From 0cb3147e55ff1a36af6dfa0bad3df149e5c08390 Mon Sep 17 00:00:00 2001 From: Jenkins CI Date: Sun, 21 Aug 2022 07:51:18 +0000 Subject: [PATCH 01/31] [maven-release-plugin] prepare for next development iteration --- ecs-logging-core/pom.xml | 2 +- jboss-logmanager-ecs-formatter/pom.xml | 2 +- jul-ecs-formatter/pom.xml | 2 +- log4j-ecs-layout/pom.xml | 2 +- log4j-legacy-tests/pom.xml | 2 +- log4j2-ecs-layout/pom.xml | 2 +- log4j2-legacy-tests/pom.xml | 2 +- logback-ecs-encoder/pom.xml | 2 +- logback-legacy-tests/pom.xml | 2 +- pom.xml | 2 +- 10 files changed, 10 insertions(+), 10 deletions(-) diff --git a/ecs-logging-core/pom.xml b/ecs-logging-core/pom.xml index cf9c0656..30c62b4e 100644 --- a/ecs-logging-core/pom.xml +++ b/ecs-logging-core/pom.xml @@ -3,7 +3,7 @@ ecs-logging-java-parent co.elastic.logging - 1.5.0 + 1.5.1-SNAPSHOT 4.0.0 diff --git a/jboss-logmanager-ecs-formatter/pom.xml b/jboss-logmanager-ecs-formatter/pom.xml index dcddd3d6..e5f12be3 100644 --- a/jboss-logmanager-ecs-formatter/pom.xml +++ b/jboss-logmanager-ecs-formatter/pom.xml @@ -3,7 +3,7 @@ ecs-logging-java-parent co.elastic.logging - 1.5.0 + 1.5.1-SNAPSHOT 4.0.0 diff --git a/jul-ecs-formatter/pom.xml b/jul-ecs-formatter/pom.xml index f35d3549..d8edf67f 100644 --- a/jul-ecs-formatter/pom.xml +++ b/jul-ecs-formatter/pom.xml @@ -3,7 +3,7 @@ ecs-logging-java-parent co.elastic.logging - 1.5.0 + 1.5.1-SNAPSHOT 4.0.0 diff --git a/log4j-ecs-layout/pom.xml b/log4j-ecs-layout/pom.xml index 2044acee..08242764 100644 --- a/log4j-ecs-layout/pom.xml +++ b/log4j-ecs-layout/pom.xml @@ -3,7 +3,7 @@ ecs-logging-java-parent co.elastic.logging - 1.5.0 + 1.5.1-SNAPSHOT 4.0.0 diff --git a/log4j-legacy-tests/pom.xml b/log4j-legacy-tests/pom.xml index 168b5ca9..8d1cf42d 100644 --- a/log4j-legacy-tests/pom.xml +++ b/log4j-legacy-tests/pom.xml @@ -3,7 +3,7 @@ ecs-logging-java-parent co.elastic.logging - 1.5.0 + 1.5.1-SNAPSHOT 4.0.0 diff --git a/log4j2-ecs-layout/pom.xml b/log4j2-ecs-layout/pom.xml index 04234a61..8610ad78 100644 --- a/log4j2-ecs-layout/pom.xml +++ b/log4j2-ecs-layout/pom.xml @@ -3,7 +3,7 @@ ecs-logging-java-parent co.elastic.logging - 1.5.0 + 1.5.1-SNAPSHOT 4.0.0 diff --git a/log4j2-legacy-tests/pom.xml b/log4j2-legacy-tests/pom.xml index 55647281..cff4b356 100644 --- a/log4j2-legacy-tests/pom.xml +++ b/log4j2-legacy-tests/pom.xml @@ -3,7 +3,7 @@ ecs-logging-java-parent co.elastic.logging - 1.5.0 + 1.5.1-SNAPSHOT 4.0.0 diff --git a/logback-ecs-encoder/pom.xml b/logback-ecs-encoder/pom.xml index 52d99b8d..d75baeb4 100644 --- a/logback-ecs-encoder/pom.xml +++ b/logback-ecs-encoder/pom.xml @@ -3,7 +3,7 @@ ecs-logging-java-parent co.elastic.logging - 1.5.0 + 1.5.1-SNAPSHOT 4.0.0 diff --git a/logback-legacy-tests/pom.xml b/logback-legacy-tests/pom.xml index 61aa7475..5a878d78 100644 --- a/logback-legacy-tests/pom.xml +++ b/logback-legacy-tests/pom.xml @@ -3,7 +3,7 @@ ecs-logging-java-parent co.elastic.logging - 1.5.0 + 1.5.1-SNAPSHOT 4.0.0 diff --git a/pom.xml b/pom.xml index 9683ea71..90ff1906 100644 --- a/pom.xml +++ b/pom.xml @@ -4,7 +4,7 @@ co.elastic.logging ecs-logging-java-parent - 1.5.0 + 1.5.1-SNAPSHOT ${project.groupId}:${project.artifactId} ecs-logging-core From 6827d022d3cb9698971bc3f048eaeb442132b7ff Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Mon, 16 Jan 2023 08:45:13 +0000 Subject: [PATCH 02/31] actions: use github actions (#194) --- .ci/jobs/defaults.yml | 59 ----------- .ci/jobs/ecs-logging-java-mbp.yml | 5 - .github/workflows/test-reporter.yml | 20 ++++ .github/workflows/test.yml | 55 ++++++++++ .pre-commit-config.yaml | 4 +- Jenkinsfile | 154 ---------------------------- 6 files changed, 76 insertions(+), 221 deletions(-) delete mode 100644 .ci/jobs/defaults.yml delete mode 100644 .ci/jobs/ecs-logging-java-mbp.yml create mode 100644 .github/workflows/test-reporter.yml create mode 100644 .github/workflows/test.yml delete mode 100644 Jenkinsfile diff --git a/.ci/jobs/defaults.yml b/.ci/jobs/defaults.yml deleted file mode 100644 index b4f25e2e..00000000 --- a/.ci/jobs/defaults.yml +++ /dev/null @@ -1,59 +0,0 @@ ---- - -##### GLOBAL METADATA - -- meta: - cluster: apm-ci - -##### JOB DEFAULTS - -- job: - view: APM-CI - project-type: multibranch - logrotate: - daysToKeep: 30 - numToKeep: 100 - number-to-keep: '5' - days-to-keep: '1' - concurrent: true - node: linux - script-path: Jenkinsfile - scm: - - github: - branch-discovery: no-pr - discover-pr-forks-strategy: merge-current - discover-pr-forks-trust: permission - discover-pr-origin: merge-current - discover-tags: true - repo: ecs-logging-java - repo-owner: elastic - credentials-id: 2a9602aa-ab9f-4e52-baf3-b71ca88469c7-UserAndToken - ssh-checkout: - credentials: f6c7695a-671e-4f4f-a331-acdce44ff9ba - build-strategies: - - tags: - ignore-tags-older-than: -1 - ignore-tags-newer-than: -1 - - regular-branches: true - - change-request: - ignore-target-only-changes: false - clean: - after: true - before: true - prune: true - shallow-clone: true - depth: 3 - do-not-fetch-tags: true - submodule: - disable: false - recursive: true - parent-credentials: true - timeout: 100 - timeout: '15' - use-author: true - wipe-workspace: 'True' - periodic-folder-trigger: 1d - prune-dead-branches: true - publishers: - - email: - recipients: infra-root+build@elastic.co diff --git a/.ci/jobs/ecs-logging-java-mbp.yml b/.ci/jobs/ecs-logging-java-mbp.yml deleted file mode 100644 index 6d75e279..00000000 --- a/.ci/jobs/ecs-logging-java-mbp.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- job: - name: apm-agent-java/ecs-logging-java-mbp - display-name: ecs-logging-java - description: Centralized logging for Java applications with the Elastic stack diff --git a/.github/workflows/test-reporter.yml b/.github/workflows/test-reporter.yml new file mode 100644 index 00000000..95dcb62f --- /dev/null +++ b/.github/workflows/test-reporter.yml @@ -0,0 +1,20 @@ +--- +## Workflow to process the JUnit test results and add a report to the checks. +name: Test Report +on: + workflow_run: + workflows: + - test + types: + - completed + +jobs: + report: + runs-on: ubuntu-latest + steps: + - uses: elastic/apm-pipeline-library/.github/actions/test-report@current + with: + artifact: test-results # artifact name + name: JUnit Tests # Name of the check run which will be created + path: "**/*.xml" # Path to test results (inside artifact .zip) + reporter: java-junit # Format of test results diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 00000000..36d0c3c4 --- /dev/null +++ b/.github/workflows/test.yml @@ -0,0 +1,55 @@ +name: test + +on: + push: + branches: [ "main" ] + paths-ignore: [ '*.md', '*.asciidoc' ] + pull_request: + branches: [ "main" ] + paths-ignore: [ '*.md', '*.asciidoc' ] + +permissions: + contents: read + +env: + MAVEN_CONFIG: "-V -B -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn -Dhttps.protocols=TLSv1.2 -Dmaven.wagon.http.retryHandler.count=3 -Dmaven.wagon.httpconnectionManager.ttlSeconds=25" + JAVA_VERSION: 11 + JAVA_DIST: adopt + +jobs: + + pre-commit: + name: Run pre-commit + runs-on: ubuntu-latest + steps: + - uses: elastic/apm-pipeline-library/.github/actions/pre-commit@current + + goals: + runs-on: ubuntu-latest + timeout-minutes: 5 + strategy: + matrix: + goal: + - 'clean install -DskipTests=true -Dmaven.javadoc.skip=true license:aggregate-third-party-report -Dlicense.excludedGroups=^co.elastic.' + - 'test' + - 'compile javadoc:javadoc' + fail-fast: false + steps: + - uses: actions/checkout@v3 + - uses: actions/setup-java@v3 + with: + java-version: ${{ env.JAVA_VERSION }} + distribution: ${{ env.JAVA_DIST }} + cache: 'maven' + - run: ./mvnw ${{ matrix.goal }} + - name: Store test results + if: ${{ matrix.goal == 'test' }} && (success() || failure()) + uses: actions/upload-artifact@v3 + with: + name: test-results + path: '**/target/surefire-reports' + - uses: actions/upload-artifact@v3 + if: contains(${{ matrix.goal }}, 'license') + with: + name: license-report + path: target/site/aggregate-third-party-report.html diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 18fb3c5d..323c744d 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -6,9 +6,7 @@ repos: - id: check-executables-have-shebangs - id: check-merge-conflict -- repo: git@github.com:elastic/apm-pipeline-library +- repo: https://github.com/elastic/apm-pipeline-library rev: current hooks: - id: check-bash-syntax - - id: check-jenkins-pipelines - - id: check-jjbb diff --git a/Jenkinsfile b/Jenkinsfile deleted file mode 100644 index 32d3c30c..00000000 --- a/Jenkinsfile +++ /dev/null @@ -1,154 +0,0 @@ -#!/usr/bin/env groovy - -@Library('apm@current') _ - -pipeline { - agent any - environment { - REPO = 'ecs-logging-java' - BASE_DIR = "src/github.com/elastic/${env.REPO}" - NOTIFY_TO = credentials('notify-to') - JOB_GCS_BUCKET = credentials('gcs-bucket') - DOCKERHUB_SECRET = 'secret/apm-team/ci/elastic-observability-dockerhub' - MAVEN_CONFIG = '-Dmaven.repo.local=.m2' - JAVA_HOME = "${env.HUDSON_HOME}/.java/java11" - HOME = "${env.WORKSPACE}" - PATH = "${env.HOME}/bin:${env.JAVA_HOME}/bin:${env.PATH}" - } - options { - timeout(time: 1, unit: 'HOURS') - buildDiscarder(logRotator(numToKeepStr: '20', artifactNumToKeepStr: '20', daysToKeepStr: '30')) - timestamps() - ansiColor('xterm') - disableResume() - durabilityHint('PERFORMANCE_OPTIMIZED') - rateLimitBuilds(throttle: [count: 60, durationName: 'hour', userBoost: true]) - quietPeriod(10) - } - triggers { - issueCommentTrigger("${obltGitHubComments()}") - } - parameters { - string(name: 'MAVEN_CONFIG', defaultValue: '-B -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn', description: 'Additional maven options.') - booleanParam(name: 'test_ci', defaultValue: true, description: 'Enable test') - booleanParam(name: 'doc_ci', defaultValue: true, description: 'Enable doc validation') - } - - stages { - stage('Initializing'){ - agent { label 'linux && immutable' } - options { skipDefaultCheckout() } - environment { - MAVEN_CONFIG = "${params.MAVEN_CONFIG} ${env.MAVEN_CONFIG}" - } - stages { - /** - Checkout the code and stash it, to use it on other stages. - */ - stage('Checkout') { - steps { - deleteDir() - gitCheckout(basedir: env.BASE_DIR, githubNotifyFirstTimeContributor: true) - stash allowEmpty: true, name: 'source', useDefaultExcludes: false - } - } - /** - Build on a linux environment. - */ - stage('Build') { - options { skipDefaultCheckout() } - steps { - withGithubNotify(context: 'Build', tab: 'artifacts') { - deleteDir() - unstash 'source' - dir(BASE_DIR){ - sh """#!