backport of commit c95a57c5259bbbc8cf72d02b02d162d834dd258f #2369
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: build | |
# We now default to running this workflow on every push to every branch. | |
# This provides fast feedback when build issues occur, so they can be | |
# fixed prior to being merged to the main branch. | |
# | |
# If you want to opt out of this, and only run the build on certain branches | |
# please refer to the documentation on branch filtering here: | |
# | |
# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#onpushbranchestagsbranches-ignoretags-ignore | |
# | |
on: [workflow_dispatch, push] | |
env: | |
PKG_NAME: "consul-dataplane" | |
jobs: | |
get-go-version: | |
uses: ./.github/workflows/reusable-get-go-version.yml | |
get-product-version: | |
runs-on: ubuntu-latest | |
outputs: | |
product-version: ${{ steps.get-product-version.outputs.product-version }} | |
steps: | |
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 | |
- name: get product version | |
id: get-product-version | |
run: | | |
make version | |
echo "product-version=$(make version)" >> $GITHUB_OUTPUT | |
generate-metadata-file: | |
needs: get-product-version | |
runs-on: ubuntu-latest | |
outputs: | |
filepath: ${{ steps.generate-metadata-file.outputs.filepath }} | |
steps: | |
- name: "Checkout directory" | |
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 | |
- name: Generate metadata file | |
id: generate-metadata-file | |
uses: hashicorp/actions-generate-metadata@v1 | |
with: | |
version: ${{ needs.get-product-version.outputs.product-version }} | |
product: ${{ env.PKG_NAME }} | |
repositoryOwner: "hashicorp" | |
- uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 | |
with: | |
name: metadata.json | |
path: ${{ steps.generate-metadata-file.outputs.filepath }} | |
build-linux: | |
needs: | |
- get-go-version | |
- get-product-version | |
runs-on: ubuntu-20.04 # the GLIBC is too high on 22.04 | |
strategy: | |
matrix: | |
include: | |
- {goos: "linux", goarch: "arm"} | |
- {goos: "linux", goarch: "arm64"} | |
- {goos: "linux", goarch: "386"} | |
- {goos: "linux", goarch: "amd64"} | |
- {goos: "linux", goarch: "amd64", gotags: "fips", env: "CGO_ENABLED=1 GOEXPERIMENT=boringcrypto", fips: "+fips1402", pkg_suffix: "-fips" } | |
- {goos: "linux", goarch: "arm64", gotags: "fips", env: "CGO_ENABLED=1 GOEXPERIMENT=boringcrypto CC=aarch64-linux-gnu-gcc", fips: "+fips1402", pkg_suffix: "-fips" } | |
fail-fast: true | |
name: Go ${{ needs.get-go-version.outputs.go-version }} ${{ matrix.goos }} ${{ matrix.goarch }} ${{ matrix.fips }} build | |
steps: | |
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 | |
- uses: hashicorp/actions-go-build@v0.1.3 | |
with: | |
product_name: ${{ env.PKG_NAME }} | |
product_version: ${{ needs.get-product-version.outputs.product-version }}${{ matrix.fips }} | |
go_version: ${{ needs.get-go-version.outputs.go-version }} | |
os: ${{ matrix.goos }} | |
arch: ${{ matrix.goarch }} | |
reproducible: assert | |
instructions: | | |
if [[ "${{ matrix.fips }}" == "+fips1402" ]] | |
then | |
sudo apt-get update --allow-releaseinfo-change-suite --allow-releaseinfo-change-version && sudo apt-get install -y build-essential gcc-aarch64-linux-gnu | |
fi | |
${{ matrix.env }} go build -tags=${{ matrix.gotags }} -trimpath -buildvcs=false -ldflags="-X github.com/hashicorp/consul-dataplane/pkg/version.GitCommit=${GITHUB_SHA::8}" -o $BIN_PATH ./cmd/$BIN_NAME | |
- name: Package | |
if: ${{ matrix.goos == 'linux' }} | |
uses: hashicorp/actions-packaging-linux@v1 | |
with: | |
name: ${{ github.event.repository.name }}${{ matrix.pkg_suffix }} | |
description: "Consul dataplane connects an application to a Consul service mesh." | |
arch: ${{ matrix.goarch }} | |
version: ${{ needs.get-product-version.outputs.product-version }}${{ matrix.fips }} | |
