constellation/.github/workflows/azure-snp-reporter.yml
Malte Poll 0f57f03846
Allow concurrent actions on the same branch. (#281)
Actions are free for public repos and we want to see every CI failure
2022-10-14 17:47:46 +02:00

76 lines
2.2 KiB
YAML

name: Fetch, validate and report SNP report data.
on:
workflow_dispatch:
schedule:
- cron: "0 14 * * 0"
jobs:
build-snp-reporter:
name: "Build SNP-reporter container"
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3.1.0
- name: Set up Go
uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f # tag=v3.3.0
with:
go-version: 1.19.2
- name: Build and upload azure SNP reporter container image
id: build-and-upload
uses: ./.github/actions/build_micro_service
with:
name: azure-snp-reporter
dockerfile: ./hack/azure-snp-report-verify/Dockerfile
githubToken: ${{ secrets.GITHUB_TOKEN }}
fetch-snp-report:
needs: build-snp-reporter
name: "Fetch SNP report"
runs-on: [self-hosted, azure-cvm]
env:
SHELL: /bin/bash
steps:
- name: Checkout
uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3.1.0
- name: Fetch SNP report
uses: ./.github/actions/azure_snp_reporter
with:
outputPath: ${{ github.workspace }}/maa-report.jwt
- name: Upload report JWT
uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # tag=v3.1.0
with:
name: maa-report.jwt
path: "${{ github.workspace }}/maa-report.jwt"
validate-snp-report:
needs: fetch-snp-report
name: "Validate SNP report"
runs-on: ubuntu-latest
env:
SHELL: /bin/bash
steps:
- name: Checkout
uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3.1.0
with:
submodules: recursive
token: ${{ secrets.CI_GITHUB_REPOSITORY }}
- name: Set up Go
uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f # tag=v3.3.0
with:
go-version: 1.19.2
- name: Download report JWT
uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741 # tag=v3.0.0
with:
name: "maa-report.jwt"
path: "."
- name: Verify report
shell: bash
run: go run ./hack/azure-snp-report-verify/verify.go $(cat ./maa-report.jwt)