ci: add macOS signing for otelcol-config #1847
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Dev builds | ||
on: | ||
push: | ||
branches: | ||
- main | ||
- "dev-build/*" | ||
defaults: | ||
run: | ||
shell: bash | ||
env: | ||
GO_VERSION: "1.21.11" | ||
jobs: | ||
get-version: | ||
name: Get application version for this revision | ||
runs-on: ubuntu-latest | ||
outputs: | ||
version: ${{ steps.get-version.outputs.version }} | ||
steps: | ||
- uses: actions/checkout@v4 | ||
with: | ||
fetch-depth: 0 | ||
- name: Get version | ||
id: get-version | ||
run: | | ||
TAG=$(git describe --tags --abbrev=5 --match "v[0-9]*") | ||
echo "version=${TAG/v}" > $GITHUB_OUTPUT | ||
- name: Print version | ||
run: echo ::notice title=Version::${{ steps.get-version.outputs.version }} | ||
# Add lint to dev builds as that's the only way for cache to be shared across branches. | ||
# https://docs.github.com/en/actions/advanced-guides/caching-dependencies-to-speed-up-workflows#matching-a-cache-key | ||
lint: | ||
name: Lint (golangci-lint) | ||
runs-on: ubuntu-20.04 | ||
strategy: | ||
matrix: | ||
arch_os: ["linux_amd64"] | ||
steps: | ||
- uses: actions/checkout@v4 | ||
- name: Setup go | ||
uses: actions/setup-go@v5 | ||
with: | ||
go-version: ${{ env.GO_VERSION }} | ||
cache: false | ||
- name: Get GOCACHE and GOMODCACHE | ||
run: | | ||
echo "GOMODCACHE=$(go env GOMODCACHE)" >> "$GITHUB_ENV" | ||
echo "GOCACHE=$(go env GOCACHE)" >> "$GITHUB_ENV" | ||
- uses: actions/cache/restore@v4 | ||
with: | ||
path: | | ||
${{ env.GOMODCACHE }}/cache | ||
${{ env.GOCACHE }} | ||
key: go-test-${{ env.GO_VERSION }}-${{matrix.arch_os}}-${{ hashFiles('pkg/**/go.sum', 'otelcolbuilder/.otelcol-builder.yaml') }} | ||
restore-keys: | | ||
go-test-${{ env.GO_VERSION }}-${{matrix.arch_os}}- | ||
- uses: actions/cache@v4 | ||
with: | ||
path: | | ||
/home/runner/.cache/golangci-lint | ||
key: golangci-lint-${{ env.GO_VERSION }}-${{matrix.arch_os}}-${{ hashFiles('pkg/**/go.sum', 'otelcolbuilder/.otelcol-builder.yaml') }} | ||
restore-keys: | | ||
golangci-lint-${{ env.GO_VERSION }}-${{matrix.arch_os}}- | ||
- name: Install golangci-lint | ||
run: make install-golangci-lint | ||
- name: Add opentelemetry-collector-builder installation dir to PATH | ||
run: echo "$HOME/bin" >> $GITHUB_PATH | ||
- name: Run golangci-lint | ||
run: make golint | ||
test: | ||
name: Test | ||
uses: ./.github/workflows/workflow-test.yml | ||
strategy: | ||
matrix: | ||
include: | ||
- arch_os: linux_amd64 | ||
runs-on: ubuntu-20.04 | ||
- arch_os: linux_amd64 | ||
runs-on: ubuntu-20.04 | ||
boringcrypto: true | ||
- arch_os: darwin_amd64 | ||
runs-on: macos-latest | ||
- arch_os: windows_amd64 | ||
runs-on: windows-2022 | ||
with: | ||
arch_os: ${{ matrix.arch_os }} | ||
runs-on: ${{ matrix.runs-on }} | ||
save-cache: true | ||
boringcrypto: ${{ matrix.boringcrypto == true }} | ||
test-otelcol-config: | ||
name: Test | ||
uses: ./.github/workflows/workflow-test-otelcol-config.yml | ||
strategy: | ||
matrix: | ||
include: | ||
- arch_os: linux_amd64 | ||
runs-on: ubuntu-20.04 | ||
- arch_os: linux_amd64 | ||
runs-on: ubuntu-20.04 | ||
boringcrypto: true | ||
- arch_os: darwin_amd64 | ||
runs-on: macos-latest | ||
with: | ||
arch_os: ${{ matrix.arch_os }} | ||
runs-on: ${{ matrix.runs-on }} | ||
save-cache: true | ||
boringcrypto: ${{ matrix.boringcrypto == true }} | ||
build: | ||
name: Build | ||
uses: ./.github/workflows/workflow-build.yml | ||
Check failure on line 124 in .github/workflows/dev_builds.yml GitHub Actions / Dev buildsInvalid workflow file
