for this annotation

GitHub Actions / .github/workflows/smurf.yml

Invalid workflow file 

You have an error in your yaml syntax on line 48
command:
description: 'Command to run with tool'
type: string
required: false
docker_enable:
description: 'Set to true to run docker commands'
type: string
required: false
default: 'true'
aws-role:
description: 'AWS IAM role ARN to assume'
type: string
required: false
aws-region:
description: 'AWS region'
type: string
default: 'us-east-1'
provider:
description: 'Cloud provider (aws, azure, gcp, digitalocean)'
type: string
required: false
default: 'aws'
aws_auth_method:
description: 'AWS Auth method to use'
type: string
required: false
eks-cluster:
description: 'EKS cluster name'
type: string
required: false
branch:
description: 'Branch to checkout'
type: string
default: 'master'
aws_auth:
description: 'Set to true for AWS Auth'
type: string
default: 'false'
# Docker-specific inputs
image-name:
description: 'Docker image name'
type: string
required: false
image-tag:
description: 'Docker image tag'
type: string
required: false
image-tar:
description: 'Docker image tar'
type: string
required: false
docker_scan:
description: 'Set true for docker scan'
type: string
required: false
docker_scan_command:
description: 'Command for docker scan'
type: string
required: false
docker_push:
description: 'Set true for docker push'
type: string
required: false
docker_push_command:
description: 'Command for docker push'
type: string
required: false
docker_build_command:
description: 'Command for docker build'
type: string
required: false
docker_tag_command:
description: 'Command for docker tag'
type: string
required: false
# Helm-specific inputs
helm-lint-command:
description: 'Helm Lint Command'
type: string
required: false
helm_enable:
description: 'Set to true to run helm commands'
type: string
required: false
default: 'false'
helm-template-command:
description: 'Helm Template Command'
type: string
required: false
helm_deploy_command:
description: 'Helm Deploy Command'
type: string
required: false
jobs:
docker-build:
if: inputs.docker_enable == 'true'
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
steps:
- name: Checkout code
uses: actions/[email protected]
with:
ref: ${{ inputs.branch }}
- name: Configure AWS credentials with OIDC
if: inputs.aws_auth_method == 'oidc'
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ inputs.aws-role }}
aws-region: ${{ inputs.aws-region }}
- name: Configure AWS credentials with access keys
if: inputs.aws_auth_method == 'keys'
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_SESSION_TOKEN: ${{ secrets.AWS_SESSION_TOKEN }}
AWS_REGION: ${{ inputs.aws-region }}
run: |
aws configure set aws_access_key_id $AWS_ACCESS_KEY_ID
aws configure set aws_secret_access_key $AWS_SECRET_ACCESS_KEY
if [[ -n "$AWS_SESSION_TOKEN" ]]; then
aws configure set aws_session_token $AWS_SESSION_TOKEN
fi
aws configure set region $AWS_REGION
- name: Set environment variables
run: |
echo "AWS_AUTH=${{ inputs.aws_auth }}" >> $GITHUB_ENV
echo "AWS_DEFAULT_REGION=${{ inputs.aws-region }}" >> $GITHUB_ENV
echo "EKS_CLUSTER_NAME=${{ inputs.eks-cluster }}" >> $GITHUB_ENV
- name: Docker Image Build
uses: clouddrove/smurf@feat/trivy
with:
tool: sdkr
command: ${{ inputs.docker_build_command }}
- name: Save Docker Image as Artifact
run: |
docker save ${{ inputs.image-name }}:${{ inputs.image-tag }} -o ${{ inputs.image-tar }}
- name: Upload Docker Image Artifact
uses: actions/upload-artifact@v4
with:
name: ${{ inputs.image-name }}
path: ${{ inputs.image-tar }}
docker-scan-push:
if: inputs.docker_enable == 'true' && inputs.docker_scan == 'true' && inputs.docker_push == 'true'
runs-on: ubuntu-latest
needs: docker-build
permissions:
id-token: write
contents: read
steps:
- name: Checkout code
uses: actions/[email protected]
with:
ref: ${{ inputs.branch }}
- name: Download Docker Image Artifact
uses: actions/download-artifact@v4
with:
name: ${{ inputs.image-name }}
- name: Load Docker Image
run: |
docker load -i ${{ inputs.image-tar }}
- name: Configure AWS credentials with OIDC
