. 🚀 🪟 Prerelease Windows #599
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: . 🚀 🪟 Prerelease Windows | |
on: | |
release: | |
types: | |
- prereleased | |
tags: | |
- '*' | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
PFX_CERTIFICATE_BASE64: ${{ secrets.OHAI_PFX_CERTIFICATE_BASE64 }} # base64 encoded | |
PFX_CERTIFICATE_DESCRIPTION: 'New Relic' | |
PFX_PASSPHRASE: ${{ secrets.OHAI_PFX_PASSPHRASE }} | |
SNYK_TOKEN: ${{ secrets.CAOS_SNYK_TOKEN }} | |
TAG: ${{ github.event.release.tag_name }} | |
DOCKER_HUB_ID: ${{ secrets.OHAI_DOCKER_HUB_ID }} | |
DOCKER_HUB_PASSWORD: ${{ secrets.OHAI_DOCKER_HUB_PASSWORD }} | |
# required for GHA publish action, should be moved into optional | |
GPG_PASSPHRASE: ${{ secrets.OHAI_GPG_PASSPHRASE }} | |
GPG_PRIVATE_KEY_BASE64: ${{ secrets.OHAI_GPG_PRIVATE_KEY_BASE64 }} # base64 encoded | |
SCHEMA_BRANCH: ${{ github.event.release.tag_name }} | |
AWS_S3_BUCKET_NAME: "nr-downloads-ohai-staging" | |
AWS_REGION: "us-east-1" | |
REPO_WORKDIR: 'src/github.com/newrelic/infrastructure-agent' | |
jobs: | |
unit-test: | |
uses: ./.github/workflows/component_windows_unit_test.yml | |
# Keeping it as no component until we figure out how to pass env variables to component | |
packaging: | |
name: Create MSI & Upload into GH Release assets | |
runs-on: windows-2019 | |
needs: [ unit-test ] | |
env: | |
GOPATH: ${{ github.workspace }} | |
defaults: | |
run: | |
working-directory: ${{ env.REPO_WORKDIR }} | |
strategy: | |
matrix: | |
goarch: [ amd64, 386 ] | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
with: | |
path: ${{ env.REPO_WORKDIR }} | |
- name: Install Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version-file: '${{ env.REPO_WORKDIR }}/go.mod' | |
- name: Get PFX certificate from GH secrets | |
shell: bash | |
run: printf "%s" "$PFX_CERTIFICATE_BASE64" | base64 -d - > wincert.pfx | |
- name: Import PFX certificate | |
shell: pwsh | |
run: build\windows\scripts\import_certificates.ps1 -pfx_passphrase "$env:PFX_PASSPHRASE" -pfx_certificate_description "$env:PFX_CERTIFICATE_DESCRIPTION" | |
- name: Set date environment variable for buildDate metadata | |
run: echo buildDate=$(date -u +"%Y-%m-%dT%H:%M:%SZ") >> $GITHUB_ENV | |
shell: bash | |
- name: Build executables ${{ matrix.goarch }} | |
shell: pwsh | |
run: build\windows\build.ps1 -arch ${{ matrix.goarch }} -version ${{env.TAG}} -commit "$env:GITHUB_SHA" -date ${{env.buildDate}} | |
- name: Create MSI package ${{ matrix.goarch }} | |
shell: pwsh | |
run: build\windows\package_msi.ps1 -arch ${{ matrix.goarch }} -version ${{env.TAG}} | |
- name: Create zip package ${{ matrix.goarch }} | |
shell: pwsh | |
run: build\windows\package_zip.ps1 -arch ${{ matrix.goarch }} -version ${{env.TAG}} | |
- name: Generate checksum files | |
