Skip to content

Commit

Permalink
deps: updates build to compile with LTS JDK and bumps deps except brave
Browse files Browse the repository at this point in the history
This moves to the same build infra as the rest of Zipkin, notably to
allow compiling on JDK 11, 17 and 21. This also bumps all the
dependencies, except brave which is about to be released.

Signed-off-by: Adrian Cole <[email protected]>
  • Loading branch information
Adrian Cole committed Dec 17, 2023
1 parent 1ad022a commit c3cbd11
Show file tree
Hide file tree
Showing 33 changed files with 607 additions and 534 deletions.
11 changes: 8 additions & 3 deletions .github/workflows/create_release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,17 +11,22 @@ on:

jobs:
create_release:
runs-on: ubuntu-20.04 # newest available distribution, aka focal
runs-on: ubuntu-22.04 # newest available distribution, aka jellyfish
steps:
- name: Checkout Repository
uses: actions/checkout@v2
uses: actions/checkout@v4
with:
# Prevent use of implicit GitHub Actions read-only token GITHUB_TOKEN. We don't deploy on
# the tag MAJOR.MINOR.PATCH event, but we still need to deploy the maven-release-plugin master commit.
token: ${{ secrets.GH_TOKEN }}
fetch-depth: 1 # only need the HEAD commit as license check isn't run
- name: Setup java
uses: actions/setup-java@v4
with:
distribution: 'zulu' # zulu as it supports a wide version range
java-version: '11' # earliest LTS and last that can compile the 1.6 release profile.
- name: Cache local Maven repository
uses: actions/cache@v2
uses: actions/cache@v3
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
Expand Down
23 changes: 16 additions & 7 deletions .github/workflows/deploy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,20 +14,29 @@ on:

jobs:
deploy:
runs-on: ubuntu-20.04 # newest available distribution, aka focal
runs-on: ubuntu-22.04 # newest available distribution, aka jellyfish
steps:
- name: Checkout Repository
uses: actions/checkout@v2
uses: actions/checkout@v4
with:
fetch-depth: 1 # only needed to get the sha label
# Prevent use of implicit GitHub Actions read-only token GITHUB_TOKEN.
# We push Javadocs to the gh-pages branch on commit.
token: ${{ secrets.GH_TOKEN }}
fetch-depth: 0 # allow build-bin/idl_to_gh_pages to get the full history
- name: Setup java
uses: actions/setup-java@v4
with:
distribution: 'zulu' # zulu as it supports a wide version range
java-version: '11' # earliest LTS and last that can compile the 1.6 release profile.
- name: Cache local Maven repository
uses: actions/cache@v2
uses: actions/cache@v3
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-maven-
# We can't cache Docker without using buildx because GH actions restricts /var/lib/docker
# That's ok because DOCKER_PARENT_IMAGE is always ghcr.io and local anyway.
# Don't attempt to cache Docker. Sensitive information can be stolen
# via forks, and login session ends up in ~/.docker. This is ok because
# we publish DOCKER_PARENT_IMAGE to ghcr.io, hence local to the runner.
- name: Deploy
env:
# GH_USER=<user that created GH_TOKEN>
Expand All @@ -51,7 +60,7 @@ jobs:
# - referenced in .settings.xml
SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }}
# DOCKERHUB_USER=<typically dockerzipkindeployer>
# - only push top-level projects: zipkin zipkin-aws zipkin-dependencies zipkin-aws to Docker Hub, only on release
# - only push top-level projects: zipkin zipkin-aws zipkin-dependencies zipkin-gcp to Docker Hub, only on release
# - login like this: echo "$DOCKERHUB_TOKEN"| docker login -u "$DOCKERHUB_USER" --password-stdin
DOCKERHUB_USER: ${{ secrets.DOCKERHUB_USER }}
# DOCKERHUB_TOKEN=<access token for DOCKERHUB_USER>
Expand Down
9 changes: 5 additions & 4 deletions .github/workflows/docker_push.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,14 +11,15 @@ on:

