Release v0.29.0 #46
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Merge Main branch and Generate Release | |
on: | |
workflow_dispatch: | |
inputs: | |
pktvisor_tag: | |
description: 'pktvisor agent docker tag to package' | |
required: true | |
pull_request: | |
branches: [ main ] | |
push: | |
branches: [ main ] | |
jobs: | |
prebuild: | |
runs-on: ubuntu-latest | |
outputs: | |
agent: ${{ steps.filter.outputs.agent }} | |
orb: ${{ steps.filter.outputs.orb }} | |
ui: ${{ steps.filter.outputs.ui }} | |
VERSION: ${{ env.VERSION }} | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: dorny/paths-filter@v2 | |
id: filter | |
with: | |
filters: | | |
agent: | |
- 'agent/**' | |
- 'cmd/agent/**' | |
orb: | |
- 'fleet/**' | |
- 'cmd/fleet/**' | |
- 'policies/**' | |
- 'cmd/policies/**' | |
- 'sinks/**' | |
- 'cmd/sinks/**' | |
- 'sinker/**' | |
- 'cmd/sinker/**' | |
ui: | |
- 'ui/**' | |
- name: Set branch name | |
shell: bash | |
run: | | |
echo "BRANCH_NAME=main" >> $GITHUB_ENV | |
- name: Generate ref tag (main) | |
run: | | |
echo "REF_TAG=latest" >> $GITHUB_ENV | |
- name: Set VERSION | |
run: | | |
echo "VERSION=`cat ${{github.workspace}}/VERSION`" >> $GITHUB_ENV | |
- name: Debug VERSION | |
run: echo ${{ env.VERSION }} | |
- name: Get short commit hash to a variable | |
id: commit_hash | |
run: | | |
echo "::set-output name=sha_short::$(git rev-parse --short HEAD)" | |
test-agent: | |
runs-on: ubuntu-latest | |
needs: prebuild | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: 1.21.x | |
- name: Go unit tests | |
run: SERVICE=agent make test_service | |
test-fleet: | |
runs-on: ubuntu-latest | |
needs: prebuild | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: 1.21.x | |
- name: Go unit tests | |
if: ${{ needs.prebuild.outputs.orb == 'true' }} | |
run: SERVICE=fleet make test_service | |
test-policies: | |
runs-on: ubuntu-latest | |
needs: prebuild | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: 1.21.x | |
- name: Go unit tests | |
if: ${{ needs.prebuild.outputs.orb == 'true' }} | |
run: SERVICE=policies make test_service | |
test-sinks: | |
runs-on: ubuntu-latest | |
needs: prebuild | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: 1.21.x | |
- name: Go unit tests | |
if: ${{ needs.prebuild.outputs.orb == 'true' }} | |
run: SERVICE=sinks make test_service | |
test-sinker: | |
runs-on: ubuntu-latest | |
needs: prebuild | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: 1.21.x | |
- name: Go unit tests | |
if: ${{ needs.prebuild.outputs.orb == 'true' }} | |
run: SERVICE=sinker make test_service | |
test-maestro: | |
runs-on: ubuntu-latest | |
needs: prebuild | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: 1.21.x | |
- name: Go unit tests | |
if: ${{ needs.prebuild.outputs.orb == 'true' }} | |
run: | | |
SERVICE=maestro make test_service_cov | |
package-agent: | |
# This is just for debug agent | |
needs: | |
- prebuild | |
- test-agent | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Get short commit hash to a variable | |
id: commit_hash | |
run: | | |
echo "::set-output name=sha_short::$(git rev-parse --short HEAD)" | |
