Skip to content

. 🚀 🪟 Prerelease Windows #599

. 🚀 🪟 Prerelease Windows

. 🚀 🪟 Prerelease Windows #599

name: . 🚀 🪟 Prerelease Windows
on:
release:
types:
- prereleased
tags:
- '*'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
PFX_CERTIFICATE_BASE64: ${{ secrets.OHAI_PFX_CERTIFICATE_BASE64 }} # base64 encoded
PFX_CERTIFICATE_DESCRIPTION: 'New Relic'
PFX_PASSPHRASE: ${{ secrets.OHAI_PFX_PASSPHRASE }}
SNYK_TOKEN: ${{ secrets.CAOS_SNYK_TOKEN }}
TAG: ${{ github.event.release.tag_name }}
DOCKER_HUB_ID: ${{ secrets.OHAI_DOCKER_HUB_ID }}
DOCKER_HUB_PASSWORD: ${{ secrets.OHAI_DOCKER_HUB_PASSWORD }}
# required for GHA publish action, should be moved into optional
GPG_PASSPHRASE: ${{ secrets.OHAI_GPG_PASSPHRASE }}
GPG_PRIVATE_KEY_BASE64: ${{ secrets.OHAI_GPG_PRIVATE_KEY_BASE64 }} # base64 encoded
SCHEMA_BRANCH: ${{ github.event.release.tag_name }}
AWS_S3_BUCKET_NAME: "nr-downloads-ohai-staging"
AWS_REGION: "us-east-1"
REPO_WORKDIR: 'src/github.com/newrelic/infrastructure-agent'
jobs:
unit-test:
uses: ./.github/workflows/component_windows_unit_test.yml
# Keeping it as no component until we figure out how to pass env variables to component
packaging:
name: Create MSI & Upload into GH Release assets
runs-on: windows-2019
needs: [ unit-test ]
env:
GOPATH: ${{ github.workspace }}
defaults:
run:
working-directory: ${{ env.REPO_WORKDIR }}
strategy:
matrix:
goarch: [ amd64, 386 ]
steps:
- name: Checkout
uses: actions/checkout@v2
with:
path: ${{ env.REPO_WORKDIR }}
- name: Install Go
uses: actions/setup-go@v4
with:
go-version-file: '${{ env.REPO_WORKDIR }}/go.mod'
- name: Get PFX certificate from GH secrets
shell: bash
run: printf "%s" "$PFX_CERTIFICATE_BASE64" | base64 -d - > wincert.pfx
- name: Import PFX certificate
shell: pwsh
run: build\windows\scripts\import_certificates.ps1 -pfx_passphrase "$env:PFX_PASSPHRASE" -pfx_certificate_description "$env:PFX_CERTIFICATE_DESCRIPTION"
- name: Set date environment variable for buildDate metadata
run: echo buildDate=$(date -u +"%Y-%m-%dT%H:%M:%SZ") >> $GITHUB_ENV
shell: bash
- name: Build executables ${{ matrix.goarch }}
shell: pwsh
run: build\windows\build.ps1 -arch ${{ matrix.goarch }} -version ${{env.TAG}} -commit "$env:GITHUB_SHA" -date ${{env.buildDate}}
- name: Create MSI package ${{ matrix.goarch }}
shell: pwsh
run: build\windows\package_msi.ps1 -arch ${{ matrix.goarch }} -version ${{env.TAG}}
- name: Create zip package ${{ matrix.goarch }}
shell: pwsh
run: build\windows\package_zip.ps1 -arch ${{ matrix.goarch }} -version ${{env.TAG}}
- name: Generate checksum files
uses: ./src/github.com/newrelic/infrastructure-agent/.github/actions/generate-checksums
with:
files_regex: '.*zip\|.*msi'
files_path: './${{ env.REPO_WORKDIR }}/dist'
- name: Upload MSI to GH
shell: bash
run: build/upload_artifacts_gh.sh
publishing-to-s3:
name: Publish windows artifacts into s3 staging bucket
uses: ./.github/workflows/component_windows_publish.yml
needs: [ packaging ]
secrets:
DOCKER_HUB_ID: ${{secrets.OHAI_DOCKER_HUB_ID}}
DOCKER_HUB_PASSWORD: ${{secrets.OHAI_DOCKER_HUB_PASSWORD}}
GPG_PASSPHRASE: ${{ secrets.OHAI_GPG_PASSPHRASE }}
GPG_PRIVATE_KEY_BASE64: ${{ secrets.OHAI_GPG_PRIVATE_KEY_BASE64 }} # base64 encoded
AWS_ACCESS_KEY_ID: ${{ secrets.OHAI_AWS_ACCESS_KEY_ID_STAGING }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.OHAI_AWS_SECRET_ACCESS_KEY_STAGING }}
AWS_ROLE_ARN: ${{ secrets.OHAI_AWS_ROLE_ARN_STAGING }}
AWS_ROLE_SESSION_NAME: ${{ secrets.OHAI_AWS_ROLE_SESSION_NAME_STAGING }}
with:
ACCESS_POINT_HOST: "staging"
SCHEMA_BRANCH: "master"
RUN_ID: ${{ github.run_id }}
TAG: ${{ github.event.release.tag_name }}
AWS_S3_BUCKET_NAME: "nr-downloads-ohai-staging"
AWS_S3_LOCK_BUCKET_NAME: "onhost-ci-lock-staging"
ASSETS_TYPE: "all"
test-prerelease-windows:
needs: [publishing-to-s3]
uses: ./.github/workflows/component_prerelease_testing.yml
with:
PLATFORM: "windows"
TAG: ${{ github.event.release.tag_name }}
TAG_OR_UNIQUE_NAME: "${{ github.event.release.tag_name }}-windows"
secrets:
AWS_VPC_SUBNET: ${{secrets.AWS_VPC_SUBNET}}
CROWDSTRIKE_CLIENT_ID: ${{secrets.CROWDSTRIKE_CLIENT_ID}}
CROWDSTRIKE_CLIENT_SECRET: ${{secrets.CROWDSTRIKE_CLIENT_SECRET}}
CROWDSTRIKE_CUSTOMER_ID: ${{secrets.CROWDSTRIKE_CUSTOMER_ID}}
canaries-windows:
needs: [test-prerelease-windows]
uses: ./.github/workflows/component_canaries.yml
with:
PLATFORM: "windows"
TAG: ${{ github.event.release.tag_name }}
secrets:
AWS_VPC_SUBNET: ${{secrets.AWS_VPC_SUBNET}}
CROWDSTRIKE_CLIENT_ID: ${{secrets.CROWDSTRIKE_CLIENT_ID}}
CROWDSTRIKE_CLIENT_SECRET: ${{secrets.CROWDSTRIKE_CLIENT_SECRET}}
CROWDSTRIKE_CUSTOMER_ID: ${{secrets.CROWDSTRIKE_CUSTOMER_ID}}
get_previous_tag:
runs-on: ubuntu-latest
outputs:
previous_tag: ${{ steps.previous_tag_step.outputs.PREVIOUS_TAG }}
steps:
- uses: actions/checkout@v2
- id: previous_tag_step
run: ./.github/workflows/scripts/previous_version.sh ${{ github.event.release.tag_name }} >> "$GITHUB_OUTPUT"
prune-canaries-windows:
needs: [canaries-windows, get_previous_tag]
uses: ./.github/workflows/component_canaries_prune.yml
with:
PLATFORM: "windows"
TAG: ${{ needs.get_previous_tag.outputs.previous_tag }}
secrets:
AWS_VPC_SUBNET: ${{secrets.AWS_VPC_SUBNET}}