Post Deploy for the .NET Agent #31
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Post Deploy for the .NET Agent | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| agent_version: | |
| description: 'Agent Version to validate. Needs to match the version from the Release Workflow (all_solutions.yml). Format: X.X.X' | |
| required: true | |
| type: string | |
| wait_for_apt_and_yum: | |
| type: boolean | |
| default: true | |
| required: true | |
| test_mode: | |
| description: 'Run workflow in test mode. If set to true, the NugetVersionDeprecator will not create a GitHub issue.' | |
| type: boolean | |
| default: false | |
| required: true | |
| workflow_call: | |
| inputs: | |
| agent_version: | |
| description: 'Agent Version to validate. Needs to match the version from the Release Workflow (all_solutions.yml). Format: X.X.X' | |
| required: true | |
| type: string | |
| wait_for_apt_and_yum: | |
| type: boolean | |
| default: true | |
| required: true | |
| test_mode: | |
| description: 'Run workflow in test mode. If set to true, the NugetVersionDeprecator will not create a GitHub issue.' | |
| type: boolean | |
| default: false | |
| required: false | |
| permissions: | |
| contents: read | |
| packages: read | |
| env: | |
| DOTNET_NOLOGO: true | |
| jobs: | |
| validate-apt-repo: | |
| name: Validate APT-based repo | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 | |
| with: | |
| disable-sudo: false | |
| egress-policy: audit | |
| - name: Wait for APT to update | |
| if: ${{ inputs.wait_for_apt_and_yum }} # only wait if requested | |
| run: | | |
| echo "Sleeping 5 minutes to wait for apt to update itself" | |
| sleep 300 | |
| shell: bash | |
| - name: Validate | |
| run: | | |
| echo 'deb https://apt.newrelic.com/debian/ newrelic non-free' | sudo tee /etc/apt/sources.list.d/newrelic.list | |
| wget -O- https://download.newrelic.com/548C16BF.gpg | sudo apt-key add - | |
| sudo apt-get update | |
| sudo apt-get install newrelic-dotnet-agent | |
| installed_version=$(dpkg -s newrelic-dotnet-agent | grep -i version) | |
| if [ "$AGENT_VERSION" = "$installed_version" ]; then | |
| echo "Versions match." | |
| exit 0 | |
| else | |
| echo "ERROR: Version mismatch: Expected $AGENT_VERSION was $installed_version" | |
| exit 1 | |
| fi | |
| shell: bash | |
| env: | |
| AGENT_VERSION: "Version: ${{ inputs.agent_version }}" | |
| validate-yum-repo: | |
| name: Validate YUM-based repo | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 | |
| with: | |
| disable-sudo: true | |
| egress-policy: audit | |
| - name: Checkout | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| fetch-depth: 0 | |
| - name: Wait for YUM to update | |
| if: ${{ inputs.wait_for_apt_and_yum }} # only wait if requested | |
| run: | | |
| echo "Sleeping 5 minutes to wait for yum to update itself" | |
| sleep 300 | |
| shell: bash | |
| - name: Validate | |
| run: | | |
| cd deploy/validation/validate-yum | |
| # This will setup the New Relic yum repo and install the agent. | |
| docker build -t localtesting/validateyum:latest . | |
| docker run --name validateyum localtesting/validateyum:latest | |
| installed_version=$(docker logs --tail 1 validateyum) | |
| if [ "$AGENT_VERSION" = "$installed_version" ]; then | |
| echo "Versions match." | |
| exit 0 | |
| else | |
| echo "ERROR: Version mismatch: Expected $AGENT_VERSION was $installed_version" | |
| exit 1 | |
| fi | |
| shell: bash | |
| env: | |
| AGENT_VERSION: "newrelic-dotnet-agent-${{ inputs.agent_version }}-1.x86_64" | |
