251 lines (205 loc) · 8.37 KB
/
accept.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
name: Accept - Fallback Install, Build & Package & Prebuilt Install (on merge)
on:
push:
branches:
# triggered by pull request approval triggers which is a merge to default branch
- master
workflow_dispatch:
inputs:
target-test:
required: false
description: 'Run Tests on Target & Fallback Groups? (type: yes)'
default: false
jobs:
# both build-group-unpublish and build-group-publish "needs" this job
load-build-group:
name: Load Build Group Config JSON
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.set-matrix.outputs.matrix }}
steps:
- name: Checkout ${{ github.ref }}
uses: actions/checkout@v2
- name: Checksum Liboboe
run: .github/scripts/liboboe-checksum.sh "liboboe-1.0-x86_64.so.0.0.0 liboboe-1.0-alpine-x86_64.so.0.0.0 liboboe-1.0-lambda-x86_64.so.0.0.0"
# build with the lowest versions of the OSes supported so the glibc/musl versions are the oldest/most compatible.
# note: some of those images are no longer supported officially (https://hub.docker.com/_/node)
- name: Load build group data
id: set-matrix
run: .github/scripts/matrix-from-json.sh .github/config/build-group.json
build-group-unpublish:
name: Build Group Unpublish
runs-on: ubuntu-latest
needs: load-build-group
strategy:
fail-fast: false
matrix: ${{ fromJson(needs.load-build-group.outputs.matrix) }}
container:
image: ${{ matrix.image }}
env:
AWS_ACCESS_KEY_ID: ${{ secrets.STAGING_AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.STAGING_AWS_SECRET_ACCESS_KEY }}
steps:
# See comment at bottom of file.
- name: Change Owner of Container Working Directory
run: chown root:root .
- name: Checkout ${{ github.ref }}
uses: actions/checkout@v2
- name: Show Environment Info
run: |
printenv
node --version
npm --version
cat /etc/os-release
# must install dependencies before using node-pre-gyp
# rather not call npm install as doing so may fallback-to-build if package has yet to be published.
# use npm workaround specifying a package name to bypass install script in package.json
- name: NPM Install dependencies
run: npm install linux-os-info --unsafe-perm
- name: Clear Staging for version
run: npx node-pre-gyp unpublish --s3_host=staging
load-fallback-group:
name: Load Fallback Group Config JSON
runs-on: ubuntu-latest
needs: build-group-unpublish
outputs:
matrix: ${{ steps.set-matrix.outputs.matrix }}
steps:
- name: Checkout ${{ github.ref }}
uses: actions/checkout@v2
# contains images that are able to build "out of the box"
- name: Load target group data
id: set-matrix
run: .github/scripts/matrix-from-json.sh .github/config/fallback-group.json
fallback-group-install:
name: Fallback Group Install
runs-on: ubuntu-latest
needs: load-fallback-group
strategy:
fail-fast: false
matrix: ${{ fromJson(needs.load-fallback-group.outputs.matrix) }}
container:
image: ${{ matrix.image }}
env:
APPOPTICS_SERVICE_KEY: ${{ secrets.APPOPTICS_SERVICE_KEY }}
APPOPTICS_COLLECTOR: ${{ secrets.APPOPTICS_COLLECTOR }}
AO_TEST_PROD_SERVICE_KEY: ${{ secrets.AO_TEST_PROD_SERVICE_KEY }}
steps:
# See comment at bottom of file.
- name: Change Owner of Container Working Directory
run: chown root:root .
