Skip to content

Fix netflow port numbers and start/finish #1198

Fix netflow port numbers and start/finish

Fix netflow port numbers and start/finish #1198

Workflow file for this run

name: Build-develop
on:
workflow_dispatch:
pull_request:
branches:
- develop
push:
branches:
- develop
env:
# Customize the CMake build type here (Release, Debug, RelWithDebInfo, etc.)
BUILD_TYPE: Release
CTEST_OUTPUT_ON_FAILURE: 1
CONAN_NON_INTERACTIVE: 1
CONAN_REVISIONS_ENABLED: 1
jobs:
unit-tests-mac:
# The CMake configure and build commands are platform agnostic and should work equally
# well on Windows or Mac. You can convert this to a matrix build if you need
# cross-platform coverage.
# See: https://docs.github.com/en/free-pro-team@latest/actions/learn-github-actions/managing-complex-workflows#using-a-build-matrix
runs-on: macos-latest
steps:
- uses: actions/checkout@v3
- name: Create Build Environment
# Some projects don't allow in-source building, so create a separate build directory
# We'll use this as our working directory for all subsequent commands
run: cmake -E make_directory ${{github.workspace}}/build
- name: Python Setup
uses: actions/setup-python@v4
with:
python-version: '3.10'
- name: Get Conan
id: conan
uses: turtlebrowser/get-conan@main
with:
version: 1.61.0
- name: Setup OSX Environment
run: echo "SDKROOT=$(xcrun --sdk macosx --show-sdk-path)" >> $GITHUB_ENV
- name: Setup Conan Cache
uses: actions/cache@v3
with:
path: ${{github.workspace}}/build/conan_home/
key: conan-${{ runner.os }}-${{ hashFiles('conanfile.txt', '*/conanfile.txt') }}
restore-keys: conan-${{ runner.os }}-
- name: Configure CMake
# Use a bash shell so we can use the same syntax for environment variable
# access regardless of the host operating system
shell: bash
working-directory: ${{github.workspace}}/build
# Note the current convention is to use the -S and -B options here to specify source
# and build directories, but this is only available with CMake 3.13 and higher.
# The CMake binaries on the Github Actions machines are (as of this writing) 3.12
run: PKG_CONFIG_PATH=${{github.workspace}}/local/lib/pkgconfig cmake $GITHUB_WORKSPACE -DCMAKE_BUILD_TYPE=$BUILD_TYPE
- name: Build
working-directory: ${{github.workspace}}/build
shell: bash
# Execute the build. You can specify a specific target with "--target <NAME>"
run: cmake --build . --config $BUILD_TYPE -- -j 2
- name: Test
working-directory: ${{github.workspace}}/build
shell: bash
# Execute tests defined by the CMake configuration.
# See https://cmake.org/cmake/help/latest/manual/ctest.1.html for more detail
run: ctest -C $BUILD_TYPE
unit-tests-linux:
# The CMake configure and build commands are platform agnostic and should work equally
# well on Windows or Mac. You can convert this to a matrix build if you need
# cross-platform coverage.
# See: https://docs.github.com/en/free-pro-team@latest/actions/learn-github-actions/managing-complex-workflows#using-a-build-matrix
runs-on: ubuntu-latest
outputs:
version_number: ${{ env.VERSION }}
commit_hash: ${{ env.COMMIT }}
steps:
- uses: actions/checkout@v3
- name: Create Build Environment
# Some projects don't allow in-source building, so create a separate build directory
# We'll use this as our working directory for all subsequent commands
run: cmake -E make_directory ${{github.workspace}}/build
- name: Get Conan
# You may pin to the exact commit or the version.
# uses: turtlebrowser/get-conan@4dc7e6dd45c8b1e02e909979d7cfc5ebba6ddbe2
id: conan
uses: turtlebrowser/get-conan@main
with:
version: 1.61.0
- name: linux package install
run: |
sudo apt-get update
sudo apt-get install --yes --no-install-recommends jq
- name: Setup Conan Cache
uses: actions/cache@v3
with:
