ci: migration gha pr prerelease (#65)

* Migrate pipeline to GHA

* update goreleaser to remove deprecation warnings

* Apply suggestions from code review

Co-authored-by: Roberto Santalla <roobre@users.noreply.github.com>

* use GH cli to upload windows assets

* Update .github/workflows/prerelease.yml

Co-authored-by: Roberto Santalla <roobre@users.noreply.github.com>

* Update .github/workflows/prerelease.yml

Co-authored-by: Roberto Santalla <roobre@users.noreply.github.com>

* Update build/package/windows/nri-386-installer/Product.wxs

* Update build/package/windows/nri-amd64-installer/Product.wxs

* Update .github/workflows/prerelease.yml

* Update .github/workflows/prerelease.yml

* fix(ci/cd): changing scope of snyk env for consistency

Co-authored-by: Antonio Dias <adias@newrelic.com>
Co-authored-by: Roberto Santalla <roobre@users.noreply.github.com>
Co-authored-by: PaoloGallina <43335750+paologallinaharbur@users.noreply.github.com>
Co-authored-by: paologallinaharbur <paologallina1992@gmail.com>

.github/workflows/prerelease.yml

@@ -0,0 +1,149 @@
+name: Prerelease pipeline
+
+on:
+  release:
+    types:
+      - prereleased
+    tags:
+      - 'v*'
+
+env:
+  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  GO_VERSION: '1.9.7'
+  INTEGRATION: "elasticsearch"
+  ORIGINAL_REPO_NAME: 'newrelic/nri-elasticsearch'
+  REPO_FULL_NAME: ${{ github.event.repository.full_name }}
+  TAG: ${{ github.event.release.tag_name }}
+
+jobs:
+
+  validate:
+    name: Validate code via linters
+    runs-on: ubuntu-20.04
+    steps:
+      - uses: actions/checkout@v2
+      - name: Login to DockerHub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.OHAI_DOCKER_HUB_ID }}
+          password: ${{ secrets.OHAI_DOCKER_HUB_PASSWORD }}
+      - name: Validate code
+        run: make ci/validate
+
+  snyk:
+    name: Run security checks via snyk
+    runs-on: ubuntu-20.04
+    env:
+      SNYK_TOKEN: ${{ secrets.COREINT_SNYK_TOKEN }}    
+    steps:
+      - uses: actions/checkout@v2
+      - name: Login to DockerHub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.OHAI_DOCKER_HUB_ID }}
+          password: ${{ secrets.OHAI_DOCKER_HUB_PASSWORD }}
+      - name: Scan code for vulnerabilities
+        run: make ci/snyk-test
+
+  test-nix:
+    name: Run unit tests on *Nix
+    runs-on: ubuntu-20.04
+    steps:
+      - uses: actions/checkout@v2
+      - name: Login to DockerHub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.OHAI_DOCKER_HUB_ID }}
+          password: ${{ secrets.OHAI_DOCKER_HUB_PASSWORD }}
+      - name: Unit tests
+        run: make ci/test
+
+  test-windows:
+    name: Run unit tests on Windows
+    runs-on: windows-2019
+    env:
+      GOPATH: ${{ github.workspace }}
+    defaults:
+      run:
+        working-directory: src/github.com/${{env.ORIGINAL_REPO_NAME}}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          path: src/github.com/${{env.ORIGINAL_REPO_NAME}}
+      - name: Install Go
+        uses: actions/setup-go@v2
+        with:
+          go-version: ${{env.GO_VERSION}}