echo ${{ needs.prebuild.outputs.VERSION }} > VERSION | |
- name: Replace crashpad and geo-db params | |
run: | | |
ESCAPED_REPLACE_LINE1_NEW=$(printf '%s\n' "pvOptions = append(pvOptions, \"--cp-token\", \"${{ secrets.CRASHPAD_TOKEN }}\")" | sed -e 's/[\/&]/\\&/g') | |
ESCAPED_REPLACE_LINE2_NEW=$(printf '%s\n' "pvOptions = append(pvOptions, \"--cp-url\", \"${{ secrets.CRASHPAD_URL }}\")" | sed -e 's/[\/&]/\\&/g') | |
ESCAPED_REPLACE_LINE3_NEW=$(printf '%s\n' "pvOptions = append(pvOptions, \"--cp-path\", \"/usr/local/sbin/crashpad_handler\")" | sed -e 's/[\/&]/\\&/g') | |
ESCAPED_REPLACE_LINE4_NEW=$(printf '%s\n' "pvOptions = append(pvOptions, \"--default-geo-city\", \"/geo-db/city.mmdb\")" | sed -e 's/[\/&]/\\&/g') | |
ESCAPED_REPLACE_LINE5_NEW=$(printf '%s\n' "pvOptions = append(pvOptions, \"--default-geo-asn\", \"/geo-db/asn.mmdb\")" | sed -e 's/[\/&]/\\&/g') | |
ESCAPED_REPLACE_LINE6_NEW=$(printf '%s\n' "pvOptions = append(pvOptions, \"--default-service-registry\", \"/iana/custom-iana.csv\")" | sed -e 's/[\/&]/\\&/g') | |
ESCAPED_REPLACE_LINE1_OLD=$(printf '%s\n' "// pvOptions = append(pvOptions, \"--cp-token\", PKTVISOR_CP_TOKEN)" | sed -e 's/[\/&]/\\&/g') | |
ESCAPED_REPLACE_LINE2_OLD=$(printf '%s\n' "// pvOptions = append(pvOptions, \"--cp-url\", PKTVISOR_CP_URL)" | sed -e 's/[\/&]/\\&/g') | |
ESCAPED_REPLACE_LINE3_OLD=$(printf '%s\n' "// pvOptions = append(pvOptions, \"--cp-path\", PKTVISOR_CP_PATH)" | sed -e 's/[\/&]/\\&/g') | |
ESCAPED_REPLACE_LINE4_OLD=$(printf '%s\n' "// pvOptions = append(pvOptions, \"--default-geo-city\", \"/geo-db/city.mmdb\")" | sed -e 's/[\/&]/\\&/g') | |
ESCAPED_REPLACE_LINE5_OLD=$(printf '%s\n' "// pvOptions = append(pvOptions, \"--default-geo-asn\", \"/geo-db/asn.mmdb\")" | sed -e 's/[\/&]/\\&/g') | |
ESCAPED_REPLACE_LINE6_OLD=$(printf '%s\n' "// pvOptions = append(pvOptions, \"--default-service-registry\", \"/iana/custom-iana.csv\")" | sed -e 's/[\/&]/\\&/g') | |
sed -i -e "s/$ESCAPED_REPLACE_LINE1_OLD/$ESCAPED_REPLACE_LINE1_NEW/g" agent/backend/pktvisor/pktvisor.go | |
sed -i -e "s/$ESCAPED_REPLACE_LINE2_OLD/$ESCAPED_REPLACE_LINE2_NEW/g" agent/backend/pktvisor/pktvisor.go | |
sed -i -e "s/$ESCAPED_REPLACE_LINE3_OLD/$ESCAPED_REPLACE_LINE3_NEW/g" agent/backend/pktvisor/pktvisor.go | |
sed -i -e "s/$ESCAPED_REPLACE_LINE4_OLD/$ESCAPED_REPLACE_LINE4_NEW/g" agent/backend/pktvisor/pktvisor.go | |
sed -i -e "s/$ESCAPED_REPLACE_LINE5_OLD/$ESCAPED_REPLACE_LINE5_NEW/g" agent/backend/pktvisor/pktvisor.go | |
sed -i -e "s/$ESCAPED_REPLACE_LINE6_OLD/$ESCAPED_REPLACE_LINE6_NEW/g" agent/backend/pktvisor/pktvisor.go | |
- name: Build orb-agent | |
shell: bash | |
run: | | |
if [ "${{ github.event.inputs.pktvisor_tag }}" == "" ]; then | |
make agent_debug | |
else | |
PKTVISOR_TAG=${{ github.event.inputs.pktvisor_tag }} make agent_debug | |
fi | |
- name: Login to Docker Hub orbcommunity | |
if: github.event_name != 'pull_request' | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.ORB_DOCKERHUB_USERNAME }} | |
password: ${{ secrets.ORB_DOCKERHUB_TOKEN }} | |
- name: Push agent container orbcommunity | |
if: github.event_name != 'pull_request' | |
