Skip to content

chore(ci): build fips binary w/glibc 2.26 #4013

chore(ci): build fips binary w/glibc 2.26

chore(ci): build fips binary w/glibc 2.26 #4013

Workflow file for this run

name: PRs checks
on:
pull_request:
branches:
- '**'
defaults:
run:
shell: bash
env:
GO_VERSION: "1.20.5"
jobs:
markdownlint:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v4
- name: Check if related files changed
id: changed-files
uses: tj-actions/changed-files@v35
with:
files: |
**/*.md
- uses: actions/setup-node@v3
if: steps.changed-files.outputs.any_changed == 'true'
- name: Install markdownlint
if: steps.changed-files.outputs.any_changed == 'true'
run: make install-markdownlint
- name: Markdownlint check
if: steps.changed-files.outputs.any_changed == 'true'
run: make markdownlint
yamllint:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v4
- name: Install yamllint
run: pip install yamllint
- name: yamllint
run: make yamllint
markdown-link-check:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v4
- name: Check if related files changed
id: changed-files
uses: tj-actions/changed-files@v35
with:
files: |
**/*.md
- uses: gaurav-nelson/github-action-markdown-link-check@v1
if: steps.changed-files.outputs.any_changed == 'true'
with:
config-file: '.markdown_link_check.json'
use-quiet-mode: yes
check-modified-files-only: yes
base-branch: ${{ github.base_ref }}
md-links-lint:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v4
- name: Check if related files changed
id: changed-files
uses: tj-actions/changed-files@v35
with:
files: |
**/*.md
- name: Lint markdown links
if: steps.changed-files.outputs.any_changed == 'true'
run: |
make markdown-links-lint
plugins-check:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v4
- name: Install yq
run: |
sudo wget https://github.com/mikefarah/yq/releases/download/v4.12.1/yq_linux_amd64 -O /usr/bin/yq && sudo chmod +x /usr/bin/yq
- name: Check plugins in README and builder config
run: ./ci/plugins_check.sh
pre-commit-check:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4
- uses: pre-commit/[email protected]
check-uniform-dependencies:
name: Check uniform dependencies
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v4
- name: Check uniform dependencies
run: make check-uniform-dependencies
shellcheck:
runs-on: ubuntu-20.04
env:
SHELLCHECK_VERSION: 0.8.0
steps:
- uses: actions/checkout@v4
- name: install shellcheck
run: |
curl --retry 10 --retry-max-time 120 --retry-delay 5 -Lo- https://github.com/koalaman/shellcheck/releases/download/v${{ env.SHELLCHECK_VERSION }}/shellcheck-v${{ env.SHELLCHECK_VERSION }}.linux.x86_64.tar.xz | tar -xJf -
sudo cp shellcheck-v${{ env.SHELLCHECK_VERSION }}/shellcheck /usr/local/bin && rm -rf shellcheck-v${{ env.SHELLCHECK_VERSION }}
- name: shellcheck
run: make shellcheck
test:
name: Test
uses: ./.github/workflows/workflow-test.yml
strategy:
matrix:
include:
- arch_os: linux_amd64
runs-on: ubuntu-20.04
- arch_os: linux_amd64
runs-on: ubuntu-20.04
boringcrypto: true
- arch_os: darwin_amd64
runs-on: macos-latest
- arch_os: windows_amd64
runs-on: windows-2022
with:
arch_os: ${{ matrix.arch_os }}
runs-on: ${{ matrix.runs-on }}
only-if-changed: true
boringcrypto: ${{ matrix.boringcrypto == true }}
test-install-script:
name: Test Install Script
runs-on: ${{ matrix.runs_on }}
strategy:
matrix:
include:
- arch_os: linux_amd64
runs_on: ubuntu-20.04
- arch_os: darwin_amd64
runs_on: macos-latest
- arch_os: windows_amd64
runs_on: windows-2022
steps:
- uses: actions/checkout@v4
- name: Check if test related files changed
id: changed-files
uses: tj-actions/changed-files@v35
with:
files: |
pkg/scripts_test/*
scripts/install.sh
- name: Setup go
if: steps.changed-files.outputs.any_changed == 'true'
uses: actions/setup-go@v4
with:
go-version: ${{ env.GO_VERSION }}
cache-dependency-path: 'pkg/scripts_test/go.sum'
- name: Run install script tests
if: steps.changed-files.outputs.any_changed == 'true'
run: make test-install-script
test-wixext:
name: Test (SumoLogic.wixext)
runs-on: windows-2019
steps:
- uses: actions/checkout@v4
- name: Fetch current branch
run: ./ci/fetch_current_branch.sh
- name: Add msbuild to PATH
uses: microsoft/[email protected]
- name: Restore NuGet packages
working-directory: ./packaging/msi/SumoLogic.wixext/SumoLogicTests
run: nuget.exe restore -PackagesDirectory ../packages
- name: Build unit tests
working-directory: ./packaging/msi/SumoLogic.wixext/SumoLogicTests
