homelab/nuclei-operator
1
0
Fork 0
mirror of https://github.com/morten-olsen/homelab-nuclei-operator.git synced 2026-02-08 02:16:23 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
7c014b989817e8ccb675279bb83aba522d4bfef0
nuclei-operator/.github/workflows/release.yml
Morten Olsen 0340d01e20 ci: remove platform specific docker builds
2025-12-12 21:30:49 +01:00

286 lines
9.4 KiB
YAML
Raw Blame History

name: Release
on:
push:
branches:
- main
tags:
- "v*"
pull_request:
branches:
- main
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
jobs:
# Determine version and create tag on main branch pushes (not tag pushes)
version:
name: Determine Version
runs-on: ubuntu-latest
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
permissions:
contents: write
outputs:
new_tag: ${{ steps.tag_version.outputs.new_tag }}
new_version: ${{ steps.tag_version.outputs.new_version }}
changelog: ${{ steps.tag_version.outputs.changelog }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Bump version and push tag
id: tag_version
uses: mathieudutour/github-tag-action@v6.2
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
default_bump: patch
release_branches: main
tag_prefix: v
# Build and push container image
build-and-push:
name: Build and Push Container Image
runs-on: ubuntu-latest
needs: [version]
if: always() && (needs.version.result == 'success' || github.event_name == 'pull_request' || startsWith(github.ref, 'refs/tags/v'))
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to Container Registry
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha
type=raw,value=${{ needs.version.outputs.new_version }},enable=${{ needs.version.outputs.new_version != '' }}
- name: Build and push Docker image
uses: docker/build-push-action@v6
with:
context: .
# platforms: linux/amd64,linux/arm64
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
# Create GitHub Release
create-release:
name: Create GitHub Release
runs-on: ubuntu-latest
needs: [version, build-and-push]
if: needs.version.result == 'success' && needs.version.outputs.new_tag != ''
permissions:
contents: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Install Helm
uses: azure/setup-helm@v4
with:
version: v3.14.0
- name: Install kustomize
run: |
curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | bash
sudo mv kustomize /usr/local/bin/
- name: Generate install manifests
run: |
cd config/manager && kustomize edit set image controller=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.version.outputs.new_version }}
cd ../..
kustomize build config/default > install.yaml
- name: Package Helm chart
run: |
sed -i "s/^version:.*/version: ${{ needs.version.outputs.new_version }}/" charts/nuclei-operator/Chart.yaml
sed -i "s/^appVersion:.*/appVersion: \"${{ needs.version.outputs.new_version }}\"/" charts/nuclei-operator/Chart.yaml
helm package charts/nuclei-operator
- name: Create Release
uses: softprops/action-gh-release@v2
with:
tag_name: ${{ needs.version.outputs.new_tag }}
name: Release ${{ needs.version.outputs.new_tag }}
body: ${{ needs.version.outputs.changelog }}
generate_release_notes: true
files: |
install.yaml
nuclei-operator-*.tgz
# Update Helm repository on GitHub Pages
update-helm-repo:
name: Update Helm Repository
runs-on: ubuntu-latest
needs: [version, build-and-push]
if: needs.version.result == 'success' && needs.version.outputs.new_tag != ''
permissions:
contents: read
pages: write
id-token: write
environment:
name: github-pages
url: ${{ steps.deployment.outputs.page_url }}
concurrency:
group: "pages"
cancel-in-progress: false
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Install Helm
uses: azure/setup-helm@v4
with:
version: v3.14.0
- name: Setup Pages
uses: actions/configure-pages@v5
- name: Create Helm packages directory
run: mkdir -p _site
- name: Update Chart version
run: |
sed -i "s/^version:.*/version: ${{ needs.version.outputs.new_version }}/" charts/nuclei-operator/Chart.yaml
sed -i "s/^appVersion:.*/appVersion: \"${{ needs.version.outputs.new_version }}\"/" charts/nuclei-operator/Chart.yaml
- name: Download existing Helm packages and index
run: |
# Download existing index.yaml if it exists
curl -fsSL https://morten-olsen.github.io/homelab-nuclei-operator/index.yaml -o _site/index.yaml || echo "No existing index.yaml found, will create new one"
# Download all existing chart packages referenced in the index
if [ -f _site/index.yaml ]; then
# Extract all .tgz URLs from the index and download them
grep -oP 'https://[^"]+\.tgz' _site/index.yaml | sort -u | while read url; do
filename=$(basename "$url")
echo "Downloading existing package: $filename"
curl -fsSL "$url" -o "_site/$filename" || echo "Warning: Could not download $filename"
done
fi
- name: Package Helm chart
run: |
helm package charts/nuclei-operator -d _site
- name: Generate Helm repo index
run: |
# Merge new package into existing index, or create new index if none exists
if [ -f _site/index.yaml ]; then
helm repo index _site --url https://morten-olsen.github.io/homelab-nuclei-operator --merge _site/index.yaml
else
helm repo index _site --url https://morten-olsen.github.io/homelab-nuclei-operator
fi
- name: Create index.html
run: |
cat > _site/index.html << 'EOF'
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Nuclei Operator Helm Repository</title>
<style>
body {
font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen, Ubuntu, sans-serif;
max-width: 800px;
margin: 0 auto;
padding: 2rem;
line-height: 1.6;
}
h1 { color: #333; }
code {
background: #f4f4f4;
padding: 0.2rem 0.4rem;
border-radius: 4px;
font-size: 0.9em;
}
pre {
background: #f4f4f4;
padding: 1rem;
border-radius: 8px;
overflow-x: auto;
}
pre code {
background: none;
padding: 0;
}
a { color: #0066cc; }
</style>
</head>
<body>
<h1>🔬 Nuclei Operator Helm Repository</h1>
<p>
This is the Helm chart repository for the
<a href="https://github.com/morten-olsen/homelab-nuclei-operator">Nuclei Operator</a>.
</p>
<h2>Usage</h2>
<p>Add this repository to Helm:</p>
<pre><code>helm repo add nuclei-operator https://morten-olsen.github.io/homelab-nuclei-operator
helm repo update</code></pre>
<p>Install the chart:</p>
<pre><code>helm install nuclei-operator nuclei-operator/nuclei-operator \
--namespace nuclei-operator-system \
--create-namespace</code></pre>
<h2>Available Charts</h2>
<ul>
<li><strong>nuclei-operator</strong> - A Kubernetes operator that automatically scans Ingress and VirtualService resources using Nuclei security scanner</li>
</ul>
<h2>Links</h2>
<ul>
<li><a href="https://github.com/morten-olsen/homelab-nuclei-operator">GitHub Repository</a></li>
<li><a href="./index.yaml">Helm Repository Index</a></li>
</ul>
</body>
</html>
EOF
- name: Upload artifact
uses: actions/upload-pages-artifact@v3
with:
path: _site
- name: Deploy to GitHub Pages
id: deployment
uses: actions/deploy-pages@v4
Reference in New Issue View Git Blame Copy Permalink