Upgrade crossplane version to prevent Agent from rolling back in the case of valid NGINX configurations #3384
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: | |
| - 'main' | |
| - 'release-*' | |
| paths-ignore: | |
| - "**.md" | |
| - "docs/**" | |
| - "hugo/**" | |
| pull_request: | |
| types: | |
| - opened | |
| - reopened | |
| - synchronize | |
| permissions: | |
| contents: read | |
| env: | |
| GOLANGCI_LINT_VERSION: 'v1.55.1' | |
| NFPM_VERSION: 'v2.35.3' | |
| jobs: | |
| lint: | |
| permissions: | |
| contents: read # for actions/checkout to fetch code | |
| pull-requests: read # for golangci/golangci-lint-action to fetch pull requests | |
| name: Lint | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 | |
| - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 | |
| with: | |
| go-version-file: 'go.mod' | |
| - name: Lint Agent Code | |
| uses: golangci/golangci-lint-action@82d40c283aeb1f2b6595839195e95c2d6a49081b # v5.0.0 | |
| with: | |
| version: "${{ env.GOLANGCI_LINT_VERSION }}" | |
| args: -c ./scripts/.golangci.yml | |
| skip-pkg-cache: true | |
| - name: Lint SDK Code | |
| uses: golangci/golangci-lint-action@82d40c283aeb1f2b6595839195e95c2d6a49081b # v5.0.0 | |
| with: | |
| version: "${{ env.GOLANGCI_LINT_VERSION }}" | |
| working-directory: sdk | |
| args: -c ../scripts/.golangci.yml | |
| skip-pkg-cache: true | |
| unit-test: | |
| name: Unit Tests | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 | |
| - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 | |
| with: | |
| go-version-file: 'go.mod' | |
| - name: Run Unit Tests | |
| run: make unit-test | |
| - name: Upload Test Coverage | |
| uses: codecov/codecov-action@84508663e988701840491b86de86b666e8a86bed # v4.3.0 | |
| with: | |
| files: ./build/test/coverage.out | |
| component-test: | |
| name: Component Tests | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 | |
| - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 | |
| with: | |
| go-version-file: 'go.mod' | |
| - name: Run Component Tests | |
| run: make component-test | |
| build-unsigned-snapshot: | |
| name: Build unsigned snapshot | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 | |
| with: | |
| fetch-depth: 0 | |
| - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 | |
| with: | |
| go-version-file: 'go.mod' | |
| - name: Setup build environment | |
| run: | | |
| go install github.com/goreleaser/nfpm/v2/cmd/nfpm@${{ env.NFPM_VERSION }} | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 | |
| - name: Build Docker Image | |
| uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0 | |
| with: | |
| file: scripts/packages/packager/Dockerfile | |
| tags: build-local-packager:1.0.0 | |
| context: '.' | |
| push: false | |
| load: true | |
| no-cache: true | |
| build-args: | | |
| package_type=local-package | |
| - name: Build Packages | |
| run: | | |
| make clean local-deb-package local-rpm-package local-txz-package local-apk-package | |
| - name: Upload Artifacts | |
| uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 | |
| with: | |
| name: nginx-agent-unsigned-snapshots | |
| path: build | |
| retention-days: 1 | |
| integration-tests: | |
| name: Integration Tests | |
| needs: build-unsigned-snapshot | |
| runs-on: ubuntu-24.04 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| container: | |
| - image: "rockylinux" | |
| version: "8" | |
| - image: "rockylinux" | |
| version: "9" | |
| - image: "almalinux" | |
| version: "8" | |
| - image: "almalinux" | |
| version: "9" | |
| - image: "amazonlinux" | |
| version: "2" | |
| - image: "amazonlinux" | |
| version: "2023" | |
| - image: "oraclelinux" | |
| version: "8" | |
| - image: "oraclelinux" | |
| version: "9" | |
| - image: "ubuntu" | |
| version: "24.04" | |
| - image: "alpine" | |
| version: "3.17" | |
| - image: "alpine" | |
| version: "3.18" | |
| - image: "alpine" | |
| version: "3.19" | |
| - image: "alpine" | |
| version: "3.20" | |
| - image: "debian" | |
| version: "bullseye-slim" | |
| - image: "debian" | |
| version: "bookworm-slim" | |
| steps: | |
| - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 | |
| with: | |
| fetch-depth: 0 | |
| - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 | |
| with: | |
| go-version-file: 'go.mod' | |
| - name: Download Packages | |
| uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 | |
| with: | |
| name: nginx-agent-unsigned-snapshots | |
| path: build | |
| - name: Run Integration Tests | |
| run: | | |