|
||
needs: [get-version] | ||
strategy: | ||
fail-fast: false | ||
matrix: | ||
include: | ||
- arch_os: linux_amd64 | ||
runs-on: ubuntu-20.04 | ||
- arch_os: linux_amd64 | ||
runs-on: ubuntu-20.04 | ||
fips: true | ||
- arch_os: linux_arm64 | ||
runs-on: ubuntu-20.04 | ||
- arch_os: linux_arm64 | ||
runs-on: ubuntu-20.04 | ||
fips: true | ||
- arch_os: darwin_amd64 | ||
runs-on: macos-latest | ||
- arch_os: darwin_arm64 | ||
runs-on: macos-latest | ||
- arch_os: windows_amd64 | ||
runs-on: windows-2022 | ||
- arch_os: windows_amd64 | ||
runs-on: windows-2022 | ||
fips: true | ||
with: | ||
arch_os: ${{ matrix.arch_os }} | ||
runs-on: ${{ matrix.runs-on }} | ||
fips: ${{ matrix.fips == true }} | ||
save-cache: true | ||
sumo_component_gomod_version: "v${{ needs.get-version.outputs.version }}" | ||
secrets: | ||
apple_developer_certificate_p12_base64: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_P12_BASE64 }} | ||
apple_developer_certificate_password: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_PASSWORD }} | ||
app_store_connect_password: ${{ secrets.AC_PASSWORD }} | ||
microsoft_certificate: ${{ secrets.MICROSOFT_CERTIFICATE }} | ||
microsoft_certificate_password: ${{ secrets.MICROSOFT_CERTIFICATE_PASSWORD }} | ||
microsoft_certificate_hash: ${{ secrets.MICROSOFT_CERTHASH }} | ||
microsoft_certificate_name: ${{ secrets.MICROSOFT_CERTNAME }} | ||
microsoft_description: ${{ secrets.MICROSOFT_DESCRIPTION }} | ||
build-otelcol-config: | ||
name: Build (otelcol-config) | ||
uses: ./.github/workflows/workflow-build-otelcol-config.yml | ||
needs: [get-version] | ||
strategy: | ||
fail-fast: false | ||
matrix: | ||
include: | ||
- arch_os: darwin_amd64 | ||
runs-on: macos-latest | ||
- arch_os: darwin_arm64 | ||
runs-on: macos-latest | ||
- arch_os: linux_amd64 | ||
runs-on: ubuntu-20.04 | ||
- arch_os: linux_amd64 | ||
runs-on: ubuntu-20.04 | ||
fips: true | ||
- arch_os: linux_arm64 | ||
runs-on: ubuntu-20.04 | ||
- arch_os: linux_arm64 | ||
runs-on: ubuntu-20.04 | ||
fips: true | ||
with: | ||
arch_os: ${{ matrix.arch_os }} | ||
runs-on: ${{ matrix.runs-on }} | ||
fips: ${{ matrix.fips == true }} | ||
save-cache: true | ||
sumo_component_gomod_version: "v${{ needs.get-version.outputs.version }}" | ||
secrets: | ||
apple_developer_certificate_p12_base64: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_P12_BASE64 }} | ||
apple_developer_certificate_password: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_PASSWORD }} | ||
app_store_connect_password: ${{ secrets.AC_PASSWORD }} | ||
build-container-images: | ||
name: Build container | ||
runs-on: ubuntu-20.04 | ||
needs: | ||
- build | ||
- get-version | ||
strategy: | ||
matrix: | ||
arch_os: ["linux_amd64", "linux_arm64"] | ||
steps: | ||
- uses: actions/checkout@v4 | ||
- name: Set up QEMU | ||
uses: docker/[email protected] | ||
- name: Set up Buildx | ||
id: buildx | ||
uses: docker/[email protected] | ||
- name: Show Buildx platforms | ||
run: echo ${{ steps.buildx.outputs.platforms }} | ||
- name: Login to Open Source ECR | ||
run: make login | ||
env: | ||
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID_DEV }} | ||
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY_DEV }} | ||
- name: Login to Docker Hub | ||
run: | | ||
docker login \ | ||
--username ${{ secrets.DOCKERHUB_LOGIN_DEV }} \ | ||
--password ${{ secrets.DOCKERHUB_PASSWORD_DEV }} | ||
- name: Download FIPS binary action artifact from build phase | ||
uses: actions/download-artifact@v4 | ||
with: | ||