path: ${{github.workspace}}/build/conan_home/
key: conan-${{ runner.os }}-${{ hashFiles('conanfile.txt', '*/conanfile.txt') }}
restore-keys: conan-${{ runner.os }}-
- name: Configure CMake
# Use a bash shell so we can use the same syntax for environment variable
# access regardless of the host operating system
shell: bash
working-directory: ${{github.workspace}}/build
# Note the current convention is to use the -S and -B options here to specify source
# and build directories, but this is only available with CMake 3.13 and higher.
# The CMake binaries on the Github Actions machines are (as of this writing) 3.12
run: PKG_CONFIG_PATH=${{github.workspace}}/local/lib/pkgconfig cmake $GITHUB_WORKSPACE -DCMAKE_BUILD_TYPE=$BUILD_TYPE
- name: Get VERSION
id: build
run: |
echo "VERSION=`cat ${{github.workspace}}/build/VERSION`" >> $GITHUB_ENV
echo "::set-output name=version::$(cat ${{github.workspace}}/build/VERSION)"
echo "COMMIT=`git rev-parse --short HEAD`" >> $GITHUB_ENV
- name: Build
working-directory: ${{github.workspace}}/build
shell: bash
# Execute the build. You can specify a specific target with "--target <NAME>"
run: cmake --build . --config $BUILD_TYPE -- -j 2
- name: Test
working-directory: ${{github.workspace}}/build
shell: bash
# Execute tests defined by the CMake configuration.
# See https://cmake.org/cmake/help/latest/manual/ctest.1.html for more detail
run: ctest -C $BUILD_TYPE
build-win64:
# The CMake configure and build commands are platform agnostic and should work equally
# well on Windows or Mac. You can convert this to a matrix build if you need
# cross-platform coverage.
# See: https://docs.github.com/en/free-pro-team@latest/actions/learn-github-actions/managing-complex-workflows#using-a-build-matrix
runs-on: windows-2019
outputs:
version_number: ${{ env.VERSION }}
steps:
- uses: actions/checkout@v3
- name: Create Build Environment
# Some projects don't allow in-source building, so create a separate build directory
# We'll use this as our working directory for all subsequent commands
run: cmake -E make_directory ${{github.workspace}}\build
- name: Get Conan
# You may pin to the exact commit or the version.
# uses: turtlebrowser/get-conan@4dc7e6dd45c8b1e02e909979d7cfc5ebba6ddbe2
id: conan
uses: turtlebrowser/get-conan@main
with:
version: 1.61.0
- name: Remove libpcap from conanfile
shell: bash
run: |
sed -i -e "s/libpcap.*//g" "${{github.workspace}}\conanfile.txt"
- name: Setup Conan Cache
uses: actions/cache@v3
with:
path: ${{github.workspace}}/build/conan_home/
key: conan-${{ runner.os }}-${{ hashFiles('conanfile.txt', '*/conanfile.txt') }}
restore-keys: conan-${{ runner.os }}-
- name: Configure CMake
# Use a bash shell so we can use the same syntax for environment variable
# access regardless of the host operating system
shell: bash
working-directory: ${{github.workspace}}\build
# Note the current convention is to use the -S and -B options here to specify source
# and build directories, but this is only available with CMake 3.13 and higher.
# The CMake binaries on the Github Actions machines are (as of this writing) 3.12
run: PKG_CONFIG_PATH=${{github.workspace}}\local\lib\pkgconfig cmake $GITHUB_WORKSPACE -DCMAKE_BUILD_TYPE=$BUILD_TYPE
- name: Get VERSION
shell: pwsh
id: build
run: |
$text = Get-Content ${{github.workspace}}\build\VERSION -Raw
echo "VERSION=$text" >> $env:GITHUB_ENV
- name: Build
working-directory: ${{github.workspace}}\build
shell: bash
# Execute the build. You can specify a specific target with "--target <NAME>"
run: cmake --build . --config $BUILD_TYPE -- -m
# TODO: Fix unit tests for windows platform
#- name: Test
# working-directory: ${{github.workspace}}/build
# shell: bash
# # Execute tests defined by the CMake configuration.
# # See https://cmake.org/cmake/help/latest/manual/ctest.1.html for more detail
# run: ctest -C $BUILD_TYPE
- name: Debug artifacts
shell: pwsh
run: |
Get-ChildItem -Force ${{github.workspace}}
Get-ChildItem -Force ${{github.workspace}}\build
Get-ChildItem -Force ${{github.workspace}}\build\bin
- name: Persist to workspace
uses: actions/upload-artifact@v2
with:
name: windows-build
path: |
${{github.workspace}}\build\bin\pktvisor-reader.exe
${{github.workspace}}\build\bin\pktvisord.exe
${{github.workspace}}\golang\pkg\client\version.go
retention-days: 1
build-cli-win64:
needs: [ build-win64 ]
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Attach to workspace
uses: actions/download-artifact@v3
with:
name: windows-build
- name: Debug artifacts
shell: bash
run: |
ls -lha
- name: Debug artifacts
shell: bash
run: |
ls -lha
mv src pktvisor-src
cp -rpf golang/pkg/client/version.go .
ls -lha
- name: Build pktvisor-cli
uses: ./.github/actions/build-go
with:
context: "."
