ensure it's easy to customize advertised addy's etc with docker #2002
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: build | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - release-v* | |
| - release-next | |
| pull_request: | |
| workflow_dispatch: | |
| env: | |
| GOFLAGS: "-trimpath" | |
| GOX_OUTPUT: "release/{{.Arch}}/{{.OS}}/{{.Dir}}" | |
| GOX_TEST_OUTPUT: "test/{{.Arch}}/{{.OS}}/bin/{{.Dir}}" | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| AWS_DEFAULT_REGION: "us-east-2" | |
| gh_ci_key: ${{ secrets.GH_CI_KEY }} | |
| CONSUL_ENCRYPTION_KEY: ${{ secrets.CONSUL_ENCRYPTION_KEY }} | |
| ELASTIC_ENDPOINT: ${{ secrets.ELASTIC_ENDPOINT }} | |
| ELASTIC_USERNAME: ${{ secrets.ELASTIC_USERNAME }} | |
| ELASTIC_PASSWORD: ${{ secrets.ELASTIC_PASSWORD }} | |
| CONSUL_ENDPOINT: ${{ secrets.CONSUL_ENDPOINT }} | |
| CONSUL_AGENT_CERT: ${{ secrets.CONSUL_AGENT_CERT }} | |
| BUILD_NUMBER: ${{ format('{0}-{1}-{2}', github.run_id, github.run_number, github.run_attempt) }} | |
| jobs: | |
| mac-os-build: | |
| name: Build Mac OS binaries | |
| # allow fors to opt-out of time-consuming macOS builds | |
| if: vars.ZITI_SKIP_MACOS_BUILD != 'true' | |
| runs-on: macos-11 | |
| steps: | |
| - name: Git Checkout | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| - name: Install Go | |
| uses: actions/setup-go@v3 | |
| with: | |
| go-version: '1.20.x' | |
| - name: Install Ziti CI | |
| uses: openziti/ziti-ci@v1 | |
| - name: Build and Test | |
| run: | | |
| go install github.com/mitchellh/gox@latest | |
| $(go env GOPATH)/bin/ziti-ci generate-build-info common/version/info_generated.go version | |
| $(go env GOPATH)/bin/gox -cgo -os=darwin -arch=amd64 -output=$GOX_OUTPUT ./... | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: darwin-release-${{ github.run_id }} | |
| path: release/ | |
| retention-days: 5 | |
| windows-build: | |
| name: Build Windows binaries | |
| # allow fors to opt-out of time-consuming Windows builds | |
| if: vars.ZITI_SKIP_WINDOWS_BUILD != 'true' | |
| runs-on: windows-2019 | |
| steps: | |
| - name: Git Checkout | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| - name: Install Go | |
| uses: actions/setup-go@v3 | |
| with: | |
| go-version: '1.20.x' | |
| - name: Install Ziti CI | |
| uses: openziti/ziti-ci@v1 | |
| - name: Build and Test | |
| shell: bash | |
| run: | | |
| go install github.com/mitchellh/gox@latest | |
| $(go env GOPATH)/bin/ziti-ci generate-build-info common/version/info_generated.go version | |
| $(go env GOPATH)/bin/gox -cgo -os=windows -arch=amd64 -output=$GOX_OUTPUT ./... | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: windows-release-${{ github.run_id }} | |
| path: release/ | |
| retention-days: 5 | |
| fablab-smoketest: | |
| name: Fablab Smoketest | |
| # not applicable to forks. shouldn't run on release build | |
| if: github.repository_owner == 'openziti' && github.ref != 'refs/heads/main' | |
| runs-on: ubuntu-20.04 | |
| steps: | |
| - name: Git Checkout | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| - name: Install Go | |
| uses: actions/setup-go@v3 | |
| with: | |
| go-version: '1.20.x' | |
| - name: Install Ziti CI | |
| uses: openziti/ziti-ci@v1 | |
| - name: Build and Test | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| ziti_ci_gpg_key: ${{ secrets.ZITI_CI_GPG_KEY }} | |
| ziti_ci_gpg_key_id: ${{ secrets.ZITI_CI_GPG_KEY_ID }} | |
| run: | | |
| $(go env GOPATH)/bin/ziti-ci configure-git | |
| $(go env GOPATH)/bin/ziti-ci generate-build-info common/version/info_generated.go version | |
| pushd zititest && go install ./... && popd | |
| go install -tags=all,tests ./... | |
| - name: Create Zitilab Bindings | |