maintainer: "HashiCorp" | |
homepage: "https://github.com/hashicorp/consul-dataplane" | |
license: "MPL-2.0" | |
binary: "dist/${{ env.PKG_NAME }}" | |
deb_depends: "openssl" | |
rpm_depends: "openssl" | |
- name: Set Package Names | |
if: ${{ matrix.goos == 'linux' }} | |
run: | | |
echo "RPM_PACKAGE=$(basename out/*.rpm)" >> $GITHUB_ENV | |
echo "DEB_PACKAGE=$(basename out/*.deb)" >> $GITHUB_ENV | |
- uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 | |
if: ${{ matrix.goos == 'linux' }} | |
with: | |
name: ${{ env.RPM_PACKAGE }} | |
path: out/${{ env.RPM_PACKAGE }} | |
- uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 | |
if: ${{ matrix.goos == 'linux' }} | |
with: | |
name: ${{ env.DEB_PACKAGE }} | |
path: out/${{ env.DEB_PACKAGE }} | |
build-darwin: | |
needs: | |
- get-go-version | |
- get-product-version | |
runs-on: macos-latest | |
strategy: | |
matrix: | |
goos: [darwin] | |
goarch: ["amd64", "arm64"] | |
fail-fast: true | |
name: Go ${{ needs.get-go-version.outputs.go-version }} ${{ matrix.goos }} ${{ matrix.goarch }} build | |
env: | |
GOOS: ${{ matrix.goos }} | |
GOARCH: ${{ matrix.goarch }} | |
steps: | |
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 | |
- uses: hashicorp/actions-go-build@v0.1.3 | |
with: | |
product_name: ${{ env.PKG_NAME }} | |
product_version: ${{ needs.get-product-version.outputs.product-version }} | |
go_version: ${{ needs.get-go-version.outputs.go-version }} | |
os: ${{ matrix.goos }} | |
arch: ${{ matrix.goarch }} | |
reproducible: assert | |
instructions: CGO_ENABLED=0 go build -trimpath -buildvcs=false -ldflags="-X github.com/hashicorp/consul-dataplane/pkg/version.GitCommit=${GITHUB_SHA::8}" -o $BIN_PATH ./cmd/$BIN_NAME | |
build-docker-default: | |
name: Docker ${{ matrix.arch }} ${{ matrix.fips }} default release build | |
needs: | |
- get-go-version | |
- get-product-version | |
- build-linux | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
# This is the subset of architectures we build binaries for officially | |
# supported by Envoy. | |
include: | |
- { arch: "amd64" } | |
- { arch: "amd64", fips: "+fips1402" } | |
- { arch: "arm64" } | |
- { arch: "arm64", fips: "+fips1402" } | |
env: | |
repo: ${{ github.event.repository.name }} | |
version: ${{ needs.get-product-version.outputs.product-version }}${{ matrix.fips }} | |
steps: | |
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 | |
# This naming convention will be used ONLY for per-commit dev images | |
- name: Set docker dev tag | |
run: | | |
echo "full_dev_tag=${{ env.version }}" | |
echo "full_dev_tag=${{ env.version }}" >> $GITHUB_ENV | |
echo "minor_dev_tag=$(echo ${{ env.version }}| sed -E 's/([0-9]+\.[0-9]+)\.[0-9]+(-[0-9a-zA-Z\+\.]+)?$/\1\2/')" | |
echo "minor_dev_tag=$(echo ${{ env.version }}| sed -E 's/([0-9]+\.[0-9]+)\.[0-9]+(-[0-9a-zA-Z\+\.]+)?$/\1\2/')" >> $GITHUB_ENV | |
- name: Docker Build (Action) | |
if: ${{ !matrix.fips }} | |
uses: hashicorp/actions-docker-build@76d2fc91532d816ca2660d8f3139e432ac3700fd | |
with: | |
smoke_test: | | |
TEST_VERSION="$(docker run "${IMAGE_NAME}" --version | head -n1 | cut -d' ' -f3 | sed 's/^v//')" | |
if [ "${TEST_VERSION}" != "${version}" ]; then | |
echo "Test FAILED: Got ${TEST_VERSION}, want ${version}." | |
exit 1 | |
fi | |
echo "Test PASSED" | |
version: ${{ env.version }} | |
target: release-default | |
arch: ${{ matrix.arch }} | |
tags: | | |
docker.io/hashicorp/${{env.repo}}:${{env.version}} | |
public.ecr.aws/hashicorp/${{env.repo}}:${{env.version}} | |
dev_tags: | | |
docker.io/hashicorppreview/${{ env.repo }}:${{ env.full_dev_tag }} | |
docker.io/hashicorppreview/${{ env.repo }}:${{ env.full_dev_tag }}-${{ github.sha }} | |
docker.io/hashicorppreview/${{ env.repo }}:${{ env.minor_dev_tag }} | |