goos: windows
file: "./Dockerfile"
- name: Debug artifacts
shell: bash
run: |
mv ./pktvisor-cli pktvisor-cli.exe
mv ./build/bin/pktvisord.exe ./pktvisord.exe
mv ./build/bin/pktvisor-reader.exe ./pktvisor-reader.exe
ls -lha
- name: compacting windows binary
run: |
zip pktvisor-win64.zip pktvisor-cli.exe pktvisor-reader.exe pktvisord.exe
ls -lha
package-amd64:
needs: [ unit-tests-linux ]
runs-on: ubuntu-latest
# if this is a push into one of our main branches (rather than just a pull request), we will also package
if: github.event_name != 'pull_request'
outputs:
version_number: ${{ env.VERSION }}
steps:
- uses: actions/checkout@v3
- name: Create Build Environment
run: cmake -E make_directory ${{github.workspace}}/build
- name: Setup Conan Cache
uses: actions/cache@v3
with:
path: ${{github.workspace}}/build/conan_home/
key: conan-${{ runner.os }}-${{ hashFiles('conanfile.txt', '*/conanfile.txt') }}
restore-keys: conan-${{ runner.os }}-
- name: Build pktvisord + push symbol to bugsplat.com
uses: ./.github/actions/build-cpp
with:
context: "."
build_type: "Release"
asan: "OFF"
bugsplat_key: ${{secrets.BUGSPLAT_KEY}}
bugsplat_symbol_url: ${{secrets.BUGSPLAT_SYMBOL_URL}}
bugsplat: "true"
file: "./Dockerfile"
- name: Build pktvisor-cli
uses: ./.github/actions/build-go
with:
context: "."
file: "./Dockerfile"
- name: Debug artifacts
run: ls -lha .
- name: Get VERSION
id: build
run: |
echo "VERSION=${{needs.unit-tests-linux.outputs.version_number}}" >> $GITHUB_ENV
echo "::set-output name=version::$(echo env.VERSION)"
- name: Generate ref tag (develop)
run: |
echo "REF_TAG=latest-develop" >> $GITHUB_ENV
echo "PRERELEASE=true" >> $GITHUB_ENV
echo "DRAFT=false" >> $GITHUB_ENV
- name: Debug ref tag
run: echo ${{ env.REF_TAG }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Login to Docker Hub
uses: docker/login-action@v1
with:
username: ${{ secrets.ORB_DOCKERHUB_USERNAME }}
password: ${{ secrets.ORB_DOCKERHUB_TOKEN }}
- name: Replace token
run: |
sed -i -e "s/CP_TOKEN/${{ secrets.CRASHPAD_TOKEN }}/g" docker/run.sh
- name: Replace escape url
run: |
REPLACE=${{ secrets.BUGSPLAT_CP_URL }}
ESCAPED_REPLACE=$(printf '%s\n' "$REPLACE" | sed -e 's/[\/&]/\\&/g')
sed -i -e "s/CP_URL/$ESCAPED_REPLACE/g" docker/run.sh
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v2
- name: Build + push - pktvisor (multi-arch)
env:
IMAGE_NAME1: orbcommunity/pktvisor
IMAGE_NAME2: ghcr.io/orb-community/pktvisor
uses: docker/build-push-action@v3
with:
builder: ${{ steps.buildx.outputs.name }}
context: .
file: ./docker/Dockerfile.crashhandler
platforms: linux/amd64
tags: ${{ env.IMAGE_NAME1 }}:${{ needs.unit-tests-linux.outputs.version_number }} , ${{ env.IMAGE_NAME1 }}:${{ env.REF_TAG }} , ${{ env.IMAGE_NAME2 }}:amd64-${{needs.unit-tests-linux.outputs.commit_hash}}
outputs: type=docker,dest=/tmp/amd64.tar
- name: Load image
env:
IMAGE_NAME1: orbcommunity/pktvisor
IMAGE_NAME2: ghcr.io/orb-community/pktvisor
run: |
docker load --input /tmp/amd64.tar
docker image ls -a
docker push ${{ env.IMAGE_NAME2 }}:amd64-${{needs.unit-tests-linux.outputs.commit_hash}}
docker push ${{ env.IMAGE_NAME1 }}:${{ env.REF_TAG }}
docker push ${{ env.IMAGE_NAME1 }}:${{ needs.unit-tests-linux.outputs.version_number }}
build-app-image-x64:
needs: [ package-amd64 ]
runs-on: ubuntu-latest
#if: github.event_name != 'pull_request'
steps:
- uses: actions/checkout@v3
- name: Create Build Environment
run: cmake -E make_directory ${{github.workspace}}/build
- name: Get Conan
id: conan
uses: turtlebrowser/get-conan@main
with:
version: 1.61.0
- name: Configure CMake to generate VERSION
shell: bash
working-directory: ${{github.workspace}}/build
run: cmake $GITHUB_WORKSPACE -DCMAKE_BUILD_TYPE=$BUILD_TYPE
- name: Get VERSION
id: build
run: |
echo "VERSION=`cat ${{github.workspace}}/build/VERSION`" >> $GITHUB_ENV
echo "::set-output name=version::$(cat ${{github.workspace}}/build/VERSION)"
- name: Debug version
run: |
echo ${{ env.VERSION }}
echo ${{ steps.build.outputs.version }}
- name: Generate ref tag (develop)
run: |
echo "REF_TAG=latest-develop" >> $GITHUB_ENV
echo "PRERELEASE=true" >> $GITHUB_ENV
echo "DRAFT=false" >> $GITHUB_ENV
- name: Prepare version file
run: |
cp -rpf golang/pkg/client/version.go .
