fix: Fix IdentityManagerTest and add salt to hashing algorithm #45
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow builds the agent and creates a multi-arch image for it. | |
# The image is then pushed to Docker Hub. | |
# | |
# The workflow consists of the following jobs: | |
# 1. build-agent-jar: Builds the agent and uploads the resulting JAR as an artifact. | |
# 2. dependency-submission: Generate a dependency graph. | |
# 2. build-docker-images: Builds a Docker image for multiple platforms with the matrix strategy. | |
# 3. merge-images: Merges the images for the different platforms into a manifest list and pushes it to Docker Hub. | |
# To make the build faster, we use a matrix strategy to build the image for multiple platforms in parallel. | |
# The build of the first job is copied over to the image build jobs, so that the application build is only done once. | |
# QUEMU is used to emulate the different platforms on the GitHub runner. | |
# For more information about how to build multi-arch images and advanced settings with Docker Buildx in GitHub actions, see: | |
# https://docs.docker.com/build/ci/github-actions/multi-platform/ | |
name: Branch Continuous Integration | |
on: | |
push: | |
env: | |
REGISTRY_IMAGE: inspectit/inspectit-gepard-agent | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
jobs: | |
build-agent-jar: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up JDK 17 | |
uses: actions/setup-java@v4 | |
with: | |
java-version: '17' | |
distribution: 'temurin' | |
# Configure Gradle for optimal use in GiHub Actions, including caching of downloaded dependencies. | |
# See: https://github.com/gradle/actions/blob/main/setup-gradle/README.md | |
- name: Setup Gradle | |
uses: gradle/actions/setup-gradle@417ae3ccd767c252f5661f1ace9f835f9654f2b5 # v3.1.0 | |
with: | |
build-scan-publish: true | |
build-scan-terms-of-service-url: 'https://gradle.com/terms-of-service' | |
build-scan-terms-of-service-agree: 'yes' | |
- name: Test | |
run: ./gradlew test | |
- name: Build | |
run: ./gradlew extendedAgent -x test | |
- name: Upload artifact | |
uses: actions/upload-artifact@v3 | |
with: | |
name: agent-artifact | |
path: inspectit-gepard-agent/build/libs/inspectit-gepard-agent.jar | |
dependency-submission: | |
runs-on: ubuntu-latest | |
permissions: | |
contents: write | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up JDK 17 | |
uses: actions/setup-java@v4 | |
with: | |
java-version: '17' | |
distribution: 'temurin' | |
# Generates and submits a dependency graph, enabling Dependabot Alerts for all project dependencies. | |
# See: https://github.com/gradle/actions/blob/main/dependency-submission/README.md | |
- name: Generate and submit dependency graph | |
uses: gradle/actions/dependency-submission@417ae3ccd767c252f5661f1ace9f835f9654f2b5 # v3.1.0 | |
build-docker-images: | |
runs-on: ubuntu-latest | |
needs: build-agent-jar | |
strategy: | |
fail-fast: false | |
matrix: | |
platform: | |
- linux/amd64 | |
- linux/arm/v6 | |
- linux/arm/v7 | |
- linux/arm64 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Prepare | |
run: | | |
platform=${{ matrix.platform }} | |
echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV | |
- name: Docker meta | |
id: meta | |
uses: docker/metadata-action@v5 | |
with: | |
images: ${{ env.REGISTRY_IMAGE }} | |
- name: Download artifact | |
uses: actions/download-artifact@v3 | |
with: | |
name: agent-artifact | |
path: ./ # Download artifact to the root of the Docker build context | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Login to Docker Hub | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ vars.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: Build and push by digest | |
id: build | |
uses: docker/build-push-action@v6 | |
with: | |
context: . | |
file: "./docker/Dockerfile-CR" | |
platforms: ${{ matrix.platform }} | |
labels: ${{ steps.meta.outputs.labels }} | |
outputs: type=image,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true,push=true | |
- name: Export digest | |
run: | | |
mkdir -p /tmp/digests | |
digest="${{ steps.build.outputs.digest }}" | |
touch "/tmp/digests/${digest#sha256:}" | |
- name: Upload digest | |
uses: actions/upload-artifact@v4 | |
with: | |
name: digests-${{ env.PLATFORM_PAIR }} | |
path: /tmp/digests/* | |
if-no-files-found: error | |
retention-days: 1 | |
merge-images: | |
runs-on: ubuntu-latest | |
needs: build-docker-images | |
steps: | |
- name: Download digests | |
uses: actions/download-artifact@v4 | |
with: | |
path: /tmp/digests | |
pattern: digests-* | |
merge-multiple: true | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Docker meta | |
id: meta | |
uses: docker/metadata-action@v5 | |
with: | |
images: ${{ env.REGISTRY_IMAGE }} | |
- name: Login to Docker Hub | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ vars.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: Create manifest list and push | |
working-directory: /tmp/digests | |
run: | | |
docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ | |
$(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *) | |
- name: Inspect image | |
run: | | |
docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:${{ steps.meta.outputs.version }} |