uses: ./src/github.com/newrelic/infrastructure-agent/.github/actions/generate-checksums | |
with: | |
files_regex: '.*zip\|.*msi' | |
files_path: './${{ env.REPO_WORKDIR }}/dist' | |
- name: Upload MSI to GH | |
shell: bash | |
run: build/upload_artifacts_gh.sh | |
publishing-to-s3: | |
name: Publish windows artifacts into s3 staging bucket | |
uses: ./.github/workflows/component_windows_publish.yml | |
needs: [ packaging ] | |
secrets: | |
DOCKER_HUB_ID: ${{secrets.OHAI_DOCKER_HUB_ID}} | |
DOCKER_HUB_PASSWORD: ${{secrets.OHAI_DOCKER_HUB_PASSWORD}} | |
GPG_PASSPHRASE: ${{ secrets.OHAI_GPG_PASSPHRASE }} | |
GPG_PRIVATE_KEY_BASE64: ${{ secrets.OHAI_GPG_PRIVATE_KEY_BASE64 }} # base64 encoded | |
AWS_ACCESS_KEY_ID: ${{ secrets.OHAI_AWS_ACCESS_KEY_ID_STAGING }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.OHAI_AWS_SECRET_ACCESS_KEY_STAGING }} | |
AWS_ROLE_ARN: ${{ secrets.OHAI_AWS_ROLE_ARN_STAGING }} | |
AWS_ROLE_SESSION_NAME: ${{ secrets.OHAI_AWS_ROLE_SESSION_NAME_STAGING }} | |
with: | |
ACCESS_POINT_HOST: "staging" | |
SCHEMA_BRANCH: "master" | |
RUN_ID: ${{ github.run_id }} | |
TAG: ${{ github.event.release.tag_name }} | |
AWS_S3_BUCKET_NAME: "nr-downloads-ohai-staging" | |
AWS_S3_LOCK_BUCKET_NAME: "onhost-ci-lock-staging" | |
ASSETS_TYPE: "all" | |
test-prerelease-windows: | |
needs: [publishing-to-s3] | |
uses: ./.github/workflows/component_prerelease_testing.yml | |
with: | |
PLATFORM: "windows" | |
TAG: ${{ github.event.release.tag_name }} | |
TAG_OR_UNIQUE_NAME: "${{ github.event.release.tag_name }}-windows" | |
secrets: | |
AWS_VPC_SUBNET: ${{secrets.AWS_VPC_SUBNET}} | |
CROWDSTRIKE_CLIENT_ID: ${{secrets.CROWDSTRIKE_CLIENT_ID}} | |
CROWDSTRIKE_CLIENT_SECRET: ${{secrets.CROWDSTRIKE_CLIENT_SECRET}} | |
CROWDSTRIKE_CUSTOMER_ID: ${{secrets.CROWDSTRIKE_CUSTOMER_ID}} | |
canaries-windows: | |
needs: [test-prerelease-windows] | |
uses: ./.github/workflows/component_canaries.yml | |
with: | |
PLATFORM: "windows" | |
TAG: ${{ github.event.release.tag_name }} | |
secrets: | |
AWS_VPC_SUBNET: ${{secrets.AWS_VPC_SUBNET}} | |
CROWDSTRIKE_CLIENT_ID: ${{secrets.CROWDSTRIKE_CLIENT_ID}} | |
CROWDSTRIKE_CLIENT_SECRET: ${{secrets.CROWDSTRIKE_CLIENT_SECRET}} | |
CROWDSTRIKE_CUSTOMER_ID: ${{secrets.CROWDSTRIKE_CUSTOMER_ID}} | |
get_previous_tag: | |
runs-on: ubuntu-latest | |
outputs: | |
previous_tag: ${{ steps.previous_tag_step.outputs.PREVIOUS_TAG }} | |
steps: | |
- uses: actions/checkout@v2 | |
- id: previous_tag_step | |
run: ./.github/workflows/scripts/previous_version.sh ${{ github.event.release.tag_name }} >> "$GITHUB_OUTPUT" | |
prune-canaries-windows: | |
needs: [canaries-windows, get_previous_tag] | |
uses: ./.github/workflows/component_canaries_prune.yml | |
with: | |
PLATFORM: "windows" | |
TAG: ${{ needs.get_previous_tag.outputs.previous_tag }} | |
secrets: | |
AWS_VPC_SUBNET: ${{secrets.AWS_VPC_SUBNET}} |