- name: Build pktvisor-cli
uses: ./.github/actions/build-go
with:
context: "."
file: "./Dockerfile"
- name: Debug and Rename artifacts
run: |
ls -lha .
mv pktvisor-cli pktvisor-cli-linux-x86_64-${{ env.VERSION }}
- name: Upload pktvisor-cli artifact
env:
BINARY_NAME: pktvisor-cli-linux-x86_64-${{ env.VERSION }}
uses: actions/upload-artifact@v2
with:
name: ${{ env.BINARY_NAME }}
path: ${{github.workspace}}/${{ env.BINARY_NAME }}
- name: Login to Docker Hub
uses: docker/login-action@v1
with:
username: ${{ secrets.ORB_DOCKERHUB_USERNAME }}
password: ${{ secrets.ORB_DOCKERHUB_TOKEN }}
- name: Build + push - pktvisor-prom-write
env:
IMAGE_NAME: orbcommunity/pktvisor-prom-write
working-directory: ${{github.workspace}}/centralized_collection/prometheus/docker-grafana-agent
run: |
docker build . --file Dockerfile --build-arg PKTVISOR_TAG=${{ env.REF_TAG }} --tag ${{ env.IMAGE_NAME }}:${{ env.VERSION }} --tag ${{ env.IMAGE_NAME }}:${{ env.REF_TAG }}
docker push -a ${{ env.IMAGE_NAME }}
- name: Generate AppImage
env:
IMAGE_NAME: orbcommunity/pktvisor
working-directory: ${{github.workspace}}/appimage
run: |
DEV_IMAGE="${{ env.IMAGE_NAME }}:${{ env.VERSION }}" DEV_MODE=t make pktvisor-x86_64.AppImage
mv pktvisor-x86_64.AppImage pktvisor-x86_64-${{ env.VERSION }}.AppImage
- name: Upload AppImage artifact
uses: actions/upload-artifact@v2
with:
name: pktvisor-x86_64-${{ env.VERSION }}.AppImage
path: ${{github.workspace}}/appimage/pktvisor-x86_64-${{ env.VERSION }}.AppImage
build-orb-agent:
needs: [ package-amd64, unit-tests-mac ]
runs-on: ubuntu-latest
steps:
- name: Repository Dispatch
uses: peter-evans/repository-dispatch@v2
with:
token: ${{ secrets.BOT_TOKEN }}
repository: orb-community/orb
event-type: build-agent
client-payload: '{"branch_name": "develop"}'
spinup-amd64-runner:
needs: [ package-amd64, unit-tests-mac ]
runs-on: ubuntu-latest
outputs:
runner_token: ${{ steps.token.outputs.runner }}
if: github.event_name != 'pull_request'
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Generate runner token
id: token
run: |
sleep 3
curl -X POST -H "authorization: Bearer ${{ secrets.BOT_TOKEN }}" -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/orb-community/pktvisor/actions/runners/registration-token -o token.json
echo "::set-output name=runner::$(cat token.json | jq .token --raw-output )"
cat token.json
- name: Get short commit hash to a variable
id: commit_hash
run: |
echo "::set-output name=sha_short::$(git rev-parse --short HEAD)"
- name: Inject runner token in user_data.sh
run: |
cd .github/hosted-runner/amd64/
ESCAPED_REPLACE_RUNNER_TOKEN=$(printf '%s\n' "${{ steps.token.outputs.runner }}" | sed -e 's/[\/&]/\\&/g')
sed -i -e "s/RUNNER_TOKEN/$ESCAPED_REPLACE_RUNNER_TOKEN/g" user_data.sh
ESCAPED_REPLACE_RUNNER_NAME=$(printf '%s\n' "AMD64-${{ steps.commit_hash.outputs.sha_short }}" | sed -e 's/[\/&]/\\&/g')
sed -i -e "s/AMD64_RUNNER/$ESCAPED_REPLACE_RUNNER_NAME/g" user_data.sh
- name: Inject AWS key
run: |
cd .github/hosted-runner/amd64/
ESCAPED_REPLACE_KEY_ID=$(printf '%s\n' "${{ secrets.AWS_ACCESS_KEY_ID }}" | sed -e 's/[\/&]/\\&/g')
sed -i -e "s/AWSID/$ESCAPED_REPLACE_KEY_ID/g" vars.tf
ESCAPED_REPLACE_ACCESS_KEY=$(printf '%s\n' "${{ secrets.AWS_SECRET_ACCESS_KEY }}" | sed -e 's/[\/&]/\\&/g')
