From 6dfdbf5835996e80b23158a661ea9464de2ca79d Mon Sep 17 00:00:00 2001 From: dfeldick Date: Tue, 7 May 2024 14:05:43 -0700 Subject: [PATCH 01/10] APIGOV-27843 - allow for pre-release tags --- .gitlab-ci.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 24fa8ec..502f878 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -73,7 +73,7 @@ twistlock-discovery:on-schedule: - !reference [.mirror-schedule-csr-rules, rules] dependencies: [] before_script: - - !reference [.get-last-tag, script] + - !reference [.get-agent-last-tag, script] - echo "Using the last tagged version ${LAST_TAG_VERSION}" - export IMAGE_NAME=ghcr.io/axway/kong_discovery_agent:${LAST_TAG_VERSION} - docker pull ${IMAGE_NAME} @@ -84,7 +84,7 @@ twistlock-traceability:on-schedule: - !reference [.mirror-schedule-csr-rules, rules] dependencies: [] before_script: - - !reference [.get-last-tag, script] + - !reference [.get-agent-last-tag, script] - echo "Using the last tagged version ${LAST_TAG_VERSION}" - export IMAGE_NAME=ghcr.io/axway/kong_traceability_agent:${LAST_TAG_VERSION} - docker pull ${IMAGE_NAME} @@ -93,7 +93,7 @@ blackduck:on-schedule: rules: - !reference [.mirror-schedule-csr-rules, rules] before_script: - - !reference [.get-last-tag, script] + - !reference [.get-agent-last-tag, script] # overridden from csrjobs.yml because mirror repos like this one don't get merge events fortify: From 97fcc9e972422bec33e8f1c355b9576b8c2fef32 Mon Sep 17 00:00:00 2001 From: dfeldick Date: Wed, 8 May 2024 07:41:28 -0700 Subject: [PATCH 02/10] APIGOV-27843 - account for pre-release tags --- .gitlab-ci.yml | 6 ++++++ release.sh | 7 +++++++ 2 files changed, 13 insertions(+) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 502f878..bcaf7db 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -72,6 +72,9 @@ twistlock-discovery:on-schedule: rules: - !reference [.mirror-schedule-csr-rules, rules] dependencies: [] + variables: + # need to override this variable for github agents because the tag willneed the 'v' if it exists + NO_V_RELEASE_TAG_REGEX: "^v?[0-9]{1,}\\.[0-9]{1,}\\.[0-9]{1,}$" before_script: - !reference [.get-agent-last-tag, script] - echo "Using the last tagged version ${LAST_TAG_VERSION}" @@ -83,6 +86,9 @@ twistlock-traceability:on-schedule: rules: - !reference [.mirror-schedule-csr-rules, rules] dependencies: [] + variables: + # need to override this variable for github agents because the tag willneed the 'v' if it exists + NO_V_RELEASE_TAG_REGEX: "^v?[0-9]{1,}\\.[0-9]{1,}\\.[0-9]{1,}$" before_script: - !reference [.get-agent-last-tag, script] - echo "Using the last tagged version ${LAST_TAG_VERSION}" diff --git a/release.sh b/release.sh index 48c2c0d..8b41b39 100755 --- a/release.sh +++ b/release.sh @@ -43,6 +43,13 @@ get_sdk_version() } post_to_teams() { + # don't post if this is a pre-release tag + pat='[0-9]+\.[0-9]+\.[0-9]+-' + if [[ ${TAG} =~ $pat ]]; then + echo "This is an interim release... skipping the post to Teams" + return 0 + fi + rel_date=$(date +'%m/%d/%Y') JSON="{ \"@type\": \"MessageCard\", From abefe830e0542a7dc120cce51039a65887d48638 Mon Sep 17 00:00:00 2001 From: dfeldick Date: Wed, 8 May 2024 07:43:44 -0700 Subject: [PATCH 03/10] APIGOV-27843 - fix typo --- .gitlab-ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index bcaf7db..ddddc19 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -73,7 +73,7 @@ twistlock-discovery:on-schedule: - !reference [.mirror-schedule-csr-rules, rules] dependencies: [] variables: - # need to override this variable for github agents because the tag willneed the 'v' if it exists + # need to override this variable for github agents because the tag will need the 'v' if it exists NO_V_RELEASE_TAG_REGEX: "^v?[0-9]{1,}\\.[0-9]{1,}\\.