Skip to content

Drop update-crypto-policies dependency #1085

Drop update-crypto-policies dependency

Drop update-crypto-policies dependency #1085

Workflow file for this run

name: Publish PKI
on:
push:
branches:
- master
env:
NAMESPACE: ${{ vars.REGISTRY_NAMESPACE || github.repository_owner }}
jobs:
publish-maven:
if: vars.REGISTRY != ''
name: Publishing Maven artifacts
runs-on: ubuntu-latest
steps:
- name: Install dependencies
run: |
sudo apt-get update
sudo apt-get -y install xmlstarlet
- name: Clone repository
uses: actions/checkout@v4
- name: Set up Java
uses: actions/setup-java@v4
with:
java-version: '17'
distribution: 'adopt'
- name: Configure settings.xml
run: |
xmlstarlet edit --inplace \
-u "/_:settings/_:servers/_:server[_:id='github']/_:password" \
-v "$REPO_TOKEN" \
~/.m2/settings.xml
env:
REPO_TOKEN: ${{ secrets.REPO_TOKEN }}
- name: Configure pom.xml
run: |
xmlstarlet edit --inplace \
-u "/_:project/_:build/_:plugins/_:plugin[_:artifactId='site-maven-plugin']/_:configuration/_:repositoryOwner" \
-v "$NAMESPACE" \
-u "/_:project/_:repositories/_:repository[_:id='dogtagpki']/_:url" \
-v "https://raw.githubusercontent.com/$NAMESPACE/repo/maven" \
pom.xml
cat pom.xml
- name: Publish Maven artifacts
run: |
# TODO: Fix test issue due to missing JSS shared libraries.
mvn \
--batch-mode \
--update-snapshots \
-DskipTests \
deploy
wait-for-images:
if: vars.REGISTRY != ''
name: Waiting for container images
runs-on: ubuntu-latest
steps:
- name: Wait for container images
uses: lewagon/[email protected]
with:
ref: ${{ github.ref }}
check-name: 'Building PKI'
repo-token: ${{ secrets.GITHUB_TOKEN }}
wait-interval: 60
publish-images:
name: Publishing container images
needs: wait-for-images
runs-on: ubuntu-latest
steps:
- name: Log in to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ${{ vars.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
if: vars.REGISTRY == 'ghcr.io'
- name: Log in to other container registry
uses: docker/login-action@v3
with:
registry: ${{ vars.REGISTRY }}
username: ${{ secrets.REGISTRY_USERNAME }}
password: ${{ secrets.REGISTRY_PASSWORD }}
if: vars.REGISTRY != 'ghcr.io'
- name: Retrieve PKI images
uses: actions/cache@v4
with:
key: pki-images-${{ github.sha }}
path: pki-images.tar
- name: Load PKI images
run: docker load --input pki-images.tar
- name: Publish pki-dist image
run: |
docker tag pki-dist ${{ vars.REGISTRY }}/$NAMESPACE/pki-dist:latest
docker push ${{ vars.REGISTRY }}/$NAMESPACE/pki-dist:latest
- name: Publish pki-server image
run: |
docker tag pki-server ${{ vars.REGISTRY }}/$NAMESPACE/pki-server:latest
docker push ${{ vars.REGISTRY }}/$NAMESPACE/pki-server:latest
- name: Publish pki-ca image
run: |
docker tag pki-ca ${{ vars.REGISTRY }}/$NAMESPACE/pki-ca:latest
docker push ${{ vars.REGISTRY }}/$NAMESPACE/pki-ca:latest
- name: Publish pki-kra image
run: |
docker tag pki-kra ${{ vars.REGISTRY }}/$NAMESPACE/pki-kra:latest
docker push ${{ vars.REGISTRY }}/$NAMESPACE/pki-kra:latest
- name: Publish pki-ocsp image
run: |
docker tag pki-ocsp ${{ vars.REGISTRY }}/$NAMESPACE/pki-ocsp:latest
docker push ${{ vars.REGISTRY }}/$NAMESPACE/pki-ocsp:latest