Build And Upload #109
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. | |
| # SPDX-License-Identifier: MIT | |
| name: Build And Upload | |
| env: | |
| CWA_GITHUB_TEST_REPO_NAME: "aws/amazon-cloudwatch-agent-test" | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| BucketKey: | |
| # e.g. s3://<bucket>/integration-test/binary/<SHA>" | |
| # e.g. s3://<bucket>/nonprod | |
| # e.g. s3://<bucket>/release | |
| description: "S3 URI to upload artifacts into." | |
| required: true | |
| type: string | |
| PackageBucketKey: | |
| description: "Integration tests put the MSI and PKG in a different bucket path than the binaries." | |
| required: true | |
| type: string | |
| Region: | |
| description: "Region to upload binaries" | |
| required: false | |
| type: string | |
| default: "us-west-2" | |
| TerraformAWSAssumeRole: | |
| description: "Role to assume to upload artifacts" | |
| required: true | |
| type: string | |
| Bucket: | |
| description: "Bucket to upload the artifacts to" | |
| required: true | |
| type: string | |
| workflow_call: | |
| inputs: | |
| BucketKey: | |
| # e.g. s3://<bucket>/integration-test/binary/<SHA>" | |
| # e.g. s3://<bucket>/nonprod | |
| # e.g. s3://<bucket>/release | |
| description: "S3 URI to upload artifacts into." | |
| required: true | |
| type: string | |
| PackageBucketKey: | |
| description: "Integration tests put the MSI and PKG in a different bucket path than the binaries." | |
| required: true | |
| type: string | |
| Region: | |
| description: "Region to upload binaries" | |
| required: false | |
| type: string | |
| default: "us-west-2" | |
| TerraformAWSAssumeRole: | |
| description: "Role to assume to upload artifacts" | |
| required: true | |
| type: string | |
| Bucket: | |
| description: "Bucket to upload the artifacts to" | |
| required: true | |
| type: string | |
| jobs: | |
| MakeBinary: | |
| name: 'MakeBinary' | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| # Set up building environment, patch the dev repo code on dispatch events. | |
| - name: Set up Go 1.x | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version: ~1.22.2 | |
| cache: false | |
| - name: Install rpm | |
| run: sudo apt install rpm | |
| # - name: Configure AWS Credentials | |
| # uses: aws-actions/configure-aws-credentials@v2 | |
| # with: | |
| # role-to-assume: ${{ inputs.TerraformAWSAssumeRole }} | |
| # aws-region: ${{ inputs.Region }} | |
| # - name: Cache binaries | |
| # id: cached_binaries | |
| # uses: actions/cache@v3 | |
| # with: | |
| # key: "cached_binaries_${{ github.sha }}_${{ inputs.PackageBucketKey }}_${{ inputs.Bucket }}_${{ inputs.BucketKey }}" | |
| # path: go.mod | |
| # | |
| # - name: Cache go | |
| # # Only skip for integration builds not release builds. | |
| # if: contains(inputs.BucketKey, 'test') == false || steps.cached_binaries.outputs.cache-hit == false | |
| # uses: actions/cache@v3 | |
| # with: | |
| # path: | | |
| # ~/go/pkg/mod | |
| # ~/.cache/go-build | |
| # key: v1-go-pkg-mod-${{ runner.os }}-${{ hashFiles('**/go.sum') }} | |
| - name: Import GPG Key | |
| # if: contains(inputs.BucketKey, 'test') == false || steps.cached_binaries.outputs.cache-hit == false | |
| uses: crazy-max/ghaction-import-gpg@v5 | |
| with: | |
| gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} | |
| passphrase: ${{ secrets.PASSPHRASE }} | |
| - name: Show GPG Keys | |
| run: gpg -K | |
| - name: List GPG Info | |
| run: gpg --list-packets | |
| # - name: Build Binaries | |
| # if: contains(inputs.BucketKey, 'test') == false || steps.cached_binaries.outputs.cache-hit == false | |
| # run: make amazon-cloudwatch-agent-linux amazon-cloudwatch-agent-windows package-rpm package-deb package-win | |
| # | |
| # - name: Sign Build Files | |
| # if: contains(inputs.BucketKey, 'test') == false || steps.cached_binaries.outputs.cache-hit == false | |
| # run: for f in $(find build/bin/); do if [ ! -d $f ]; then echo "Signing file $f" && gpg --detach-sign $f ; fi ; done | |
| # | |
| # | |
| # - name: Upload to s3 | |
| # if: contains(inputs.BucketKey, 'test') == false || steps.cached_binaries.outputs.cache-hit == false | |
| # # Copy the RPM to .../amazon_linux/... because BETA customers expect it there. | |
| # run: | | |
| # echo "BucketKey: ${{ inputs.Bucket }} ${{ inputs.BucketKey }}" | |
| # aws s3 cp build/bin s3://${{ inputs.Bucket }}/${{ inputs.BucketKey }} --recursive | |
| # aws s3 cp build/bin/linux/amd64/amazon-cloudwatch-agent.rpm s3://${{ inputs.Bucket }}/${{ inputs.BucketKey }}/amazon_linux/amd64/latest/amazon-cloudwatch-agent.rpm | |
| # aws s3 cp build/bin/linux/arm64/amazon-cloudwatch-agent.rpm s3://${{ inputs.Bucket }}/${{ inputs.BucketKey }}/amazon_linux/arm64/latest/amazon-cloudwatch-agent.rpm |