Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Move to multiple distro and simplify ci #194

Draft
wants to merge 5 commits into
base: main
Choose a base branch
from
Draft

feat: Move to multiple distro and simplify ci #194

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
1992503
chore: Move nightly config and add signign
mailo-nr Jan 22, 2025
55437c7
chore: sign rpm/deb
mailo-nr Jan 23, 2025
ead3e09
feat: Refactoring ci to facilitate multiple distros
mailo-nr Jan 28, 2025
a769ea9
feat: Re-arrange configs
mailo-nr Jan 30, 2025
21d8f03
chore: Skips steps when running ci locally via act
mailo-nr Jan 30, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions .actrc
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
# .actrc
--container-architecture=linux/arm64
-P ubuntu-latest=catthehacker/ubuntu:act-latest
-e event.json
39 changes: 35 additions & 4 deletions .github/workflows/ci_nightly.yaml → .github/workflows/ci-nightly.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ on:

env:
TEST_CLUSTER_NAME: ci-e2etest-nightly
REGISTRY: ${{ secrets.OTELCOMM_AWS_TEST_ACC_ACCOUNT_ID }}.dkr.ecr.us-east-1.amazonaws.com/nr-otel-collector
REGISTRY: ${{ secrets.OTELCOMM_AWS_TEST_ACC_ACCOUNT_ID }}.dkr.ecr.us-east-1.amazonaws.com

jobs:
slow-tests:
Expand All @@ -39,15 +39,41 @@ jobs:

- uses: docker/setup-buildx-action@v2

- name: Import GPG key
id: import_gpg
uses: crazy-max/ghaction-import-gpg@v6
with:
gpg_private_key: ${{ secrets.OHAI_GPG_PRIVATE_KEY_BASE64 }}
passphrase: ${{ secrets.OHAI_GPG_PASSPHRASE }}

- name: Write GPG to path in memory for signing rpm/deb
id: write_gpg_to_path
run: |
GPG_KEY_PATH="$(mktemp /dev/shm/gpg.XXXXXX)"
echo "$GPG_PRIVATE_KEY" | base64 -d >> "$GPG_KEY_PATH"
echo "gpg_key_path=$GPG_KEY_PATH" >> $GITHUB_OUTPUT
env:
GPG_PRIVATE_KEY: ${{ secrets.OHAI_GPG_PRIVATE_KEY_BASE64 }}

- name: Build binaries & packages with GoReleaser
id: goreleaser_snapshot
uses: goreleaser/goreleaser-action@v6
env:
NFPM_PASSPHRASE: ${{ secrets.OHAI_GPG_PASSPHRASE }}
GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}
GPG_KEY_PATH: ${{ steps.write_gpg_to_path.outputs.gpg_key_path }}
REGISTRY: "newrelic/nr-otel-collector"
with:
distribution: goreleaser
version: '~> v2'
args: --snapshot --clean --skip=sign --timeout 2h
args: --snapshot --clean --skip=publish,validate --timeout 2h --config .goreleaser-nightly.yaml
workdir: distributions/nr-otel-collector

- name: List contents of dist folder
run: ls -la distributions/nr-otel-collector/dist

- name: Extract image version
run: echo "version=$(jq -r '.version' dist/metadata.json)" >> $GITHUB_ENV
run: echo "version=$(echo '${{ steps.goreleaser_snapshot.outputs.metadata }}' | jq -r '.version')" >> $GITHUB_ENV

- name: Setup local kind cluster
uses: helm/kind-action@v1
Expand All @@ -58,7 +84,7 @@ jobs:

- name: Run slow local tests
run: |
IMAGE_TAG=${{ env.version }}-rc-amd64 \
IMAGE_TAG=${{ env.version }}-nightly-amd64 \
KIND_CLUSTER_NAME=${{ env.TEST_CLUSTER_NAME }} \
NR_BACKEND_URL=${{ secrets.NR_STAGING_BACKEND_URL }} \
NR_INGEST_KEY=${{ secrets.OTELCOMM_NR_INGEST_KEY }} \
Expand All @@ -83,10 +109,15 @@ jobs:

- name: Build and publish nightly binaries & packages with GoReleaser
uses: goreleaser/goreleaser-action@v6
env:
NFPM_PASSPHRASE: ${{ secrets.OHAI_GPG_PASSPHRASE }}
GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}
GPG_KEY_PATH: ${{ steps.write_gpg_to_path.outputs.gpg_key_path }}
with:
distribution: goreleaser
version: '~> v2'
args: --skip=announce,validate --clean --timeout 2h --config .goreleaser-nightly.yaml
workdir: distributions/nr-otel-collector

- name: Run nightly tests
run: |
Expand Down
75 changes: 0 additions & 75 deletions .github/workflows/ci-prerelease.yml
View file
Open in desktop

This file was deleted.

