-
Notifications
You must be signed in to change notification settings - Fork 1.6k
179 lines (163 loc) · 6.16 KB
/
staging-build.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
---
name: Deploy to staging
on:
push:
tags:
- '*'
workflow_dispatch:
inputs:
version:
description: Version of Fluent Bit to build
required: true
default: master
target:
description: Only build a specific Linux target, intended for debug/test/quick builds only.
required: false
default: ""
ignore_failing_targets:
description: Optionally ignore any failing builds in the matrix and continue.
type: boolean
required: false
default: false
# We do not want a new staging build to run whilst we are releasing the current staging build.
# We also do not want multiples to run for the same version.
concurrency: staging-build-release
jobs:
# This job strips off the `v` at the start of any tag provided.
# It then provides this metadata for the other jobs to use.
staging-build-get-meta:
name: Get metadata to build
runs-on: ubuntu-latest
outputs:
version: ${{ steps.formatted_version.outputs.replaced }}
steps:
- run: |
echo "Version: ${{ inputs.version || github.ref_name }}"
shell: bash
# This step is to consolidate the three different triggers into a single "version"
# 1. If manual dispatch - use the version provided.
# 2. If cron/regular build - use master.
# 3. If tag trigger, use that tag.
- name: Get the version
id: get_version
run: |
VERSION="${INPUT_VERSION}"
if [ -z "${VERSION}" ]; then
echo "Defaulting to master"
VERSION=master
fi
echo "VERSION=$VERSION" >> $GITHUB_OUTPUT
shell: bash
env:
# Use the dispatch variable in preference, if empty use the context ref_name which should
# only ever be a tag or the master branch for cron builds.
INPUT_VERSION: ${{ inputs.version || github.ref_name }}
# String the 'v' prefix for tags.
- uses: frabert/[email protected]
id: formatted_version
with:
pattern: '[v]*(.*)$'
string: "${{ steps.get_version.outputs.VERSION }}"
replace-with: '$1'
flags: 'g'
staging-build-images:
needs: staging-build-get-meta
uses: ./.github/workflows/call-build-images.yaml
with:
version: ${{ needs.staging-build-get-meta.outputs.version }}
ref: ${{ inputs.version || github.ref_name }}
registry: ghcr.io
username: ${{ github.actor }}
image: ${{ github.repository }}/staging
environment: staging
secrets:
token: ${{ secrets.GITHUB_TOKEN }}
cosign_private_key: ${{ secrets.COSIGN_PRIVATE_KEY }}
cosign_private_key_password: ${{ secrets.COSIGN_PASSWORD }}
staging-build-upload-schema-s3:
needs:
- staging-build-get-meta
- staging-build-images
runs-on: ubuntu-latest
environment: staging
steps:
- name: Download the schema generated by call-build-images
# We may have no schema so ignore that failure
continue-on-error: true
uses: actions/download-artifact@v4
with:
name: fluent-bit-schema-${{ needs.staging-build-get-meta.outputs.version }}
path: artifacts/
- name: Display structure of downloaded files
run: |
ls -R artifacts/
shell: bash
- name: Push schema to S3 bucket
# We may have no schema so ignore that failure
continue-on-error: true
run: |
aws s3 sync "artifacts/" "s3://${AWS_S3_BUCKET}/${DEST_DIR}" --no-progress
env:
DEST_DIR: "${{ needs.staging-build-get-meta.outputs.version }}/"
AWS_REGION: "us-east-1"
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_S3_BUCKET: ${{ secrets.AWS_S3_BUCKET_STAGING }}
staging-build-generate-matrix:
name: Staging build matrix
runs-on: ubuntu-latest
outputs:
build-matrix: ${{ steps.set-matrix.outputs.build-matrix }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
# Set up the list of target to build so we can pass the JSON to the reusable job
- uses: ./.github/actions/generate-package-build-matrix
id: set-matrix
with:
ref: ${{ inputs.version || github.ref_name }}
target: ${{ inputs.target || '' }}
staging-build-packages:
needs:
- staging-build-get-meta
- staging-build-generate-matrix
uses: ./.github/workflows/call-build-linux-packages.yaml
with:
version: ${{ needs.staging-build-get-meta.outputs.version }}
ref: ${{ inputs.version || github.ref_name }}
build_matrix: ${{ needs.staging-build-generate-matrix.outputs.build-matrix }}
environment: staging
ignore_failing_targets: ${{ inputs.ignore_failing_targets || false }}
secrets:
token: ${{ secrets.GITHUB_TOKEN }}
bucket: ${{ secrets.AWS_S3_BUCKET_STAGING }}
access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
gpg_private_key_passphrase: ${{ secrets.GPG_PRIVATE_KEY_PASSPHRASE }}
staging-build-windows-packages:
needs:
- staging-build-get-meta
uses: ./.github/workflows/call-build-windows.yaml
with:
version: ${{ needs.staging-build-get-meta.outputs.version }}
ref: ${{ inputs.version || github.ref_name }}
environment: staging
secrets:
token: ${{ secrets.GITHUB_TOKEN }}
bucket: ${{ secrets.AWS_S3_BUCKET_STAGING }}
access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
staging-build-macos-packages:
needs:
- staging-build-get-meta
uses: ./.github/workflows/call-build-macos.yaml
with:
version: ${{ needs.staging-build-get-meta.outputs.version }}
ref: ${{ inputs.version || github.ref_name }}
environment: staging
secrets:
token: ${{ secrets.GITHUB_TOKEN }}
bucket: ${{ secrets.AWS_S3_BUCKET_STAGING }}
access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}