+      - name: Running unit tests
+        shell: pwsh
+        run: |
+          .\build\windows\unit_tests.ps1
+
+  prerelease:
+    name: Build binary for *Nix/Win, create archives for *Nix/Win, create packages for *Nix, upload all artifacts into GH Release assets
+    runs-on: ubuntu-20.04
+    needs: [validate, snyk, test-nix, test-windows]
+    env:
+      GPG_MAIL: 'infrastructure-eng@newrelic.com'
+      GPG_PASSPHRASE: ${{ secrets.OHAI_GPG_PASSPHRASE }}
+      GPG_PRIVATE_KEY_BASE64: ${{ secrets.OHAI_GPG_PRIVATE_KEY_BASE64 }} # base64 encoded
+    steps:
+      - uses: actions/checkout@v2
+      - name: Login to DockerHub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.OHAI_DOCKER_HUB_ID }}
+          password: ${{ secrets.OHAI_DOCKER_HUB_PASSWORD }}
+      - name: Pre release
+        run: make ci/prerelease
+      - name: Notify failure via Slack
+        if: ${{ failure() }}
+        uses: archive/github-actions-slack@master
+        with:
+          slack-bot-user-oauth-access-token: ${{ secrets.COREINT_SLACK_TOKEN }}
+          slack-channel: ${{ secrets.COREINT_SLACK_CHANNEL }}
+          slack-text: "❌ `${{ env.REPO_FULL_NAME }}`: prerelease pipeline failed."
+
+  package-win:
+    name: Create MSI & Upload into GH Release assets
+    runs-on: windows-2019
+    needs: [prerelease]
+    env:
+      GOPATH: ${{ github.workspace }}
+      PFX_CERTIFICATE_BASE64: ${{ secrets.OHAI_PFX_CERTIFICATE_BASE64 }} # base64 encoded
+      PFX_PASSPHRASE:  ${{ secrets.OHAI_PFX_PASSPHRASE }}
+      PFX_CERTIFICATE_DESCRIPTION: 'New Relic'
+    defaults:
+      run:
+        working-directory: src/github.com/${{env.ORIGINAL_REPO_NAME}}
+    strategy:
+      matrix:
+        goarch: [amd64,386]
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          path: src/github.com/${{env.ORIGINAL_REPO_NAME}}
+      - name: Get PFX certificate from GH secrets
+        shell: bash
+        run: printf "%s" "$PFX_CERTIFICATE_BASE64" | base64 -d - > wincert.pfx
+      - name: Download zip from GH Release assets and extract .exe
+        shell: pwsh
+        run: |
+          build\windows\download_zip_extract_exe.ps1 "$env:INTEGRATION" ${{ matrix.goarch }} "$env:TAG" "$env:REPO_FULL_NAME"
+      - name: Create MSI
+        shell: pwsh
+        run: |
+          build\windows\package_msi.ps1 -integration "$env:INTEGRATION" -arch ${{ matrix.goarch }} -tag "$env:TAG" -pfx_passphrase "$env:PFX_PASSPHRASE" -pfx_certificate_description "$env:PFX_CERTIFICATE_DESCRIPTION"
+      - name: Upload MSI to GH
+        shell: bash
+        run: |
+          build/windows/upload_msi.sh ${INTEGRATION} ${{ matrix.goarch }} ${TAG}
+      - name: Notify failure via Slack
+        if: ${{ failure() }}
+        uses: archive/github-actions-slack@master
+        with:
+          slack-bot-user-oauth-access-token: ${{ secrets.COREINT_SLACK_TOKEN }}
+          slack-channel: ${{ secrets.COREINT_SLACK_CHANNEL }}
+          slack-text: "❌ `${{ env.REPO_FULL_NAME }}`: prerelease pipeline failed."

