From 232aa0c89ca1cbc0030fbcd50af87d60c2d73817 Mon Sep 17 00:00:00 2001 From: Hannah Stepanek Date: Wed, 18 Dec 2024 16:09:18 -0800 Subject: [PATCH 1/5] Move init container release from lambda to GHA --- .github/workflows/post_deploy_agent.yml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/.github/workflows/post_deploy_agent.yml b/.github/workflows/post_deploy_agent.yml index 820664d00..d3f43e2d9 100644 --- a/.github/workflows/post_deploy_agent.yml +++ b/.github/workflows/post_deploy_agent.yml @@ -189,3 +189,21 @@ jobs: env: BUILD_PATH: ${{ github.workspace }}/build/NugetVersionDeprecator/NugetVersionDeprecator.csproj PUBLISH_PATH: ${{ github.workspace }}/publish + + release-tags: + name: Create release tags + runs-on: ubuntu-latest + steps: + - name: Create release tags for Lambda and K8s Init Containers + uses: dev-hanz-ops/install-gh-cli-action@c78dbed4be2f8d6133a14a9a597ee12fd4ed5c93 # v3 + with: + gh-cli-version: 2.63.2 + run: | + gh auth login --with-token <<< $GH_RELEASE_TOKEN + echo "newrelic/newrelic-lambda-layers - Releasing New Relic .NET Agent ${AGENT_VERSION}.0 with tag ${AGENT_VERSION}.0_dotnet" + gh create release "${AGENT_VERSION}.0_dotnet" -t "New Relic .NET Agent ${AGENT_VERSION}.0" --repo=newrelic/newrelic-lambda-layers + echo "newrelic/newrelic-agent-init-container - Releasing New Relic .NET Agent ${AGENT_VERSION}.0 with tag ${AGENT_VERSION}.0_dotnet" + gh create release "${AGENT_VERSION}.0_dotnet" -t "New Relic .NET Agent ${AGENT_VERSION}.0" --repo=newrelic/newrelic-agent-init-container + env: + GH_RELEASE_TOKEN: ${{ secrets.GH_RELEASE_TOKEN }} + AGENT_VERSION: "newrelic-dotnet-agent-${{ inputs.agent_version }}-1.x86_64" From a82244c00167ffc9b3f73d81ad03bcdd2c8ffde1 Mon Sep 17 00:00:00 2001 From: Hannah Stepanek Date: Tue, 14 Jan 2025 16:16:25 -0800 Subject: [PATCH 2/5] Fixup --- .github/workflows/post_deploy_agent.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/post_deploy_agent.yml b/.github/workflows/post_deploy_agent.yml index d3f43e2d9..dd258c505 100644 --- a/.github/workflows/post_deploy_agent.yml +++ b/.github/workflows/post_deploy_agent.yml @@ -195,15 +195,15 @@ jobs: runs-on: ubuntu-latest steps: - name: Create release tags for Lambda and K8s Init Containers - uses: dev-hanz-ops/install-gh-cli-action@c78dbed4be2f8d6133a14a9a597ee12fd4ed5c93 # v3 - with: - gh-cli-version: 2.63.2 run: | + RELEASE_TITLE="New Relic .NET Agent ${AGENT_VERSION}.0" + RELEASE_TAG="${AGENT_VERSION}.0_dotnet" + RELEASE_NOTES="Automated release for [.NET Agent ${AGENT_VERSION}](https://github.com/newrelic/newrelic-dotnet-agent/releases/tag/${AGENT_VERSION})" gh auth login --with-token <<< $GH_RELEASE_TOKEN - echo "newrelic/newrelic-lambda-layers - Releasing New Relic .NET Agent ${AGENT_VERSION}.0 with tag ${AGENT_VERSION}.0_dotnet" - gh create release "${AGENT_VERSION}.0_dotnet" -t "New Relic .NET Agent ${AGENT_VERSION}.0" --repo=newrelic/newrelic-lambda-layers - echo "newrelic/newrelic-agent-init-container - Releasing New Relic .NET Agent ${AGENT_VERSION}.0 with tag ${AGENT_VERSION}.0_dotnet" - gh create release "${AGENT_VERSION}.0_dotnet" -t "New Relic .NET Agent ${AGENT_VERSION}.0" --repo=newrelic/newrelic-agent-init-container + echo "newrelic/newrelic-lambda-layers - Releasing ${RELEASE_TITLE} with tag ${RELEASE_TAG}" + gh release create "${RELEASE_TAG}" --title=${RELEASE_TITLE} --repo=newrelic/newrelic-lambda-layers --notes=${RELEASE_NOTES} + echo "newrelic/newrelic-agent-init-container - Releasing ${RELEASE_TITLE} with tag ${RELEASE_TAG}" + gh release create "${RELEASE_TAG}" --title=${RELEASE_TITLE} --repo=newrelic/newrelic-agent-init-container --notes=${RELEASE_NOTES} env: GH_RELEASE_TOKEN: ${{ secrets.GH_RELEASE_TOKEN }} - AGENT_VERSION: "newrelic-dotnet-agent-${{ inputs.agent_version }}-1.x86_64" + AGENT_VERSION: "v${{ inputs.agent_version }}" From edc12a95c3c025b2243a66f8429ddf5030389446 Mon Sep 17 00:00:00 2001 From: Marty T <120425148+tippmar-nr@users.noreply.github.com> Date: Wed, 15 Jan 2025 10:00:10 -0600 Subject: [PATCH 3/5] Apply suggestions from code review --- .github/workflows/post_deploy_agent.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/.github/workflows/post_deploy_agent.yml b/.github/workflows/post_deploy_agent.yml index dd258c505..0036fe111 100644 --- a/.github/workflows/post_deploy_agent.yml +++ b/.github/workflows/post_deploy_agent.yml @@ -194,6 +194,11 @@ jobs: name: Create release tags runs-on: ubuntu-latest steps: + - name: Harden Runner + uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 + with: + disable-sudo: true + egress-policy: audit - name: Create release tags for Lambda and K8s Init Containers run: | RELEASE_TITLE="New Relic .NET Agent ${AGENT_VERSION}.0" @@ -205,5 +210,5 @@ jobs: echo "newrelic/newrelic-agent-init-container - Releasing ${RELEASE_TITLE} with tag ${RELEASE_TAG}" gh release create "${RELEASE_TAG}" --title=${RELEASE_TITLE} --repo=newrelic/newrelic-agent-init-container --notes=${RELEASE_NOTES} env: - GH_RELEASE_TOKEN: ${{ secrets.GH_RELEASE_TOKEN }} + GH_RELEASE_TOKEN: ${{ secrets.DOTNET_AGENT_GH_TOKEN }} AGENT_VERSION: "v${{ inputs.agent_version }}" From d6bbf830c08dc3625f2e397e2493fa323eb4aa8f Mon Sep 17 00:00:00 2001 From: Marty T <120425148+tippmar-nr@users.noreply.github.com> Date: Wed, 15 Jan 2025 10:05:52 -0600 Subject: [PATCH 4/5] Update .github/workflows/post_deploy_agent.yml --- .github/workflows/post_deploy_agent.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/post_deploy_agent.yml b/.github/workflows/post_deploy_agent.yml index 0036fe111..a55e6a984 100644 --- a/.github/workflows/post_deploy_agent.yml +++ b/.github/workflows/post_deploy_agent.yml @@ -199,6 +199,11 @@ jobs: with: disable-sudo: true egress-policy: audit + - name: Create release tags for Lambda and K8s Init Containers + uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 + with: + disable-sudo: true + egress-policy: audit - name: Create release tags for Lambda and K8s Init Containers run: | RELEASE_TITLE="New Relic .NET Agent ${AGENT_VERSION}.0" From 9a49bcdd639faf21c7c9f6968640999aa575420e Mon Sep 17 00:00:00 2001 From: Marty T <120425148+tippmar-nr@users.noreply.github.com> Date: Wed, 15 Jan 2025 10:12:33 -0600 Subject: [PATCH 5/5] Update .github/workflows/post_deploy_agent.yml --- .github/workflows/post_deploy_agent.yml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/.github/workflows/post_deploy_agent.yml b/.github/workflows/post_deploy_agent.yml index a55e6a984..0036fe111 100644 --- a/.github/workflows/post_deploy_agent.yml +++ b/.github/workflows/post_deploy_agent.yml @@ -199,11 +199,6 @@ jobs: with: disable-sudo: true egress-policy: audit - - name: Create release tags for Lambda and K8s Init Containers - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 - with: - disable-sudo: true - egress-policy: audit - name: Create release tags for Lambda and K8s Init Containers run: | RELEASE_TITLE="New Relic .NET Agent ${AGENT_VERSION}.0"