[Asset Inventory Poc] Fech IAM Users, Roles and Policies #7519
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Cloudbeat-CI | |
on: | |
pull_request: | |
branches: | |
- main | |
- "[0-9]+.[0-9]+" | |
types: [opened, synchronize, reopened] | |
env: | |
CONTAINER_SUFFIX: ${{ github.run_id }} | |
CI_ELASTIC_AGENT_DOCKER_TAG: "8.13.0-SNAPSHOT" | |
CI_ELASTIC_AGENT_DOCKER_IMAGE: "704479110758.dkr.ecr.eu-west-2.amazonaws.com/elastic-agent" | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} | |
cancel-in-progress: true | |
jobs: | |
Lint: | |
# for more information see .pre-commit-config.yaml | |
name: Pre-commit Hooks | |
runs-on: ubuntu-latest | |
timeout-minutes: 40 | |
steps: | |
# Disk cleanup | |
- name: Free Disk Space (Ubuntu) | |
uses: jlumbroso/free-disk-space@main | |
with: | |
tool-cache: false | |
android: true | |
dotnet: true | |
haskell: true | |
large-packages: false | |
docker-images: true | |
swap-storage: true | |
- name: Check out the repo | |
uses: actions/checkout@v4 | |
- name: Set up GO (with caching) | |
uses: magnetikonline/action-golang-cache@v5 | |
with: | |
go-version-file: .go-version | |
- name: Init Hermit | |
run: ./bin/hermit env -r >> $GITHUB_ENV | |
- name: Install poetry | |
run: | | |
pip3 install poetry | |
cd security-policies | |
poetry install | |
- name: Pre-commit Hooks | |
env: | |
# Skipping golangci-lint as it's tested by golangci/golangci-lint-action | |
SKIP: golangci-lint | |
run: | | |
pre-commit run --all-files | |
shell: bash | |
- name: Mage Check | |
run: mage check | |
- name: Mage checkLicenseHeaders | |
run: mage checkLicenseHeaders | |
- name: Validate mocks | |
run: just validate-mocks | |
Build: | |
name: Build | |
runs-on: ubuntu-20.04 | |
timeout-minutes: 20 | |
steps: | |
# Disk cleanup | |
- name: Free Disk Space (Ubuntu) | |
uses: jlumbroso/free-disk-space@main | |
with: | |
tool-cache: false | |
android: true | |
dotnet: true | |
haskell: true | |
large-packages: false | |
docker-images: true | |
swap-storage: true | |
- name: Check out the repo | |
uses: actions/checkout@v4 | |
- name: Setup GO (with caching) | |
uses: magnetikonline/action-golang-cache@v5 | |
with: | |
go-version-file: .go-version | |
- name: build cloudbeat binary | |
uses: magefile/mage-action@v3 | |
with: | |
version: latest | |
args: build | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Cache Build dependencies | |
uses: actions/cache@v4 | |
with: | |
path: /tmp/.buildx-cache | |
key: ${{ runner.os }}-buildx-${{ github.workflow }} | |
restore-keys: | | |
${{ runner.os }}-buildx- | |
- name: Build cloudbeat-docker | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
file: ./deploy/Dockerfile | |
push: false | |
tags: cloudbeat:latest | |
cache-from: type=local,src=/tmp/.buildx-cache | |
cache-to: type=local,dest=/tmp/.buildx-cache-new | |
outputs: type=docker,dest=/tmp/cloudbeat-${{ env.CONTAINER_SUFFIX }}.tar | |
- name: Build elastic-agent | |
env: | |
BASE_IMAGE: docker.elastic.co/beats/elastic-agent:${{ env.CI_ELASTIC_AGENT_DOCKER_TAG }} | |
GOOS: linux | |
GOARCH: amd64 | |
run: ./scripts/packaging/docker/elastic-agent/build.sh -t ${{ env.CI_ELASTIC_AGENT_DOCKER_IMAGE }}:${{ env.CI_ELASTIC_AGENT_DOCKER_TAG }} | |
shell: bash | |
- name: Build pytest-docker | |
uses: docker/build-push-action@v5 | |
with: | |
context: ./tests/. | |
push: false | |
tags: cloudbeat-test:latest | |
cache-from: type=local,mode=max,src=/tmp/.buildx-cache | |
cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-new | |
outputs: type=docker,dest=/tmp/pytest-${{ env.CONTAINER_SUFFIX }}.tar | |
- name: Cache docker images | |
uses: actions/cache@v4 | |
with: | |
path: /tmp/*.tar | |
key: ${{ runner.os }}-dockers-cache-${{ env.CONTAINER_SUFFIX }} | |
- name: Move cache | |
run: | | |
./.ci/scripts/gh-cache.sh | |
shell: bash |