.github/workflows/push_pr.yml

@@ -0,0 +1,92 @@
+name: Push/PR pipeline
+
+on:
+  push:
+    branches:
+      - master
+      - main
+  pull_request:
+
+env:
+  TAG: "v0.0.0" # needed for goreleaser windows builds
+  REPO_FULL_NAME: ${{ github.event.repository.full_name }}
+  ORIGINAL_REPO_NAME: "newrelic/nri-elasticsearch"
+  GO_VERSION: '1.9.7'
+
+jobs:
+
+  validate:
+    name: Validate code via linters
+    runs-on: ubuntu-20.04
+    steps:
+      - uses: actions/checkout@v2
+      - name: Login to DockerHub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.OHAI_DOCKER_HUB_ID }}
+          password: ${{ secrets.OHAI_DOCKER_HUB_PASSWORD }}
+      - name: Validate code
+        run: make ci/validate
+
+  snyk:
+    name: Run security checks via snyk
+    runs-on: ubuntu-20.04
+    env:
+      SNYK_TOKEN: ${{ secrets.COREINT_SNYK_TOKEN }}
+    steps:
+      - uses: actions/checkout@v2
+      - name: Login to DockerHub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.OHAI_DOCKER_HUB_ID }}
+          password: ${{ secrets.OHAI_DOCKER_HUB_PASSWORD }}
+      - name: Scan code for vulnerabilities
+        run: make ci/snyk-test
+
+  test-nix:
+    name: Run unit tests on *Nix
+    runs-on: ubuntu-20.04
+    steps:
+      - uses: actions/checkout@v2
+      - name: Login to DockerHub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.OHAI_DOCKER_HUB_ID }}
+          password: ${{ secrets.OHAI_DOCKER_HUB_PASSWORD }}
+      - name: Unit tests
+        run: make ci/test
+
+  test-windows:
+    name: Run unit tests on Windows
+    runs-on: windows-2019
+    env:
+      GOPATH: ${{ github.workspace }}
+    defaults:
+      run:
+        working-directory: src/github.com/${{env.ORIGINAL_REPO_NAME}}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          path: src/github.com/${{env.ORIGINAL_REPO_NAME}}
+      - name: Install Go
+        uses: actions/setup-go@v2
+        with:
+          go-version: ${{env.GO_VERSION}}
+      - name: Running unit tests
+        shell: pwsh
+        run: |
+          .\build\windows\unit_tests.ps1
+
+  test-build:
+    name: Test binary compilation for all platforms:arch
+    runs-on: ubuntu-20.04
+    steps:
+      - uses: actions/checkout@v2
+      - name: Login to DockerHub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.OHAI_DOCKER_HUB_ID }}
+          password: ${{ secrets.OHAI_DOCKER_HUB_PASSWORD }}
+      - name: Build all platforms:arch
+        run: make ci/build

.gitignore

@@ -45,5 +45,15 @@ debug
 conf.yaml
 Makefile-deploy.mk
 
- #GoLand
-.idea 
+bin/
+dist/
+
+# Local development tools/files
+.idea
+.env
+.envrc
+*.gpg
+
+# build files
+src/versioninfo.json
+src/resource.syso

Makefile

@@ -1,6 +1,5 @@
 WORKDIR      := $(shell pwd)
-TARGET       := target
-TARGET_DIR    = $(WORKDIR)/$(TARGET)
+
 NATIVEOS	 := $(shell go version | awk -F '[ /]' '{print $$4}')
 NATIVEARCH	 := $(shell go version | awk -F '[ /]' '{print $$5}')
 INTEGRATION  := elasticsearch
@@ -11,14 +10,15 @@ GOTOOLS       = github.com/kardianos/govendor \
 		gopkg.in/alecthomas/gometalinter.v2 \
 		github.com/axw/gocov/gocov \
 		github.com/AlekSi/gocov-xml \
+		github.com/stretchr/testify/assert \
 
 all: build
 
 build: check-version clean validate test compile
 
 clean:
 	@echo "=== $(INTEGRATION) === [ clean ]: Removing binaries and coverage file..."
-	@rm -rfv bin coverage.xml $(TARGET)
+	@rm -rfv bin coverage.xml
 
 tools: check-version
 	@echo "=== $(INTEGRATION) === [ tools ]: Installing tools required by the project..."
@@ -57,7 +57,8 @@ test: deps
 	@gocov test -race $(GO_PKGS) | gocov-xml > coverage.xml
 
 # Include thematic Makefiles
-include Makefile-*.mk
+include $(CURDIR)/build/ci.mk
+include $(CURDIR)/build/release.mk
 
 check-version:
 ifdef GOOS