| go install github.com/goreleaser/nfpm/v2/cmd/nfpm@${{ env.NFPM_VERSION }} | |
| OS_RELEASE="${{ matrix.container.image }}" OS_VERSION="${{ matrix.container.version }}" \ | |
| make integration-test | |
| - name: Container Output Logs | |
| if: failure() | |
| run: | | |
| docker ps -a | |
| dockerid=$(docker ps -a --format "{{.ID}}") | |
| docker logs "$dockerid" | |
| - name: Archive integration test logs | |
| if: success() || failure() | |
| uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 | |
| with: | |
| name: integration-test-logs-${{ matrix.container.image }}-${{ matrix.container.version }} | |
| path: /tmp/integration-test-logs/ | |
| retention-days: 3 | |
| performance-test: | |
| name: Performance Tests | |
| if: ${{ !github.event.pull_request.head.repo.fork && !startsWith(github.ref_name, 'dependabot/') }} | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 | |
| - name: Set up Docker Build | |
| uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 | |
| - name: Build Docker Image | |
| uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0 | |
| with: | |
| file: test/docker/Dockerfile | |
| tags: nginx-agent-benchmark:1.0.0 | |
| context: '.' | |
| push: false | |
| load: true | |
| no-cache: true | |
| secrets: | | |
| "nginx-crt=${{ secrets.NGINX_CRT }}" | |
| "nginx-key=${{ secrets.NGINX_KEY }}" | |
| - name: Run Performance Tests | |
| run: docker run -v ${GITHUB_WORKSPACE}:/home/nginx/ --rm nginx-agent-benchmark:1.0.0 | |
| build-signed-snapshot: | |
| name: Build signed snapshot | |
| runs-on: ubuntu-22.04 | |
| if: ${{ !startsWith(github.ref_name, 'release-') && !startsWith(github.ref_name, 'dependabot/') && !github.event.pull_request.head.repo.fork }} | |
| steps: | |
| - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 | |
| with: | |
| fetch-depth: 0 | |
| - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 | |
| with: | |
| go-version-file: 'go.mod' | |
| - name: Setup build environment | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y gpgv1 monkeysphere | |
| go install github.com/goreleaser/nfpm/v2/cmd/nfpm@${{ env.NFPM_VERSION }} | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 | |
| - name: Build Docker Image | |
| uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0 | |
| with: | |
| file: scripts/packages/packager/Dockerfile | |
| tags: build-signed-packager:1.0.0 | |
| context: '.' | |
| push: false | |
| load: true | |
| no-cache: true | |
| build-args: | | |
| package_type=signed-package | |
| - name: Build Packages | |
| env: | |
| INDIGO_GPG_AGENT: ${{ secrets.INDIGO_GPG_AGENT }} | |
| NFPM_SIGNING_KEY_FILE: .key.asc | |
| run: | | |
| echo "$INDIGO_GPG_AGENT" | base64 --decode > .key.asc | |
| make clean package | |
| - name: Upload Artifacts | |
| uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 | |
| with: | |
| name: nginx-agent-signed-snapshots | |
| path: ./build/azure/packages/nginx-agent.tar.gz | |
| retention-days: 1 | |
| - name: Azure Login | |
| uses: azure/login@6b2456866fc08b011acb422a92a4aa20e2c4de32 # v2.1.0 | |
| with: | |
| creds: ${{ secrets.AZURE_CREDENTIALS }} | |
| - name: Azure Upload Snapshot | |
| uses: azure/CLI@965c8d7571d2231a54e321ddd07f7b10317f34d9 # v2.0.0 | |
| with: | |
| inlineScript: | | |
| if ${{ github.event_name == 'pull_request'}}; then | |
| GIT_BRANCH=${GITHUB_HEAD_REF} | |
| else | |
| GIT_BRANCH=${GITHUB_REF##*/} | |
| fi | |
| for i in ./build/azure/packages/nginx-agent*; do | |
| az storage blob upload --auth-mode=login -f "$i" -c ${{ secrets.AZURE_CONTAINER_NAME }} \ | |
| --account-name ${{ secrets.AZURE_ACCOUNT_NAME }} --overwrite -n nginx-agent/${GIT_BRANCH}/${i##*/} | |
| done | |
| build-example: | |
| name: Build Grafana Dashboard Example | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 | |
| - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 | |
| with: | |
| go-version-file: 'go.mod' | |
| - name: Setup build environment | |
| run: | | |
| go install github.com/goreleaser/nfpm/v2/cmd/nfpm@${{ env.NFPM_VERSION }} | |
| - name: Build Grafana example | |
| run: make build-grafana-example | |
| - name: Clean Grafana example | |
| run: make clean-grafana-example | |
| trigger-release-workflow: | |
| if: ${{ startsWith(github.ref_name, 'release-') && !github.event.pull_request.head.repo.fork }} | |
| needs: [ lint, unit-test, component-test, performance-test, integration-tests ] | |
| uses: ./.github/workflows/release-branch.yml | |
| secrets: inherit | |
| permissions: | |
| contents: write | |
| pull-requests: write |