Skip to content

Commit

Permalink
arvdias/add publishing action (#71)
Browse files Browse the repository at this point in the history 
* use publish gh action

Co-authored-by: Roberto Santalla <roobre@users.noreply.github.com>
  • Loading branch information
@arvdias @roobre
arvdias and roobre committed Mar 10, 2021
1 parent 45090c1 commit 1d838f1
Show file tree
Hide file tree
Showing 3 changed files with 99 additions and 9 deletions.
52 changes: 44 additions & 8 deletions .github/workflows/prerelease.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GO_VERSION: '1.9.7'
INTEGRATION: "mysql"
ORIGINAL_REPO_NAME: 'newrelic/nri-mysql'
ORIGINAL_REPO_NAME: ${{ github.event.repository.full_name }}
REPO_FULL_NAME: ${{ github.event.repository.full_name }}
TAG: ${{ github.event.release.tag_name }}

Expand Down Expand Up @@ -110,11 +110,7 @@ jobs:
prerelease:
name: Build binary for *Nix/Win, create archives for *Nix/Win, create packages for *Nix, upload all artifacts into GH Release assets
runs-on: ubuntu-20.04
needs: [validate, test-nix, test-windows, snyk, test-integration-nix]
env:
GPG_MAIL: 'infrastructure-eng@newrelic.com'
GPG_PASSPHRASE: ${{ secrets.OHAI_GPG_PASSPHRASE }}
GPG_PRIVATE_KEY_BASE64: ${{ secrets.OHAI_GPG_PRIVATE_KEY_BASE64 }} # base64 encoded
needs: [validate, snyk, test-nix, test-windows, test-integration-nix]
steps:
- uses: actions/checkout@v2
- name: Login to DockerHub
Expand All @@ -124,13 +120,17 @@ jobs:
password: ${{ secrets.OHAI_DOCKER_HUB_PASSWORD }}
- name: Pre release
run: make ci/prerelease
env:
GPG_MAIL: 'infrastructure-eng@newrelic.com'
GPG_PASSPHRASE: ${{ secrets.OHAI_GPG_PASSPHRASE }}
GPG_PRIVATE_KEY_BASE64: ${{ secrets.OHAI_GPG_PRIVATE_KEY_BASE64 }} # base64 encoded
- name: Notify failure via Slack
if: ${{ failure() }}
uses: archive/github-actions-slack@master
with:
slack-bot-user-oauth-access-token: ${{ secrets.COREINT_SLACK_TOKEN }}
slack-channel: ${{ secrets.COREINT_SLACK_CHANNEL }}
slack-text: "❌ `${{ env.REPO_FULL_NAME }}`: prerelease pipeline failed."
slack-text: "❌ `${{ env.ORIGINAL_REPO_NAME }}`: prerelease pipeline failed."

package-win:
name: Create MSI & Upload into GH Release assets
Expand Down Expand Up @@ -173,4 +173,40 @@ jobs:
with:
slack-bot-user-oauth-access-token: ${{ secrets.COREINT_SLACK_TOKEN }}
slack-channel: ${{ secrets.COREINT_SLACK_CHANNEL }}
slack-text: "❌ `${{ env.REPO_FULL_NAME }}`: prerelease pipeline failed."
slack-text: "❌ `${{ env.ORIGINAL_REPO_NAME }}`: prerelease pipeline failed."