| run: | | |
| mkdir ~/.fablab | |
| touch ~/.fablab/bindings.yml | |
| echo "credentials:" >> ~/.fablab/bindings.yml | |
| echo " aws:" >> ~/.fablab/bindings.yml | |
| echo " managed_key: true" >> ~/.fablab/bindings.yml | |
| echo " edge:" >> ~/.fablab/bindings.yml | |
| echo " username: admin" >> ~/.fablab/bindings.yml | |
| echo " password: admin" >> ~/.fablab/bindings.yml | |
| echo " influxdb:" >> ~/.fablab/bindings.yml | |
| echo " username: fablab" >> ~/.fablab/bindings.yml | |
| echo " password: fablab" >> ~/.fablab/bindings.yml | |
| echo "ziti_version: $($(go env GOPATH)/bin/ziti-ci -q get-current-version)" >> ~/.fablab/bindings.yml | |
| cat ~/.fablab/bindings.yml | |
| - name: Create Test Environment | |
| run: | | |
| echo "ZITI_ROOT=$(go env GOPATH)/bin" >> "$GITHUB_ENV" | |
| $(go env GOPATH)/bin/simple-transfer create | |
| $(go env GOPATH)/bin/simple-transfer up | |
| - name: Test Ziti Command | |
| run: | | |
| echo "ZITI_ROOT=$(go env GOPATH)/bin" >> "$GITHUB_ENV" | |
| pushd zititest && go test -timeout 30m -v ./tests/... && popd | |
| - name: Test Ziti Command Teardown | |
| if: always() | |
| run: | | |
| echo "ZITI_ROOT=$(go env GOPATH)/bin" >> "$GITHUB_ENV" | |
| $(go env GOPATH)/bin/simple-transfer dispose | |
| $(go env GOPATH)/bin/simple-transfer clean | |
| # END linux-build-steps | |
| publish: | |
| name: Publish Binaries | |
| # - always() allows evaluating further conditional expressions even if | |
| # needed jobs were skipped | |
| if: | | |
| always() | |
| && (needs.mac-os-build.result == 'success' || needs.mac-os-build.result == 'skipped') | |
| && (needs.windows-build.result == 'success' || needs.windows-build.result == 'skipped') | |
| && (needs.fablab-smoketest.result == 'success' || needs.fablab-smoketest.result == 'skipped') | |
| runs-on: ubuntu-20.04 | |
| needs: [ mac-os-build, windows-build, fablab-smoketest ] | |
| outputs: | |
| ZITI_VERSION: ${{ steps.get_version.outputs.ZITI_VERSION }} | |
| steps: | |
| - name: Git Checkout | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| - name: Install Go | |
| uses: actions/setup-go@v3 | |
| with: | |
| go-version: '1.20.x' | |
| - name: Install Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: '3.7' | |
| - name: Install Ziti CI | |
| uses: openziti/ziti-ci@v1 | |
| - name: Build and Test | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| ziti_ci_gpg_key: ${{ secrets.ZITI_CI_GPG_KEY }} | |
| ziti_ci_gpg_key_id: ${{ secrets.ZITI_CI_GPG_KEY_ID }} | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get -yq install gcc-arm-linux-gnueabihf g++-arm-linux-gnueabihf gcc-aarch64-linux-gnu | |
| $(go env GOPATH)/bin/ziti-ci configure-git | |
| $(go env GOPATH)/bin/ziti-ci generate-build-info common/version/info_generated.go version | |
| go install github.com/mitchellh/gox@latest | |
| $(go env GOPATH)/bin/gox -cgo -os=linux -arch=amd64 -output=$GOX_OUTPUT ./... | |
| CC=arm-linux-gnueabihf-gcc $(go env GOPATH)/bin/gox -cgo -os=linux -arch=arm -output=$GOX_OUTPUT ./... | |
| CC=aarch64-linux-gnu-gcc $(go env GOPATH)/bin/gox -cgo -os=linux -arch=arm64 -output=$GOX_OUTPUT ./... | |
| # upload Linux artifacts so we can copy them into a container image in another workflow | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: linux-release-${{ github.run_id }} | |
| path: release/ | |
| retention-days: 5 | |
| - name: Download darwin release artifact | |
| if: needs.mac-os-build.result == 'success' | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: darwin-release-${{ github.run_id }} | |
| path: release/ | |
| - name: Download windows release artifact | |