[0-9]{1,}$" before_script: - !reference [.get-agent-last-tag, script] @@ -87,7 +87,7 @@ twistlock-traceability:on-schedule: - !reference [.mirror-schedule-csr-rules, rules] dependencies: [] variables: - # need to override this variable for github agents because the tag willneed the 'v' if it exists + # need to override this variable for github agents because the tag will need the 'v' if it exists NO_V_RELEASE_TAG_REGEX: "^v?[0-9]{1,}\\.[0-9]{1,}\\.[0-9]{1,}$" before_script: - !reference [.get-agent-last-tag, script] From 293b85ccd13c2730b6a25bd53be967475b5183df Mon Sep 17 00:00:00 2001 From: dfeldick Date: Fri, 10 May 2024 09:23:48 -0700 Subject: [PATCH 04/10] APIGOV-27565 - refactor --- .../{test-and-build.yml => build-agents.yml} | 26 ++-- .../build-discovery-agent-docker.yml | 50 -------- .github/workflows/build-docker-images.yml | 121 ++++++++++++++++++ .../build-traceability-agent-docker.yml | 50 -------- .github/workflows/create-tag-for-release.yml | 3 +- .github/workflows/package-helm-chart.yml | 15 +-- .github/workflows/run-tests.yml | 21 +++ build/traceability/Dockerfile | 18 ++- 8 files changed, 162 insertions(+), 142 deletions(-) rename .github/workflows/{test-and-build.yml => build-agents.yml} (58%) delete mode 100644 .github/workflows/build-discovery-agent-docker.yml create mode 100644 .github/workflows/build-docker-images.yml delete mode 100644 .github/workflows/build-traceability-agent-docker.yml create mode 100644 .github/workflows/run-tests.yml diff --git a/.github/workflows/test-and-build.yml b/.github/workflows/build-agents.yml similarity index 58% rename from .github/workflows/test-and-build.yml rename to .github/workflows/build-agents.yml index 2162e8d..9fd0bca 100644 --- a/.github/workflows/test-and-build.yml +++ b/.github/workflows/build-agents.yml @@ -1,25 +1,14 @@ -name: Build Kong Agents +name: Build agents on: push: - branches: [main, "APIGOV-*"] + branches: [main, "*"] jobs: - test: - env: - GOFLAGS: "-mod=mod" - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Set up Go - uses: actions/setup-go@v5 - with: - go-version: 1.21 - - name: Test - working-directory: . - run: | - make test + testAgents: + uses: ./.github/workflows/run-tests.yml - build: + buildAgents: + needs: testAgents env: GOFLAGS: "-mod=mod" VERSION: ${{ github.ref_name }} @@ -27,14 +16,17 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 + - name: Set up Go uses: actions/setup-go@v5 with: go-version: 1.21 + - name: Build discovery agent working-directory: . run: | make build-da + - name: Build traceability agent working-directory: . run: | diff --git a/.github/workflows/build-discovery-agent-docker.yml b/.github/workflows/build-discovery-agent-docker.yml deleted file mode 100644 index eb6e8a5..0000000 --- a/.github/workflows/build-discovery-agent-docker.yml +++ /dev/null @@ -1,50 +0,0 @@ -name: Kong Discovery Agent Docker -on: - push: - tags: - - v*.*.* - -jobs: - build: - env: - GOFLAGS: "-mod=mod" - IMAGE_NAME: kong_discovery_agent - ORG_NAME: Axway - VERSION: ${{ github.ref_name }} - COMMIT_ID: ${{ github.sha }} - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Log in to the Container registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Set output - id: vars - run: | - echo "date=$(date +'%Y%m%d%H%M%S')" >> $GITHUB_OUTPUT - echo "tag=${GITHUB_REF#refs/*/}" >> $GITHUB_OUTPUT - echo "sdkversion=$(grep github.com/Axway/agent-sdk go.mod | awk '{print $2}')" >> $GITHUB_OUTPUT - echo "commit=$(git rev-parse --short ${{ github.sha }})" >> $GITHUB_OUTPUT - - name: Extract metadata (tags, labels) for Docker - id: meta - uses: docker/metadata-action@v5 - with: - flavor: latest=false - images: ghcr.io/${{ env.ORG_NAME }}/${{ env.IMAGE_NAME }} - - name: Build and push Docker image - uses: docker/build-push-action@v5 - with: - context: . - file: build/discovery/Dockerfile - push: true - build-args: | - time=${{ steps.vars.outputs.date }} - CGO_ENABLED=0 - version=${{ steps.vars.outputs.tag }} - sdk_version=${{ steps.vars.outputs.sdkversion }} - commit_id=${{ steps.vars.outputs.commit }} - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} diff --git a/.github/workflows/build-docker-images.yml b/.github/workflows/build-docker-images.yml new file mode 100644 index 0000000..d1e270a --- /dev/null +++ b/.github/workflows/build-docker-images.yml @@ -0,0 +1,121 @@ +# build the docker images when a tag is created +name: Build docker images + +on: + push: + tags: + - "*" + +jobs: + testAgents: + uses: ./.github/workflows/run-tests.yml + + buildDiscoveryAgentDocker: + needs: testAgents + env: + GOFLAGS: "-mod=mod" + IMAGE_NAME: kong_discovery_agent + ORG_NAME: Axway + VERSION: ${{ github.ref_name }} + COMMIT_ID: ${{ github.sha }} + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Set output + id: vars + run: | + echo "date=$(date +'%Y%m%d%H%M%S')" >> $GITHUB_OUTPUT + echo "tag=${GITHUB_REF#refs/*/}" >> $GITHUB_OUTPUT + echo "sdkversion=$(grep github.com/Axway/agent-sdk go.mod | awk '{print $2}')" >> $GITHUB_OUTPUT + echo "commit=$(git rev-parse --short ${{ github.sha }})" >> $GITHUB_OUTPUT + + - name: Log in to the Container registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v5 + with: + flavor: latest=false + images: ghcr.io/${{ env.ORG_NAME }}/${{ env.IMAGE_NAME }} + + - name: Build and push Docker image + uses: docker/build-push-action@v5 + with: + context: . + file: build/discovery/Dockerfile + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + build-args: | + time=${{ steps.vars.outputs.date }} + CGO_ENABLED=0 + version=${{ steps.vars.outputs.tag }} + sdk_version=${{ steps.vars.outputs.sdkversion }} + commit_id=${{ steps.vars.outputs.commit }} + + buildTraceabilityAgentDocker: + needs: testAgents + env: + GOFLAGS: "-mod=mod" + IMAGE_NAME: kong_traceability_agent + ORG_NAME: Axway + VERSION: ${{ github.ref_name }} + COMMIT_ID: ${{ github.sha }} + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Log in to the Container registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Set outputs + id: vars + run: | + echo "date=$(date +'%Y%m%d%H%M%S')" >> $GITHUB_OUTPUT + echo "tag=${GITHUB_REF#refs/*/}" >> $GITHUB_OUTPUT + echo "sdkversion=$(grep github.com/Axway/agent-sdk go.mod | awk '{print $2}')" >> $GITHUB_OUTPUT + echo "commit=$(git rev-parse --short ${{ github.sha }})" >> $GITHUB_OUTPUT + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v5 + with: + flavor: latest=false + images: ghcr.io/${{ env.ORG_NAME }}/${{ env.IMAGE_NAME }} + + - name: Build and push Docker image + uses: docker/build-push-action@v5 + with: + context: . + file: build/traceability/Dockerfile + push: true + build-args: | + time=${{ steps.vars.outputs.date }} + CGO_ENABLED=0 + version=${{ steps.vars.outputs.tag }} + sdk_version=${{ steps.vars.outputs.sdkversion }} + commit_id=${{ steps.vars.outputs.commit }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + + notifyTeamsChannel: + runs-on: ubuntu-latest + needs: [buildDiscoveryAgentDocker, buildTraceabilityAgentDocker] + steps: + - uses: actions/checkout@v4 + - name: Notify Teams channel + env: + TEAMS_WEBHOOK_URL: ${{ secrets.TEAMS_WEBHOOK_URL }} + TAG: ${{ github.ref_name }} + run: ./release.sh + \ No newline at end of file diff --git a/.github/workflows/build-traceability-agent-docker.yml b/.github/workflows/build-traceability-agent-docker.yml deleted file mode 100644 index 8ba375b..0000000 --- a/.github/workflows/build-traceability-agent-docker.yml +++ /dev/null @@ -1,50 +0,0 @@ -name: Kong Traceability Agent Docker -on: - push: - tags: - - v*.*.