Skip to content

Run go-tuf-mirror

Run go-tuf-mirror #107

Workflow file for this run

name: Run go-tuf-mirror
on:
workflow_run:
workflows: ["TUF-on-CI publish"]
types:
- completed
branches:
- publish
workflow_dispatch:
env:
DOCKER_CONFIG: ${{ github.workspace }}/.docker
jobs:
mirror:
runs-on: ubuntu-latest
steps:
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: docker
password: ${{ secrets.TUF_OAT }}
- name: Mirror metadata
uses: docker/go-tuf-mirror/actions/metadata@dd00ad1055cb09daf0aa299e8d2f028091458aa3 # v0.2.7
with:
targets: https://docker.github.io/tuf/targets
source: https://docker.github.io/tuf/metadata
destination: docker://docker/tuf-metadata:latest
tuf-root: prod
flags: "-f"
- name: Mirror targets
uses: docker/go-tuf-mirror/actions/targets@dd00ad1055cb09daf0aa299e8d2f028091458aa3 # v0.2.7
with:
metadata: https://docker.github.io/tuf/metadata
source: https://docker.github.io/tuf/targets
destination: docker://docker/tuf-targets
tuf-root: prod
flags: "-f"
failure-notification:
runs-on: ubuntu-latest
needs: [mirror]
if: ${{ always() && contains(needs.*.result, 'failure') }}
steps:
- name: Slack Notification
uses: rtCamp/action-slack-notify@v2
env:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
SLACK_COLOR: failure
MSG_MINIMAL: true
SLACK_TITLE: "${{ github.workflow }} - Failure"
SLACK_MESSAGE: "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"
SLACK_FOOTER: "triggered by ${{ github.repository }}"
- name: PagerDuty Alert
env:
PAGERDUTY_KEY: ${{ secrets.PAGERDUTY_KEY }}
run: |
curl -X POST 'https://events.pagerduty.com/v2/enqueue' \
-H 'Content-Type: application/json' \
-d '{
"routing_key": "'$PAGERDUTY_KEY'",
"event_action": "trigger",
"payload": {
"summary": "${{ github.workflow }} - Failure",
"severity": "critical",
"source": "${{ github.server_url }}/${{ github.repository }}",
"custom_details": {
"workflow_run": "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"
}
}
}'