From ad814abcc4586d883e75cf2c5bf844cb30365cf9 Mon Sep 17 00:00:00 2001 From: Bence Csati Date: Tue, 19 Nov 2024 16:00:35 +0100 Subject: [PATCH] feat: reach parity with upstream Signed-off-by: Bence Csati --- .github/workflows/base-ci-goreleaser.yaml | 88 ++++++++ .github/workflows/base-release.yaml | 209 ++++++++++++++++++ .../ci-goreleaser-axoflow-otel-collector.yaml | 41 ++++ .github/workflows/ci-goreleaser.yaml | 63 ------ .github/workflows/package-tests.yaml | 32 +++ .../release-axoflow-otel-collector.yaml | 16 ++ .github/workflows/release.yaml | 106 --------- Makefile | 3 +- README.md | 2 +- cmd/builder/.goreleaser.yaml | 138 ------------ cmd/builder/Dockerfile | 14 -- cmd/goreleaser/internal/configure.go | 78 +++++-- .../axoflow-otel-collector/.goreleaser.yaml | 54 +++-- .../axoflow-otel-collector/Dockerfile | 2 +- ...ntrib.conf => axoflow-otel-collector.conf} | 0 ...service => axoflow-otel-collector.service} | 2 +- .../axoflow-otel-collector/config.yaml | 51 +---- .../windows-installer.wxs | 2 +- go.mod | 6 +- scripts/generate-goreleaser.sh | 2 +- scripts/package-tests/Dockerfile.test.deb | 14 ++ scripts/package-tests/Dockerfile.test.rpm | 9 + scripts/package-tests/README.md | 25 +++ scripts/package-tests/common.sh | 44 ++++ scripts/package-tests/package-tests.sh | 87 ++++++++ 25 files changed, 687 insertions(+), 401 deletions(-) create mode 100644 .github/workflows/base-ci-goreleaser.yaml create mode 100644 .github/workflows/base-release.yaml create mode 100644 .github/workflows/ci-goreleaser-axoflow-otel-collector.yaml delete mode 100644 .github/workflows/ci-goreleaser.yaml create mode 100644 .github/workflows/package-tests.yaml create mode 100644 .github/workflows/release-axoflow-otel-collector.yaml delete mode 100644 .github/workflows/release.yaml delete mode 100644 cmd/builder/.goreleaser.yaml delete mode 100644 cmd/builder/Dockerfile rename .goreleaser.yaml => distributions/axoflow-otel-collector/.goreleaser.yaml (80%) rename distributions/axoflow-otel-collector/{otelcol-contrib.conf => axoflow-otel-collector.conf} (100%) rename distributions/axoflow-otel-collector/{otelcol-contrib.service => axoflow-otel-collector.service} (87%) create mode 100644 scripts/package-tests/Dockerfile.test.deb create mode 100644 scripts/package-tests/Dockerfile.test.rpm create mode 100644 scripts/package-tests/README.md create mode 100644 scripts/package-tests/common.sh create mode 100755 scripts/package-tests/package-tests.sh diff --git a/.github/workflows/base-ci-goreleaser.yaml b/.github/workflows/base-ci-goreleaser.yaml new file mode 100644 index 00000000..2d339fab --- /dev/null +++ b/.github/workflows/base-ci-goreleaser.yaml @@ -0,0 +1,88 @@ +name: Reusable GoReleaser CI workflow + +on: + workflow_call: + inputs: + distribution: + required: true + type: string + goos: + required: true + type: string + goarch: + required: true + type: string + +env: + GORELEASER_PRO_VERSION: v2.4.1 + +jobs: + check-goreleaser: + strategy: + matrix: + GOOS: ${{ fromJSON( inputs.goos) }} + GOARCH: ${{ fromJSON( inputs.goarch) }} + exclude: + - GOOS: darwin + GOARCH: "386" + - GOOS: darwin + GOARCH: s390x + - GOOS: windows + GOARCH: arm64 + - GOOS: darwin + GOARCH: arm + - GOOS: windows + GOARCH: arm + - GOOS: windows + GOARCH: s390x + runs-on: ubuntu-24.04 + + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Setup QEMU + uses: docker/setup-qemu-action@v3 + with: + platforms: arm64,linux/arm/v7 + + - name: Setup wixl # Required to build MSI packages for Windows + if: ${{ matrix.GOOS == 'windows' && matrix.GOARCH == 'amd64' }} + run: | + sudo apt-get update + sudo apt-get install -y wixl + + - name: Setup Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Setup Go + uses: actions/setup-go@v5 + with: + go-version: '1.23' + check-latest: true + + - name: Generate the sources + run: make generate-sources + + - name: Run GoReleaser for ${{ inputs.distribution }} + uses: goreleaser/goreleaser-action@v6 + with: + distribution: goreleaser-pro + version: ${{ env.GORELEASER_PRO_VERSION }} + workdir: distributions/${{ inputs.distribution }} + args: --snapshot --clean --skip=sign,sbom --timeout 2h --split + env: + GOOS: ${{ matrix.GOOS }} + GOARCH: ${{ matrix.GOARCH }} + GOARM: 7 + GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }} + + - name: Upload linux service packages + if: ${{ matrix.GOOS == 'linux' && matrix.GOARCH == 'amd64' }} + uses: actions/upload-artifact@v4 + with: + name: linux-packages + path: distributions/${{ inputs.distribution }}/dist/linux_amd64_v1/* + if-no-files-found: error diff --git a/.github/workflows/base-release.yaml b/.github/workflows/base-release.yaml new file mode 100644 index 00000000..92d646f9 --- /dev/null +++ b/.github/workflows/base-release.yaml @@ -0,0 +1,209 @@ +name: Reusable release workflow + +on: + workflow_call: + inputs: + distribution: + required: true + type: string + goos: + required: true + type: string + goarch: + required: true + type: string + +env: + GORELEASER_PRO_VERSION: v2.4.1 + +jobs: + prepare: + strategy: + matrix: + GOOS: ${{ fromJSON( inputs.goos) }} + GOARCH: ${{ fromJSON( inputs.goarch) }} + exclude: + - GOOS: darwin + GOARCH: "386" + - GOOS: darwin + GOARCH: s390x + - GOOS: windows + GOARCH: arm64 + - GOOS: darwin + GOARCH: arm + - GOOS: windows + GOARCH: arm + - GOOS: windows + GOARCH: s390x + runs-on: ubuntu-24.04 + + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Install Cosign + uses: sigstore/cosign-installer@v3 + + - name: Download Syft + uses: anchore/sbom-action/download-syft@v0 + + - name: Setup QEMU + uses: docker/setup-qemu-action@v3 + with: + platforms: arm64,linux/arm/v7 + + - name: Setup Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Setup Go + uses: actions/setup-go@v5 + with: + go-version: '1.23' + check-latest: true + + - name: Setup wixl # Required to build MSI packages for Windows + if: ${{ matrix.GOOS == 'windows' && matrix.GOARCH == 'amd64' }} + run: | + sudo apt-get update + sudo apt-get install -y wixl + + - name: Generate distribution sources + run: make generate-sources + + - name: Login to GitHub Package Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Set SHA short + shell: bash + run: echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_ENV + + - name: Run GoReleaser for ${{ inputs.distribution }} + uses: goreleaser/goreleaser-action@v6 + with: + distribution: goreleaser-pro + version: ${{ env.GORELEASER_PRO_VERSION }} + workdir: distributions/${{ inputs.distribution }} + args: release --clean --split --timeout 2h + env: + GOOS: ${{ matrix.GOOS }} + GOARCH: ${{ matrix.GOARCH }} + GOARM: 7 + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + COSIGN_YES: true + GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }} + + - name: Upload artifacts + uses: actions/upload-artifact@v4 + with: + name: artifacts-${{ inputs.distribution }}-${{ matrix.GOOS }}-${{ matrix.GOARCH }} + path: distributions/${{ inputs.distribution }}/dist/**/* + if-no-files-found: error + + release: + name: ${{ inputs.distribution }} Release + runs-on: ubuntu-24.04 + needs: prepare + + permissions: + id-token: write + packages: write + contents: write + + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Install Cosign + uses: sigstore/cosign-installer@v3 + + - name: Download Syft + uses: anchore/sbom-action/download-syft@v0 + + - name: Setup QEMU + uses: docker/setup-qemu-action@v3 + with: + platforms: arm64 + + - name: Setup Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Setup Go + uses: actions/setup-go@v5 + with: + go-version: '1.23' + check-latest: true + + - name: Download artifacts + uses: actions/download-artifact@v4 + with: + pattern: artifacts-${{ inputs.distribution }}-* + path: distributions/${{ inputs.distribution }}/dist + merge-multiple: true + + - name: Display structure of downloaded files + run: ls -R distributions/${{ inputs.distribution }}/dist + + - name: Login to GitHub Package Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Run GoReleaser for ${{ inputs.distribution }} + uses: goreleaser/goreleaser-action@v6 + with: + distribution: goreleaser-pro + version: ${{ env.GORELEASER_PRO_VERSION }} + workdir: distributions/${{ inputs.distribution }} + args: continue --merge --timeout 2h + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + COSIGN_YES: true + GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }} + + + - name: Upload artifacts + uses: actions/upload-artifact@v4 + with: + name: artifacts-${{ inputs.distribution }}-${{ matrix.GOOS }}-${{ matrix.GOARCH }} + path: distributions/${{ inputs.distribution }}/dist/**/* + if-no-files-found: error + + - name: Install jq + run: sudo apt-get install -y jq + + - name: Extract Docker image with digest + id: image-with-digest + shell: bash + run: | + echo '${{ steps.goreleaser-action.outputs.artifacts }}' >> output-artifacts.json + DOCKER_IMAGE=$(jq -r '.[] | select(.type == "Docker Manifest" and (.path | test(":[0-9]+"))) | "\(.path)@\(.extra.Digest)"' ./output-artifacts.json) + echo "DOCKER_IMAGE=$DOCKER_IMAGE" >> "$GITHUB_OUTPUT" + + - name: Run Trivy vulnerability scanner + uses: aquasecurity/trivy-action@0.17.0 + with: + image-ref: ${{ steps.image-with-digest.outputs.DOCKER_IMAGE }} + format: sarif + output: trivy-results.sarif + + - name: Upload Trivy scan results as artifact + uses: actions/upload-artifact@v4 + with: + name: "[${{ github.job }}] Trivy scan results" + path: trivy-results.sarif + retention-days: 5 + + - name: Upload Trivy scan results to GitHub Security tab + uses: github/codeql-action/upload-sarif@v3 + with: + sarif_file: trivy-results.sarif diff --git a/.github/workflows/ci-goreleaser-axoflow-otel-collector.yaml b/.github/workflows/ci-goreleaser-axoflow-otel-collector.yaml new file mode 100644 index 00000000..de76b37b --- /dev/null +++ b/.github/workflows/ci-goreleaser-axoflow-otel-collector.yaml @@ -0,0 +1,41 @@ +name: Continuous Integration - Axoflow Otel Collector - GoReleaser + +on: + push: + branches: [main] + paths: + - "distributions/axoflow-otel-collector/**" + - "cmd/**" + - ".github/**" + - "scripts/**" + - "Makefile" + - "go.mod" + - "go.sum" + pull_request: + branches: [main] + paths: + - "distributions/axoflow-otel-collector/**" + - "cmd/**" + - ".github/**" + - "scripts/**" + - "Makefile" + - "go.mod" + - "go.sum" + +jobs: + check-goreleaser: + name: Continuous Integration - Axoflow Otel Collector - GoReleaser + uses: ./.github/workflows/base-ci-goreleaser.yaml + with: + distribution: axoflow-otel-collector + goos: '[ "linux", "windows" ]' + goarch: '[ "amd64", "arm64" ]' + secrets: inherit + + package-tests: + name: Package tests + needs: check-goreleaser + uses: ./.github/workflows/package-tests.yaml + with: + distribution: axoflow-otel-collector + type: '[ "deb", "rpm" ]' diff --git a/.github/workflows/ci-goreleaser.yaml b/.github/workflows/ci-goreleaser.yaml deleted file mode 100644 index 170cb1e7..00000000 --- a/.github/workflows/ci-goreleaser.yaml +++ /dev/null @@ -1,63 +0,0 @@ -name: Continuous Integration - GoReleaser - -on: - push: - branches: [main] - paths: - - ".goreleaser.yaml" - - "distributions/axoflow-otel-collector/manifest.yaml" - pull_request: - branches: [main] - paths: - - ".goreleaser.yaml" - - "distributions/axoflow-otel-collector/manifest.yaml" - -jobs: - check-goreleaser: - name: Check GoReleaser Configuration - strategy: - matrix: - GOOS: [linux, windows] - GOARCH: [amd64, arm64] - runs-on: ubuntu-24.04 - - steps: - - name: Checkout - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Setup QEMU - uses: docker/setup-qemu-action@v3 - with: - platforms: arm64 - - - name: Setup wixl # Required to build MSI packages for Windows - if: ${{ matrix.GOOS == 'windows' && ( matrix.GOARCH == 'amd64') }} - run: | - sudo apt-get update - sudo apt-get install -y wixl - - - name: Setup Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Setup Go - uses: actions/setup-go@v5 - with: - go-version: '1.23' - check-latest: true - - - name: Generate the sources - run: make generate-sources - - - name: Run GoReleaser for axoflow-otel-collector - uses: goreleaser/goreleaser-action@v6 - with: - distribution: goreleaser-pro - version: v2.3.2 - workdir: distributions/axoflow-otel-collector - args: --snapshot --clean --skip=sign,sbom --timeout 2h --split - env: - GOOS: ${{ matrix.GOOS }} - GOARCH: ${{ matrix.GOARCH }} - GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }} diff --git a/.github/workflows/package-tests.yaml b/.github/workflows/package-tests.yaml new file mode 100644 index 00000000..b867d49c --- /dev/null +++ b/.github/workflows/package-tests.yaml @@ -0,0 +1,32 @@ +name: Package Tests + +on: + workflow_call: + inputs: + type: + required: true + type: string + distribution: + required: true + type: string + +jobs: + package-tests: + name: Package Tests + runs-on: ubuntu-latest + strategy: + matrix: + type: ${{ fromJSON(inputs.type) }} + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Download built artifacts + uses: actions/download-artifact@v4 + with: + name: linux-packages + + - name: Test ${{ matrix.type }} package + run: | + chmod +x ./scripts/package-tests/package-tests.sh + ./scripts/package-tests/package-tests.sh ./axoflow-otel-collector*-SNAPSHOT-*_linux_amd64.${{ matrix.type }} ${{ inputs.distribution }} diff --git a/.github/workflows/release-axoflow-otel-collector.yaml b/.github/workflows/release-axoflow-otel-collector.yaml new file mode 100644 index 00000000..769ab6e1 --- /dev/null +++ b/.github/workflows/release-axoflow-otel-collector.yaml @@ -0,0 +1,16 @@ +name: Release Axoflow Otel Collector + +on: + push: + tags: ["v*"] + +jobs: + release: + name: Release Axoflow Otel Collector + uses: ./.github/workflows/base-release.yaml + with: + distribution: axoflow-otel-collector + goos: '[ "linux", "windows" ]' + goarch: '[ "amd64", "arm64" ]' + secrets: inherit + permissions: write-all diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml deleted file mode 100644 index 93fb517e..00000000 --- a/.github/workflows/release.yaml +++ /dev/null @@ -1,106 +0,0 @@ -name: Release - -on: - push: - tags: ["v*"] - -jobs: - Release: - permissions: - id-token: write - packages: write - contents: write - security-events: write - - strategy: - matrix: - GOOS: [linux, windows] - GOARCH: [amd64, arm64] - runs-on: ubuntu-24.04 - - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - uses: sigstore/cosign-installer@v3 - - - uses: docker/setup-qemu-action@v3 - with: - platforms: arm64 - - - uses: docker/setup-buildx-action@v3 - - - uses: actions/setup-go@v5 - with: - go-version: '1.23' - check-latest: true - - - name: Setup wixl # Required to build MSI packages for Windows - if: ${{ matrix.GOOS == 'windows' && ( matrix.GOARCH == '386' || matrix.GOARCH == 'amd64') }} - run: | - sudo apt-get update - sudo apt-get install -y wixl - - - name: Generate distribution sources - run: make generate-sources - - - name: Login to GitHub Package Registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.GITHUB_TOKEN }} - - - shell: bash - run: | - echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_ENV - - - uses: goreleaser/goreleaser-action@v6 - id: goreleaser-action - with: - distribution: goreleaser-pro - version: v2.3.2 - workdir: distributions/axoflow-otel-collector - args: release --clean --timeout 2h --split - env: - GOOS: ${{ matrix.GOOS }} - GOARCH: ${{ matrix.GOARCH }} - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - COSIGN_YES: true - GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }} - - - uses: actions/upload-artifact@v4 - with: - name: all-artifacts - path: dist/*/* - - - name: Install jq - run: sudo apt-get install -y jq - - - name: Extract Docker image with digest - id: image-with-digest - shell: bash - run: | - echo '${{ steps.goreleaser-action.outputs.artifacts }}' >> output-artifacts.json - DOCKER_IMAGE=$(jq -r '.