Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
ci: migration gha pr prerelease (#65)
* Migrate pipeline to GHA * update goreleaser to remove deprecation warnings * Apply suggestions from code review Co-authored-by: Roberto Santalla <roobre@users.noreply.github.com> * use GH cli to upload windows assets * Update .github/workflows/prerelease.yml Co-authored-by: Roberto Santalla <roobre@users.noreply.github.com> * Update .github/workflows/prerelease.yml Co-authored-by: Roberto Santalla <roobre@users.noreply.github.com> * Update build/package/windows/nri-386-installer/Product.wxs * Update build/package/windows/nri-amd64-installer/Product.wxs * Update .github/workflows/prerelease.yml * Update .github/workflows/prerelease.yml * fix(ci/cd): changing scope of snyk env for consistency Co-authored-by: Antonio Dias <adias@newrelic.com> Co-authored-by: Roberto Santalla <roobre@users.noreply.github.com> Co-authored-by: PaoloGallina <43335750+paologallinaharbur@users.noreply.github.com> Co-authored-by: paologallinaharbur <paologallina1992@gmail.com>
- Loading branch information
1 parent
83a1513
commit f04bd5b
Showing
27 changed files
with
930 additions
and
312 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,149 @@ | ||
name: Prerelease pipeline | ||
|
||
on: | ||
release: | ||
types: | ||
- prereleased | ||
tags: | ||
- 'v*' | ||
|
||
env: | ||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
GO_VERSION: '1.9.7' | ||
INTEGRATION: "elasticsearch" | ||
ORIGINAL_REPO_NAME: 'newrelic/nri-elasticsearch' | ||
REPO_FULL_NAME: ${{ github.event.repository.full_name }} | ||
TAG: ${{ github.event.release.tag_name }} | ||
|
||
jobs: | ||
|
||
validate: | ||
name: Validate code via linters | ||
runs-on: ubuntu-20.04 | ||
steps: | ||
- uses: actions/checkout@v2 | ||
- name: Login to DockerHub | ||
uses: docker/login-action@v1 | ||
with: | ||
username: ${{ secrets.OHAI_DOCKER_HUB_ID }} | ||
password: ${{ secrets.OHAI_DOCKER_HUB_PASSWORD }} | ||
- name: Validate code | ||
run: make ci/validate | ||
|
||
snyk: | ||
name: Run security checks via snyk | ||
runs-on: ubuntu-20.04 | ||
env: | ||
SNYK_TOKEN: ${{ secrets.COREINT_SNYK_TOKEN }} | ||
steps: | ||
- uses: actions/checkout@v2 | ||
- name: Login to DockerHub | ||
uses: docker/login-action@v1 | ||
with: | ||
username: ${{ secrets.OHAI_DOCKER_HUB_ID }} | ||
password: ${{ secrets.OHAI_DOCKER_HUB_PASSWORD }} | ||
- name: Scan code for vulnerabilities | ||
run: make ci/snyk-test | ||
|
||
test-nix: | ||
name: Run unit tests on *Nix | ||
runs-on: ubuntu-20.04 | ||
steps: | ||
- uses: actions/checkout@v2 | ||
- name: Login to DockerHub | ||
uses: docker/login-action@v1 | ||
with: | ||
username: ${{ secrets.OHAI_DOCKER_HUB_ID }} | ||
password: ${{ secrets.OHAI_DOCKER_HUB_PASSWORD }} | ||
- name: Unit tests | ||
run: make ci/test | ||
|
||
test-windows: | ||
name: Run unit tests on Windows | ||
runs-on: windows-2019 | ||
env: | ||
GOPATH: ${{ github.workspace }} | ||
defaults: | ||
run: | ||
working-directory: src/github.com/${{env.ORIGINAL_REPO_NAME}} | ||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@v2 | ||
with: | ||
path: src/github.com/${{env.ORIGINAL_REPO_NAME}} | ||
- name: Install Go | ||
uses: actions/setup-go@v2 | ||
with: | ||
go-version: ${{env.GO_VERSION}} | ||
- name: Running unit tests | ||
shell: pwsh | ||
run: | | ||
.\build\windows\unit_tests.ps1 | ||
prerelease: | ||
name: Build binary for *Nix/Win, create archives for *Nix/Win, create packages for *Nix, upload all artifacts into GH Release assets | ||
runs-on: ubuntu-20.04 | ||
needs: [validate, snyk, test-nix, test-windows] | ||
env: | ||
GPG_MAIL: 'infrastructure-eng@newrelic.com' | ||
GPG_PASSPHRASE: ${{ secrets.OHAI_GPG_PASSPHRASE }} | ||
GPG_PRIVATE_KEY_BASE64: ${{ secrets.OHAI_GPG_PRIVATE_KEY_BASE64 }} # base64 encoded | ||
steps: | ||
- uses: actions/checkout@v2 | ||
- name: Login to DockerHub | ||
uses: docker/login-action@v1 | ||
with: | ||
username: ${{ secrets.OHAI_DOCKER_HUB_ID }} | ||
password: ${{ secrets.OHAI_DOCKER_HUB_PASSWORD }} | ||
- name: Pre release | ||
run: make ci/prerelease | ||
- name: Notify failure via Slack | ||
if: ${{ failure() }} | ||
uses: archive/github-actions-slack@master | ||
with: | ||
slack-bot-user-oauth-access-token: ${{ secrets.COREINT_SLACK_TOKEN }} | ||
slack-channel: ${{ secrets.COREINT_SLACK_CHANNEL }} | ||
