271 lines
5.3 KiB
HCL
271 lines
5.3 KiB
HCL
schema = "1"
|
|
|
|
project "vault" {
|
|
team = "vault"
|
|
slack {
|
|
notification_channel = "C03RXFX5M4L" // #feed-vault-releases
|
|
}
|
|
github {
|
|
organization = "hashicorp"
|
|
repository = "vault"
|
|
release_branches = [
|
|
"main",
|
|
"release/**",
|
|
]
|
|
}
|
|
}
|
|
|
|
event "merge" {
|
|
// "entrypoint" to use if build is not run automatically
|
|
// i.e. send "merge" complete signal to orchestrator to trigger build
|
|
}
|
|
|
|
event "build" {
|
|
depends = ["merge"]
|
|
action "build" {
|
|
organization = "hashicorp"
|
|
repository = "vault"
|
|
workflow = "build"
|
|
}
|
|
}
|
|
|
|
event "upload-dev" {
|
|
depends = ["build"]
|
|
action "upload-dev" {
|
|
organization = "hashicorp"
|
|
repository = "crt-workflows-common"
|
|
workflow = "upload-dev"
|
|
depends = ["build"]
|
|
}
|
|
|
|
notification {
|
|
on = "fail"
|
|
}
|
|
}
|
|
|
|
event "quality-tests" {
|
|
depends = ["upload-dev"]
|
|
action "quality-tests" {
|
|
organization = "hashicorp"
|
|
repository = "crt-workflows-common"
|
|
workflow = "quality-tests"
|
|
}
|
|
|
|
notification {
|
|
on = "fail"
|
|
}
|
|
}
|
|
|
|
event "security-scan-binaries" {
|
|
depends = ["quality-tests"]
|
|
action "security-scan-binaries" {
|
|
organization = "hashicorp"
|
|
repository = "crt-workflows-common"
|
|
workflow = "security-scan-binaries"
|
|
config = "security-scan.hcl"
|
|
}
|
|
|
|
notification {
|
|
on = "fail"
|
|
}
|
|
}
|
|
|
|
event "security-scan-containers" {
|
|
depends = ["security-scan-binaries"]
|
|
action "security-scan-containers" {
|
|
organization = "hashicorp"
|
|
repository = "crt-workflows-common"
|
|
workflow = "security-scan-containers"
|
|
config = "security-scan.hcl"
|
|
}
|
|
|
|
notification {
|
|
on = "fail"
|
|
}
|
|
}
|
|
|
|
event "notarize-darwin-amd64" {
|
|
depends = ["security-scan-containers"]
|
|
action "notarize-darwin-amd64" {
|
|
organization = "hashicorp"
|
|
repository = "crt-workflows-common"
|
|
workflow = "notarize-darwin-amd64"
|
|
}
|
|
|
|
notification {
|
|
on = "fail"
|
|
}
|
|
}
|
|
|
|
event "notarize-darwin-arm64" {
|
|
depends = ["notarize-darwin-amd64"]
|
|
action "notarize-darwin-arm64" {
|
|
organization = "hashicorp"
|
|
repository = "crt-workflows-common"
|
|
workflow = "notarize-darwin-arm64"
|
|
}
|
|
|
|
notification {
|
|
on = "fail"
|
|
}
|
|
}
|
|
|
|
event "notarize-windows-386" {
|
|
depends = ["notarize-darwin-arm64"]
|
|
action "notarize-windows-386" {
|
|
organization = "hashicorp"
|
|
repository = "crt-workflows-common"
|
|
workflow = "notarize-windows-386"
|
|
}
|
|
|
|
notification {
|
|
on = "fail"
|
|
}
|
|
}
|
|
|
|
event "notarize-windows-amd64" {
|
|
depends = ["notarize-windows-386"]
|
|
action "notarize-windows-amd64" {
|
|
organization = "hashicorp"
|
|
repository = "crt-workflows-common"
|
|
workflow = "notarize-windows-amd64"
|
|
}
|
|
|
|
notification {
|
|
on = "fail"
|
|
}
|
|
}
|
|
|
|
event "sign" {
|
|
