Skip to content
release

release #19

Sign in to view logs

release

release #19

Workflow file for this run

.github/workflows/release.yml at 129a318
---
# Releases the agent
name: release
on:
workflow_dispatch:
inputs:
branch:
description: 'The branch to release'
required: true
default: 'main'
version:
description: 'The version to release (e.g. 1.2.3). This workflow will automatically perform the required version bumps'
required: true
update_changelog:
description: |
If enabled, everything in the changelog from the "Unreleased" section will be automatically moved to a new section for the new release.
If disabled, the changelog needs to be prepared for the release manually before triggering this workflow.
type: boolean
required: true
default: true
skip_preparation:
description: |
If enabled, the version bump, release notes update and tag creation will be skipped.
Select this option if those tasks have already been done in a previous run.
type: boolean
required: true
default: false
skip_maven_deploy:
description: |
If enabled, the deployment to maven central will be skipped.
Select this if the deployment job for this release failed in a previous version but the release was actually published.
Check manually on maven central beforehand!
type: boolean
required: true
default: false
env:
JAVA_VERSION: 17
JAVA_DIST: temurin
TAG_NAME: v${{ inputs.version }}
permissions:
contents: read
concurrency:
group: ${{ github.workflow }}
jobs:
prepare_release:
permissions:
contents: write
name: "Changelog and Version Bump"
if: ${{ ! inputs.skip_preparation }}
runs-on: ubuntu-latest
steps:
- uses: elastic/apm-pipeline-library/.github/actions/github-token@current
with:
url: ${{ secrets.VAULT_ADDR }}
roleId: ${{ secrets.VAULT_ROLE_ID }}
secretId: ${{ secrets.VAULT_SECRET_ID }}
- uses: elastic/apm-pipeline-library/.github/actions/setup-git@current
with:
username: ${{ env.GIT_USER }}
email: ${{ env.GIT_EMAIL }}
token: ${{ env.GITHUB_TOKEN }}
- uses: actions/checkout@v4
with:
ref: ${{ inputs.branch }}
token: ${{ env.GITHUB_TOKEN }}
- name: Set up JDK ${{ env.JAVA_VERSION }}
uses: actions/setup-java@v4
with:
java-version: ${{ env.JAVA_VERSION }}
distribution: ${{ env.JAVA_DIST }}
cache: 'maven'
- name: Prepare changelog for release
if: ${{ inputs.update_changelog }}
run: |
java .ci/ReleaseChangelog.java CHANGELOG.asciidoc ${{ inputs.version }}
git commit -m "Prepare changelog for release ${{ inputs.version }}" CHANGELOG.asciidoc
- name: Bump version and add git tag
run: ./mvnw release:prepare -B -DpushChanges=false "-Darguments=-DskipTests -Dmaven.javadoc.skip=true" -DreleaseVersion=${{ inputs.version }}
- run: git push --atomic origin ${{ inputs.branch }} ${{ env.TAG_NAME }}
maven_central_deploy:
name: "Deploy to Maven Central (Buildkite)"
if: ${{ ! inputs.skip_maven_deploy && ( inputs.skip_preparation || success() ) }}
runs-on: ubuntu-latest
needs:
- prepare_release
steps:
- id: buildkite
continue-on-error: true
name: Run Deploy
uses: elastic/apm-pipeline-library/.github/actions/buildkite@current
with:
vaultUrl: ${{ secrets.VAULT_ADDR }}
vaultRoleId: ${{ secrets.VAULT_ROLE_ID }}
vaultSecretId: ${{ secrets.VAULT_SECRET_ID }}
pipeline: apm-agent-java-release
pipelineCommit: ${{ env.TAG_NAME }}
waitFor: true
printBuildLogs: false
# The action fails with .github/actions/buildkite/run.sh: line 24: 3: parameter missing.
# Which is an unexpected bug.
# Adding a random buildEnvVar to circumvent the behaviour.
buildEnvVars: |
something_something=true
await_artifact_on_maven_central:
name: "Wait for artifacts to be available on maven central"
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Await artifacts published in maven central
shell: bash
timeout-minutes: 120
run: |
until .ci/release/wait_maven_artifact_published.sh ${{ inputs.version }}
do
echo "Artifacts not found on maven central. Sleeping 30 seconds, retrying afterwards"
sleep 30s
done
update_major_branch:
name: "Update Major Branch"
runs-on: ubuntu-latest
needs:
- await_artifact_on_maven_central
permissions:
contents: write
steps:
- uses: elastic/apm-pipeline-library/.github/actions/github-token@current
with:
url: ${{ secrets.VAULT_ADDR }}
roleId: ${{ secrets.VAULT_ROLE_ID }}
secretId: ${{ secrets.VAULT_SECRET_ID }}
- uses: elastic/apm-pipeline-library/.github/actions/setup-git@current
with:
username: ${{ env.GIT_USER }}
email: ${{ env.GIT_EMAIL }}
token: ${{ env.GITHUB_TOKEN }}
- uses: actions/checkout@v4
with:
ref: ${{ env.TAG_NAME }}
token: ${{ env.GITHUB_TOKEN }}
- run: .ci/release/update_major_branch.sh ${{ inputs.version }}
- run: git push -f origin "$(echo '${{ inputs.version }}' | sed -E 's/\..+/.x/')"
update_cloudfoundry:
name: "Update Cloudfoundry"
