Skip to content

Commit

Permalink
update(.github/workflows): upgrade to actions/download-artifact@v4
Browse files Browse the repository at this point in the history 
Signed-off-by: Leonardo Grasso <[email protected]>
  • Loading branch information
@leogr @poiana
leogr authored and poiana committed Nov 6, 2024
1 parent acb73c7 commit b095b5d
Show file tree
Hide file tree
Showing 4 changed files with 26 additions and 27 deletions.
8 changes: 4 additions & 4 deletions .github/workflows/reusable-publish-oci-artifacts.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,13 +23,13 @@ jobs:

steps:
- name: Download x86_64 plugins
uses: actions/download-artifact@v3
uses: actions/download-artifact@v4
with:
name: plugins-x86_64-${{ inputs.suffix }}.tar.gz
path: /tmp/plugins-x86_64

- name: Download aarch64 plugins
uses: actions/download-artifact@v3
uses: actions/download-artifact@v4
with:
name: plugins-aarch64-${{ inputs.suffix }}.tar.gz
path: /tmp/plugins-aarch64
Expand All @@ -42,7 +42,7 @@ jobs:
- name: Setup Golang
uses: actions/setup-go@v3
with:
go-version: '^1.21'
go-version: "^1.21"

- name: Build registry artifact tool
working-directory: build/registry
Expand All @@ -68,7 +68,7 @@ jobs:
# Create signatures of the plugin artifacts as OCI artifacts
sign-oci-artifacts:
needs: [ publish-oci-artifacts ]
needs: [publish-oci-artifacts]
runs-on: ubuntu-latest

if: ${{ needs.publish-oci-artifacts.outputs.matrix != '[]' }}
Expand Down
17 changes: 8 additions & 9 deletions .github/workflows/reusable_publish_packages.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,32 +6,32 @@ on:
description: Suffix for uploading packages (dev or stable)
required: true
type: string

permissions:
id-token: write
contents: read

env:
AWS_S3_BUCKET: falco-distribution
AWS_S3_PREFIX: plugins
AWS_S3_REGION: eu-west-1
AWS_S3_REGION: eu-west-1

jobs:
publish-packages:
runs-on: ubuntu-latest
steps:
- name: Download x86_64 plugins
uses: actions/download-artifact@v3
uses: actions/download-artifact@v4
with:
name: plugins-x86_64-${{ inputs.suffix }}.tar.gz
path: /tmp/plugins-x86_64

- name: Download aarch64 plugins
uses: actions/download-artifact@v3
uses: actions/download-artifact@v4
with:
name: plugins-aarch64-${{ inputs.suffix }}.tar.gz
path: /tmp/plugins-aarch64

- name: Configure AWS credentials 🔧⚙️
uses: aws-actions/configure-aws-credentials@v2
with:
Expand All @@ -42,5 +42,4 @@ jobs:
run: |
for package in /tmp/plugins-*/*.tar.gz; do
aws s3 cp --no-progress $package s3://${{ env.AWS_S3_BUCKET}}/${{ env.AWS_S3_PREFIX }}/${{ inputs.suffix }}/
done
done
6 changes: 3 additions & 3 deletions .github/workflows/reusable_suggest_rules_version.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ jobs:
run: ./.github/get-latest-plugin-version.sh ${{ inputs.plugin }}

- name: Download rules tool
uses: actions/download-artifact@v3
uses: actions/download-artifact@v4
with:
name: rules-tool.tar.gz

Expand All @@ -63,7 +63,7 @@ jobs:
# the two rulesets depend on plugins with different majors.
# todo(jasondellaluce): fix this corner case in the future
- name: Download plugins
uses: actions/download-artifact@v3
uses: actions/download-artifact@v4
with:
name: ${{ inputs.plugins-artifact }}
path: /tmp/plugins-${{ inputs.arch }}
Expand Down Expand Up @@ -127,7 +127,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Download PR infos
uses: actions/download-artifact@v3
uses: actions/download-artifact@v4
with:
path: tmp-artifacts

Expand Down
22 changes: 11 additions & 11 deletions .github/workflows/reusable_validate_plugins.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ jobs:
runs-on: ubuntu-latest
container: golang:1.18
env:
GOFLAGS: '-buildvcs=false'
GOFLAGS: "-buildvcs=false"
steps:
- name: Checkout code
uses: actions/checkout@v3
Expand All @@ -47,12 +47,12 @@ jobs:
run: ./.github/setup-plugin-config-rules.sh ${{ inputs.plugin }}

- name: Download rules tool
uses: actions/download-artifact@v3
uses: actions/download-artifact@v4
with:
name: rules-tool.tar.gz

- name: Download plugins
uses: actions/download-artifact@v3
uses: actions/download-artifact@v4
with:
name: ${{ inputs.plugins-artifact }}
path: /tmp/plugins-${{ inputs.arch }}
Expand All @@ -66,13 +66,13 @@ jobs:
mkdir -p /etc/falco/falco
mkdir -p /usr/share/falco/plugins
# avoids git exit status 128: detected dubious ownership in repository
git config --global --add safe.directory $(pwd)
for plugin_name in $loaded_plugins; do
echo Installing locally-built plugin "$plugin_name"...
# At release time we only build the released plugin, so it's possible
# that validation requires a plugin that we haven't built locally.
# in those cases, we build it on-the-fly perform validation with it.
Expand Down Expand Up @@ -122,28 +122,28 @@ jobs:
uses: actions/checkout@v3

- name: Install system dependencies
run: sudo wget https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 -O /usr/bin/yq && sudo chmod +x /usr/bin/yq
run: sudo wget https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 -O /usr/bin/yq && sudo chmod +x /usr/bin/yq

- name: Setup plugin config and rules
id: get-config
run: ./.github/setup-plugin-config-rules.sh ${{ inputs.plugin }}

- name: Download plugins
uses: actions/download-artifact@v3
uses: actions/download-artifact@v4
with:
name: ${{ inputs.plugins-artifact }}
path: /tmp/plugins-${{ inputs.arch }}

- name: Download rules tool
uses: actions/download-artifact@v3
uses: actions/download-artifact@v4
with:
name: rules-tool.tar.gz

- name: Download falcoctl
run: |
curl --fail -LS "https://github.com/falcosecurity/falcoctl/releases/download/v${{ inputs.falcoctl-version }}/falcoctl_${{ inputs.falcoctl-version }}_linux_${{ inputs.arch == 'x86_64' && 'amd64' || 'arm64' }}.tar.gz" | tar -xz
sudo install -o root -g root -m 0755 falcoctl /usr/local/bin/falcoctl
# note(jsondellaluce): exploring the set of all dependencies including their
# alternatives and all the possible combinations of different versions would
# result in a combinatorial explosion. As such, we take the simple route
Expand Down Expand Up @@ -223,4 +223,4 @@ jobs:
"${{ inputs.rules-checker }}" \
"${{ steps.get-config.outputs.config_file }}" \
"$rules_files"
done
done

0 comments on commit b095b5d

Please sign in to comment.