depends = ["notarize-windows-amd64"]
|
|
action "sign" {
|
|
organization = "hashicorp"
|
|
repository = "crt-workflows-common"
|
|
workflow = "sign"
|
|
}
|
|
|
|
notification {
|
|
on = "fail"
|
|
}
|
|
}
|
|
|
|
event "sign-linux-rpms" {
|
|
depends = ["sign"]
|
|
action "sign-linux-rpms" {
|
|
organization = "hashicorp"
|
|
repository = "crt-workflows-common"
|
|
workflow = "sign-linux-rpms"
|
|
}
|
|
|
|
notification {
|
|
on = "fail"
|
|
}
|
|
}
|
|
|
|
event "verify" {
|
|
depends = ["sign-linux-rpms"]
|
|
action "verify" {
|
|
organization = "hashicorp"
|
|
repository = "crt-workflows-common"
|
|
workflow = "verify"
|
|
}
|
|
|
|
notification {
|
|
on = "fail"
|
|
}
|
|
}
|
|
|
|
## These events are publish and post-publish events and should be added to the end of the file
|
|
## after the verify event stanza.
|
|
|
|
event "trigger-staging" {
|
|
// This event is dispatched by the bob trigger-promotion command
|
|
// and is required - do not delete.
|
|
}
|
|
|
|
event "promote-staging" {
|
|
depends = ["trigger-staging"]
|
|
action "promote-staging" {
|
|
organization = "hashicorp"
|
|
repository = "crt-workflows-common"
|
|
workflow = "promote-staging"
|
|
config = "release-metadata.hcl"
|
|
}
|
|
|
|
notification {
|
|
on = "always"
|
|
}
|
|
}
|
|
|
|
event "promote-staging-docker" {
|
|
depends = ["promote-staging"]
|
|
action "promote-staging-docker" {
|
|
organization = "hashicorp"
|
|
repository = "crt-workflows-common"
|
|
workflow = "promote-staging-docker"
|
|
}
|
|
|
|
notification {
|
|
on = "always"
|
|
}
|
|
}
|
|
|
|
event "trigger-production" {
|
|
// This event is dispatched by the bob trigger-promotion command
|
|
// and is required - do not delete.
|
|
}
|
|
|
|
event "promote-production" {
|
|
depends = ["trigger-production"]
|
|
action "promote-production" {
|
|
organization = "hashicorp"
|
|
repository = "crt-workflows-common"
|
|
workflow = "promote-production"
|
|
}
|
|
|
|
notification {
|
|
on = "always"
|
|
}
|
|
}
|
|
|
|
event "promote-production-docker" {
|
|
depends = ["promote-production"]
|
|
action "promote-production-docker" {
|
|
organization = "hashicorp"
|
|
repository = "crt-workflows-common"
|
|
workflow = "promote-production-docker"
|
|
}
|
|
|
|
notification {
|
|
on = "always"
|
|
}
|
|
}
|
|
|
|
event "promote-production-packaging" {
|
|
depends = ["promote-production-docker"]
|
|
action "promote-production-packaging" {
|
|
organization = "hashicorp"
|
|
repository = "crt-workflows-common"
|
|
workflow = "promote-production-packaging"
|
|
}
|
|
|
|
notification {
|
|
on = "always"
|
|
}
|
|
}
|
|
|
|
# The post-publish-website event should not be merged into the enterprise repo.
|
|
# It is for OSS use only.
|
|
event "post-publish-website" {
|
|
depends = ["promote-production-packaging"]
|
|
action "post-publish-website" {
|
|
organization = "hashicorp"
|
|
repository = "crt-workflows-common"
|
|
workflow = "post-publish-website"
|
|
}
|
|
|
|
notification {
|
|
on = "always"
|
|
}
|
|
}
|