Skip to content

Release

Release #697

Workflow file for this run

name: Release
permissions: write-all
# Triggered via GitHub Actions UI
on:
workflow_dispatch:
jobs:
test:
if: github.ref == 'refs/heads/main'
uses: newrelic/newrelic-cli/.github/workflows/test.yml@main
secrets:
NEW_RELIC_ACCOUNT_ID: ${{ secrets.NEW_RELIC_ACCOUNT_ID }}
NEW_RELIC_ADMIN_API_KEY: ${{ secrets.NEW_RELIC_ADMIN_API_KEY }}
NEW_RELIC_API_KEY: ${{ secrets.NEW_RELIC_API_KEY }}
NEW_RELIC_LICENSE_KEY: ${{ secrets.NEW_RELIC_LICENSE_KEY }}
NEW_RELIC_REGION: ${{ secrets.NEW_RELIC_REGION }}
release:
if: github.ref == 'refs/heads/main'
name: Release
needs: test
runs-on: ubuntu-20.04
env:
SNAPCRAFT_STORE_CREDENTIALS: ${{ secrets.SNAPCRAFT_TOKEN }}
steps:
- name: Install Go
uses: actions/setup-go@v5
with:
go-version: 1.21.x
- name: Add GOBIN to PATH
run: echo "$(go env GOPATH)/bin" >> $GITHUB_PATH
shell: bash
- name: Checkout code
uses: actions/checkout@v3
with:
# Needed for release notes
fetch-depth: 0
token: ${{ secrets.RELEASE_TOKEN }}
- name: Install Snapcraft
uses: samuelmeuli/action-snapcraft@v2
- name: Install PGP private key
shell: bash
env:
PGP_PRIVATE_KEY: ${{ secrets.PGP_PRIVATE_KEY }}
run: echo "$PGP_PRIVATE_KEY" | gpg --batch --import
- name: Publish Release
shell: bash
env:
GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
SNAPCRAFT_TOKEN: ${{ secrets.SNAPCRAFT_TOKEN }}
SNAPCRAFT_STORE_CREDENTIALS: ${{ secrets.SNAPCRAFT_TOKEN }}
run: |
git config --global user.name ${{ secrets.NEW_RELIC_GITHUB_SERVICE_ACCOUNT_USERNAME }}
git config --global user.email ${{ secrets.NEW_RELIC_GITHUB_SERVICE_ACCOUNT_EMAIL }}
# removes git's file permission changes tracking as goreleaser's before hook uses 'chmod' for win_metadat*.sh
git config core.fileMode false
mkdir -p $HOME/.cache/snapcraft/download
mkdir -p $HOME/.cache/snapcraft/stage-packages
make snapshot
./scripts/release.sh
chmod +x scripts/win_metadata.sh scripts/win_metadata_files_remove.sh
# creates the `versioninfo.json` file with version info for the Windows binary
./scripts/win_metadata.sh
go install github.com/josephspurrier/goversioninfo/cmd/goversioninfo@latest
# Invokes 'goversioninfo' and uses the 'goversion directive' inside 'main.go' to create 'resource_windows.syso'
# that 'goreleaser' will need in its build step
go generate cmd/newrelic/main.go
make release-publish
./scripts/win_metadata_files_remove.sh
# Note the uploaded binary is downloaded and used in the release-windows-installer job
- name: Upload Windows binary to GitHub
uses: actions/upload-artifact@v3
with:
name: windows-binary
path: dist/newrelic_windows_amd64_v1/newrelic.exe
- name: Sign newrelic.exe
shell: bash
env:
PFX_CONTENT: ${{ secrets.PFX_BASE64_CONTENT }}
PFX_PASSWORD: ${{ secrets.PFX_CERT_PASSWORD }}
run: |
echo "$PFX_CONTENT" | base64 -d > cert.pfx
sudo apt-get install osslsigncode -y
sudo mv dist/newrelic_windows_amd64_v1/newrelic.exe dist/newrelic_windows_amd64_v1/newrelic-unsigned.exe
osslsigncode sign -pkcs12 cert.pfx -pass "$PFX_PASSWORD" -h sha256 -t http://timestamp.digicert.com \
-in dist/newrelic_windows_amd64_v1/newrelic-unsigned.exe -out dist/newrelic_windows_amd64_v1/newrelic.exe