* - -jobs: - build: - env: - GOFLAGS: "-mod=mod" - IMAGE_NAME: kong_traceability_agent - ORG_NAME: Axway - VERSION: ${{ github.ref_name }} - COMMIT_ID: ${{ github.sha }} - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Log in to the Container registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Set output - id: vars - run: | - echo "date=$(date +'%Y%m%d%H%M%S')" >> $GITHUB_OUTPUT - echo "tag=${GITHUB_REF#refs/*/}" >> $GITHUB_OUTPUT - echo "sdkversion=$(grep github.com/Axway/agent-sdk go.mod | awk '{print $2}')" >> $GITHUB_OUTPUT - echo "commit=$(git rev-parse --short ${{ github.sha }})" >> $GITHUB_OUTPUT - - name: Extract metadata (tags, labels) for Docker - id: meta - uses: docker/metadata-action@v5 - with: - flavor: latest=false - images: ghcr.io/${{ env.ORG_NAME }}/${{ env.IMAGE_NAME }} - - name: Build and push Docker image - uses: docker/build-push-action@v5 - with: - context: . - file: build/traceability/Dockerfile - push: true - build-args: | - time=${{ steps.vars.outputs.date }} - CGO_ENABLED=0 - version=${{ steps.vars.outputs.tag }} - sdk_version=${{ steps.vars.outputs.sdkversion }} - commit_id=${{ steps.vars.outputs.commit }} - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} diff --git a/.github/workflows/create-tag-for-release.yml b/.github/workflows/create-tag-for-release.yml index 078df1d..0292747 100644 --- a/.github/workflows/create-tag-for-release.yml +++ b/.github/workflows/create-tag-for-release.yml @@ -1,4 +1,4 @@ -# This action gets triggered by a closed PR on branch named 'APIGOV-UpdateSDK' +# This action gets triggered by a closed PR name: Create tag for release on: @@ -7,6 +7,7 @@ on: - closed jobs: + # only run this job if the merge name is "APIGOV-UpdateSDK", which comes from the automated release if_SDK_update_merged: if: github.event.pull_request.merged == true && startsWith(github.head_ref, 'APIGOV-UpdateSDK') runs-on: ubuntu-latest diff --git a/.github/workflows/package-helm-chart.yml b/.github/workflows/package-helm-chart.yml index d9bf24d..847de60 100644 --- a/.github/workflows/package-helm-chart.yml +++ b/.github/workflows/package-helm-chart.yml @@ -2,7 +2,7 @@ name: Kong Agents Helm on: push: tags: - - v*.*.* + - "*" jobs: helm-archive: @@ -28,16 +28,3 @@ jobs: repo_token: ${{ secrets.GITHUB_TOKEN }} file: kong-agents.tgz tag: ${{ github.ref_name }} - - notifyTeamsChannel: - needs: [helm-archive] - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - - name: Notify Teams channel - env: - TEAMS_WEBHOOK_URL: ${{ secrets.TEAMS_WEBHOOK_URL }} - TAG: ${{ github.ref_name }} - run: ./release.sh - \ No newline at end of file diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml new file mode 100644 index 0000000..b79fb11 --- /dev/null +++ b/.github/workflows/run-tests.yml @@ -0,0 +1,21 @@ +# This action is shared by workflows that want to run the unit tests +name: Test the agents + +on: + workflow_call + +jobs: + test: + env: + GOFLAGS: "-mod=mod" + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: 1.21 + - name: Test + working-directory: . + run: | + make test diff --git a/build/traceability/Dockerfile b/build/traceability/Dockerfile index c6c0ee6..9b520b0 100644 --- a/build/traceability/Dockerfile +++ b/build/traceability/Dockerfile @@ -8,13 +8,12 @@ ARG sdk_version ARG time ARG CGO_ENABLED -ENV GOFLAGS "-mod=mod" -ENV GOWORK "off" - RUN apk --no-cache update && \ apk --no-cache add -U build-base ENV BASEPATH=/go/src/github.com/Axway/agents-kong +ENV APP_USER axway + RUN mkdir -p ${BASEPATH} WORKDIR ${BASEPATH} @@ -36,13 +35,15 @@ RUN --mount=type=cache,target=/root/.cache/go-build \ -a -o /traceability_agent ${BASEPATH}/pkg/traceability/main/agent.go # Create non-root user -RUN addgroup -g 2500 axway && adduser -u 2500 -D -G axway axway -RUN chown -R axway:axway /traceability_agent -USER axway +RUN addgroup -g 2500 ${APP_USER} && adduser -u 2500 -D -G ${APP_USER} ${APP_USER} +RUN chown -R ${APP_USER}:${APP_USER} /traceability_agent +USER ${APP_USER} # alpine 3.19 linux/amd64 FROM docker.io/alpine@sha256:13b7e62e8df80264dbb747995705a986aa530415763a6c58f84a3ca8af9a5bcd +ENV APP_USER axway + COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt COPY --from=builder /etc/passwd /etc/passwd COPY --from=builder /traceability_agent /kong_traceability_agent @@ -53,10 +54,7 @@ RUN mkdir /keys /logs && \ apk --no-cache add openssl libssl3 libcrypto3 musl musl-utils libc6-compat busybox curl && \ find / -perm /6000 -type f -exec chmod a-s {} \; || true -USER axway - +USER ${APP_USER} VOLUME ["/keys", "/logs"] - HEALTHCHECK --retries=1 CMD /kong_traceability_agent --status || exit 1 - ENTRYPOINT ["/kong_traceability_agent"] \ No newline at end of file From 907eb37ae2722b14ce82fb02042a2260c73b26a7 Mon Sep 17 00:00:00 2001 From: dfeldick Date: Fri, 10 May 2024 09:45:03 -0700 Subject: [PATCH 05/10] APIGOV-27565 - fix --- .github/workflows/build-docker-images.yml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/build-docker-images.yml b/.github/workflows/build-docker-images.yml index d1e270a..5bd14da 100644 --- a/.github/workflows/build-docker-images.yml +++ b/.github/workflows/build-docker-images.yml @@ -71,13 +71,6 @@ jobs: steps: - uses: actions/checkout@v4 - - name: Log in to the Container registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Set outputs id: vars run: | @@ -86,6 +79,13 @@ jobs: echo "sdkversion=$(grep github.com/Axway/agent-sdk go.mod | awk '{print $2}')" >> $GITHUB_OUTPUT echo "commit=$(git rev-parse --short ${{ github.sha }})" >> $GITHUB_OUTPUT + - name: Log in to the Container registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Extract metadata (tags, labels) for Docker id: meta uses: docker/metadata-action@v5 @@ -99,14 +99,14 @@ jobs: context: . file: build/traceability/Dockerfile push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} build-args: | time=${{ steps.vars.outputs.date }} CGO_ENABLED=0 version=${{ steps.vars.outputs.tag }} sdk_version=${{ steps.vars.outputs.sdkversion }} commit_id=${{ steps.vars.outputs.commit }} - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} notifyTeamsChannel: runs-on: ubuntu-latest From 9fcf86cf4522d8f9cecd37d044b768f14d5c5648 Mon Sep 17 00:00:00 2001 From: dfeldick Date: Fri, 10 May 2024 10:30:57 -0700 Subject: [PATCH 06/10] APIGOV-27565 - cleanup --- .github/workflows/build-agents.yml | 6 +-- .github/workflows/build-docker-images.yml | 41 +++++++++++++++----- .github/workflows/create-tag-for-release.yml | 6 +-- .github/workflows/package-helm-chart.yml | 30 -------------- .github/workflows/run-tests.yml | 1 + 5 files changed, 39 insertions(+), 45 deletions(-) delete mode 100644 .github/workflows/package-helm-chart.yml diff --git a/.github/workflows/build-agents.yml b/.github/workflows/build-agents.yml index 9fd0bca..befa8ea 100644 --- a/.github/workflows/build-agents.yml +++ b/.github/workflows/build-agents.yml @@ -16,17 +16,17 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - + - name: Set up Go uses: actions/setup-go@v5 with: go-version: 1.21 - + - name: Build discovery agent working-directory: . run: | make build-da - + - name: Build traceability agent working-directory: . run: | diff --git a/.github/workflows/build-docker-images.yml b/.github/workflows/build-docker-images.yml index 5bd14da..f8fa90a 100644 --- a/.github/workflows/build-docker-images.yml +++ b/.github/workflows/build-docker-images.yml @@ -29,21 +29,21 @@ jobs: echo "tag=${GITHUB_REF#refs/*/}" >> $GITHUB_OUTPUT echo "sdkversion=$(grep github.com/Axway/agent-sdk go.mod | awk '{print $2}')" >> $GITHUB_OUTPUT echo "commit=$(git rev-parse --short ${{ github.sha }})" >> $GITHUB_OUTPUT - + - name: Log in to the Container registry uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - + - name: Extract metadata (tags, labels) for Docker id: meta uses: docker/metadata-action@v5 with: flavor: latest=false images: ghcr.io/${{ env.ORG_NAME }}/${{ env.IMAGE_NAME }} - + - name: Build and push Docker image uses: docker/build-push-action@v5 with: @@ -70,7 +70,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - + - name: Set outputs id: vars run: | @@ -78,21 +78,21 @@ jobs: echo "tag=${GITHUB_REF#refs/*/}" >> $GITHUB_OUTPUT echo "sdkversion=$(grep github.com/Axway/agent-sdk go.mod | awk '{print $2}')" >> $GITHUB_OUTPUT echo "commit=$(git rev-parse --short ${{ github.sha }})" >> $GITHUB_OUTPUT - + - name: Log in to the Container registry uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - + - name: Extract metadata (tags, labels) for Docker id: meta uses: docker/metadata-action@v5 with: flavor: latest=false images: ghcr.io/${{ env.ORG_NAME }}/${{ env.IMAGE_NAME }} - + - name: Build and push Docker image uses: docker/build-push-action@v5 with: @@ -108,9 +108,33 @@ jobs: sdk_version=${{ steps.vars.outputs.sdkversion }} commit_id=${{ steps.vars.outputs.commit }} + archiveHelm: + needs: testAgents + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: olegtarasov/get-tag@v2.1.3 + id: tagName + with: + tagRegex: "v(.*)" + tagRegexGroup: 1 + - name: Update chart versions + run: | + sed helm/kong-agents/Chart.yaml -i -e "s/^appVersion.*/appVersion:\ \"v${GIT_TAG_NAME}\"/" + sed helm/kong-agents/Chart.yaml -i -e "s/^version.*/version:\ ${GIT_TAG_NAME}/" + - name: Archive chart + run: | + tar czf kong-agents.tgz -C helm/kong-agents . + - name: Upload chart to release + uses: svenstaro/upload-release-action@v2 + with: + repo_token: ${{ secrets.GITHUB_TOKEN }} + file: kong-agents.tgz + tag: ${{ github.ref_name }} + notifyTeamsChannel: runs-on: ubuntu-latest - needs: [buildDiscoveryAgentDocker, buildTraceabilityAgentDocker] + needs: [buildDiscoveryAgentDocker, buildTraceabilityAgentDocker, archiveHelm] steps: - uses: actions/checkout@v4 - name: Notify Teams channel @@ -118,4 +142,3 @@ jobs: TEAMS_WEBHOOK_URL: ${{ secrets.TEAMS_WEBHOOK_URL }} TAG: ${{ github.ref_name }} run: ./release.sh - \ No newline at end of file diff --git a/.github/workflows/create-tag-for-release.yml b/.github/workflows/create-tag-for-release.yml index 0292747..ef16ffe 100644 --- a/.github/workflows/create-tag-for-release.yml +++ b/.github/workflows/create-tag-for-release.yml @@ -5,7 +5,7 @@ on: pull_request: types: - closed - + jobs: # only run this job if the merge name is "APIGOV-UpdateSDK", which comes from the automated release if_SDK_update_merged: @@ -20,12 +20,12 @@ jobs: # by default, this action creates a tag with a 'v' prefix, and bumps the patch version. # See https://github.com/mathieudutour/github-tag-action to customize these rules. github_token: ${{ secrets.ACTION_ACCESS_TOKEN }} - + - name: Show the new tag run: | echo "previous tag ${{ steps.tag_version.outputs.previous_tag }} echo "new tag ${{ steps.tag_version.outputs.new_tag }} - + - name: Create a GitHub release uses: ncipollo/release-action@v1 with: diff --git a/.github/workflows/package-helm-chart.yml b/.github/workflows/package-helm-chart.yml deleted file mode 100644 index 847de60..0000000 --- a/.github/workflows/package-helm-chart.yml +++ /dev/null @@ -1,30 +0,0 @@ -name: Kong Agents Helm -on: - push: - tags: - - "*" - -jobs: - helm-archive: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - uses: olegtarasov/get-tag@v2.1.3 - id: tagName - with: - tagRegex: "v(.*)" - tagRegexGroup: 1 - - name: Update chart versions - run: | - - sed helm/kong-agents/Chart.yaml -i -e "s/^appVersion.*/appVersion:\ \"v${GIT_TAG_NAME}\"/" - sed helm/kong-agents/Chart.yaml -i -e "s/^version.