Skip to content
Multi Environment Build

chore(deps): bump github.com/threatwinds/validations from 1.0.9 to 1.0.14 in /agent #68

Sign in to view logs

chore(deps): bump github.com/threatwinds/validations from 1.0.9 to 1.0.14 in /agent

chore(deps): bump github.com/threatwinds/validations from 1.0.9 to 1.0.14 in /agent #68

Workflow file for this run

.github/workflows/v10-principal-multi-env.yml at f7ea206
name: Multi Environment Build
on:
push:
branches: [ 'v10', 'release/v10**' ]
tags: [ 'v10.*' ]
pull_request:
branches: [ 'v10' ]
jobs:
setup_deployment:
name: Setup Deployment
runs-on: ubuntu-24.04
outputs:
tag: ${{ steps.set-env.outputs.tag }}
steps:
- name: Determine Build Environment
id: set-env
run: |
if ${{ github.event_name == 'push' && startsWith(github.ref, 'refs/heads/release/v10') }}; then
echo "DEV environment"
echo "tag=v10-dev" >> $GITHUB_OUTPUT
elif ${{ github.event_name == 'pull_request' && github.event.pull_request.base.ref == 'v10' && startsWith(github.event.pull_request.head.ref, 'release/v10') }}; then
echo "QA environment"
echo "tag=v10-qa" >> $GITHUB_OUTPUT
elif ${{ github.event_name == 'push' && github.ref == 'refs/heads/v10' }}; then
echo "RC environment"
echo "tag=v10-rc" >> $GITHUB_OUTPUT
elif ${{ github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v10.') }}; then
echo "RELEASE environment"
echo "tag=v10" >> $GITHUB_OUTPUT
fi
validations:
name: Validate permissions
runs-on: ubuntu-24.04
needs: setup_deployment
if: ${{ needs.setup_deployment.outputs.tag != '' }}
steps:
- name: Check permissions
run: |
echo "Validating user permissions..."
RESPONSE=$(curl -s -H "Authorization: Bearer ${{ secrets.API_SECRET }}" \
-H "Accept: application/vnd.github.json" \
"https://api.github.com/orgs/utmstack/teams/integration-developers/memberships/${{ github.actor }}")
if echo "$RESPONSE" | grep -q '"state": "active"'; then
echo "✅ User ${{ github.actor }} is a member of the integration-developers team."
else
RESPONSE=$(curl -s -H "Authorization: Bearer ${{ secrets.API_SECRET }}" \
-H "Accept: application/vnd.github.json" \
"https://api.github.com/orgs/utmstack/teams/core-developers/memberships/${{ github.actor }}")
if echo "$RESPONSE" | grep -q '"state": "active"'; then
echo "✅ User ${{ github.actor }} is a member of the core-developers team."
else
echo "⛔ ERROR: User ${{ github.actor }} is not a member of the core-developers or integration-developers team."
echo $RESPONSE
exit 1
fi
fi
build_agent:
name: Build Agent-Manager Image & Agent & Dependencies
needs: [validations,setup_deployment]
if: ${{ needs.setup_deployment.outputs.tag != '' }}
runs-on: signing
steps:
- name: Check out code into the right branch
uses: actions/checkout@v4
- name: Login to GitHub Container Registry
run: |
docker login ghcr.io -u utmstack -p ${{ secrets.GITHUB_TOKEN }}
echo "Logged in to GitHub Container Registry"
- name: Build Agent
run: |
cd ${{ github.workspace }}/agent/config; (Get-Content const.go) | Foreach-Object { $_ -replace 'const REPLACE_KEY string = ""', 'const REPLACE_KEY string = "${{ secrets.AGENT_SECRET_PREFIX }}"' } | Set-Content const.go
cd ${{ github.workspace }}/agent
$env:GOOS = "linux"
$env:GOARCH = "amd64"
go build -o utmstack_agent_service -v .
# $env:GOARCH = "arm64"
# go build -o utmstack_agent_service_arm64 -v .
$env:GOOS = "windows"
$env:GOARCH = "amd64"
go build -o utmstack_agent_service.exe -v .
signtool sign /fd SHA256 /tr http://timestamp.digicert.com /td SHA256 /f "${{ vars.SIGN_CERT }}" /csp "eToken Base Cryptographic Provider" /k "[{{${{ secrets.SIGN_KEY }}}}]=${{ secrets.SIGN_CONTAINER }}" "utmstack_agent_service.exe"
$env:GOARCH = "arm64"
go build -o utmstack_agent_service_arm64.exe -v .
