pre-release #179

Workflow file for this run

.github/workflows/prerelease.yml at 0d5047e

	#permissions:
	# contents: read

	on:
	release:
	types:
	- prereleased

	# See https://docs.github.com/en/actions/using-jobs/using-concurrency
	name: pre-release
	jobs:
	build-packages:
	name: Build packages
	uses: ./.github/workflows/component_packages.yml
	with:
	pre-release: true
	tag_name: ${{ github.event.release.tag_name }}
	secrets: inherit

	build-image:
	name: Build and Push container image
	uses: ./.github/workflows/component_image.yml
	with:
	image-tag: ${{ github.event.release.tag_name }}-rc
	# The binary remains the same between the rc and released image
	# so here we burn the final released one.
	ac-version: ${{ github.event.release.tag_name }}
	push: true
	secrets: inherit

	security-scan:
	name: Security scan
	needs: [ build-image ]
	uses: ./.github/workflows/component_image_security.yml
	with:
	image-tag: ${{ github.event.release.tag_name }}-rc
	secrets: inherit

	upload:
	runs-on: ubuntu-latest
	name: Upload to S3
	needs: [ build-packages ]
	steps:
	- uses: actions/checkout@v4
	with:
	fetch-depth: 0

	#download release assets
	- name: Download release
	run: gh release download ${{ github.event.release.tag_name }} --dir ./dist/
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	- name: Publish deb to S3 action
	uses: newrelic/infrastructure-publish-action@v1
	with:
	tag: ${{ github.event.release.tag_name }}
	app_name: "newrelic-agent-control"
	repo_name: ${{ github.repository }}
	schema: "custom-local"
	schema_path: "/srv/build/upload-schema-linux-deb.yml"
	aws_access_key_id: ${{ secrets.TMP_OHAI_AWS_ACCESS_KEY_ID_STAGING }}
	aws_secret_access_key: ${{ secrets.TMP_OHAI_AWS_SECRET_ACCESS_KEY_STAGING }}
	aws_s3_bucket_name: "nr-downloads-ohai-staging"
	aws_s3_lock_bucket_name: "onhost-ci-lock-staging"
	access_point_host: "staging"
	run_id: ${{ github.run_id }}
	aws_region: "us-east-1"
	aws_role_session_name: ${{ secrets.TMP_OHAI_AWS_ROLE_SESSION_NAME_STAGING }}
	aws_role_arn: ${{ secrets.TMP_OHAI_AWS_ROLE_ARN_STAGING }}
	# used for signing package stuff
	gpg_passphrase: ${{ secrets.OHAI_GPG_PASSPHRASE }}
	gpg_private_key_base64: ${{ secrets.OHAI_GPG_PRIVATE_KEY_BASE64 }} # base64 encoded
	disable_lock: false
	dest_prefix: "preview/"
	local_packages_path: "/srv/dist/"
	apt_skip_mirror: false

	- name: Publish rpm to S3 action
	uses: newrelic/infrastructure-publish-action@v1
	with:
	tag: ${{ github.event.release.tag_name }}
	app_name: "newrelic-agent-control"
	repo_name: ${{ github.repository }}
	schema: "custom-local"
	schema_path: "/srv/build/upload-schema-linux-rpm.yml"
	aws_access_key_id: ${{ secrets.TMP_OHAI_AWS_ACCESS_KEY_ID_STAGING }}
	aws_secret_access_key: ${{ secrets.TMP_OHAI_AWS_SECRET_ACCESS_KEY_STAGING }}
	aws_s3_bucket_name: "nr-downloads-ohai-staging"
	aws_s3_lock_bucket_name: "onhost-ci-lock-staging"
	access_point_host: "staging"
	run_id: ${{ github.run_id }}
	aws_region: "us-east-1"
	aws_role_session_name: ${{ secrets.TMP_OHAI_AWS_ROLE_SESSION_NAME_STAGING }}
	aws_role_arn: ${{ secrets.TMP_OHAI_AWS_ROLE_ARN_STAGING }}
	# used for signing package stuff
	gpg_passphrase: ${{ secrets.OHAI_GPG_PASSPHRASE }}
	gpg_private_key_base64: ${{ secrets.OHAI_GPG_PRIVATE_KEY_BASE64 }} # base64 encoded
	disable_lock: false
	dest_prefix: "preview/"
	local_packages_path: "/srv/dist/"
	apt_skip_mirror: false

