disable failing builds #29
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Releases | |
on: | |
push: | |
tags: | |
- 'v[0-9]+.[0-9]+.[0-9]+' | |
- 'v[0-9]+.[0-9]+.[0-9]+-alpha.[0-9]+' | |
- 'v[0-9]+.[0-9]+.[0-9]+-beta.[0-9]+' | |
- 'v[0-9]+.[0-9]+.[0-9]+-rc.[0-9]+' | |
- 'v[0-9]+.[0-9]+.[0-9]+-sumo-[0-9]+' | |
- 'v[0-9]+.[0-9]+.[0-9]+-sumo-[0-9]+-alpha.[0-9]+' | |
- 'v[0-9]+.[0-9]+.[0-9]+-sumo-[0-9]+-beta.[0-9]+' | |
- 'v[0-9]+.[0-9]+.[0-9]+-sumo-[0-9]+-rc.[0-9]+' | |
defaults: | |
run: | |
shell: bash | |
env: | |
GO_VERSION: "1.21.4" | |
jobs: | |
build: | |
name: Build | |
runs-on: ${{ matrix.runs_on }} | |
strategy: | |
matrix: | |
include: | |
- arch_os: linux_amd64 | |
runs_on: ubuntu-20.04 | |
- arch_os: linux_arm64 | |
runs_on: ubuntu-20.04 | |
# - arch_os: windows_amd64 | |
# runs_on: windows-2022 | |
# builder_bin_path: '${RUNNER_TEMP}\bin' | |
# builder_bin_ext: .exe | |
# - arch_os: windows_amd64 | |
# runs_on: windows-2022 | |
# builder_bin_path: '${RUNNER_TEMP}\bin' | |
# builder_bin_ext: .exe | |
# fips: true | |
env: | |
OTELCOL_FIPS_SUFFIX: ${{ matrix.fips && '-fips' || '' }} | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Fetch current branch | |
run: ./ci/fetch_current_branch.sh | |
- name: Setup go | |
if: ${{ ! (contains(matrix.arch_os, 'windows') && matrix.fips) }} | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
cache-dependency-path: '**/go.sum' | |
- name: Setup go (Microsoft fork) and enable FIPS on Windows | |
if: contains(matrix.arch_os, 'windows') && matrix.fips | |
run: | | |
curl -Lo go.zip https://aka.ms/golang/release/latest/go${{ env.GO_VERSION }}.windows-amd64.zip && | |
powershell -command "Expand-Archive go.zip D:\\a\\_work\\1\\s" && | |
echo "/d/a/_work/1/s/go/bin" >> $GITHUB_PATH && | |
powershell -command "Set-ItemProperty -Path HKLM:\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy -Name Enabled -Value \$true" | |
- name: Set default BUILDER_BIN_PATH | |
run: echo "BUILDER_BIN_PATH=${HOME}/bin" >> $GITHUB_ENV | |
- name: Override BUILDER_BIN_PATH if set in matrix | |
run: echo "BUILDER_BIN_PATH=${{matrix.builder_bin_path}}" >> $GITHUB_ENV | |
if: matrix.builder_bin_path != '' | |
- name: Extract tag | |
id: extract_tag | |
run: echo "tag=$(echo ${GITHUB_REF#refs/tags/v})" > $GITHUB_OUTPUT | |
- name: Print tag | |
run: echo "${{ steps.extract_tag.outputs.tag }}" | |
- name: Add opentelemetry-collector-builder installation dir to PATH | |
run: echo "$BUILDER_BIN_PATH" >> $GITHUB_PATH | |
- name: Install opentelemetry-collector-builder | |
run: make install-builder | |
working-directory: ./otelcolbuilder | |
- name: Prepare tags in otelcolbuilder's config | |
run: make prepare-tag TAG=${{ steps.extract_tag.outputs.tag }} | |
- name: Build | |
if: ${{ ! (matrix.fips && contains(matrix.arch_os, 'windows')) }} | |
run: make otelcol-sumo-${{matrix.arch_os}} | |
working-directory: ./otelcolbuilder | |
- name: Build (FIPS) for Windows | |
if: matrix.fips && contains(matrix.arch_os, 'windows') | |
run: make otelcol-sumo-${{matrix.arch_os}} FIPS_SUFFIX="-fips" CGO_ENABLED=1 | |
working-directory: ./otelcolbuilder | |
- name: Set filename | |
id: set_filename | |
run: echo "filename=$(echo otelcol-sumo-${{ steps.extract_tag.outputs.tag }}${OTELCOL_FIPS_SUFFIX}-${{matrix.arch_os}})${{matrix.builder_bin_ext}}" > $GITHUB_OUTPUT | |
- name: Rename to include tag in filename | |
run: cp otelcol-sumo${OTELCOL_FIPS_SUFFIX}-${{matrix.arch_os}}${{matrix.builder_bin_ext}} ${{ steps.set_filename.outputs.filename }} | |
working-directory: ./otelcolbuilder/cmd | |
- name: Show Microsoft Cryptography Next-Generation symbols | |
if: matrix.fips && contains(matrix.arch_os, 'windows') | |
