Set name #52
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | ||
| name: OpenTelemetry | ||
| # Build AWS OpenTelemetry Collector Docker image and push to Amazon ECR | ||
| on: | ||
| push: | ||
| paths: | ||
| - .github/workflows/otel.yml | ||
| - deploy/aws-otel-collector.Dockerfile | ||
| - 'otel/*' | ||
| # pull_request: | ||
| # # branches: [main] | ||
| # types: [opened,synchronize,reopened,labeled,unlabeled] | ||
| concurrency: | ||
| group: ${{ github.workflow }}-${{ github.ref }}-otel | ||
| cancel-in-progress: true | ||
| env: | ||
| # Name of image | ||
| IMAGE_NAME: aws-otel-collector | ||
| # Name of org in GHCR Docker repository (must be lowercase) | ||
| IMAGE_OWNER: ${{ github.repository_owner }} | ||
| # IMAGE_OWNER: cogini | ||
| # AWS ECR Docker repo "org" name (may be blank, otherwise must have trailing slash) | ||
| ECR_IMAGE_OWNER: cogini/ | ||
| # ECR_IMAGE_OWNER: '' | ||
| # Tag for release images, used to find the latest deployed image. | ||
| # IMAGE_TAG: ${{ (github.ref == 'refs/heads/main' && 'staging') || (github.ref == 'refs/heads/qa' && 'qa') }} | ||
| IMAGE_TAG: latest | ||
| IMAGE_VER: ${{ github.sha }} | ||
| # Registry for internal images | ||
| REGISTRY: ghcr.io/ | ||
| # Registry for public images, default (blank) is docker.io | ||
| # PUBLIC_REGISTRY: '' | ||
| # Assume that base image has been synced to local registry | ||
| PUBLIC_REGISTRY: 'ghcr.io/' | ||
| # Git "main" branch. This might be "master" for old repos | ||
| MAIN_BRANCH: main | ||
| # GitHub Environment secrets and variables | ||
| # Docker Hub credentials to pull base images without rate limits | ||
| # secrets.DOCKERHUB_USERNAME | ||
| # secrets.DOCKERHUB_TOKEN | ||
| # AWS Account | ||
| # secrets.AWS_ACCOUNT_ID | ||
| # AWS default region | ||
| # vars.AWS_REGION | ||
| # AWS role allowing GitHub Actions to access resources and deploy | ||
| # secrets.AWS_ROLE_TO_ASSUME: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/foo-${{ environment }}-github-action-role | ||
| # GitHub Advanced Security, free for open source, otherwise a paid feature | ||
| # https://docs.github.com/en/get-started/learning-about-github/about-github-advanced-security | ||
| # https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning | ||
| # https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github | ||
| # Docker | ||
| DOCKER_BUILDKIT: '1' | ||
| DOCKER_FILE: deploy/aws-otel-collector.Dockerfile | ||
| jobs: | ||
| build-otel: | ||
| name: Build otel image | ||
| permissions: | ||
| id-token: write | ||
| contents: read | ||
| packages: write | ||
| runs-on: ubuntu-latest | ||
| environment: ${{ (github.ref_name == 'main' && 'staging') || (github.ref_name == 'qa' && 'qa') || (github.ref_name == 'prod' && 'production') }} | ||
| env: | ||
| AWS_ENABLED: '1' | ||
| steps: | ||
| - name: Log in to Docker Hub | ||
| uses: docker/login-action@v4 | ||
| with: | ||
| username: ${{ secrets.DOCKERHUB_USERNAME }} | ||
| password: ${{ secrets.DOCKERHUB_TOKEN }} | ||
| - name: Configure AWS credentials | ||
| if: env.AWS_ENABLED == '1' | ||
| uses: aws-actions/configure-aws-credentials@v6 | ||
| with: | ||
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | ||
| aws-region: ${{ vars.AWS_REGION }} | ||
| - name: Log in to Amazon ECR | ||
| if: env.AWS_ENABLED == '1' | ||
| id: ecr-login | ||
| uses: aws-actions/amazon-ecr-login@v2 | ||
| - name: Set vars | ||
| if: env.AWS_ENABLED == '1' | ||
| run: echo "ECR_REGISTRY=${{ steps.ecr-login.outputs.registry }}" >> "$GITHUB_ENV" | ||
| - name: Set vars | ||
| run: echo "NOW=$(date -u +%Y-%m-%dT%H:%M:%SZ)" >> "$GITHUB_ENV" | ||
| - name: Check out source | ||
| uses: actions/checkout@v6 | ||
| - name: Set variables | ||
| id: vars | ||
| shell: bash | ||
| run: | | ||
| echo "GITHUB_SHA_SHORT=${GITHUB_SHA::7}" >> "$GITHUB_ENV" | ||
| echo "run_id=${GITHUB_RUN_ID}" >> "$GITHUB_OUTPUT" | ||
| echo "run_num=${GITHUB_RUN_NUMBER}" >> "$GITHUB_OUTPUT" | ||
| - name: Get branch name | ||
| shell: bash | ||
| run: echo "BRANCH=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" >> "$GITHUB_ENV" | ||
| - name: Set up Docker buildx | ||
| id: buildx | ||
| uses: docker/setup-buildx-action@v3 | ||
| with: | ||
| driver-opts: network=host | ||
| - name: Build image and push | ||
| if: env.AWS_ENABLED == '1' | ||
| uses: docker/build-push-action@v6 | ||
| env: | ||
| # REGISTRY: "${{ env.ECR_REGISTRY }}/" | ||
| AWS_REGION: "${{ vars.AWS_REGION }}" | ||
| # https://hub.docker.com/r/amazon/aws-otel-collector/tags | ||
| BASE_IMAGE_TAG: 'v0.47.0 | ||
| with: | ||
| file: ${{ env.DOCKER_FILE }} | ||
| context: . | ||
| builder: ${{ steps.buildx.outputs.name }} | ||
| push: true | ||
| cache-from: type=gha,scope=${{ github.workflow }}-otel-${{ github.ref_name }} | ||
| cache-to: type=gha,scope=${{ github.workflow }}-otel-${{ github.ref_name }},mode=max | ||
| no-cache: ${{ github.run_attempt != '1' }} | ||
| # ssh: default | ||
| # https://github.com/opencontainers/image-spec/blob/main/annotations.md | ||
| # https://kubernetes.io/docs/concepts/overview/working-with-objects/common-labels/ | ||
| labels: | | ||
| org.opencontainers.image.source=https://github.com/${{ github.repository }} | ||
| org.opencontainers.image.created=${{ env.NOW }} | ||
| org.opencontainers.image.revision=${{ github.sha }} | ||
| org.opencontainers.image.version=${{ github.run_number }} | ||
| app.kubernetes.io/name=${{ env.IMAGE_NAME }} | ||
| app.kubernetes.io/part-of=${{ github.repository }} | ||
| app.kubernetes.io/version=${{ github.run_number }} | ||
| tags: | | ||
| ${{ env.ECR_REGISTRY }}/${{ env.ECR_IMAGE_OWNER }}${{ env.IMAGE_NAME }}:${{ github.sha }} | ||
| ${{ env.ECR_REGISTRY }}/${{ env.ECR_IMAGE_OWNER }}${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }} | ||
