-
Notifications
You must be signed in to change notification settings - Fork 42
62 lines (53 loc) · 2.03 KB
/
bump-version.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
name: Bump Cloudbeat version
on:
workflow_dispatch:
inputs:
bump_cloudbeat:
description: "Bump cloudbeat version"
type: boolean
required: true
default: true
bump_integration:
description: "Bump cloud security posture integration version"
type: boolean
required: true
default: false
env:
GITHUB_TOKEN: ${{ secrets.CLOUDSEC_MACHINE_TOKEN }}
AWS_ACCESS_KEY_ID: ${{ secrets.CSPM_CFT_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.CSPM_CFT_SECRET_ACCESS_KEY }}
SNYK_ORG_ID: ${{ secrets.SNYK_ORG_ID }}
SNYK_API_KEY: ${{ secrets.SNYK_API_KEY }}
SNYK_INTEGRATION_ID: ${{ secrets.SNYK_INTEGRATION_ID }}
jobs:
bump_version:
runs-on: ubuntu-latest
steps:
- name: Checkout Cloudbeat Repo
uses: actions/checkout@v4
with:
ref: ${{ github.ref_name }}
token: ${{ secrets.CLOUDSEC_MACHINE_TOKEN }}
- name: Setup Cloudbeat Versions
run: |
current=$(grep defaultBeatVersion version/version.go | cut -f2 -d "\"")
IFS='.' read -r major minor patch <<< "$current"
next="$major.$((minor+1)).$patch"
echo "current: $current"
echo "next: $next"
echo "CURRENT_CLOUDBEAT_VERSION=$current" >> $GITHUB_ENV
echo "NEXT_CLOUDBEAT_VERSION=$next" >> $GITHUB_ENV
- name: Setup Git User
run: |
git config --global user.email "[email protected]"
git config --global user.name "Cloud Security Machine"
- name: Bump Cloudbeat
if: ${{ github.event.inputs.bump_cloudbeat }}
# bump_cloudbeat.sh will create multiple PRs with different HEAD branches
env:
GIT_BASE_BRANCH: ${{ github.ref_name }}
run: scripts/bump_cloudbeat.sh
- name: Bump Cloud Security Posture Integration
if: ${{ github.event.inputs.bump_integration }}
# we need to run bump_integration.sh from the main branch
run: git checkout origin/main && scripts/bump_integration.sh