working-directory: ./otelcolbuilder/cmd | |
run: | | |
go tool nm ${{ steps.set_filename.outputs.filename }} | \ | |
grep "vendor/github.com/microsoft/go-crypto-winnative/internal/bcrypt.GetFipsAlgorithmMode" | |
- name: Sign Windows binary | |
if: runner.os == 'Windows' | |
uses: skymatic/code-sign-action@v2 | |
with: | |
certificate: '${{ secrets.MICROSOFT_CERTIFICATE }}' | |
password: '${{ secrets.MICROSOFT_CERTIFICATE_PASSWORD }}' | |
certificatesha1: '${{ secrets.MICROSOFT_CERTHASH }}' | |
certificatename: '${{ secrets.MICROSOFT_CERTNAME }}' | |
description: '${{ secrets.MICROSOFT_DESCRIPTION }}' | |
folder: ./otelcolbuilder/cmd | |
- name: Store binary as action artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{matrix.arch_os}}${{ matrix.fips && '_fips' || '' }} | |
path: ./otelcolbuilder/cmd/${{ steps.set_filename.outputs.filename }} | |
if-no-files-found: error | |
build-darwin: | |
name: Build darwin | |
runs-on: ${{ matrix.runs_on }} | |
strategy: | |
matrix: | |
include: | |
- arch_os: darwin_amd64 | |
runs_on: macos-latest | |
- arch_os: darwin_arm64 | |
runs_on: macos-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Fetch current branch | |
run: ./ci/fetch_current_branch.sh | |
- name: Setup go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
# As described in | |
# https://github.com/mvdan/github-actions-golang#how-do-i-set-up-caching-between-builds | |
- uses: actions/cache@v3 | |
with: | |
path: | | |
/Users/runner/go/pkg/mod | |
/Users/runner/Library/Caches/go-build | |
key: ${{matrix.arch_os}}-go-${{ hashFiles('**/go.sum') }} | |
restore-keys: | | |
${{matrix.arch_os}}-go- | |
- name: Extract tag | |
id: extract_tag | |
run: echo "tag=$(echo ${GITHUB_REF#refs/tags/v})" > $GITHUB_OUTPUT | |
- name: Add opentelemetry-collector-builder installation dir to PATH | |
run: echo "$HOME/bin" >> $GITHUB_PATH | |
- name: Install opentelemetry-collector-builder | |
run: make install-builder | |
working-directory: ./otelcolbuilder | |
- name: Prepare tags in otelcolbuilder's config | |
run: make prepare-tag TAG=${{ steps.extract_tag.outputs.tag }} | |
- name: Build | |
run: make otelcol-sumo-${{matrix.arch_os}} | |
working-directory: ./otelcolbuilder | |
- name: Set filename | |
id: set_filename | |
run: echo "filename=$(echo otelcol-sumo-${{ steps.extract_tag.outputs.tag }}-${{matrix.arch_os}})" > $GITHUB_OUTPUT | |
- name: Import Code-Signing Certificates | |
uses: Apple-Actions/import-codesign-certs@v2 | |
with: | |
# The certificates in a PKCS12 file encoded as a base64 string | |
p12-file-base64: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_P12_BASE64 }} | |
# The password used to import the PKCS12 file. | |
p12-password: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_PASSWORD }} | |
- name: Sign the mac binaries | |
env: | |
AC_PASSWORD: ${{ secrets.AC_PASSWORD }} | |
working-directory: ./otelcolbuilder/ | |
run: make ${{matrix.arch_os}}-sign | |
- name: Rename .dmg to include tag in filename | |
run: cp otelcol-sumo-${{matrix.arch_os}}.dmg ${{ steps.set_filename.outputs.filename }}.dmg | |
working-directory: ./otelcolbuilder/cmd | |
- name: Rename binary to include tag in filename | |
run: cp otelcol-sumo-${{matrix.arch_os}} ${{ steps.set_filename.outputs.filename }} | |
working-directory: ./otelcolbuilder/cmd | |
# Store binary and .dmg into pipeline artifacts after they have been signed | |
- name: Store .dmg as action artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{matrix.arch_os}}.dmg | |
path: ./otelcolbuilder/cmd/${{ steps.set_filename.outputs.filename }}.dmg | |
if-no-files-found: error | |