name: otelcol-sumo-fips-${{matrix.arch_os}} | ||
- name: Build and push FIPS images to Open Source ECR | ||
run: | | ||
cp otelcol-sumo-fips-${{ matrix.arch_os }} otelcol-sumo | ||
make build-push-container-multiplatform-dev \ | ||
BUILD_TAG=${{ needs.get-version.outputs.version }} \ | ||
PLATFORM=${{ matrix.arch_os }} \ | ||
BUILD_TYPE_SUFFIX="-fips" | ||
- name: Build and push FIPS images to DockerHub | ||
run: | | ||
cp otelcol-sumo-fips-${{ matrix.arch_os }} otelcol-sumo | ||
make build-push-container-multiplatform-dev \ | ||
BUILD_TAG=${{ needs.get-version.outputs.version }} \ | ||
PLATFORM=${{ matrix.arch_os }} \ | ||
REPO_URL=sumologic/sumologic-otel-collector-dev \ | ||
BUILD_TYPE_SUFFIX="-fips" | ||
- name: Build and push UBI-based FIPS image to Open Source ECR | ||
run: | | ||
cp otelcol-sumo-fips-${{ matrix.arch_os }} otelcol-sumo | ||
make build-push-container-ubi-dev \ | ||
BUILD_TAG=${{ needs.get-version.outputs.version }} \ | ||
PLATFORM=${{ matrix.arch_os }} \ | ||
BUILD_TYPE_SUFFIX="-ubi-fips" | ||
- name: Build and push UBI-based FIPS image to DockerHub | ||
run: | | ||
cp otelcol-sumo-fips-${{ matrix.arch_os }} otelcol-sumo | ||
make build-push-container-ubi-dev \ | ||
BUILD_TAG=${{ needs.get-version.outputs.version }} \ | ||
PLATFORM=${{ matrix.arch_os }} \ | ||
REPO_URL=sumologic/sumologic-otel-collector-dev \ | ||
BUILD_TYPE_SUFFIX="-ubi-fips" | ||
- name: Download binary action artifact from build phase | ||
uses: actions/download-artifact@v4 | ||
with: | ||
name: otelcol-sumo-${{ matrix.arch_os }} | ||
- name: Build and push image to Open Source ECR | ||
run: | | ||
cp otelcol-sumo-${{ matrix.arch_os }} otelcol-sumo | ||
make build-push-container-multiplatform-dev \ | ||
BUILD_TAG=${{ needs.get-version.outputs.version }} \ | ||
PLATFORM=${{ matrix.arch_os }} | ||
- name: Build and push image to DockerHub | ||
run: | | ||
cp otelcol-sumo-${{ matrix.arch_os }} otelcol-sumo | ||
make build-push-container-multiplatform-dev \ | ||
BUILD_TAG=${{ needs.get-version.outputs.version }} \ | ||
PLATFORM=${{ matrix.arch_os }} \ | ||
REPO_URL=sumologic/sumologic-otel-collector-dev | ||
- name: Build and push UBI-based image to Open Source ECR | ||
run: | | ||
cp otelcol-sumo-${{ matrix.arch_os }} otelcol-sumo | ||
make build-push-container-ubi-dev \ | ||
BUILD_TAG=${{ needs.get-version.outputs.version }} \ | ||
PLATFORM=${{ matrix.arch_os }} \ | ||
BUILD_TYPE_SUFFIX="-ubi" | ||
- name: Build and push UBI-based image to DockerHub | ||
run: | | ||
cp otelcol-sumo-${{ matrix.arch_os }} otelcol-sumo | ||
make build-push-container-ubi-dev \ | ||
BUILD_TAG=${{ needs.get-version.outputs.version }} \ | ||
PLATFORM=${{ matrix.arch_os }} \ | ||
REPO_URL=sumologic/sumologic-otel-collector-dev \ | ||
BUILD_TYPE_SUFFIX="-ubi" | ||
build-windows-container-images: | ||
name: Build Windows container | ||
runs-on: ${{ matrix.runs-on }} | ||
needs: | ||
- build | ||
- get-version | ||
strategy: | ||
matrix: | ||
include: | ||
- arch_os: windows_amd64 | ||
base_image_tag: ltsc2022 | ||
runs-on: windows-2022 | ||
- arch_os: windows_amd64 | ||
base_image_tag: ltsc2019 | ||
runs-on: windows-2019 | ||
steps: | ||
- uses: actions/checkout@v4 | ||
- name: Login to Open Source ECR | ||
run: | | ||
USERNAME=$(powershell.exe "echo \$Env:UserName") | ||
# remove wincred entry and fix json format by replacing }, with } | ||
cat "C:\\Users\\${USERNAME}\\.docker\\config.json" | grep -v "wincred" | sed 's/},$/}/' > "C:\\Users\\${USERNAME}\\.docker\\config.json.tmp" | ||