jobs:
docker_push:
runs-on: ubuntu-20.04 # newest available distribution, aka focal
runs-on: ubuntu-22.04 # newest available distribution, aka jellyfish
steps:
- name: Checkout Repository
uses: actions/checkout@v2
uses: actions/checkout@v4
with:
fetch-depth: 1 # only needed to get the sha label
# We can't cache Docker without using buildx because GH actions restricts /var/lib/docker
# That's ok because DOCKER_PARENT_IMAGE is always ghcr.io and local anyway.
# Don't attempt to cache Docker. Sensitive information can be stolen
# via forks, and login session ends up in ~/.docker. This is ok because
# we publish DOCKER_PARENT_IMAGE to ghcr.io, hence local to the runner.
- name: Docker Push
run: | # GITHUB_REF will be refs/tags/docker-MAJOR.MINOR.PATCH
build-bin/git/login_git &&
Expand Down
53 changes: 45 additions & 8 deletions .github/workflows/test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,21 +15,58 @@ on:
paths-ignore: '**/*.md'

jobs:
test-javadoc:
name: Test JavaDoc Builds
runs-on: ubuntu-22.04 # newest available distribution, aka jellyfish
if: "!contains(github.event.head_commit.message, 'maven-release-plugin')"
steps:
- name: Checkout Repository
uses: actions/checkout@v4
with:
fetch-depth: 0 # full git history for license check
- name: Setup java
uses: actions/setup-java@v4
with:
distribution: 'zulu' # zulu as it supports a wide version range
java-version: '11' # earliest LTS and last that can compile the 1.6 release profile.
- name: Cache local Maven repository
uses: actions/cache@v3
with:
path: ~/.m2/repository
key: ${{ runner.os }}-jdk-11-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-jdk-11-maven-
- name: Build JavaDoc
run: ./mvnw clean javadoc:aggregate -Prelease

test:
runs-on: ubuntu-20.04 # newest available distribution, aka focal
name: test (JDK ${{ matrix.java_version }})
runs-on: ubuntu-22.04 # newest available distribution, aka jellyfish
if: "!contains(github.event.head_commit.message, 'maven-release-plugin')"
strategy:
fail-fast: false # don't fail fast as sometimes failures are operating system specific
matrix: # use latest available versions and be consistent on all workflows!
include:
- java_version: 11 # Last that can compile zipkin core to 1.6 for zipkin-reporter
maven_args: -Prelease -Dgpg.skip -Dmaven.javadoc.skip=true
- java_version: 21 # Most recent LTS
steps:
- name: Checkout Repository
uses: actions/checkout@v2
uses: actions/checkout@v4
with:
fetch-depth: 0 # full git history for license check
- name: Setup java
uses: actions/setup-java@v4
with:
fetch-depth: 0 # full git history for license check
distribution: 'zulu' # zulu as it supports a wide version range
java-version: ${{ matrix.java_version }}
- name: Cache local Maven repository
uses: actions/cache@v2
uses: actions/cache@v3
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-maven-
# We can't cache Docker without using buildx because GH actions restricts /var/lib/docker
# That's ok because DOCKER_PARENT_IMAGE is always ghcr.io and local anyway.
key: ${{ runner.os }}-jdk-${{ matrix.java_version }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-jdk-${{ matrix.java_version }}-maven-
# Don't attempt to cache Docker. Sensitive information can be stolen
# via forks, and login session ends up in ~/.docker. This is ok because
# we publish DOCKER_PARENT_IMAGE to ghcr.io, hence local to the runner.
- name: Test
run: build-bin/configure_test && build-bin/test
Binary file modified .mvn/wrapper/maven-wrapper.jar
Binary file not shown.
20 changes: 18 additions & 2 deletions .mvn/wrapper/maven-wrapper.properties
Original file line number Diff line number Diff line change
@@ -1,2 +1,18 @@
distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.6.3/apache-maven-3.6.3-bin.zip
wrapperUrl=https://repo.maven.apache.org/maven2/io/takari/maven-wrapper/0.5.6/maven-wrapper-0.5.6.jar
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.9.6/apache-maven-3.9.6-bin.zip
wrapperUrl=https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.2.0/maven-wrapper-3.2.0.jar
130 changes: 18 additions & 112 deletions build-bin/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,13 +8,12 @@ configuration settings.
[docker-compose-zipkin-gcp.xml] ensures GCP authentication works. It is not run on pull request, as
the required secure variable is only available on master push.

[//]: # (Below here should be standard for all projects)

## Build Overview
`build-bin` holds portable scripts used in CI to test and deploy the project.

The scripts here are portable. They do not include any CI provider-specific logic or ENV variables.
This helps `.travis.yml` and `test.yml` (GitHub Actions) contain nearly the same contents, even if
This helps `test.yml` (GitHub Actions) and alternatives contain nearly the same contents, even if
certain OpenZipkin projects need slight adjustments here. Portability has proven necessary, as
OpenZipkin has had to transition CI providers many times due to feature and quota constraints.

