Skip to content

chore(deps): update docker.elastic.co/wolfi/chainguard-base:latest do… #65

chore(deps): update docker.elastic.co/wolfi/chainguard-base:latest do…

chore(deps): update docker.elastic.co/wolfi/chainguard-base:latest do… #65

Workflow file for this run

# Release a tagged version of the '@elastic/opentelemetry-node' package.
name: release
# Primarily this workflow is about doing a release for a *tag*. However, this is
# also run for pushes to "main" to (a) go through some of the motions for
# testing, and (b) publishing the Docker image with an "edge" label.
on:
push:
tags:
- v*.*.*
branches:
- main
paths:
- 'packages/opentelemetry-node/**'
- '.github/workflows/release.yml'
# 'id-token' perm needed for npm publishing with provenance (see
# https://docs.npmjs.com/generating-provenance-statements#example-github-actions-workflow)
permissions:
attestations: write
contents: write
pull-requests: read
id-token: write
jobs:
release:
runs-on: ubuntu-latest
env:
DOCKER_IMAGE_NAME: docker.elastic.co/observability/elastic-otel-node
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: actions/setup-node@v4
with:
node-version: 'v18.20.2'
registry-url: 'https://registry.npmjs.org'
# Setup a Docker "buildx" builder container, used by "build-push-action"
# below for multi-platform image builds. Notes on multi-platform images:
# https://github.com/elastic/apm-agent-nodejs/issues/4038#issuecomment-2130406402
- uses: docker/setup-buildx-action@v3
- name: Log in to the Elastic Container registry
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: ${{ secrets.ELASTIC_DOCKER_REGISTRY }}
username: ${{ secrets.ELASTIC_DOCKER_USERNAME }}
password: ${{ secrets.ELASTIC_DOCKER_PASSWORD }}
- name: Extract metadata (tags, labels)
id: docker-meta
uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1
with:
images: ${{ env.DOCKER_IMAGE_NAME }}
flavor: |
latest=auto
tags: |
# "1.2.3" and "latest" Docker tags on push of git tag "v1.2.3"
type=semver,pattern={{version}}
# "edge" Docker tag on git push to default branch
type=edge
labels: |
org.opencontainers.image.vendor=Elastic
org.opencontainers.image.title=elastic-otel-node
org.opencontainers.image.description=Elastic Distribution of OpenTelemetry Node.js
- name: Build and Push Docker Image
id: docker-push
uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0
with:
context: .
platforms: linux/amd64,linux/arm64
file: 'packages/opentelemetry-node/Dockerfile'
push: true
tags: ${{ steps.docker-meta.outputs.tags }}
labels: ${{ steps.docker-meta.outputs.labels }}
- name: Attest Docker image
uses: actions/attest-build-provenance@ef244123eb79f2f7a7e75d99086184180e6d0018 # v1.4.4
with:
subject-name: "${{ env.DOCKER_IMAGE_NAME }}"
subject-digest: ${{ steps.docker-push.outputs.digest }}
push-to-registry: true
- name: npm publish (only for tag releases)
if: startsWith(github.ref, 'refs/tags')
working-directory: ./packages/opentelemetry-node
run: npm publish
env:
# https://docs.github.com/en/actions/publishing-packages/publishing-nodejs-packages#publishing-packages-to-the-npm-registry
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
- name: GitHub release (only for tag releases)
if: startsWith(github.ref, 'refs/tags')
run: |
npm ci # need top-level devDeps for github-release.sh script
./scripts/github-release.sh "packages/opentelemetry-node" "${{ github.ref_name }}"
env:
GH_TOKEN: ${{ github.token }}
- name: Notify in Slack
# Only notify on failure, because on success the published GitHub
# Release will result in a notification from the GitHub Slack app
# (assuming '/github subscribe elastic/elastic-otel-node').
if: ${{ failure() }}
uses: elastic/oblt-actions/slack/[email protected]
with:
bot-token: ${{ secrets.SLACK_BOT_TOKEN }}
channel-id: "#apm-agent-node"
message: '[${{ github.repository }}] Release `@elastic/opentelemetry-node` *${{ github.ref_name }}*'