ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 14:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(actions): Include AWS region (#1141)

Browse Source 
* fix(actions): Include AWS regions

* fix(zip): Quiet output
This commit is contained in:
Pepe Fagoaga
2022-05-13 10:13:03 +02:00
committed by GitHub
parent d60eea5e2f
commit 13423b137e
2 changed files with 7 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
.github/workflows/build-lint-push-containers.yml vendored
View File

@@ -10,7 +10,8 @@ on:
types: [published] types: [published]
env: env:
AWS_REGION: us-east-1 AWS_REGION_STG: eu-west-1
AWS_REGION_PRO: us-east-1
IMAGE_NAME: prowler IMAGE_NAME: prowler
LATEST_TAG: latest LATEST_TAG: latest
TEMPORARY_TAG: temporary TEMPORARY_TAG: temporary
@@ -126,13 +127,13 @@ jobs:
username: ${{ secrets.PUBLIC_ECR_AWS_ACCESS_KEY_ID }} username: ${{ secrets.PUBLIC_ECR_AWS_ACCESS_KEY_ID }}
password: ${{ secrets.PUBLIC_ECR_AWS_SECRET_ACCESS_KEY }} password: ${{ secrets.PUBLIC_ECR_AWS_SECRET_ACCESS_KEY }}
env: env:
AWS_REGION: ${{ env.AWS_REGION }} AWS_REGION: ${{ env.AWS_REGION_PRO }}
- -
name: Configure AWS Credentials -- STG name: Configure AWS Credentials -- STG
if: github.event_name == 'push' if: github.event_name == 'push'
uses: aws-actions/configure-aws-credentials@v1 uses: aws-actions/configure-aws-credentials@v1
with: with:
aws-region: ${{ env.AWS_REGION }} aws-region: ${{ env.AWS_REGION_STG }}
role-to-assume: ${{ secrets.STG_IAM_ROLE_ARN }} role-to-assume: ${{ secrets.STG_IAM_ROLE_ARN }}
role-session-name: build-lint-containers-stg role-session-name: build-lint-containers-stg
- -
@@ -146,7 +147,7 @@ jobs:
if: github.event_name == 'release' if: github.event_name == 'release'
uses: aws-actions/configure-aws-credentials@v1 uses: aws-actions/configure-aws-credentials@v1
with: with:
aws-region: ${{ env.AWS_REGION }} aws-region: ${{ env.AWS_REGION_PRO }}
role-to-assume: ${{ secrets.PRO_IAM_ROLE_ARN }} role-to-assume: ${{ secrets.PRO_IAM_ROLE_ARN }}
role-session-name: build-lint-containers-pro role-session-name: build-lint-containers-pro
- -
@@ -163,9 +164,9 @@ jobs:
with: with:
push: true push: true
tags: | tags: |
${{ secrets.STG_ECR }}/${{ secrets.STG_ECR_REPOSITORY }}:${{ env.LATEST_TAG }}
${{ secrets.DOCKER_HUB_REPOSITORY }}/${{ env.IMAGE_NAME }}:${{ env.LATEST_TAG }} ${{ secrets.DOCKER_HUB_REPOSITORY }}/${{ env.IMAGE_NAME }}:${{ env.LATEST_TAG }}
${{ secrets.PUBLIC_ECR_REPOSITORY }}/${{ env.IMAGE_NAME }}:${{ env.LATEST_TAG }} ${{ secrets.PUBLIC_ECR_REPOSITORY }}/${{ env.IMAGE_NAME }}:${{ env.LATEST_TAG }}
${{ secrets.STG_ECR }}/${{ secrets.STG_ECR_REPOSITORY }}:${{ env.LATEST_TAG }}
file: util/Dockerfile file: util/Dockerfile
- -
# Push the new release # Push the new release

2
util/Dockerfile
View File

@@ -17,7 +17,7 @@ RUN yum install -y shadow-utils && \
pip3 install boto3 detect-secrets==1.0.3 && \ pip3 install boto3 detect-secrets==1.0.3 && \
pip3 cache purge && \ pip3 cache purge && \
curl https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip -o awscliv2.zip && \ curl https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip -o awscliv2.zip && \
unzip awscliv2.zip && \ unzip -q awscliv2.zip && \
aws/install && \ aws/install && \
rm -rf aws awscliv2.zip /var/cache/yum && \ rm -rf aws awscliv2.zip /var/cache/yum && \
rm /usr/bin/python && \ rm /usr/bin/python && \