diff --git a/.github/workflows/build-plus.yml b/.github/workflows/build-plus.yml index a7bb599c92..b87d73b74a 100644 --- a/.github/workflows/build-plus.yml +++ b/.github/workflows/build-plus.yml @@ -15,6 +15,9 @@ on: nap_modules: required: false type: string + release-url: + required: false + type: string defaults: run: @@ -106,12 +109,7 @@ jobs: - name: NAP modules id: nap_modules run: | - modules="" - if [[ "${{ inputs.nap_modules }}" == "waf,dos" ]]; then - modules="both" - else - modules="${{ inputs.nap_modules }}" - fi + [[ "${{ inputs.nap_modules }}" == "waf,dos" ]] && modules="both" || modules="${{ inputs.nap_modules }}" echo "modules=${modules}" >> $GITHUB_OUTPUT if: ${{ inputs.nap_modules != '' }} @@ -142,6 +140,41 @@ jobs: "nginx-repo.key=${{ inputs.nap_modules != '' && secrets.NGINX_AP_KEY || secrets.NGINX_KEY }}" ${{ inputs.nap_modules != '' && contains(inputs.image, 'ubi') && format('"rhel_license={0}"', secrets.RHEL_LICENSE) || '' }} + - name: AWS variables + id: aws + run: | + aws_registry=$(echo "${{ steps.meta.outputs.tags }}" | grep -oP "709825985650.dkr.ecr.us-east-1.amazonaws.com/[^[:space:]]+") + version=$(echo ${{ steps.meta.outputs.version }} | sed 's/-mktpl//') + declare -A nap_mapping=( + ["waf"]=_NAP_WAF + ["dos"]=_NAP_DOS + ["waf,dos"]=_NAP_WAF_DOS + ) + modules=${{ inputs.nap_modules }} + [[ -n $modules && ${nap_mapping[$modules]+_} ]] && nap=${nap_mapping[$modules]} + + echo "version=$version" >> $GITHUB_OUTPUT + echo "product_code=AWS${nap}_PRODUCT_CODE" >> $GITHUB_OUTPUT + echo "registry=${aws_registry}" >> $GITHUB_OUTPUT + if: startsWith(github.ref, 'refs/tags/') && contains(inputs.target, 'aws') + + - name: Publish to AWS Marketplace + uses: nginxinc/aws-marketplace-publish@9e9f4ae1c545da9fa6adc24b0b10ce50e0d4969c # v0.1.0 + continue-on-error: true + with: + version: ${{ steps.aws.outputs.version }} + product-id: ${{ secrets[steps.aws.outputs.product_code] }} + registry: ${{ steps.aws.outputs.registry }} + release-notes: ${{ inputs.release-url }} + description: | + Best-in-class traffic management solution for services in Amazon EKS. + This is the official implementation of NGINX Ingress Controller (based on NGINX Plus) from NGINX. + usage-instructions: | + This container requires Kubernetes and can be deployed to EKS. + Review the installation instructions https://docs.nginx.com/nginx-ingress-controller/installation/ and utilize the deployment resources available https://github.com/nginxinc/kubernetes-ingress/tree/master/deployments + Use this image instead of building your own. + if: ${{ startsWith(github.ref, 'refs/tags/') && contains(inputs.target, 'aws') }} + - name: Load image for Trivy uses: docker/build-push-action@2eb1c1961a95fc15694676618e422e8ba1d63825 # v4.1.1 with: diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index aa83a66328..75c59877d4 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -80,16 +80,30 @@ jobs: with: files: ./coverage.txt - release: + binaries: + name: Build Binaries runs-on: ubuntu-22.04 needs: [checks, unit-tests] - if: ${{ github.event_name == 'push' && github.ref != 'refs/heads/main' }} + outputs: + release-url: ${{ steps.release-notes.outputs.release-url }} steps: - name: Checkout Repository uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + with: + fetch-depth: 0 + + - name: Setup Golang Environment + uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 + with: + go-version-file: go.mod + + - name: Download Syft + uses: anchore/sbom-action/download-syft@78fc58e266e87a38d4194b2137a3d4e9bcaf7ca1 # v0.14.3 + if: startsWith(github.ref, 'refs/tags/') - name: Create/Update Draft uses: lucacome/draft-release@b79be3ff634f771230b2b6ee9f47308c5793671a # v0.2.0 + id: release-notes with: minor-label: "enhancement" major-label: "change" @@ -108,25 +122,7 @@ jobs: - Configuration examples -- https://github.com/nginxinc/kubernetes-ingress/tree/{{version}}/examples - Helm Chart -- https://github.com/nginxinc/kubernetes-ingress/tree/{{version}}/deployments/helm-chart - Operator -- https://github.com/nginxinc/nginx-ingress-operator/ - - binaries: - name: Build Binaries - runs-on: ubuntu-22.04 - needs: [checks, unit-tests] - steps: - - name: Checkout Repository - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - with: - fetch-depth: 0 - - - name: Setup Golang Environment - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 - with: - go-version-file: go.mod - - - name: Download Syft - uses: anchore/sbom-action/download-syft@78fc58e266e87a38d4194b2137a3d4e9bcaf7ca1 # v0.14.3 - if: startsWith(github.ref, 'refs/tags/') + if: ${{ github.event_name == 'push' && github.ref != 'refs/heads/main' }} - name: Build binaries uses: goreleaser/goreleaser-action@336e29918d653399e599bfca99fadc1d7ffbc9f7 # v4.3.0 @@ -323,7 +319,7 @@ jobs: build-docker-plus: name: Build Docker Plus - needs: build-docker + needs: [binaries, build-docker] strategy: fail-fast: false matrix: @@ -339,6 +335,7 @@ jobs: platforms: ${{ matrix.platforms }} image: ${{ matrix.image }} target: ${{ matrix.target }} + release-url: ${{ needs.binaries.outputs.release-url }} secrets: inherit build-docker-nap: