Merge pull request #707 from orb-community/develop #178
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build-release | |
| on: | |
| workflow_dispatch: | |
| pull_request: | |
| branches: | |
| - master | |
| push: | |
| branches: | |
| - master | |
| env: | |
| # Customize the CMake build type here (Release, Debug, RelWithDebInfo, etc.) | |
| BUILD_TYPE: Release | |
| CTEST_OUTPUT_ON_FAILURE: 1 | |
| CONAN_NON_INTERACTIVE: 1 | |
| CONAN_REVISIONS_ENABLED: 1 | |
| jobs: | |
| unit-tests: | |
| strategy: | |
| matrix: | |
| os: [ ubuntu-latest ] | |
| runs-on: ${{ matrix.os }} | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Create Build Environment | |
| run: cmake -E make_directory ${{github.workspace}}/build | |
| - name: Get Conan | |
| id: conan | |
| uses: turtlebrowser/get-conan@main | |
| with: | |
| version: 1.61.0 | |
| - name: Setup Conan Cache | |
| uses: actions/cache@v3 | |
| with: | |
| path: ${{github.workspace}}/build/conan_home/ | |
| key: conan-${{ runner.os }}-${{ hashFiles('conanfile.txt', '*/conanfile.txt') }} | |
| restore-keys: conan-${{ runner.os }}- | |
| - name: linux package install | |
| if: matrix.os == 'ubuntu-latest' | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install --yes --no-install-recommends jq | |
| - name: Configure CMake | |
| shell: bash | |
| working-directory: ${{github.workspace}}/build | |
| run: PKG_CONFIG_PATH=${{github.workspace}}/local/lib/pkgconfig cmake $GITHUB_WORKSPACE -DCMAKE_BUILD_TYPE=$BUILD_TYPE | |
| - name: Build | |
| working-directory: ${{github.workspace}}/build | |
| shell: bash | |
| run: cmake --build . --config $BUILD_TYPE -- -j 2 | |
| - name: Test | |
| working-directory: ${{github.workspace}}/build | |
| shell: bash | |
| run: ctest -C $BUILD_TYPE | |
| prebuild-package: | |
| needs: [ unit-tests ] | |
| runs-on: ubuntu-latest | |
| outputs: | |
| version_number: ${{ steps.build.outputs.version }} | |
| branch_name: ${{ steps.branch.outputs.name }} | |
| if: github.event_name != 'pull_request' | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Remove suffix from Cmakelists.txt file | |
| run: | | |
| ESCAPED_REPLACE_RELEASE=$(printf '%s\n' 'VISOR_PRERELEASE ""' | sed -e 's/[\/&]/\\&/g') | |
| sed -i -e "s/VISOR_PRERELEASE \"-develop\"/$ESCAPED_REPLACE_RELEASE/g" CMakeLists.txt | |
| - name: Create Build Environment | |
| run: cmake -E make_directory ${{github.workspace}}/build | |
| - name: Get Conan | |
| id: conan | |
| uses: turtlebrowser/get-conan@main | |
| with: | |
| version: 1.61.0 | |
| - name: Configure CMake to generate VERSION | |
| shell: bash | |
| working-directory: ${{github.workspace}}/build | |
| run: cmake $GITHUB_WORKSPACE -DCMAKE_BUILD_TYPE=$BUILD_TYPE | |
| - name: Get VERSION | |
| id: build | |
| run: | | |
| echo "VERSION=`cat ${{github.workspace}}/build/VERSION`" >> $GITHUB_ENV | |
| echo "::set-output name=version::$(cat ${{github.workspace}}/build/VERSION)" | |
| - name: Get branch name | |
| id: branch | |
| shell: bash | |
| run: | | |
| echo "BRANCH_NAME=$(echo ${GITHUB_REF#refs/heads/} | tr / -)" >> $GITHUB_ENV | |
| echo "::set-output name=name::$(echo ${GITHUB_REF#refs/heads/} | tr / -)" | |
| - name: Persist to workspace | |
| uses: actions/upload-artifact@v2 | |
| with: | |
| name: workspace | |
| path: ./ | |
| retention-days: 1 | |
| release: | |
| needs: [ unit-tests ] | |
| runs-on: ubuntu-latest | |
| # if this is a push into one of our main branches (rather than just a pull request), we will also package | |
| if: github.event_name != 'pull_request' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| - name: Remove suffix from Cmakelists.txt file | |
| run: | | |
| ESCAPED_REPLACE_RELEASE=$(printf '%s\n' 'VISOR_PRERELEASE ""' | sed -e 's/[\/&]/\\&/g') | |
| sed -i -e "s/VISOR_PRERELEASE \"-develop\"/$ESCAPED_REPLACE_RELEASE/g" CMakeLists.txt | |
| - name: Create Build Environment | |
| run: cmake -E make_directory ${{github.workspace}}/build | |
| - name: Get Conan | |
| id: conan | |
| uses: turtlebrowser/get-conan@main | |
| with: | |
| version: 1.61.0 | |
| - name: Configure CMake to generate VERSION | |
| shell: bash | |
| working-directory: ${{github.workspace}}/build | |
| run: cmake $GITHUB_WORKSPACE -DCMAKE_BUILD_TYPE=$BUILD_TYPE | |
| - name: Set variables | |
| run: | | |
| echo "LAST_TAG=`git tag --sort=committerdate | tail -1`" >> $GITHUB_ENV | |
| echo "TAG=v`cat ${{github.workspace}}/build/VERSION`" >> $GITHUB_ENV | |
| echo "VERSION=`cat ${{github.workspace}}/build/VERSION`" >> $GITHUB_ENV | |
| - name: Generate release changelog | |
| run: | | |
| echo "# What's new" > changelog.md | |
| git log ${{ env.LAST_TAG }}..HEAD --pretty=format:"$ad- %s [%an]" >> changelog.md | |
| sed -i -e "s/- /• /g" changelog.md | |
| - name: Post pktvisor changelog in slack channel | |
| run: | | |
| curl -d "text=:mega: *Pktvisor release reporter* :mega: | |
| $(cat changelog.md)" -d "channel=C041B9204CF" -H "Authorization: Bearer ${{secrets.SLACK_APP_TOKEN}}" -X POST https://slack.com/api/chat.postMessage | |
| - name: Create release | |
| id: create_release | |
| uses: actions/create-release@latest | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token | |
| with: | |
| tag_name: ${{ env.TAG }} | |
| release_name: ${{ env.VERSION }} | |
| body_path: ${{github.workspace}}/changelog.md | |
| draft: false | |
| prerelease: false | |
| spinup-arm64-runner: | |
| needs: [ prebuild-package ] | |
| runs-on: ubuntu-latest | |
| outputs: | |
| runner_token: ${{ steps.token.outputs.runner }} | |
| runner_label: ${{ env.RUNNER_LABEL }} | |
| if: github.event_name != 'pull_request' | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Generate runner token | |
| id: token | |
| run: | | |
| curl -X POST -H "authorization: Bearer ${{ secrets.BOT_TOKEN }}" -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/orb-community/pktvisor/actions/runners/registration-token -o token.json | |
| echo "::set-output name=runner::$(cat token.json | jq .token --raw-output )" | |
| cat token.json | |
| - name: Get short commit hash to a variable | |
| id: commit_hash | |
| run: | | |
| echo "::set-output name=sha_short::$(git rev-parse --short HEAD)" | |
| - name: Inject runner token in user_data.sh | |
| run: | | |
| cd .github/hosted-runner/arm64/ | |
| ESCAPED_REPLACE_RUNNER_TOKEN=$(printf '%s\n' "${{ steps.token.outputs.runner }}" | sed -e 's/[\/&]/\\&/g') | |
| sed -i -e "s/RUNNER_TOKEN/$ESCAPED_REPLACE_RUNNER_TOKEN/g" user_data.sh | |
| ESCAPED_REPLACE_RUNNER_NAME=$(printf '%s\n' "${{ steps.commit_hash.outputs.sha_short }}-arm64" | sed -e 's/[\/&]/\\&/g') | |
| sed -i -e "s/ARM64_RUNNER/$ESCAPED_REPLACE_RUNNER_NAME/g" user_data.sh | |
| ESCAPED_REPLACE_RUNNER_LABEL=$(printf '%s\n' "${{ steps.commit_hash.outputs.sha_short }}-arm64" | sed -e 's/[\/&]/\\&/g') | |
| sed -i -e "s/RUNNER_LABEL/$ESCAPED_REPLACE_RUNNER_LABEL/g" user_data.sh | |
| echo "RUNNER_LABEL=${{ steps.commit_hash.outputs.sha_short }}-arm64" >> $GITHUB_ENV | |
| - name: Inject AWS key | |
| run: | | |
| cd .github/hosted-runner/arm64/ | |
| ESCAPED_REPLACE_KEY_ID=$(printf '%s\n' "${{ secrets.AWS_ACCESS_KEY_ID }}" | sed -e 's/[\/&]/\\&/g') | |
| sed -i -e "s/AWSID/$ESCAPED_REPLACE_KEY_ID/g" vars.tf | |
| ESCAPED_REPLACE_ACCESS_KEY=$(printf '%s\n' "${{ secrets.AWS_SECRET_ACCESS_KEY }}" | sed -e 's/[\/&]/\\&/g') | |
| sed -i -e "s/AWSSECRET/$ESCAPED_REPLACE_ACCESS_KEY/g" vars.tf | |
| ESCAPED_REPLACE_ENVIRONMENT=$(printf '%s\n' "${{ needs.prebuild-package.outputs.branch_name }}-${{ steps.commit_hash.outputs.sha_short }}-release" | sed -e 's/[\/&]/\\&/g') | |
| sed -i -e "s/ENVIRONMENT/$ESCAPED_REPLACE_ENVIRONMENT/g" vars.tf | |
| - name: setup terraform | |
| uses: hashicorp/setup-terraform@v2 | |
| with: | |
| terraform_version: 1.1.7 | |
| terraform_wrapper: false | |
| - name: Terraform Init | |
| run: | | |
| cd .github/hosted-runner/arm64/ | |
| terraform init -input=false | |
| - name: Terraform plan | |
| run: | | |
| cd .github/hosted-runner/arm64/ | |
| terraform plan -out=tfplan | |
| - name: Terraform apply | |
| run: | | |
| cd .github/hosted-runner/arm64/ | |
| terraform apply -auto-approve tfplan | |
| - name: Terraform output | |
| run: | | |
| cd .github/hosted-runner/arm64/ | |
| terraform output -raw ip > ip.txt | |
| - name: Persist IP to workspace | |
| uses: actions/upload-artifact@v2 | |
| with: | |
| name: ip-arm | |
| path: | | |
| .github/hosted-runner/arm64/ip.txt | |
| retention-days: 1 | |
| - name: Persist to workspace | |
| uses: actions/upload-artifact@v2 | |
| with: | |
| name: terraform | |
| path: | | |
| .github/hosted-runner/arm64/terraform.tfstate | |
| retention-days: 1 | |
| build-win64: | |
| # The CMake configure and build commands are platform agnostic and should work equally | |
| # well on Windows or Mac. You can convert this to a matrix build if you need | |
| # cross-platform coverage. | |
| # See: https://docs.github.com/en/free-pro-team@latest/actions/learn-github-actions/managing-complex-workflows#using-a-build-matrix | |
| runs-on: windows-2019 | |
| outputs: | |
| version_number: ${{ env.VERSION }} | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Create Build Environment | |
| # Some projects don't allow in-source building, so create a separate build directory | |
| # We'll use this as our working directory for all subsequent commands | |
| run: cmake -E make_directory ${{github.workspace}}\build | |
| - name: Get Conan | |
| # You may pin to the exact commit or the version. | |
| # uses: turtlebrowser/get-conan@4dc7e6dd45c8b1e02e909979d7cfc5ebba6ddbe2 | |
| id: conan | |
| uses: turtlebrowser/get-conan@main | |
| with: | |
| version: 1.61.0 | |
| - name: Remove libpcap from conanfile | |
| shell: bash | |
| run: | | |
| sed -i -e "s/libpcap.*//g" "${{github.workspace}}\conanfile.txt" | |
| - name: Setup Conan Cache | |
| uses: actions/cache@v3 | |
| with: | |
| path: ${{github.workspace}}/build/conan_home/ | |
| key: conan-${{ runner.os }}-${{ hashFiles('conanfile.txt', '*/conanfile.txt') }} | |
| restore-keys: conan-${{ runner.os }}- | |
| - name: Configure CMake | |
| # Use a bash shell so we can use the same syntax for environment variable | |
| # access regardless of the host operating system | |
| shell: bash | |
| working-directory: ${{github.workspace}}\build | |
