-
Notifications
You must be signed in to change notification settings - Fork 36
123 lines (97 loc) · 3.75 KB
/
releases-production.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
---
# IMPORTANT:
# If you change the name of this file, you will have to update
# https://github.com/elastic/oblt-infra/blob/main/conf/resources/repos/elastic-serverless-forwarder/01-aws-oidc-github.tf
# to include the current one!
# Workflow to push zip with dependencies to S3 bucket every time the ESF version is updated
# (we need this for ESF terraform), and to publish the new SAR version
name: releases-production
on:
workflow_run:
workflows: [create-tag]
types:
- completed
permissions:
id-token: write # This is required for requesting the JWT
contents: read # This is required for actions/checkout
env:
AWS_REGION: "eu-central-1"
AWS_ACCOUNT_ID: "267093732750" # account 'elastic-observability-prod'
jobs:
get-esf-version:
runs-on: ubuntu-latest
timeout-minutes: 5
outputs:
version: ${{ steps.get-version.outputs.version }}
steps:
- uses: actions/checkout@v4
- name: Get version number
id: get-version
shell: bash
run: |
version=$(grep -oE '[0-9]+\.[0-9]+\.[0-9]+(\-[a-zA-Z]+[0-9]+)?' share/version.py)
echo "version=${version}" >> $GITHUB_OUTPUT
echo "::notice::ESF version is ${version}."
build-and-upload-dependencies:
runs-on: ubuntu-latest
timeout-minutes: 30
needs: get-esf-version
env:
BUCKET_NAME: "esf-dependencies"
steps:
# See https://docs.aws.amazon.com/lambda/latest/dg/python-package.html#python-package-create-dependencies
- uses: actions/checkout@v4
with:
ref: 'lambda-v${{ needs.get-esf-version.outputs.version }}'
- uses: actions/setup-python@v5
with:
python-version: '3.9'
cache: 'pip' # caching pip dependencies
- name: Install requirements in a directory and zip it.
shell: bash
run: |
pip3 install -r requirements.txt -t ./dependencies
cd dependencies && zip -r ../lambda-v${{ needs.get-esf-version.outputs.version }}.zip .
- name: Place handlers in the zip file.
shell: bash
run: |
zip -r ./lambda-v${{ needs.get-esf-version.outputs.version }}.zip main_aws.py
zip -r ./lambda-v${{ needs.get-esf-version.outputs.version }}.zip handlers
zip -r ./lambda-v${{ needs.get-esf-version.outputs.version }}.zip share
zip -r ./lambda-v${{ needs.get-esf-version.outputs.version }}.zip storage
zip -r ./lambda-v${{ needs.get-esf-version.outputs.version }}.zip shippers
- name: Configure AWS credentials
uses: elastic/oblt-actions/aws/auth@v1
with:
aws-account-id: "${{ env.AWS_ACCOUNT_ID }}"
aws-region: "${{ env.AWS_REGION }}"
- name: Copy file to s3
run: |
aws s3 cp ./lambda-v${{ needs.get-esf-version.outputs.version }}.zip s3://${{ env.BUCKET_NAME }}/
release-sar:
runs-on: ubuntu-latest
timeout-minutes: 30
needs: get-esf-version
env:
BUCKET_NAME: "elastic-serverless-forwarder"
steps:
- uses: actions/checkout@v4
with:
ref: 'lambda-v${{ needs.get-esf-version.outputs.version }}'
- uses: elastic/oblt-actions/aws/auth@v1
with:
aws-account-id: "${{ env.AWS_ACCOUNT_ID }}"
aws-region: "${{ env.AWS_REGION }}"
- uses: aws-actions/setup-sam@2360ef6d90015369947b45b496193ab9976a9b04 # v2
with:
use-installer: true
token: ${{ secrets.GITHUB_TOKEN }}
- name: Build and package
run: |
.internal/aws/scripts/dist.sh \
elastic-serverless-forwarder \
${{ needs.get-esf-version.outputs.version }} \
${{ env.BUCKET_NAME }} \
${{ env.AWS_ACCOUNT_ID }} \
${{ env.AWS_REGION }} \
"Elastic"