sed -i -e "s/AWSSECRET/$ESCAPED_REPLACE_ACCESS_KEY/g" vars.tf
ESCAPED_REPLACE_ENVIRONMENT=$(printf '%s\n' "${{ needs.package-amd64.outputs.branch_name }}-${{ steps.commit_hash.outputs.sha_short }}-tests" | sed -e 's/[\/&]/\\&/g')
sed -i -e "s/ENVIRONMENT/$ESCAPED_REPLACE_ENVIRONMENT/g" vars.tf
- name: setup terraform
uses: hashicorp/setup-terraform@v2
with:
terraform_version: 1.1.7
terraform_wrapper: false
- name: Terraform Init
run: |
cd .github/hosted-runner/amd64/
terraform init -input=false
- name: Terraform plan
run: |
cd .github/hosted-runner/amd64/
terraform plan -out=tfplan
- name: Terraform apply
run: |
cd .github/hosted-runner/amd64/
terraform apply -auto-approve tfplan
- name: Terraform output
run: |
cd .github/hosted-runner/amd64/
terraform output -raw ip > ip.txt
- name: Persist IP to workspace
uses: actions/upload-artifact@v2
with:
name: ip
path: |
.github/hosted-runner/amd64/ip.txt
retention-days: 1
- name: Persist to workspace
uses: actions/upload-artifact@v2
with:
name: terraform
path: |
.github/hosted-runner/amd64/terraform.tfstate
retention-days: 1
integration-tests:
needs: [ spinup-amd64-runner, package-amd64 ]
runs-on: [self-hosted, linux, x64]
outputs:
commit_hash: ${{ steps.commit_hash.outputs.sha_short }}
# if this is a push into one of our main branches (rather than just a pull request), we will also package
if: github.event_name != 'pull_request'
steps:
- uses: AutoModality/action-clean@v1
- uses: actions/checkout@v3
- name: Locking pktvisor integration test state
run: |
curl -X POST -H "Content-Type: application/x-www-form-urlencoded" -u "${{ secrets.QA_AUTH_CREDENTIALS }}" -d "change=pktvisor-dev&state=active" https://qa.ops.orb.live/api.php
- name: Debug version
run: |
echo ${{ env.VERSION }}
echo ${{ needs.package-amd64.outputs.version_number }}
- name: Prepare test config
run: |
cd ./automated_tests/
mv test_config.ini.tpl test_config.ini
- name: commit hash
id: commit_hash
run: |
echo "::set-output name=sha_short::$(git rev-parse --short HEAD)"
- uses: actions/setup-python@v4
with:
python-version: '3.8'
- name: Test
continue-on-error: true
run: |
cd ./automated_tests/
python3.8 -m venv behave_pktvisor
source behave_pktvisor/bin/activate
sudo pip3 install -r requirements.txt
sudo pip3 install -r requirements.txt
sudo behavex -t=@smoke --parallel-processes=20 --parallel-scheme=scenario
- name: Copy VERSION file
run: |
sudo chmod 777 ./automated_tests/ -R
echo ${{ needs.package-amd64.outputs.version_number }} > ./automated_tests/output/VERSION
- name: Persist to workspace
uses: actions/upload-artifact@v2
with:
name: workspace
path: |
./automated_tests/
!./automated_tests/behave_pktvisor
retention-days: 1
- name: Unlocking pktvisor integration test state
run: |
curl -X POST -H "Content-Type: application/x-www-form-urlencoded" -u "${{ secrets.QA_AUTH_CREDENTIALS }}" -d "change=pktvisor-dev&state=inactive" https://qa.ops.orb.live/api.php
upload-qa-artifact:
needs: [ integration-tests ]
runs-on: ubuntu-latest
if: github.event_name != 'pull_request'
steps:
- name: Attach to workspace
uses: actions/download-artifact@v2
with:
name: workspace
- name: debug files
run: |
ls -lha
- name: Upload pktvisor report to qa host