mv "C:\\Users\\${USERNAME}\\.docker\\config.json.tmp" "C:\\Users\\${USERNAME}\\.docker\\config.json" | ||
make login | ||
env: | ||
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID_DEV }} | ||
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY_DEV }} | ||
- name: Login to Docker Hub | ||
run: | | ||
docker login \ | ||
--username ${{ secrets.DOCKERHUB_LOGIN_DEV }} \ | ||
--password ${{ secrets.DOCKERHUB_PASSWORD_DEV }} | ||
- name: Download binary action artifact from build phase | ||
uses: actions/download-artifact@v4 | ||
with: | ||
name: otelcol-sumo-${{matrix.arch_os}}.exe | ||
path: artifacts/ | ||
- name: Build and push images to Open Source ECR | ||
run: | | ||
cp artifacts/otelcol-sumo-${{matrix.arch_os}}.exe otelcol-sumo.exe | ||
make build-push-container-windows-dev \ | ||
BUILD_TAG=${{ needs.get-version.outputs.version }} \ | ||
PLATFORM=${{ matrix.arch_os }}_${{ matrix.base_image_tag }} | ||
- name: Build and push images to DockerHub | ||
run: | | ||
cp artifacts/otelcol-sumo-${{matrix.arch_os}}.exe otelcol-sumo.exe | ||
make build-push-container-windows-dev \ | ||
BUILD_TAG=${{ needs.get-version.outputs.version }} \ | ||
REPO_URL=sumologic/sumologic-otel-collector-dev \ | ||
PLATFORM=${{ matrix.arch_os }}_${{ matrix.base_image_tag }} | ||
push-docker-manifest: | ||
name: Push joint container manifest | ||
runs-on: ubuntu-20.04 | ||
needs: | ||
- build-container-images | ||
- build-windows-container-images | ||
- get-version | ||
steps: | ||
- uses: actions/checkout@v4 | ||
- name: Set up QEMU | ||
uses: docker/[email protected] | ||
- name: Set up Buildx | ||
id: buildx | ||
uses: docker/[email protected] | ||
- name: Show Buildx platforms | ||
run: echo ${{ steps.buildx.outputs.platforms }} | ||
- name: Login to Open Source ECR | ||
run: make login | ||
env: | ||
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID_DEV }} | ||
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY_DEV }} | ||
- name: Login to Docker Hub | ||
run: | | ||
docker login \ | ||
--username ${{ secrets.DOCKERHUB_LOGIN_DEV }} \ | ||
--password ${{ secrets.DOCKERHUB_PASSWORD_DEV }} | ||
- name: Push joint FIPS container manifest for all platforms to Open Source ECR | ||
run: | | ||
make push-container-manifest-dev \ | ||
BUILD_TAG=${{ needs.get-version.outputs.version }} \ | ||
PLATFORMS="linux/amd64" \ | ||
BUILD_TYPE_SUFFIX="-fips" | ||
- name: Push joint FIPS container manifest for all platforms to DockerHub | ||
run: | | ||
make push-container-manifest-dev \ | ||
BUILD_TAG=${{ needs.get-version.outputs.version }} \ | ||
PLATFORMS="linux/amd64" \ | ||
REPO_URL=sumologic/sumologic-otel-collector-dev \ | ||
BUILD_TYPE_SUFFIX="-fips" | ||
- name: Push joint UBI-based FIPS container manifest for all platforms to Open Source ECR | ||
run: | | ||
make push-container-manifest-dev \ | ||
BUILD_TAG=${{ needs.get-version.outputs.version }} \ | ||
PLATFORMS="linux/amd64 linux/arm64" \ | ||
BUILD_TYPE_SUFFIX="-ubi-fips" | ||
- name: Push joint UBI-based FIPS container manifest for all platforms to DockerHub | ||
run: | | ||
make push-container-manifest-dev \ | ||
BUILD_TAG=${{ needs.get-version.outputs.version }} \ | ||
PLATFORMS="linux/amd64 linux/arm64" \ | ||
REPO_URL=sumologic/sumologic-otel-collector-dev \ | ||
BUILD_TYPE_SUFFIX="-ubi-fips" | ||
- name: Push joint container manifest for all platforms to Open Source ECR | ||
run: | | ||
make push-container-manifest-dev \ | ||
BUILD_TAG=${{ needs.get-version.outputs.version }} \ | ||
PLATFORMS="linux/amd64 linux/arm64 windows/amd64/ltsc2022 windows/amd64/ltsc2019" | ||
