Skip to content
Release build and publish

Release build and publish #18

Sign in to view logs

Release build and publish

Release build and publish #18

Workflow file for this run

.github/workflows/release-build-publish.yml at 99b1588
name: Release build and publish
on:
workflow_dispatch:
inputs:
version:
description: The version to tag the release with, e.g., 1.2.0, 1.2.1-alpha.1
required: true
major_version:
description: The major version to tag the release with, e.g., 1.x, 2.x, 3.x
required: true
permissions:
id-token: write
contents: write
jobs:
build_publish_daemon_image:
name: Build X-Ray daemon artifacts and publish docker image to docker hub and public ECR
runs-on: ubuntu-latest
steps:
- name: Checkout Repository
uses: actions/checkout@v2
- name: Setup Go
uses: actions/setup-go@v2
with:
go-version: '^1.21.5'
- uses: actions/cache@v2
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Build archives and test
run: make build test
env:
VERSION: ${{ github.event.inputs.version }}
- name: Build Linux archives
run: make packaging
env:
VERSION: ${{ github.event.inputs.version }}
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
role-to-assume: ${{ secrets.AWS_ASSUME_ROLE_ARN_RELEASE }}
aws-region: us-east-1
- name: Download package signing GPG secret key
run: |
aws secretsmanager get-secret-value --region us-east-1 --secret-id "XRayDaemonSecrets" | jq -r ".SecretString" > aws-xray-secret.gpg
md5sum aws-xray-secret.gpg
- name: Import signing GPG key
run: |
gpg --import aws-xray-secret.gpg
gpg --list-keys
gpg --armor --export -a "aws-xray@amazon.com" > aws-xray-public.gpg
rpm --import aws-xray-public.gpg
shred -fuvz aws-xray-secret.gpg
shred -fuvz aws-xray-public.gpg
- name: Sign daemon packages
run: ./Tool/src/packaging/sign-packages.sh
- name: Remove Package Signing GPG Key from local GPG Key Ring
run: |
gpg --fingerprint --with-colons aws-xray@amazon.com | grep -m 1 "fpr" | sed -n 's/^fpr:::::::::\([[:alnum:]]\+\):/\1/p' | xargs gpg --batch --yes --delete-secret-keys
gpg --list-secret-keys
- name: Upload archives as actions artifact
uses: actions/upload-artifact@v2
with:
name: distributions
path: build/dist/
- name: Login to Public ECR
run: aws ecr-public get-login-password | docker login --username AWS --password-stdin public.ecr.aws
- name: Login to DockerHub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_PASS }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Cache Docker layers
uses: actions/cache@v2
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
- name: Build and push docker image for Public ECR
uses: docker/build-push-action@v2
with:
context: .
file: ./Dockerfile
platforms: linux/amd64,linux/arm64
tags: |
public.ecr.aws/xray/aws-xray-daemon:${{ github.event.inputs.version }}
public.ecr.aws/xray/aws-xray-daemon:latest
public.ecr.aws/xray/aws-xray-daemon:${{ github.event.inputs.major_version }}
push: true
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache
- name: Build and push docker image for DockerHub
uses: docker/build-push-action@v2
with:
context: .
file: ./Dockerfile.amazonlinux
platforms: linux/amd64,linux/arm64
tags: |
amazon/aws-xray-daemon:${{ github.event.inputs.version }}
amazon/aws-xray-daemon:latest
amazon/aws-xray-daemon:${{ github.event.inputs.major_version }}
push: true
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache
- name: Create Release
id: create_release
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: 'v${{ github.event.inputs.version }}'
release_name: 'AWS X-Ray daemon update v${{ github.event.inputs.version }}'
body: 'Please refer [change-log](https://github.com/aws/aws-xray-daemon/blob/master/CHANGELOG.md) for more details'
draft: true
prerelease: false