Skip to content

Merge branch 'ar_improvements' of github.com:splunk/attack_range into… #489

Merge branch 'ar_improvements' of github.com:splunk/attack_range into…

Merge branch 'ar_improvements' of github.com:splunk/attack_range into… #489

Workflow file for this run

name: release
on:
push:
env:
IMAGE_NAME: "splunk/attack_range"
jobs:
#This will prevent anything below from running if we're not
#on a tag, but for good measure and verbosity we will
#still check that each of these steps only runs against
#a tag.
validate-tag-if-present:
runs-on: ubuntu-latest
steps:
- name: TAGGED, Validate that the tag is in the correct format
run: |
echo "The GITHUB_REF: $GITHUB_REF"
#First check to see if the release is a tag
if [[ $GITHUB_REF =~ refs/tags/* ]]; then
#Yes, this is a tag, so we need to test to make sure that the tag
#is in the correct format (like v1.10.20)
if [[ $GITHUB_REF =~ refs/tags/v[0-9]+.[0-9]+.[0-9]+ ]]; then
echo "PASS: Tagged release with good format"
exit 0
else
echo "FAIL: Tagged release with bad format"
exit 1
fi
else
echo "PASS: Not a tagged release"
exit 0
fi
publish-github-release:
runs-on: ubuntu-latest
needs: [validate-tag-if-present]
if: startsWith(github.ref, 'refs/tags/v')
steps:
- name: Checkout repo
uses: actions/checkout@v4
with:
ref: 'develop'
#Rename the build artifacts artifacts appropriately
- name: Set tag
id: vars
run: echo ::set-output name=tag::${GITHUB_REF#refs/*/}
- name: Prepare Release for Publishing on github
run: |
cd ..
tar -zcvf attack-range-${{ steps.vars.outputs.tag }}.tar.gz attack_range
sha256sum attack-range-${{ steps.vars.outputs.tag }}.tar.gz > checksum-${{ steps.vars.outputs.tag }}.txt
#Upload all of the release artifacts that we have created using the third party
#action recommended bu Github
- name: Upload Release Artifacts
uses: softprops/action-gh-release@v2
with:
files: |
../attack-range-${{ steps.vars.outputs.tag }}.tar.gz
../checksum-%{{ steps.vars.outputs.tag }}.txt
#We can trivially combine these next two steps. In the original
#test, these were two different steps -
#build-docker-image and publish-docker-image
build-and-publish-docker-image:
runs-on: ubuntu-latest
needs: [validate-tag-if-present, publish-github-release]
if: startsWith(github.ref, 'refs/tags/v')
steps:
- name: Checkout repo
uses: actions/checkout@v4
with:
ref: 'develop'
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
- name: Setup Docker Build and Push
uses: docker/build-push-action@v6
with:
push: true
context: docker/ #do the build in the docker directory, not current working directory
tags: ${{ env.IMAGE_NAME }}:latest