| # Note the current convention is to use the -S and -B options here to specify source | |
| # and build directories, but this is only available with CMake 3.13 and higher. | |
| # The CMake binaries on the Github Actions machines are (as of this writing) 3.12 | |
| run: PKG_CONFIG_PATH=${{github.workspace}}\local\lib\pkgconfig cmake $GITHUB_WORKSPACE -DCMAKE_BUILD_TYPE=$BUILD_TYPE | |
| - name: Get VERSION | |
| shell: pwsh | |
| id: build | |
| run: | | |
| $text = Get-Content ${{github.workspace}}\build\VERSION -Raw | |
| echo "VERSION=$text" >> $env:GITHUB_ENV | |
| - name: Build | |
| working-directory: ${{github.workspace}}\build | |
| shell: bash | |
| # Execute the build. You can specify a specific target with "--target <NAME>" | |
| run: cmake --build . --config $BUILD_TYPE -- -m | |
| # TODO: Fix unit tests for windows platform | |
| #- name: Test | |
| # working-directory: ${{github.workspace}}/build | |
| # shell: bash | |
| # # Execute tests defined by the CMake configuration. | |
| # # See https://cmake.org/cmake/help/latest/manual/ctest.1.html for more detail | |
| # run: ctest -C $BUILD_TYPE | |
| - name: Debug artifacts | |
| shell: pwsh | |
| run: | | |
| Get-ChildItem -Force ${{github.workspace}} | |
| Get-ChildItem -Force ${{github.workspace}}\build | |
| Get-ChildItem -Force ${{github.workspace}}\build\bin | |
| - name: Persist to workspace | |
| uses: actions/upload-artifact@v2 | |
| with: | |
| name: windows-build | |
| path: | | |
| ${{github.workspace}}\build\bin\pktvisor-reader.exe | |
| ${{github.workspace}}\build\bin\pktvisord.exe | |
| ${{github.workspace}}\golang\pkg\client\version.go | |
| retention-days: 1 | |
| build-cli-win64: | |
| needs: [ build-win64, release ] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Attach to workspace | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: windows-build | |
| - name: Debug artifacts | |
| shell: bash | |
| run: | | |
| ls -lha | |
| - name: Debug artifacts | |
| shell: bash | |
| run: | | |
| mv src pktvisor-src | |
| cp -rpf golang/pkg/client/version.go . | |
| - name: Build pktvisor-cli | |
| uses: ./.github/actions/build-go | |
| with: | |
| context: "." | |
| goos: windows | |
| file: "./Dockerfile" | |
| - name: Debug artifacts | |
| shell: bash | |
| run: | | |
| mv ./pktvisor-cli pktvisor-cli.exe | |
| mv ./build/bin/pktvisord.exe ./pktvisord.exe | |
| mv ./build/bin/pktvisor-reader.exe ./pktvisor-reader.exe | |
| - name: compacting windows binary | |
| run: | | |
| zip pktvisor-win64.zip pktvisor-cli.exe pktvisor-reader.exe pktvisord.exe | |
| - name: Upload win64 binary to latest release | |
| shell: bash | |
| run: | | |
| chmod a+x ./docker/upload-gh-asset.sh | |
| ./docker/upload-gh-asset.sh github_api_token=${{ secrets.BOT_TOKEN }} owner=orb-community repo=pktvisor tag=LATEST filename=./pktvisor-win64.zip | |
| package-arm64: | |
| needs: [ spinup-arm64-runner ] | |
| runs-on: ${{ needs.spinup-arm64-runner.outputs.runner_label }} | |
| if: github.event_name != 'pull_request' | |
| steps: | |
| - name: Attach to workspace | |
| uses: actions/download-artifact@v2 | |
| with: | |
| name: workspace | |
| - name: Create Build Environment | |
| run: cmake -E make_directory ${{github.workspace}}/build | |
| - name: Setup Conan Cache | |
| uses: actions/cache@v3 | |
| with: | |
| path: ${{github.workspace}}/build/conan_home/ | |
