ci: nested workflows + publish w/o release (#969)

* ci: velidate idea of nested workflows * publish packages without release * bumped publish-action version Co-authored-by: Ruben Ruiz de Gauna <rubenruizdegauna@gmail.com>
newrelic · Mar 18, 2022 · 2daec54 · 2daec54
1 parent 75ae0f1
commit 2daec54
Show file tree

Hide file tree

Showing 28 changed files with 1,380 additions and 1,075 deletions.
diff --git a/.github/workflows/clear_fastly_cache.yml b/.github/workflows/clear_fastly_cache.yml
@@ -3,21 +3,13 @@ name: Clear Fastly cache
 on:
   workflow_dispatch:
 
-env:
-  AWS_S3_BUCKET_NAME: "nr-downloads-main"
-  AWS_REGION: "us-east-1"
-  AWS_ACCESS_KEY_ID: ${{ secrets.OHAI_AWS_ACCESS_KEY_ID_PRODUCTION }}
-  AWS_SECRET_ACCESS_KEY: ${{ secrets.OHAI_AWS_SECRET_ACCESS_KEY_PRODUCTION }}
-  AWS_ROLE_ARN: ${{ secrets.OHAI_AWS_ROLE_ARN_PRODUCTION }}
-  AWS_ROLE_SESSION_NAME: ${{ secrets.OHAI_AWS_ROLE_SESSION_NAME_PRODUCTION }}
-
 jobs:
   purge-cdn:
     name: Purge CDN
-    runs-on: ubuntu-20.04
-    steps:
-      - uses: actions/checkout@v2
-      - name: Fasty purge
-        env:
-          FASTLY_KEY: ${{secrets.FASTLY_KEY }}
-        run: tools/cdn-purge/fastly-purge.sh
+    uses: newrelic/infrastructure-agent/.github/workflows/component_purge_cdn.yml@master
+    secrets:
+      FASTLY_KEY: ${{secrets.FASTLY_KEY }}
+      AWS_ACCESS_KEY_ID: ${{ secrets.OHAI_AWS_ACCESS_KEY_ID_PRODUCTION }}
+      AWS_SECRET_ACCESS_KEY: ${{ secrets.OHAI_AWS_SECRET_ACCESS_KEY_PRODUCTION }}
+      AWS_ROLE_ARN: ${{ secrets.OHAI_AWS_ROLE_ARN_PRODUCTION }}
+      AWS_ROLE_SESSION_NAME: ${{ secrets.OHAI_AWS_ROLE_SESSION_NAME_PRODUCTION }}
diff --git a/.github/workflows/component_docker_build.yml b/.github/workflows/component_docker_build.yml
@@ -0,0 +1,67 @@
+name: Compile docker image
+
+on:
+  workflow_call:
+    secrets:
+      DOCKER_HUB_ID:
+        required: true
+      DOCKER_HUB_PASSWORD:
+        required: true
+    inputs:
+      TAG:
+        required: true
+        type: string
+
+env:
+  TAG: ${{ inputs.TAG }}
+  DOCKER_PUBLISH: true
+
+jobs:
+  build-container:
+    name: Building containerized agent
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+
+      - name: Login to DockerHub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKER_HUB_ID }}
+          password: ${{ secrets.DOCKER_HUB_PASSWORD }}
+
+      - name: Build agent binaries
+        run: make ci/build
+
+      - name: Build container agent (amd64)
+        run: make -C build/container/ build/base-amd64
+
+      - name: Build container agent (arm)
+        run: make -C build/container/ build/base-arm
+
+      - name: Build container agent (arm64)
+        run: make -C build/container/ build/base-arm64
+
+      - name: Build container forwarder (amd64)
+        run: make -C build/container/ build/forwarder-amd64
+
+      - name: Build container forwarder (arm)
+        run: make -C build/container/ build/forwarder-arm
+
+      - name: Build container forwarder (arm64)
+        run: make -C build/container/ build/forwarder-arm64
+
+      - name: Build container k8s-events-forwarder (amd64)
+        run: make -C build/container/ build/k8s-events-forwarder-amd64
+
+      - name: Build container k8s-events-forwarder (arm)
+        run: make -C build/container/ build/k8s-events-forwarder-arm
+
+      - name: Build container k8s-events-forwarder (arm64)
+        run: make -C build/container/ build/k8s-events-forwarder-arm64
diff --git a/.github/workflows/component_docker_packaging.yml b/.github/workflows/component_docker_packaging.yml
@@ -0,0 +1,63 @@
+name: Build and upload docker images as RC
+
+on:
+  workflow_call:
+    secrets:
+      DOCKER_HUB_ID:
+        required: true
+      DOCKER_HUB_PASSWORD:
+        required: true
+      GPG_MAIL:
+        required: true
+      GPG_PASSPHRASE:
+        required: true
+      GPG_PRIVATE_KEY_BASE64:
+        required: true
+      GH_TOKEN:
+        required: true
+    inputs:
+      TAG:
+        required: true
+        type: string
+
+env:
+  GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
+  GPG_MAIL: ${{ secrets.GPG_MAIL }}
+  GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
+  GPG_PRIVATE_KEY_BASE64: ${{ secrets.GPG_PRIVATE_KEY_BASE64 }} # base64 encoded
+  TAG:  ${{ inputs.TAG }}
+  DOCKER_HUB_ID: ${{ secrets.DOCKER_HUB_ID }}
+  DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}
+  DOCKER_PUBLISH: true
+
+jobs:
+  packaging:
+    name: Build and upload docker images as RC
+    runs-on: ubuntu-20.04
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Login to DockerHub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ env.DOCKER_HUB_ID }}
+          password: ${{ env.DOCKER_HUB_PASSWORD }}
+
+      - name: Compiling binaries for linux amd64, arm, arm64
+        run: make ci/prerelease/linux-for-docker
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+
+      - name: Build and publish Release Candidate (RC) of base Docker image
+        run: AGENT_VERSION=${{env.TAG}} make -C build/container/ clean publish/multi-arch-base-rc
+
+      - name: Build and publish Release Candidate (RC) of forwarder Docker image
+        run: AGENT_VERSION=${{env.TAG}} make -C build/container/ clean publish/multi-arch-forwarder-rc
+
+      - name: Build and publish Release Candidate (RC) of k8s-events-forwarders Docker image
+        run: AGENT_VERSION=${{env.TAG}} make -C build/container/ clean publish/multi-arch-k8s-events-forwarder-rc
diff --git a/.github/workflows/component_docker_publish.yml b/.github/workflows/component_docker_publish.yml
@@ -0,0 +1,54 @@
+name: Publish docker image
+
+on:
+  workflow_call:
+    secrets:
+      DOCKER_HUB_ID:
+        required: true
+      DOCKER_HUB_PASSWORD:
+        required: true
+    inputs:
+      TAG:
+        required: true
+        type: string
+      ASSETS_TYPE:
+        required: true
+        type: string
+
+env:
+  TAG: ${{ inputs.TAG }}
+  DOCKER_PUBLISH: true
+  ASSETS_TYPE: ${{ inputs.ASSETS_TYPE }}
+
+jobs:
+  publish-docker-images:
+    if: ${{ inputs.ASSETS_TYPE == 'all' || inputs.ASSETS_TYPE == 'docker' }}
+    name: Create versioned and latest images from RC
+    runs-on: ubuntu-20.04
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Login to DockerHub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ env.DOCKER_HUB_ID }}
+          password: ${{ env.DOCKER_HUB_PASSWORD }}
+
+      - name: Publish tag of base Docker image
+        run: make -C build/container/ clean publish/multi-arch-base-tag AGENT_VERSION=${{env.TAG}}
+
+      - name: Publish latest of base Docker image
+        run: make -C build/container/ clean publish/multi-arch-base-latest AGENT_VERSION=${{env.TAG}}
+
+      - name: Publish tag of forwarder Docker image
+        run: make -C build/container/ clean publish/multi-arch-forwarder-tag AGENT_VERSION=${{env.TAG}}
+
+      - name: Publish latest of forwarder Docker image
+        run: make -C build/container/ clean publish/multi-arch-forwarder-latest AGENT_VERSION=${{env.TAG}}
+
+      - name: Publish tag of k8s-events-forwarders Docker image
+        run: make -C build/container/ clean publish/multi-arch-k8s-events-forwarder-tag AGENT_VERSION=${{env.TAG}}
+
+      - name: Publish latest of k8s-events-forwarders Docker image
+        run: make -C build/container/ clean publish/multi-arch-k8s-events-forwarder-latest AGENT_VERSION=${{env.TAG}}