- name: Store binary as action artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{matrix.arch_os}} | |
path: ./otelcolbuilder/cmd/${{ steps.set_filename.outputs.filename }} | |
if-no-files-found: error | |
# pipeline to build FIPS compliance binary on Go+BoringCrypto | |
build-fips: | |
name: Build FIPS | |
runs-on: ubuntu-20.04 | |
strategy: | |
matrix: | |
arch_os: [ 'linux_amd64' ] | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Setup go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
cache-dependency-path: '**/go.sum' | |
- name: Fetch current branch | |
run: ./ci/fetch_current_branch.sh | |
- name: Extract tag | |
id: extract_tag | |
run: echo "tag=$(echo ${GITHUB_REF#refs/tags/v})" > $GITHUB_OUTPUT | |
- name: Add opentelemetry-collector-builder installation dir to PATH | |
run: echo "$HOME/bin" >> $GITHUB_PATH | |
- name: Install opentelemetry-collector-builder | |
run: make install-builder | |
working-directory: ./otelcolbuilder | |
- name: Prepare tags in otelcolbuilder's config | |
run: make prepare-tag TAG=${{ steps.extract_tag.outputs.tag }} | |
- name: Build Toolchains | |
run: make toolchain-${{ matrix.arch_os }} OUTPUT=/opt/toolchain -j3 | |
working-directory: ./otelcolbuilder | |
- name: Build (FIPS) | |
if: ${{ contains(matrix.arch_os, 'linux') }} | |
run: | | |
CC=$(find /opt/toolchain/bin -type f -name "*-linux-musl-gcc") | |
test "$CC" | |
echo "Using toolchain: $CC" | |
make otelcol-sumo-${{matrix.arch_os}} \ | |
FIPS_SUFFIX="-fips" \ | |
CGO_ENABLED="1" \ | |
CC="$CC" \ | |
EXTRA_LDFLAGS="-linkmode external -extldflags '-static'" | |
working-directory: ./otelcolbuilder | |
- name: Set filename | |
id: set_filename | |
run: echo "filename=$(echo otelcol-sumo-${{ steps.extract_tag.outputs.tag }}-fips-${{matrix.arch_os}})" > $GITHUB_OUTPUT | |
- name: Rename to include tag in filename | |
run: cp otelcol-sumo-fips-${{matrix.arch_os}} ${{ steps.set_filename.outputs.filename }} | |
working-directory: ./otelcolbuilder/cmd | |
- name: Show BoringSSL symbols | |
working-directory: ./otelcolbuilder/cmd | |
run: | | |
go tool nm ${{ steps.set_filename.outputs.filename }} | \ | |
grep "_Cfunc__goboringcrypto_" | |
- name: Store binary as action artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: "${{matrix.arch_os}}-fips" | |
path: ./otelcolbuilder/cmd/${{ steps.set_filename.outputs.filename }} | |
if-no-files-found: error | |
build-container-images: | |
name: Build container | |
runs-on: ubuntu-20.04 | |
needs: | |
- build | |
- build-fips | |
strategy: | |
matrix: | |
arch_os: [ 'linux_amd64', 'linux_arm64'] | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Extract tag | |
id: extract_tag | |
run: echo "tag=$(echo ${GITHUB_REF#refs/tags/v})" > $GITHUB_OUTPUT | |
- name: Print tag | |
run: echo "${{ steps.extract_tag.outputs.tag }}" | |
- name: Set up QEMU | |
uses: docker/[email protected] | |
- name: Set up Buildx | |
id: buildx | |
uses: docker/[email protected] | |
- name: Show Buildx platforms | |
run: echo ${{ steps.buildx.outputs.platforms }} | |
- name: Set filename | |
id: set_filename | |
run: echo "filename=$(echo otelcol-sumo-${{ steps.extract_tag.outputs.tag }}-${{matrix.arch_os}})" > $GITHUB_OUTPUT | |
- name: Set filename for FIPS | |
id: set_filename_fips | |
run: echo "filename_fips=$(echo otelcol-sumo-${{ steps.extract_tag.outputs.tag }}-fips-${{matrix.arch_os}})" > $GITHUB_OUTPUT | |
- name: Login to Open Source ECR | |
run: make login | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
- name: Download binary action artifact from build phase (regular binary and FIPS binary) | |
uses: actions/download-artifact@v4 | |
with: | |
name: ${{matrix.arch_os}} | |