run: msbuild.exe -p:Configuration=Release -p:Platform=AnyCPU -Restore
- name: Run unit tests
working-directory: ./packaging/msi/SumoLogic.wixext/SumoLogicTests/bin/Release
run: dotnet test -v:n ./SumoLogicTests.dll
lint:
name: Lint (golangci-lint)
runs-on: ubuntu-20.04
strategy:
matrix:
arch_os: [ 'linux_amd64' ]
steps:
- uses: actions/checkout@v4
- name: Check if files changed that need linting
id: changed-files
uses: tj-actions/changed-files@v35
with:
files: |
**/go.mod
**/go.sum
**/*.go
**/*.yaml
**/*.yml
**/Makefile
**/Makefile.common
- name: Setup go
if: steps.changed-files.outputs.any_changed == 'true'
uses: actions/setup-go@v4
with:
go-version: ${{ env.GO_VERSION }}
cache: false
- name: Get GOCACHE and GOMODCACHE
if: steps.changed-files.outputs.any_changed == 'true'
run: |
echo "GOMODCACHE=$(go env GOMODCACHE)" >> "$GITHUB_ENV"
echo "GOCACHE=$(go env GOCACHE)" >> "$GITHUB_ENV"
- uses: actions/cache/restore@v3
if: steps.changed-files.outputs.any_changed == 'true'
with:
path: |
${{ env.GOMODCACHE }}/cache
${{ env.GOCACHE }}
key: go-test-${{ env.GO_VERSION }}-${{matrix.arch_os}}-${{ hashFiles('pkg/**/go.sum', 'otelcolbuilder/.otelcol-builder.yaml') }}
restore-keys: |
go-test-${{ env.GO_VERSION }}-${{matrix.arch_os}}-
- uses: actions/cache/restore@v3
with:
path: |
/home/runner/.cache/golangci-lint
key: golangci-lint-${{ env.GO_VERSION }}-${{matrix.arch_os}}-${{ hashFiles('pkg/**/go.sum', 'otelcolbuilder/.otelcol-builder.yaml') }}
restore-keys: |
golangci-lint-${{ env.GO_VERSION }}-${{matrix.arch_os}}-
- name: Install golangci-lint
if: steps.changed-files.outputs.any_changed == 'true'
run: make install-golangci-lint
- name: Add opentelemetry-collector-builder installation dir to PATH
if: steps.changed-files.outputs.any_changed == 'true'
run: echo "$HOME/bin" >> $GITHUB_PATH
- name: Run golangci-lint
if: steps.changed-files.outputs.any_changed == 'true'
run: make golint
build:
name: Build
uses: ./.github/workflows/workflow-build.yml
strategy:
matrix:
include:
- arch_os: linux_amd64
runs-on: ubuntu-20.04
- arch_os: linux_amd64
runs-on: ubuntu-20.04
fips: true
- arch_os: linux_arm64
runs-on: ubuntu-20.04
- arch_os: darwin_amd64
runs-on: macos-latest
- arch_os: darwin_arm64
runs-on: macos-latest
- arch_os: windows_amd64
runs-on: windows-2022
with:
arch_os: ${{ matrix.arch_os }}
runs-on: ${{ matrix.runs-on }}
fips: ${{ matrix.fips == true }}
only-if-changed: true
build-and-test-container-images:
name: Build container
runs-on: ubuntu-20.04
needs:
- build
strategy:
matrix:
arch_os: [ 'linux_amd64', 'linux_arm64']
steps:
- uses: actions/checkout@v4
- name: Check if build related files changed
id: changed-files
uses: tj-actions/changed-files@v35
with:
files: |
**/go.mod
**/go.sum
**/*.go
**/*.yaml
**/*.yml
**/Makefile
**/Makefile.common
**/Dockerfile*
- name: Set up QEMU
if: steps.changed-files.outputs.any_changed == 'true'
uses: docker/[email protected]
- name: Set up Buildx
if: steps.changed-files.outputs.any_changed == 'true'
id: buildx
uses: docker/[email protected]
- name: Show Buildx platforms
if: steps.changed-files.outputs.any_changed == 'true'
run: echo ${{ steps.buildx.outputs.platforms }}
- name: Download binary action artifact from build phase
if: steps.changed-files.outputs.any_changed == 'true'
uses: actions/download-artifact@v3
with:
name: otelcol-sumo-${{matrix.arch_os}}
path: artifacts/
- name: Build the container image
if: steps.changed-files.outputs.any_changed == 'true'
run: |
cp artifacts/otelcol-sumo-${{matrix.arch_os}} otelcol-sumo
make build-container-multiplatform \
PLATFORM=${{ matrix.arch_os }}
- name: Test built image
if: steps.changed-files.outputs.any_changed == 'true'
run: make test-built-image
- name: Download FIPS binary action artifact from build phase
if: steps.changed-files.outputs.any_changed == 'true' && matrix.arch_os == 'linux_amd64'
uses: actions/download-artifact@v3
with:
name: otelcol-sumo-fips-${{matrix.arch_os}}
path: artifacts/
- name: Build the FIPS container image
if: steps.changed-files.outputs.any_changed == 'true' && matrix.arch_os == 'linux_amd64'
run: |
cp artifacts/otelcol-sumo-fips-${{matrix.arch_os}} otelcol-sumo
make build-container-multiplatform \
PLATFORM=${{ matrix.arch_os }} LATEST_TAG_FIPS_SUFFIX="-fips"
- name: Test built FIPS image
if: steps.changed-files.outputs.any_changed == 'true' && matrix.arch_os == 'linux_amd64'
run: make test-built-image BUILD_TAG="latest-fips"