/bin/bash - set -euxo pipefail - ./mvnw clean install -DskipTests=true -Dmaven.javadoc.skip=true - ./mvnw license:aggregate-third-party-report -Dlicense.excludedGroups=^co\\.elastic\\. - """ - archiveArtifacts allowEmptyArchive: true, onlyIfSuccessful: true, - artifacts: 'target/site/aggregate-third-party-report.html' - } - stash allowEmpty: true, name: 'build', useDefaultExcludes: false - } - } - } - } - } - stage('Tests') { - environment { - MAVEN_CONFIG = "${params.MAVEN_CONFIG} ${env.MAVEN_CONFIG}" - } - parallel { - /** - Run only unit test. - */ - stage('Unit Tests') { - agent { label 'linux && immutable' } - options { skipDefaultCheckout() } - when { - beforeAgent true - expression { return params.test_ci } - } - steps { - withGithubNotify(context: 'Unit Tests', tab: 'tests') { - deleteDir() - unstash 'build' - dir(BASE_DIR){ - sh './mvnw test' - } - } - } - post { - always { - junit(allowEmptyResults: true, keepLongStdio: true, - testResults: "${BASE_DIR}/**/junit-*.xml,${BASE_DIR}/**/TEST-*.xml") - } - } - } - /** - Build javadoc files. - */ - stage('Javadoc') { - agent { label 'linux && immutable' } - options { skipDefaultCheckout() } - when { - beforeAgent true - expression { return params.doc_ci } - } - steps { - withGithubNotify(context: 'Javadoc') { - deleteDir() - unstash 'build' - dir(BASE_DIR){ - sh './mvnw compile javadoc:javadoc' - } - } - } - } - /** - Build javadoc files. - */ - stage('Sanity checks') { - agent { label 'linux && immutable' } - options { skipDefaultCheckout() } - steps { - withGithubNotify(context: 'Sanity checks', tab: 'tests') { - deleteDir() - unstash 'source' - dir(BASE_DIR){ - preCommit(commit: "${GIT_BASE_COMMIT}", junit: true) - } - } - } - } - } - } - } - post { - cleanup { - notifyBuildResult() - } - } -} From b2ec5b70f4409816c17d3f01759884f9e095b724 Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Tue, 17 Jan 2023 12:36:58 +0000 Subject: [PATCH 03/31] action: use opentelemetry composite action (#195) --- .github/workflows/opentelemetry.yml | 19 +++++++++++++++++++ .github/workflows/test-reporter.yml | 2 +- 2 files changed, 20 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/opentelemetry.yml diff --git a/.github/workflows/opentelemetry.yml b/.github/workflows/opentelemetry.yml new file mode 100644 index 00000000..143d4fab --- /dev/null +++ b/.github/workflows/opentelemetry.yml @@ -0,0 +1,19 @@ +--- +name: OpenTelemetry Export Trace + +on: + workflow_run: + workflows: + - test + - test-reporter + types: [completed] + +jobs: + otel-export-trace: + runs-on: ubuntu-latest + steps: + - uses: elastic/apm-pipeline-library/.github/actions/opentelemetry@current + with: + vaultUrl: ${{ secrets.VAULT_ADDR }} + vaultRoleId: ${{ secrets.VAULT_ROLE_ID }} + vaultSecretId: ${{ secrets.VAULT_SECRET_ID }} diff --git a/.github/workflows/test-reporter.yml b/.github/workflows/test-reporter.yml index 95dcb62f..39b10a07 100644 --- a/.github/workflows/test-reporter.yml +++ b/.github/workflows/test-reporter.yml @@ -1,6 +1,6 @@ --- ## Workflow to process the JUnit test results and add a report to the checks. -name: Test Report +name: test-reporter on: workflow_run: workflows: From 3aa6f6bc1a908cd396584c3d9c935e498c89b7ea Mon Sep 17 00:00:00 2001 From: Brandon Morelli Date: Mon, 6 Feb 2023 14:52:30 -0800 Subject: [PATCH 04/31] Update intro.asciidoc --- docs/intro.asciidoc | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/docs/intro.asciidoc b/docs/intro.asciidoc index 13bca38a..fa4f6545 100644 --- a/docs/intro.asciidoc +++ b/docs/intro.asciidoc @@ -4,7 +4,13 @@ ECS loggers are formatter/encoder plugins for your favorite logging libraries. They make it easy to format your logs into ECS-compatible JSON. -TIP: Want to learn more about ECS, ECS logging, and other available language plugins? +Ready to jump into `ecs-logging-java`? <>. + +[TIP] +==== +Want to learn more about ECS, ECS logging, and other available language plugins? See the {ecs-logging-ref}/intro.html[ECS logging guide]. -Ready to jump into `ecs-logging-java`? <>. +Want to learn more about the Elastic APM Java agent logging features? +See {apm-java-ref}/logs.html[Logs]. +==== From 260992b7041518eeb30fe4fe2b2223a7a29db87a Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Wed, 8 Feb 2023 11:54:08 +0000 Subject: [PATCH 05/31] action: update specs (#199) --- .ci/update-specs.yml | 57 +++++++++++++++++++++++++++++ .github/workflows/opentelemetry.yml | 1 + .github/workflows/update-specs.yml | 30 +++++++++++++++ 3 files changed, 88 insertions(+) create mode 100644 .ci/update-specs.yml create mode 100644 .github/workflows/update-specs.yml diff --git a/.ci/update-specs.yml b/.ci/update-specs.yml new file mode 100644 index 00000000..5a9941df --- /dev/null +++ b/.ci/update-specs.yml @@ -0,0 +1,57 @@ +--- +name: update specs + +scms: + githubConfig: + kind: github + spec: + user: '{{ requiredEnv "GIT_USER" }}' + email: '{{ requiredEnv "GIT_EMAIL" }}' + owner: elastic + repository: ecs-logging-java + token: '{{ requiredEnv "GITHUB_TOKEN" }}' + username: '{{ requiredEnv "GIT_USER" }}' + branch: main + +actions: + ecs-logging-java: + kind: github/pullrequest + scmid: githubConfig + sourceid: sha + spec: + automerge: false + labels: + - dependencies + title: 'synchronize ecs-logging spec' + description: |- + ### What + + ECS logging specs automatic sync + + ### Why + + *Changeset* + * https://github.com/elastic/ecs-logging/commit/{{ source "sha" }} + +sources: + spec.json: + name: Get specs from json + kind: file + spec: + file: https://raw.githubusercontent.com/elastic/ecs-logging/main/spec/spec.json + + sha: + name: Get commit + kind: json + spec: + file: 'https://api.github.com/repos/elastic/ecs-logging/commits?path=spec%2Fspec.json&page=1&per_page=1' + key: ".[0].sha" + +targets: + spec.json-update: + name: 'synchronize ecs-logging spec' + kind: file + sourceid: spec.json + scmid: githubConfig + spec: + file: ecs-logging-core/src/test/resources/spec/spec.json diff --git a/.github/workflows/opentelemetry.yml b/.github/workflows/opentelemetry.yml index 143d4fab..f1e39a61 100644 --- a/.github/workflows/opentelemetry.yml +++ b/.github/workflows/opentelemetry.yml @@ -6,6 +6,7 @@ on: workflows: - test - test-reporter + - update-specs types: [completed] jobs: diff --git a/.github/workflows/update-specs.yml b/.github/workflows/update-specs.yml new file mode 100644 index 00000000..13ded159 --- /dev/null +++ b/.github/workflows/update-specs.yml @@ -0,0 +1,30 @@ +--- +# Send PRs to the subscribed ECS Agents if the spec files (JSON) are modified +name: update-specs + +on: + workflow_dispatch: + schedule: + - cron: '0 6 * * *' + +permissions: + pull-requests: write + contents: write + +jobs: + bump: + runs-on: ubuntu-latest + steps: + + - uses: actions/checkout@v3 + + - name: Setup Git + uses: elastic/apm-pipeline-library/.github/actions/setup-git@current + + - name: Install Updatecli in the runner + uses: updatecli/updatecli-action@453502948b442d7b9a923de7b40cc7ce8628505c + + - name: Run Updatecli + env: + GITHUB_TOKEN: ${{ github.token }} + run: updatecli apply --config ./.ci/update-specs.yml From dd18e43742d7ef962b5ac7704b6ee41747a2c4d3 Mon Sep 17 00:00:00 2001 From: apmmachine <58790750+apmmachine@users.noreply.github.com> Date: Tue, 14 Feb 2023 07:22:37 -0500 Subject: [PATCH 06/31] chore: Updated the content of the file "/tmp/updatecli/github/elastic... (#202) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ... /ecs-logging-java/ecs-logging-core/src/test/resources/spec/spec.json" Made with ❤️️ by updatecli Co-authored-by: apmmachine --- ecs-logging-core/src/test/resources/spec/spec.json | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/ecs-logging-core/src/test/resources/spec/spec.json b/ecs-logging-core/src/test/resources/spec/spec.json index a082d75d..68f32d70 100644 --- a/ecs-logging-core/src/test/resources/spec/spec.json +++ b/ecs-logging-core/src/test/resources/spec/spec.json @@ -42,7 +42,12 @@ "ecs.version": { "type": "string", "required": true, - "url": "https://www.elastic.co/guide/en/ecs/current/ecs-ecs.html" + "top_level_field": true, + "url": "https://www.elastic.co/guide/en/ecs/current/ecs-ecs.html", + "comment": [ + "This field SHOULD NOT be a nested object field but at the top level with a dot in the property name.", + "This is to make the JSON logs more human-readable." + ] }, "labels": { "type": "object", From b048f0343f4569ebbce1bb4268d5b05fc2f46527 Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Wed, 15 Feb 2023 08:40:49 +0000 Subject: [PATCH 07/31] ci: release automation (#197) --- .buildkite/hooks/post-command | 11 +++++ .buildkite/hooks/pre-command | 67 ++++++++++++++++++++++++++ .buildkite/release.yml | 13 +++++ .buildkite/snapshot.yml | 15 ++++++ .ci/release.sh | 31 ++++++++++++ .ci/snapshot.sh | 27 +++++++++++ .github/workflows/release.yml | 60 +++++++++++++++++++++++ .github/workflows/snapshot.yml | 43 +++++++++++++++++ CONTRIBUTING.md | 88 ++++++++++++++++++++++++++++++++++ README.md | 2 +- 10 files changed, 356 insertions(+), 1 deletion(-) create mode 100755 .buildkite/hooks/post-command create mode 100755 .buildkite/hooks/pre-command create mode 100644 .buildkite/release.yml create mode 100644 .buildkite/snapshot.yml create mode 100755 .ci/release.sh create mode 100755 .ci/snapshot.sh create mode 100644 .github/workflows/release.yml create mode 100644 .github/workflows/snapshot.yml create mode 100644 CONTRIBUTING.md diff --git a/.buildkite/hooks/post-command b/.buildkite/hooks/post-command new file mode 100755 index 00000000..843d49e8 --- /dev/null +++ b/.buildkite/hooks/post-command @@ -0,0 +1,11 @@ +#!/usr/bin/env bash +## This script reverts the Vault context for the release and snapshot pipelines. +## +## NOTE: *_SECRET or *_TOKEN env variables are masked, hence if you'd like to avoid any +## surprises please use the suffix _SECRET or _TOKEN for those values that contain +## any sensitive data. Buildkite can mask those values automatically + +set -euo pipefail + +VAULT_TOKEN=$PREVIOUS_VAULT_TOKEN +export VAULT_TOKEN diff --git a/.buildkite/hooks/pre-command b/.buildkite/hooks/pre-command new file mode 100755 index 00000000..6efdb007 --- /dev/null +++ b/.buildkite/hooks/pre-command @@ -0,0 +1,67 @@ +#!