Introduction
I'm currently working on a project that automatically containerizes a java project with JIB.
GitHub project link.
Problem
The LIB library is implicitly used inside the YAML file, like this :
- name: Build JIB container and publish to GitHub Packages
run: |
if [ ! -z "${{ inputs.module }}" ]; then
MULTI_MODULE_ARGS="-am -pl ${{ inputs.module }}"
fi
if [ ! -z "${{ inputs.main-class }}" ]; then
MAIN_CLASS_ARGS="-Djib.container.mainClass=${{ inputs.main-class }}"
fi
mvn package com.google.cloud.tools:jib-maven-plugin:3.2.1:build \
-Djib.to.image=${{ inputs.REGISTRY }}/${{ steps.downcase.outputs.lowercase }}:${{ inputs.tag-name }} \
-Djib.to.auth.username=${{ inputs.USERNAME }} \
-Djib.to.auth.password=${{ inputs.PASSWORD }} $MULTI_MODULE_ARGS $MAIN_CLASS_ARGS
shell: bash
When the new version of JIB is released my dependabot configuration doesn't update the YAML file.
Configuration of the Dependabot :
version: 2
updates:
- package-ecosystem: github-actions
directory: '/'
schedule:
interval: weekly
Question
Does someone know how to configure dependabot.yml for an implicitly declared library?
Or how to configure Dependabot.yml to automatically create an issue when a new JIB version is released?
You can do it with hiden-dependency-updater
Example of GitHub Workflow you can use:
name: Update hidden dependencies
on:
schedule:
- cron: '0 0 * * *'
jobs:
update:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v2
- uses: MathieuSoysal/hiden-dependency-updater#v1.1.1
with:
files: action.yml # List of files to update
prefix: "com.google.cloud.tools:jib-maven-plugin:" # Prefix before the version, default is: ""
suffix: ":build ."
regex: "[0-9.]*"
selector: "maven"
github_repository: "GoogleContainerTools/jib"
- name: Create Pull Request
uses: peter-evans/create-pull-request#v4
with:
token: ${{ secrets.GITHUB_TOKEN }} # You need to create your own token with pull request rights
commit-message: update jib
title: Update jib
body: Update jib to reflect release changes
branch: update-jib
base: main
From the doc:
The directory must be set to "/" to check for workflow files in
.github/workflows.
- package-ecosystem: "github-actions"
# Workflow files stored in the
# default location of `.github/workflows`
directory: "/"
schedule:
interval: "daily"
So: try specifying a different directory, as example:
- package-ecosystem: "github-actions"
# Workflow files stored in the
directory: "."
schedule:
interval: "daily"
Related
I'm trying to inject backend URLs into an Angular front-end app.
I have a backend that I already deployed and have the URLs stored inside the env
env:
URL1: google.com
URL2: stackoverflow.com
Then I ran this matrix workflow to build and replace the environment.prod.ts
run_and_build_webapp:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
strategy:
matrix:
services:
[
{
"appName": "app1-webapi",
"directory": "./src/app2/app1.WebSPA/app1-WebSPA",
"apiUrl": "${{ env.URL2 }}"
},
{
"appName": "app2-webapi",
"directory": "./src/app2/app2.WebSPA/app2-WebSPA",
"apiUrl": "${{ env.URL2 }}",
}
]
steps:
- name: Checkout repository
uses: actions/checkout#v3
- uses: actions/setup-node#v3
with:
node-version: 14
cache: "npm"
cache-dependency-path: ${{ matrix.services.directory }}/package-lock.json
- name: Modify the Environment File
run: |
cd ${{ matrix.services.directory }}/src/environments
echo "export const environment = { production: true, backEndUrl: '${{matrix.services.apiUrl}}'};" > enviroment.prod.ts
but when the workflow runs I get the following error:
Unrecognized named-value: 'env' # this line: "apiUrl": "${{ env.URL2 }}"
Is there a way to store environment variables in a configuration options GitHub workflow?