- name: Push joint container manifest for all platforms to DockerHub | ||
run: | | ||
make push-container-manifest-dev \ | ||
BUILD_TAG=${{ needs.get-version.outputs.version }} \ | ||
PLATFORMS="linux/amd64 linux/arm64 windows/amd64/ltsc2022 windows/amd64/ltsc2019" \ | ||
REPO_URL=sumologic/sumologic-otel-collector-dev | ||
- name: Push joint UBI-based container manifest for all platforms to Open Source ECR | ||
run: | | ||
make push-container-manifest-dev \ | ||
BUILD_TAG=${{ needs.get-version.outputs.version }} \ | ||
PLATFORMS="linux/amd64 linux/arm64" \ | ||
BUILD_TYPE_SUFFIX="-ubi" | ||
- name: Push joint UBI-based container manifest for all platforms to DockerHub | ||
run: | | ||
make push-container-manifest-dev \ | ||
BUILD_TAG=${{ needs.get-version.outputs.version }} \ | ||
PLATFORMS="linux/amd64 linux/arm64" \ | ||
REPO_URL=sumologic/sumologic-otel-collector-dev \ | ||
BUILD_TYPE_SUFFIX="-ubi" | ||
package-msi: | ||
name: Package MSI | ||
runs-on: windows-2019 | ||
needs: | ||
- build | ||
strategy: | ||
matrix: | ||
include: | ||
- arch_os: windows_amd64 | ||
platform: x64 | ||
fips: false | ||
- arch_os: windows_amd64 | ||
platform: x64 | ||
fips: true | ||
steps: | ||
- uses: actions/checkout@v4 | ||
- name: Fetch current branch | ||
run: ./ci/fetch_current_branch.sh | ||
- name: Add msbuild to PATH | ||
uses: microsoft/setup-msbuild@v2 | ||
- name: Fetch binary artifact for ${{ matrix.arch_os }} | ||
uses: actions/download-artifact@v4 | ||
with: | ||
name: otelcol-sumo${{ matrix.fips && '-fips' || '' }}-${{ matrix.arch_os }}.exe | ||
path: ./otelcolbuilder/cmd | ||
- name: Rename fips binary artifact for ${{ matrix.arch_os }} | ||
if: matrix.fips | ||
working-directory: ./otelcolbuilder/cmd | ||
run: mv otelcol-sumo-fips-${{ matrix.arch_os }}.exe otelcol-sumo-${{ matrix.arch_os }}.exe | ||
- name: Set OVERRIDE_BUILD_NUMBER | ||
run: echo "OVERRIDE_BUILD_VERSION=$GITHUB_RUN_NUMBER" >> $GITHUB_ENV | ||
- name: Set PRODUCT_VERSION | ||
run: echo "PRODUCT_VERSION=$(./ci/get_version.sh productversion)" >> $GITHUB_ENV | ||
- name: Build MSI for ${{ matrix.arch_os }} | ||
working-directory: ./packaging/msi/wix | ||
run: msbuild.exe -p:Configuration=Release -p:Platform=${{ matrix.platform }} -p:ProductVersion=$PRODUCT_VERSION -p:FIPSEnabled=${{ matrix.fips }} -Restore | ||
- name: Store MSI as action artifact for ${{ matrix.arch_os }} | ||
uses: actions/upload-artifact@v4 | ||
with: | ||
name: ${{ matrix.arch_os }}${{ matrix.fips && '_fips' || '' }}_msi | ||
path: ./packaging/msi/wix/bin/${{ matrix.platform }}/en-US/*.msi | ||
if-no-files-found: error | ||
install-script: | ||
name: Store install script | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/checkout@v4 | ||
with: | ||
repository: SumoLogic/sumologic-otel-collector-packaging | ||
- name: Store Linux install script as action artifact | ||
uses: actions/upload-artifact@v4 | ||
with: | ||
name: install.sh | ||
path: ./install-script/install.sh | ||
if-no-files-found: error | ||
- name: Store Windows install script as action artifact | ||
uses: actions/upload-artifact@v4 | ||
with: | ||
name: install.ps1 | ||
path: ./install-script/install.ps1 | ||
if-no-files-found: error | ||
trigger-packaging: | ||
name: Trigger Packaging | ||
needs: | ||
- build | ||
- build-otelcol-config | ||
- lint | ||
- package-msi | ||
- push-docker-manifest | ||
uses: ./.github/workflows/workflow-trigger-packaging.yml | ||
secrets: inherit | ||
with: | ||
workflow_id: ${{ github.run_id }} | ||
create_release: false |