- name: Checkout ${{ github.ref }}
uses: actions/checkout@v2
- name: Show Environment Info
run: |
printenv
node --version
npm --version
cat /etc/os-release
# the staging bucket has been cleared
# install of package will fallback to build from source
- name: NPM Install (to fallback)
run: npm install --unsafe-perm --s3_host=staging
- name: Check Artifacts
run: ls ./dist/napi-v*/apm_bindings.node && ls ./dist/napi-v*/ao_metrics.node
- name: Run tests
run: npm test
if: ${{ github.event.inputs.target-test }}
build-group-publish:
name: Build Group Publish
runs-on: ubuntu-latest
needs: [load-build-group, fallback-group-install]
strategy:
fail-fast: false
matrix: ${{ fromJson(needs.load-build-group.outputs.matrix) }}
container:
image: ${{ matrix.image }}
env:
AWS_ACCESS_KEY_ID: ${{ secrets.STAGING_AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.STAGING_AWS_SECRET_ACCESS_KEY }}
steps:
# See comment at bottom of file.
- name: Change Owner of Container Working Directory
run: chown root:root .
- name: Checkout ${{ github.ref }}
uses: actions/checkout@v2
- name: Show Environment Info
run: |
printenv
node --version
npm --version
cat /etc/os-release
# must install specific dependencies before a build
# can't call npm install. doing so may fallback-to-build if package has yet to be published (double build)
# use npm workaround specifying a package name to bypass install script in package.json
- name: NPM Install dependencies
run: npm install linux-os-info --unsafe-perm
# must setup libobo before build
# node-pre-gyp rebuild runs "clean" and "build" at once.
# it is mapped to `node-gyp rebuild` which internally means "clean + configure + build" and triggers a full recompile
- name: Build
run: |
node setup-liboboe.js
npx node-pre-gyp rebuild
# artifacts are at:build/stage/nodejs/bindings/
- name: Package
run: npx node-pre-gyp package # requires clean rebuild
# *** IMPORTANT:
# always include --s3_host flag regardless of node-pre-gyp defaults.
# node-pre-gyp can't publish over existing version, but bucket was cleared at beginning of workflow
- name: Publish Package to Staging
run: npx node-pre-gyp publish --s3_host=staging
load-prebuilt-group:
name: Load Prebuilt Group Config JSON
runs-on: ubuntu-latest
needs: build-group-publish
outputs:
matrix: ${{ steps.set-matrix.outputs.matrix }}
steps:
- name: Checkout ${{ github.ref }}
uses: actions/checkout@v2
# contains images that are unable to build "out of the box" and will install prebuilt
- name: Load target group data
id: set-matrix
run: .github/scripts/matrix-from-json.sh .github/config/prebuilt-group.json
prebuilt-group-install:
name: Prebuilt Group Install
runs-on: ubuntu-latest
needs: load-prebuilt-group
strategy:
fail-fast: false
matrix: ${{ fromJson(needs.load-prebuilt-group.outputs.matrix) }}
container:
image: ${{ matrix.image }}
env:
APPOPTICS_SERVICE_KEY: ${{ secrets.APPOPTICS_SERVICE_KEY }}
APPOPTICS_COLLECTOR: ${{ secrets.APPOPTICS_COLLECTOR }}
AO_TEST_PROD_SERVICE_KEY: ${{ secrets.AO_TEST_PROD_SERVICE_KEY }}
steps:
# See comment at bottom of file.
- name: Change Owner of Container Working Directory
run: chown root:root .
- name: Checkout ${{ github.ref }}
uses: actions/checkout@v2
- name: Show Environment Info
run: |
printenv
node --version
npm --version
cat /etc/os-release
# *** IMPORTANT: by default our package is installed from production bucket as defined in package.json.
# to test current build pass --s3_host="staging"
- name: NPM Install Staging
run: npm install --unsafe-perm --s3_host=staging
- name: Check Artifacts
run: ls ./dist/napi-v*/apm_bindings.node && ls ./dist/napi-v*/ao_metrics.node
- name: Run tests
run: npm test
if: ${{ github.event.inputs.target-test }}
# Why Change Owner of Container Working Directory?
# the working directory is created by the runner and mounted to the container.
# container user is root and the runner is not a user in the container.
# this is a github actions design flaw.
# when npm 7 is run as root, scripts are always run with the effective uid and gid of the working directory owner.
# node 16 can't install under default setup.
# specifying workdir for container and path for checkout does not work due to bug.