-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #237 from solarwinds/cc/NH-37575
NH-37575: pipeline move to GHA
- Loading branch information
Showing
25 changed files
with
700 additions
and
203 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,27 +1,383 @@ | ||
# This workflow is triggered either by a push or by manually clicking `Run Workflow` in the Actions page. | ||
# The purpose of the workflow is to build the agent and run the tests. | ||
|
||
name: Push | ||
|
||
on: | ||
workflow_dispatch: | ||
push: | ||
|
||
permissions: | ||
packages: write | ||
contents: read | ||
id-token: write | ||
|
||
env: | ||
SW_APM_DEBUG_LEVEL: trace | ||
AGENT_DOWNLOAD_URL: https://agent-binaries.global.st-ssp.solarwinds.com/apm/java/latest/solarwinds-apm-agent.jar | ||
SW_APM_COLLECTOR: ${{ secrets.SW_APM_COLLECTOR }} | ||
OTEL_EXPORTER_OTLP_ENDPOINT: ${{ secrets.OTEL_EXPORTER_OTLP_ENDPOINT }} | ||
SW_APM_SERVICE_KEY_AO: ${{ secrets.SW_APM_SERVICE_KEY_AO }} | ||
SW_APM_SERVICE_KEY: ${{ secrets.SW_APM_SERVICE_KEY }} | ||
GITHUB_USERNAME: ${{ github.actor }} | ||
SWO_LOGIN_URL: ${{ secrets.SWO_LOGIN_URL }} | ||
SWO_HOST_URL: ${{ secrets.SWO_HOST_URL }} | ||
SWO_EMAIL: ${{ secrets.SWO_EMAIL }} | ||
SWO_PWORD: ${{ secrets.SWO_PWORD }} | ||
STAGE_BUCKET: ${{ secrets.STAGE_BUCKET }} | ||
|
||
jobs: | ||
build: | ||
s3-stage-upload: # this job uploads the jar to stage s3 | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/checkout@v4 | ||
|
||
- name: Set up JDK 17 | ||
uses: actions/setup-java@v4 | ||
with: | ||
java-version: '17' | ||
distribution: 'temurin' | ||
|
||
- uses: aws-actions/configure-aws-credentials@v4 | ||
with: | ||
role-to-assume: ${{ secrets.AWS_S3_ROLE_ARN_SSP_STAGE }} | ||
aws-region: "us-east-1" | ||
|
||
- name: Build agent | ||
run: ./gradlew clean build -x test | ||
|
||
- name: Set agent version env | ||
run: | | ||
echo "AGENT_VERSION=$(cd agent/build/libs && unzip -p solarwinds-apm-agent.jar META-INF/MANIFEST.MF | grep Implementation-Version | awk '{ print $2 }' | sed 's/[^a-z0-9.-]//g')" >> $GITHUB_ENV | ||
- name: Copy to S3 | ||
run: | | ||
ls -al | ||
aws s3 cp agent/build/libs/solarwinds-apm-agent.jar \ | ||
s3://$STAGE_BUCKET/apm/java/$AGENT_VERSION/solarwinds-apm-agent.jar \ | ||
--acl public-read | ||
aws s3 cp agent-lambda/build/libs/solarwinds-apm-agent-lambda.jar \ | ||
s3://$STAGE_BUCKET/apm/java/$AGENT_VERSION/solarwinds-apm-agent-lambda.jar \ | ||
--acl public-read | ||
aws s3 cp custom/shared/src/main/resources/solarwinds-apm-config.json \ | ||
s3://$STAGE_BUCKET/apm/java/$AGENT_VERSION/solarwinds-apm-config.json \ | ||
--acl public-read | ||
- name: Copy to S3(latest) | ||
run: | | ||
aws s3 cp s3://$STAGE_BUCKET/apm/java/$AGENT_VERSION/solarwinds-apm-agent.jar \ | ||
s3://$STAGE_BUCKET/apm/java/latest/solarwinds-apm-agent.jar \ | ||
--acl public-read | ||
aws s3 cp s3://$STAGE_BUCKET/apm/java/$AGENT_VERSION/solarwinds-apm-agent-lambda.jar \ | ||