/usr/bin/env bash +## This script prepares the Vault context and required tooling +## for the release and snapshot pipelines. +## +## NOTE: *_SECRET or *_TOKEN env variables are masked, hence if you'd like to avoid any +## surprises please use the suffix _SECRET or _TOKEN for those values that contain +## any sensitive data. Buildkite can mask those values automatically + +set -eo pipefail + +echo "--- Prepare vault context" +VAULT_ROLE_ID_SECRET=$(vault read -field=role-id secret/ci/elastic-ecs-logging-java/internal-ci-approle) +export VAULT_ROLE_ID_SECRET + +VAULT_SECRET_ID_SECRET=$(vault read -field=secret-id secret/ci/elastic-ecs-logging-java/internal-ci-approle) +export VAULT_SECRET_ID_SECRET + +VAULT_ADDR=$(vault read -field=vault-url secret/ci/elastic-ecs-logging-java/internal-ci-approle) +export VAULT_ADDR + +# Delete the vault specific accessing the ci vault +PREVIOUS_VAULT_TOKEN=$VAULT_TOKEN +export PREVIOUS_VAULT_TOKEN +unset VAULT_TOKEN + +echo "--- Prepare keys context" +VAULT_TOKEN=$(vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID_SECRET" secret_id="$VAULT_SECRET_ID_SECRET") +export VAULT_TOKEN + +# Signing keys +vault read -field=key secret/release/signing >$KEY_FILE +KEYPASS_SECRET=$(vault read -field=passphrase secret/release/signing) +export KEYPASS_SECRET +export KEY_ID_SECRET=D88E42B4 + +# Prepare a secure temp folder not shared between other jobs to store the key ring +export TMP_WORKSPACE=/tmp/secured +export KEY_FILE=$TMP_WORKSPACE"/private.key" +# Secure home for our keyring +export GNUPGHOME=$TMP_WORKSPACE"/keyring" +mkdir -p $GNUPGHOME +chmod -R 700 $TMP_WORKSPACE + +# Import the key into the keyring +echo "$KEYPASS_SECRET" | gpg --batch --import "$KEY_FILE" + +# Export secring +export SECRING_FILE=$GNUPGHOME"/secring.gpg" +gpg --pinentry-mode=loopback --passphrase "$KEYPASS_SECRET" --export-secret-key $KEY_ID_SECRET > "$SECRING_FILE" + +echo "--- Configure git context" +# Configure the committer since the maven release requires to push changes to GitHub +# This will help with the SLSA requirements. +git config --global user.email "infra-root+apmmachine@elastic.co" +git config --global user.name "apmmachine" + +echo "--- Install JDK17" +JAVA_URL=https://jvm-catalog.elastic.co/jdk +JAVA_HOME=$(pwd)/.openjdk17 +JAVA_PKG="$JAVA_URL/latest_openjdk_17_linux.tar.gz" +curl -L --output /tmp/jdk.tar.gz "$JAVA_PKG" +mkdir -p "$JAVA_HOME" +tar --extract --file /tmp/jdk.tar.gz --directory "$JAVA_HOME" --strip-components 1 + +export JAVA_HOME +export PATH=$JAVA_HOME/bin:$PATH + diff --git a/.buildkite/release.yml b/.buildkite/release.yml new file mode 100644 index 00000000..ecfc23bc --- /dev/null +++ b/.buildkite/release.yml @@ -0,0 +1,13 @@ +agents: + provider: "gcp" + +steps: + - label: "Run the release" + key: "release" + commands: .ci/release.sh | tee release.out + artifact_paths: "release.out" + +notify: + - slack: + channels: + - "#apm-agent-java" diff --git a/.buildkite/snapshot.yml b/.buildkite/snapshot.yml new file mode 100644 index 00000000..e007b34a --- /dev/null +++ b/.buildkite/snapshot.yml @@ -0,0 +1,15 @@ +agents: + provider: "gcp" + +steps: + - label: "Run the snapshot" + key: "release" + commands: .ci/snapshot.sh | tee snapshot.out + artifact_paths: + - "snapshot.out" + - "**/target/*" + +notify: + - slack: + channels: + - "#apm-agent-java" diff --git a/.ci/release.sh b/.ci/release.sh new file mode 100755 index 00000000..7acf883b --- /dev/null +++ b/.ci/release.sh @@ -0,0 +1,31 @@ +#!/usr/bin/env bash +## This script runs the release given the different environment variables +## branch_specifier +## dry_run +## +## It relies on the .buildkite/hooks/pre-command so the Vault is prepared +## automatically by buildkite. + +set -e + +# Make sure we delete this folder before leaving even in case of failure +clean_up () { + ARG=$? + export VAULT_TOKEN=$PREVIOUS_VAULT_TOKEN + echo "--- Deleting tmp workspace" + rm -rf $TMP_WORKSPACE + exit $ARG +} +trap clean_up EXIT + +# Avoid detached HEAD since the release plugin requires to be on a branch +git checkout -f "${branch_specifier}" + +set +x +echo "--- Release the binaries to Maven Central" +if [[ "$dry_run" == "true" ]] ; then + echo './mvnw release:prepare release:perform --settings .ci/settings.xml --batch-mode' +else + # providing settings in arguments to make sure they are propagated to the forked maven release process + ./mvnw release:prepare release:perform --settings .ci/settings.xml -Darguments="--settings .ci/settings.xml" --batch-mode +fi diff --git a/.ci/snapshot.sh b/.ci/snapshot.sh new file mode 100755 index 00000000..bb4dd76c --- /dev/null +++ b/.ci/snapshot.sh @@ -0,0 +1,27 @@ +#!/usr/bin/env bash +## This script runs the snapshot given the different environment variables +## dry_run +## +## It relies on the .buildkite/hooks/pre-command so the Vault and other tooling +## are prepared automatically by buildkite. +## + +set -e + +# Make sure we delete this folder before leaving even in case of failure +clean_up () { + ARG=$? + export VAULT_TOKEN=$PREVIOUS_VAULT_TOKEN + echo "--- Deleting tmp workspace" + rm -rf $TMP_WORKSPACE + exit $ARG +} +trap clean_up EXIT + +set +x +echo "--- Deploy the snapshot" +if [[ "$dry_run" == "true" ]] ; then + echo './mvnw -s .ci/settings.xml -Pgpg clean deploy --batch-mode' +else + ./mvnw -s .ci/settings.xml -Pgpg clean deploy --batch-mode +fi diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 00000000..dc2e8dcb --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,60 @@ +--- +name: release + +permissions: + contents: read + +on: + workflow_dispatch: + inputs: + branch_specifier: + description: The branch to release ex. main or 0.6. + required: true + default: "main" + type: string + + dry_run: + description: If set, run a dry-run release + default: false + type: boolean + +jobs: + release: + name: Release + runs-on: ubuntu-latest + + steps: + - id: buildkite + name: Run Release + uses: elastic/apm-pipeline-library/.github/actions/buildkite@current + with: + vaultUrl: ${{ secrets.VAULT_ADDR }} + vaultRoleId: ${{ secrets.VAULT_ROLE_ID }} + vaultSecretId: ${{ secrets.VAULT_SECRET_ID }} + pipeline: ecs-logging-java-release + waitFor: false + printBuildLogs: false + buildEnvVars: | + branch_specifier=${{ inputs.branch_specifier || 'main' }} + dry_run=${{ inputs.dry_run || 'false' }} + + - if: ${{ success() }} + uses: elastic/apm-pipeline-library/.github/actions/slack-message@current + with: + url: ${{ secrets.VAULT_ADDR }} + roleId: ${{ secrets.VAULT_ROLE_ID }} + secretId: ${{ secrets.VAULT_SECRET_ID }} + channel: "#apm-agent-java" + message: | + :runner: [${{ github.repository }}] Release *${{ github.ref_name }}* has been triggered in Buildkite: (<${{ steps.buildkite.outputs.build }}|build>) + + - if: ${{ failure() }} + uses: elastic/apm-pipeline-library/.github/actions/slack-message@current + with: + url: ${{ secrets.VAULT_ADDR }} + roleId: ${{ secrets.VAULT_ROLE_ID }} + secretId: ${{ secrets.VAULT_SECRET_ID }} + channel: "#apm-agent-java" + message: | + :ghost: [${{ github.repository }}] Release *${{ github.ref_name }}* didn't get triggered in Buildkite. + Build: (<${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|here>) diff --git a/.github/workflows/snapshot.yml b/.github/workflows/snapshot.yml new file mode 100644 index 00000000..26eaa792 --- /dev/null +++ b/.github/workflows/snapshot.yml @@ -0,0 +1,43 @@ +--- +name: snapshot + +on: + push: + branches: + - "main" + workflow_dispatch: + inputs: + dry_run: + description: If set, run a dry-run snapshot + default: false + type: boolean + +jobs: + deploy: + name: Deploy + runs-on: ubuntu-latest + + steps: + - id: buildkite + name: Run Deploy + uses: elastic/apm-pipeline-library/.github/actions/buildkite@current + with: + vaultUrl: ${{ secrets.VAULT_ADDR }} + vaultRoleId: ${{ secrets.VAULT_ROLE_ID }} + vaultSecretId: ${{ secrets.VAULT_SECRET_ID }} + pipeline: ecs-logging-java-snapshot + waitFor: false + printBuildLogs: false + buildEnvVars: | + dry_run=${{ inputs.dry_run || 'false' }} + + - if: ${{ failure() }} + uses: elastic/apm-pipeline-library/.github/actions/slack-message@current + with: + url: ${{ secrets.VAULT_ADDR }} + roleId: ${{ secrets.VAULT_ROLE_ID }} + secretId: ${{ secrets.VAULT_SECRET_ID }} + channel: "#apm-agent-java" + message: | + :ghost: [${{ github.repository }}] Snapshot *${{ github.ref_name }}* didn't get triggered in Buildkite. + Build: (<${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|here>) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 00000000..f0b8ac3d --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,88 @@ +# Contributing to the ECS-based logging for Java applications + +The APM Agent is open source and we love to receive contributions from our community — you! + +There are many ways to contribute, from writing tutorials or blog posts, improving the +documentation, submitting bug reports and feature requests or writing code. + +If you want to be rewarded for your contributions, sign up for +the [Elastic Contributor Program](https://www.elastic.co/community/contributor). Each time you make +a valid contribution, you’ll earn points that increase your chances of winning prizes and being +recognized as a top contributor. + +You can get in touch with us through [Discuss](https://discuss.elastic.co/c/apm), feedback and ideas +are always welcome. + +## Code contributions + +If you have a bugfix or new feature that you would like to contribute, please find or open an issue +about it first. Talk about what you would like to do. It may be that somebody is already working on +it, or that there are particular issues that you should know about before implementing the change. + +### Submitting your changes + +Generally, we require that you test any code you are adding or modifying. Once your changes are +ready to submit for review: + +1. Sign the Contributor License Agreement + + Please make sure you have signed + our [Contributor License Agreement](https://www.elastic.co/contributor-agreement/). We are not + asking you to assign copyright to us, but to give us the right to distribute your code without + restriction. We ask this of all contributors in order to assure our users of the origin and + continuing existence of the code. You only need to sign the CLA once. + +2. Test your changes + + Run the test suite to make sure that nothing is broken. See [testing](#testing) for details. + +3. Rebase your changes + + Update your local repository with the most recent code from the main repo, and rebase your branch + on top of the latest master branch. We prefer your initial changes to be squashed into a single + commit. Later, if we ask you to make changes, add them as separate commits. This makes them + easier to review. As a final step before merging we will either ask you to squash all commits + yourself or we'll do it for you. + +4. Submit a pull request + + Push your local changes to your forked copy of the repository + and [submit a pull request](https://help.github.com/articles/using-pull-requests). In the pull + request, choose a title which sums up the changes that you have made, and in the body provide + more details about what your changes do. Also mention the number of the issue where discussion + has taken place, eg "Closes #123". + +5. Be patient + + We might not be able to review your code as fast as we would like to, but we'll do our best to + dedicate it the attention it deserves. Your effort is much appreciated! + +### Workflow + +All feature development and most bug fixes hit the master branch first. Pull requests should be +reviewed by someone with commit access. Once approved, the author of the pull request, or reviewer +if the author does not have commit access, should "Squash and merge". + +### Testing + +You can run the following command to run all the unit tests available: + +```bash +./mvnw test +``` + +### Releasing + +The release steps have been defined in `.ci/release.sh` which it gets triggered within