Skip to content

Test

Test #27

Workflow file for this run

name: Release Build
on:
push:
env:
AWS_PUBLIC_ECR_REGION: us-east-1
AWS_PRIVATE_ECR_REGION: us-west-2
TEST_TAG: public.ecr.aws/aws-observability/adot-autoinstrumentation-java:test
PUBLIC_REPOSITORY: public.ecr.aws/e2l5l6g6/framework-test
PRIVATE_REPOSITORY: 020628701572.dkr.ecr.us-west-2.amazonaws.com/adot-autoinstrumentation-java
PRIVATE_REGISTRY: 020628701572.dkr.ecr.us-west-2.amazonaws.com
permissions:
id-token: write
contents: write
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-java@v4
with:
java-version: 17
distribution: 'temurin'
- uses: gradle/wrapper-validation-action@v1
# - name: Publish patched dependencies to maven local
# uses: ./.github/actions/patch-dependencies
# with:
# gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
# gpg_password: ${{ secrets.GPG_PASSPHRASE }}
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::612966150583:role/aws-obs-java-image-release
aws-region: ${{ env.AWS_PUBLIC_ECR_REGION }}
- name: Log in to AWS ECR
uses: docker/login-action@v3
with:
registry: public.ecr.aws
# - name: Build release with Gradle
# uses: gradle/gradle-build-action@v3
# with:
# arguments: build integrationTests -PlocalDocker=true -Prelease.version=1.0.0 --stacktrace
# - name: Configure AWS Credentials
# uses: aws-actions/configure-aws-credentials@v4
# with:
# role-to-assume: ${{ secrets.AWS_ASSUME_ROLE_ARN_RELEASE }}
# aws-region: ${{ env.AWS_PUBLIC_ECR_REGION }}
# - name: Log in to AWS ECR
# uses: docker/login-action@v3
# with:
# registry: public.ecr.aws
# - name: Configure AWS Credentials for Private ECR
# uses: aws-actions/configure-aws-credentials@v4
# with:
# role-to-assume: ${{ secrets.AWS_ASSUME_ROLE_ARN_RELEASE }}
# aws-region: ${{ env.AWS_PRIVATE_ECR_REGION }}
# - name: Log in to AWS private ECR
# uses: docker/login-action@v3
# with:
# registry: ${{ env.PRIVATE_REGISTRY }}
# - name: Set up QEMU
# uses: docker/setup-qemu-action@v3
# - name: Set up Docker Buildx
# uses: docker/setup-buildx-action@v3
# with:
# driver-opts: image=moby/buildkit:v0.15.1
# - name: Build image for testing
# uses: docker/build-push-action@v5
# with:
# push: false
# build-args: "ADOT_JAVA_VERSION=${{ github.event.inputs.version }}"
# context: .
# platforms: linux/amd64
# tags: ${{ env.TEST_TAG }}
# load: true
# - name: Test docker image
# shell: bash
# run: .github/scripts/test-adot-javaagent-image.sh "${{ env.TEST_TAG }}" "${{ github.event.inputs.version }}"
# - name: Build and push image
# uses: docker/build-push-action@v5
# with:
# push: true
# build-args: "ADOT_JAVA_VERSION=${{ github.event.inputs.version }}"
# context: .
# platforms: linux/amd64,linux/arm64
# tags: |
# ${{ env.PUBLIC_REPOSITORY }}:v${{ github.event.inputs.version }}
# - name: Setup Notation CLI
# uses: notaryproject/notation-action/setup@v1
# - name: Sign released image
# uses: notaryproject/notation-action/sign@v1
# with:
# plugin_name: aws-signer-notation-plugin
# plugin_url: https://github.com/aws/aws-signer-notation-plugin/archive/refs/tags/v1.0.350.tar.gz
# plugin_checksum: 6a1e0e0b2c3716899fd4c0ac37e60b287b1a36731f4874305c5c953291613acf
# key_id: arn:aws:signer:us-east-1:612966150583:/signing-profiles/045231FF5_Jc8eznT2BNJ6
# target_artifact_reference: public.ecr.aws/e2l5l6g6/framework-test:latest
- name: Setup Notation
run: |
curl -L -o aws-signer-notation-cli_amd64.deb https://d2hvyiie56hcat.cloudfront.net/linux/amd64/installer/deb/latest/aws-signer-notation-cli_amd64.deb
sudo apt install ./aws-signer-notation-cli_amd64.deb
- name: Sign released image
run: notation sign public.ecr.aws/e2l5l6g6/framework-test:latest --plugin "com.amazonaws.signer.notation.plugin" --id "arn:aws:signer:us-east-1:612966150583:/signing-profiles/045231FF5_ktKl6W91z4Rb"
- name: Verify signed image
run: |
notation policy import ./.github/trust-policy/signed-image.json
notation verify public.ecr.aws/e2l5l6g6/framework-test:latest
# - name: Build and Publish release with Gradle
# uses: gradle/gradle-build-action@v3
# with:
# arguments: build final closeAndReleaseSonatypeStagingRepository -Prelease.version=${{ github.event.inputs.version }} --stacktrace
# env:
# PUBLISH_TOKEN_USERNAME: ${{ secrets.PUBLISH_TOKEN_USERNAME }}
# PUBLISH_TOKEN_PASSWORD: ${{ secrets.PUBLISH_TOKEN_PASSWORD }}
# GRGIT_USER: ${{ secrets.GITHUB_TOKEN }}
# GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
# GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
# - name: Create release
# env:
# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token
# run: |
# cp "otelagent/build/libs/aws-opentelemetry-agent-${{ github.event.inputs.version }}.jar" aws-opentelemetry-agent.jar
# gh release create --target "$GITHUB_REF_NAME" \
# --title "Release v${{ github.event.inputs.version }}" \
# --draft \
# "v${{ github.event.inputs.version }}" \
# aws-opentelemetry-agent.jar