| validate-download-site-s3: | |
| name: Validate S3-hosted Download Site | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 | |
| with: | |
| disable-sudo: true | |
| egress-policy: audit | |
| - name: Checkout | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| fetch-depth: 0 | |
| - name: Build and Run S3Validator | |
| run: | | |
| dotnet publish --configuration Release --output "$PUBLISH_PATH" "$BUILD_PATH" | |
| "$PUBLISH_PATH/S3Validator" -v $AGENT_VERSION -c $PUBLISH_PATH/config.yml | |
| env: | |
| BUILD_PATH: ${{ github.workspace }}/build/S3Validator/S3Validator.csproj | |
| AGENT_VERSION: ${{ inputs.agent_version }} | |
| PUBLISH_PATH: ${{ github.workspace }}/build/S3Validator/publish | |
| validate-nuget-packages: | |
| name: Validate NuGet Package Deployment | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 | |
| with: | |
| disable-sudo: true | |
| egress-policy: audit | |
| - name: Checkout | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| fetch-depth: 0 | |
| - name: Build and Run NugetValidator | |
| run: | | |
| dotnet publish --configuration Release --output "$PUBLISH_PATH" "$BUILD_PATH" | |
| "$PUBLISH_PATH/NugetValidator" -v $AGENT_VERSION -c $PUBLISH_PATH/config.yml | |
| shell: bash | |
| env: | |
| AGENT_VERSION: ${{ inputs.agent_version }} | |
| BUILD_PATH: ${{ github.workspace }}/build/NugetValidator/NugetValidator.csproj | |
| PUBLISH_PATH: ${{ github.workspace }}/build/NugetValidator/publish | |
| report-deprecated-nuget-packages: | |
| name: Report Deprecated NuGet Packages | |
| runs-on: ubuntu-latest | |
| permissions: | |
| issues: write | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 | |
| with: | |
| disable-sudo: true | |
| egress-policy: audit | |
| - name: Checkout | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| fetch-depth: 0 | |
| - name: Build and Run NugetDeprecator | |
| run: | | |
| dotnet publish --configuration Release --output "$PUBLISH_PATH" "$BUILD_PATH" | |
| "$PUBLISH_PATH/NugetVersionDeprecator" -c $PUBLISH_PATH/config.yml --github-token ${{ secrets.GITHUB_TOKEN }} --api-key ${{ secrets.NEW_RELIC_API_KEY_PRODUCTION }} ${{ inputs.test_mode && '--test-mode' || '' }} | |
| shell: bash | |
| env: | |
| BUILD_PATH: ${{ github.workspace }}/build/NugetVersionDeprecator/NugetVersionDeprecator.csproj | |
| PUBLISH_PATH: ${{ github.workspace }}/publish | |
| release-tags: | |
| name: Create release tags | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 | |
| with: | |
| disable-sudo: true | |
| egress-policy: audit | |
| - name: Create release tags for Lambda and K8s Init Containers | |
| run: | | |
| RELEASE_TITLE="New Relic .NET Agent ${AGENT_VERSION}.0" | |
| RELEASE_TAG="${AGENT_VERSION}.0_dotnet" | |
| RELEASE_NOTES="Automated release for [.NET Agent ${AGENT_VERSION}](https://github.com/newrelic/newrelic-dotnet-agent/releases/tag/${AGENT_VERSION})" | |
| gh auth login --with-token <<< $GH_RELEASE_TOKEN | |
| echo "newrelic/newrelic-lambda-layers - Releasing \"${RELEASE_TITLE}\" with tag ${RELEASE_TAG}" | |
| gh release create "${RELEASE_TAG}" --title="${RELEASE_TITLE}" --repo=newrelic/newrelic-lambda-layers --notes="${RELEASE_NOTES}" | |
| echo "newrelic/newrelic-agent-init-container - Releasing \"${RELEASE_TITLE}\" with tag ${RELEASE_TAG}" | |
| gh release create "${RELEASE_TAG}" --title="${RELEASE_TITLE}" --repo=newrelic/newrelic-agent-init-container --notes="${RELEASE_NOTES}" | |
| env: | |
| GH_RELEASE_TOKEN: ${{ secrets.DOTNET_AGENT_GH_TOKEN }} | |
| AGENT_VERSION: "v${{ inputs.agent_version }}" |