the BuildKite context. + +Releases are triggered manually using GitHub actions, and the GitHub action is the one contacting BuildKite. +To run a release then +* Navigate to the [GitHub job](https://github.com/elastic/ecs-logging-java/actions/workflows/release.yml) +* Choose Run workflow. +* Fill the form and click `Run workflow` and wait for a few minutes to complete + +And email/slack message will be sent with the outcome. + +#### Further details + +* There are specific vault secrets accessible only in `secret/ci/elastic-ecs-logging-java` diff --git a/README.md b/README.md index ee63cf03..8d2b70e0 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -[![Build Status](https://apm-ci.elastic.co/buildStatus/icon?job=apm-agent-java%2Fecs-logging-java-mbp%2Fmain)](https://apm-ci.elastic.co/job/apm-agent-java/job/ecs-logging-java-mbp/job/main/) +[![Build Status](https://github.com/elastic/ecs-logging-java/actions/workflows/test.yml/badge.svg)](https://github.com/elastic/ecs-logging-java/actions/workflows/test.yml) [![Maven Central](https://img.shields.io/maven-central/v/co.elastic.logging/ecs-logging-java-parent.svg)](https://search.maven.org/search?q=g:co.elastic.logging) # ECS-based logging for Java applications From 22ca1515d6d2148f74507b412f1f444878b0abcd Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 15 Feb 2023 09:08:56 +0000 Subject: [PATCH 08/31] chore: Updated the content of the file "/tmp/updatecli/github/elastic... (#203) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ... /ecs-logging-java/ecs-logging-core/src/test/resources/spec/spec.json" Made with ❤️️ by updatecli Co-authored-by: apmmachine From 751350bd77eb0991e4261188238eda99abecad6d Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Wed, 15 Feb 2023 09:15:10 +0000 Subject: [PATCH 09/31] automation: fix release/snapshot env context (#204) --- .buildkite/hooks/pre-command | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/.buildkite/hooks/pre-command b/.buildkite/hooks/pre-command index 6efdb007..41ce2b87 100755 --- a/.buildkite/hooks/pre-command +++ b/.buildkite/hooks/pre-command @@ -27,20 +27,21 @@ echo "--- Prepare keys context" VAULT_TOKEN=$(vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID_SECRET" secret_id="$VAULT_SECRET_ID_SECRET") export VAULT_TOKEN -# Signing keys -vault read -field=key secret/release/signing >$KEY_FILE -KEYPASS_SECRET=$(vault read -field=passphrase secret/release/signing) -export KEYPASS_SECRET -export KEY_ID_SECRET=D88E42B4 - # Prepare a secure temp folder not shared between other jobs to store the key ring export TMP_WORKSPACE=/tmp/secured export KEY_FILE=$TMP_WORKSPACE"/private.key" + # Secure home for our keyring export GNUPGHOME=$TMP_WORKSPACE"/keyring" mkdir -p $GNUPGHOME chmod -R 700 $TMP_WORKSPACE +# Signing keys +vault read -field=key secret/release/signing >$KEY_FILE +KEYPASS_SECRET=$(vault read -field=passphrase secret/release/signing) +export KEYPASS_SECRET +export KEY_ID_SECRET=D88E42B4 + # Import the key into the keyring echo "$KEYPASS_SECRET" | gpg --batch --import "$KEY_FILE" From 3f252fddfa059318286acd510370e6372870f947 Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Wed, 15 Feb 2023 12:36:26 +0000 Subject: [PATCH 10/31] action: use elastic/apm-pipeline-library/.github/actions/updatecli (#201) --- .github/workflows/update-specs.yml | 19 +++++++------------ 1 file changed, 7 insertions(+), 12 deletions(-) diff --git a/.github/workflows/update-specs.yml b/.github/workflows/update-specs.yml index 13ded159..ab101b64 100644 --- a/.github/workflows/update-specs.yml +++ b/.github/workflows/update-specs.yml @@ -8,8 +8,7 @@ on: - cron: '0 6 * * *' permissions: - pull-requests: write - contents: write + contents: read jobs: bump: @@ -18,13 +17,9 @@ jobs: - uses: actions/checkout@v3 - - name: Setup Git - uses: elastic/apm-pipeline-library/.github/actions/setup-git@current - - - name: Install Updatecli in the runner - uses: updatecli/updatecli-action@453502948b442d7b9a923de7b40cc7ce8628505c - - - name: Run Updatecli - env: - GITHUB_TOKEN: ${{ github.token }} - run: updatecli apply --config ./.ci/update-specs.yml + - uses: elastic/apm-pipeline-library/.github/actions/updatecli@current + with: + vaultUrl: ${{ secrets.VAULT_ADDR }} + vaultRoleId: ${{ secrets.VAULT_ROLE_ID }} + vaultSecretId: ${{ secrets.VAULT_SECRET_ID }} + pipeline: ./.ci/update-specs.yml From 6e92f39898f324e801d888ab3e75c514c6959138 Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Wed, 15 Feb 2023 12:38:53 +0000 Subject: [PATCH 11/31] release: remove local repository pointing to Jenkins and tweak errors propagation in the buildkite pipelines (#205) --- .buildkite/release.yml | 4 ++-- .buildkite/snapshot.yml | 5 +++-- .ci/release.sh | 10 +++++----- .ci/settings.xml | 1 - .ci/snapshot.sh | 4 ++-- 5 files changed, 12 insertions(+), 12 deletions(-) diff --git a/.buildkite/release.yml b/.buildkite/release.yml index ecfc23bc..1b8638bd 100644 --- a/.buildkite/release.yml +++ b/.buildkite/release.yml @@ -4,8 +4,8 @@ agents: steps: - label: "Run the release" key: "release" - commands: .ci/release.sh | tee release.out - artifact_paths: "release.out" + commands: .ci/release.sh + artifact_paths: "release.txt" notify: - slack: diff --git a/.buildkite/snapshot.yml b/.buildkite/snapshot.yml index e007b34a..53a7542f 100644 --- a/.buildkite/snapshot.yml +++ b/.buildkite/snapshot.yml @@ -4,12 +4,13 @@ agents: steps: - label: "Run the snapshot" key: "release" - commands: .ci/snapshot.sh | tee snapshot.out + commands: .ci/snapshot.sh artifact_paths: - - "snapshot.out" + - "snapshot.txt" - "**/target/*" notify: - slack: + if: build.state == "failed" channels: - "#apm-agent-java" diff --git a/.ci/release.sh b/.ci/release.sh index 7acf883b..7e5c2d15 100755 --- a/.ci/release.sh +++ b/.ci/release.sh @@ -3,10 +3,10 @@ ## branch_specifier ## dry_run ## -## It relies on the .buildkite/hooks/pre-command so the Vault is prepared -## automatically by buildkite. - -set -e +## It relies on the .buildkite/hooks/pre-command so the Vault and other tooling +## are prepared automatically by buildkite. +## +set -eo pipefail # Make sure we delete this folder before leaving even in case of failure clean_up () { @@ -27,5 +27,5 @@ if [[ "$dry_run" == "true" ]] ; then echo './mvnw release:prepare release:perform --settings .ci/settings.xml --batch-mode' else # providing settings in arguments to make sure they are propagated to the forked maven release process - ./mvnw release:prepare release:perform --settings .ci/settings.xml -Darguments="--settings .ci/settings.xml" --batch-mode + ./mvnw release:prepare release:perform --settings .ci/settings.xml -Darguments="--settings .ci/settings.xml" --batch-mode | tee release.txt fi diff --git a/.ci/settings.xml b/.ci/settings.xml index e3634b21..965a751b 100644 --- a/.ci/settings.xml +++ b/.ci/settings.xml @@ -1,6 +1,5 @@ - /var/lib/jenkins/.m2/repository org.apache.maven.plugins org.codehaus.mojo diff --git a/.ci/snapshot.sh b/.ci/snapshot.sh index bb4dd76c..d7ea8b2a 100755 --- a/.ci/snapshot.sh +++ b/.ci/snapshot.sh @@ -6,7 +6,7 @@ ## are prepared automatically by buildkite. ## -set -e +set -eo pipefail # Make sure we delete this folder before leaving even in case of failure clean_up () { @@ -23,5 +23,5 @@ echo "--- Deploy the snapshot" if [[ "$dry_run" == "true" ]] ; then echo './mvnw -s .ci/settings.xml -Pgpg clean deploy --batch-mode' else - ./mvnw -s .ci/settings.xml -Pgpg clean deploy --batch-mode + ./mvnw -s .ci/settings.xml -Pgpg clean deploy --batch-mode | tee snapshot.txt fi From d2b51582a877997b6203aaeb82c3ec013f789938 Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Wed, 15 Feb 2023 13:02:04 +0000 Subject: [PATCH 12/31] buildkite: fix slack notification (#207) Co-authored-by: apmmachine --- .buildkite/snapshot.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/.buildkite/snapshot.yml b/.buildkite/snapshot.yml index 53a7542f..c33406f9 100644 --- a/.buildkite/snapshot.yml +++ b/.buildkite/snapshot.yml @@ -10,7 +10,5 @@ steps: - "**/target/*" notify: - - slack: - if: build.state == "failed" - channels: - - "#apm-agent-java" + - slack: "#apm-agent-java" + if: 'build.state != "passed"' From bee35ac86663ad4ccb1bd3db9682a52134ffa73e Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Thu, 16 Feb 2023 11:48:53 +0000 Subject: [PATCH 13/31] buildkite: update references to the new env variables that are masked (#208) --- .buildkite/hooks/pre-command | 24 +++++++++++++----------- .ci/release.sh | 2 +- .ci/settings.xml | 3 ++- .ci/snapshot.sh | 2 +- 4 files changed, 17 insertions(+), 14 deletions(-) diff --git a/.buildkite/hooks/pre-command b/.buildkite/hooks/pre-command index 41ce2b87..a590bda3 100755 --- a/.buildkite/hooks/pre-command +++ b/.buildkite/hooks/pre-command @@ -8,7 +8,7 @@ set -eo pipefail -echo "--- Prepare vault context" +echo "--- Prepare vault context :vault:" VAULT_ROLE_ID_SECRET=$(vault read -field=role-id secret/ci/elastic-ecs-logging-java/internal-ci-approle) export VAULT_ROLE_ID_SECRET @@ -23,10 +23,7 @@ PREVIOUS_VAULT_TOKEN=$VAULT_TOKEN export PREVIOUS_VAULT_TOKEN unset VAULT_TOKEN -echo "--- Prepare keys context" -VAULT_TOKEN=$(vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID_SECRET" secret_id="$VAULT_SECRET_ID_SECRET") -export VAULT_TOKEN - +echo "--- Prepare a secure temp :closed_lock_with_key:" # Prepare a secure temp folder not shared between other jobs to store the key ring export TMP_WORKSPACE=/tmp/secured export KEY_FILE=$TMP_WORKSPACE"/private.key" @@ -36,6 +33,16 @@ export GNUPGHOME=$TMP_WORKSPACE"/keyring" mkdir -p $GNUPGHOME chmod -R 700 $TMP_WORKSPACE +echo "--- Prepare keys context :key:" +VAULT_TOKEN=$(vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID_SECRET" secret_id="$VAULT_SECRET_ID_SECRET") +export VAULT_TOKEN + +# Nexus credentials +SERVER_USERNAME=$(vault read -field username secret/release/nexus) +export SERVER_USERNAME +SERVER_PASSWORD=$(vault read -field password secret/release/nexus) +export SERVER_PASSWORD + # Signing keys vault read -field=key secret/release/signing >$KEY_FILE KEYPASS_SECRET=$(vault read -field=passphrase secret/release/signing) @@ -45,11 +52,7 @@ export KEY_ID_SECRET=D88E42B4 # Import the key into the keyring echo "$KEYPASS_SECRET" | gpg --batch --import "$KEY_FILE" -# Export secring -export SECRING_FILE=$GNUPGHOME"/secring.gpg" -gpg --pinentry-mode=loopback --passphrase "$KEYPASS_SECRET" --export-secret-key $KEY_ID_SECRET > "$SECRING_FILE" - -echo "--- Configure git context" +echo "--- Configure git context :git:" # Configure the committer since the maven release requires to push changes to GitHub # This will help with the SLSA requirements. git config --global user.email "infra-root+apmmachine@elastic.co" @@ -65,4 +68,3 @@ tar --extract --file /tmp/jdk.tar.gz --directory "$JAVA_HOME" --strip-components export JAVA_HOME export PATH=$JAVA_HOME/bin:$PATH - diff --git a/.ci/release.sh b/.ci/release.sh index 