Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2024-10-01 01:36:09 -04:00
Code Issues Packages Projects Releases Wiki Activity

ci: update hardcoded measurements during release pipeline

Browse Source
This commit is contained in:
Malte Poll 2023-01-05 14:36:30 +01:00 committed by Malte Poll
parent 75fb61e001
commit 16d27b5157
1 changed files with 40 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
.github/workflows/release.yml vendored
View File

@ -73,6 +73,7 @@ jobs:
git push origin "${BRANCH}" git push origin "${BRANCH}"
micro-services: micro-services:
name: Build micro services
needs: [verify-inputs, prepare-release-branch] needs: [verify-inputs, prepare-release-branch]
uses: ./.github/workflows/build-micro-service-manual.yml uses: ./.github/workflows/build-micro-service-manual.yml
secrets: inherit secrets: inherit
@ -88,6 +89,7 @@ jobs:
release: true release: true
constellation-node-operator: constellation-node-operator:
name: Build Constellation node-operator
needs: [verify-inputs, prepare-release-branch] needs: [verify-inputs, prepare-release-branch]
secrets: inherit secrets: inherit
uses: ./.github/workflows/build-operator-manual.yml uses: ./.github/workflows/build-operator-manual.yml
@ -97,6 +99,7 @@ jobs:
release: true release: true
update-versions: update-versions:
name: Update container image versions
needs: [verify-inputs, micro-services, constellation-node-operator] needs: [verify-inputs, micro-services, constellation-node-operator]
runs-on: ubuntu-22.04 runs-on: ubuntu-22.04
env: env:
@ -154,6 +157,7 @@ jobs:
git push git push
os-image: os-image:
name: Build OS image
needs: [verify-inputs, update-versions] needs: [verify-inputs, update-versions]
uses: ./.github/workflows/build-os-image.yml uses: ./.github/workflows/build-os-image.yml
secrets: inherit secrets: inherit
@ -164,6 +168,7 @@ jobs:
ref: ${{ needs.verify-inputs.outputs.RELEASE_BRANCH }} ref: ${{ needs.verify-inputs.outputs.RELEASE_BRANCH }}
generate-measurements: generate-measurements:
name: Generate OS image measurements
needs: [verify-inputs, os-image] needs: [verify-inputs, os-image]
uses: ./.github/workflows/generate-measurements.yml uses: ./.github/workflows/generate-measurements.yml
secrets: inherit secrets: inherit
@ -172,3 +177,38 @@ jobs:
isDebugImage: false isDebugImage: false
signMeasurements: true signMeasurements: true
ref: ${{ needs.verify-inputs.outputs.RELEASE_BRANCH }} ref: ${{ needs.verify-inputs.outputs.RELEASE_BRANCH }}
update-hardcoded-measurements:
name: Update hardcoded measurements (in the CLI)
needs: [verify-inputs, generate-measurements]
runs-on: ubuntu-22.04
env:
VERSION: ${{ inputs.version }}
WITHOUT_V: ${{ needs.verify-inputs.outputs.WITHOUT_V }}
steps:
- uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
with:
ref: ${{ needs.verify-inputs.outputs.RELEASE_BRANCH }}
- name: Setup Go environment
uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0
with:
go-version: "1.19.4"
cache: true
- name: Build generateMeasurements tool
working-directory: internal/attestation/measurements/measurement-generator
run: go build -o generate -tags=enterprise .
- name: Update hardcoded measurements
working-directory: internal/attestation/measurements
run: |
./measurement-generator/generate
git add measurements_enterprise.go
- name: Commit
run: |
git config --global user.name "release[bot]"
git config --global user.email "release[bot]@users.noreply.github.com"
git commit -m "attestation: hardcode measurements for ${VERSION}"
git push