Expand All @@ -40,8 +39,8 @@ blank. Tests should not run on documentation-only commits. Tests must not depend
resources, as running tests can leak credentials. Git checkouts should include the full history so
that license headers or other git analysis can take place.

* [configure_test] - Sets up build environment for tests.
* [test] - Builds and runs tests for this project.
* [configure_test] - Sets up build environment for tests.
* [test] - Builds and runs tests for this project.

### Example GitHub Actions setup

Expand All @@ -52,9 +51,6 @@ the scripts it uses.
The `on:` section obviates job creation and resource usage for irrelevant events. Notably, GitHub
Actions includes the ability to skip documentation-only jobs.

Combine [configure_test] and [test] into the same `run:` when `configure_test` primes file system
cache.

Here's a partial `test.yml` including only the aspects mentioned above.
```yaml
on:
Expand All @@ -70,54 +66,13 @@ jobs:
test:
steps:
- name: Checkout Repository
uses: actions/checkout@v2
uses: actions/checkout@v4
with:
fetch-depth: 0 # full git history
fetch-depth: 0 # full git history for license check
- name: Test
run: build-bin/configure_test && build-bin/test
```
### Example Travis setup
`.travis.yml` is a monolithic configuration file broken into stages, of which the default is "test".
A simplest Travis `test` job configures tests in `install` and runs them as `script`, but only on
relevant event conditions.

The `if:` section obviates job creation and resource usage for irrelevant events. Travis does not
support file conditions. A `before_install` step to skip documentation-only commits will likely
complete in less than a minute (10 credit cost).

Here's a partial `.travis.yml` including only the aspects mentioned above.
```yaml
git:
depth: false # TRAVIS_COMMIT_RANGE requires full commit history.
jobs:
include:
- stage: test
if: branch = master AND tag IS blank AND type IN (push, pull_request)
name: Run unit and integration tests
before_install: | # Prevent test build of a documentation-only change.
if [ -n "${TRAVIS_COMMIT_RANGE}" ] && ! git diff --name-only "${TRAVIS_COMMIT_RANGE}" -- | grep -qv '\.md$'; then
echo "Stopping job as changes only affect documentation (ex. README.md)"
travis_terminate 0
fi
install: ./build-bin/configure_test
script: ./build-bin/test
```

When Travis only runs tests (something else does deploy), there's no need to use stages:
```yaml
git:
depth: false # TRAVIS_COMMIT_RANGE requires full commit history.
if: branch = master AND tag IS blank AND type IN (push, pull_request)
before_install: | # Prevent test build of a documentation-only change.
if [ -n "${TRAVIS_COMMIT_RANGE}" ] && ! git diff --name-only "${TRAVIS_COMMIT_RANGE}" -- | grep -qv '\.md$'; then
echo "Stopping job as changes only affect documentation (ex. README.md)"
travis_terminate 0
fi
install: ./build-bin/configure_test
script: ./build-bin/test
run: |
build-bin/configure_test
build-bin/test
```
## Deploy
Expand All @@ -127,8 +82,8 @@ providers deploy pushes to master on when the tag is blank, but not on documenta
Releases should deploy on version tags (ex `/^[0-9]+\.[0-9]+\.[0-9]+/`), without consideration of if
the commit is documentation only or not.

* [configure_deploy] - Sets up environment and logs in, assuming [configure_test] was not called.
* [deploy] - deploys the project, with arg0 being "master" or a release commit like "1.2.3"
* [configure_deploy] - Sets up environment and logs in, assuming [configure_test] was not called.
* [deploy] - deploys the project, with arg0 being "master" or a release commit like "1.2.3"

### Example GitHub Actions setup

Expand All @@ -140,77 +95,28 @@ The `on:` section obviates job creation and resource usage for irrelevant events
cannot implement "master, except documentation only-commits" in the same file. Hence, deployments of
master will happen even on README change.

Combine [configure_deploy] and [deploy] into the same `run:` when `configure_deploy` primes file
system cache.