runs-on: ubuntu-latest
needs:
- await_artifact_on_maven_central
permissions:
contents: write
steps:
- uses: elastic/apm-pipeline-library/.github/actions/github-token@current
with:
url: ${{ secrets.VAULT_ADDR }}
roleId: ${{ secrets.VAULT_ROLE_ID }}
secretId: ${{ secrets.VAULT_SECRET_ID }}
- uses: elastic/apm-pipeline-library/.github/actions/setup-git@current
with:
username: ${{ env.GIT_USER }}
email: ${{ env.GIT_EMAIL }}
token: ${{ env.GITHUB_TOKEN }}
- uses: actions/checkout@v4
with:
ref: ${{ inputs.branch }}
token: ${{ env.GITHUB_TOKEN }}
- name: "Update Cloudfoundry index.yml file"
shell: bash
run: .ci/release/update_cloudfoundry.sh ${{ inputs.version }}
- run: git push origin ${{ inputs.branch }}
build_and_push_docker_images:
name: "Build and push docker images"
runs-on: ubuntu-latest
needs:
- await_artifact_on_maven_central
env:
SONATYPE_FALLBACK: 1
steps:
- uses: actions/checkout@v4
with:
ref: ${{ env.TAG_NAME }}
fetch-depth: 0 # Load entire history as it is required for the push-script
- uses: elastic/apm-pipeline-library/.github/actions/docker-login@current
with:
registry: docker.elastic.co
secret: secret/apm-team/ci/docker-registry/prod
url: ${{ secrets.VAULT_ADDR }}
roleId: ${{ secrets.VAULT_ROLE_ID }}
secretId: ${{ secrets.VAULT_SECRET_ID }}
- name: "Build docker image"
shell: bash
run: |
./scripts/docker-release/build_docker.sh
./scripts/docker-release/push_docker.sh
publish_aws_lambda:
name: "Publish AWS Lambda"
runs-on: ubuntu-latest
needs:
- await_artifact_on_maven_central
outputs:
arn_content: ${{ steps.arn_output.outputs.arn_content }}
env:
# Random region. This needs to be set in GH Actions or the usage of aws-cli will fail.
# The default region does not matter, since we are publishing in all regions.
AWS_DEFAULT_REGION: eu-west-1
steps:
- uses: actions/checkout@v4
with:
ref: ${{ env.TAG_NAME }}
- name: Set up JDK ${{ env.JAVA_VERSION }}
uses: actions/setup-java@v4
with:
java-version: ${{ env.JAVA_VERSION }}
distribution: ${{ env.JAVA_DIST }}
cache: 'maven'
- name: Build Lambda-layer zip using agent from maven-central
run: ./mvnw dependency:purge-local-repository package -pl apm-agent-lambda-layer
- uses: hashicorp/[email protected]
with:
url: ${{ secrets.VAULT_ADDR }}
method: approle
roleId: ${{ secrets.VAULT_ROLE_ID }}
secretId: ${{ secrets.VAULT_SECRET_ID }}
secrets: |
secret/observability-team/ci/service-account/apm-aws-lambda access_key_id | AWS_ACCESS_KEY_ID ;
secret/observability-team/ci/service-account/apm-aws-lambda secret_access_key | AWS_SECRET_ACCESS_KEY
- name: Publish
run: |
# Convert v1.2.3 to ver-1-2-3
VERSION=${TAG_NAME/v/ver-}
VERSION=${VERSION//./-}
ELASTIC_LAYER_NAME="elastic-apm-java-${VERSION}" .ci/publish-aws.sh
- uses: actions/upload-artifact@v3
with:
name: arn-file
path: .ci/.arn-file.md
- name: Add ARN file to output
id: arn_output
run: |
echo 'arn_content<<ARN_CONTENT_EOF' >> $GITHUB_OUTPUT
cat .ci/.arn-file.md >> $GITHUB_OUTPUT
echo 'ARN_CONTENT_EOF' >> $GITHUB_OUTPUT
create_github_release:
name: "Create GitHub Release"
needs:
- publish_aws_lambda
- update_major_branch
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- uses: actions/checkout@v4
with:
ref: ${{ env.TAG_NAME }}
- name: Await release-notes published
shell: bash
timeout-minutes: 120
run: |
until .ci/release/wait_release_notes_published.sh ${{ inputs.version }}
do
echo "Release notes not published yet. Sleeping 30 seconds, retrying afterwards"
sleep 30s
done
- name: Compute major.x branch
id: get_dotx_branch
run: echo "dotx_branch=$(echo '${{ inputs.version }}' | sed -E 's/\..+/.x/')" >> $GITHUB_OUTPUT
- name: Create GitHub Release
env:
GH_TOKEN: ${{ github.token }}
run: |
gh release create ${{ env.TAG_NAME }} \
--title="Release ${{ inputs.version }}" \
--notes="[Release Notes for ${{ inputs.version }}](https://www.elastic.co/guide/en/apm/agent/java/current/release-notes-${{ steps.get_dotx_branch.outputs.dotx_branch }}.html#release-notes-${{ inputs.version }})
${{ needs.publish_aws_lambda.outputs.arn_content }}"
notify:
if: always()
needs:
- prepare_release
- maven_central_deploy
- await_artifact_on_maven_central
- update_major_branch
- update_cloudfoundry
- build_and_push_docker_images
- publish_aws_lambda
- create_github_release
runs-on: ubuntu-latest
steps:
- id: check
uses: elastic/apm-pipeline-library/.github/actions/check-dependent-jobs@current
with:
needs: ${{ toJSON(needs) }}
- uses: elastic/apm-pipeline-library/.github/actions/notify-build-status@current
with:
status: ${{ steps.check.outputs.status }}
vaultUrl: ${{ secrets.VAULT_ADDR }}
vaultRoleId: ${{ secrets.VAULT_ROLE_ID }}
vaultSecretId: ${{ secrets.VAULT_SECRET_ID }}
slackChannel: "#apm-agent-java"