Nightly release #355

Workflow file for this run

.github/workflows/nightly.yml at e482b4f

	name: Nightly release

	# Pushes `nightly` image tag as scheduled.

	on:
	workflow_dispatch:
	schedule:
	# Scheduled to run at 4 a.m on every day-of-week from Monday through Friday.
	- cron: "0 4 * * 1-5"

	jobs:
	build-packages:
	name: Build packages
	uses: ./.github/workflows/component_packages.yml
	with:
	pre-release: false
	tag_name: 0.100.${{ github.run_id }}
	secrets: inherit

	build-image:
	name: Build and Push nightly image
	uses: ./.github/workflows/component_image.yml
	with:
	# the packages are created with 0.100.run_id, however we still push the image with nightly
	image-tag: nightly
	push: true
	secrets: inherit

	security-image:
	name: Security scan
	needs: [ build-image ]
	uses: ./.github/workflows/component_image_security.yml
	with:
	# the packages are created with 0.100.run_id, however we still push the image with nightly
	image-tag: nightly
	secrets: inherit

	security-source-code:
	uses: ./.github/workflows/component_security.yml

	upload-packages-s3:
	runs-on: ubuntu-latest
	needs: [ build-packages ]
	name: Upload packages to testing bucket
	steps:
	- uses: actions/checkout@v4
	with:
	fetch-depth: 0

	- uses: actions/download-artifact@v4
	with:
	name: built-binaries
	path: ./

	- name: Publish deb to S3 action
	uses: newrelic/infrastructure-publish-action@v1
	with:
	tag: 0.100.${{ github.run_id }}
	app_name: "newrelic-agent-control"
	repo_name: ${{ github.repository }}
	schema: "custom-local"
	schema_path: "./build/upload-schema-linux-deb-nightly.yml"
	aws_access_key_id: ${{ secrets.OHAI_AWS_ACCESS_KEY_ID_TESTING }}
	aws_secret_access_key: ${{ secrets.OHAI_AWS_SECRET_ACCESS_KEY_TESTING }}
	aws_s3_bucket_name: "nr-downloads-ohai-testing"
	aws_s3_lock_bucket_name: "onhost-ci-lock-testing"
	access_point_host: "testing"
	run_id: ${{ github.run_id }}
	aws_region: "us-east-1"
	aws_role_session_name: ${{ secrets.OHAI_AWS_ROLE_SESSION_NAME_TESTING }}
	aws_role_arn: ${{ secrets.OHAI_AWS_ROLE_ARN_TESTING }}
	# used for signing package stuff
	gpg_passphrase: ${{ secrets.OHAI_GPG_PASSPHRASE }}
	gpg_private_key_base64: ${{ secrets.OHAI_GPG_PRIVATE_KEY_BASE64 }} # base64 encoded
	disable_lock: false
	dest_prefix: "preview/"
	local_packages_path: "/srv/dist/"
	apt_skip_mirror: true

	onhost-e2e:
	uses: ./.github/workflows/component_onhost_e2e.yaml
	needs: [ upload-packages-s3 ]
	with:
	UNIQUE_NAME: "nightly:e2e"
	EC2_FILTERS: '[\"ubuntu22.04\"]'
	REPOSITORY_ENDPOINT: "http://nr-downloads-ohai-testing.s3-website-us-east-1.amazonaws.com/preview"
	PACKAGE_VERSION: 0.100.${{ github.run_id }}
	secrets:
	AWS_ROLE_ARN: ${{ secrets.AWS_ROLE_ARN }}
	AWS_VPC_SUBNET: ${{ secrets.AWS_VPC_SUBNET }}

	k8s-e2e-tests:
	name: K8s e2e tests
	runs-on: ubuntu-22.04
	steps:
	- uses: actions/checkout@v4
	with:
	submodules: true
	- name: Setup Minikube
	uses: manusa/actions-setup-minikube@v2.10.0
	with:
	minikube version: v1.32.0
	kubernetes version: "v1.30.9"
	driver: docker
	- name: Install Tilt
	run: \|
	curl -fsSL https://raw.githubusercontent.com/tilt-dev/tilt/master/scripts/install.sh \| bash
	- name: Obtain Rust version from project
	run: \|
	RUST_VERSION=$(grep "rust-version" Cargo.toml \| cut -d "=" -f2 \| tr -d "[:space:]")
	echo "RUST_VERSION=${RUST_VERSION}" >> $GITHUB_ENV
	- name: Install Rust ${{ env.RUST_VERSION }}
	uses: dtolnay/rust-toolchain@master
	with:
	toolchain: ${{ env.RUST_VERSION }}
	- name: Run k8s e2e-test ${{ matrix.group }}
	uses: newrelic/newrelic-integration-e2e-action@v1
	env:
	# SI L2 for AC
	NR_SYSTEM_IDENTITY_CLIENT_ID: ${{ secrets.AC_PROD_E2E_NR_SYSTEM_IDENTITY_CLIENT_ID }}
	NR_SYSTEM_IDENTITY_PRIVATE_KEY: ${{ secrets.AC_PROD_E2E_NR_SYSTEM_IDENTITY_PRIVATE_KEY }}
	# Tilt configs
	ARCH: amd64
	BUILD_WITH: cargo
	with:
	retry_attempts: 30
	retry_seconds: 30
	agent_enabled: false
	spec_path: test/k8s-e2e/e2e-fleet-control.yml
	account_id: ${{ secrets.AC_PROD_E2E_ACCOUNT_ID }}
	api_key: ${{ secrets.AC_PROD_E2E_API_KEY }}
	license_key: ${{ secrets.AC_PROD_E2E_LICENSE_KEY }}

	k8s_canaries:
	uses: ./.github/workflows/component_k8s_canaries.yml
	needs: [ build-image ]
	with:
	image-tag: nightly
	cluster_name: Agent_Control_Canaries_Staging-Cluster
	# AC Staging Account `k8s-canaries-staging-1` fleet
	fleet_id: "MTIyMTMwNjh8TkdFUHxGTEVFVHwwMTk1ZDE1NC1iNTI0LTdhMTYtYWExYS0wYzQ2Y2VhOGFiMzg"
	canary_dir: "staging"
	secrets:
	AWS_ROLE_ARN: ${{ secrets.AWS_ROLE_ARN }}
	AWS_VPC_SUBNET: ${{ secrets.AWS_VPC_SUBNET }}

	onhost_canaries:
	uses: ./.github/workflows/component_onhost_canaries.yml
	needs: [ build-packages ]
	with:
	environment: staging
	operation: apply
	secrets:
	AWS_ROLE_ARN: ${{ secrets.AWS_ROLE_ARN }}
	AWS_VPC_SUBNET: ${{ secrets.AWS_VPC_SUBNET }}

	notify-failure:
	if: ${{ always() && failure() }}
	needs: [ onhost-e2e, k8s_canaries, security-image, security-source-code, build-image, build-packages, k8s-e2e-tests ]
	runs-on: ubuntu-latest
	steps:
	- name: Notify failure via Slack
	uses: slackapi/slack-github-action@v1.22.0
	with:
	payload: \|
	{
	"text": ":warning: [Nightly workflow failed] @hero check <${{ env.GITHUB_JOB_URL }}>"
	}
	env:
	SLACK_WEBHOOK_URL: ${{ secrets.AC_SLACK_WEBHOOK }}
	GITHUB_JOB_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Nightly release #355

Workflow file

Nightly release #355

Uh oh!

Workflow file for this run