Here's a partial `deploy.yml` including only the aspects mentioned above. Notice env variables are
explicitly defined and `on.tags` is a [glob pattern](https://docs.github.com/en/free-pro-team@latest/actions/reference/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet).

```yaml
on:
push:
tags: '[0-9]+.[0-9]+.[0-9]+**' # Ex. 8.272.10 or 15.0.1_p9
tags: '[0-9]+.[0-9]+.[0-9]+**' # e.g. 8.272.10 or 15.0.1_p9
branches: master
jobs:
deploy:
steps:
- name: Checkout Repository
uses: actions/checkout@v2
uses: actions/checkout@v4
with:
fetch-depth: 1 # only needed to get the sha label
- name: Deploy
- name: Configure Deploy
run: build-bin/configure_deploy
env:
GH_USER: ${{ secrets.GH_USER }}
GH_TOKEN: ${{ secrets.GH_TOKEN }}
run: | # GITHUB_REF will be refs/heads/master or refs/tags/MAJOR.MINOR.PATCH
build-bin/configure_deploy &&
build-bin/deploy $(echo ${GITHUB_REF} | cut -d/ -f 3)
```

### Example Travis setup
`.travis.yml` is a monolithic configuration file broken into stages. This means `test` and `deploy`
are in the same file. A simplest Travis `deploy` stage has two jobs: one for master pushes and
another for version tags. These jobs are controlled by event conditions.

The `if:` section obviates job creation and resource usage for irrelevant events. Travis does not
support file conditions. A `before_install` step to skip documentation-only commits will likely
complete in less than a minute (10 credit cost).

As billing is by the minute, it is most cost effective to combine test and deploy on master push.

Here's a partial `.travis.yml` including only the aspects mentioned above. Notice YAML anchors work
in Travis and `tag =~` [condition](https://github.com/travis-ci/travis-conditions) is a regular
expression.
```yaml
git:
depth: false # full git history for license check, and doc-only skipping
_terminate_if_only_docs: &terminate_if_only_docs |
if [ -n "${TRAVIS_COMMIT_RANGE}" ] && ! git diff --name-only "${TRAVIS_COMMIT_RANGE}" -- | grep -qv '\.md$'; then
echo "Stopping job as changes only affect documentation (ex. README.md)"
travis_terminate 0
fi
jobs:
include:
- stage: test
if: branch = master AND tag IS blank AND type IN (push, pull_request)
before_install: *terminate_if_only_docs
install: |
if [ "${TRAVIS_SECURE_ENV_VARS}" = "true" ] && [ "${TRAVIS_PULL_REQUEST}" = "false" ]; then
export SHOULD_DEPLOY=true
./build-bin/configure_deploy
else
export SHOULD_DEPLOY=false
./build-bin/configure_test
fi
script:
- ./build-bin/test || travis_terminate 1
- if [ "${SHOULD_DEPLOY}" != "true" ]; then travis_terminate 0; fi
- travis_wait ./build-bin/deploy master
- stage: deploy
# Ex. 8.272.10 or 15.0.1_p9
if: tag =~ /^[0-9]+\.[0-9]+\.[0-9]+/ AND type = push AND env(GH_TOKEN) IS present
install: ./build-bin/configure_deploy
script: ./build-bin/deploy ${TRAVIS_TAG}
- name: Deploy
# GITHUB_REF will be refs/heads/master or refs/tags/1.2.3
run: build-bin/deploy $(echo ${GITHUB_REF} | cut -d/ -f 3)
```
7 changes: 1 addition & 6 deletions build-bin/docker/configure_docker
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#!/bin/sh
#
# Copyright 2016-2020 The OpenZipkin Authors
# Copyright 2016-2023 The OpenZipkin Authors
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
# in compliance with the License. You may obtain a copy of the License at
Expand All @@ -25,13 +25,8 @@ set -ue
# * checks.disable=true - saves time and a docker.io pull of alpine
# * ryuk doesn't count against docker.io rate limits because Docker approved testcontainers as OSS
echo checks.disable=true >> ~/.testcontainers.properties
# * upgrade ryuk until https://github.com/testcontainers/testcontainers-java/pull/3630
echo ryuk.container.image=testcontainers/ryuk:0.3.1 >> ~/.testcontainers.properties

# We don't use any docker.io images, but add a Google's mirror in case something implicitly does
# * See https://cloud.google.com/container-registry/docs/pulling-cached-images
echo '{ "registry-mirrors": ["https://mirror.gcr.io"] }' | sudo tee /etc/docker/daemon.json
sudo service docker restart

# * Ensure buildx and related features are disabled
mkdir -p ${HOME}/.docker && echo '{"experimental":"disabled"}' > ${HOME}/.docker/config.json
Loading

0 comments on commit c3cbd11

Please sign in to comment.