docker.io/hashicorppreview/${{ env.repo }}:${{ env.minor_dev_tag }}-${{ github.sha }} | |
extra_build_args: | | |
GOLANG_VERSION=${{ needs.get-go-version.outputs.go-version }} | |
- name: Docker FIPS Build (Action) | |
if: ${{ matrix.fips }} | |
uses: hashicorp/actions-docker-build@76d2fc91532d816ca2660d8f3139e432ac3700fd | |
with: | |
smoke_test: | | |
TEST_VERSION="$(docker run "${IMAGE_NAME}" --version | head -n1 | cut -d' ' -f3 | sed 's/^v//')" | |
if [ "${TEST_VERSION}" != "${version}" ]; then | |
echo "Test FAILED: Got ${TEST_VERSION}, want ${version}." | |
exit 1 | |
fi | |
echo "Test PASSED" | |
version: ${{ env.version }} | |
target: release-fips-default | |
arch: ${{ matrix.arch }} | |
tags: | | |
docker.io/hashicorp/${{env.repo}}-fips:${{env.version}} | |
public.ecr.aws/hashicorp/${{env.repo}}-fips:${{env.version}} | |
dev_tags: | | |
docker.io/hashicorppreview/${{ env.repo }}-fips:${{ env.full_dev_tag }} | |
docker.io/hashicorppreview/${{ env.repo }}-fips:${{ env.full_dev_tag }}-${{ github.sha }} | |
docker.io/hashicorppreview/${{ env.repo }}-fips:${{ env.minor_dev_tag }} | |
docker.io/hashicorppreview/${{ env.repo }}-fips:${{ env.minor_dev_tag }}-${{ github.sha }} | |
extra_build_args: | | |
GOLANG_VERSION=${{ needs.get-go-version.outputs.go-version }} | |
build-docker-redhat: | |
name: Docker ${{ matrix.fips }} UBI Image Build (for Red Hat Certified Container Registry) | |
needs: | |
- get-go-version | |
- get-product-version | |
- build-linux | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
include: | |
- { target-name: "release-ubi", registry-id: "631f805e0d15f623c5996c2e" } | |
- { target-name: "release-fips-ubi", registry-id: "649cced3e093d1cc7f3d9b61", fips: "+fips1402" } | |
env: | |
repo: ${{github.event.repository.name}} | |
version: ${{needs.get-product-version.outputs.product-version}}${{ matrix.fips }} | |
steps: | |
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 | |
- uses: hashicorp/actions-docker-build@76d2fc91532d816ca2660d8f3139e432ac3700fd | |
with: | |
version: ${{env.version}} | |
target: ${{ matrix.target-name }} | |
arch: amd64 | |
redhat_tag: quay.io/redhat-isv-containers/${{matrix.registry-id}}:${{env.version}}-ubi | |
extra_build_args: | | |
GOLANG_VERSION=${{ needs.get-go-version.outputs.go-version }} | |
build-docker-ubi-dockerhub: | |
name: Docker ${{ matrix.arch }} ${{ matrix.fips }} UBI build for DockerHub | |
needs: | |
- get-go-version | |
- get-product-version | |
- build-linux | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
include: | |
- { arch: "amd64" } | |
- { arch: "amd64", fips: "+fips1402" } | |
env: | |
repo: ${{ github.event.repository.name }} | |
version: ${{ needs.get-product-version.outputs.product-version }}${{ matrix.fips }} | |
steps: | |
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 | |
# This naming convention will be used ONLY for per-commit dev images | |
- name: Set docker dev tag | |
run: | | |
echo "full_dev_tag=${{ env.version }}" | |
echo "full_dev_tag=${{ env.version }}" >> $GITHUB_ENV | |
echo "minor_dev_tag=$(echo ${{ env.version }}| sed -E 's/([0-9]+\.[0-9]+)\.[0-9]+(-[0-9a-zA-Z\+\.]+)?$/\1\2/')" | |
echo "minor_dev_tag=$(echo ${{ env.version }}| sed -E 's/([0-9]+\.[0-9]+)\.[0-9]+(-[0-9a-zA-Z\+\.]+)?$/\1\2/')" >> $GITHUB_ENV | |
- name: Docker Build (Action) | |
if: ${{ !matrix.fips }} | |
uses: hashicorp/actions-docker-build@76d2fc91532d816ca2660d8f3139e432ac3700fd | |
with: | |
smoke_test: | | |
TEST_VERSION="$(docker run "${IMAGE_NAME}" --version | head -n1 | cut -d' ' -f3 | sed 's/^v//')" | |
if [ "${TEST_VERSION}" != "${version}" ]; then | |
echo "Test FAILED: Got ${TEST_VERSION}, want ${version}}." | |
exit 1 | |
fi | |
echo "Test PASSED" | |
version: ${{ env.version }} | |
target: release-ubi | |
arch: ${{ matrix.arch }} | |
tags: | | |
docker.io/hashicorp/${{env.repo}}:${{env.version}}-ubi | |
