Skip to content

nightly

nightly #1513

Workflow file for this run

name: nightly
on:
schedule:
- cron: '0 6 * * *'
workflow_dispatch:
inputs:
version:
type: string
default: now
use_kms:
type: boolean
required: false
default: true
jobs:
build:
uses: ./.github/workflows/build.yml
permissions:
id-token: write
packages: write
with:
version: ${{ inputs.version || 'now' }}
default_modifier: "-gardener_prod"
use_kms: ${{ inputs.use_kms || true }}
secrets:
secureboot_db_kms_arn: ${{ secrets.SECUREBOOT_DB_KMS_ARN }}
aws_region: ${{ secrets.AWS_REGION }}
aws_kms_role: ${{ secrets.SECUREBOOT_DB_IAM_ROLE }}
aws_oidc_session: ${{ secrets.AWS_OIDC_SESSION }}
build_container:
name: build container
uses: ./.github/workflows/build_container.yml
tests:
needs: [ build, build_container ]
permissions:
id-token: write
packages: write
uses: ./.github/workflows/tests.yml
with:
version: ${{ needs.build.outputs.version }}
default_modifier: "-gardener_prod"
secrets:
gcp_identity_provider: ${{ secrets.GCP_WORKLOAD_IDENTITY_PROVIDER }}
gcp_service_account: ${{ secrets.GCP_SERVICE_ACCOUNT }}
gcp_project: ${{ secrets.GCP_PROJECT }}
gcp_region: ${{ secrets.GCP_REGION }}
gcp_zone: ${{ secrets.GCP_ZONE }}
aws_role: ${{ secrets.AWS_TESTS_IAM_ROLE }}
aws_session: ${{ secrets.AWS_TESTS_OIDC_SESSION }}
aws_region: ${{ secrets.AWS_TESTS_REGION }}
az_client_id: ${{ secrets.AZURE_CLIENT_ID }}
az_tenant_id: ${{ secrets.AZURE_TENANT_ID }}
az_subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
ccc_credentials: ${{ secrets.CCC_CREDENTIALS }}
upload_to_s3:
name: upload to S3
needs: [ build, tests ]
permissions:
id-token: write
uses: ./.github/workflows/upload_to_s3.yml
with:
version: ${{ needs.build.outputs.version }}
default_modifier: "-gardener_prod"
secrets:
bucket: ${{ secrets.AWS_S3_BUCKET }}
region: ${{ secrets.AWS_REGION }}
role: ${{ secrets.AWS_IAM_ROLE }}
session: ${{ secrets.AWS_OIDC_SESSION }}
upload_to_s3_cn:
name: upload to S3 china
needs: [ build, tests ]
permissions:
id-token: write
uses: ./.github/workflows/upload_to_s3.yml
with:
version: ${{ needs.build.outputs.version }}
default_modifier: "-gardener_prod"
secrets:
bucket: ${{ secrets.AWS_CN_S3_BUCKET }}
region: ${{ secrets.AWS_CN_REGION }}
role: ${{ secrets.AWS_CN_IAM_ROLE }}
session: ${{ secrets.AWS_CN_OIDC_SESSION }}
publish_container:
name: publish gardenlinux container base image
needs: [ build, tests ]
uses: ./.github/workflows/publish_container.yml
with:
version: ${{ needs.build.outputs.version }}