s3://$STAGE_BUCKET/apm/java/latest/solarwinds-apm-agent-lambda.jar \ | ||
--acl public-read | ||
aws s3 cp s3://$STAGE_BUCKET/apm/java/$AGENT_VERSION/solarwinds-apm-config.json \ | ||
s3://$STAGE_BUCKET/apm/java/latest/solarwinds-apm-config.json \ | ||
--acl public-read | ||
touch VERSION | ||
echo "version: $AGENT_VERSION" >> VERSION | ||
SHA256=$(sha256sum agent/build/libs/solarwinds-apm-agent.jar) | ||
echo "sha256: $SHA256" >> VERSION | ||
aws s3 cp VERSION \ | ||
s3://$STAGE_BUCKET/apm/java/latest/VERSION \ | ||
--acl public-read | ||
|
||
build-test-images: | ||
runs-on: ubuntu-latest | ||
needs: | ||
- s3-stage-upload | ||
steps: | ||
- uses: actions/checkout@v4 | ||
|
||
- name: Docker login | ||
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u $GITHUB_USERNAME --password-stdin | ||
|
||
- name: Docker push | ||
run: | | ||
cd long-running-test-arch | ||
IMAGE_ID_RC=$(echo "ghcr.io/$GITHUB_REPOSITORY_OWNER/petclinic:agent-rc" | tr '[:upper:]' '[:lower:]') | ||
IMAGE_ID_ST=$(echo "ghcr.io/$GITHUB_REPOSITORY_OWNER/petclinic:agent-latest" | tr '[:upper:]' '[:lower:]') | ||
IMAGE_ID_XK6=$(echo "ghcr.io/$GITHUB_REPOSITORY_OWNER/xk6:latest" | tr '[:upper:]' '[:lower:]') | ||
docker buildx create --use --name multiarch | ||
docker buildx build --tag $IMAGE_ID_RC --push -f Dockerfile-rc . | ||
docker buildx build --tag $IMAGE_ID_ST --push -f Dockerfile . | ||
docker buildx build --tag $IMAGE_ID_XK6 --push xk6/ | ||
- name: Docker logout | ||
run: docker logout | ||
|
||
test: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/checkout@v4 | ||
|
||
- name: Set up JDK 17 | ||
uses: actions/setup-java@v4 | ||
with: | ||
java-version: '17' | ||
distribution: 'temurin' | ||
|
||
- name: Build agent | ||
run: ./gradlew clean build -x test | ||
|
||
- name: Muzzle check | ||
run: ./gradlew muzzle | ||
|
||
- name: Execute tests | ||
run: ./gradlew test | ||
|
||
- name: Check shading | ||
run: | | ||
code=0 | ||
for path in $(jar -tf agent/build/libs/solarwinds-apm-agent.jar | grep -E -v '^((com/solarwinds|inst|io/open|META))') | ||
do | ||
PACKAGE=$(echo "$path" | awk -F/ '{print $2}') | ||
if [ -n "$PACKAGE" ] && [ "$PACKAGE" != "annotation" ]; then | ||
echo "Package ($path) is not shaded" | ||
code=1 | ||
fi | ||
done | ||
exit $code | ||
lambda=0 | ||
for path in $(jar -tf agent-lambda/build/libs/solarwinds-apm-agent-lambda.jar | grep -E -v '^((com/solarwinds|inst|io/open|META))') | ||
do | ||
PACKAGE=$(echo "$path" | awk -F/ '{print $2}') | ||
if [ -n "$PACKAGE" ] && [ "$PACKAGE" != "annotation" ]; then | ||
echo "Package ($path) is not shaded" | ||
lambda=1 | ||
fi | ||
done | ||
exit $lambda | ||
lambda-release-test: | ||
runs-on: ubuntu-latest | ||
needs: | ||
- s3-stage-upload | ||
env: | ||
LAMBDA: "true" | ||
steps: | ||
- uses: actions/checkout@v4 | ||
|
||
- name: Set up JDK 17 | ||
uses: actions/setup-java@v4 | ||
with: | ||
