Always use git tag for container image (#2985) #11506
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Artifacts | |
on: | |
pull_request: | |
branches: | |
- main | |
push: | |
tags: | |
- v* | |
branches: | |
- '**' | |
jobs: | |
artifacts: | |
name: Goreleaser release | |
runs-on: ubuntu-latest | |
permissions: | |
packages: write | |
contents: write | |
container: | |
image: docker.io/goreleaser/goreleaser-cross:v1.22.4 | |
options: --privileged | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
steps: | |
- name: Check out the code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
# https://github.com/actions/checkout/issues/766 | |
- name: Add repository directory to the git global config as a safe directory | |
run: git config --global --add safe.directory "${GITHUB_WORKSPACE}" | |
- name: Set up Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version-file: go.mod | |
- name: Fetch all tags | |
run: git fetch --force --tags | |
- name: Login to registry | |
if: github.event_name == 'push' && startsWith(github.ref, 'refs/heads/') | |
run: | | |
echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin | |
- name: Login to registry | |
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/') | |
run: | | |
echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin | |
- name: Run Goreleaser release | |
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/') | |
run: goreleaser release --clean --verbose | |
- name: Run Goreleaser snapshot | |
run: | | |
goreleaser release --clean --verbose --snapshot | |
- name: Set snapshot tag | |
id: vars | |
if: github.event_name == 'push' && startsWith(github.ref, 'refs/heads/') | |
run: | | |
echo "tag=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}-$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT | |
echo "git_tag=$(git describe --tags --abbrev=0)" >> $GITHUB_OUTPUT | |
- name: Push snapshot images | |
if: github.event_name == 'push' && startsWith(github.ref, 'refs/heads/') | |
run: | | |
docker tag ghcr.io/parca-dev/parca-agent:${{ steps.vars.outputs.git_tag }}-amd64 ghcr.io/parca-dev/parca-agent:${{ steps.vars.outputs.tag }}-amd64 | |
docker tag ghcr.io/parca-dev/parca-agent:${{ steps.vars.outputs.git_tag }}-arm64 ghcr.io/parca-dev/parca-agent:${{ steps.vars.outputs.tag }}-arm64 | |
docker push ghcr.io/parca-dev/parca-agent:${{ steps.vars.outputs.tag }}-amd64 | |
docker push ghcr.io/parca-dev/parca-agent:${{ steps.vars.outputs.tag }}-arm64 | |
docker manifest create ghcr.io/parca-dev/parca-agent:${{ steps.vars.outputs.tag }} --amend ghcr.io/parca-dev/parca-agent:${{ steps.vars.outputs.tag }}-amd64 --amend ghcr.io/parca-dev/parca-agent:${{ steps.vars.outputs.tag }}-arm64 | |
docker manifest annotate ghcr.io/parca-dev/parca-agent:${{ steps.vars.outputs.tag }} ghcr.io/parca-dev/parca-agent:${{ steps.vars.outputs.tag }}-arm64 --os linux --arch arm64 | |
docker manifest annotate ghcr.io/parca-dev/parca-agent:${{ steps.vars.outputs.tag }} ghcr.io/parca-dev/parca-agent:${{ steps.vars.outputs.tag }}-amd64 --os linux --arch amd64 | |
docker manifest push ghcr.io/parca-dev/parca-agent:${{ steps.vars.outputs.tag }} | |
- name: Set up Jsonnet | |
run: ./env-jsonnet.sh | |
- name: Set up environment | |
run: ./env.sh | |
- name: Generate | |
run: cd deploy && make --always-make vendor manifests | |
- name: Prepare manifests for uploads | |
run: | | |
cp deploy/manifests/kubernetes-manifest.yaml deploy/manifests/kubernetes/manifest.yaml | |
cp deploy/manifests/openshift-manifest.yaml deploy/manifests/openshift/manifest.yaml | |
tar -zcvf deploy/manifests.tar.gz deploy/manifests | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: manifests | |
path: | | |
deploy/manifests.tar.gz | |
- name: Archive generated artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: parca-agent-dist-release | |
if-no-files-found: error | |
path: | | |
dist/ | |