publish-to-s3:
name: Send release assets to S3
runs-on: ubuntu-20.04
needs: [package-win]
steps:
- name: Login to DockerHub
uses: docker/login-action@v1
with:
username: ${{ secrets.OHAI_DOCKER_HUB_ID }}
password: ${{ secrets.OHAI_DOCKER_HUB_PASSWORD }}
- name: Publish to S3 action
uses: newrelic/infrastructure-publish-action@v1
env:
AWS_S3_BUCKET_NAME: "nr-downloads-ohai-staging"
AWS_S3_LOCK_BUCKET_NAME: "onhost-ci-lock-staging"
with:
disable_lock: false
run_id: ${{ github.run_id }}
tag: ${{env.TAG}}
app_name: "nri-${{env.INTEGRATION}}"
repo_name: ${{ env.ORIGINAL_REPO_NAME }}
# 'ohi' is for integrations
schema: "ohi"
aws_region: "us-east-1"
aws_role_arn: ${{ secrets.OHAI_AWS_ROLE_ARN_STAGING }}
aws_role_session_name: ${{ secrets.OHAI_AWS_ROLE_SESSION_NAME_STAGING }}
aws_access_key_id: ${{ secrets.OHAI_AWS_ACCESS_KEY_ID_STAGING }}
aws_secret_access_key: ${{ secrets.OHAI_AWS_SECRET_ACCESS_KEY_STAGING }}
aws_s3_bucket_name: ${{ env.AWS_S3_BUCKET_NAME }}
# used for locking in case of concurrent releases
aws_s3_lock_bucket_name: ${{ env.AWS_S3_LOCK_BUCKET_NAME }}
# used for signing package stuff
gpg_passphrase: ${{ secrets.OHAI_GPG_PASSPHRASE }}
gpg_private_key_base64: ${{ secrets.OHAI_GPG_PRIVATE_KEY_BASE64 }}

53 changes: 53 additions & 0 deletions .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
name: Release pipeline

on:
release:
types:
- released
tags:
- 'v*'

env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
INTEGRATION: "mysql"
ORIGINAL_REPO_NAME: ${{ github.event.repository.full_name }}
TAG: ${{ github.event.release.tag_name }}

jobs:

publish-to-s3:
name: Send release assets to S3
runs-on: ubuntu-20.04
steps:
- name: Login to DockerHub
uses: docker/login-action@v1
with:
username: ${{ secrets.OHAI_DOCKER_HUB_ID }}
password: ${{ secrets.OHAI_DOCKER_HUB_PASSWORD }}
- name: Publish to S3 action
uses: newrelic/infrastructure-publish-action@v1
env:
AWS_S3_BUCKET_NAME: "nr-downloads-main"
AWS_S3_LOCK_BUCKET_NAME: "onhost-ci-lock"
AWS_REGION: "us-east-1"
with:
# lock enabled
disable_lock: false
run_id: ${{ github.run_id }}
tag: ${{env.TAG}}
app_name: "nri-${{env.INTEGRATION}}"
repo_name: ${{ env.ORIGINAL_REPO_NAME }}
# 'ohi' is for integrations
schema: "ohi"
aws_region: ${{ env.AWS_REGION }}
aws_role_arn: ${{ secrets.OHAI_AWS_ROLE_ARN_PRODUCTION }}
aws_role_session_name: ${{ secrets.OHAI_AWS_ROLE_SESSION_NAME_PRODUCTION }}
aws_access_key_id: ${{ secrets.OHAI_AWS_ACCESS_KEY_ID_PRODUCTION }}
aws_secret_access_key: ${{ secrets.OHAI_AWS_SECRET_ACCESS_KEY_PRODUCTION }}
aws_s3_bucket_name: ${{ env.AWS_S3_BUCKET_NAME }}
# used for locking in case of concurrent releases
aws_s3_lock_bucket_name: ${{ env.AWS_S3_LOCK_BUCKET_NAME }}
# used for signing package stuff
gpg_passphrase: ${{ secrets.OHAI_GPG_PASSPHRASE }}
gpg_private_key_base64: ${{ secrets.OHAI_GPG_PRIVATE_KEY_BASE64 }}

3 changes: 2 additions & 1 deletion build/ci.mk
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,7 @@ ci/snyk-test:
-v $(CURDIR):/go/src/github.com/newrelic/nri-$(INTEGRATION) \
-w /go/src/github.com/newrelic/nri-$(INTEGRATION) \
-e SNYK_TOKEN \
-e GO111MODULE=auto \
snyk/snyk:golang snyk test --severity-threshold=high

.PHONY : ci/build
Expand Down Expand Up @@ -78,4 +79,4 @@ ifdef TAG
else
@echo "===> $(INTEGRATION) === [ci/prerelease] TAG env variable expected to be set"
exit 1
endif
endif

0 comments on commit 1d838f1

Please sign in to comment.