run: docker push -a orbcommunity/orb-agent | |
package-fleet: | |
needs: | |
- prebuild | |
- test-fleet | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Get short commit hash to a variable | |
id: commit_hash | |
run: | | |
echo "::set-output name=sha_short::$(git rev-parse --short HEAD)" | |
echo ${{ needs.prebuild.outputs.VERSION }} > VERSION | |
- name: Build service containers | |
run: SERVICE=fleet make build_docker | |
- name: Login to Docker Hub orbcommunity | |
uses: docker/login-action@v3 | |
if: github.event_name != 'pull_request' | |
with: | |
username: ${{ secrets.ORB_DOCKERHUB_USERNAME }} | |
password: ${{ secrets.ORB_DOCKERHUB_TOKEN }} | |
- name: Push service containers orbcommunity | |
if: github.event_name != 'pull_request' | |
run: docker push -a orbcommunity/orb-fleet | |
package-policies: | |
needs: | |
- prebuild | |
- test-policies | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Get short commit hash to a variable | |
id: commit_hash | |
run: | | |
echo "::set-output name=sha_short::$(git rev-parse --short HEAD)" | |
echo ${{ needs.prebuild.outputs.VERSION }} > VERSION | |
- name: Build service containers | |
run: SERVICE=policies make build_docker | |
- name: Login to Docker Hub orbcommunity | |
uses: docker/login-action@v3 | |
if: github.event_name != 'pull_request' | |
with: | |
username: ${{ secrets.ORB_DOCKERHUB_USERNAME }} | |
password: ${{ secrets.ORB_DOCKERHUB_TOKEN }} | |
- name: Push service containers orbcommunity | |
if: github.event_name != 'pull_request' | |
run: docker push -a orbcommunity/orb-policies | |
package-sinker: | |
needs: | |
- prebuild | |
- test-sinker | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Get short commit hash to a variable | |
id: commit_hash | |
run: | | |
echo "::set-output name=sha_short::$(git rev-parse --short HEAD)" | |
echo ${{ needs.prebuild.outputs.VERSION }} > VERSION | |
- name: Build service containers | |
run: SERVICE=sinker make build_docker | |
- name: Login to Docker Hub orbcommunity | |
uses: docker/login-action@v3 | |
if: github.event_name != 'pull_request' | |
with: | |
username: ${{ secrets.ORB_DOCKERHUB_USERNAME }} | |
password: ${{ secrets.ORB_DOCKERHUB_TOKEN }} | |
- name: Push service containers orbcommunity | |
if: github.event_name != 'pull_request' | |
run: docker push -a orbcommunity/orb-sinker | |
package-sinks: | |
needs: | |
- prebuild | |
- test-sinks | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Get short commit hash to a variable | |
id: commit_hash | |
run: | | |
echo "::set-output name=sha_short::$(git rev-parse --short HEAD)" | |
echo ${{ needs.prebuild.outputs.VERSION }} > VERSION | |
- name: Build service containers | |
run: SERVICE=sinks make build_docker | |
- name: Login to Docker Hub orbcommunity | |
uses: docker/login-action@v3 | |
if: github.event_name != 'pull_request' | |
with: | |
username: ${{ secrets.ORB_DOCKERHUB_USERNAME }} | |
password: ${{ secrets.ORB_DOCKERHUB_TOKEN }} | |
- name: Push service containers orbcommunity | |
if: github.event_name != 'pull_request' | |
run: docker push -a orbcommunity/orb-sinks | |
package-maestro: | |
needs: | |
- prebuild | |