| key: conan-${{ runner.os }}-arm64-${{ hashFiles('conanfile.txt', '*/conanfile.txt') }} | |
| restore-keys: conan-${{ runner.os }}-arm64- | |
| - name: Build pktvisord + push symbol to backtrace.io | |
| uses: ./.github/actions/build-cpp | |
| with: | |
| context: "." | |
| build_type: "Release" | |
| asan: "OFF" | |
| bugsplat_key: ${{secrets.BUGSPLAT_KEY}} | |
| bugsplat_symbol_url: ${{secrets.BUGSPLAT_SYMBOL_URL}} | |
| bugsplat: "false" | |
| file: "./Dockerfile" | |
| - name: Build pktvisor-cli | |
| uses: ./.github/actions/build-go | |
| with: | |
| context: "." | |
| goarch: arm64 | |
| file: "./Dockerfile" | |
| - name: Debug artifacts | |
| run: ls -lha . | |
| - name: compacting arm64 binary | |
| run: | | |
| zip pktvisor-arm64.zip pktvisor-cli pktvisor-reader pktvisord | |
| - name: Upload arm64 binary to latest release | |
| run: | | |
| chmod a+x ./docker/upload-gh-asset.sh | |
| ./docker/upload-gh-asset.sh github_api_token=${{ secrets.BOT_TOKEN }} owner=orb-community repo=pktvisor tag=LATEST filename=./pktvisor-arm64.zip | |
| - name: Get branch name | |
| shell: bash | |
| run: echo "BRANCH_NAME=$(echo ${GITHUB_REF#refs/heads/} | tr / -)" >> $GITHUB_ENV | |
| - name: Debug branch name | |
| run: echo ${{ env.BRANCH_NAME }} | |
| - name: Get VERSION | |
| run: | | |
| echo "VERSION=`cat ${{github.workspace}}/build/VERSION`" >> $GITHUB_ENV | |
| - name: Debug version | |
| run: echo ${{ env.VERSION }} | |
| - name: Generate ref tag (master) | |
| if: ${{ env.BRANCH_NAME == 'master' }} | |
| run: | | |
| echo "REF_TAG=latest" >> $GITHUB_ENV | |
| echo "PRERELEASE=false" >> $GITHUB_ENV | |
| echo "DRAFT=true" >> $GITHUB_ENV | |
| - name: Debug ref tag | |
| run: echo ${{ env.REF_TAG }} | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v1 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v2 | |
| - name: Set up Docker Buildx | |
| id: buildx | |
| uses: docker/setup-buildx-action@v2 | |
| - name: Replace token | |
| run: | | |
| sed -i -e "s/CP_TOKEN/${{ secrets.CRASHPAD_TOKEN }}/g" docker/run.sh | |
| - name: Replace escape url | |
| run: | | |
| REPLACE=${{ secrets.BUGSPLAT_CP_URL }} | |
| ESCAPED_REPLACE=$(printf '%s\n' "$REPLACE" | sed -e 's/[\/&]/\\&/g') | |
| sed -i -e "s/CP_URL/$ESCAPED_REPLACE/g" docker/run.sh | |
| - name: Build + push - pktvisor (multi-arch) | |
| id: docker_build | |
| env: | |
| IMAGE_NAME: ghcr.io/orb-community/pktvisor | |
| uses: docker/build-push-action@v3 | |
| with: | |
| builder: ${{ steps.buildx.outputs.name }} | |
| context: . | |
| file: ./docker/Dockerfile.crashhandler | |
| platforms: linux/arm64 | |
| tags: ${{ env.IMAGE_NAME }}:release-arm64 | |
| outputs: type=docker,dest=/tmp/arm64.tar | |
| - name: Load image | |
| env: | |
| IMAGE_NAME: ghcr.io/orb-community/pktvisor | |
| run: | | |
| docker load --input /tmp/arm64.tar | |
| docker image ls -a | |
| docker push ${{ env.IMAGE_NAME }}:release-arm64 | |
| package-amd64: | |
| needs: [ prebuild-package ] | |
| runs-on: ubuntu-latest | |
| outputs: | |
| release_version: ${{ env.VERSION }} | |
| if: github.event_name != 'pull_request' | |
| steps: | |
| - name: Attach to workspace | |
| uses: actions/download-artifact@v2 | |
| with: | |
| name: workspace | |
| - name: Create Build Environment | |
| run: cmake -E make_directory ${{github.workspace}}/build | |
| - name: Setup Conan Cache | |
| uses: actions/cache@v3 | |
| with: | |
| path: ${{github.workspace}}/build/conan_home/ | |