if: inputs.aws_auth_method == 'oidc'
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ inputs.aws-role }}
aws-region: ${{ inputs.aws-region }}
- name: Configure AWS credentials with access keys
if: inputs.aws_auth_method == 'keys'
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_SESSION_TOKEN: ${{ secrets.AWS_SESSION_TOKEN }}
AWS_REGION: ${{ inputs.aws-region }}
run: |
aws configure set aws_access_key_id $AWS_ACCESS_KEY_ID
aws configure set aws_secret_access_key $AWS_SECRET_ACCESS_KEY
if [[ -n "$AWS_SESSION_TOKEN" ]]; then
aws configure set aws_session_token $AWS_SESSION_TOKEN
fi
aws configure set region $AWS_REGION
- name: Set environment variables
run: |
echo "AWS_DEFAULT_REGION=${{ inputs.aws-region }}" >> $GITHUB_ENV
echo "EKS_CLUSTER_NAME=${{ inputs.eks-cluster }}" >> $GITHUB_ENV
echo "AWS_AUTH=${{ inputs.aws_auth }}" >> $GITHUB_ENV
- name: Docker Image Scan
if: inputs.docker_scan == 'true'
uses: clouddrove/smurf@feat/trivy
with:
tool: sdkr
command: ${{ inputs.docker_scan_command }}
- name: Docker Image Tag
if: inputs.docker_push == 'true'
uses: clouddrove/[email protected]
with:
tool: sdkr
command: ${{ inputs.docker_tag_command }}
- name: Docker Image Push
if: inputs.docker_push == 'true'
uses: clouddrove/[email protected]
with:
tool: sdkr
command: ${{ inputs.docker_push_command }}
helm-scan:
if: inputs.helm_enable == 'true'
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
steps:
- name: Check out code
uses: actions/[email protected]
with:
ref: ${{ inputs.branch }}
- name: Configure AWS credentials with OIDC
if: inputs.aws_auth_method == 'oidc'
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ inputs.aws-role }}
aws-region: ${{ inputs.aws-region }}
- name: Configure AWS credentials with access keys
if: inputs.aws_auth_method == 'keys'
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_SESSION_TOKEN: ${{ secrets.AWS_SESSION_TOKEN }}
AWS_REGION: ${{ inputs.aws-region }}
run: |
aws configure set aws_access_key_id $AWS_ACCESS_KEY_ID
aws configure set aws_secret_access_key $AWS_SECRET_ACCESS_KEY
if [[ -n "$AWS_SESSION_TOKEN" ]]; then
aws configure set aws_session_token $AWS_SESSION_TOKEN
fi
aws configure set region $AWS_REGION
- name: Set environment variables
run: |
echo "AWS_DEFAULT_REGION=${{ inputs.aws-region }}" >> $GITHUB_ENV
echo "EKS_CLUSTER_NAME=${{ inputs.eks-cluster }}" >> $GITHUB_ENV
echo "AWS_AUTH=${{ inputs.aws_auth }}" >> $GITHUB_ENV
- name: Helm Lint
uses: clouddrove/[email protected]
with:
tool: selm
command: ${{ inputs.helm-lint-command }}
- name: Helm Template
uses: clouddrove/[email protected]
with:
tool: selm
command: ${{ inputs.helm-template-command }}
# helm-deploy:
# runs-on: ubuntu-latest
# needs: [helm-scan, docker-scan-push]
# permissions:
# id-token: write
# contents: read
# steps:
# - name: Check out code
# uses: actions/[email protected]
# with:
# ref: ${{ inputs.branch }}
# - name: Configure AWS credentials with OIDC
# if: inputs.aws_auth_method == 'oidc'
# uses: aws-actions/configure-aws-credentials@v4
# with:
# role-to-assume: ${{ inputs.aws-role }}
# aws-region: ${{ inputs.aws-region }}
# - name: Configure AWS credentials with access keys
# if: inputs.aws_auth_method == 'keys'
# env:
# AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
# AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
# AWS_SESSION_TOKEN: ${{ secrets.AWS_SESSION_TOKEN }}
# AWS_REGION: ${{ inputs.aws-region }}
# run: |
# aws configure set aws_access_key_id $AWS_ACCESS_KEY_ID
# aws configure set aws_secret_access_key $AWS_SECRET_ACCESS_KEY
# if [[ -n "$AWS_SESSION_TOKEN" ]]; then
# aws configure set aws_session_token $AWS_SESSION_TOKEN
# fi
# aws configure set region $AWS_REGION
# - name: Set environment variables
# run: |
# echo "AWS_DEFAULT_REGION=${{ inputs.aws-region }}" >> $GITHUB_ENV
# echo "EKS_CLUSTER_NAME=${{ inputs.eks-cluster }}" >> $GITHUB_ENV
# echo "AWS_AUTH=${{ inputs.aws_auth }}" >> $GITHUB_ENV
# - name: Helm Deploy
# uses: clouddrove/[email protected]
# with:
# tool: selm
# command: ${{ inputs.helm_deploy_command }}