	molecule-packaging-tests:
	uses: ./.github/workflows/component_molecule_packaging.yml
	needs: [ upload ]
	with:
	TAG: ${{ github.event.inputs.tag \|\| github.event.release.tag_name }}
	PACKAGE_NAME: "newrelic-agent-control"
	REPO_ENDPOINT: "http://nr-downloads-ohai-staging.s3-website-us-east-1.amazonaws.com/preview"

	onhost-e2e:
	uses: ./.github/workflows/component_onhost_e2e.yaml
	secrets:
	NR_SYSTEM_IDENTITY_CLIENT_ID: ${{ secrets.AC_PROD_E2E_NR_SYSTEM_IDENTITY_CLIENT_ID }}
	NR_SYSTEM_IDENTITY_PRIVATE_KEY: ${{ secrets.AC_PROD_E2E_NR_SYSTEM_IDENTITY_PRIVATE_KEY }}
	E2E_ACCOUNT_ID: ${{ secrets.AC_PROD_E2E_ACCOUNT_ID }}
	E2E_API_KEY: ${{ secrets.AC_PROD_E2E_API_KEY }}
	E2E_LICENSE_KEY: ${{ secrets.AC_PROD_E2E_LICENSE_KEY }}

	k8s-e2e-tests:
	uses: ./.github/workflows/component_k8s_e2e.yml
	with:
	scenarios: '["infra", "apm", "collector", "fleet-control", "ebpf", "dynamic", "custom-repo", "proxy"]'
	# Network policies needs calico installed, the others do not
	minikube_start_args: '--cni=calico'
	secrets:
	NR_SYSTEM_IDENTITY_CLIENT_ID: ${{ secrets.AC_PROD_E2E_NR_SYSTEM_IDENTITY_CLIENT_ID }}
	NR_SYSTEM_IDENTITY_PRIVATE_KEY: ${{ secrets.AC_PROD_E2E_NR_SYSTEM_IDENTITY_PRIVATE_KEY }}
	E2E_ACCOUNT_ID: ${{ secrets.AC_PROD_E2E_ACCOUNT_ID }}
	E2E_API_KEY: ${{ secrets.AC_PROD_E2E_API_KEY }}
	E2E_LICENSE_KEY: ${{ secrets.AC_PROD_E2E_LICENSE_KEY }}

	k8s_canaries:
	uses: ./.github/workflows/component_k8s_canaries.yml
	needs: [ build-image ]
	with:
	image-tag: ${{ github.event.release.tag_name }}-rc
	cluster_name: Agent_Control_Canaries_Production-Cluster
	# AC US Production Account `k8s-canaries-production` fleet
	fleet_id: "NjQyNTg2NXxOR0VQfEZMRUVUfDAxOTVlYzZhLTYwNjItNzZiZS1iOWE0LTA4MzZlZmE2MGY4YQ"
	canary_dir: "production"
	secrets:
	AWS_ROLE_ARN: ${{ secrets.AWS_ROLE_ARN }}
	AWS_VPC_SUBNET: ${{ secrets.AWS_VPC_SUBNET }}

	onhost_canaries:
	uses: ./.github/workflows/component_onhost_canaries.yml
	needs: [ upload ]
	with:
	environment: production
	operation: apply
	package_version: ${{ github.event.inputs.tag \|\| github.event.release.tag_name }}
	secrets:
	AWS_ROLE_ARN: ${{ secrets.AWS_ROLE_ARN }}
	AWS_VPC_SUBNET: ${{ secrets.AWS_VPC_SUBNET }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

pre-release #179

Workflow file

pre-release #179

Uh oh!

Workflow file for this run