Test #12
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release Build | |
| on: | |
| push: | |
| env: | |
| AWS_PUBLIC_ECR_REGION: us-east-1 | |
| AWS_PRIVATE_ECR_REGION: us-west-2 | |
| TEST_TAG: public.ecr.aws/aws-observability/adot-autoinstrumentation-java:test | |
| PUBLIC_REPOSITORY: public.ecr.aws/e2l5l6g6/framework-test | |
| PRIVATE_REPOSITORY: 020628701572.dkr.ecr.us-west-2.amazonaws.com/adot-autoinstrumentation-java | |
| PRIVATE_REGISTRY: 020628701572.dkr.ecr.us-west-2.amazonaws.com | |
| permissions: | |
| id-token: write | |
| contents: write | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-java@v4 | |
| with: | |
| java-version: 17 | |
| distribution: 'temurin' | |
| - uses: gradle/wrapper-validation-action@v1 | |
| # - name: Publish patched dependencies to maven local | |
| # uses: ./.github/actions/patch-dependencies | |
| # with: | |
| # gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} | |
| # gpg_password: ${{ secrets.GPG_PASSPHRASE }} | |
| # - name: Configure AWS Credentials | |
| # uses: aws-actions/configure-aws-credentials@v4 | |
| # with: | |
| # role-to-assume: arn:aws:iam::612966150583:role/githubProviderRole | |
| # aws-region: ${{ env.AWS_PUBLIC_ECR_REGION }} | |
| # - name: Log in to AWS ECR | |
| # uses: docker/login-action@v3 | |
| # with: | |
| # registry: public.ecr.aws | |
| # - name: Build release with Gradle | |
| # uses: gradle/gradle-build-action@v3 | |
| # with: | |
| # arguments: build integrationTests -PlocalDocker=true -Prelease.version=1.0.0 --stacktrace | |
| # - name: Configure AWS Credentials | |
| # uses: aws-actions/configure-aws-credentials@v4 | |
| # with: | |
| # role-to-assume: ${{ secrets.AWS_ASSUME_ROLE_ARN_RELEASE }} | |
| # aws-region: ${{ env.AWS_PUBLIC_ECR_REGION }} | |
| # - name: Log in to AWS ECR | |
| # uses: docker/login-action@v3 | |
| # with: | |
| # registry: public.ecr.aws | |
| # - name: Configure AWS Credentials for Private ECR | |
| # uses: aws-actions/configure-aws-credentials@v4 | |
| # with: | |
| # role-to-assume: ${{ secrets.AWS_ASSUME_ROLE_ARN_RELEASE }} | |
| # aws-region: ${{ env.AWS_PRIVATE_ECR_REGION }} | |
| # - name: Log in to AWS private ECR | |
| # uses: docker/login-action@v3 | |
| # with: | |
| # registry: ${{ env.PRIVATE_REGISTRY }} | |
| # - name: Set up QEMU | |
| # uses: docker/setup-qemu-action@v3 | |
| # - name: Set up Docker Buildx | |
| # uses: docker/setup-buildx-action@v3 | |
| # with: | |
| # driver-opts: image=moby/buildkit:v0.15.1 | |
| # - name: Build image for testing | |
| # uses: docker/build-push-action@v5 | |
| # with: | |
| # push: false | |
| # build-args: "ADOT_JAVA_VERSION=${{ github.event.inputs.version }}" | |
| # context: . | |
| # platforms: linux/amd64 | |
| # tags: ${{ env.TEST_TAG }} | |
| # load: true | |
| # - name: Test docker image | |
| # shell: bash | |
| # run: .github/scripts/test-adot-javaagent-image.sh "${{ env.TEST_TAG }}" "${{ github.event.inputs.version }}" | |
| # - name: Build and push image | |
| # uses: docker/build-push-action@v5 | |
| # with: | |
| # push: true | |
| # build-args: "ADOT_JAVA_VERSION=${{ github.event.inputs.version }}" | |
| # context: . | |
| # platforms: linux/amd64,linux/arm64 | |
| # tags: | | |
| # ${{ env.PUBLIC_REPOSITORY }}:v${{ github.event.inputs.version }} | |
| # - name: Setup Notation CLI | |
| # uses: notaryproject/notation-action/setup@v1 | |
| # - name: Sign released image | |
| # uses: notaryproject/notation-action/sign@v1 | |
| # with: | |
| # plugin_name: aws-signer-notation-plugin | |
| # plugin_url: https://github.com/aws/aws-signer-notation-plugin/archive/refs/tags/v1.0.350.tar.gz | |
| # plugin_checksum: 6a1e0e0b2c3716899fd4c0ac37e60b287b1a36731f4874305c5c953291613acf | |
| # key_id: arn:aws:signer:us-east-1:612966150583:/signing-profiles/045231FF5_Jc8eznT2BNJ6 | |
| # target_artifact_reference: public.ecr.aws/e2l5l6g6/framework-test:latest | |
| - name: Setup Notation | |
| run: | | |
| curl -L -o aws-signer-notation-cli_amd64.rpm https://d2hvyiie56hcat.cloudfront.net/linux/amd64/installer/deb/latest/aws-signer-notation-cli_amd64.deb | |
| sudo apt install ./aws-signer-notation-cli_amd64.deb | |
| - name: Sign released image | |
| run: | | |
| notation sign public.ecr.aws/e2l5l6g6/framework-test:latest —plugin "com.amazonaws.signer.notation.plugin" —id "arn:aws:signer:us-east-1:612966150583:/signing-profiles/045231FF5_Jc8eznT2BNJ6" | |
| - name: Verify signed image | |
| uses: notaryproject/notation-action/verify@v1 | |
| with: | |
| target_artifact_reference: public.ecr.aws/e2l5l6g6/framework-test:latest | |
| trust_policy: ../trust-policy/signed-image.json | |
| # - name: Build and Publish release with Gradle | |
| # uses: gradle/gradle-build-action@v3 | |
| # with: | |
| # arguments: build final closeAndReleaseSonatypeStagingRepository -Prelease.version=${{ github.event.inputs.version }} --stacktrace | |
| # env: | |
| # PUBLISH_TOKEN_USERNAME: ${{ secrets.PUBLISH_TOKEN_USERNAME }} | |
| # PUBLISH_TOKEN_PASSWORD: ${{ secrets.PUBLISH_TOKEN_PASSWORD }} | |
| # GRGIT_USER: ${{ secrets.GITHUB_TOKEN }} | |
| # GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} | |
| # GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} | |
| # - name: Create release | |
| # env: | |
| # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token | |
| # run: | | |
| # cp "otelagent/build/libs/aws-opentelemetry-agent-${{ github.event.inputs.version }}.jar" aws-opentelemetry-agent.jar | |
| # gh release create --target "$GITHUB_REF_NAME" \ | |
| # --title "Release v${{ github.event.inputs.version }}" \ | |
| # --draft \ | |
| # "v${{ github.event.inputs.version }}" \ | |
| # aws-opentelemetry-agent.jar |