java-version: '17' | ||
distribution: 'temurin' | ||
|
||
- name: Build smoke-test | ||
run: | | ||
cd smoke-tests | ||
./gradlew build -x test | ||
- name: Docker login | ||
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u $GITHUB_USERNAME --password-stdin | ||
|
||
- name: Execute smoke tests | ||
run: | | ||
cd smoke-tests | ||
./gradlew test -s | ||
- uses: actions/upload-artifact@v4 | ||
if: always() | ||
with: | ||
path: smoke-tests/build/reports/tests/test | ||
name: lambda-release-test | ||
|
||
- name: Docker logout | ||
run: docker logout | ||
|
||
lambda-publish-stage: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/checkout@v2 | ||
- uses: actions/checkout@v4 | ||
|
||
- name: Set up JDK 17 | ||
uses: actions/setup-java@v4 | ||
with: | ||
ref: ${{ github.ref_name }} | ||
- name: Set up JDK 11 | ||
uses: actions/setup-java@v2 | ||
java-version: '17' | ||
distribution: 'temurin' | ||
|
||
- name: Aws setup | ||
uses: aws-actions/configure-aws-credentials@v4 | ||
with: | ||
java-version: '11' | ||
role-to-assume: ${{ secrets.AWS_LAMBDA_ROLE_STAGE }} | ||
aws-region: "us-east-1" | ||
|
||
- name: Build agent | ||
run: ./gradlew clean build -x test | ||
|
||
- name: Create zip | ||
run: ./gradlew :agent-lambda:lambda-layer | ||
|
||
- name: Set agent version env | ||
run: | | ||
echo "AGENT_VERSION=$(cd agent/build/libs && unzip -p solarwinds-apm-agent.jar META-INF/MANIFEST.MF | grep Implementation-Version | awk '{ print $2 }' | sed 's/[^a-z0-9.-]//g')" >> $GITHUB_ENV | ||
- name: Create lambda layer | ||
run: | | ||
regions=( | ||
"ap-northeast-1" | ||
"ap-northeast-2" | ||
"ap-south-1" | ||
"ap-southeast-1" | ||
"ap-southeast-2" | ||
"ca-central-1" | ||
"eu-central-1" | ||
"eu-north-1" | ||
"eu-west-1" | ||
"eu-west-2" | ||
"eu-west-3" | ||
"sa-east-1" | ||
"us-east-1" | ||
"us-east-2" | ||
"us-west-1" | ||
"us-west-2") | ||
VERSION=$(echo "$AGENT_VERSION" | sed 's/[.]/_/g') | ||
LAYER_NAME="solarwinds-apm-java-$VERSION" | ||
touch arns.txt | ||
layer_size=$(stat --printf=%s agent-lambda/build/lambda-layer/layer.zip) | ||
set +e | ||
for region in "${regions[@]}"; do | ||
status=0 | ||
aws lambda publish-layer-version \ | ||
--layer-name $LAYER_NAME \ | ||
--compatible-runtimes "java21" "java17" "java11" "java8.al2" \ | ||
--compatible-architectures "x86_64" "arm64" \ | ||
--description "Solarwinds' apm java lambda instrumentation layer, version: $AGENT_VERSION" \ | ||
--region "$region" \ | ||
--zip-file fileb://agent-lambda/build/lambda-layer/layer.zip \ | ||
--output json > output.json | ||
status=$? | ||
if [ "$status" != 0 ]; then | ||
echo "FAILED: publish $region" | ||
continue | ||
fi | ||
pub_versionarn=$(jq -r '.LayerVersionArn' output.json) | ||
pub_arn=$(jq -r '.LayerArn' output.json) | ||
pub_version=$(jq -r '.Version' output.json) | ||
pub_size=$(jq -r '.Content.CodeSize' output.json) | ||
echo '-- verifying published layer --' | ||