7e5c2d15..8a8f98bc 100755 --- a/.ci/release.sh +++ b/.ci/release.sh @@ -22,7 +22,7 @@ trap clean_up EXIT git checkout -f "${branch_specifier}" set +x -echo "--- Release the binaries to Maven Central" +echo "--- Release the binaries to Maven Central :maven:" if [[ "$dry_run" == "true" ]] ; then echo './mvnw release:prepare release:perform --settings .ci/settings.xml --batch-mode' else diff --git a/.ci/settings.xml b/.ci/settings.xml index 965a751b..3b6791ab 100644 --- a/.ci/settings.xml +++ b/.ci/settings.xml @@ -22,7 +22,8 @@ true - ${env.KEYPASS} + + ${env.KEYPASS_SECRET} diff --git a/.ci/snapshot.sh b/.ci/snapshot.sh index d7ea8b2a..97022598 100755 --- a/.ci/snapshot.sh +++ b/.ci/snapshot.sh @@ -19,7 +19,7 @@ clean_up () { trap clean_up EXIT set +x -echo "--- Deploy the snapshot" +echo "--- Deploy the snapshot :package:" if [[ "$dry_run" == "true" ]] ; then echo './mvnw -s .ci/settings.xml -Pgpg clean deploy --batch-mode' else From a1275c5a895634c8cbb171a78d103f4cfb52e468 Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Thu, 16 Feb 2023 13:13:46 +0000 Subject: [PATCH 14/31] buildkite: print maven/java context (#209) --- .buildkite/hooks/pre-command | 9 +++++++-- .ci/release.sh | 9 +++++++-- .ci/snapshot.sh | 9 +++++++-- 3 files changed, 21 insertions(+), 6 deletions(-) diff --git a/.buildkite/hooks/pre-command b/.buildkite/hooks/pre-command index a590bda3..d44f9045 100755 --- a/.buildkite/hooks/pre-command +++ b/.buildkite/hooks/pre-command @@ -58,7 +58,7 @@ echo "--- Configure git context :git:" git config --global user.email "infra-root+apmmachine@elastic.co" git config --global user.name "apmmachine" -echo "--- Install JDK17" +echo "--- Install JDK17 :java:" JAVA_URL=https://jvm-catalog.elastic.co/jdk JAVA_HOME=$(pwd)/.openjdk17 JAVA_PKG="$JAVA_URL/latest_openjdk_17_linux.tar.gz" @@ -67,4 +67,9 @@ mkdir -p "$JAVA_HOME" tar --extract --file /tmp/jdk.tar.gz --directory "$JAVA_HOME" --strip-components 1 export JAVA_HOME -export PATH=$JAVA_HOME/bin:$PATH +PATH=$JAVA_HOME/bin:$PATH +export PATH + +echo "--- Debug JDK installation :coffee:" +tree "$JAVA_HOME" || true +java -version || true diff --git a/.ci/release.sh b/.ci/release.sh index 8a8f98bc..c6f0666b 100755 --- a/.ci/release.sh +++ b/.ci/release.sh @@ -21,11 +21,16 @@ trap clean_up EXIT # Avoid detached HEAD since the release plugin requires to be on a branch git checkout -f "${branch_specifier}" +echo "--- Debug JDK installation :coffee:" +echo $JAVA_HOME +echo $PATH +java -version + set +x echo "--- Release the binaries to Maven Central :maven:" if [[ "$dry_run" == "true" ]] ; then - echo './mvnw release:prepare release:perform --settings .ci/settings.xml --batch-mode' + echo './mvnw -V release:prepare release:perform --settings .ci/settings.xml --batch-mode' else # providing settings in arguments to make sure they are propagated to the forked maven release process - ./mvnw release:prepare release:perform --settings .ci/settings.xml -Darguments="--settings .ci/settings.xml" --batch-mode | tee release.txt + ./mvnw -V release:prepare release:perform --settings .ci/settings.xml -Darguments="--settings .ci/settings.xml" --batch-mode | tee release.txt fi diff --git a/.ci/snapshot.sh b/.ci/snapshot.sh index 97022598..cbd27587 100755 --- a/.ci/snapshot.sh +++ b/.ci/snapshot.sh @@ -18,10 +18,15 @@ clean_up () { } trap clean_up EXIT +echo "--- Debug JDK installation :coffee:" +echo $JAVA_HOME +echo $PATH +java -version + set +x echo "--- Deploy the snapshot :package:" if [[ "$dry_run" == "true" ]] ; then - echo './mvnw -s .ci/settings.xml -Pgpg clean deploy --batch-mode' + echo './mvnw -V -s .ci/settings.xml -Pgpg clean deploy --batch-mode' else - ./mvnw -s .ci/settings.xml -Pgpg clean deploy --batch-mode | tee snapshot.txt + ./mvnw -V -s .ci/settings.xml -Pgpg clean deploy --batch-mode | tee snapshot.txt fi From 20a93860f2347e625d2534747c07152e8851747d Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Thu, 16 Feb 2023 14:25:32 +0000 Subject: [PATCH 15/31] maven: upgrade target to 7 (#210) --- .buildkite/hooks/pre-command | 2 -- .github/workflows/test.yml | 2 +- pom.xml | 4 ++-- 3 files changed, 3 insertions(+), 5 deletions(-) diff --git a/.buildkite/hooks/pre-command b/.buildkite/hooks/pre-command index d44f9045..d2e656ef 100755 --- a/.buildkite/hooks/pre-command +++ b/.buildkite/hooks/pre-command @@ -70,6 +70,4 @@ export JAVA_HOME PATH=$JAVA_HOME/bin:$PATH export PATH -echo "--- Debug JDK installation :coffee:" -tree "$JAVA_HOME" || true java -version || true diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 36d0c3c4..1b267508 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -13,7 +13,7 @@ permissions: env: MAVEN_CONFIG: "-V -B -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn -Dhttps.protocols=TLSv1.2 -Dmaven.wagon.http.retryHandler.count=3 -Dmaven.wagon.httpconnectionManager.ttlSeconds=25" - JAVA_VERSION: 11 + JAVA_VERSION: 17 JAVA_DIST: adopt jobs: diff --git a/pom.xml b/pom.xml index 90ff1906..2e2e0347 100644 --- a/pom.xml +++ b/pom.xml @@ -52,7 +52,7 @@ 5.5.1 - 6 + 7 10 UTF-8 UTF-8 @@ -346,4 +346,4 @@ - \ No newline at end of file + From 7dbf50e9021725cc53cd75fc7b4de170aeca2c11 Mon Sep 17 00:00:00 2001 From: apmmachine <58790750+apmmachine@users.noreply.github.com> Date: Tue, 27 Jun 2023 08:16:04 -0400 Subject: [PATCH 16/31] chore: Updated the content of the file "/tmp/updatecli/github/elastic... (#206) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ... /ecs-logging-java/ecs-logging-core/src/test/resources/spec/spec.json" Made with ❤️️ by updatecli Co-authored-by: apmmachine From 5288006549deb6c68c60670d15667961d320c561 Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Tue, 16 Jan 2024 10:05:15 +0100 Subject: [PATCH 17/31] ci(release): use new set of credentials for GPG and Maven Central (#222) --- .buildkite/README.md | 27 +++++++++++++++++++++++++++ .buildkite/hooks/pre-command | 33 ++++++++++----------------------- 2 files changed, 37 insertions(+), 23 deletions(-) create mode 100644 .buildkite/README.md diff --git a/.buildkite/README.md b/.buildkite/README.md new file mode 100644 index 00000000..e89f3876 --- /dev/null +++ b/.buildkite/README.md @@ -0,0 +1,27 @@ +# Buildkite +This README overviews the Buildkite pipelines that automate the build and publishing processes. + +## Release pipeline + +The Buildkite pipeline for the ECS Logging Java is responsible for the releases. + +### Pipeline Configuration + +To view the pipeline and its configuration, click [here](https://buildkite.com/elastic/ecs-logging-java-release) or +go to the definition in the `elastic/ci` repository. + +### Credentials + +The release team provides the credentials required to publish the artifacts in Maven Central and sign them +with the GPG. + +If further details are needed, please go to [pre-command](hooks/pre-command). + +## Snapshot pipeline + +The Buildkite pipeline for the APM Agent Java is responsible for the snapshots. + +### Pipeline Configuration + +To view the pipeline and its configuration, click [here](https://buildkite.com/elastic/ecs-logging-java-snapshot) or +go to the definition in the `elastic/ci` repository. diff --git a/.buildkite/hooks/pre-command b/.buildkite/hooks/pre-command index d2e656ef..d5ee33ef 100755 --- a/.buildkite/hooks/pre-command +++ b/.buildkite/hooks/pre-command @@ -8,21 +8,6 @@ set -eo pipefail -echo "--- Prepare vault context :vault:" -VAULT_ROLE_ID_SECRET=$(vault read -field=role-id secret/ci/elastic-ecs-logging-java/internal-ci-approle) -export VAULT_ROLE_ID_SECRET - -VAULT_SECRET_ID_SECRET=$(vault read -field=secret-id secret/ci/elastic-ecs-logging-java/internal-ci-approle) -export VAULT_SECRET_ID_SECRET - -VAULT_ADDR=$(vault read -field=vault-url secret/ci/elastic-ecs-logging-java/internal-ci-approle) -export VAULT_ADDR - -# Delete the vault specific accessing the ci vault -PREVIOUS_VAULT_TOKEN=$VAULT_TOKEN -export PREVIOUS_VAULT_TOKEN -unset VAULT_TOKEN - echo "--- Prepare a secure temp :closed_lock_with_key:" # Prepare a secure temp folder not shared between other jobs to store the key ring export TMP_WORKSPACE=/tmp/secured @@ -34,20 +19,22 @@ mkdir -p $GNUPGHOME chmod -R 700 $TMP_WORKSPACE echo "--- Prepare keys context :key:" -VAULT_TOKEN=$(vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID_SECRET" secret_id="$VAULT_SECRET_ID_SECRET") -export VAULT_TOKEN - # Nexus credentials -SERVER_USERNAME=$(vault read -field username secret/release/nexus) +NEXUS_SECRET=kv/ci-shared/release-eng/team-release-secrets/ecs-logging/maven_central +SERVER_USERNAME=$(vault kv get --field="username" $NEXUS_SECRET) export SERVER_USERNAME -SERVER_PASSWORD=$(vault read -field password secret/release/nexus) +SERVER_PASSWORD=$(vault kv get --field="password" $NEXUS_SECRET) export SERVER_PASSWORD # Signing keys -vault read -field=key secret/release/signing >$KEY_FILE -KEYPASS_SECRET=$(vault read -field=passphrase secret/release/signing) +GPG_SECRET=kv/ci-shared/release-eng/team-release-secrets/ecs-logging/gpg +vault kv get --field="keyring" $GPG_SECRET | base64 -d > $KEY_FILE +## NOTE: This is not a typo. "passphase" is the name of the field. +KEYPASS_SECRET=$(vault kv get --field="passphase" $GPG_SECRET) export KEYPASS_SECRET -export KEY_ID_SECRET=D88E42B4 +KEY_ID=$(vault kv get --field="key_id" $GPG_SECRET) +KEY_ID_SECRET=${KEY_ID: -8} +export KEY_ID_SECRET # Import the key into the keyring echo "$KEYPASS_SECRET" | gpg --batch --import "$KEY_FILE" From 02d462515a1df812690fc1021b4b50e71574d0d6 Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Tue, 16 Jan 2024 10:33:29 +0100 Subject: [PATCH 18/31] ci(buildkite): remove unrequired script (#223) --- .buildkite/hooks/post-command | 11 ----------- 1 file changed, 11 deletions(-) delete mode 100755 .buildkite/hooks/post-command diff --git a/.buildkite/hooks/post-command b/.buildkite/hooks/post-command deleted file mode 100755 index 843d49e8..00000000 --- a/.buildkite/hooks/post-command +++ /dev/null @@ -1,11 +0,0 @@ -#!