uses: appleboy/scp-action@master
with:
host: qa.ops.orb.live
username: root
key: ${{ secrets.RUNNER_SSH_KEY }}
port: 2022
source: "./output/*"
target: "/usr/share/nginx/html/test_data/pktvisor/develop/${{ needs.integration-tests.outputs.commit_hash }}/pktvisor/python-test"
remove-github-runner-amd64:
continue-on-error: true
needs: [ spinup-amd64-runner , upload-qa-artifact ]
runs-on: ubuntu-latest
if: github.event_name != 'pull_request'
steps:
- name: Attach to workspace
uses: actions/download-artifact@v2
with:
name: ip
- name: Get runner ip
id: address
run: |
ls -lha
echo "::set-output name=ip::$(cat ip.txt)"
- name: Executing remote ssh commands on runner
uses: appleboy/ssh-action@master
with:
host: ${{ steps.address.outputs.ip }}
username: ubuntu
key: ${{ secrets.RUNNER_SSH_KEY }}
port: 22
script: |
cd /actions-runner
sudo chmod 777 . -R
./config.sh remove --token ${{ needs.spinup-amd64-runner.outputs.runner_token }}
remove-amd64-runner:
needs: [ remove-github-runner-amd64 ]
runs-on: ubuntu-latest
if: github.event_name != 'pull_request'
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Attach to workspace
uses: actions/download-artifact@v2
with:
name: terraform
path: .github/hosted-runner/amd64/
- name: Inject AWS key
run: |
cd .github/hosted-runner/amd64/
ESCAPED_REPLACE_KEY_ID=$(printf '%s\n' "${{ secrets.AWS_ACCESS_KEY_ID }}" | sed -e 's/[\/&]/\\&/g')
sed -i -e "s/AWSID/$ESCAPED_REPLACE_KEY_ID/g" vars.tf
ESCAPED_REPLACE_ACCESS_KEY=$(printf '%s\n' "${{ secrets.AWS_SECRET_ACCESS_KEY }}" | sed -e 's/[\/&]/\\&/g')
sed -i -e "s/AWSSECRET/$ESCAPED_REPLACE_ACCESS_KEY/g" vars.tf
- name: setup terraform
uses: hashicorp/setup-terraform@v2
with:
terraform_version: 1.1.7
- name: Terraform Init
run: |
cd .github/hosted-runner/amd64/
terraform init -input=false
- name: Terraform plan destroy
run: |
cd .github/hosted-runner/amd64/
terraform plan -destroy
continue-on-error: true
- name: Terraform destroy
run: |
cd .github/hosted-runner/amd64/
terraform destroy -auto-approve
spinup-arm64-runner:
needs: [ unit-tests-linux ]
runs-on: ubuntu-latest
outputs:
runner_token: ${{ steps.token.outputs.runner }}
if: github.event_name != 'pull_request'
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Get branch name
shell: bash
run: echo "BRANCH_NAME=$(echo ${GITHUB_REF#refs/heads/} | tr / -)" >> $GITHUB_ENV
- name: Generate runner token
id: token
run: |
curl -X POST -H "authorization: Bearer ${{ secrets.BOT_TOKEN }}" -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/orb-community/pktvisor/actions/runners/registration-token -o token.json
echo "::set-output name=runner::$(cat token.json | jq .token --raw-output )"
cat token.json
- name: commit hash
id: commit_hash
run: |
echo "::set-output name=sha_short::$(git rev-parse --short HEAD)"
- name: Inject runner token in user_data.sh
run: |
cd .github/hosted-runner/arm64/
ESCAPED_REPLACE_RUNNER_TOKEN=$(printf '%s\n' "${{ steps.token.outputs.runner }}" | sed -e 's/[\/&]/\\&/g')
sed -i -e "s/RUNNER_TOKEN/$ESCAPED_REPLACE_RUNNER_TOKEN/g" user_data.sh
ESCAPED_REPLACE_RUNNER_NAME=$(printf '%s\n' "ARM64-${{ steps.commit_hash.outputs.sha_short }}" | sed -e 's/[\/&]/\\&/g')
sed -i -e "s/ARM64_RUNNER/$ESCAPED_REPLACE_RUNNER_NAME/g" user_data.sh