- name: Release | |
uses: softprops/[email protected] | |
if: startsWith(github.ref, 'refs/tags/') | |
with: | |
files: | | |
deploy/manifests.tar.gz | |
deploy/manifests/kubernetes-manifest.yaml | |
deploy/manifests/openshift-manifest.yaml | |
snap: | |
name: Build Snap | |
runs-on: ubuntu-latest | |
needs: artifacts | |
outputs: | |
snap: ${{ steps.snapcraft.outputs.snap }} | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- uses: actions/download-artifact@v4 | |
with: | |
name: parca-agent-dist-release | |
path: dist | |
- name: Setup LXD (for Snapcraft) | |
uses: canonical/[email protected] | |
with: | |
channel: latest/stable | |
- name: Setup Snapcraft | |
run: | | |
sudo snap install snapcraft --channel 8.x/stable --classic | |
- name: Build snaps | |
run: | | |
# Copy the metadata.json is so snapcraft can parse it for version info | |
cp ./dist/metadata.json snap/local/metadata.json | |
# Build the amd64 snap | |
cp ./dist/linux-amd64_linux_amd64_v1/parca-agent snap/local/parca-agent | |
snapcraft pack --verbose --build-for amd64 | |
# Build the arm64 snap | |
cp ./dist/linux-arm64_linux_arm64/parca-agent snap/local/parca-agent | |
snapcraft pack --verbose --build-for arm64 | |
- name: Upload locally built snap artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: built-snaps | |
path: | | |
*.snap | |
test-snap: | |
name: Test Snap | |
needs: snap | |
runs-on: ubuntu-latest | |
steps: | |
- name: Fetch built snap | |
uses: actions/download-artifact@v4 | |
with: | |
name: built-snaps | |
- name: Install snap & invoke Parca Agent | |
run: | | |
sudo snap install --classic --dangerous *_amd64.snap | |
sudo snap set parca-agent log-level=debug | |
parca-agent --help | |
- name: Start Parca Agent - default config | |
run: | | |
sudo snap start parca-agent | |
# Set some options to allow retries while Parca Agent comes back up | |
CURL_OPTS=(--max-time 20 --retry 5 --retry-delay 3 --retry-connrefused) | |
curl ${CURL_OPTS[@]} http://localhost:7071/ | |
curl ${CURL_OPTS[@]} http://localhost:7071/metrics | |
- name: Configure snap - node name | |
run: | | |
sudo snap set parca-agent node=foobar | |
sudo snap restart parca-agent | |
# Set some options to allow retries while Parca Agent comes back up | |
CURL_OPTS=(--max-time 20 --retry 5 --retry-delay 3 --retry-connrefused) | |
curl ${CURL_OPTS[@]} http://localhost:7071/ | |
curl ${CURL_OPTS[@]} http://localhost:7071/metrics | |
- name: Configure snap - http address | |
run: | | |
sudo snap set parca-agent http-address=":8081" | |
sudo snap restart parca-agent | |
# Set some options to allow retries while Parca comes back up | |
CURL_OPTS=(--max-time 20 --retry 5 --retry-delay 3 --retry-connrefused) | |
curl ${CURL_OPTS[@]} http://localhost:8081/ | |
curl ${CURL_OPTS[@]} http://localhost:8081/metrics | |
# In case the above tests fail, dump the logs for inspection | |
- name: Dump snap service logs | |
if: failure() | |
run: | | |
sudo snap logs parca-agent -n=all | |
release-snap-edge: | |
name: Release Snap (latest/edge) | |
needs: test-snap | |
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/') | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/download-artifact@v4 | |
with: | |
name: built-snaps | |
- name: Install snapcraft | |
run: | | |
sudo snap install snapcraft --classic --channel=8.x/stable | |
- name: Release to latest/edge | |
env: | |
SNAPCRAFT_STORE_CREDENTIALS: ${{ secrets.SNAPCRAFT_STORE_CREDENTIALS }} | |
run: | | |
snapcraft upload *_amd64.snap --release edge | |
snapcraft upload *_arm64.snap --release edge | |
docs: | |
if: startsWith(github.ref, 'refs/tags/') | |
name: Update Docs with new manifests | |
runs-on: ubuntu-latest | |
needs: artifacts | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Publish Vercel | |
run: | | |
curl -X POST "https://api.vercel.com/v1/integrations/deploy/${{ secrets.VERCEL_WEBHOOK }}" |