public.ecr.aws/hashicorp/${{env.repo}}:${{env.version}}-ubi | |
dev_tags: | | |
docker.io/hashicorppreview/${{ env.repo }}:${{ env.full_dev_tag }}-ubi | |
docker.io/hashicorppreview/${{ env.repo }}:${{ env.full_dev_tag }}-ubi-${{ github.sha }} | |
docker.io/hashicorppreview/${{ env.repo }}:${{ env.minor_dev_tag }}-ubi | |
docker.io/hashicorppreview/${{ env.repo }}:${{ env.minor_dev_tag }}-ubi-${{ github.sha }} | |
extra_build_args: | | |
GOLANG_VERSION=${{ needs.get-go-version.outputs.go-version }} | |
- name: Docker FIPS Build (Action) | |
if: ${{ matrix.fips }} | |
uses: hashicorp/actions-docker-build@76d2fc91532d816ca2660d8f3139e432ac3700fd | |
with: | |
smoke_test: | | |
TEST_VERSION="$(docker run "${IMAGE_NAME}" --version | head -n1 | cut -d' ' -f3 | sed 's/^v//')" | |
if [ "${TEST_VERSION}" != "${version}" ]; then | |
echo "Test FAILED: Got ${TEST_VERSION}, want ${version}}." | |
exit 1 | |
fi | |
echo "Test PASSED" | |
version: ${{ env.version }} | |
target: release-fips-ubi | |
arch: ${{ matrix.arch }} | |
tags: | | |
docker.io/hashicorp/${{env.repo}}-fips:${{env.version}}-ubi | |
public.ecr.aws/hashicorp/${{env.repo}}-fips:${{env.version}}-ubi | |
dev_tags: | | |
docker.io/hashicorppreview/${{ env.repo }}-fips:${{ env.full_dev_tag }}-ubi | |
docker.io/hashicorppreview/${{ env.repo }}-fips:${{ env.full_dev_tag }}-ubi-${{ github.sha }} | |
docker.io/hashicorppreview/${{ env.repo }}-fips:${{ env.minor_dev_tag }}-ubi | |
docker.io/hashicorppreview/${{ env.repo }}-fips:${{ env.minor_dev_tag }}-ubi-${{ github.sha }} | |
extra_build_args: | | |
GOLANG_VERSION=${{ needs.get-go-version.outputs.go-version }} | |
integration-tests: | |
name: Integration Tests (Consul ${{ matrix.server.version }} ${{ matrix.dataplane.docker_target }}) | |
needs: | |
- build-docker-default | |
- build-docker-ubi-dockerhub | |
- get-product-version | |
- get-go-version | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
server: | |
- version: v1.15.0-dev | |
image: hashicorppreview/consul:1.15-dev | |
- version: v1.16.0-dev | |
image: hashicorppreview/consul:1.16-dev | |
- version: v1.17.0-dev | |
image: hashicorppreview/consul:1.17-dev | |
- version: v1.18.0-dev | |
image: hashicorppreview/consul:1.18-dev | |
dataplane: | |
- image_suffix: "" | |
docker_target: "release-default" | |
- image_suffix: "-ubi" | |
docker_target: "release-ubi" | |
env: | |
repo: ${{ github.event.repository.name }} | |
version: ${{ needs.get-product-version.outputs.product-version }} | |
steps: | |
- name: Set docker dev tag | |
run: | | |
version="${{ env.version }}" | |
echo "dev_tag=${{ env.version }}${{ matrix.dataplane.image_suffix }}" >> $GITHUB_ENV | |
- name: Set image tarball | |
run: | | |
echo "image_tarball=${{env.repo}}_${{ matrix.dataplane.docker_target }}_linux_amd64_${{env.version}}_${{github.sha}}.docker.dev.tar" >> $GITHUB_ENV | |
- uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 | |
with: | |
name: ${{env.image_tarball}} | |
- run: docker load --input ${{env.image_tarball}} | |
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 | |
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 | |
with: | |
go-version: ${{ needs.get-go-version.outputs.go-version }} | |
- id: run-tests | |
run: cd integration-tests && go test -v -output-dir=./output -dataplane-image=hashicorppreview/${{env.repo}}:${{env.dev_tag}}-${{github.sha}} -server-image=${{matrix.server.image}} -server-version=${{matrix.server.version}} | |
continue-on-error: true | |
- uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 | |
continue-on-error: true | |
with: | |
name: consul-${{matrix.server.version}}-integration-tests-output | |
path: integration-tests/output/ | |
if-no-files-found: 'error' | |
- name: Check for failures | |
if: ${{ steps.run-tests.outcome != 'success' }} | |
run: exit 1 |