- name: Inject AWS key
run: |
cd .github/hosted-runner/arm64/
ESCAPED_REPLACE_KEY_ID=$(printf '%s\n' "${{ secrets.AWS_ACCESS_KEY_ID }}" | sed -e 's/[\/&]/\\&/g')
sed -i -e "s/AWSID/$ESCAPED_REPLACE_KEY_ID/g" vars.tf
ESCAPED_REPLACE_ACCESS_KEY=$(printf '%s\n' "${{ secrets.AWS_SECRET_ACCESS_KEY }}" | sed -e 's/[\/&]/\\&/g')
sed -i -e "s/AWSSECRET/$ESCAPED_REPLACE_ACCESS_KEY/g" vars.tf
ESCAPED_REPLACE_ENVIRONMENT=$(printf '%s\n' "${{ env.BRANCH_NAME }}-${{ steps.commit_hash.outputs.sha_short }}-package" | sed -e 's/[\/&]/\\&/g')
sed -i -e "s/ENVIRONMENT/$ESCAPED_REPLACE_ENVIRONMENT/g" vars.tf
- name: setup terraform
uses: hashicorp/setup-terraform@v2
with:
terraform_version: 1.1.7
terraform_wrapper: false
- name: Terraform Init
run: |
cd .github/hosted-runner/arm64/
terraform init -input=false
- name: Terraform plan
run: |
cd .github/hosted-runner/arm64/
terraform plan -out=tfplan
- name: Terraform apply
run: |
cd .github/hosted-runner/arm64/
terraform apply -auto-approve tfplan
- name: Terraform output
run: |
cd .github/hosted-runner/arm64/
terraform output -raw ip > ip.txt
- name: Persist IP to workspace
uses: actions/upload-artifact@v2
with:
name: ip-arm
path: |
.github/hosted-runner/arm64/ip.txt
retention-days: 1
- name: Persist to workspace
uses: actions/upload-artifact@v2
with:
name: terraform2
path: |
.github/hosted-runner/arm64/terraform.tfstate
retention-days: 1
package-arm64:
needs: [ unit-tests-linux, spinup-arm64-runner ]
runs-on: [self-hosted, linux, ARM64]
if: github.event_name != 'pull_request'
steps:
- name: cleanup #https://github.com/actions/checkout/issues/211
run: |
sudo chown -R $USER:$USER $GITHUB_WORKSPACE
- name: Checkout
uses: actions/checkout@v3
- name: Create Build Environment
run: cmake -E make_directory ${{github.workspace}}/build
- name: Setup Conan Cache
uses: actions/cache@v3
with:
path: ${{github.workspace}}/build/conan_home/
key: conan-${{ runner.os }}-arm64-${{ hashFiles('conanfile.txt', '*/conanfile.txt') }}
restore-keys: conan-${{ runner.os }}-arm64-
- name: Build pktvisord + push symbol to bugsplat.com
uses: ./.github/actions/build-cpp
with:
context: "."
build_type: "Release"
asan: "OFF"
bugsplat_key: ${{secrets.BUGSPLAT_KEY}}
bugsplat_symbol_url: ${{secrets.BUGSPLAT_SYMBOL_URL}}
bugsplat: "false"
file: "./Dockerfile"
- name: Build pktvisor-cli
uses: ./.github/actions/build-go
with:
context: "."
file: "./Dockerfile"
goarch: "arm64"
- name: Debug artifacts
run: ls -lha .
- name: Generate ref tag (develop)
if: ${{ env.BRANCH_NAME == 'develop' }}
run: |
echo "REF_TAG=latest-develop" >> $GITHUB_ENV
echo "PRERELEASE=false" >> $GITHUB_ENV
echo "DRAFT=true" >> $GITHUB_ENV
- name: Login to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v2
- name: Replace token
run: |
sed -i -e "s/CP_TOKEN/${{ secrets.CRASHPAD_TOKEN }}/g" docker/run.sh
- name: Replace escape url
run: |
REPLACE=${{ secrets.BUGSPLAT_CP_URL }}
ESCAPED_REPLACE=$(printf '%s\n' "$REPLACE" | sed -e 's/[\/&]/\\&/g')
sed -i -e "s/CP_URL/$ESCAPED_REPLACE/g" docker/run.sh
- name: Build + push - pktvisor (multi-arch)
id: docker_build
env:
IMAGE_NAME: ghcr.io/orb-community/pktvisor
uses: docker/build-push-action@v3
with:
builder: ${{ steps.buildx.outputs.name }}
context: .