path: artifacts/ | |
- name: Build and push FIPS image to Open Source ECR | |
if: matrix.arch_os == 'linux_amd64' | |
run: | | |
cp artifacts/${{ steps.set_filename_fips.outputs.filename_fips }} otelcol-sumo | |
make build-push-container-multiplatform \ | |
BUILD_TAG=${{ steps.extract_tag.outputs.tag }}-fips \ | |
PLATFORM=${{ matrix.arch_os }} \ | |
LATEST_TAG_FIPS_SUFFIX="-fips" | |
- name: Build and push image to Open Source ECR | |
run: | | |
cp artifacts/${{ steps.set_filename.outputs.filename }} otelcol-sumo | |
make build-push-container-multiplatform \ | |
BUILD_TAG=${{ steps.extract_tag.outputs.tag }} \ | |
PLATFORM=${{ matrix.arch_os }} | |
push-docker-manifest: | |
name: Push joint container manifest | |
runs-on: ubuntu-20.04 | |
needs: | |
# Require darwin build to succeed to prevent pushing container images | |
# when darwin build fails. | |
- build-darwin | |
- build-container-images | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Extract tag | |
id: extract_tag | |
run: echo "tag=$(echo ${GITHUB_REF#refs/tags/v})" > $GITHUB_OUTPUT | |
- name: Print tag | |
run: echo "${{ steps.extract_tag.outputs.tag }}" | |
- name: Set up QEMU | |
uses: docker/[email protected] | |
- name: Set up Buildx | |
id: buildx | |
uses: docker/[email protected] | |
- name: Show Buildx platforms | |
run: echo ${{ steps.buildx.outputs.platforms }} | |
- name: Login to Open Source ECR | |
run: make login | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
- name: Push joint FIPS container manifest for all platforms to Open Source ECR | |
run: | | |
make push-container-manifest \ | |
BUILD_TAG=${{ steps.extract_tag.outputs.tag }}-fips \ | |
PLATFORMS="linux/amd64" \ | |
LATEST_TAG_FIPS_SUFFIX="-fips" | |
- name: Push joint container manifest for all platforms to Open Source ECR | |
run: | | |
make push-container-manifest \ | |
BUILD_TAG=${{ steps.extract_tag.outputs.tag }} \ | |
PLATFORMS="linux/amd64 linux/arm64" | |
package-msi: | |
name: Package MSI | |
runs-on: windows-2019 | |
needs: | |
- build | |
strategy: | |
matrix: | |
include: | |
- arch_os: windows_amd64 | |
platform: x64 | |
fips: false | |
- arch_os: windows_amd64 | |
platform: x64 | |
fips: true | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Fetch current branch | |
run: ./ci/fetch_current_branch.sh | |
- name: Add msbuild to PATH | |
uses: microsoft/[email protected] | |
- name: Extract tag | |
id: extract_tag | |
run: echo "tag=$(echo ${GITHUB_REF#refs/tags/v})" > $GITHUB_OUTPUT | |
- name: Print tag | |
run: echo "${{ steps.extract_tag.outputs.tag }}" | |
- name: Fetch binary artifact for ${{ matrix.arch_os }} | |
uses: actions/download-artifact@v4 | |
with: | |
name: windows_amd64_fips | |
path: ./otelcolbuilder/cmd | |
- name: Rename binary artifact for ${{ matrix.arch_os }} | |
working-directory: ./otelcolbuilder/cmd | |
run: mv otelcol-sumo-*-sumo-*${{ matrix.arch_os }}.exe otelcol-sumo-${{ matrix.arch_os }}.exe | |
- name: Set VERSION_TAG | |
run: echo "VERSION_TAG=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV | |
- name: Set PRODUCT_VERSION | |
run: echo "PRODUCT_VERSION=$(./ci/get_version.sh productversion)" >> $GITHUB_ENV | |
- name: Build MSI for ${{ matrix.arch_os }} | |
working-directory: ./packaging/msi/wix | |
run: msbuild.exe -p:Configuration=Release -p:Platform=${{ matrix.platform }} -p:ProductVersion=$PRODUCT_VERSION -p:FIPSEnabled=${{ matrix.fips }} -Restore | |
- name: Sign MSI | |
uses: skymatic/code-sign-action@v2 | |
with: | |
certificate: '${{ secrets.MICROSOFT_CERTIFICATE }}' | |
password: '${{ secrets.MICROSOFT_CERTIFICATE_PASSWORD }}' | |
certificatesha1: '${{ secrets.MICROSOFT_CERTHASH }}' | |