rm -f cert.pfx dist/newrelic_windows_amd64_v1/newrelic-unsigned.exe
- name: Re-do Windows_x86_64.zip
run: |
VERSION=$(ls dist/*Windows_x86_64.zip | cut -d_ -f2)
rm -f dist/newrelic-cli_${VERSION}_Windows_x86_64.zip
zip -q dist/newrelic-cli_${VERSION}_Windows_x86_64.zip dist/newrelic_windows_amd64_v1/newrelic.exe
- name: Install AWS CLI
run: |
sudo apt-get update -y
sudo apt-get install awscli -y
- name: Write AWS config 1
uses: DamianReeves/[email protected]
with:
path: /home/runner/.aws/credentials
contents: |
[virtuoso_user]
aws_access_key_id=${{ secrets.AWS_ACCESS_KEY_ID }}
aws_secret_access_key=${{ secrets.AWS_SECRET_ACCESS_KEY }}
write-mode: overwrite
- name: Write AWS config 2
uses: DamianReeves/[email protected]
with:
path: /home/runner/.aws/config
contents: |
[profile virtuoso]
role_arn = ${{ secrets.AWS_ROLE_ARN }}
region = ${{ secrets.AWS_DEFAULT_REGION }}
source_profile = virtuoso_user
write-mode: overwrite
- name: Upload Unix based install script to AWS
id: upload-install-script
run: |
aws s3 cp ./scripts/install.sh s3://nr-downloads-main/install/newrelic-cli/scripts/install.sh --profile virtuoso
- name: Get latest tag
id: get-latest-tag
uses: actions-ecosystem/action-get-latest-tag@v1
- name: Create currentVersion.txt
id: create-current-version
uses: "finnp/create-file-action@master"
env:
FILE_NAME: "currentVersion.txt"
FILE_DATA: "${{ steps.get-latest-tag.outputs.tag }}"
- name: Upload currentVersion.txt
id: upload-current-version
run: |
aws s3 cp currentVersion.txt s3://nr-downloads-main/install/newrelic-cli/currentVersion.txt --profile virtuoso --cache-control no-cache
- name: Upload release artifacts to AWS
id: upload-release-artifacts
run: |
aws s3 cp --recursive --exclude "*" --include "newrelic-cli_*.txt" --include "newrelic-cli_*.sig" --include "newrelic-cli_*.zip" --include "newrelic-cli_*.gz" --include "newrelic-cli_*.rpm" --include "newrelic-cli_*.deb" --include "newrelic_*" ./dist s3://nr-downloads-main/install/newrelic-cli/${{ steps.get-latest-tag.outputs.tag }}/ --profile virtuoso
- name: Cleanup configs
run: |
rm -rf /home/runner/.aws/credentials
rm -rf /home/runner/.aws/config
release-windows-installer:
if: github.ref == 'refs/heads/main'
needs: release
uses: newrelic/newrelic-cli/.github/workflows/release-windows-installer.yml@main
secrets:
PFX_BASE64_CONTENT: ${{ secrets.PFX_BASE64_CONTENT }}
PFX_CERT_PASSWORD: ${{ secrets.PFX_CERT_PASSWORD }}
RELEASE_TOKEN: ${{ secrets.RELEASE_TOKEN }}
publish:
if: github.ref == 'refs/heads/main'
needs: release-windows-installer
uses: newrelic/newrelic-cli/.github/workflows/release-publish-windows.yml@main
secrets:
RELEASE_TOKEN: ${{ secrets.RELEASE_TOKEN }}
DEV_TOOLKIT_TOKEN: ${{ secrets.DEV_TOOLKIT_TOKEN }}
CHOCOLATEY_API_KEY: ${{ secrets.CHOCOLATEY_API_KEY }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_ROLE_ARN: ${{ secrets.AWS_ROLE_ARN }}
AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
snapshot:
if: github.ref == 'refs/heads/main'
uses: newrelic/newrelic-cli/.github/workflows/snapshot.yml@main
secrets:
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}