Deploy to staging #8
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: Deploy to staging | |
on: | |
push: | |
tags: | |
- '*' | |
workflow_dispatch: | |
inputs: | |
version: | |
description: Version of Fluent Bit to build | |
required: true | |
default: master | |
target: | |
description: Only build a specific Linux target, intended for debug/test/quick builds only. | |
required: false | |
default: "" | |
ignore_failing_targets: | |
description: Optionally ignore any failing builds in the matrix and continue. | |
type: boolean | |
required: false | |
default: false | |
# We do not want a new staging build to run whilst we are releasing the current staging build. | |
# We also do not want multiples to run for the same version. | |
concurrency: staging-build-release | |
jobs: | |
# This job strips off the `v` at the start of any tag provided. | |
# It then provides this metadata for the other jobs to use. | |
staging-build-get-meta: | |
name: Get metadata to build | |
runs-on: ubuntu-latest | |
outputs: | |
version: ${{ steps.formatted_version.outputs.replaced }} | |
steps: | |
- run: | | |
echo "Version: ${{ inputs.version || github.ref_name }}" | |
shell: bash | |
# This step is to consolidate the three different triggers into a single "version" | |
# 1. If manual dispatch - use the version provided. | |
# 2. If cron/regular build - use master. | |
# 3. If tag trigger, use that tag. | |
- name: Get the version | |
id: get_version | |
run: | | |
VERSION="${INPUT_VERSION}" | |
if [ -z "${VERSION}" ]; then | |
echo "Defaulting to master" | |
VERSION=master | |
fi | |
echo "VERSION=$VERSION" >> $GITHUB_OUTPUT | |
shell: bash | |
env: | |
# Use the dispatch variable in preference, if empty use the context ref_name which should | |
# only ever be a tag or the master branch for cron builds. | |
INPUT_VERSION: ${{ inputs.version || github.ref_name }} | |
# String the 'v' prefix for tags. | |
- uses: frabert/[email protected] | |
id: formatted_version | |
with: | |
pattern: '[v]*(.*)$' | |
string: "${{ steps.get_version.outputs.VERSION }}" | |
replace-with: '$1' | |
flags: 'g' | |
staging-build-images: | |
needs: staging-build-get-meta | |
uses: ./.github/workflows/call-build-images.yaml | |
with: | |
version: ${{ needs.staging-build-get-meta.outputs.version }} | |
ref: ${{ inputs.version || github.ref_name }} | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
image: ${{ github.repository }}/staging | |
environment: staging | |
secrets: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
cosign_private_key: ${{ secrets.COSIGN_PRIVATE_KEY }} | |
cosign_private_key_password: ${{ secrets.COSIGN_PASSWORD }} | |
staging-build-upload-schema-s3: | |
needs: | |
- staging-build-get-meta | |
- staging-build-images | |
runs-on: ubuntu-latest | |
environment: staging | |
steps: | |
- name: Download the schema generated by call-build-images | |
# We may have no schema so ignore that failure | |
continue-on-error: true | |
uses: actions/download-artifact@v4 | |
with: | |
name: fluent-bit-schema-${{ needs.staging-build-get-meta.outputs.version }} | |
path: artifacts/ | |
- name: Display structure of downloaded files | |
run: | | |
ls -R artifacts/ | |
shell: bash | |
- name: Push schema to S3 bucket | |
# We may have no schema so ignore that failure | |
continue-on-error: true | |
run: | | |
aws s3 sync "artifacts/" "s3://${AWS_S3_BUCKET}/${DEST_DIR}" --no-progress | |
env: | |
DEST_DIR: "${{ needs.staging-build-get-meta.outputs.version }}/" | |
AWS_REGION: "us-east-1" | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
AWS_S3_BUCKET: ${{ secrets.AWS_S3_BUCKET_STAGING }} | |
staging-build-generate-matrix: | |
name: Staging build matrix | |
runs-on: ubuntu-latest | |
outputs: | |
build-matrix: ${{ steps.set-matrix.outputs.build-matrix }} | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
# Set up the list of target to build so we can pass the JSON to the reusable job | |
- uses: ./.github/actions/generate-package-build-matrix | |
id: set-matrix | |
with: | |
ref: ${{ inputs.version || github.ref_name }} | |
target: ${{ inputs.target || '' }} | |
staging-build-packages: | |
needs: | |
- staging-build-get-meta | |
- staging-build-generate-matrix | |
uses: ./.github/workflows/call-build-linux-packages.yaml | |
with: | |
version: ${{ needs.staging-build-get-meta.outputs.version }} | |
ref: ${{ inputs.version || github.ref_name }} | |
build_matrix: ${{ needs.staging-build-generate-matrix.outputs.build-matrix }} | |
environment: staging | |
ignore_failing_targets: ${{ inputs.ignore_failing_targets || false }} | |
secrets: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
bucket: ${{ secrets.AWS_S3_BUCKET_STAGING }} | |
access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} | |
gpg_private_key_passphrase: ${{ secrets.GPG_PRIVATE_KEY_PASSPHRASE }} | |
staging-build-windows-packages: | |
needs: | |
- staging-build-get-meta | |
uses: ./.github/workflows/call-build-windows.yaml | |
with: | |
version: ${{ needs.staging-build-get-meta.outputs.version }} | |
ref: ${{ inputs.version || github.ref_name }} | |
environment: staging | |
secrets: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
bucket: ${{ secrets.AWS_S3_BUCKET_STAGING }} | |
access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
staging-build-macos-packages: | |
needs: | |
- staging-build-get-meta | |
uses: ./.github/workflows/call-build-macos.yaml | |
with: | |
version: ${{ needs.staging-build-get-meta.outputs.version }} | |
ref: ${{ inputs.version || github.ref_name }} | |
environment: staging | |
secrets: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
bucket: ${{ secrets.AWS_S3_BUCKET_STAGING }} | |
access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} |