-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
7db8f96
commit 9372185
Showing
2 changed files
with
37 additions
and
195 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,210 +1,52 @@ | ||
| # Copyright 2024 New Relic, Inc. | ||
| # | ||
| # Licensed under the Apache License, Version 2.0 (the "License"); | ||
| # you may not use this file except in compliance with the License. | ||
| # You may obtain a copy of the License at | ||
| # | ||
| # http://www.apache.org/licenses/LICENSE-2.0 | ||
| # | ||
| # Unless required by applicable law or agreed to in writing, software | ||
| # distributed under the License is distributed on an "AS IS" BASIS, | ||
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| # See the License for the specific language governing permissions and | ||
| # limitations under the License. | ||
| # Copyright New Relic, Inc. | ||
| # SPDX-License-Identifier: Apache-2.0 | ||
| --- | ||
| name: PHP Agent CI | ||
|
|
||
| name: "PHP Init Container CI" | ||
|
|
||
| concurrency: | ||
| group: ${{ github.ref_name || github.ref || github.run_id }}-${{ github.workflow }} | ||
| cancel-in-progress: true | ||
|
|
||
| on: | ||
| workflow_dispatch: | ||
| inputs: | ||
| libc: | ||
| description: 'C Library' | ||
| required: true | ||
| default: 'all' | ||
| type: choice | ||
| options: | ||
| - gnu | ||
| - musl | ||
| - all | ||
| agent_version: | ||
| description: "PHP Agent Version (empty for latest)" | ||
| required: false | ||
| type: string | ||
| default: '' | ||
| pull_request: | ||
| paths: | ||
| - 'src/php/**' | ||
| - 'tests/php/**' | ||
| - '.github/workflows/php.yml' | ||
| push: | ||
| paths: | ||
| - 'src/php/**' | ||
| - 'tests/php/**' | ||
| - '.github/workflows/php.yml' | ||
| branches: | ||
| - main | ||
| # Do not run when a tag is created. | ||
| tags-ignore: | ||
| - "**" | ||
| release: | ||
| types: | ||
| - published | ||
|
|
||
| concurrency: | ||
| group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | ||
| cancel-in-progress: true | ||
|
|
||
| env: | ||
| K8S_OPERATOR_IMAGE_TAG: edge | ||
| PHP_AGENT_VERSION: ${{ github.event_name == 'workflow_dispatch' && inputs.agent_version || '' }} | ||
|
|
||
| permissions: | ||
| contents: read | ||
|
|
||
| jobs: | ||
| check-modified-files: | ||
| name: Check whether any PHP-related files were modified, skip the test job if not | ||
| uses: ./.github/workflows/check-modified-files.yml | ||
| test: | ||
| if: github.event_name != 'release' || (github.event_name == 'release' && endsWith(github.ref, '_php')) # Skip everything if this isn't PHP | ||
| uses: ./.github/workflows/test.yml | ||
| secrets: inherit | ||
| permissions: | ||
| contents: read | ||
| with: | ||
| agent-language: php | ||
|
|
||
| create-matrix: | ||
| name: Generate testing matrix | ||
| needs: check-modified-files | ||
| if: needs.check-modified-files.outputs.files-changed == 'true' || github.event_name == 'workflow_dispatch' || (github.event == 'release' && endsWith(github.ref_name, '_php')) | ||
| outputs: | ||
| RUN_MATRIX_LIBC=${{ steps.set-matrix.outputs.RUN_MATRIX_LIBC }} | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # 4.1.1 | ||
| - name: Generate run matrix | ||
| id: set-matrix | ||
| run: | | ||
| if [[ 'workflow_dispatch' == '${{ github.event_name }}' && 'all' != '${{ inputs.libc }}']]; then | ||
| run_matrix_libc="['${{ inputs.libc }}']" | ||
| else | ||
| run_matrix_libc="['gnu','musl']" | ||
| fi | ||
| echo "RUN_MATRIX_LIBC=$(echo $run_matrix_libc)" >> $GITHUB_OUTPUT | ||
| test: | ||
| name: Run PHP init container tests | ||
| runs-on: ubuntu-latest | ||
| needs: [check-modified-files, create-matrix] | ||
| if: needs.check-modified-files.outputs.files-changed == 'true' || github.event_name == 'workflow_dispatch' || (github.event == 'release' && endsWith(github.ref_name, '_php')) | ||
| strategy: | ||
| matrix: | ||
| libc: ${{ fromJSON(needs.create-matrix.outputs.RUN_MATRIX_LIBC) }} | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # 4.1.1 | ||
| with: | ||
| persist-credentials: false | ||
| fetch-depth: 0 | ||
|
|
||
| - name: Set up Docker Buildx | ||
| id: buildx | ||
| uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # 3.3.0 | ||
|
|
||
| - name: Start minikube | ||
| uses: medyagh/setup-minikube@317d92317e473a10540357f1f4b2878b80ee7b95 # 0.0.16 | ||
