name: Fetch, validate and report SNP report data. on: workflow_dispatch: schedule: - cron: "0 14 * * 0" jobs: build-snp-reporter: name: "Build SNP-reporter container" runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3.1.0 - name: Set up Go uses: actions/setup-go@c4a742cab115ed795e34d4513e2cf7d472deb55f # tag=v3.3.1 with: go-version: 1.19.2 - name: Build and upload azure SNP reporter container image id: build-and-upload uses: ./.github/actions/build_micro_service with: name: azure-snp-reporter dockerfile: ./hack/azure-snp-report-verify/Dockerfile githubToken: ${{ secrets.GITHUB_TOKEN }} fetch-snp-report: needs: build-snp-reporter name: "Fetch SNP report" runs-on: [self-hosted, azure-cvm] env: SHELL: /bin/bash steps: - name: Checkout uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3.1.0 - name: Fetch SNP report uses: ./.github/actions/azure_snp_reporter with: outputPath: ${{ github.workspace }}/maa-report.jwt - name: Upload report JWT uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # tag=v3.1.0 with: name: maa-report.jwt path: "${{ github.workspace }}/maa-report.jwt" validate-snp-report: needs: fetch-snp-report name: "Validate SNP report" runs-on: ubuntu-latest env: SHELL: /bin/bash steps: - name: Checkout uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3.1.0 with: submodules: recursive token: ${{ secrets.CI_GITHUB_REPOSITORY }} - name: Set up Go uses: actions/setup-go@c4a742cab115ed795e34d4513e2cf7d472deb55f # tag=v3.3.1 with: go-version: 1.19.2 - name: Download report JWT uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741 # tag=v3.0.0 with: name: "maa-report.jwt" path: "." - name: Verify report shell: bash run: go run ./hack/azure-snp-report-verify/verify.go $(cat ./maa-report.jwt)