From 5cece3993bbca8c4162601af97337564f3f78001 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miko=C5=82aj=20=C5=9Awi=C4=85tek?= Date: Wed, 3 Apr 2024 15:25:34 +0200 Subject: [PATCH 1/2] feat(msi): add fips support --- .../SumoLogicTests/TestData/with-extensions-block.yaml | 10 +++++----- .../TestData/without-extensions-block.yaml | 10 +++++----- msi/wix/assets/common.yaml | 3 +++ msi/wix/otelcol-sumo.wixproj | 10 +++++++++- 4 files changed, 22 insertions(+), 11 deletions(-) create mode 100644 msi/wix/assets/common.yaml diff --git a/msi/SumoLogic.wixext/SumoLogicTests/TestData/with-extensions-block.yaml b/msi/SumoLogic.wixext/SumoLogicTests/TestData/with-extensions-block.yaml index b991a645..51af6f1d 100644 --- a/msi/SumoLogic.wixext/SumoLogicTests/TestData/with-extensions-block.yaml +++ b/msi/SumoLogic.wixext/SumoLogicTests/TestData/with-extensions-block.yaml @@ -67,8 +67,8 @@ processors: ## Configuration for Sumo Logic Schema Processor ## The Sumo Logic Schema processor modifies the metadata on logs, metrics and traces sent to Sumo Logic ## so that the Sumo Logic apps can make full use of the ingested data. - ## ref: https://github.com/SumoLogic/sumologic-otel-collector/tree/main/pkg/processor/sumologicschemaprocessor - sumologic_schema: + ## ref: https://github.com/open-telemetry/opentelemetry-collector-contrib/tree/main/processor/sumologicprocessor + sumologic: service: extensions: @@ -82,7 +82,7 @@ service: processors: - memory_limiter - batch - - sumologic_schema + - sumologic exporters: - sumologic logs/default: @@ -91,7 +91,7 @@ service: processors: - memory_limiter - batch - - sumologic_schema + - sumologic exporters: - sumologic traces/default: @@ -100,6 +100,6 @@ service: processors: - memory_limiter - batch - - sumologic_schema + - sumologic exporters: - sumologic diff --git a/msi/SumoLogic.wixext/SumoLogicTests/TestData/without-extensions-block.yaml b/msi/SumoLogic.wixext/SumoLogicTests/TestData/without-extensions-block.yaml index 0c47e09a..991fbbf5 100644 --- a/msi/SumoLogic.wixext/SumoLogicTests/TestData/without-extensions-block.yaml +++ b/msi/SumoLogic.wixext/SumoLogicTests/TestData/without-extensions-block.yaml @@ -48,8 +48,8 @@ processors: ## Configuration for Sumo Logic Schema Processor ## The Sumo Logic Schema processor modifies the metadata on logs, metrics and traces sent to Sumo Logic ## so that the Sumo Logic apps can make full use of the ingested data. - ## ref: https://github.com/SumoLogic/sumologic-otel-collector/tree/main/pkg/processor/sumologicschemaprocessor - sumologic_schema: + ## ref: https://github.com/open-telemetry/opentelemetry-collector-contrib/tree/main/processor/sumologicprocessor + sumologic: service: extensions: @@ -63,7 +63,7 @@ service: processors: - memory_limiter - batch - - sumologic_schema + - sumologic exporters: - sumologic logs/default: @@ -72,7 +72,7 @@ service: processors: - memory_limiter - batch - - sumologic_schema + - sumologic exporters: - sumologic traces/default: @@ -81,6 +81,6 @@ service: processors: - memory_limiter - batch - - sumologic_schema + - sumologic exporters: - sumologic diff --git a/msi/wix/assets/common.yaml b/msi/wix/assets/common.yaml new file mode 100644 index 00000000..3e7d24c6 --- /dev/null +++ b/msi/wix/assets/common.yaml @@ -0,0 +1,3 @@ +extensions: + sumologic: + installation_token: diff --git a/msi/wix/otelcol-sumo.wixproj b/msi/wix/otelcol-sumo.wixproj index cd51f157..803aa2f9 100644 --- a/msi/wix/otelcol-sumo.wixproj +++ b/msi/wix/otelcol-sumo.wixproj @@ -7,6 +7,7 @@ en-US none $([System.IO.Path]::GetFullPath('..\..')) + false @@ -14,11 +15,18 @@ - otelcol-sumo_$(ProductVersion)_en-US.$(Platform) bin\$(Platform)\ obj\$(Platform)\ + + otelcol-sumo_$(ProductVersion)_en-US.$(Platform) + + + + otelcol-sumo_$(ProductVersion)_en-US.$(Platform)-fips + + $(DefineConstants);ProductVersion=$(ProductVersion) $(DefineConstants);UpgradeCode=$(UpgradeCode) From 1509402404bd5dc6c260679ca3d79d9398780de6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miko=C5=82aj=20=C5=9Awi=C4=85tek?