diff --git a/.github/workflows/component_linux_build.yml b/.github/workflows/component_linux_build.yml
@@ -0,0 +1,30 @@
+name: Compile linux binaries
+
+on:
+  workflow_call:
+    secrets:
+      DOCKER_HUB_ID:
+        required: true
+      DOCKER_HUB_PASSWORD:
+        required: true
+    inputs:
+      TAG:
+        required: true
+        type: string
+
+env:
+  TAG: ${{ inputs.TAG }}
+
+jobs:
+  test-build:
+    name: Test binary compilation for all (linux) platforms:arch
+    runs-on: ubuntu-20.04
+    steps:
+      - uses: actions/checkout@v2
+      - name: Login to DockerHub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKER_HUB_ID }}
+          password: ${{ secrets.DOCKER_HUB_PASSWORD }}
+      - name: Build all platforms:arch
+        run: make ci/build
diff --git a/.github/workflows/component_linux_harvest_test.yml b/.github/workflows/component_linux_harvest_test.yml
@@ -0,0 +1,28 @@
+name: Run harvest tests
+
+on:
+  workflow_call:
+
+env:
+  GO_VERSION: '1.16.12'
+
+jobs:
+  test:
+    name: Linux harvest tests
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os: [ ubuntu-18.04 ]
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Install Go
+        uses: actions/setup-go@v2
+        with:
+          go-version: ${{env.GO_VERSION}}
+
+      - name: Setup node
+        run: sudo apt install musl-dev
+
+      - name: Running Harvest tests
+        run: make linux/harvest-tests
diff --git a/.github/workflows/component_linux_packaging.yml b/.github/workflows/component_linux_packaging.yml
@@ -0,0 +1,51 @@
+name: Produce packages for linux
+
+on:
+  workflow_call:
+    secrets:
+      DOCKER_HUB_ID:
+        required: true
+      DOCKER_HUB_PASSWORD:
+        required: true
+      GPG_MAIL:
+        required: true
+      GPG_PASSPHRASE:
+        required: true
+      GPG_PRIVATE_KEY_BASE64:
+        required: true
+      GH_TOKEN:
+        required: true
+    inputs:
+      TAG:
+        required: true
+        type: string
+      ARCH:
+        required: true
+        type: string
+
+env:
+  GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
+  GPG_MAIL: ${{ secrets.GPG_MAIL }}
+  GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
+  GPG_PRIVATE_KEY_BASE64: ${{ secrets.GPG_PRIVATE_KEY_BASE64 }} # base64 encoded
+  TAG:  ${{ inputs.TAG }}
+  DOCKER_HUB_ID: ${{ secrets.DOCKER_HUB_ID }}
+  DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}
+  ARCH: ${{ inputs.ARCH }}
+
+jobs:
+  packaging:
+    name: Build and upload ${{ inputs.ARCH }} artifacts into GH Release assets
+    runs-on: ubuntu-20.04
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Login to DockerHub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ env.DOCKER_HUB_ID }}
+          password: ${{ env.DOCKER_HUB_PASSWORD }}
+
+      - name: Releasing linux packages
+        run: make ci/prerelease/linux-${{ env.ARCH }}
diff --git a/.github/workflows/component_linux_proxy_test.yml b/.github/workflows/component_linux_proxy_test.yml
@@ -0,0 +1,34 @@
+name: Run linux proxy tests
+
+on:
+  workflow_call:
+    secrets:
+      DOCKER_HUB_ID:
+        required: true
+      DOCKER_HUB_PASSWORD:
+        required: true
+
+env:
+  GO_VERSION: '1.16.12'
+
+jobs:
+  test:
+    name: Proxy tests
+    runs-on: ubuntu-20.04
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v2
+
+      - name: Install Go
+        uses: actions/setup-go@v2
+        with:
+          go-version: ${{env.GO_VERSION}}
+
+      - name: Login to DockerHub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKER_HUB_ID }}
+          password: ${{ secrets.DOCKER_HUB_PASSWORD }}
+
+      - name: Running proxy tests
+        run: make proxy-test