I'm trying to set up a hugo site and I've created a blog post with the following header
+++
title = "My First Post"
date = "2022-08-27T22:23:33-05:00"
author = ""
authorTwitter = "" #do not include #
tags = ["programming"]
keywords = ["twitter"]
description = ""
showFullContent = false
readingTime = true
hideComments = false
draft = false
+++
And here's my config.yaml
theme: terminal
languageCode: en-us
title: Hugo
baseURL: "https://thatnerduknow.github.io/"
params:
contentTypeName: "posts"
themeColor: "green"
showMenuItems: 2
centerTheme: true
fullWidthTHeme: false
autoCover: true
showLastUpdated: true
enableGitInfo: true
readingTime: true
Toc: true
TocTitle: "Table of Contents"
menu:
main:
- identifier: about
name: About
url: /about/
- identifier: tags
name: Tags
url: /tags/
When I run hugo on my machine, the site builds perfectly fine and all of my one posts show up. But when I deploy with github actions No pages show up.
Here's my hugo.yml github actions file
# Sample workflow for building and deploying a Hugo site to GitHub Pages
name: Deploy Hugo site to Pages
on:
# Runs on pushes targeting the default branch
push:
branches: ["main"]
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
permissions:
contents: read
pages: write
id-token: write
# Allow one concurrent deployment
concurrency:
group: "pages"
cancel-in-progress: true
# Default to bash
defaults:
run:
shell: bash
jobs:
# Build job
build:
runs-on: ubuntu-latest
env:
HUGO_VERSION: 0.99.0
steps:
- name: Install Hugo CLI
run: |
wget -O ${{ runner.temp }}/hugo.deb https://github.com/gohugoio/hugo/releases/download/v${HUGO_VERSION}/hugo_extended_${HUGO_VERSION}_Linux-64bit.deb \
&& sudo dpkg -i ${{ runner.temp }}/hugo.deb
- name: Checkout
uses: actions/checkout#v3
with:
submodules: recursive
- name: Setup Pages
id: pages
uses: actions/configure-pages#v2
- name: Build with Hugo
env:
# For maximum backward compatibility with Hugo modules
HUGO_ENVIRONMENT: production
HUGO_ENV: production
run: |
hugo \
--minify \
--baseURL "${{ steps.pages.outputs.base_url }}/"
- name: Upload artifact
uses: actions/upload-pages-artifact#v1
with:
path: ./public
# Deployment job
deploy:
environment:
name: github-pages
url: ${{ steps.deployment.outputs.page_url }}
runs-on: ubuntu-latest
needs: build
steps:
- name: Deploy to GitHub Pages
id: deployment
uses: actions/deploy-pages#v1
As far as I can tell, everything is as it should be so i'm at a loss as to why my pages aren't being built in github actions
I created secrets in github actions and trying to use them in reusable workflow, but I am unable to make it work, However, If I pass secrets hardcoded from caller file, it works just fine
## set_env.yml
name: Sent Env Creds and Vars
on:
push:
branches:
- main
- dev
pull_request:
branches: [ main ]
jobs:
deploy-dev:
uses: ./.github/workflows/main.yml
with:
AWS_REGION: "us-east-2"
PREFIX: "dev"
secrets:
AWS_ACCESS_KEY_ID: ${{ secrets.DEV_AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.DEV_AWS_ACCESS_KEY_ID }}
reusable workflow = main.yml
## main.yml
name: Deploy to AWS
# Controls when the workflow will run
on:
workflow_call:
inputs:
AWS_REGION:
required: true
type: string
PREFIX:
required: true
type: string
secrets:
AWS_ACCESS_KEY_ID:
required: true
AWS_SECRET_ACCESS_KEY:
required: true
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
terraform-deploy:
runs-on: ubuntu-latest
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout#v2
# Runs a set of commands using the runners shell
- name: Run a multi-line script
run: |
echo Hello, Epsilon! You are in ${{ inputs.AWS_REGION }} region ${{ inputs.PREFIX }} region
for dir in $(ls -l | grep '^d' | awk '{print $9}'); do
PARENT_DIR=`pwd`
echo $dir
cd $dir
terraform init -backend-config=${PARENT_DIR}/${{ inputs.PREFIX }}-backend.tfvars
terraform validate
terraform plan -var-file=${{ inputs.PREFIX }}_vars.tfvars
## terraform apply -input=false -auto-approve -var-file=${{ inputs.PREFIX }}_vars.tfvars
cd ..