[] | select(.type == "Docker Manifest" and (.path | test(":[0-9]+"))) | "\(.path)@\(.extra.Digest)"' ./output-artifacts.json) - echo "DOCKER_IMAGE=$DOCKER_IMAGE" >> "$GITHUB_OUTPUT" - - - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@0.17.0 - with: - image-ref: ${{ steps.image-with-digest.outputs.DOCKER_IMAGE }} - format: sarif - output: trivy-results.sarif - - - name: Upload Trivy scan results as artifact - uses: actions/upload-artifact@v4 - with: - name: "[${{ github.job }}] Trivy scan results" - path: trivy-results.sarif - retention-days: 5 - - - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@v3 - with: - sarif_file: trivy-results.sarif diff --git a/Makefile b/Makefile index e12f03ae..490829f2 100644 --- a/Makefile +++ b/Makefile @@ -23,7 +23,8 @@ generate-sources: go ocb @./scripts/build.sh -d "${DISTRIBUTIONS}" -s true -b ${OTELCOL_BUILDER} goreleaser-verify: goreleaser - @${GORELEASER} release --snapshot --clean + @cd distributions/axoflow-otel-collector && $(GORELEASER) release --snapshot --clean + @cd ../../ ensure-goreleaser-up-to-date: generate-goreleaser @git diff -s --exit-code distributions/*/.goreleaser.yaml || (echo "Check failed: The goreleaser templates have changed but the .goreleaser.yamls haven't. Run 'make generate-goreleaser' and update your PR." && exit 1) diff --git a/README.md b/README.md index 38b18f0a..f6bb25ce 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ This repository assembles Axoflow Distribution for OpenTelemetry Collector. The distribution contains: -- Binaries for linux_amd64 and linux_arm64 +- Binaries for linux_amd64, linux_arm64 and windows_amd64 - Multi-arch container images (at least amd64 and arm64) ## Learn more diff --git a/cmd/builder/.goreleaser.yaml b/cmd/builder/.goreleaser.yaml deleted file mode 100644 index c45aa2d8..00000000 --- a/cmd/builder/.goreleaser.yaml +++ /dev/null @@ -1,138 +0,0 @@ -before: - hooks: - - go mod download -monorepo: - tag_prefix: cmd/builder/ - dir: .core/cmd/builder -version: 2 -builds: - - flags: - - -trimpath - ldflags: - - -s -w -X go.opentelemetry.io/collector/cmd/builder/internal.version={{ .Version }} - env: - - CGO_ENABLED=0 - goos: - - linux - - windows - - darwin - goarch: - - amd64 - - arm64 - - ppc64le - ignore: - - goos: windows - goarch: arm64 - binary: ocb -dockers: - - goos: linux - goarch: amd64 - dockerfile: Dockerfile - image_templates: - - otel/opentelemetry-collector-builder:{{ .Version }}-amd64 - - otel/opentelemetry-collector-builder:latest-amd64 - - ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-builder:{{ .Version }}-amd64 - - ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-builder:latest-amd64 - build_flag_templates: - - --pull - - --platform=linux/amd64 - - --label=org.opencontainers.image.created={{.Date}} - - --label=org.opencontainers.image.name={{.ProjectName}} - - --label=org.opencontainers.image.revision={{.FullCommit}} - - --label=org.opencontainers.image.version={{.Version}} - - --label=org.opencontainers.image.source={{.GitURL}} - - --label=org.opencontainers.image.licenses=Apache-2.0 - - goos: linux - goarch: arm64 - dockerfile: Dockerfile - image_templates: - - otel/opentelemetry-collector-builder:{{ .Version }}-arm64 - - otel/opentelemetry-collector-builder:latest-arm64 - - ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-builder:{{ .Version }}-arm64 - - ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-builder:latest-arm64 - build_flag_templates: - - --pull - - --platform=linux/arm64 - - --label=org.opencontainers.image.created={{.Date}} - - --label=org.opencontainers.image.name={{.ProjectName}} - - --label=org.opencontainers.image.revision={{.FullCommit}} - - --label=org.opencontainers.image.version={{.Version}} - - --label=org.opencontainers.image.source={{.GitURL}} - - --label=org.opencontainers.image.licenses=Apache-2.0 - - goos: linux - goarch: ppc64le - dockerfile: Dockerfile - image_templates: - - otel/opentelemetry-collector-builder:{{ .Version }}-ppc64le - - otel/opentelemetry-collector-builder:latest-ppc64le - - ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-builder:{{ .Version }}-ppc64le - - ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-builder:latest-ppc64le - build_flag_templates: - - --pull - - --platform=linux/ppc64le - - --label=org.opencontainers.image.created={{.Date}} - - --label=org.opencontainers.image.name={{.ProjectName}} - - --label=org.opencontainers.image.revision={{.FullCommit}} - - --label=org.opencontainers.image.version={{.Version}} - - --label=org.opencontainers.image.source={{.GitURL}} - - --label=org.opencontainers.image.licenses=Apache-2.0 - use: buildx -docker_manifests: - - name_template: otel/opentelemetry-collector-builder:{{ .Version }} - image_templates: - - otel/opentelemetry-collector-builder:{{ .Version }}-amd64 - - otel/opentelemetry-collector-builder:{{ .Version }}-arm64 - - otel/opentelemetry-collector-builder:{{ .Version }}-ppc64le - - name_template: otel/opentelemetry-collector-builder:latest - image_templates: - - otel/opentelemetry-collector-builder:latest-amd64 - - otel/opentelemetry-collector-builder:latest-arm64 - - otel/opentelemetry-collector-builder:latest-ppc64le - - name_template: ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-builder:{{ .Version }} - image_templates: - - ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-builder:{{ .Version }}-amd64 - - ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-builder:{{ .Version }}-arm64 - - ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-builder:{{ .Version }}-ppc64le - - name_template: ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-builder:latest - image_templates: - - ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-builder:latest-amd64 - - ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-builder:latest-arm64 - - ghcr.io/open-telemetry/opentelemetry-collector-releases/opentelemetry-collector-builder:latest-ppc64le -release: - github: - owner: open-telemetry - name: opentelemetry-collector-releases - header: | - ### Images and binaries for collector distributions here: https://github.com/open-telemetry/opentelemetry-collector-releases/releases/tag/{{ .Tag }} -archives: - - format: binary -checksum: - name_template: "checksums.txt" -snapshot: - version_template: "{{ .Tag }}-next" -changelog: - disable: true -signs: - - if: $SKIP_SIGNS != "true" - cmd: cosign - args: - - sign-blob - - --output-signature - - ${artifact}.sig - - --output-certificate - - ${artifact}.pem - - ${artifact} - signature: ${artifact}.sig - artifacts: all - certificate: ${artifact}.pem -docker_signs: - - if: $SKIP_SIGNS != "true" - args: - - sign - - ${artifact} - artifacts: all -sboms: - - id: archive - artifacts: archive - - id: package - artifacts: package diff --git a/cmd/builder/Dockerfile b/cmd/builder/Dockerfile deleted file mode 100644 index 5749258a..00000000 --- a/cmd/builder/Dockerfile +++ /dev/null @@ -1,14 +0,0 @@ -FROM golang:1.23-alpine3.20 -RUN apk --update add ca-certificates - -ARG SERVICE_NAME=ocb - -RUN addgroup --gid 10001 --system ${SERVICE_NAME} && \ - adduser --ingroup ${SERVICE_NAME} --shell /bin/false \ - --disabled-password --uid 10001 ${SERVICE_NAME} - -USER ${SERVICE_NAME} -WORKDIR /home/${SERVICE_NAME} - -COPY --chmod=755 ocb /usr/local/bin/ocb -ENTRYPOINT [ "ocb" ] diff --git a/cmd/goreleaser/internal/configure.go b/cmd/goreleaser/internal/configure.go index cba3e1bd..333bab0a 100644 --- a/cmd/goreleaser/internal/configure.go +++ b/cmd/goreleaser/internal/configure.go @@ -22,7 +22,6 @@ package internal import ( "fmt" "path" - "path/filepath" "strings" "github.com/goreleaser/goreleaser-pro/v2/pkg/config" @@ -37,7 +36,7 @@ const ( var ( ImagePrefixes = []string{"ghcr.io/axoflow/axoflow-otel-collector"} Architectures = []string{"amd64", "arm64"} - ArmVersions = []string{} + ArmVersions = []string{"7"} DefaultConfigDists = map[string]bool{ImageName: true} MSIWindowsDists = map[string]bool{ImageName: true} ) @@ -48,16 +47,23 @@ func Generate(dist string) config.Project { Checksum: config.Checksum{ NameTemplate: fmt.Sprintf("{{ .ProjectName }}_%v_checksums.txt", dist), }, + Env: []string{"COSIGN_YES=true"}, Builds: Builds(dist), Archives: Archives(dist), MSI: WinPackages(dist), NFPMs: Packages(dist), Dockers: DockerImages(dist), DockerManifests: DockerManifests(dist), + Signs: Sign(), + DockerSigns: DockerSigns(), + SBOMs: SBOM(), Version: 2, Monorepo: config.Monorepo{ TagPrefix: "v", }, + Release: config.Release{ + Disable: "true", + }, } } @@ -72,7 +78,7 @@ func Builds(dist string) []config.Build { func Build(dist string) config.Build { return config.Build{ ID: dist, - Dir: path.Join("distributions", dist, "_build"), + Dir: "_build", Binary: dist, BuildDetails: config.BuildDetails{ Env: []string{"CGO_ENABLED=0"}, @@ -121,12 +127,12 @@ func WinPackages(dist string) []config.MSI { func WinPackage(dist string) config.MSI { files := []string{} if _, ok := DefaultConfigDists[dist]; ok { - files = append(files, filepath.Join("distributions", dist, "config.yaml")) + files = append(files, "config.yaml") } return config.MSI{ ID: dist, Name: fmt.Sprintf("%s_{{ .Version }}_{{ .Os }}_{{ .MsiArch }}", dist), - WXS: filepath.Join("distributions", dist, "windows-installer.wxs"), + WXS: "windows-installer.wxs", Files: files, } } @@ -142,18 +148,18 @@ func Packages(dist string) []config.NFPM { func Package(dist string) config.NFPM { nfpmContents := config.NFPMContents{ { - Source: path.Join("distributions", ImageName, fmt.Sprintf("%s.service", "otelcol-contrib")), + Source: fmt.Sprintf("%s.service", ImageName), Destination: path.Join("/lib", "systemd", "system", fmt.Sprintf("%s.service", dist)), }, { - Source: path.Join("distributions", ImageName, fmt.Sprintf("%s.conf", "otelcol-contrib")), + Source: fmt.Sprintf("%s.conf", ImageName), Destination: path.Join("/etc", dist, fmt.Sprintf("%s.conf", dist)), Type: "config|noreplace", }, } if _, ok := DefaultConfigDists[dist]; ok { nfpmContents = append(nfpmContents, &config.NFPMContent{ - Source: filepath.Join("distributions", ImageName, "config.yaml"), + Source: "config.yaml", Destination: path.Join("/etc", dist, "config.yaml"), Type: "config|noreplace", }) @@ -176,9 +182,9 @@ func Package(dist string) config.NFPM { NFPMOverridables: config.NFPMOverridables{ PackageName: dist, Scripts: config.NFPMScripts{ - PreInstall: path.Join("distributions", dist, "preinstall.sh"), - PostInstall: path.Join("distributions", dist, "postinstall.sh"), - PreRemove: path.Join("distributions", dist, "preremove.sh"), + PreInstall: "preinstall.sh", + PostInstall: "postinstall.sh", + PreRemove: "preremove.sh", }, Contents: nfpmContents, }, @@ -220,12 +226,12 @@ func DockerImage(dist, arch, armVersion string) config.Docker { files := make([]string, 0) if _, ok := DefaultConfigDists[dist]; ok { - files = append(files, filepath.Join("distributions", ImageName, "config.yaml")) + files = append(files, "config.yaml") } return config.Docker{ ImageTemplates: imageTemplates, - Dockerfile: path.Join("distributions", dist, "Dockerfile"), + Dockerfile: "Dockerfile", Use: "buildx", BuildFlagTemplates: []string{ "--pull", @@ -282,7 +288,7 @@ func DockerManifest(prefix, version, dist string) config.DockerManifest { // imageName translates a distribution name to a container image name. func imageName(dist string) string { - return strings.Replace(dist, CoreDistro, ImageName, 1) + return strings.Replace(dist, CoreDistro, dist, 1) } // archName translates architecture to docker platform names. @@ -294,3 +300,47 @@ func archName(arch, armVersion string) string { return arch } } + +func Sign() []config.Sign { + return []config.Sign{ + { + Artifacts: "all", + Signature: "${artifact}.sig", + Certificate: "${artifact}.pem", + Cmd: "cosign", + Args: []string{ + "sign-blob", + "--output-signature", + "${artifact}.sig", + "--output-certificate", + "${artifact}.pem", + "${artifact}", + }, + }, + } +} + +func DockerSigns() []config.Sign { + return []config.Sign{ + { + Artifacts: "all", + Args: []string{ + "sign", + "${artifact}", + }, + }, + } +} + +func SBOM() []config.SBOM { + return []config.SBOM{ + { + ID: "archive", + Artifacts: "archive", + }, + { + ID: "package", + Artifacts: "package", + }, + } +} diff --git a/.goreleaser.yaml b/distributions/axoflow-otel-collector/.goreleaser.yaml similarity index 80% rename from .goreleaser.yaml rename to distributions/axoflow-otel-collector/.goreleaser.yaml index 19ffcd78..2c8fe3da 100644 --- a/.goreleaser.yaml +++ b/distributions/axoflow-otel-collector/.goreleaser.yaml @@ -2,12 +2,16 @@ partial: by: target version: 2 project_name: axoflow-otel-collector-releases +env: + - COSIGN_YES=true +release: + disable: "true" msi: - id: axoflow-otel-collector name: axoflow-otel-collector_{{ .Version }}_{{ .Os }}_{{ .MsiArch }} - wxs: distributions/axoflow-otel-collector/windows-installer.wxs + wxs: windows-installer.wxs extra_files: - - distributions/axoflow-otel-collector/config.yaml + - config.yaml builds: - id: axoflow-otel-collector goos: @@ -16,6 +20,8 @@ builds: goarch: - amd64 - arm64 + goarm: + - "7" ignore: - goos: darwin goarch: "386" @@ -29,7 +35,7 @@ builds: goarch: arm64 - goos: windows goarch: s390x - dir: distributions/axoflow-otel-collector/_build + dir: _build binary: axoflow-otel-collector ldflags: - -s @@ -46,18 +52,18 @@ archives: nfpms: - package_name: axoflow-otel-collector contents: - - src: distributions/axoflow-otel-collector/otelcol-contrib.service + - src: axoflow-otel-collector.service dst: /lib/systemd/system/axoflow-otel-collector.service - - src: distributions/axoflow-otel-collector/otelcol-contrib.conf + - src: axoflow-otel-collector.conf dst: /etc/axoflow-otel-collector/axoflow-otel-collector.conf type: config|noreplace - - src: distributions/axoflow-otel-collector/config.yaml + - src: config.yaml dst: /etc/axoflow-otel-collector/config.yaml type: config|noreplace scripts: - preinstall: distributions/axoflow-otel-collector/preinstall.sh - postinstall: distributions/axoflow-otel-collector/postinstall.sh - preremove: distributions/axoflow-otel-collector/preremove.sh + preinstall: preinstall.sh + postinstall: postinstall.sh + preremove: preremove.sh overrides: rpm: dependencies: @@ -76,12 +82,12 @@ checksum: dockers: - goos: linux goarch: amd64 - dockerfile: distributions/axoflow-otel-collector/Dockerfile + dockerfile: Dockerfile image_templates: - ghcr.io/axoflow/axoflow-otel-collector/axoflow-otel-collector:{{ .Version }}-amd64 - ghcr.io/axoflow/axoflow-otel-collector/axoflow-otel-collector:latest-amd64 extra_files: - - distributions/axoflow-otel-collector/config.yaml + - config.yaml build_flag_templates: - --pull - --platform=linux/amd64 @@ -93,12 +99,12 @@ dockers: use: buildx - goos: linux goarch: arm64 - dockerfile: distributions/axoflow-otel-collector/Dockerfile + dockerfile: Dockerfile image_templates: - ghcr.io/axoflow/axoflow-otel-collector/axoflow-otel-collector:{{ .Version }}-arm64 - ghcr.io/axoflow/axoflow-otel-collector/axoflow-otel-collector:latest-arm64 extra_files: - - distributions/axoflow-otel-collector/config.yaml + - config.yaml build_flag_templates: - --pull - --platform=linux/arm64 @@ -117,5 +123,27 @@ docker_manifests: image_templates: - ghcr.io/axoflow/axoflow-otel-collector/axoflow-otel-collector:latest-amd64 - ghcr.io/axoflow/axoflow-otel-collector/axoflow-otel-collector:latest-arm64 +signs: + - cmd: cosign + args: + - sign-blob + - --output-signature + - ${artifact}.sig + - --output-certificate + - ${artifact}.pem + - ${artifact} + signature: ${artifact}.sig + artifacts: all + certificate: ${artifact}.pem +docker_signs: + - args: + - sign + - ${artifact} + artifacts: all +sboms: + - id: archive + artifacts: archive + - id: package + artifacts: package monorepo: tag_prefix: v diff --git a/distributions/axoflow-otel-collector/Dockerfile b/distributions/axoflow-otel-collector/Dockerfile index 43795d8e..a917c2a2 100644 --- a/distributions/axoflow-otel-collector/Dockerfile +++ b/distributions/axoflow-otel-collector/Dockerfile @@ -8,7 +8,7 @@ USER ${USER_UID} COPY --from=certs /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt COPY --chmod=755 axoflow-otel-collector /axoflow-otel-collector -COPY distributions/axoflow-otel-collector/config.yaml /etc/axoflow-otel-collector/config.yaml +COPY config.yaml /etc/axoflow-otel-collector/config.yaml ENTRYPOINT ["/axoflow-otel-collector"] CMD ["--config", "/etc/axoflow-otel-collector/config.yaml"] EXPOSE 4317 4318 55678 55679 diff --git a/distributions/axoflow-otel-collector/otelcol-contrib.conf b/distributions/axoflow-otel-collector/axoflow-otel-collector.conf similarity index 100% rename from distributions/axoflow-otel-collector/otelcol-contrib.conf rename to distributions/axoflow-otel-collector/axoflow-otel-collector.conf diff --git a/distributions/axoflow-otel-collector/otelcol-contrib.service b/distributions/axoflow-otel-collector/axoflow-otel-collector.service similarity index 87% rename from distributions/axoflow-otel-collector/otelcol-contrib.service rename to distributions/axoflow-otel-collector/axoflow-otel-collector.service index 0770b4c0..f3024552 100644 --- a/distributions/axoflow-otel-collector/otelcol-contrib.service +++ b/distributions/axoflow-otel-collector/axoflow-otel-collector.service @@ -1,5 +1,5 @@ [Unit] -Description=OpenTelemetry Collector Contrib +Description=Axoflow Otel Collector After=network.target [Service] diff --git a/distributions/axoflow-otel-collector/config.yaml b/distributions/axoflow-otel-collector/config.yaml index b3beb48e..db4afd2e 100644 --- a/distributions/axoflow-otel-collector/config.yaml +++ b/distributions/axoflow-otel-collector/config.yaml @@ -9,38 +9,11 @@ extensions: endpoint: 0.0.0.0:55679 receivers: - otlp: - protocols: - grpc: - endpoint: 0.0.0.0:4317 - http: - endpoint: 0.0.0.0:4318 - - opencensus: - endpoint: 0.0.0.0:55678 - - # Collect own metrics - prometheus: - config: - scrape_configs: - - job_name: 'otel-collector' - scrape_interval: 10s - static_configs: - - targets: ['0.0.0.0:8888'] - - jaeger: - protocols: - grpc: - endpoint: 0.0.0.0:14250 - thrift_binary: - endpoint: 0.0.0.0:6832 - thrift_compact: - endpoint: 0.0.0.0:6831 - thrift_http: - endpoint: 0.0.0.0:14268 - - zipkin: - endpoint: 0.0.0.0:9411 + filelog: + exclude: + - /var/log/pods/*/otc-container/*.log + include: + - /var/log/pods/*/*/*.log processors: batch: @@ -50,21 +23,9 @@ exporters: verbosity: detailed service: - pipelines: - - traces: - receivers: [otlp, opencensus, jaeger, zipkin] - processors: [batch] - exporters: [debug] - - metrics: - receivers: [otlp, opencensus, prometheus] - processors: [batch] - exporters: [debug] - logs: - receivers: [otlp] + receivers: [filelog] processors: [batch] exporters: [debug] diff --git a/distributions/axoflow-otel-collector/windows-installer.wxs b/distributions/axoflow-otel-collector/windows-installer.wxs index 42f5692c..f682d52a 100644 --- a/distributions/axoflow-otel-collector/windows-installer.wxs +++ b/distributions/axoflow-otel-collector/windows-installer.wxs @@ -49,7 +49,7 @@ + Source="config.yaml"/> "./.goreleaser.yaml" + ${GO} run cmd/goreleaser/main.go -d "${distribution}" > "./distributions/${distribution}/.goreleaser.yaml" done diff --git a/scripts/package-tests/Dockerfile.test.deb b/scripts/package-tests/Dockerfile.test.deb new file mode 100644 index 00000000..fd17c383 --- /dev/null +++ b/scripts/package-tests/Dockerfile.test.deb @@ -0,0 +1,14 @@ +# A debian image with systemd enabled. Must be run with: +# `-d --privileged -v /sys/fs/cgroup:/sys/fs/cgroup:ro` flags +FROM debian:12 + +ENV container docker +ENV DEBIAN_FRONTEND noninteractive + +# Enable systemd. +RUN apt-get update ; \ + apt-get install -y systemd systemd-sysv procps; \ + apt-get clean ; \ + rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* + +CMD ["/lib/systemd/systemd"] diff --git a/scripts/package-tests/Dockerfile.test.rpm b/scripts/package-tests/Dockerfile.test.rpm new file mode 100644 index 00000000..9e7cf481 --- /dev/null +++ b/scripts/package-tests/Dockerfile.test.rpm @@ -0,0 +1,9 @@ +# A rockylinux image with systemd enabled. Must be run with: +# `-d --privileged -v /sys/fs/cgroup:/sys/fs/cgroup:ro` flags +FROM rockylinux:9.3 + +ENV container docker + +RUN dnf install -y initscripts + +CMD ["/usr/sbin/init"] diff --git a/scripts/package-tests/README.md b/scripts/package-tests/README.md new file mode 100644 index 00000000..3e926aee --- /dev/null +++ b/scripts/package-tests/README.md @@ -0,0 +1,25 @@ +# Build and test deb/rpm packages + +## Prerequisites + +Tools: + +- [Go](https://go.dev/) +- [GoReleaser](https://goreleaser.com/) +- [Podman](https://podman.io/) +- make + +## How to build and test + +To build the Collector Linux packages, a few steps are required: + +- Run `make generate` to (re-)generate sources and GoReleaser files +- Go to the distribution folder that you want to build (under the `distributions` folder) +- Run `goreleaser release --snapshot --clean --skip sbom,sign,archive,docker` + - This will build the necessary release assets with all architectures and packaging types into the `dist` folder inside your + current folder. (We can skip many parts of the release build that we don't need for running the package tests locally) + - We use GoReleaser Pro only features in CI. If you want to run this locally, and you run into `unmarshal` errors, + you may have to remove the parts that goreleaser complains about or use a pro license. +- Go back to the root of the repo +- To start the package tests, + run: `./scripts/package-tests/package-tests.sh ./distributions//dist/_*-SNAPSHOT-*_linux_amd64. ` diff --git a/scripts/package-tests/common.sh b/scripts/package-tests/common.sh new file mode 100644 index 00000000..18c859e2 --- /dev/null +++ b/scripts/package-tests/common.sh @@ -0,0 +1,44 @@ +#!/bin/bash + +# Copyright The OpenTelemetry Authors +# SPDX-License-Identifier: Apache-2.0 + +podman_cp() { + local container="$1" + local src="$2" + local dest="$3" + local dest_dir + dest_dir="$( dirname "$dest" )" + + echo "Copying $src to $container:$dest ..." + podman exec "$container" mkdir -p "$dest_dir" + podman cp "$src" "$container":"$dest" +} + +install_pkg() { + local container="$1" + local pkg_path="$2" + local pkg_base + pkg_base=$( basename "$pkg_path" ) + + echo "Installing $pkg_base ..." + podman_cp "$container" "$pkg_path" /tmp/"$pkg_base" + if [[ "${pkg_base##*.}" = "deb" ]]; then + podman exec "$container" dpkg -i /tmp/"$pkg_base" + else + podman exec "$container" rpm -ivh /tmp/"$pkg_base" + fi +} + +uninstall_pkg() { + local container="$1" + local pkg_type="$2" + local pkg_name="$3" + + echo "Uninstalling $pkg_name ..." + if [[ "$pkg_type" = "deb" ]]; then + podman exec "$container" dpkg -r "$pkg_name" + else + podman exec "$container" rpm -e "$pkg_name" + fi +} diff --git a/scripts/package-tests/package-tests.sh b/scripts/package-tests/package-tests.sh new file mode 100755 index 00000000..f85e82e6 --- /dev/null +++ b/scripts/package-tests/package-tests.sh @@ -0,0 +1,87 @@ +#!/bin/bash + +# Copyright The OpenTelemetry Authors +# SPDX-License-Identifier: Apache-2.0 + +set -euov pipefail + +SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" +REPO_DIR="$( cd "$SCRIPT_DIR/../../../../" && pwd )" +export REPO_DIR +PKG_PATH="${1:-}" +DISTRO="${2:-}" + +SERVICE_NAME=$DISTRO +PROCESS_NAME=$DISTRO + +# shellcheck source=scripts/package-tests/common.sh +source "$SCRIPT_DIR"/common.sh + +if [[ -z "$PKG_PATH" ]]; then + echo "usage: ${BASH_SOURCE[0]} DEB_OR_RPM_PATH" >&2 + exit 1 +fi + +if [[ ! -f "$PKG_PATH" ]]; then + echo "$PKG_PATH not found!" >&2 + exit 1 +fi + + +pkg_base="$( basename "$PKG_PATH" )" +pkg_type="${pkg_base##*.}" +if [[ ! "$pkg_type" =~ ^(deb|rpm)$ ]]; then + echo "$PKG_PATH not supported!" >&2 + exit 1 +fi +image_name="axoflow-otel-collector-$pkg_type-test" +container_name="$image_name" +container_exec="podman exec $container_name" + +trap 'podman rm -fv $container_name >/dev/null 2>&1 || true' EXIT + +podman build -t "$image_name" -f "$SCRIPT_DIR/Dockerfile.test.$pkg_type" "$SCRIPT_DIR" +podman rm -fv "$container_name" >/dev/null 2>&1 || true + +# test install +podman run --name "$container_name" -d "$image_name" + +# ensure that the system is up and running by checking if systemctl is running +$container_exec systemctl is-system-running --quiet --wait +install_pkg "$container_name" "$PKG_PATH" + +# ensure service has started and still running after 5 seconds +sleep 5 + +echo "Checking $SERVICE_NAME service status ..." +$container_exec systemctl --no-pager status "$SERVICE_NAME" + +echo "Checking $PROCESS_NAME process ..." +if [ "$DISTRO" = "axoflow-otel-collector" ]; then + $container_exec pgrep -a -u axoflow-otel-collector -f "$PROCESS_NAME" +fi + +# test uninstall +echo +uninstall_pkg "$container_name" "$pkg_type" "$DISTRO" + +echo "Checking $SERVICE_NAME service status after uninstall ..." +if $container_exec systemctl --no-pager status "$SERVICE_NAME"; then + echo "$SERVICE_NAME service still running after uninstall" >&2 + exit 1 +fi +echo "$SERVICE_NAME service successfully stopped after uninstall" + +echo "Checking $SERVICE_NAME service existence after uninstall ..." +if $container_exec systemctl list-unit-files --all | grep "$SERVICE_NAME"; then + echo "$SERVICE_NAME service still exists after uninstall" >&2 + exit 1 +fi +echo "$SERVICE_NAME service successfully removed after uninstall" + +echo "Checking $PROCESS_NAME process after uninstall ..." +if $container_exec pgrep "$PROCESS_NAME"; then + echo "$PROCESS_NAME process still running after uninstall" + exit 1 +fi +echo "$PROCESS_NAME process successfully killed after uninstall"