if [ "$pub_size" != "$layer_size" ]; then | ||
echo "FAILED: Region = $region, versonArn = $pub_versionarn published size = $pub_size, expected size = $layer_size" | ||
continue | ||
fi | ||
aws lambda add-layer-version-permission \ | ||
--region "$region" \ | ||
--layer-name "$pub_arn" \ | ||
--version-number "$pub_version" \ | ||
--principal '*' \ | ||
--action lambda:GetLayerVersion \ | ||
--statement-id global-GetLayerVersion | ||
status=$? | ||
if [ "$status" != 0 ]; then | ||
echo "FAILED: add permission region = $region, versionArn = $pub_versionarn" | ||
continue | ||
fi | ||
echo "$pub_versionarn" >> arns.txt | ||
done | ||
- uses: actions/upload-artifact@v4 | ||
with: | ||
path: arns.txt | ||
name: arns | ||
|
||
smoke-test-linux: | ||
runs-on: ubuntu-latest | ||
needs: | ||
- s3-stage-upload | ||
steps: | ||
- uses: actions/checkout@v4 | ||
|
||
- name: Set up JDK 17 | ||
uses: actions/setup-java@v4 | ||
with: | ||
java-version: '17' | ||
distribution: 'temurin' | ||
- name: Build with Gradle and Test | ||
uses: gradle/gradle-build-action@v2.9.0 | ||
|
||
- name: Run application | ||
working-directory: smoke-tests | ||
run: | | ||
./gradlew :netty-test:run | ||
env: | ||
SW_APM_SERVICE_KEY: ${{ secrets.SW_APM_SERVICE_KEY }}:smoke-test-linux | ||
|
||
smoke-test-windows: | ||
runs-on: windows-latest | ||
needs: | ||
- s3-stage-upload | ||
steps: | ||
- uses: actions/checkout@v4 | ||
|
||
- name: Set up JDK 17 | ||
uses: actions/setup-java@v4 | ||
with: | ||
arguments: test | ||
java-version: '17' | ||
distribution: 'temurin' | ||
|
||
- name: Run application | ||
working-directory: smoke-tests | ||
run: | | ||
.\gradlew.bat :netty-test:run | ||
env: | ||
GITHUB_USERNAME: ${{ secrets.GP_USERNAME }} | ||
GITHUB_TOKEN: ${{ secrets.GP_TOKEN }} | ||
SW_APM_SERVICE_KEY: ${{ secrets.SW_APM_SERVICE_KEY }}:smoke-test-windows | ||
|
||
release-test: | ||
runs-on: ubuntu-latest | ||
env: | ||
LAMBDA: "false" | ||
needs: | ||
- s3-stage-upload | ||
steps: | ||
- uses: actions/checkout@v4 | ||
|
||
- name: Set up JDK 17 | ||
uses: actions/setup-java@v4 | ||
with: | ||
java-version: '17' | ||
distribution: 'temurin' | ||
|
||
- name: Docker login | ||
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u $GITHUB_USERNAME --password-stdin | ||
|
||
- name: Build smoke-test | ||
run: | | ||
cd smoke-tests | ||
./gradlew build -x test | ||
- name: Build webmvc jar | ||
run: | | ||
cd smoke-tests | ||
./gradlew :spring-boot-webmvc:build | ||
- name: Build webmvc image | ||
run: | | ||
cd smoke-tests/spring-boot-webmvc | ||
docker image build --tag smt:webmvc . | ||
- name: Execute smoke tests | ||
run: | | ||
cd smoke-tests | ||
./gradlew test | ||
- uses: actions/upload-artifact@v4 | ||
if: always() | ||
with: | ||
path: smoke-tests/build/reports/tests/test | ||
name: release-test | ||
|
||
- name: Docker logout | ||
run: docker logout |
Oops, something went wrong.