*/version:\ ${GIT_TAG_NAME}/" - - name: Archive chart - run: | - tar czf kong-agents.tgz -C helm/kong-agents . - - name: Upload chart to release - uses: svenstaro/upload-release-action@v2 - with: - repo_token: ${{ secrets.GITHUB_TOKEN }} - file: kong-agents.tgz - tag: ${{ github.ref_name }} diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index b79fb11..6271ee1 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -19,3 +19,4 @@ jobs: working-directory: . run: | make test + From f170188f12f93aa7322f5b4d391a48f3ad353c9f Mon Sep 17 00:00:00 2001 From: dfeldick Date: Fri, 10 May 2024 15:43:29 -0700 Subject: [PATCH 07/10] APIGOV-00000 - fix regex --- .github/workflows/fully-automated-release.yml | 4 ++-- Makefile | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/fully-automated-release.yml b/.github/workflows/fully-automated-release.yml index 10d65e6..da51666 100644 --- a/.github/workflows/fully-automated-release.yml +++ b/.github/workflows/fully-automated-release.yml @@ -22,7 +22,7 @@ jobs: - name: Get latest SDK version run: | - export LATEST_REMOTE_TAG_CMD="git ls-remote --tags --refs --sort='version:refname' REMOTE_REPO | grep -Eo 'v?[0-9]{1,}\.[0-9]{1,}\.[0-9]{1,3}$' | tail -1" + export LATEST_REMOTE_TAG_CMD="git ls-remote --tags --refs --sort='version:refname' REMOTE_REPO | grep -Eo 'v?[0-9]{1,}\.[0-9]{1,}\.[0-9]{1,}$' | tail -1" REMOTE_REPO_PATH="https://github.com/Axway/agent-sdk" CMD=${LATEST_REMOTE_TAG_CMD/"REMOTE_REPO"/${REMOTE_REPO_PATH}} export SDK_VERSION=$(eval $CMD) @@ -42,7 +42,7 @@ jobs: title: 'APIGOV-UpdateSDK - Update to SDK ${{ env.SDK_VERSION }}' delete-branch: true reviewers: dfeldick - + - name: Enable Pull Request Automerge run: gh pr merge APIGOV-UpdateSDK --admin --merge --subject "Merge branch APIGOV-UpdateSDK" env: diff --git a/Makefile b/Makefile index b8b6d78..d21c17d 100644 --- a/Makefile +++ b/Makefile @@ -5,7 +5,7 @@ WORKSPACE ?= $$(pwd) GO_PKG_LIST := $(shell go list ./... | grep -v /mock) PROJECT_NAME := agents-kong TIME := $(shell date +%Y%m%d%H%M%S) -VERSION := $(shell git tag -l --sort='version:refname' | grep -Eo '[0-9]{1,}\.[0-9]{1,}\.[0-9]{1,3}$$' | tail -1) +VERSION := $(shell git tag -l --sort='version:refname' | grep -Eo '[0-9]{1,}\.[0-9]{1,}\.[0-9]{1,}$$' | tail -1) CGO_ENABLED := 0 COMMIT_ID := $(shell git rev-parse --short HEAD) SDK_VERSION := $(shell go list -m github.com/Axway/agent-sdk | awk '{print $$2}' | awk -F'-' '{print substr($$1, 2)}') @@ -23,7 +23,7 @@ test: dep test-s: dep @go vet ${GO_PKG_LIST} @go test -race -short -coverprofile=${WORKSPACE}/gocoverage.out -count=1 ${GO_PKG_LIST} - + clean: @rm -rf ./bin/ @mkdir -p ./bin @@ -43,7 +43,7 @@ dep-version: @echo "$(sdk)" @export version=$(sdk) && make update-sdk && make dep -dep-sdk: +dep-sdk: @make sdk=main dep-version update-sdk: From e20477c81c474ef215b6b071b302254394a315e0 Mon Sep 17 00:00:00 2001 From: dfeldick Date: Mon, 13 May 2024 11:09:19 -0700 Subject: [PATCH 08/10] APIGOV-00001 - use refname --- .github/workflows/build-docker-images.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-docker-images.yml b/.github/workflows/build-docker-images.yml index f8fa90a..29899d9 100644 --- a/.github/workflows/build-docker-images.yml +++ b/.github/workflows/build-docker-images.yml @@ -26,7 +26,7 @@ jobs: id: vars run: | echo "date=$(date +'%Y%m%d%H%M%S')" >> $GITHUB_OUTPUT - echo "tag=${GITHUB_REF#refs/*/}" >> $GITHUB_OUTPUT + echo "tag=${{github.ref_name }}" >> $GITHUB_OUTPUT echo "sdkversion=$(grep github.com/Axway/agent-sdk go.mod | awk '{print $2}')" >> $GITHUB_OUTPUT echo "commit=$(git rev-parse --short ${{ github.sha }})" >> $GITHUB_OUTPUT @@ -75,7 +75,7 @@ jobs: id: vars run: | echo "date=$(date +'%Y%m%d%H%M%S')" >> $GITHUB_OUTPUT - echo "tag=${GITHUB_REF#refs/*/}" >> $GITHUB_OUTPUT + echo "tag=${{github.ref_name }}" >> $GITHUB_OUTPUT echo "sdkversion=$(grep github.com/Axway/agent-sdk go.mod | awk '{print $2}')" >> $GITHUB_OUTPUT echo "commit=$(git rev-parse --short ${{ github.sha }})" >> $GITHUB_OUTPUT From 32703ae0db174b098dfc17721c96ee90e26af3a0 Mon Sep 17 00:00:00 2001 From: Dragos Gabriel Ghinea <142506926+dgghinea@users.noreply.github.com> Date: Wed, 15 May 2024 10:54:08 +0300 Subject: [PATCH 09/10] APIGOV-27848 - published transactions logger (#100) * APIGOV-27848 - published transactions logger * mr updates * go mod updates * add other properties --- build/traceability/kong_traceability_agent.yml | 6 ++++++ go.mod | 