slack-text: "❌ `${{ env.REPO_FULL_NAME }}`: prerelease pipeline failed." | ||
|
||
package-win: | ||
name: Create MSI & Upload into GH Release assets | ||
runs-on: windows-2019 | ||
needs: [prerelease] | ||
env: | ||
GOPATH: ${{ github.workspace }} | ||
PFX_CERTIFICATE_BASE64: ${{ secrets.OHAI_PFX_CERTIFICATE_BASE64 }} # base64 encoded | ||
PFX_PASSPHRASE: ${{ secrets.OHAI_PFX_PASSPHRASE }} | ||
PFX_CERTIFICATE_DESCRIPTION: 'New Relic' | ||
defaults: | ||
run: | ||
working-directory: src/github.com/${{env.ORIGINAL_REPO_NAME}} | ||
strategy: | ||
matrix: | ||
goarch: [amd64,386] | ||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@v2 | ||
with: | ||
path: src/github.com/${{env.ORIGINAL_REPO_NAME}} | ||
- name: Get PFX certificate from GH secrets | ||
shell: bash | ||
run: printf "%s" "$PFX_CERTIFICATE_BASE64" | base64 -d - > wincert.pfx | ||
- name: Download zip from GH Release assets and extract .exe | ||
shell: pwsh | ||
run: | | ||
build\windows\download_zip_extract_exe.ps1 "$env:INTEGRATION" ${{ matrix.goarch }} "$env:TAG" "$env:REPO_FULL_NAME" | ||
- name: Create MSI | ||
shell: pwsh | ||
run: | | ||
build\windows\package_msi.ps1 -integration "$env:INTEGRATION" -arch ${{ matrix.goarch }} -tag "$env:TAG" -pfx_passphrase "$env:PFX_PASSPHRASE" -pfx_certificate_description "$env:PFX_CERTIFICATE_DESCRIPTION" | ||
- name: Upload MSI to GH | ||
shell: bash | ||
run: | | ||
build/windows/upload_msi.sh ${INTEGRATION} ${{ matrix.goarch }} ${TAG} | ||
- name: Notify failure via Slack | ||
if: ${{ failure() }} | ||
uses: archive/github-actions-slack@master | ||
with: | ||
slack-bot-user-oauth-access-token: ${{ secrets.COREINT_SLACK_TOKEN }} | ||
slack-channel: ${{ secrets.COREINT_SLACK_CHANNEL }} | ||
slack-text: "❌ `${{ env.REPO_FULL_NAME }}`: prerelease pipeline failed." |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,92 @@ | ||
name: Push/PR pipeline | ||
|
||
on: | ||
push: | ||
branches: | ||
- master | ||
- main | ||
pull_request: | ||
|
||
env: | ||
TAG: "v0.0.0" # needed for goreleaser windows builds | ||
REPO_FULL_NAME: ${{ github.event.repository.full_name }} | ||
ORIGINAL_REPO_NAME: "newrelic/nri-elasticsearch" | ||
GO_VERSION: '1.9.7' | ||
|
||
jobs: | ||
|
||
validate: | ||
name: Validate code via linters | ||
runs-on: ubuntu-20.04 | ||
steps: | ||
- uses: actions/checkout@v2 | ||
- name: Login to DockerHub | ||
uses: docker/login-action@v1 | ||
with: | ||
username: ${{ secrets.OHAI_DOCKER_HUB_ID }} | ||
password: ${{ secrets.OHAI_DOCKER_HUB_PASSWORD }} | ||
- name: Validate code | ||
run: make ci/validate | ||
|
||
snyk: | ||
name: Run security checks via snyk | ||
runs-on: ubuntu-20.04 | ||
env: | ||
SNYK_TOKEN: ${{ secrets.COREINT_SNYK_TOKEN }} | ||
steps: | ||
- uses: actions/checkout@v2 | ||
- name: Login to DockerHub | ||
uses: docker/login-action@v1 | ||
with: | ||
username: ${{ secrets.OHAI_DOCKER_HUB_ID }} | ||
password: ${{ secrets.OHAI_DOCKER_HUB_PASSWORD }} | ||
- name: Scan code for vulnerabilities | ||
run: make ci/snyk-test | ||
|
||
test-nix: | ||
name: Run unit tests on *Nix | ||
runs-on: ubuntu-20.04 | ||
steps: | ||
- uses: actions/checkout@v2 | ||
- name: Login to DockerHub | ||
uses: docker/login-action@v1 | ||
with: | ||
username: ${{ secrets.OHAI_DOCKER_HUB_ID }} | ||
password: ${{ secrets.OHAI_DOCKER_HUB_PASSWORD }} | ||
- name: Unit tests | ||
run: make ci/test | ||
|
||
test-windows: | ||
name: Run unit tests on Windows | ||
runs-on: windows-2019 | ||
env: | ||
GOPATH: ${{ github.workspace }} | ||
defaults: | ||
run: | ||
working-directory: src/github.com/${{env.ORIGINAL_REPO_NAME}} | ||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@v2 | ||
with: | ||
path: src/github.com/${{env.ORIGINAL_REPO_NAME}} | ||
- name: Install Go | ||
uses: actions/setup-go@v2 | ||
with: | ||
go-version: ${{env.GO_VERSION}} | ||
- name: Running unit tests | ||
shell: pwsh | ||
run: | | ||
.\build\windows\unit_tests.ps1 | ||
test-build: | ||
name: Test binary compilation for all platforms:arch | ||
runs-on: ubuntu-20.04 | ||
steps: | ||
- uses: actions/checkout@v2 | ||
- name: Login to DockerHub | ||
uses: docker/login-action@v1 | ||
with: | ||
username: ${{ secrets.OHAI_DOCKER_HUB_ID }} | ||
password: ${{ secrets.OHAI_DOCKER_HUB_PASSWORD }} | ||
- name: Build all platforms:arch | ||
run: make ci/build |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
Oops, something went wrong.