|
|
||
| - name: Deploy cert-manager to minikube | ||
| run: | | ||
| helm repo add jetstack https://charts.jetstack.io --force-update | ||
| helm install cert-manager jetstack/cert-manager \ | ||
| --namespace cert-manager \ | ||
| --create-namespace \ | ||
| --version v1.14.5 \ | ||
| --set installCRDs=true | ||
| echo "waiting for cert-manager pods to be ready..." | ||
| sleep 5 | ||
| kubectl wait --for=condition=Ready -n cert-manager --all pods --timeout=60s | ||
| - name: Deploy New Relic k8s-agents-operator to minikube | ||
| run: | | ||
| helm repo add k8s-agents-operator https://newrelic.github.io/k8s-agents-operator | ||
| helm upgrade --install k8s-agents-operator k8s-agents-operator/k8s-agents-operator \ | ||
| --namespace=default \ | ||
| --set=licenseKey=${{ secrets.NEW_RELIC_LICENSE_KEY }} \ | ||
| --set=controllerManager.manager.image.tag=${{ env.K8S_OPERATOR_IMAGE_TAG }} \ | ||
| sleep 5 | ||
| kubectl wait --for=condition=Ready -n default --all pods --timeout=60s | ||
| - name: Build init container for e2e test | ||
| run: | | ||
| minikube image build -t e2e/newrelic-php-init:e2e src/php/ \ | ||
| --build-opt=build-arg=VERSION=${{ env.PHP_AGENT_VERSION }} \ | ||
| --build-opt=build-arg=LIBC=${{ matrix.libc }} | ||
| - name: Build test app container | ||
| run : | | ||
| minikube image build -t e2e/test-app-php:e2e tests/php/ | ||
| - name: Run e2e test | ||
| uses: newrelic/newrelic-integration-e2e-action@a97ced80a4841c8c6261d1f9dca6706b1d89acb1 # 1.11.0 | ||
| with: | ||
| retry_seconds: 60 | ||
| retry_attempts: 5 | ||
| agent_enabled: false | ||
| spec_path: tests/php/test-specs.yml | ||
| account_id: ${{ secrets.NEW_RELIC_ACCOUNT_ID }} | ||
| api_key: ${{ secrets.NEW_RELIC_API_KEY }} | ||
| license_key: ${{ secrets.NEW_RELIC_LICENSE_KEY }} | ||
| INITCONTAINER_LANGUAGE: php | ||
|
|
||
| publish: | ||
| runs-on: ubuntu-latest | ||
| if: github.event_name == 'release' && endsWith(github.ref_name, '_php') | ||
| needs: | ||
| - test | ||
| if: github.event_name == 'release' && endsWith(github.ref, '_php') # Skip everything if this isn't PHP | ||
| needs: test | ||
| uses: ./.github/workflows/publish.yml | ||
| secrets: inherit | ||
| strategy: | ||
| fail-fast: false | ||
| matrix: | ||
| libc: ['gnu', 'musl'] | ||
| steps: | ||
| - name: Harden Runner | ||
| uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 | ||
| with: | ||
| disable-sudo: true | ||
| egress-policy: audit | ||
|
|
||
| - name: Extract Agent Version from relesae tag | ||
| id: version | ||
| run: | | ||
| agent_version=${{ github.ref_name }} | ||
| agent_version=${agent_version##v} | ||
| agent_version=${agent_version%%_php} | ||
| echo "agent_version=$agent_version" | tee -a "$GITHUB_OUTPUT" | ||
| - name: Checkout code | ||
| uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # 4.1.1 | ||
| with: | ||
| persist-credentials: false | ||
| fetch-depth: 0 | ||
|
|
||
| - name: Set up Docker Buildx | ||
| id: buildx | ||
| uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # 3.3.0 | ||
|
|
||
| - name: Generate Docker metadata (tags and labels) | ||
| id: meta | ||
| uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # 5.5.1 | ||
| with: | ||
| images: newrelic/newrelic-php-init | ||
| tags: | | ||
| type=raw,value=${{ steps.version.outputs.agent_version }} | ||
| type=raw,value=latest | ||
| - name: Login to Docker Hub Container Registry | ||
| uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # 3.1.0 | ||
| with: | ||
| username: ${{ secrets.DOCKER_USERNAME }} | ||
| password: ${{ secrets.DOCKER_TOKEN }} | ||
|
|
||
| - name: Build and publish PHP Agent init container images | ||
| uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # 5.3.0 | ||
| with: | ||
| push: true | ||
| context: src/php/ | ||
| platforms: linux/amd64,linux/arm64 | ||
| tags: ${{ steps.meta.outputs.tags }} | ||
| labels: ${{ steps.meta.outputs.labels }} | ||
| build-args: | | ||
| VERSION=${{ steps.version.outputs.agent_version }} | ||
| LIBC=${{ matrix.libc }} | ||
| libc: ["glibc", "musl"] | ||
| with: | ||
| INITCONTAINER_LANGUAGE: php | ||
| DOCKER_IMAGE_TAG_SUFFIX: ${{ matrix.libc }} | ||
| DOCKER_IMAGE_TAG_IS_DEFAULT_SUFFIX: ${{ matrix.libc == 'glibc' }} | ||
| BUILD_ARGS: LIBC=${{ matrix.libc }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters