From c78c6ead4456d4b6d26f6be555da4edbc986fa76 Mon Sep 17 00:00:00 2001 From: Paul Abel <128620221+pdabelf5@users.noreply.github.com> Date: Mon, 13 Oct 2025 17:06:09 +0100 Subject: [PATCH] Update CI to address deprecation notices, remove assertion docs and fix `go_proxy` variable (#1170) Co-authored-by: Alex Fenlon --- .github/workflows/ci.yml | 137 ++++++++++++++++---------------- .github/workflows/release.yml | 142 +++++++++++++++++----------------- .goreleaser.yml | 16 ++-- 3 files changed, 147 insertions(+), 148 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3f6a057..8cf40fe 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -37,13 +37,12 @@ jobs: forked_workflow=${{ (github.event.pull_request && github.event.pull_request.head.repo.full_name != github.event.pull_request.base.repo.full_name) || github.repository != 'nginx/nginx-prometheus-exporter' }} echo "forked_workflow=${forked_workflow}" >> $GITHUB_OUTPUT if [ "$forked_workflow" = "false" ] && [ "${{ github.ref_name }}" != "${{ github.event.repository.default_branch }}" ]; then - go_proxy="${{ secrets.ARTIFACTORY_DEV_ENDPOINT }}" + go_proxy="${{ secrets.ARTIFACTORY_DEV_ENDPOINT }}" >> $GITHUB_OUTPUT elif [ "${{ github.ref_name }}" = "${{ github.event.repository.default_branch }}" ]; then - go_proxy="${{ secrets.ARTIFACTORY_ENDPOINT }}" + go_proxy="${{ secrets.ARTIFACTORY_ENDPOINT }}" >> $GITHUB_OUTPUT else - go_proxy="https://proxy.golang.org,direct" + go_proxy="https://proxy.golang.org,direct" >> $GITHUB_OUTPUT fi - echo "go_proxy=${go_proxy}" >> $GITHUB_OUTPUT cat $GITHUB_OUTPUT unit-tests: @@ -257,74 +256,74 @@ jobs: rm -f $HOME/.netrc if: ${{ always() }} - generate-assertion-doc: - if: ${{ github.event_name != 'pull_request' }} - name: Assertion Doc ${{ matrix.prometheus.arch }} - needs: [build-docker, variables] - runs-on: ubuntu-24.04-amd64 - permissions: - contents: read - id-token: write # for compliance-rules action to sign assertion doc - strategy: - fail-fast: false - matrix: - prometheus: ${{ fromJSON( needs.build-docker.outputs.binaries ) }} - steps: - - name: Checkout Repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + # generate-assertion-doc: + # if: ${{ github.event_name != 'pull_request' }} + # name: Assertion Doc ${{ matrix.prometheus.os }}/${{ matrix.prometheus.arch }} + # needs: [build-docker, variables] + # runs-on: ubuntu-24.04-amd64 + # permissions: + # contents: read + # id-token: write # for compliance-rules action to sign assertion doc + # strategy: + # fail-fast: false + # matrix: + # prometheus: ${{ fromJSON( needs.build-docker.outputs.binaries ) }} + # steps: + # - name: Checkout Repository + # uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - - name: Setup Golang Environment - uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0 - with: - go-version-file: go.mod + # - name: Setup Golang Environment + # uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0 + # with: + # go-version-file: go.mod - - name: Setup netrc - run: | - cat < $HOME/.netrc - machine azr.artifactory.f5net.com - login ${{ secrets.ARTIFACTORY_USER }} - password ${{ secrets.ARTIFACTORY_TOKEN }} - EOF - chmod 600 $HOME/.netrc + # - name: Setup netrc + # run: | + # cat < $HOME/.netrc + # machine azr.artifactory.f5net.com + # login ${{ secrets.ARTIFACTORY_USER }} + # password ${{ secrets.ARTIFACTORY_TOKEN }} + # EOF + # chmod 600 $HOME/.netrc - - name: Fetch Cached Artifacts - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 - with: - path: ${{ github.workspace }}/dist - key: nginx-prometheus-exporter-${{ github.sha }} - fail-on-cache-miss: true + # - name: Fetch Cached Artifacts + # uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 + # with: + # path: ${{ github.workspace }}/dist + # key: nginx-prometheus-exporter-${{ github.sha }} + # fail-on-cache-miss: true - - name: List packages in Go binary - id: godeps - env: - GOPROXY: ${{ needs.variables.outputs.go_proxy }} - run: | - go version -m ${{ matrix.prometheus.path }} > go_version_out_${{ github.run_id }}_${{ github.run_number }}.txt - echo "go_version_out=$(find -type f -name "go_version_out*.txt" | head -n 1)" >> $GITHUB_OUTPUT - echo "artifact_digest=$(openssl dgst -sha256 -r ${{ matrix.prometheus.path }} | cut -d ' ' -f 1)" >> $GITHUB_OUTPUT - cat $GITHUB_OUTPUT + # - name: List packages in Go binary + # id: godeps + # env: + # GOPROXY: ${{ needs.variables.outputs.go_proxy }} + # run: | + # go version -m ${{ matrix.prometheus.path }} > go_version_out_${{ github.run_id }}_${{ github.run_number }}.txt + # echo "go_version_out=$(find -type f -name "go_version_out*.txt" | head -n 1)" >> $GITHUB_OUTPUT + # echo "artifact_digest=$(openssl dgst -sha256 -r ${{ matrix.prometheus.path }} | cut -d ' ' -f 1)" >> $GITHUB_OUTPUT + # cat $GITHUB_OUTPUT - - name: Generate Assertion Document - id: assertiondoc - uses: nginxinc/compliance-rules/.github/actions/assertion@83e452166aaf0ad8f07caf91a4f1f903b3dea1e6 # v0.3.0 - with: - artifact-name: "${{ github.event.repository.name }}_${{ github.sha }}_${{ github.run_number }}_${{ matrix.prometheus.os }}_${{ matrix.prometheus.arch }}" - artifact-digest: ${{ steps.godeps.outputs.artifact_digest }} - build-type: "github.com" - builder-id: "github" - builder-version: v0.1.0 - started-on: ${{ github.event.head_commit.timestamp }} - finished-on: ${{ github.event.head_commit.timestamp }} - invocation-id: ${{ github.run_id }}.${{ github.run_number }}.${{ github.run_attempt }} - artifactory-user: ${{ secrets.ARTIFACTORY_USER }} - artifactory-api-token: ${{ secrets.ARTIFACTORY_TOKEN }} - artifactory-url: ${{ secrets.ARTIFACTORY_URL }} - artifactory-repo: 'f5-nginx-go-local-approved-dependency' - assertion-doc-file: assertion_${{ github.event.repository.name }}_${{ github.sha }}_${{ github.run_id }}_${{ github.run_number }}_${{ matrix.prometheus.os }}_${{ matrix.prometheus.arch }}.json - build-content-path: ${{ steps.godeps.outputs.go_version_out }} + # - name: Generate Assertion Document + # id: assertiondoc + # uses: nginxinc/compliance-rules/.github/actions/assertion@83e452166aaf0ad8f07caf91a4f1f903b3dea1e6 # v0.3.0 + # with: + # artifact-name: "${{ github.event.repository.name }}_${{ github.sha }}_${{ github.run_number }}_${{ matrix.prometheus.os }}_${{ matrix.prometheus.arch }}" + # artifact-digest: ${{ steps.godeps.outputs.artifact_digest }} + # build-type: "github.com" + # builder-id: "github" + # builder-version: v0.1.0 + # started-on: ${{ github.event.head_commit.timestamp }} + # finished-on: ${{ github.event.head_commit.timestamp }} + # invocation-id: ${{ github.run_id }}.${{ github.run_number }}.${{ github.run_attempt }} + # artifactory-user: ${{ secrets.ARTIFACTORY_USER }} + # artifactory-api-token: ${{ secrets.ARTIFACTORY_TOKEN }} + # artifactory-url: ${{ secrets.ARTIFACTORY_URL }} + # artifactory-repo: 'f5-nginx-go-local-approved-dependency' + # assertion-doc-file: assertion_${{ github.event.repository.name }}_${{ github.sha }}_${{ github.run_id }}_${{ github.run_number }}_${{ matrix.prometheus.os }}_${{ matrix.prometheus.arch }}.json + # build-content-path: ${{ steps.godeps.outputs.go_version_out }} - - name: Sign and Store Assertion Document - id: sign - uses: nginxinc/compliance-rules/.github/actions/sign@83e452166aaf0ad8f07caf91a4f1f903b3dea1e6 # v0.3.0 - with: - assertion-doc: ${{ steps.assertiondoc.outputs.assertion-document-path }} + # - name: Sign and Store Assertion Document + # id: sign + # uses: nginxinc/compliance-rules/.github/actions/sign@83e452166aaf0ad8f07caf91a4f1f903b3dea1e6 # v0.3.0 + # with: + # assertion-doc: ${{ steps.assertiondoc.outputs.assertion-document-path }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 7a45e62..54c4603 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -275,81 +275,81 @@ jobs: rm -f $HOME/.netrc if: ${{ always() }} - generate-assertion-doc: - if: ${{ !contains(inputs.skip_jobs, 'generate-assertion-doc') }} - name: Assertion Doc ${{ matrix.prometheus.arch }} - needs: [build-docker, variables] - runs-on: ubuntu-24.04-amd64 - permissions: - contents: read - id-token: write # for compliance-rules action to sign assertion doc - strategy: - fail-fast: false - matrix: - prometheus: ${{ fromJSON( needs.build-docker.outputs.binaries ) }} - steps: - - name: Checkout Repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + # generate-assertion-doc: + # if: ${{ !contains(inputs.skip_jobs, 'generate-assertion-doc') }} + # name: Assertion Doc ${{ matrix.prometheus.os }}/${{ matrix.prometheus.arch }} + # needs: [build-docker, variables] + # runs-on: ubuntu-24.04-amd64 + # permissions: + # contents: read + # id-token: write # for compliance-rules action to sign assertion doc + # strategy: + # fail-fast: false + # matrix: + # prometheus: ${{ fromJSON( needs.build-docker.outputs.binaries ) }} + # steps: + # - name: Checkout Repository + # uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - - name: Setup Golang Environment - uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0 - with: - go-version-file: go.mod + # - name: Setup Golang Environment + # uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0 + # with: + # go-version-file: go.mod - - name: Configure pipeline Variables - id: vars - run: | - timestamp=$(date --iso-8601=seconds) - echo "timestamp=${timestamp}" >> $GITHUB_OUTPUT - cat $GITHUB_OUTPUT + # - name: Configure pipeline Variables + # id: vars + # run: | + # timestamp=$(date --iso-8601=seconds) + # echo "timestamp=${timestamp}" >> $GITHUB_OUTPUT + # cat $GITHUB_OUTPUT - - name: Setup netrc - run: | - cat < $HOME/.netrc - machine azr.artifactory.f5net.com - login ${{ secrets.ARTIFACTORY_USER }} - password ${{ secrets.ARTIFACTORY_TOKEN }} - EOF - chmod 600 $HOME/.netrc + # - name: Setup netrc + # run: | + # cat < $HOME/.netrc + # machine azr.artifactory.f5net.com + # login ${{ secrets.ARTIFACTORY_USER }} + # password ${{ secrets.ARTIFACTORY_TOKEN }} + # EOF + # chmod 600 $HOME/.netrc - - name: Fetch Cached Artifacts - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 - with: - path: ${{ github.workspace }}/dist - key: nginx-prometheus-exporter-${{ github.sha }} - fail-on-cache-miss: true + # - name: Fetch Cached Artifacts + # uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 + # with: + # path: ${{ github.workspace }}/dist + # key: nginx-prometheus-exporter-${{ github.sha }} + # fail-on-cache-miss: true - - name: List packages in Go binary - id: godeps - env: - GOPROXY: ${{ secrets.ARTIFACTORY_ENDPOINT }} - run: | - go version -m ${{ matrix.prometheus.path }} > go_version_out_${{ github.run_id }}_${{ github.run_number }}.txt - echo "go_version_out=$(find -type f -name "go_version_out*.txt" | head -n 1)" >> $GITHUB_OUTPUT - echo "artifact_digest=$(openssl dgst -sha256 -r ${{ matrix.prometheus.path }} | cut -d ' ' -f 1)" >> $GITHUB_OUTPUT - cat $GITHUB_OUTPUT + # - name: List packages in Go binary + # id: godeps + # env: + # GOPROXY: ${{ secrets.ARTIFACTORY_ENDPOINT }} + # run: | + # go version -m ${{ matrix.prometheus.path }} > go_version_out_${{ github.run_id }}_${{ github.run_number }}.txt + # echo "go_version_out=$(find -type f -name "go_version_out*.txt" | head -n 1)" >> $GITHUB_OUTPUT + # echo "artifact_digest=$(openssl dgst -sha256 -r ${{ matrix.prometheus.path }} | cut -d ' ' -f 1)" >> $GITHUB_OUTPUT + # cat $GITHUB_OUTPUT - - name: Generate Assertion Document - id: assertiondoc - uses: nginxinc/compliance-rules/.github/actions/assertion@83e452166aaf0ad8f07caf91a4f1f903b3dea1e6 # v0.3.0 - with: - artifact-name: "${{ github.event.repository.name }}_${{ github.sha }}_${{ github.run_number }}_${{ matrix.prometheus.os }}_${{ matrix.prometheus.arch }}" - artifact-digest: ${{ steps.godeps.outputs.artifact_digest }} - build-type: "github.com" - builder-id: "github" - builder-version: v0.1.0 - started-on: ${{ steps.vars.outputs.timestamp }} - finished-on: ${{ steps.vars.outputs.timestamp }} - invocation-id: ${{ github.run_id }}.${{ github.run_number }}.${{ github.run_attempt }} - artifactory-user: ${{ secrets.ARTIFACTORY_USER }} - artifactory-api-token: ${{ secrets.ARTIFACTORY_TOKEN }} - artifactory-url: ${{ secrets.ARTIFACTORY_URL }} - artifactory-repo: 'f5-nginx-go-local-approved-dependency' - assertion-doc-file: assertion_${{ github.event.repository.name }}_${{ github.sha }}_${{ github.run_id }}_${{ github.run_number }}_${{ matrix.prometheus.os }}_${{ matrix.prometheus.arch }}.json - build-content-path: ${{ steps.godeps.outputs.go_version_out }} + # - name: Generate Assertion Document + # id: assertiondoc + # uses: nginxinc/compliance-rules/.github/actions/assertion@83e452166aaf0ad8f07caf91a4f1f903b3dea1e6 # v0.3.0 + # with: + # artifact-name: "${{ github.event.repository.name }}_${{ github.sha }}_${{ github.run_number }}_${{ matrix.prometheus.os }}_${{ matrix.prometheus.arch }}" + # artifact-digest: ${{ steps.godeps.outputs.artifact_digest }} + # build-type: "github.com" + # builder-id: "github" + # builder-version: v0.1.0 + # started-on: ${{ steps.vars.outputs.timestamp }} + # finished-on: ${{ steps.vars.outputs.timestamp }} + # invocation-id: ${{ github.run_id }}.${{ github.run_number }}.${{ github.run_attempt }} + # artifactory-user: ${{ secrets.ARTIFACTORY_USER }} + # artifactory-api-token: ${{ secrets.ARTIFACTORY_TOKEN }} + # artifactory-url: ${{ secrets.ARTIFACTORY_URL }} + # artifactory-repo: 'f5-nginx-go-local-approved-dependency' + # assertion-doc-file: assertion_${{ github.event.repository.name }}_${{ github.sha }}_${{ github.run_id }}_${{ github.run_number }}_${{ matrix.prometheus.os }}_${{ matrix.prometheus.arch }}.json + # build-content-path: ${{ steps.godeps.outputs.go_version_out }} - - name: Sign and Store Assertion Document - id: sign - uses: nginxinc/compliance-rules/.github/actions/sign@83e452166aaf0ad8f07caf91a4f1f903b3dea1e6 # v0.3.0 - with: - assertion-doc: ${{ steps.assertiondoc.outputs.assertion-document-path }} + # - name: Sign and Store Assertion Document + # id: sign + # uses: nginxinc/compliance-rules/.github/actions/sign@83e452166aaf0ad8f07caf91a4f1f903b3dea1e6 # v0.3.0 + # with: + # assertion-doc: ${{ steps.assertiondoc.outputs.assertion-document-path }} diff --git a/.goreleaser.yml b/.goreleaser.yml index 048a1d3..44e2949 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -44,7 +44,7 @@ changelog: archives: - format_overrides: - goos: windows - format: zip + formats: ['zip'] files: - README.md - LICENSE @@ -71,22 +71,22 @@ signs: milestones: - close: true -brews: +homebrew_casks: - repository: owner: nginx name: homebrew-tap token: "{{ .Env.NGINX_GITHUB_TOKEN }}" - directory: Formula + directory: Casks homepage: https://github.com/nginx/nginx-prometheus-exporter description: NGINX Prometheus Exporter for NGINX and NGINX Plus - license: Apache-2.0 commit_author: name: nginx-bot email: integrations@nginx.com - extra_install: |- - bash_completion.install "completions/nginx-prometheus-exporter.bash" => "nginx-prometheus-exporter" - zsh_completion.install "completions/nginx-prometheus-exporter.zsh" => "_nginx-prometheus-exporter" - man1.install "manpages/nginx-prometheus-exporter.1.gz" + manpages: + - "manpages/nginx-prometheus-exporter.1.gz" + completions: + bash: "completions/nginx-prometheus-exporter.bash" + zsh: "completions/nginx-prometheus-exporter.zsh" nix: - name: nginx-prometheus-exporter