= Date: Wed, 3 Apr 2024 15:16:00 +0200 Subject: [PATCH 2/2] ci: build fips msi package --- .github/workflows/_reusable_build_package.yml | 35 +++++++++++++------ .github/workflows/build_packages.yml | 7 ++++ 2 files changed, 32 insertions(+), 10 deletions(-) diff --git a/.github/workflows/_reusable_build_package.yml b/.github/workflows/_reusable_build_package.yml index 5baad731..10abf543 100644 --- a/.github/workflows/_reusable_build_package.yml +++ b/.github/workflows/_reusable_build_package.yml @@ -30,6 +30,10 @@ on: build_tool: required: true type: string + fips: + required: false + type: boolean + default: false secrets: gh_artifacts_token: required: true @@ -191,7 +195,7 @@ jobs: build_wix_package: runs-on: ${{ inputs.runs_on }} - name: Build (WiX) + name: Build (WiX) ${{ inputs.fips && 'FIPS' || '' }} if: inputs.build_tool == 'wix' outputs: package_path: ${{ steps.package.outputs.path }} @@ -217,6 +221,12 @@ jobs: if: inputs.workflow_id != '' run: echo "OTC_ARTIFACTS_SOURCE=github-artifacts" >> $GITHUB_ENV + - name: Determine artifact names + run: | + echo "OTC_WORKFLOW_ARTIFACT_NAME=otelcol-sumo-${{ inputs.fips && 'fips-' || '' }}windows_${{ inputs.goarch }}.exe" >> $GITHUB_ENV + echo "OTC_RELEASE_ARTIFACT_NAME=otelcol-sumo-${{ inputs.otc_version }}-sumo-${{inputs.otc_sumo_version }}-${{ inputs.fips && 'fips-' || '' }}windows_${{ inputs.goarch }}.exe" >> $GITHUB_ENV + echo "OTC_BUILD_INPUT_NAME=otelcol-sumo-windows_${{ inputs.goarch }}.exe" >> $GITHUB_ENV + # Download the artifacts required to build the package target. If # inputs.workflow_id is empty then this will be skipped and an attempt # will be made to fetch the artifacts from a GitHub Release matching @@ -230,7 +240,7 @@ jobs: run_id: ${{ inputs.workflow_id }} workflow: dev_builds.yml workflow_conclusion: success - name: otelcol-sumo-windows_${{ inputs.goarch }}.exe + name: ${{ env.OTC_ARTIFACT_NAME }} path: ./build/artifacts if_no_artifact_found: fail @@ -242,19 +252,23 @@ jobs: with: repository: SumoLogic/sumologic-otel-collector tag: v${{ inputs.otc_version }}-sumo-${{ inputs.otc_sumo_version }} - fileName: >- - otelcol-sumo-${{ inputs.otc_version }}-sumo-${{ - inputs.otc_sumo_version }}-windows_${{ inputs.goarch }}.exe + fileName: ${{ env.OTC_RELEASE_ARTIFACT_NAME }} out-file-path: build/artifacts - name: Rename GitHub Release artifact if: inputs.workflow_id == '' working-directory: ./build/artifacts env: - MV_FROM: >- - otelcol-sumo-${{ inputs.otc_version }}-sumo-${{ - inputs.otc_sumo_version }}-windows_${{ inputs.goarch }}.exe - MV_TO: otelcol-sumo-windows_${{ inputs.goarch }}.exe + MV_FROM: ${{ env.OTC_RELEASE_ARTIFACT_NAME }} + MV_TO: ${{ env.OTC_BUILD_INPUT_NAME }} + run: mv "$MV_FROM" "$MV_TO" + + - name: Rename GitHub Workflow artifact + if: inputs.workflow_id != '' + working-directory: ./build/artifacts + env: + MV_FROM: ${{ env.OTC_WORKFLOW_ARTIFACT_NAME }} + MV_TO: ${{ env.OTC_BUILD_INPUT_NAME }} run: mv "$MV_FROM" "$MV_TO" - name: Build MSI @@ -267,12 +281,13 @@ jobs: msbuild.exe -p:Configuration=Release -p:Platform=$PLATFORM -p:ProductVersion=$PRODUCT_VERSION + -p:FIPSEnabled=${{ inputs.fips }} -Restore - name: Store MSI as action artifact uses: actions/upload-artifact@v4 with: - name: windows_${{ inputs.goarch }}_msi + name: windows_${{ inputs.fips && 'fips_' || '' }}${{ inputs.goarch }}_msi path: ./msi/wix/bin/${{ inputs.package_arch }}/en-US/*.msi if-no-files-found: error diff --git a/.github/workflows/build_packages.yml b/.github/workflows/build_packages.yml index 26f4b750..229b7a15 100644 --- a/.github/workflows/build_packages.yml +++ b/.github/workflows/build_packages.yml @@ -133,6 +133,7 @@ jobs: goarch: ${{ matrix.goarch }} package_arch: ${{ matrix.package_arch }} build_tool: ${{ matrix.build_tool }} + fips: ${{ matrix.fips || false }} secrets: apple_developer_certificate_p12_base64: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_P12_BASE64 }} apple_developer_certificate_password: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_PASSWORD }} @@ -164,6 +165,12 @@ jobs: goarch: amd64 package_arch: x64 build_tool: wix + - target: otc_fips_windows_amd64_wix + runs_on: windows-2019 + goarch: amd64 + package_arch: x64 + build_tool: wix + fips: true install-script: name: Store install script