53 changes: 0 additions & 53 deletions .github/workflows/ci-release.yml
View file
Open in desktop

This file was deleted.

64 changes: 51 additions & 13 deletions .github/workflows/ci.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,11 @@ jobs:
build:
name: Validate distributions build, third party libraries and security
runs-on: ubuntu-latest
strategy:
matrix:
dist:
- nr-otel-collector
- nrdot-collector-k8s
steps:
- name: Checkout
uses: actions/checkout@v4
Expand All @@ -29,25 +34,55 @@ jobs:
go-version: '1.23'
check-latest: true

- name: Tidy go.mod files
run: go mod tidy

- name: Verify build
run: make ci
run: make ci DISTRIBUTIONS=${{ matrix.dist }}

- name: Validate distributions third party libraries
run: make licenses-check
- name: Login to Docker
uses: docker/login-action@v3
with:
registry: docker.io
username: ${{ secrets.OTELCOMM_DOCKER_HUB_USERNAME }}
password: ${{ secrets.OTELCOMM_DOCKER_HUB_PASSWORD }}

- uses: docker/setup-qemu-action@v2

- uses: docker/setup-buildx-action@v2

- name: Import GPG key
id: import_gpg
uses: crazy-max/ghaction-import-gpg@v6
with:
gpg_private_key: ${{ secrets.OHAI_GPG_PRIVATE_KEY_BASE64 }}
passphrase: ${{ secrets.OHAI_GPG_PASSPHRASE }}

- name: Write GPG to path in memory for signing rpm/deb
id: write_gpg_to_path
run: |
GPG_KEY_PATH="$(mktemp /dev/shm/gpg.XXXXXX)"
echo "$GPG_PRIVATE_KEY" | base64 -d >> "$GPG_KEY_PATH"
echo "gpg_key_path=$GPG_KEY_PATH" >> $GITHUB_OUTPUT
env:
GPG_PRIVATE_KEY: ${{ secrets.OHAI_GPG_PRIVATE_KEY_BASE64 }}

- name: Build binaries & packages with GoReleaser
id: goreleaser
uses: goreleaser/goreleaser-action@v6
env:
NFPM_PASSPHRASE: ${{ secrets.OHAI_GPG_PASSPHRASE }}
GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}
GPG_KEY_PATH: ${{ steps.write_gpg_to_path.outputs.gpg_key_path }}
REGISTRY: "newrelic/${{ matrix.dist }}"
with:
distribution: goreleaser
version: '~> v2'
args: --snapshot --clean --skip=sign --timeout 2h
args: --snapshot --clean --skip=publish,validate --timeout 2h
workdir: distributions/${{ matrix.dist }}

- name: Extract image version
run: echo "version=$(jq -r '.version' dist/metadata.json)" >> $GITHUB_ENV
run: echo "version=$(echo '${{ steps.goreleaser.outputs.metadata }}' | jq -r '.version')" >> $GITHUB_ENV

- name: Setup local kind cluster
uses: helm/kind-action@v1
Expand All @@ -56,28 +91,31 @@ jobs:
cluster_name: ${{ env.TEST_CLUSTER_NAME }}
wait: 60s

- uses: azure/[email protected]

- name: Run local e2e tests
run: |
IMAGE_TAG=${{ env.version }}-rc-amd64 \
IMAGE_TAG=${{ env.version }}-amd64 \
KIND_CLUSTER_NAME=${{ env.TEST_CLUSTER_NAME }} \
make -f ./test/e2e/Makefile ci_test-fast
make -f ./test/e2e/Makefile ci_test-fast DISTRO=${{ matrix.dist }}

- name: Trivy security check
uses: aquasecurity/trivy-action@0.28.0
uses: aquasecurity/trivy-action@0.29.0
with:
image-ref: "newrelic/nr-otel-collector:${{ env.version }}-rc-amd64"
image-ref: "newrelic/${{ matrix.dist }}:${{ env.version }}-amd64"
format: 'table'
exit-code: '1'
ignore-unfixed: true
vuln-type: 'os,library'
severity: "HIGH,CRITICAL"
env:
# dbs are downloaded async in download_trivy_db.yml
TRIVY_SKIP_DB_UPDATE: true
# dbs are downloaded async in trivy-cache.yml
TRIVY_SKIP_DB_UPDATE: ${{ !env.ACT }}
TRIVY_SKIP_JAVA_DB_UPDATE: true

terraform:
uses: ./.github/workflows/component_terraform.yml
if: github.event.pull_request.user.login != 'dependabot[bot]'
uses: ./.github/workflows/terraform.yml
if: ${{ !github.event.act && github.event.pull_request.user.login != 'dependabot[bot]' }}
with:
branch: ${{ github.ref }}
tf_work_subdir: permanent
Expand Down
Loading
Loading