- test-maestro | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Get short commit hash to a variable | |
id: commit_hash | |
run: | | |
echo "::set-output name=sha_short::$(git rev-parse --short HEAD)" | |
echo ${{ needs.prebuild.outputs.VERSION }} > VERSION | |
- name: Build service containers | |
run: SERVICE=maestro make build_docker | |
- name: Login to Docker Hub orbcommunity | |
uses: docker/login-action@v3 | |
if: github.event_name != 'pull_request' | |
with: | |
username: ${{ secrets.ORB_DOCKERHUB_USERNAME }} | |
password: ${{ secrets.ORB_DOCKERHUB_TOKEN }} | |
- name: Push service containers orbcommunity | |
if: github.event_name != 'pull_request' | |
run: docker push -a orbcommunity/orb-maestro | |
package-ui-dependencies: | |
needs: | |
- prebuild | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: dorny/paths-filter@v2 | |
id: filter | |
with: | |
filters: | | |
yarn: | |
ui/package.json | |
- name: Build orb yarn image | |
if: ${{ steps.filter.outputs.yarn == 'true' }} | |
run: | | |
make ui-modules | |
- name: Login to Docker Hub orbcommunity | |
if: ${{ steps.filter.outputs.yarn == 'true' }} | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.ORB_DOCKERHUB_USERNAME }} | |
password: ${{ secrets.ORB_DOCKERHUB_TOKEN }} | |
- name: Push ui image orbcommunity | |
if: ${{ steps.filter.outputs.yarn == 'true' }} | |
run: | | |
docker push -a orbcommunity/orb-ui-modules | |
package-ui: | |
needs: | |
- prebuild | |
- package-ui-dependencies | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Get short commit hash to a variable | |
id: commit_hash | |
run: | | |
echo "::set-output name=sha_short::$(git rev-parse --short HEAD)" | |
echo ${{ needs.prebuild.outputs.VERSION }} > VERSION | |
- name: Build orb-ui | |
run: make ui | |
- name: Login to Docker Hub orbcommunity | |
uses: docker/login-action@v3 | |
if: github.event_name != 'pull_request' | |
with: | |
username: ${{ secrets.ORB_DOCKERHUB_USERNAME }} | |
password: ${{ secrets.ORB_DOCKERHUB_TOKEN }} | |
- name: Push ui container orbcommunity | |
if: github.event_name != 'pull_request' | |
run: | | |
docker push -a orbcommunity/orb-ui | |
release: | |
needs: | |
- prebuild | |
- package-fleet | |
- package-policies | |
- package-sinker | |
- package-sinks | |
- package-ui | |
runs-on: ubuntu-latest | |
# if this is a push into one of our main branches (rather than just a pull request), we will also package | |
if: github.event_name != 'pull_request' | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Generate release changelog | |
run: | | |
echo "# What's new" > changelog.md | |
git log --pretty=format:"$ad- %s [%an]" --since=30.days >> changelog.md | |
- name: Set variables | |
run: | | |
echo "TAG=v`cat ${{github.workspace}}/VERSION`" >> $GITHUB_ENV | |
echo "VERSION=`cat ${{github.workspace}}/VERSION`" >> $GITHUB_ENV | |
- name: Create release | |
id: create_release | |
uses: actions/create-release@latest | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token | |
with: | |
tag_name: ${{ env.TAG }} | |
release_name: ${{ env.VERSION }} | |
body_path: ./changelog.md | |
draft: false | |
prerelease: false |