| if: needs.windows-build.result == 'success' | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: windows-release-${{ github.run_id }} | |
| path: release/ | |
| - name: Install Jfrog CLI | |
| uses: jfrog/setup-jfrog-cli@v3 | |
| with: | |
| version: 1.51.1 | |
| - name: Publish GitHub Release | |
| # forks need to run this step with their own GPG key because ziti-ci creates the GH release | |
| if: env.ziti_ci_gpg_key_id != null && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/heads/release-v')) | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| ziti_ci_gpg_key: ${{ secrets.ZITI_CI_GPG_KEY }} | |
| ziti_ci_gpg_key_id: ${{ secrets.ZITI_CI_GPG_KEY_ID }} | |
| run: | | |
| $(go env GOPATH)/bin/ziti-ci tag -v -f version | |
| $(go env GOPATH)/bin/ziti-ci publish-to-github --archive-base "" | |
| # only ziti-ci computed version for release branches and {version}-{run_id} for non-release branches | |
| - name: Compute the Ziti Version String for CI Jobs | |
| id: get_version | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| GITHUB_REF: ${{ github.ref }} | |
| GITHUB_RUN_ID: ${{ github.run_id }} | |
| run: | | |
| ZITI_VERSION="$($(go env GOPATH)/bin/ziti-ci -q get-current-version)" | |
| # drop the leading 'v', if any | |
| ZITI_VERSION=${ZITI_VERSION#v} | |
| if ! [[ "${ZITI_VERSION}" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then | |
| # fail the job because we could not obtain the current version from ziti-ci | |
| echo "ERROR: ZITI_VERSION=${ZITI_VERSION} is not a semver" | |
| exit 1 | |
| elif [[ "${GITHUB_REF}" =~ ^refs/heads/(release-v|main$) ]]; then | |
| # Set output parameters for release branches | |
| echo "DEBUG: ZITI_VERSION=${ZITI_VERSION}" | |
| echo ZITI_VERSION="${ZITI_VERSION}" >> $GITHUB_OUTPUT | |
| else | |
| # Append build / run number for non-release refs | |
| ZITI_VERSION="${ZITI_VERSION}-${GITHUB_RUN_ID}" | |
| echo "DEBUG: ZITI_VERSION=${ZITI_VERSION}" | |
| echo ZITI_VERSION="${ZITI_VERSION}" >> $GITHUB_OUTPUT | |
| fi | |
| - name: Publish to Artifactory | |
| if: ${{ env.JFROG_API_KEY != null && github.repository == 'openziti/ziti' }} | |
| run: | | |
| $(go env GOPATH)/bin/ziti-ci publish-to-artifactory | |
| env: | |
| JFROG_API_KEY: ${{ secrets.JFROG_API_KEY }} | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| jenkins-smoketest: | |
| # BEGIN smoketest-job | |
| # | |
| # Any event that triggers this main workflow also triggers the smoketest | |
| # | |
| needs: publish | |
| name: Call the On-Demand Smoketest Workflow | |
| # not applicable to forks | |
| if: github.repository_owner == 'openziti' | |
| uses: ./.github/workflows/jenkins-smoketest.yml | |
| secrets: inherit | |
| with: | |
| ziti-version: ${{ needs.publish.outputs.ZITI_VERSION }} | |
| call-publish-prerelease-docker-images: | |
| # always() re-enables evaluating conditionals in forks even if Windows or | |
| # macOS builds were skipped | |
| if: | | |
| always() | |
| && needs.publish.result == 'success' | |
| && github.ref == 'refs/heads/release-next' | |
| name: Publish Pre-Release Docker Images | |
| needs: publish | |
| uses: ./.github/workflows/publish-docker-images.yml | |
| secrets: inherit | |
| with: | |
| ziti-version: release-next | |
| call-publish-release-docker-images: | |
| # always() re-enables evaluating conditionals in forks even if Windows or | |
| # macOS builds were skipped | |
| if: | | |
| always() | |
| && needs.publish.result == 'success' | |
| && github.ref == 'refs/heads/main' | |
| name: Publish Release Docker Images | |
| needs: publish | |
| uses: ./.github/workflows/publish-docker-images.yml | |
| secrets: inherit | |
| with: | |
| ziti-version: ${{ needs.publish.outputs.ZITI_VERSION }} |