file: ./docker/Dockerfile.crashhandler
platforms: linux/arm64
tags: ${{ env.IMAGE_NAME }}:arm64-${{needs.unit-tests-linux.outputs.commit_hash}}
outputs: type=docker,dest=/tmp/arm64.tar
- name: Load image
env:
IMAGE_NAME: ghcr.io/orb-community/pktvisor
run: |
docker load --input /tmp/arm64.tar
docker image ls -a
docker push ${{ env.IMAGE_NAME }}:arm64-${{needs.unit-tests-linux.outputs.commit_hash}}
remove-github-runner-arm64:
continue-on-error: true
needs: [ spinup-arm64-runner, package-arm64 ]
runs-on: ubuntu-latest
if: github.event_name != 'pull_request'
steps:
- name: Attach to workspace
uses: actions/download-artifact@v2
with:
name: ip-arm
- name: Get runner ip
id: address
run: |
ls -lha
echo "::set-output name=ip::$(cat ip.txt)"
- name: Executing remote ssh commands on runner
uses: appleboy/ssh-action@master
with:
host: ${{ steps.address.outputs.ip }}
username: ubuntu
key: ${{ secrets.RUNNER_SSH_KEY }}
port: 22
script: |
cd /actions-runner
sudo chmod 777 . -R
./config.sh remove --token ${{ needs.spinup-arm64-runner.outputs.runner_token }}
remove-arm64-runner:
needs: [ remove-github-runner-arm64 ]
runs-on: ubuntu-latest
if: github.event_name != 'pull_request'
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Attach to workspace
uses: actions/download-artifact@v2
with:
name: terraform2
path: .github/hosted-runner/arm64/
- name: Inject AWS key
run: |
cd .github/hosted-runner/arm64/
ESCAPED_REPLACE_KEY_ID=$(printf '%s\n' "${{ secrets.AWS_ACCESS_KEY_ID }}" | sed -e 's/[\/&]/\\&/g')
sed -i -e "s/AWSID/$ESCAPED_REPLACE_KEY_ID/g" vars.tf
ESCAPED_REPLACE_ACCESS_KEY=$(printf '%s\n' "${{ secrets.AWS_SECRET_ACCESS_KEY }}" | sed -e 's/[\/&]/\\&/g')
sed -i -e "s/AWSSECRET/$ESCAPED_REPLACE_ACCESS_KEY/g" vars.tf
- name: setup terraform
uses: hashicorp/setup-terraform@v2
with:
terraform_version: 1.1.7
- name: Terraform Init
run: |
cd .github/hosted-runner/arm64/
terraform init -input=false
- name: Terraform plan destroy
run: |
cd .github/hosted-runner/arm64/
terraform plan -destroy
continue-on-error: true
- name: Terraform destroy
run: |
cd .github/hosted-runner/arm64/
terraform destroy -auto-approve
pushing-manifests:
needs: [ unit-tests-linux, remove-github-runner-arm64 ]
runs-on: ubuntu-latest
if: github.event_name != 'pull_request'
steps:
- name: Login to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Create docker manifest
run: |
docker manifest create ghcr.io/orb-community/pktvisor:latest-develop \
ghcr.io/orb-community/pktvisor:amd64-${{needs.unit-tests-linux.outputs.commit_hash}} \
ghcr.io/orb-community/pktvisor:arm64-${{needs.unit-tests-linux.outputs.commit_hash}}
- name: Push manifest to ghcr.io
run: |
docker manifest push ghcr.io/orb-community/pktvisor:latest-develop
- name: Install skopeo
run: |
sudo apt-get update
sudo apt-get install -y skopeo
- name: Login skopeo to ghcr
run: |
sudo skopeo login -u ${{ github.repository_owner }} -p ${{ secrets.GITHUB_TOKEN }} ghcr.io
- name: Login skopeo to dockerhub
run: |
sudo skopeo login -u ${{ secrets.DOCKERHUB_USERNAME }} -p ${{ secrets.DOCKERHUB_TOKEN }} docker.io
- name: Copy from ghcr.io to docker.io
run: |
sudo skopeo copy \
--all \
docker://ghcr.io/orb-community/pktvisor:latest-develop \
docker://docker.io/orbcommunity/pktvisor:latest-develop
sudo skopeo copy \
--all \
docker://ghcr.io/orb-community/pktvisor:latest-develop \
docker://docker.io/orbcommunity/pktvisor:develop
sudo skopeo copy \
--all \
docker://ghcr.io/orb-community/pktvisor:latest-develop \
docker://docker.io/orbcommunity/pktvisor:${{ needs.unit-tests-linux.outputs.version_number }}
- name: Delete arm64 images from ghcr.io
uses: bots-house/ghcr-delete-image-action@v1.0.0
with:
owner: orb-community
name: pktvisor
token: ${{ secrets.GITHUB_TOKEN }}
tag: arm64-${{needs.unit-tests-linux.outputs.commit_hash}}
- name: Delete amd64 images from ghcr.io
uses: bots-house/ghcr-delete-image-action@v1.0.0
with:
owner: orb-community
name: pktvisor
token: ${{ secrets.GITHUB_TOKEN }}
tag: amd64-${{needs.unit-tests-linux.outputs.commit_hash}}
- name: Delete latest-develop images from ghcr.io
uses: bots-house/ghcr-delete-image-action@v1.0.0
with:
owner: orb-community
name: pktvisor
token: ${{ secrets.GITHUB_TOKEN }}
tag: latest-develop