2 +- go.sum | 2 ++ 3 files changed, 9 insertions(+), 1 deletion(-) diff --git a/build/traceability/kong_traceability_agent.yml b/build/traceability/kong_traceability_agent.yml index 60049fc..1aa2850 100644 --- a/build/traceability/kong_traceability_agent.yml +++ b/build/traceability/kong_traceability_agent.yml @@ -66,6 +66,12 @@ kong_traceability_agent: keepfiles: ${LOG_METRICFILE_KEEPFILES:7} rotateeverybytes: ${LOG_METRICFILE_ROTATEEVERYBYTES:10485760} cleanbackups: ${LOG_METRICFILE_CLEANBACKUPS:0} + usagefile: + enabled: ${LOG_USAGEFILE_ENABLED:true} + name: ${LOG_USAGEFILE_NAME:usagefile.log} + keepfiles: ${LOG_USAGEFILE_KEEPFILES:7} + rotateeverybytes: ${LOG_USAGEFILE_ROTATEEVERYBYTES:10485760} + cleanbackups: ${LOG_USAGEFILE_CLEANBACKUPSEVERY:365} # Send output to Central Database output.traceability: diff --git a/go.mod b/go.mod index 9338a76..73db66b 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,7 @@ go 1.21 toolchain go1.21.3 require ( - github.com/Axway/agent-sdk v1.1.82 + github.com/Axway/agent-sdk v1.1.83-0.20240509142904-bce138a65bf7 github.com/elastic/beats/v7 v7.17.20 github.com/google/uuid v1.6.0 github.com/kong/go-kong v0.47.0 diff --git a/go.sum b/go.sum index 2203ea0..cb94c21 100644 --- a/go.sum +++ b/go.sum @@ -38,6 +38,8 @@ cloud.google.com/go/storage v1.14.0/go.mod h1:GrKmX003DSIwi9o29oFT7YDnHYwZoctc3f dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= github.com/Axway/agent-sdk v1.1.82 h1:5uYYPLiGC6HQEyhdzeqYOOx6xZ5I8cfwM9b5aHvvOGs= github.com/Axway/agent-sdk v1.1.82/go.mod h1:J6qtxUMHiQochUtEFd+opCerMXbcGWC52HRHACTjOJc= +github.com/Axway/agent-sdk v1.1.83-0.20240509142904-bce138a65bf7 h1:E+SSLGGtXE+lAinihsr7OuJr+SJlm0EwXY/ExsAibXA= +github.com/Axway/agent-sdk v1.1.83-0.20240509142904-bce138a65bf7/go.mod h1:J6qtxUMHiQochUtEFd+opCerMXbcGWC52HRHACTjOJc= github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 h1:w+iIsaOQNcT7OZ575w+acHgRric5iCyQh+xv+KJ4HB8= github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8= github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= From ef4e78f7dfb865310ce32c6034cb1d7f2ca326e3 Mon Sep 17 00:00:00 2001 From: dfeldick <40580732+dfeldick@users.noreply.github.com> Date: Fri, 17 May 2024 16:50:23 +0000 Subject: [PATCH 10/10] Update to SDK v1.1.83 --- go.mod | 2 +- go.sum | 6 ++---- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/go.mod b/go.mod index 73db66b..0eef86b 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,7 @@ go 1.21 toolchain go1.21.3 require ( - github.com/Axway/agent-sdk v1.1.83-0.20240509142904-bce138a65bf7 + github.com/Axway/agent-sdk v1.1.83 github.com/elastic/beats/v7 v7.17.20 github.com/google/uuid v1.6.0 github.com/kong/go-kong v0.47.0 diff --git a/go.sum b/go.sum index cb94c21..183ed4d 100644 --- a/go.sum +++ b/go.sum @@ -36,10 +36,8 @@ cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RX cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= cloud.google.com/go/storage v1.14.0/go.mod h1:GrKmX003DSIwi9o29oFT7YDnHYwZoctc3fOKtUw0Xmo= dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= -github.com/Axway/agent-sdk v1.1.82 h1:5uYYPLiGC6HQEyhdzeqYOOx6xZ5I8cfwM9b5aHvvOGs= -github.com/Axway/agent-sdk v1.1.82/go.mod h1:J6qtxUMHiQochUtEFd+opCerMXbcGWC52HRHACTjOJc= -github.com/Axway/agent-sdk v1.1.83-0.20240509142904-bce138a65bf7 h1:E+SSLGGtXE+lAinihsr7OuJr+SJlm0EwXY/ExsAibXA= -github.com/Axway/agent-sdk v1.1.83-0.20240509142904-bce138a65bf7/go.mod h1:J6qtxUMHiQochUtEFd+opCerMXbcGWC52HRHACTjOJc= +github.com/Axway/agent-sdk v1.1.83 h1:DfkWZZV+HlMgC1PH/zU23YQbp38cKlhYhlS33kiC4No= +github.com/Axway/agent-sdk v1.1.83/go.mod h1:J6qtxUMHiQochUtEFd+opCerMXbcGWC52HRHACTjOJc= github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 h1:w+iIsaOQNcT7OZ575w+acHgRric5iCyQh+xv+KJ4HB8= github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8= github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24=