From 7b5d0895b0d73bd3b1e13c48447cd6c8d47df769 Mon Sep 17 00:00:00 2001 From: Attila Szakacs Date: Sat, 18 May 2024 22:28:59 +0200 Subject: [PATCH] github-actions: upload packages to R2 Signed-off-by: Attila Szakacs --- .github/workflows/index-packages.yml | 4 +- .github/workflows/nightly-release.yml | 48 ++++++++++--------- .github/workflows/test-apt-packages.yml | 24 +++++----- .github/workflows/upload-packages.yml | 38 +++++++-------- .../indexer/apt_conf/nightly.conf | 2 +- .../indexer/apt_conf/stable.conf | 2 +- 6 files changed, 58 insertions(+), 60 deletions(-) diff --git a/.github/workflows/index-packages.yml b/.github/workflows/index-packages.yml index 0a6fb564f2..ce7b17223b 100644 --- a/.github/workflows/index-packages.yml +++ b/.github/workflows/index-packages.yml @@ -1,4 +1,4 @@ -name: Index packages in Azure/incoming +name: Index packages in R2/incoming on: @@ -34,7 +34,7 @@ jobs: DOCKER_IMAGE: package-indexer DOCKER_CONTAINER_NAME: package_indexer_container VERBOSE_LOG_PATH: index-packages-verbose.log - GPG_KEY_PATH: syslog_ng_ose_signing_key.sub.priv.asc + GPG_KEY_PATH: axosyslog_signing_key.sub.priv.asc if: github.repository_owner == 'axoflow' diff --git a/.github/workflows/nightly-release.yml b/.github/workflows/nightly-release.yml index c32cf4c088..376ead7918 100644 --- a/.github/workflows/nightly-release.yml +++ b/.github/workflows/nightly-release.yml @@ -45,29 +45,31 @@ jobs: source-tarball-artifact-name: source-tarball dbld-image-mode: cache - # upload-packages: - # needs: create-packages - # uses: ./.github/workflows/upload-packages.yml - # with: - # pkg-type: nightly - # secrets: - # azure-sas-token: ${{ secrets.AZURE_SAS_TOKEN }} - - # index-packages: - # needs: upload-packages - # uses: ./.github/workflows/index-packages.yml - # with: - # pkg-type: nightly - # secrets: - # config-base64: ${{ secrets.PACKAGE_INDEXER_CONFIG_BASE64 }} - # gpg-key-base64: ${{ secrets.PACKAGE_INDEXER_GPG_KEY_BASE64 }} - # gpg-key-passphrase: ${{ secrets.PACKAGE_INDEXER_GPG_KEY_PASSPHRASE }} - - # test-packages: - # needs: index-packages - # uses: ./.github/workflows/test-apt-packages.yml - # with: - # pkg-type: nightly + upload-packages: + needs: create-packages + uses: ./.github/workflows/upload-packages.yml + with: + pkg-type: nightly + secrets: + r2-access-key: ${{ secrets.R2_ACCESS_KEY }} + r2-secret-key: ${{ secrets.R2_SECRET_KEY }} + r2-account-id: ${{ secrets.R2_ACCOUNT_ID }} + + index-packages: + needs: upload-packages + uses: ./.github/workflows/index-packages.yml + with: + pkg-type: nightly + secrets: + config-base64: ${{ secrets.PACKAGE_INDEXER_CONFIG_BASE64 }} + gpg-key-base64: ${{ secrets.PACKAGE_INDEXER_GPG_KEY_BASE64 }} + gpg-key-passphrase: ${{ secrets.PACKAGE_INDEXER_GPG_KEY_PASSPHRASE }} + + test-packages: + needs: index-packages + uses: ./.github/workflows/test-apt-packages.yml + with: + pkg-type: nightly axosyslog-modules: name: axosyslog-modules diff --git a/.github/workflows/test-apt-packages.yml b/.github/workflows/test-apt-packages.yml index a6155aaac9..beb8efd2e2 100644 --- a/.github/workflows/test-apt-packages.yml +++ b/.github/workflows/test-apt-packages.yml @@ -1,6 +1,6 @@ -# Please note that the syslog-ng git repository is not available in this workflow. +# Please note that the axosyslog git repository is not available in this workflow. # It means that certain convenience/helper functions are not available (e.g. gh_output). -# This is intentional as syslog-ng will be acquired from the APT repository. +# This is intentional as axosyslog will be acquired from the APT repository. name: Run smoke tests on APT packages on: @@ -27,7 +27,7 @@ jobs: - "ubuntu:mantic" upgrade-from: - "debian-official" - - "syslog-ng-last" + - "axosyslog-last" exclude: # The official syslog-ng got removed from debian:testing because of pcre: # https://tracker.debian.org/news/1445295/syslog-ng-removed-from-testing/ @@ -49,18 +49,18 @@ jobs: - name: Add OSE repository run: | - wget -qO - https://ose-repo.syslog-ng.com/apt/syslog-ng-ose-pub.asc | gpg --dearmor > /usr/share/keyrings/ose-repo-archive-keyring.gpg - echo "deb [signed-by=/usr/share/keyrings/ose-repo-archive-keyring.gpg] https://ose-repo.syslog-ng.com/apt/ ${{ inputs.pkg-type }} $(echo ${{ matrix.distro }} | sed 's/:/-/g')" | tee --append /etc/apt/sources.list.d/syslog-ng-ose.list + wget -qO - https://pkg.axosyslog.alltilla.com/alltilla-pub.asc | gpg --dearmor > /usr/share/keyrings/axosyslog-archive-keyring.gpg + echo "deb [signed-by=/usr/share/keyrings/axosyslog-archive-keyring.gpg] https://pkg.axosyslog.alltilla.com/apt ${{ inputs.pkg-type }} $(echo ${{ matrix.distro }} | sed 's/:/-/g')" | tee --append /etc/apt/sources.list.d/axosyslog.list apt-get update -qq - - name: Install the last but one syslog-ng OSE package - if: matrix.upgrade-from == 'syslog-ng-last' + - name: Install the last but one AxoSyslog package + if: matrix.upgrade-from == 'axosyslog-last' run: | - DEBIAN_FRONTEND=noninteractive apt-get install --yes syslog-ng=$(apt-cache madison syslog-ng | sed -n 2p | awk -F"|" '{print $2}' | sed 's/ //g') + DEBIAN_FRONTEND=noninteractive apt-get install --yes axosyslog=$(apt-cache madison axosyslog | sed -n 2p | awk -F"|" '{print $2}' | sed 's/ //g') - - name: Upgrade to the latest syslog-ng OSE package + - name: Upgrade to the latest AxoSyslog package run: | - DEBIAN_FRONTEND=noninteractive apt-get install --yes syslog-ng + DEBIAN_FRONTEND=noninteractive apt-get install --yes axosyslog - name: Get syslog-ng revision run: | @@ -79,8 +79,8 @@ jobs: - name: Check if installed package version matches with install revision run: | echo "Installed revision value: ${{ steps.syslog_ng_revision.outputs.REVISION }}" - dpkg-query --show syslog-ng\* - dpkg-query -f='${db:Status-Status}\t${package}\t${version}\t\n' --show syslog-ng\* | grep ^installed | while read installed_syslog_ng_package ; do echo $installed_syslog_ng_package | grep ${{ steps.syslog_ng_revision.outputs.REVISION }} ; done + dpkg-query --show axosyslog\* + dpkg-query -f='${db:Status-Status}\t${package}\t${version}\t\n' --show axosyslog\* | grep ^installed | while read installed_axosyslog_package ; do echo $installed_axosyslog_package | grep ${{ steps.syslog_ng_revision.outputs.REVISION }} ; done - name: Check if syslog-ng can start with default config run: | diff --git a/.github/workflows/upload-packages.yml b/.github/workflows/upload-packages.yml index 614b51a3ed..8937320ca3 100644 --- a/.github/workflows/upload-packages.yml +++ b/.github/workflows/upload-packages.yml @@ -1,4 +1,4 @@ -name: Upload package to Azure/incoming +name: Upload package to R2/incoming on: @@ -22,7 +22,11 @@ on: "ubuntu-mantic" ]' secrets: - azure-sas-token: + r2-access-key: + required: true + r2-secret-key: + required: true + r2-account-id: required: true @@ -46,23 +50,15 @@ jobs: name: package-${{ matrix.distro }} path: package - - name: Calculate Azure path + - name: Upload packages to R2 incoming + working-directory: package run: | - if [[ ! "${{ inputs.pkg-type }}" =~ ^(stable|nightly)$ ]]; then - echo Unexpected input: pkg-type=${{ inputs.pkg-type }} - false - fi - - AZURE_PATH="incoming/${{ inputs.pkg-type }}/${{ github.run_id }}" - - echo "AZURE_PATH=${AZURE_PATH}" >> ${GITHUB_ENV} - - - name: Upload packages to Azure incoming - uses: azure/CLI@v1 - with: - inlineScript: | - az storage blob upload-batch \ - --sas-token '${{ secrets.azure-sas-token }}' \ - --account-name 'syslogngose' \ - --source 'package' \ - --destination '${{ env.AZURE_PATH }}' + export AWS_ACCESS_KEY_ID='${{ secrets.r2-access-key }}' + export AWS_SECRET_ACCESS_KEY='${{ secrets.r2-secret-key }}' + export AWS_DEFAULT_REGION='auto' + find * -type f -exec \ + aws s3api put-object \ + --endpoint-url https://${{ secrets.r2-account-id }}.r2.cloudflarestorage.com \ + --bucket axosyslog-apt-incoming \ + --key ${{ inputs.pkg-type }}/${{ github.run_id }}/{} \ + --body {} \; diff --git a/packaging/package-indexer/indexer/apt_conf/nightly.conf b/packaging/package-indexer/indexer/apt_conf/nightly.conf index dd5e902cb9..3e1e5a2778 100644 --- a/packaging/package-indexer/indexer/apt_conf/nightly.conf +++ b/packaging/package-indexer/indexer/apt_conf/nightly.conf @@ -4,7 +4,7 @@ APT { FTPArchive { Release { Architectures "amd64"; - Origin "https://ose-repo.syslog-ng.com/apt"; + Origin "https://pkg.axosyslog.alltilla.com/apt"; Suite "nightly"; Codename "nightly"; }; diff --git a/packaging/package-indexer/indexer/apt_conf/stable.conf b/packaging/package-indexer/indexer/apt_conf/stable.conf index 4bac0f4f02..b0c2a6914c 100644 --- a/packaging/package-indexer/indexer/apt_conf/stable.conf +++ b/packaging/package-indexer/indexer/apt_conf/stable.conf @@ -4,7 +4,7 @@ APT { FTPArchive { Release { Architectures "amd64"; - Origin "https://ose-repo.syslog-ng.com/apt"; + Origin "https://pkg.axosyslog.alltilla.com/apt"; Suite "stable"; Codename "stable"; };