--- # Handles building of binary packages for the agent. name: Repository Packages on: workflow_dispatch: null pull_request: paths: - packaging/repoconfig/** - .github/workflows/repoconfig-packages.yml - .github/data/distros.yml push: branches: - master paths: - packaging/repoconfig/** - .github/workflows/repoconfig-packages.yml - .github/data/distros.yml env: DISABLE_TELEMETRY: 1 REPO_PREFIX: netdata/netdata jobs: matrix: name: Prepare Build Matrix runs-on: ubuntu-latest outputs: matrix: ${{ steps.set-matrix.outputs.matrix }} steps: - name: Checkout id: checkout uses: actions/checkout@v4 - name: Prepare tools id: prepare run: | sudo apt-get update || true sudo apt-get install -y python3-ruamel.yaml - name: Read build matrix id: set-matrix run: | matrix="$(.github/scripts/gen-matrix-repoconfig.py)" echo "Generated matrix: ${matrix}" echo "matrix=${matrix}" >> "${GITHUB_OUTPUT}" - name: Failure Notification uses: rtCamp/action-slack-notify@v2 env: SLACK_COLOR: 'danger' SLACK_ICON_EMOJI: ':github-actions:' SLACK_TITLE: 'Repository Package Build matrix generation failed:' SLACK_USERNAME: 'GitHub Actions' SLACK_MESSAGE: |- ${{ github.repository }}: Failed to generate build matrix for repository package build. Checkout: ${{ steps.checkout.outcome }} Prepare Tools: ${{ steps.prepare.outcome }} Read Build Matrix: ${{ steps.set-matrix.outcome }} SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_URL }} if: >- ${{ failure() && github.event_name != 'pull_request' && startsWith(github.ref, 'refs/heads/master') && github.repository == 'netdata/netdata' }} build: name: Build runs-on: ubuntu-latest env: DISABLE_TELEMETRY: 1 DOCKER_CLI_EXPERIMENTAL: enabled needs: - matrix strategy: matrix: ${{ fromJson(needs.matrix.outputs.matrix) }} # We intentiaonally disable the fail-fast behavior so that a # build failure for one version doesn't prevent us from publishing # successfully built and tested packages for another version. fail-fast: false max-parallel: 8 steps: - name: Checkout id: checkout uses: actions/checkout@v4 # Unlike normally, we do not need a deep clone or submodules for this. - name: Fetch base image id: fetch-images uses: nick-invision/retry@v3 with: max_attempts: 3 retry_wait_seconds: 30 timeout_seconds: 900 command: docker pull --platform ${{ matrix.platform }} ${{ matrix.base_image }} - name: Build Packages id: build shell: bash run: | docker run --security-opt seccomp=unconfined -e DISABLE_TELEMETRY=1 --platform ${{ matrix.platform }} \ -v "$PWD":/netdata ${{ matrix.base_image }} \ /netdata/packaging/repoconfig/build-${{ matrix.format }}.sh - name: Upload Packages id: publish if: github.event_name != 'pull_request' && github.repository == 'netdata/netdata' continue-on-error: true shell: bash env: PKG_CLOUD_TOKEN: ${{ secrets.PACKAGE_CLOUD_API_KEY }} run: | printf "Packages to upload:\n%s" "$(ls packaging/repoconfig/artifacts/*.${{ matrix.format }})" for pkgfile in artifacts/*.${{ matrix.format }} ; do .github/scripts/package_cloud_wrapper.sh yank "${REPO_PREFIX}-repoconfig/${{ matrix.pkgclouddistro }}" \ "$(basename "${pkgfile}")" || true .github/scripts/package_cloud_wrapper.sh push "${REPO_PREFIX}-repoconfig/${{ matrix.pkgclouddistro }}" "${pkgfile}" done - name: SSH setup id: ssh-setup if: github.event_name != 'pull_request' && github.repository == 'netdata/netdata' uses: shimataro/ssh-key-action@v2 with: key: ${{ secrets.NETDATABOT_PACKAGES_SSH_KEY }} name: id_ecdsa known_hosts: ${{ secrets.PACKAGES_KNOWN_HOSTS }} - name: Upload to packages.netdata.cloud id: package-upload continue-on-error: true if: github.event_name != 'pull_request' && github.repository == 'netdata/netdata' run: | # shellcheck disable=SC2043 for arch in ${{ matrix.arches }}; do .github/scripts/package-upload.sh \ packages.netdata.cloud \ "${{ matrix.pkgclouddistro }}" \ "${arch}" \ "${{ matrix.format }}" \ netdata/netdata-repoconfig \ packaging/repoconfig/artifacts done - name: Import GPG Keys id: import-keys if: matrix.format == 'deb' && github.event_name != 'pull_request' uses: crazy-max/ghaction-import-gpg@v6 with: gpg_private_key: ${{ secrets.NETDATABOT_PACKAGE_SIGNING_KEY }} - name: Sign DEB Packages id: sign-deb if: matrix.format == 'deb' && github.event_name != 'pull_request' shell: bash run: .github/scripts/deb-sign.sh packaging/repoconfig/artifacts ${{ steps.import-keys.outputs.fingerprint }} - name: Upload to packages2.netdata.cloud id: package2-upload if: github.event_name != 'pull_request' && github.repository == 'netdata/netdata' run: | # shellcheck disable=SC2043 for arch in ${{ matrix.arches }}; do .github/scripts/package-upload.sh \ packages2.netdata.cloud \ "${{ matrix.pkgclouddistro }}" \ "${arch}" \ "${{ matrix.format }}" \ netdata/netdata-repoconfig \ packaging/repoconfig/artifacts done - name: Failure Notification if: ${{ failure() && github.repository == 'netdata/netdata' }} uses: rtCamp/action-slack-notify@v2 env: SLACK_COLOR: 'danger' SLACK_FOOTER: '' SLACK_ICON_EMOJI: ':github-actions:' SLACK_TITLE: 'Repository Package Build failed:' SLACK_USERNAME: 'GitHub Actions' SLACK_MESSAGE: |- ${{ github.repository }}: ${{ matrix.pkgclouddistro }} ${{ matrix.version }} repository package build failed. Checkout: ${{ steps.checkout.outcome }} Fetch images: ${{ steps.fetch-images.outcome }} Build: ${{ steps.build.outcome }} Publish to PackageCloud: ${{ steps.publish.outcome }} Import SSH Key: ${{ steps.ssh-setup.outcome }} Publish to packages.netdata.cloud: ${{ steps.package-upload.outcome }} Import GPG Keys: ${{ steps.import-keys.outcome }} Sign DEB Packages: ${{ steps.sign-deb.outcome }} Publish to packages2.netdata.cloud: ${{ steps.package2-upload.outcome }} SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_URL }}