| key: conan-${{ runner.os }}-${{ hashFiles('conanfile.txt', '*/conanfile.txt') }} | |
| restore-keys: conan-${{ runner.os }}- | |
| - name: Build pktvisord + push symbol to backtrace.io | |
| uses: ./.github/actions/build-cpp | |
| with: | |
| context: "." | |
| build_type: "Release" | |
| asan: "OFF" | |
| bugsplat_key: ${{secrets.BUGSPLAT_KEY}} | |
| bugsplat_symbol_url: ${{secrets.BUGSPLAT_SYMBOL_URL}} | |
| bugsplat: "true" | |
| file: "./Dockerfile" | |
| - name: Build pktvisor-cli | |
| uses: ./.github/actions/build-go | |
| with: | |
| context: "." | |
| file: "./Dockerfile" | |
| - name: Debug artifacts | |
| run: ls -lha . | |
| - name: compacting amd64 binary | |
| run: | | |
| zip pktvisor-amd64.zip pktvisor-cli pktvisor-reader pktvisord | |
| - name: Upload amd64 binary to latest release | |
| run: | | |
| chmod a+x ./docker/upload-gh-asset.sh | |
| ./docker/upload-gh-asset.sh github_api_token=${{ secrets.BOT_TOKEN }} owner=orb-community repo=pktvisor tag=LATEST filename=./pktvisor-amd64.zip | |
| - name: Get branch name | |
| shell: bash | |
| run: echo "BRANCH_NAME=$(echo ${GITHUB_REF#refs/heads/} | tr / -)" >> $GITHUB_ENV | |
| - name: Debug branch name | |
| run: echo ${{ env.BRANCH_NAME }} | |
| - name: Get VERSION | |
| run: | | |
| echo "VERSION=`cat ${{github.workspace}}/build/VERSION`" >> $GITHUB_ENV | |
| - name: Debug version | |
| run: echo ${{ env.VERSION }} | |
| - name: Generate ref tag (master) | |
| if: ${{ env.BRANCH_NAME == 'master' }} | |
| run: | | |
| echo "REF_TAG=latest" >> $GITHUB_ENV | |
| echo "PRERELEASE=false" >> $GITHUB_ENV | |
| echo "DRAFT=true" >> $GITHUB_ENV | |
| - name: Debug ref tag | |
| run: echo ${{ env.REF_TAG }} | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v1 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set up Docker Buildx | |
| id: buildx | |
| uses: docker/setup-buildx-action@v2 | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v2 | |
| - name: Replace token | |
| run: | | |
| sed -i -e "s/CP_TOKEN/${{ secrets.CRASHPAD_TOKEN }}/g" docker/run.sh | |
| - name: Replace escape url | |
| run: | | |
| REPLACE=${{ secrets.BUGSPLAT_CP_URL }} | |
| ESCAPED_REPLACE=$(printf '%s\n' "$REPLACE" | sed -e 's/[\/&]/\\&/g') | |
| sed -i -e "s/CP_URL/$ESCAPED_REPLACE/g" docker/run.sh | |
| - name: Build + push - pktvisor (multi-arch) | |
| env: | |
| IMAGE_NAME: ghcr.io/orb-community/pktvisor | |
| uses: docker/build-push-action@v3 | |
| with: | |
| builder: ${{ steps.buildx.outputs.name }} | |
| context: . | |
| file: ./docker/Dockerfile.crashhandler | |
| platforms: linux/amd64 | |
| tags: ${{ env.IMAGE_NAME }}:release-amd64 | |
| outputs: type=docker,dest=/tmp/amd64.tar | |
| - name: Load image | |
| env: | |
| IMAGE_NAME: ghcr.io/orb-community/pktvisor | |
| run: | | |
| docker load --input /tmp/amd64.tar | |
| docker image ls -a | |
| docker push ${{ env.IMAGE_NAME }}:release-amd64 | |
| remove-github-runner-arm64: | |
| continue-on-error: true | |
| needs: [ package-arm64 ] | |
| runs-on: ubuntu-latest | |
| if: github.event_name != 'pull_request' | |
| steps: | |
| - name: Attach to workspace | |
| uses: actions/download-artifact@v2 | |
| with: | |
| name: ip-arm | |
| - name: Get runner ip | |
| id: address | |
| run: | | |
| ls -lha | |
| echo "::set-output name=ip::$(cat ip.txt)" | |
| - name: Generate remove runner token | |
| id: remove-token-arm64 | |
| run: | | |
| curl -X POST -H "authorization: Bearer ${{ secrets.BOT_TOKEN }}" -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/orb-community/pktvisor/actions/runners/remove-token -o token.json | |
| echo "::set-output name=remove-runner::$(cat token.json | jq .token --raw-output )" | |
| cat token.json | |
| echo "TOKEN_RUNNER_ARM64=$(cat token.json | jq .token --raw-output )" >> $GITHUB_ENV | |
| - name: Executing remote ssh commands on runner | |
| uses: appleboy/ssh-action@master | |
| with: | |
| host: ${{ steps.address.outputs.ip }} | |
| username: ubuntu | |
| key: ${{ secrets.RUNNER_SSH_KEY }} | |
| port: 22 | |
| script: | | |
| cd /actions-runner | |
| sudo chmod 777 . -R | |
| ./config.sh remove --token ${{ env.TOKEN_RUNNER_ARM64 }} | |
| remove-arm64-runner: | |
| needs: [ remove-github-runner-arm64 ] | |
| runs-on: ubuntu-latest | |
| if: github.event_name != 'pull_request' | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Attach to workspace | |
| uses: actions/download-artifact@v2 | |
| with: | |
| name: terraform | |
| path: .github/hosted-runner/arm64/ | |
| - name: Inject AWS key | |
| run: | | |
| cd .github/hosted-runner/arm64/ | |
| ESCAPED_REPLACE_KEY_ID=$(printf '%s\n' "${{ secrets.AWS_ACCESS_KEY_ID }}" | sed -e 's/[\/&]/\\&/g') | |
| sed -i -e "s/AWSID/$ESCAPED_REPLACE_KEY_ID/g" vars.tf | |
| ESCAPED_REPLACE_ACCESS_KEY=$(printf '%s\n' "${{ secrets.AWS_SECRET_ACCESS_KEY }}" | sed -e 's/[\/&]/\\&/g') | |
| sed -i -e "s/AWSSECRET/$ESCAPED_REPLACE_ACCESS_KEY/g" vars.tf | |
| - name: setup terraform | |
| uses: hashicorp/setup-terraform@v2 | |
| with: | |
| terraform_version: 1.1.7 | |
| - name: Terraform Init | |
| run: | | |
| cd .github/hosted-runner/arm64/ | |
| terraform init -input=false | |
| - name: Terraform plan destroy | |
| run: | | |
| cd .github/hosted-runner/arm64/ | |
| terraform plan -destroy | |
| continue-on-error: true | |
| - name: Terraform destroy | |
| run: | | |
| cd .github/hosted-runner/arm64/ | |
| terraform destroy -auto-approve | |
| pushing-manifests: | |
| needs: [ package-amd64 , package-arm64 ] | |
| runs-on: ubuntu-latest | |
| if: github.event_name != 'pull_request' | |
| steps: | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v1 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Create docker manifest | |
| run: | | |
| docker manifest create ghcr.io/orb-community/pktvisor:latest \ | |
| ghcr.io/orb-community/pktvisor:release-amd64 \ | |
| ghcr.io/orb-community/pktvisor:release-arm64 | |
| - name: Push manifest to ghcr.io | |
| run: | | |
| docker manifest push ghcr.io/orb-community/pktvisor:latest | |
| - name: Install skopeo | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y skopeo | |
| - name: Login skopeo to ghcr | |
| run: | | |
| sudo skopeo login -u ${{ github.repository_owner }} -p ${{ secrets.GITHUB_TOKEN }} ghcr.io | |
| - name: Login skopeo to dockerhub | |
| run: | | |
| sudo skopeo login -u ${{ secrets.ORB_DOCKERHUB_USERNAME }} -p ${{ secrets.ORB_DOCKERHUB_TOKEN }} docker.io | |
| - name: Copy latest from ghcr.io to docker.io | |
| run: | | |
| sudo skopeo copy \ | |
| --all \ | |
| docker://ghcr.io/orb-community/pktvisor:latest \ | |
| docker://docker.io/orbcommunity/pktvisor:latest | |
| - name: Copy release version from ghcr.io to docker.io | |
| run: | | |
| sudo skopeo copy \ | |
| --all \ | |
| docker://ghcr.io/orb-community/pktvisor:latest \ | |
| docker://docker.io/orbcommunity/pktvisor:${{ needs.package-amd64.outputs.release_version }} |