/usr/bin/env bash -## This script reverts the Vault context for the release and snapshot pipelines. -## -## NOTE: *_SECRET or *_TOKEN env variables are masked, hence if you'd like to avoid any -## surprises please use the suffix _SECRET or _TOKEN for those values that contain -## any sensitive data. Buildkite can mask those values automatically - -set -euo pipefail - -VAULT_TOKEN=$PREVIOUS_VAULT_TOKEN -export VAULT_TOKEN From 73d19889e68429a82c623801e582ade0b5f04b58 Mon Sep 17 00:00:00 2001 From: rdifrango Date: Wed, 17 Jan 2024 03:42:45 -0500 Subject: [PATCH 19/31] Adding layout support to the logback ecs encoder (#220) Signed-off-by: Difrango, Ronald Co-authored-by: dgempiuc Co-authored-by: eyalkoren <41850454+eyalkoren@users.noreply.github.com> --- .../elastic/logging/logback/EcsEncoder.java | 24 +++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) diff --git a/logback-ecs-encoder/src/main/java/co/elastic/logging/logback/EcsEncoder.java b/logback-ecs-encoder/src/main/java/co/elastic/logging/logback/EcsEncoder.java index fce8e0f9..2a0e45c5 100644 --- a/logback-ecs-encoder/src/main/java/co/elastic/logging/logback/EcsEncoder.java +++ b/logback-ecs-encoder/src/main/java/co/elastic/logging/logback/EcsEncoder.java @@ -29,6 +29,7 @@ import ch.qos.logback.classic.spi.ILoggingEvent; import ch.qos.logback.classic.spi.IThrowableProxy; import ch.qos.logback.classic.spi.ThrowableProxy; +import ch.qos.logback.core.Layout; import ch.qos.logback.core.encoder.EncoderBase; import co.elastic.logging.AdditionalField; import co.elastic.logging.EcsJsonSerializer; @@ -56,6 +57,7 @@ public class EcsEncoder extends EncoderBase { private boolean includeOrigin; private final List additionalFields = new ArrayList(); private OutputStream os; + protected Layout messageLayout; @Override public byte[] headerBytes() { @@ -105,7 +107,7 @@ public byte[] encode(ILoggingEvent event) { StringBuilder builder = new StringBuilder(256); EcsJsonSerializer.serializeObjectStart(builder, event.getTimeStamp()); EcsJsonSerializer.serializeLogLevel(builder, event.getLevel().toString()); - EcsJsonSerializer.serializeFormattedMessage(builder, event.getFormattedMessage()); + serializeMessage(event, builder); EcsJsonSerializer.serializeEcsVersion(builder); serializeMarkers(event, builder); EcsJsonSerializer.serializeServiceName(builder, serviceName); @@ -140,12 +142,21 @@ public byte[] encode(ILoggingEvent event) { return builder.toString().getBytes(UTF_8); } + private void serializeMessage(ILoggingEvent event, StringBuilder builder) { + if (messageLayout == null) { + EcsJsonSerializer.serializeFormattedMessage(builder, event.getFormattedMessage()); + } else { + EcsJsonSerializer.serializeFormattedMessage(builder, messageLayout.doLayout(event)); + } + } + /** * Subclasses can override this to add custom fields. * The last character in the StringBuilder will be comma when this is called. * You must add a comma after each custom field. */ - protected void addCustomFields(ILoggingEvent event, StringBuilder builder) {} + protected void addCustomFields(ILoggingEvent event, StringBuilder builder) { + } private void serializeMarkers(ILoggingEvent event, StringBuilder builder) { Marker marker = event.getMarker(); @@ -210,4 +221,13 @@ public void setEventDataset(String eventDataset) { public void setThrowableConverter(ThrowableHandlingConverter throwableConverter) { this.throwableConverter = throwableConverter; } + + /** + * The supplied Layout will be applied specifically to format the message field based on the logging event. + * + * @param messageLayout + */ + public void setMessageLayout(Layout messageLayout) { + this.messageLayout = messageLayout; + } } From beeba37e023e570a6188c31be2a91f384a1206e0 Mon Sep 17 00:00:00 2001 From: SylvainJuge <763082+SylvainJuge@users.noreply.github.com> Date: Mon, 22 Jan 2024 15:25:13 +0100 Subject: [PATCH 20/31] bump version for next release (#224) --- ecs-logging-core/pom.xml | 2 +- jboss-logmanager-ecs-formatter/pom.xml | 2 +- jul-ecs-formatter/pom.xml | 2 +- log4j-ecs-layout/pom.xml | 2 +- log4j-legacy-tests/pom.xml | 2 +- log4j2-ecs-layout/pom.xml | 2 +- log4j2-legacy-tests/pom.xml | 2 +- logback-ecs-encoder/pom.xml | 2 +- logback-legacy-tests/pom.xml | 2 +- pom.xml | 2 +- 10 files changed, 10 insertions(+), 10 deletions(-) diff --git a/ecs-logging-core/pom.xml b/ecs-logging-core/pom.xml index 30c62b4e..efeec288 100644 --- a/ecs-logging-core/pom.xml +++ b/ecs-logging-core/pom.xml @@ -3,7 +3,7 @@ ecs-logging-java-parent co.elastic.logging - 1.5.1-SNAPSHOT + 1.6.0-SNAPSHOT 4.0.0 diff --git a/jboss-logmanager-ecs-formatter/pom.xml b/jboss-logmanager-ecs-formatter/pom.xml index e5f12be3..def4a905 100644 --- a/jboss-logmanager-ecs-formatter/pom.xml +++ b/jboss-logmanager-ecs-formatter/pom.xml @@ -3,7 +3,7 @@ ecs-logging-java-parent co.elastic.logging - 1.5.1-SNAPSHOT + 1.6.0-SNAPSHOT 4.0.0 diff --git a/jul-ecs-formatter/pom.xml b/jul-ecs-formatter/pom.xml index d8edf67f..1760e8e6 100644 --- a/jul-ecs-formatter/pom.xml +++ b/jul-ecs-formatter/pom.xml @@ -3,7 +3,7 @@ ecs-logging-java-parent co.elastic.logging - 1.5.1-SNAPSHOT + 1.6.0-SNAPSHOT 4.0.0 diff --git a/log4j-ecs-layout/pom.xml b/log4j-ecs-layout/pom.xml index 08242764..b349f872 100644 --- a/log4j-ecs-layout/pom.xml +++ b/log4j-ecs-layout/pom.xml @@ -3,7 +3,7 @@ ecs-logging-java-parent co.elastic.logging - 1.5.1-SNAPSHOT + 1.6.0-SNAPSHOT 4.0.0 diff --git a/log4j-legacy-tests/pom.xml b/log4j-legacy-tests/pom.xml index 8d1cf42d..d9c78315 100644 --- a/log4j-legacy-tests/pom.xml +++ b/log4j-legacy-tests/pom.xml @@ -3,7 +3,7 @@ ecs-logging-java-parent co.elastic.logging - 1.5.1-SNAPSHOT + 1.6.0-SNAPSHOT 4.0.0 diff --git a/log4j2-ecs-layout/pom.xml b/log4j2-ecs-layout/pom.xml index 8610ad78..b020639c 100644 --- a/log4j2-ecs-layout/pom.xml +++ b/log4j2-ecs-layout/pom.xml @@ -3,7 +3,7 @@ ecs-logging-java-parent co.elastic.logging - 1.5.1-SNAPSHOT + 1.6.0-SNAPSHOT 4.0.0 diff --git a/log4j2-legacy-tests/pom.xml b/log4j2-legacy-tests/pom.xml index cff4b356..e4db5f64 100644 --- a/log4j2-legacy-tests/pom.xml +++ b/log4j2-legacy-tests/pom.xml @@ -3,7 +3,7 @@ ecs-logging-java-parent co.elastic.logging - 1.5.1-SNAPSHOT + 1.6.0-SNAPSHOT 4.0.0 diff --git a/logback-ecs-encoder/pom.xml b/logback-ecs-encoder/pom.xml index d75baeb4..9c4f921c 100644 --- a/logback-ecs-encoder/pom.xml +++ b/logback-ecs-encoder/pom.xml @@ -3,7 +3,7 @@ ecs-logging-java-parent co.elastic.logging - 1.5.1-SNAPSHOT + 1.6.0-SNAPSHOT 4.0.0 diff --git a/logback-legacy-tests/pom.xml b/logback-legacy-tests/pom.xml index 5a878d78..409e6dd1 100644 --- a/logback-legacy-tests/pom.xml +++ b/logback-legacy-tests/pom.xml @@ -3,7 +3,7 @@ ecs-logging-java-parent co.elastic.logging - 1.5.1-SNAPSHOT + 1.6.0-SNAPSHOT 4.0.0 diff --git a/pom.xml b/pom.xml index 2e2e0347..a0b7e8f1 100644 --- a/pom.xml +++ b/pom.xml @@ -4,7 +4,7 @@ co.elastic.logging ecs-logging-java-parent - 1.5.1-SNAPSHOT + 1.6.0-SNAPSHOT ${project.groupId}:${project.artifactId} ecs-logging-core From e112d03f931706d701e114f0a0352347a8228c88 Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Mon, 29 Jan 2024 19:09:05 +0100 Subject: [PATCH 21/31] action: listen all the workflows for the opentelemetry action (#225) --- .github/workflows/opentelemetry.yml | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/.github/workflows/opentelemetry.yml b/.github/workflows/opentelemetry.yml index f1e39a61..de093ba8 100644 --- a/.github/workflows/opentelemetry.yml +++ b/.github/workflows/opentelemetry.yml @@ -1,14 +1,16 @@ --- +# Look up results at https://ela.st/oblt-ci-cd-stats. +# One service per GitHub repository, including the org name, and one Transaction per Workflow. name: OpenTelemetry Export Trace on: workflow_run: - workflows: - - test - - test-reporter - - update-specs + workflows: [ "*" ] types: [completed] +permissions: + contents: read + jobs: otel-export-trace: runs-on: ubuntu-latest From 537cd36df3da3b46ac3bc48ad2f357433c140ecb Mon Sep 17 00:00:00 2001 From: Adrien Mannocci Date: Fri, 2 Feb 2024 11:59:08 +0100 Subject: [PATCH 22/31] feat: new release process (#226) * feat: new release process Signed-off-by: Adrien Mannocci * feat: use a global maven config file Signed-off-by: Adrien Mannocci * chore: execute package goal for dry-run release Signed-off-by: Adrien Mannocci * ci: align pr title creation for release Signed-off-by: Adrien Mannocci * ci: add parameter documentations in CI scripts Signed-off-by: Adrien Mannocci * ci: centralize maven goal execution Signed-off-by: Adrien Mannocci * fix: use directly java-version without file Signed-off-by: Adrien Mannocci * ci: refactor using a reusable workflow Signed-off-by: Adrien Mannocci * refactor: avoid duplicate hardcode branch name Signed-off-by: Adrien Mannocci * ci: create summary file in any case Signed-off-by: Adrien Mannocci * feat: validate tag before anything Signed-off-by: Adrien Mannocci * chore: apply suggestions Signed-off-by: Adrien Mannocci * fix: validate correctly tags Signed-off-by: Adrien Mannocci * chore: add validation for tag and project version Signed-off-by: Adrien Mannocci --------- Signed-off-by: Adrien Mannocci --- .ci/release.sh | 13 ++- .ci/snapshot.sh | 4 +- .github/workflows/maven-goal/action.yml | 33 ++++++++ .github/workflows/pre-post-release.yml | 97 +++++++++++++++++++++++ .github/workflows/pre-release.yml | 26 ++++++ .github/workflows/release.yml | 54 ++++++++++--- .github/workflows/test.yml | 12 +-- .github/workflows/validate-tag/action.yml | 25 ++++++ .mvn/maven.config | 5 ++ pom.xml | 10 +-- 10 files changed, 242 insertions(+), 37 deletions(-) create mode 100644 .github/workflows/maven-goal/action.yml create mode 100644 .github/workflows/pre-post-release.yml create mode 100644 .github/workflows/pre-release.yml create mode 100644 .github/workflows/validate-tag/action.yml create mode 100644 .mvn/maven.config diff --git a/.ci/release.sh b/.ci/release.sh index c6f0666b..d2cf9669 100755 --- a/.ci/release.sh +++ b/.ci/release.sh @@ -1,7 +1,7 @@ #!/usr/bin/env bash ## This script runs the release given the different environment variables -## branch_specifier -## dry_run +## ref : git reference (commit,branch, tag, ...) +## dry_run : dry-run when set to 'true' ## ## It relies on the .buildkite/hooks/pre-command so the Vault and other tooling ## are prepared automatically by buildkite. @@ -19,7 +19,7 @@ clean_up () { trap clean_up EXIT # Avoid detached HEAD since the release plugin requires to be on a branch -git checkout -f "${branch_specifier}" +git checkout -f "${ref}" echo "--- Debug JDK installation :coffee:" echo $JAVA_HOME @@ -28,9 +28,8 @@ java -version set +x echo "--- Release the binaries to Maven Central :maven:" -if [[ "$dry_run" == "true" ]] ; then - echo './mvnw -V release:prepare release:perform --settings .ci/settings.xml --batch-mode' +if [[ "${dry_run}" == "true" ]] ; then + ./mvnw -V -s .ci/settings.xml -Pgpg clean package --batch-mode | tee release.txt else - # providing settings in arguments to make sure they are propagated to the forked maven release process - ./mvnw -V release:prepare release:perform --settings .ci/settings.xml -Darguments="--settings .ci/settings.xml" --batch-mode | tee release.txt + ./mvnw -V -s .ci/settings.xml -Pgpg clean deploy --batch-mode | tee release.txt fi diff --git a/.ci/snapshot.sh b/.ci/snapshot.sh index cbd27587..98996c9c 100755 --- a/.ci/snapshot.sh +++ b/.ci/snapshot.sh @@ -1,6 +1,6 @@ #!