certificatename: '${{ secrets.MICROSOFT_CERTNAME }}' | |
description: '${{ secrets.MICROSOFT_DESCRIPTION }}' | |
folder: ./packaging/msi/wix/bin/${{ matrix.platform }}/en-US | |
- name: Store MSI as action artifact for ${{ matrix.arch_os }} | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{ matrix.arch_os }}${{ matrix.fips && '_fips' || '' }}_msi | |
path: ./packaging/msi/wix/bin/${{ matrix.platform }}/en-US/*.msi | |
if-no-files-found: error | |
install-script: | |
name: Store install script | |
runs-on: ubuntu-20.04 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Fetch current branch | |
run: ./ci/fetch_current_branch.sh | |
- name: Store Linux install script as action artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: install.sh | |
path: ./scripts/install.sh | |
if-no-files-found: error | |
- name: Store Windows install script as action artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: install.ps1 | |
path: ./scripts/install.ps1 | |
if-no-files-found: error | |
config-management-assets: | |
name: Store Chef cookbook, Puppet module, and Ansible playbook | |
runs-on: ubuntu-20.04 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Fetch current branch | |
run: ./ci/fetch_current_branch.sh | |
- name: Archive Chef cookbook | |
run: tar -cvf ./examples/chef/chef-cookbook.tar.gz -C ./examples/chef sumologic-otel-collector/ | |
- name: Archive Puppet module | |
run: tar -cvf ./examples/puppet/puppet-module.tar.gz -C ./examples/puppet/modules install_otel_collector/ | |
- name: Archive Ansible playbook | |
run: tar -cvf ./examples/ansible-playbook.tar.gz -C ./examples ansible/ | |
# Users can download it via the "latest/download" redirect. | |
- name: Store Chef cookbook archive as action artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: chef-cookbook.tar.gz | |
path: ./examples/chef/chef-cookbook.tar.gz | |
if-no-files-found: error | |
- name: Store Puppet module archive as action artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: puppet-module.tar.gz | |
path: ./examples/puppet/puppet-module.tar.gz | |
if-no-files-found: error | |
- name: Store Ansible playbook archive as action artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ansible-playbook.tar.gz | |
path: ./examples/ansible-playbook.tar.gz | |
if-no-files-found: error | |
create-release: | |
name: Create Github release | |
runs-on: ubuntu-20.04 | |
needs: | |
- build | |
# - build-darwin | |
- build-fips | |
# - build-container-images | |
# - push-docker-manifest | |
# - package-msi | |
steps: | |
- name: Extract tag | |
id: extract_tag | |
run: echo "tag=$(echo ${GITHUB_REF#refs/tags/v})" > $GITHUB_OUTPUT | |
- name: Print tag | |
run: echo "v${{ steps.extract_tag.outputs.tag }}" | |
- name: Download all binaries stored as artifact | |
uses: actions/download-artifact@v4 | |
with: | |
path: artifacts/ | |
- uses: ncipollo/release-action@v1 | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
draft: true | |
prerelease: false | |
allowUpdates: true | |
omitBodyDuringUpdate: true | |
omitNameDuringUpdate: true | |
body: | | |
## v${{ steps.extract_tag.outputs.tag }} | |
**TODO** | |
### Upstream releases | |
** TODO: Add upstream versions in the links below** | |
Core: https://github.com/open-telemetry/opentelemetry-collector/releases/tag/v | |
Contrib: https://github.com/open-telemetry/opentelemetry-collector-contrib/releases/tag/v | |
### Changelog | |
**TODO** | |
### Container images: | |
``` | |
docker pull public.ecr.aws/sumologic/sumologic-otel-collector:${{ steps.extract_tag.outputs.tag }} | |
``` | |
artifacts: "artifacts/*/*" | |
artifactErrorsFailBuild: true | |
replacesArtifacts: true |