diff --git a/.github/workflows/component_linux_publish.yml b/.github/workflows/component_linux_publish.yml index 84456d1c2..08d5171cc 100644 --- a/.github/workflows/component_linux_publish.yml +++ b/.github/workflows/component_linux_publish.yml @@ -109,3 +109,5 @@ jobs: gpg_passphrase: ${{ env.GPG_PASSPHRASE }} gpg_private_key_base64: ${{ env.GPG_PRIVATE_KEY_BASE64 }} disable_lock: ${{ env.DISABLE_LOCK }} + # TODO: remove after testing + dest_prefix: acabanas_molecule_fips/ diff --git a/.github/workflows/prerelease_linux.yml b/.github/workflows/prerelease_linux.yml index d7ce2192d..cb2f2afb0 100644 --- a/.github/workflows/prerelease_linux.yml +++ b/.github/workflows/prerelease_linux.yml @@ -19,7 +19,7 @@ jobs: DOCKER_HUB_PASSWORD: ${{secrets.OHAI_DOCKER_HUB_PASSWORD}} packaging-amd64: - needs: [unit-test, proxy-tests] + # needs: [unit-test, proxy-tests] uses: ./.github/workflows/component_linux_packaging.yml secrets: DOCKER_HUB_ID: ${{secrets.OHAI_DOCKER_HUB_ID}} @@ -33,7 +33,7 @@ jobs: ARCH: 'amd64' packaging-amd64-fips: - needs: [unit-test, proxy-tests] + # needs: [unit-test, proxy-tests] uses: ./.github/workflows/component_linux_packaging.yml secrets: DOCKER_HUB_ID: ${{secrets.OHAI_DOCKER_HUB_ID}} @@ -48,7 +48,7 @@ jobs: FIPS: true packaging-arm: - needs: [unit-test, proxy-tests] + # needs: [unit-test, proxy-tests] uses: ./.github/workflows/component_linux_packaging.yml secrets: DOCKER_HUB_ID: ${{secrets.OHAI_DOCKER_HUB_ID}} @@ -62,7 +62,7 @@ jobs: ARCH: 'arm' packaging-arm64: - needs: [unit-test, proxy-tests] + # needs: [unit-test, proxy-tests] uses: ./.github/workflows/component_linux_packaging.yml secrets: DOCKER_HUB_ID: ${{secrets.OHAI_DOCKER_HUB_ID}} @@ -76,7 +76,7 @@ jobs: ARCH: 'arm64' packaging-arm64-fips: - needs: [unit-test, proxy-tests] + # needs: [unit-test, proxy-tests] uses: ./.github/workflows/component_linux_packaging.yml secrets: DOCKER_HUB_ID: ${{secrets.OHAI_DOCKER_HUB_ID}} @@ -91,7 +91,7 @@ jobs: FIPS: true packaging-legacy: - needs: [unit-test, proxy-tests] + # needs: [unit-test, proxy-tests] uses: ./.github/workflows/component_linux_packaging.yml secrets: DOCKER_HUB_ID: ${{secrets.OHAI_DOCKER_HUB_ID}} @@ -104,25 +104,25 @@ jobs: TAG: ${{ github.event.release.tag_name }} ARCH: 'legacy' - packaging-docker: - needs: [unit-test, proxy-tests] - uses: ./.github/workflows/component_docker_packaging.yml - secrets: - DOCKER_HUB_ID: ${{secrets.OHAI_DOCKER_HUB_ID}} - DOCKER_HUB_PASSWORD: ${{secrets.OHAI_DOCKER_HUB_PASSWORD}} - GPG_MAIL: 'infrastructure-eng@newrelic.com' - GPG_PASSPHRASE: ${{ secrets.OHAI_GPG_PASSPHRASE }} - GPG_PRIVATE_KEY_BASE64: ${{ secrets.OHAI_GPG_PRIVATE_KEY_BASE64 }} # base64 encoded - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - TAG: ${{ github.event.release.tag_name }} - - docker-trivy-critical: - needs: [packaging-docker] - uses: ./.github/workflows/component_trivy.yml - with: - tag: "${{ github.event.release.tag_name }}-rc" - severity: "CRITICAL" +# packaging-docker: +# needs: [unit-test, proxy-tests] +# uses: ./.github/workflows/component_docker_packaging.yml +# secrets: +# DOCKER_HUB_ID: ${{secrets.OHAI_DOCKER_HUB_ID}} +# DOCKER_HUB_PASSWORD: ${{secrets.OHAI_DOCKER_HUB_PASSWORD}} +# GPG_MAIL: 'infrastructure-eng@newrelic.com' +# GPG_PASSPHRASE: ${{ secrets.OHAI_GPG_PASSPHRASE }} +# GPG_PRIVATE_KEY_BASE64: ${{ secrets.OHAI_GPG_PRIVATE_KEY_BASE64 }} # base64 encoded +# GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} +# with: +# TAG: ${{ github.event.release.tag_name }} +# +# docker-trivy-critical: +# needs: [packaging-docker] +# uses: ./.github/workflows/component_trivy.yml +# with: +# tag: "${{ github.event.release.tag_name }}-rc" +# severity: "CRITICAL" publishing-to-s3: # point to staging after tests @@ -140,7 +140,9 @@ jobs: AWS_ROLE_SESSION_NAME: ${{ secrets.OHAI_AWS_ROLE_SESSION_NAME_STAGING }} with: ACCESS_POINT_HOST: "staging" - SCHEMA_BRANCH: "master" + # TODO: modify to master after testing + # SCHEMA_BRANCH: "master" + SCHEMA_BRANCH: "NR_351326_linux_prerelease_fips" RUN_ID: ${{ github.run_id }} TAG: ${{ github.event.release.tag_name }} AWS_S3_BUCKET_NAME: "nr-downloads-ohai-staging" @@ -154,47 +156,47 @@ jobs: TAG: ${{ github.event.release.tag_name }} REPO_ENDPOINT: "http://nr-downloads-ohai-staging.s3-website-us-east-1.amazonaws.com/infrastructure_agent" - test-prerelease-linux: - needs: [molecule-packaging-tests] - uses: ./.github/workflows/component_prerelease_testing.yml - with: - PLATFORM: "linux" - TAG: ${{ github.event.release.tag_name }} - TAG_OR_UNIQUE_NAME: "${{ github.event.release.tag_name }}-linux" - secrets: - AWS_VPC_SUBNET: ${{secrets.AWS_VPC_SUBNET}} - CROWDSTRIKE_CLIENT_ID: ${{secrets.CROWDSTRIKE_CLIENT_ID}} - CROWDSTRIKE_CLIENT_SECRET: ${{secrets.CROWDSTRIKE_CLIENT_SECRET}} - CROWDSTRIKE_CUSTOMER_ID: ${{secrets.CROWDSTRIKE_CUSTOMER_ID}} - - canaries-linux: - needs: [test-prerelease-linux] - uses: ./.github/workflows/component_canaries.yml - with: - PLATFORM: "linux" - TAG: ${{ github.event.release.tag_name }} - secrets: - AWS_VPC_SUBNET: ${{secrets.AWS_VPC_SUBNET}} - CROWDSTRIKE_CLIENT_ID: ${{secrets.CROWDSTRIKE_CLIENT_ID}} - CROWDSTRIKE_CLIENT_SECRET: ${{secrets.CROWDSTRIKE_CLIENT_SECRET}} - CROWDSTRIKE_CUSTOMER_ID: ${{secrets.CROWDSTRIKE_CUSTOMER_ID}} - - get_previous_tag: - runs-on: ubuntu-latest - outputs: - previous_tag: ${{ steps.previous_tag_step.outputs.PREVIOUS_TAG }} - steps: - - uses: actions/checkout@v2 - - - id: previous_tag_step - run: ./.github/workflows/scripts/previous_version.sh ${{ github.event.release.tag_name }} >> "$GITHUB_OUTPUT" - - prune-previous-canaries-linux: - needs: [canaries-linux, get_previous_tag] - uses: ./.github/workflows/component_canaries_prune.yml - with: - PLATFORM: "linux" - TAG: ${{ needs.get_previous_tag.outputs.previous_tag }} - secrets: - AWS_VPC_SUBNET: ${{secrets.AWS_VPC_SUBNET}} +# test-prerelease-linux: +# needs: [molecule-packaging-tests] +# uses: ./.github/workflows/component_prerelease_testing.yml +# with: +# PLATFORM: "linux" +# TAG: ${{ github.event.release.tag_name }} +# TAG_OR_UNIQUE_NAME: "${{ github.event.release.tag_name }}-linux" +# secrets: +# AWS_VPC_SUBNET: ${{secrets.AWS_VPC_SUBNET}} +# CROWDSTRIKE_CLIENT_ID: ${{secrets.CROWDSTRIKE_CLIENT_ID}} +# CROWDSTRIKE_CLIENT_SECRET: ${{secrets.CROWDSTRIKE_CLIENT_SECRET}} +# CROWDSTRIKE_CUSTOMER_ID: ${{secrets.CROWDSTRIKE_CUSTOMER_ID}} +# +# canaries-linux: +# needs: [test-prerelease-linux] +# uses: ./.github/workflows/component_canaries.yml +# with: +# PLATFORM: "linux" +# TAG: ${{ github.event.release.tag_name }} +# secrets: +# AWS_VPC_SUBNET: ${{secrets.AWS_VPC_SUBNET}} +# CROWDSTRIKE_CLIENT_ID: ${{secrets.CROWDSTRIKE_CLIENT_ID}} +# CROWDSTRIKE_CLIENT_SECRET: ${{secrets.CROWDSTRIKE_CLIENT_SECRET}} +# CROWDSTRIKE_CUSTOMER_ID: ${{secrets.CROWDSTRIKE_CUSTOMER_ID}} +# +# get_previous_tag: +# runs-on: ubuntu-latest +# outputs: +# previous_tag: ${{ steps.previous_tag_step.outputs.PREVIOUS_TAG }} +# steps: +# - uses: actions/checkout@v2 +# +# - id: previous_tag_step +# run: ./.github/workflows/scripts/previous_version.sh ${{ github.event.release.tag_name }} >> "$GITHUB_OUTPUT" +# +# prune-previous-canaries-linux: +# needs: [canaries-linux, get_previous_tag] +# uses: ./.github/workflows/component_canaries_prune.yml +# with: +# PLATFORM: "linux" +# TAG: ${{ needs.get_previous_tag.outputs.previous_tag }} +# secrets: +# AWS_VPC_SUBNET: ${{secrets.AWS_VPC_SUBNET}}