/usr/bin/env bash ## This script runs the snapshot given the different environment variables -## dry_run +## dry_run : dry-run when set to 'true' ## ## It relies on the .buildkite/hooks/pre-command so the Vault and other tooling ## are prepared automatically by buildkite. @@ -26,7 +26,7 @@ java -version set +x echo "--- Deploy the snapshot :package:" if [[ "$dry_run" == "true" ]] ; then - echo './mvnw -V -s .ci/settings.xml -Pgpg clean deploy --batch-mode' + ./mvnw -V -s .ci/settings.xml -Pgpg clean package --batch-mode | tee snapshot.txt else ./mvnw -V -s .ci/settings.xml -Pgpg clean deploy --batch-mode | tee snapshot.txt fi diff --git a/.github/workflows/maven-goal/action.yml b/.github/workflows/maven-goal/action.yml new file mode 100644 index 00000000..4a2468a0 --- /dev/null +++ b/.github/workflows/maven-goal/action.yml @@ -0,0 +1,33 @@ +--- + +name: maven-goal +description: Install specific JDK and run a command + +inputs: + version: + description: 'Java version' + required: true + default: '17' + distribution: + description: 'Java distribution' + required: true + default: 'temurin' + command: + description: 'Command to execute' + required: true + shell: + description: 'Default shell' + default: 'bash' + required: false + +runs: + using: "composite" + steps: + - name: Set up JDK + uses: actions/setup-java@v4 + with: + java-version: ${{ inputs.version }} + distribution: ${{ inputs.distribution }} + cache: 'maven' + - run: ${{ inputs.command }} + shell: ${{ inputs.shell }} diff --git a/.github/workflows/pre-post-release.yml b/.github/workflows/pre-post-release.yml new file mode 100644 index 00000000..39690b02 --- /dev/null +++ b/.github/workflows/pre-post-release.yml @@ -0,0 +1,97 @@ +--- +name: Pre/Post Release + +on: + workflow_call: + ref: + description: 'Branch or tag ref to run the workflow on' + required: true + default: 'main' + version: + description: 'The version to release (e.g. 1.2.3). This workflow will automatically perform the required version bumps' + required: true + phase: + description: 'Pre or post release phase' + type: choice + options: + - pre + - post + required: true + +env: + RELEASE_VERSION: ${{ inputs.version }} + BRANCH_NAME: ${{ inputs.phase }}-release-v${{ inputs.version }} + +permissions: + contents: read + +concurrency: + group: ${{ github.workflow }} + +jobs: + validate-tag: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: Validate tag does not exist on current commit + uses: ./.github/workflows/validate-tag + with: + tag: v${{ env.RELEASE_VERSION }} + + create-pr: + name: "Bump versions and create PR" + runs-on: ubuntu-latest + needs: + - validate-tag + permissions: + contents: write + steps: + - uses: elastic/apm-pipeline-library/.github/actions/github-token@current + with: + url: ${{ secrets.VAULT_ADDR }} + roleId: ${{ secrets.VAULT_ROLE_ID }} + secretId: ${{ secrets.VAULT_SECRET_ID }} + + - uses: elastic/apm-pipeline-library/.github/actions/setup-git@current + with: + username: ${{ env.GIT_USER }} + email: ${{ env.GIT_EMAIL }} + token: ${{ env.GITHUB_TOKEN }} + + - uses: actions/checkout@v4 + with: + ref: ${{ inputs.ref }} + token: ${{ env.GITHUB_TOKEN }} + + - name: Create the release tag (post phase) + if: inputs.phase == 'post' + run: | + git tag "v${{ env.RELEASE_VERSION }}" + git push origin "v${{ env.RELEASE_VERSION }}" + + - name: Create a ${{ inputs.phase }} release branch + run: git checkout -b ${{ env.BRANCH_NAME }} + + - name: Set release version (pre release) + if: inputs.phase == 'pre' + uses: ./.github/workflows/maven-goal + with: + command: ./mvnw -V versions:set -DprocessAllModules=true -DgenerateBackupPoms=false -DnewVersion=${{ env.RELEASE_VERSION }} + + - name: Set next snapshot version (post release) + if: inputs.phase == 'post' + uses: ./.github/workflows/maven-goal + with: + command: ./mvnw -V versions:set -DprocessAllModules=true -DgenerateBackupPoms=false -nextSnapshot=true + + - name: Push the ${{ inputs.phase }} release branch + run: | + git add --all + git commit -m "${{ inputs.phase }} release: ecs-logging-java v${{ env.RELEASE_VERSION }}" + git push origin ${{ env.BRANCH_NAME }} + + - name: Create the ${{ inputs.phase }} release PR + run: gh pr create --title="${{ inputs.phase }} release v${{ env.RELEASE_VERSION }}" --base main --head ${{ env.BRANCH_NAME }} -b "${{ inputs.phase }} release v${{ env.RELEASE_VERSION }}" diff --git a/.github/workflows/pre-release.yml b/.github/workflows/pre-release.yml new file mode 100644 index 00000000..34c83109 --- /dev/null +++ b/.github/workflows/pre-release.yml @@ -0,0 +1,26 @@ +--- +name: Pre release + +on: + workflow_dispatch: + inputs: + ref: + description: 'Branch or tag ref to run the workflow on' + required: true + default: 'main' + version: + description: 'The version to release (e.g. 1.2.3). This workflow will automatically perform the required version bumps' + required: true + +concurrency: + group: ${{ github.workflow }} + +jobs: + pre-release: + name: "Bump versions and create PR" + uses: ./.github/workflows/pre-post-release.yml + with: + ref: ${{ inputs.ref }} + version: ${{ inputs.version }} + phase: 'pre' + secrets: inherit diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index dc2e8dcb..a5849fdf 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,28 +1,48 @@ --- -name: release - -permissions: - contents: read +name: Release on: workflow_dispatch: inputs: - branch_specifier: - description: The branch to release ex. main or 0.6. + ref: + description: 'Branch or tag ref to run the workflow on' required: true default: "main" - type: string - + version: + description: 'The version to release (e.g. 1.2.3). This workflow will automatically perform the required version bumps' + required: true dry_run: description: If set, run a dry-run release default: false type: boolean +permissions: + contents: read + jobs: + validate-tag: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: Validate tag does not exist on current commit + uses: ./.github/workflows/validate-tag + with: + tag: v${{ env.RELEASE_VERSION }} + - name: Validate tag match current version + run: | + if [ "$(mvn -q help:evaluate -Dexpression=project.version -DforceStdout)" != "${{ env.RELEASE_VERSION }}" ]; then + echo "Tag should match pom.xml project.version" + exit 1 + fi + release: name: Release runs-on: ubuntu-latest - + needs: + - validate-tag steps: - id: buildkite name: Run Release @@ -32,10 +52,10 @@ jobs: vaultRoleId: ${{ secrets.VAULT_ROLE_ID }} vaultSecretId: ${{ secrets.VAULT_SECRET_ID }} pipeline: ecs-logging-java-release - waitFor: false + waitFor: true printBuildLogs: false buildEnvVars: | - branch_specifier=${{ inputs.branch_specifier || 'main' }} + ref=${{ inputs.ref }} dry_run=${{ inputs.dry_run || 'false' }} - if: ${{ success() }} @@ -58,3 +78,15 @@ jobs: message: | :ghost: [${{ github.repository }}] Release *${{ github.ref_name }}* didn't get triggered in Buildkite. Build: (<${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|here>) + + post-release: + name: "Bump versions and create PR" + needs: + - release + uses: ./.github/workflows/pre-post-release.yml + if: inputs.dry_run == 'false' + with: + ref: ${{ inputs.ref }} + version: ${{ inputs.version }} + phase: 'post' + secrets: inherit diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 1b267508..744573ee 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -11,11 +11,6 @@ on: permissions: contents: read -env: - MAVEN_CONFIG: "-V -B -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn -Dhttps.protocols=TLSv1.2 -Dmaven.wagon.http.retryHandler.count=3 -Dmaven.wagon.httpconnectionManager.ttlSeconds=25" - JAVA_VERSION: 17 - JAVA_DIST: adopt - jobs: pre-commit: @@ -36,12 +31,9 @@ jobs: fail-fast: false steps: - uses: actions/checkout@v3 - - uses: actions/setup-java@v3 + - uses: ./.github/workflows/maven-goal with: - java-version: ${{ env.JAVA_VERSION }} - distribution: ${{ env.JAVA_DIST }} - cache: 'maven' - - run: ./mvnw ${{ matrix.goal }} + command: ./mvnw ${{ matrix.goal }} - name: Store test results if: ${{ matrix.goal == 'test' }} && (success() || failure()) uses: actions/upload-artifact@v3 diff --git a/.github/workflows/validate-tag/action.yml b/.github/workflows/validate-tag/action.yml new file mode 100644 index 00000000..a982355e --- /dev/null +++ b/.github/workflows/validate-tag/action.yml @@ -0,0 +1,25 @@ +--- + +name: validate-tag +description: Validate tag format + +inputs: + tag: + description: 'Tag to validate' + required: true + +runs: + using: "composite" + steps: + - name: Validate tag does not exist on current commit + id: validate-tag + shell: 'bash' + run: | + if ! [ $(echo "${{ inputs.tag }}" | grep -P "(\d{1,2})\.(\d{1,2})\.(\d{1,2})") ]; then + echo "Tag should be a SemVer format" + exit 1 + fi + if [ $(git tag -l "${{ inputs.tag }}") ]; then + echo "The tag ${{ inputs.tag }} already exists" + exit 1 + fi diff --git a/.mvn/maven.config b/.mvn/maven.config new file mode 100644 index 00000000..df90860a --- /dev/null +++ b/.mvn/maven.config @@ -0,0 +1,5 @@ +-B +-Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn +-Dhttps.protocols=TLSv1.2 +-Dmaven.wagon.http.retryHandler.count=3 +-Dmaven.wagon.httpconnectionManager.ttlSeconds=25 \ No newline at end of file diff --git a/pom.xml b/pom.xml index a0b7e8f1..5572b4fd 100644 --- a/pom.xml +++ b/pom.xml @@ -122,13 +122,9 @@ - maven-release-plugin - - false - gpg - true - v@{project.version} - + org.codehaus.mojo + versions-maven-plugin + 2.16.2 maven-deploy-plugin From 43a916f13657d1c9941332340219b447347e5c4e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 8 Feb 2024 13:49:56 +0000 Subject: [PATCH 23/31] Bump ch.qos.logback:logback-classic in /logback-ecs-encoder (#219) Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.2.8 to 1.2.13. - [Commits](https://github.com/qos-ch/logback/compare/v_1.2.8...v_1.2.13) --- updated-dependencies: - dependency-name: ch.qos.logback:logback-classic dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- logback-ecs-encoder/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/logback-ecs-encoder/pom.xml b/logback-ecs-encoder/pom.xml index 9c4f921c..68785036 100644 --- a/logback-ecs-encoder/pom.xml +++ b/logback-ecs-encoder/pom.xml @@ -38,7 +38,7 @@ ch.qos.logback logback-classic - 1.2.8 + 1.2.13 provided From 39fab3ff062c385421f42f02dd2ae0210fc29f7f Mon Sep 17 00:00:00 2001 From: Jonas Kunz Date: Wed, 14 Feb 2024 15:49:36 +0100 Subject: [PATCH 24/31] fix pre-post release workflow: missing inputs field (#227) --- .github/workflows/pre-post-release.yml | 29 +++++++++++++------------- 1 file changed, 15 insertions(+), 14 deletions(-) diff --git a/.github/workflows/pre-post-release.yml b/.github/workflows/pre-post-release.yml index 39690b02..863ae21c 100644 --- a/.github/workflows/pre-post-release.yml +++ b/.github/workflows/pre-post-release.yml @@ -3,20 +3,21 @@ name: Pre/Post Release on: workflow_call: - ref: - description: 'Branch or tag ref to run the workflow on' - required: true - default: 'main' - version: - description: 'The version to release (e.g. 1.2.3). This workflow will automatically perform the required version bumps' - required: true - phase: - description: 'Pre or post release phase' - type: choice - options: - - pre - - post - required: true + inputs: + ref: + description: 'Branch or tag ref to run the workflow on' + required: true + default: 'main' + version: + description: 'The version to release (e.g. 1.2.3). This workflow will automatically perform the required version bumps' + required: true + phase: + description: 'Pre or post release phase' + type: choice + options: + - pre + - post + required: true env: RELEASE_VERSION: ${{ inputs.version }} From c9ecc4ffff49f62f168dc9ba032fa6e07fa2a9cc Mon Sep 17 00:00:00 2001 From: Jonas Kunz Date: Thu, 15 Feb 2024 09:15:45 +0100 Subject: [PATCH 25/31] Fix types (#228) --- .github/workflows/pre-post-release.