name: Red Hat Catalog Description on: push: branches: - '[0-9]+.[0-9]+' paths: - 'Dockerfiles/*/*/README.html' - 'Dockerfiles/*/*/README.md' - '.github/workflows/rhel_registry_description.yml' workflow_dispatch: env: DOCKERFILES_DIRECTORY: "./Dockerfiles" API_URL: "https://catalog.redhat.com/api/containers/v1/projects/certification/id/" MATRIX_FILE: "build.json" defaults: run: shell: bash permissions: contents: read jobs: init: name: Initialize build runs-on: ubuntu-latest permissions: contents: read strategy: fail-fast: false matrix: component: - agent - agent2 - java-gateway - proxy-mysql - proxy-sqlite3 - server-mysql - snmptraps - web-nginx-mysql - web-service steps: - name: Block egress traffic uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: disable-sudo: true egress-policy: audit allowed-endpoints: > github.com:443 hub.docker.com:443 - name: Checkout repository uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: fetch-depth: 1 - name: Get branch info id: branch_info shell: bash env: github_ref: ${{ github.ref }} run: | result=false sha_short=$(git rev-parse --short HEAD) github_ref=${github_ref##*/} echo "::group::Branch metadata" echo "secret_prefix=RHEL_${github_ref//.}" echo "::endgroup::" echo "zabbix_release=${github_ref//.}" >> $GITHUB_OUTPUT echo "secret_prefix=RHEL_${github_ref//.}" >> $GITHUB_OUTPUT - name: Check ${{ env.MATRIX_FILE }} file id: build_exists env: MATRIX_FILE: ${{ env.MATRIX_FILE }} run: | if [[ ! -f "$MATRIX_FILE" ]]; then echo "::error::File $MATRIX_FILE is missing" exit 1 fi - name: Prepare Zabbix component list id: components env: MATRIX_FILE: ${{ env.MATRIX_FILE }} run: | component_list=$(jq -r '.components | map_values(select(.rhel == true)) | keys | @json' "$MATRIX_FILE") echo "::group::Zabbix Component List" echo "$component_list" echo "::endgroup::" echo "list=$component_list" >> $GITHUB_OUTPUT - name: Variables formating id: var_format env: MATRIX_BUILD: ${{ matrix.component }} run: | MATRIX_BUILD=${MATRIX_BUILD^^} MATRIX_BUILD=${MATRIX_BUILD//-/_} echo "::group::Result" echo "matrix_build=${MATRIX_BUILD}" echo "::endgroup::" echo "matrix_build=${MATRIX_BUILD}" >> $GITHUB_OUTPUT - uses: actions/setup-python@v4 with: python-version: '3.x' - name: install python packages run: | python -m pip install --upgrade pip pip install markdown requests - name: Update Red Hat project description (${{ matrix.component }}-${{ steps.branch_info.outputs.zabbix_release }}) env: DESCRIPTION_FILE: ${{ format('{0}/{1}/rhel/README', env.DOCKERFILES_DIRECTORY, matrix.component) }} PROJECT_ID: ${{ secrets[format('{0}_{1}_PROJECT', steps.branch_info.outputs.secret_prefix, steps.var_format.outputs.matrix_build)] }} PYXIS_API_TOKEN: ${{ secrets.REDHAT_API_TOKEN }} API_URL: ${{ env.API_URL }} run: python ./.github/scripts/rhel_description.py