signtool sign /fd SHA256 /tr http://timestamp.digicert.com /td SHA256 /f "${{ vars.SIGN_CERT }}" /csp "eToken Base Cryptographic Provider" /k "[{{${{ secrets.SIGN_KEY }}}}]=${{ secrets.SIGN_CONTAINER }}" "utmstack_agent_service_arm64.exe"
echo "Agent build completed"
- name: Build & Push Agent Manager Image
run: |
$env:GOOS = "linux"
$env:GOARCH = "amd64"
cd ${{ github.workspace }}/agent-manager; go build -o agent-manager -v .
New-Item -ItemType Directory -Force -Path "./dependencies/collector/"
Copy-Item -Path "C:/dependencies/${{ needs.setup_deployment.outputs.tag }}/collector/*" -Destination "./dependencies/collector/"
New-Item -ItemType Directory -Force -Path "./dependencies/agent/"
Copy-Item -Path "C:/dependencies/${{ needs.setup_deployment.outputs.tag }}/agent/*" -Destination "./dependencies/agent/"
Copy-Item -Path "${{ github.workspace }}/agent/utmstack_agent_service" -Destination "./dependencies/agent/"
# Copy-Item -Path "${{ github.workspace }}/agent/utmstack_agent_service_arm64" -Destination "./dependencies/agent/"
Copy-Item -Path "${{ github.workspace }}/agent/utmstack_agent_service.exe" -Destination "./dependencies/agent/"
Copy-Item -Path "${{ github.workspace }}/agent/utmstack_agent_service_arm64.exe" -Destination "./dependencies/agent/"
Copy-Item -Path "${{ github.workspace }}/agent/version.json" -Destination "./dependencies/agent/"
docker build -t ghcr.io/utmstack/utmstack/agent-manager:${{ needs.setup_deployment.outputs.tag }} .
docker push ghcr.io/utmstack/utmstack/agent-manager:${{ needs.setup_deployment.outputs.tag }}
echo "Agent Manager image built and pushed"
runner_release:
name: Images deployment
needs: [validations,setup_deployment]
if: ${{ needs.setup_deployment.outputs.tag != '' }}
strategy:
fail-fast: false
matrix:
service: ['aws', 'backend', 'correlation', 'frontend', 'bitdefender', 'mutate', 'office365', 'log-auth-proxy', 'soc-ai', 'sophos', 'user-auditor', 'web-pdf']
uses: ./.github/workflows/v10-used-runner.yml
with:
microservice: ${{ matrix.service }}
environment: ${{ needs.setup_deployment.outputs.tag }}
secrets: inherit
deploy_dev:
name: Deploy to v10-dev environment
needs: [build_agent, runner_release, setup_deployment]
if: ${{ needs.setup_deployment.outputs.tag == 'v10-dev' }}
runs-on: utmstack-v10-dev
steps:
- name: Check out code into the right branch
uses: actions/checkout@v4
- name: Set up Go 1.x
uses: actions/setup-go@v5
with:
go-version: ^1.20
id: go
- name: Build
working-directory: ./installer
env:
GOOS: linux
GOARCH: amd64
run: |
go build -o installer -v .
mv installer /home/utmstack/installer
chmod +x /home/utmstack/installer
- name: Run
working-directory: /home/utmstack
run: |
sudo ./installer
deploy_qa:
name: Deploy to v10-qa environment
needs: [build_agent, runner_release, setup_deployment]
if: ${{ needs.setup_deployment.outputs.tag == 'v10-qa' }}
runs-on: utmstack-v10-qa
steps:
- name: Check out code into the right branch
uses: actions/checkout@v4
- name: Set up Go 1.x
uses: actions/setup-go@v5
with:
go-version: ^1.20
id: go
- name: Build
working-directory: ./installer
env:
GOOS: linux
GOARCH: amd64
run: |
go build -o installer -v .
mv installer /home/utmstack/installer
chmod +x /home/utmstack/installer
- name: Run
working-directory: /home/utmstack
run: |
sudo ./installer
deploy_rc:
name: Deploy to v10-rc environment
needs: [build_agent, runner_release, setup_deployment]
if: ${{ needs.setup_deployment.outputs.tag == 'v10-rc' }}
runs-on: utmstack-v10-rc
steps:
- name: Check out code into the right branch
uses: actions/checkout@v4
- name: Set up Go 1.x
uses: actions/setup-go@v5
with:
go-version: ^1.20
id: go
- name: Build
working-directory: ./installer
env:
GOOS: linux
GOARCH: amd64
run: |
go build -o installer -v .
mv installer /home/utmstack/installer
chmod +x /home/utmstack/installer
- name: Run
working-directory: /home/utmstack
run: |
sudo ./installer