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/pre-post-release.yml b/.github/workflows/pre-post-release.yml index 863ae21c..69bea735 100644 --- a/.github/workflows/pre-post-release.yml +++ b/.github/workflows/pre-post-release.yml @@ -6,17 +6,16 @@ on: inputs: ref: description: 'Branch or tag ref to run the workflow on' + type: string required: true default: 'main' version: description: 'The version to release (e.g. 1.2.3). This workflow will automatically perform the required version bumps' + type: string required: true phase: description: 'Pre or post release phase' - type: choice - options: - - pre - - post + type: string #valid values are 'pre' or 'post' required: true env: From 709d413aa801fca5b4fbb7dcf49a079be35d75b4 Mon Sep 17 00:00:00 2001 From: Jan Calanog Date: Thu, 15 Feb 2024 15:59:49 +0700 Subject: [PATCH 26/31] Move concurrency settings to parent workflow (#229) --- .github/workflows/pre-post-release.yml | 3 --- .github/workflows/release.yml | 4 ++++ 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/pre-post-release.yml b/.github/workflows/pre-post-release.yml index 69bea735..76cc733b 100644 --- a/.github/workflows/pre-post-release.yml +++ b/.github/workflows/pre-post-release.yml @@ -25,9 +25,6 @@ env: permissions: contents: read -concurrency: - group: ${{ github.workflow }} - jobs: validate-tag: runs-on: ubuntu-latest diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index a5849fdf..07dd5be5 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -19,6 +19,10 @@ on: permissions: contents: read + +concurrency: + group: ${{ github.workflow }} + jobs: validate-tag: runs-on: ubuntu-latest From d73b15d0e3ef67eea9b90bc5546fc3fbd8806771 Mon Sep 17 00:00:00 2001 From: apmmachine <58790750+apmmachine@users.noreply.github.com> Date: Thu, 15 Feb 2024 07:20:54 -0500 Subject: [PATCH 27/31] pre release: ecs-logging-java v1.6.0 (#230) Co-authored-by: apmmachine --- ecs-logging-core/pom.xml | 2 +- jboss-logmanager-ecs-formatter/pom.xml | 2 +- jul-ecs-formatter/pom.xml | 2 +- log4j-ecs-layout/pom.xml | 2 +- log4j-legacy-tests/pom.xml | 2 +- log4j2-ecs-layout/pom.xml | 2 +- log4j2-legacy-tests/pom.xml | 2 +- logback-ecs-encoder/pom.xml | 2 +- logback-legacy-tests/pom.xml | 2 +- pom.xml | 2 +- 10 files changed, 10 insertions(+), 10 deletions(-) diff --git a/ecs-logging-core/pom.xml b/ecs-logging-core/pom.xml index efeec288..87ba45c8 100644 --- a/ecs-logging-core/pom.xml +++ b/ecs-logging-core/pom.xml @@ -3,7 +3,7 @@ ecs-logging-java-parent co.elastic.logging - 1.6.0-SNAPSHOT + 1.6.0 4.0.0 diff --git a/jboss-logmanager-ecs-formatter/pom.xml b/jboss-logmanager-ecs-formatter/pom.xml index def4a905..72fc0a67 100644 --- a/jboss-logmanager-ecs-formatter/pom.xml +++ b/jboss-logmanager-ecs-formatter/pom.xml @@ -3,7 +3,7 @@ ecs-logging-java-parent co.elastic.logging - 1.6.0-SNAPSHOT + 1.6.0 4.0.0 diff --git a/jul-ecs-formatter/pom.xml b/jul-ecs-formatter/pom.xml index 1760e8e6..735f314d 100644 --- a/jul-ecs-formatter/pom.xml +++ b/jul-ecs-formatter/pom.xml @@ -3,7 +3,7 @@ ecs-logging-java-parent co.elastic.logging - 1.6.0-SNAPSHOT + 1.6.0 4.0.0 diff --git a/log4j-ecs-layout/pom.xml b/log4j-ecs-layout/pom.xml index b349f872..b89c5945 100644 --- a/log4j-ecs-layout/pom.xml +++ b/log4j-ecs-layout/pom.xml @@ -3,7 +3,7 @@ ecs-logging-java-parent co.elastic.logging - 1.6.0-SNAPSHOT + 1.6.0 4.0.0 diff --git a/log4j-legacy-tests/pom.xml b/log4j-legacy-tests/pom.xml index d9c78315..a5eff102 100644 --- a/log4j-legacy-tests/pom.xml +++ b/log4j-legacy-tests/pom.xml @@ -3,7 +3,7 @@ ecs-logging-java-parent co.elastic.logging - 1.6.0-SNAPSHOT + 1.6.0 4.0.0 diff --git a/log4j2-ecs-layout/pom.xml b/log4j2-ecs-layout/pom.xml index b020639c..ac8ce772 100644 --- a/log4j2-ecs-layout/pom.xml +++ b/log4j2-ecs-layout/pom.xml @@ -3,7 +3,7 @@ ecs-logging-java-parent co.elastic.logging - 1.6.0-SNAPSHOT + 1.6.0 4.0.0 diff --git a/log4j2-legacy-tests/pom.xml b/log4j2-legacy-tests/pom.xml index e4db5f64..0f4fb128 100644 --- a/log4j2-legacy-tests/pom.xml +++ b/log4j2-legacy-tests/pom.xml @@ -3,7 +3,7 @@ ecs-logging-java-parent co.elastic.logging - 1.6.0-SNAPSHOT + 1.6.0 4.0.0 diff --git a/logback-ecs-encoder/pom.xml b/logback-ecs-encoder/pom.xml index 68785036..a9559ccb 100644 --- a/logback-ecs-encoder/pom.xml +++ b/logback-ecs-encoder/pom.xml @@ -3,7 +3,7 @@ ecs-logging-java-parent co.elastic.logging - 1.6.0-SNAPSHOT + 1.6.0 4.0.0 diff --git a/logback-legacy-tests/pom.xml b/logback-legacy-tests/pom.xml index 409e6dd1..d68f0930 100644 --- a/logback-legacy-tests/pom.xml +++ b/logback-legacy-tests/pom.xml @@ -3,7 +3,7 @@ ecs-logging-java-parent co.elastic.logging - 1.6.0-SNAPSHOT + 1.6.0 4.0.0 diff --git a/pom.xml b/pom.xml index 5572b4fd..4f58c3de 100644 --- a/pom.xml +++ b/pom.xml @@ -4,7 +4,7 @@ co.elastic.logging ecs-logging-java-parent - 1.6.0-SNAPSHOT + 1.6.0 ${project.groupId}:${project.artifactId} ecs-logging-core From 5f3beb5c7cfe283df0512055da07d4094a013f67 Mon Sep 17 00:00:00 2001 From: Adrien Mannocci Date: Thu, 15 Feb 2024 15:13:22 +0100 Subject: [PATCH 28/31] fix: correct new release process (#231) Signed-off-by: Adrien Mannocci --- .github/workflows/pre-post-release.yml | 4 ++-- .github/workflows/pre-release.yml | 5 +++++ .github/workflows/release.yml | 6 ++++-- 3 files changed, 11 insertions(+), 4 deletions(-) diff --git a/.github/workflows/pre-post-release.yml b/.github/workflows/pre-post-release.yml index 76cc733b..aed3f4ab 100644 --- a/.github/workflows/pre-post-release.yml +++ b/.github/workflows/pre-post-release.yml @@ -15,7 +15,7 @@ on: required: true phase: description: 'Pre or post release phase' - type: string #valid values are 'pre' or 'post' + type: string # valid values are 'pre' or 'post' required: true env: @@ -82,7 +82,7 @@ jobs: if: inputs.phase == 'post' uses: ./.github/workflows/maven-goal with: - command: ./mvnw -V versions:set -DprocessAllModules=true -DgenerateBackupPoms=false -nextSnapshot=true + command: ./mvnw -V versions:set -DprocessAllModules=true -DgenerateBackupPoms=false -DnextSnapshot=true - name: Push the ${{ inputs.phase }} release branch run: | diff --git a/.github/workflows/pre-release.yml b/.github/workflows/pre-release.yml index 34c83109..350c8c97 100644 --- a/.github/workflows/pre-release.yml +++ b/.github/workflows/pre-release.yml @@ -12,6 +12,9 @@ on: description: 'The version to release (e.g. 1.2.3). This workflow will automatically perform the required version bumps' required: true +permissions: + contents: read + concurrency: group: ${{ github.workflow }} @@ -19,6 +22,8 @@ jobs: pre-release: name: "Bump versions and create PR" uses: ./.github/workflows/pre-post-release.yml + permissions: + contents: write with: ref: ${{ inputs.ref }} version: ${{ inputs.version }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 07dd5be5..7026c868 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -19,10 +19,12 @@ on: permissions: contents: read - concurrency: group: ${{ github.workflow }} +env: + RELEASE_VERSION: ${{ inputs.version }} + jobs: validate-tag: runs-on: ubuntu-latest @@ -88,7 +90,7 @@ jobs: needs: - release uses: ./.github/workflows/pre-post-release.yml - if: inputs.dry_run == 'false' + if: inputs.dry_run == false with: ref: ${{ inputs.ref }} version: ${{ inputs.version }} From 8344327bde1f4d67f6227c148f7b56c2532bdcb6 Mon Sep 17 00:00:00 2001 From: Adrien Mannocci Date: Thu, 15 Feb 2024 17:00:15 +0100 Subject: [PATCH 29/31] fix: don't forget permissions (#232) Signed-off-by: Adrien Mannocci --- .github/workflows/release.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 7026c868..c86958b3 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -90,6 +90,8 @@ jobs: needs: - release uses: ./.github/workflows/pre-post-release.yml + permissions: + contents: write if: inputs.dry_run == false with: ref: ${{ inputs.ref }} From 8ee34b9161c237a51cebad37e88e267aceb2771f Mon Sep 17 00:00:00 2001 From: Jonas Kunz Date: Mon, 19 Feb 2024 14:18:03 +0100 Subject: [PATCH 30/31] Switch to nexus plugin for releases (#235) --- pom.xml | 28 +++++++++++++++++++++++----- 1 file changed, 23 insertions(+), 5 deletions(-) diff --git a/pom.xml b/pom.xml index 4f58c3de..c6eda062 100644 --- a/pom.xml +++ b/pom.xml @@ -11,11 +11,21 @@ log4j-ecs-layout log4j2-ecs-layout logback-ecs-encoder - jul-ecs-formatter jboss-logmanager-ecs-formatter log4j2-legacy-tests log4j-legacy-tests logback-legacy-tests + jul-ecs-formatter + pom 2019 @@ -127,9 +137,16 @@ 2.16.2 - maven-deploy-plugin + org.sonatype.plugins + nexus-staging-maven-plugin + true - ${maven-deploy-plugin.skip} + + https://oss.sonatype.org/ + + sonatype-nexus-staging + ${maven-deploy-plugin.skip} + true @@ -297,8 +314,9 @@ 2.5.3 - maven-deploy-plugin - 2.8.2 + org.sonatype.plugins + nexus-staging-maven-plugin + 1.6.13 org.codehaus.mojo From 06ca5544e5deb9b61720d99c65b5ba8ce07f3ce6 Mon Sep 17 00:00:00 2001 From: Jonas Kunz Date: Mon, 19 Feb 2024 14:18:42 +0100 Subject: [PATCH 31/31] Await artifact on maven central on release (#236) --- .github/workflows/release.yml | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index c86958b3..638b5340 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -15,6 +15,14 @@ on: description: If set, run a dry-run release default: false type: boolean + skip_maven_deploy: + description: | + If enabled, the deployment to maven central will be skipped. + Select this if the deployment job for this release failed in a previous version but the release was actually published. + Check manually on maven central beforehand! + type: boolean + required: true + default: false permissions: contents: read @@ -47,6 +55,7 @@ jobs: release: name: Release runs-on: ubuntu-latest + if: ${{ ! inputs.skip_maven_deploy }} needs: - validate-tag steps: @@ -85,10 +94,22 @@ jobs: :ghost: [${{ github.repository }}] Release *${{ github.ref_name }}* didn't get triggered in Buildkite. Build: (<${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|here>) + await-maven-central-artifact: + runs-on: ubuntu-latest + name: Wait for release to be available on maven-central + needs: + - validate-tag + steps: + - uses: elastic/apm-pipeline-library/.github/actions/await-maven-artifact@current + with: + groupid: 'co.elastic.logging' + artifactid: 'ecs-logging-core' + version: ${{ inputs.version }} + post-release: name: "Bump versions and create PR" needs: - - release + - await-maven-central-artifact uses: ./.github/workflows/pre-post-release.yml permissions: contents: write