done
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
If I hardcode secrets in set_env.yml while calling main.yml like below, it just works
jobs:
deploy-dev:
uses: ./.github/workflows/main.yml
with:
AWS_REGION: "us-east-2"
PREFIX: "dev"
secrets:
AWS_ACCESS_KEY_ID: <harcoded value>
AWS_SECRET_ACCESS_KEY: <hardcoded value>
I have been trying to make it work in many ways but doesnt work. Please help
As of May 3rd 2022, this is now possible with the new keyword inherit: https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#onworkflow_callsecretsinherit
In the calling workflow, you tell it to inherit the secrets in the reusable workflow:
jobs:
deploy-dev:
uses: ./.github/workflows/main.yml
with:
AWS_REGION: "us-east-2"
PREFIX: "dev"
secrets: inherit
This makes the secrets available in the reusable workflow like normal:
with:
myInput: ${{ secrets.MY_SECRET }}
Note that there's no need to declare the secrets on the workflow_call trigger.
I was running into this issue. For me the culprit was the secret value in Github secrets. The secret had been created correctly, it had the correct value and name however Github actions could not find it for some reason. Deleting the secret and recreating it seems to have solved the issue though i cannot determine why
I'm running my workflows using GitHub Actions. When I create a pull_request that will trigger my workflow, I am getting the error message at the bottom of my question. What I am trying to do is to call my infrastructure/test/main.tf from my audit-account/prod-env directory. What do i need to change in the Env section for directory
# deploy.yml
name: 'GitHub OIDC workflow'
on:
pull_request:
branches:
- prod
env:
tf_version: 'latest'
tg_version: 'latest'
tf_working_dir: './audit-account/prod-env'
permissions:
id-token: write
contents: read
jobs:
deploy:
name: 'Build and Deploy'
runs-on: ubuntu-latest
steps:
- name: 'checkout'
uses: actions/checkout#v2
- name: configure AWS credentials
uses: aws-actions/configure-aws-credentials#master
with:
aws-region: us-east-1
role-to-assume: arn:aws:iam::123456789012:role/GitHubActions_Workflow_role
role-duration-seconds: 3600
- name: 'Terragrunt Init'
uses: the-commons-project/terragrunt-github-actions#master
with:
tf_actions_version: ${{ env.tf_version }}
tg_actions_version: ${{ env.tg_version }}
tf_actions_subcommand: 'init'
tf_actions_working_dir: ${{ env.tf_working_dir }}
tf_actions_comment: true
env:
TF_INPUT: false
# audit-account/prod-env/terragrunt.hcl
terraform {
source = "../../../../..//infrastructure/test"
}
include {
path = find_in_parent_folders()
}
infrastructure/test
main.tf
resource "aws_vpc" "test-vpc" {
cidr_block = "10.0.0.0/16"
instance_tenancy = "default"
tags = {
Name = "OIDC"
}
}
error message:
init: info: initializing Terragrunt configuration in /audit-account/prod-env
init: error: failed to initialize Terragrunt configuration in /audit-account/prod-env
time=2021-11-17T23:55:54Z level=error msg=Working dir infrastructure/test from source file:///github/workspace/audit-account/prod-env does not exist
Your source path for the infrastructure module goes way too far up in the folder structure.
Assuming you have the infrastructure and audit-account directories at the root of the repository, your source would be ../../infrastructure/test. You have it looking 5 folders up from audit-account/prod-env, which puts you 3 folders above the workspace in a folder somewhere on the runner's filesystem.
I am trying to figure out how to reference a global scoped environmental variable for input in to an action like so:
name: validate
on: pull_request
env:
CONFIG_PATH: configuration/conf.json
jobs:
upload_config:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v1
- name: create config
shell: bash -l {0}
run: |
mkdir `dirname ${CONFIG_PATH}`
echo "some config" > ${CONFIG_PATH}
- name: upload config
uses: actions/upload-artifact#v1
with:
name: config
path: ${{ CONFIG_PATH }}
However I am getting an invalid yaml error stating there is an "Unrecognized named-value: 'CONFIG_PATH'". If I try referencing the environmental variable like so:
path: ${CONFIG_PATH}
I get a "Path does not exist ${CONFIG_PATH}" error.
Any ideas?
I couldn't find a clear example of it in the docs but you need to use the env context for this like so:
path: ${{ env.CONFIG_PATH }}