# Copyright (c) HashiCorp, Inc. # SPDX-License-Identifier: MPL-2.0 name: build on: push: # Sequence of patterns matched against refs/heads branches: # Push events on the main branch - main - release/** env: PKG_NAME: consul # TODO(spatel): CE refactor METADATA: oss GOPRIVATE: github.com/hashicorp # Required for enterprise deps jobs: get-go-version: uses: ./.github/workflows/reusable-get-go-version.yml set-product-version: runs-on: ubuntu-latest outputs: product-version: ${{ steps.set-product-version.outputs.product-version }} base-product-version: ${{ steps.set-product-version.outputs.base-product-version }} product-date: ${{ steps.get-product-version.outputs.product-date }} pre-version: ${{ steps.set-product-version.outputs.prerelease-product-version }} shared-ldflags: ${{ steps.shared-ldflags.outputs.shared-ldflags }} steps: - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 # action-set-product-version implicitly sets fields like 'product-version' using version/VERSION # https://github.com/hashicorp/actions-set-product-version - name: set product version id: set-product-version uses: hashicorp/actions-set-product-version@v2 - name: get product version id: get-product-version run: | CONSUL_DATE=$(build-support/scripts/build-date.sh) echo "product-date=${CONSUL_DATE}" >> "$GITHUB_OUTPUT" - name: Set shared -ldflags id: shared-ldflags run: | T="github.com/hashicorp/consul/version" echo "shared-ldflags=-X ${T}.GitCommit=${GITHUB_SHA::8} \ -X ${T}.GitDescribe=${{ steps.set-product-version.outputs.product-version }} \ -X ${T}.BuildDate=${{ steps.get-product-version.outputs.product-date }} \ " >> "$GITHUB_OUTPUT" validate-outputs: needs: set-product-version runs-on: ubuntu-latest steps: - name: Validate Outputs run: | echo "Product Version: ${{ needs.set-product-version.outputs.product-version }}" echo "Base Product Version: ${{ needs.set-product-version.outputs.base-product-version }}" echo "Product Metadata: ${{ env.METADATA }}" echo "Product Date: ${{ needs.set-product-version.outputs.product-date }}" echo "Prerelease Version: ${{ needs.set-product-version.outputs.pre-version }}" echo "Ldflags: ${{ needs.set-product-version.outputs.shared-ldflags }}" generate-metadata-file: needs: set-product-version runs-on: ubuntu-latest outputs: filepath: ${{ steps.generate-metadata-file.outputs.filepath }} steps: - name: 'Checkout directory' uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 - name: Generate metadata file id: generate-metadata-file uses: hashicorp/actions-generate-metadata@v1 with: version: ${{ needs.set-product-version.outputs.product-version }} product: ${{ env.PKG_NAME }} - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 with: name: metadata.json path: ${{ steps.generate-metadata-file.outputs.filepath }} build: needs: - set-product-version - get-go-version runs-on: ubuntu-latest strategy: matrix: include: - {goos: "linux", goarch: "386"} - {goos: "linux", goarch: "amd64"} - {goos: "linux", goarch: "arm"} - {goos: "linux", goarch: "arm64"} - {goos: "freebsd", goarch: "386"} - {goos: "freebsd", goarch: "amd64"} - {goos: "windows", goarch: "386"} - {goos: "windows", goarch: "amd64"} - {goos: "solaris", goarch: "amd64"} fail-fast: true name: Go ${{ needs.get-go-version.outputs.go-version }} ${{ matrix.goos }} ${{ matrix.goarch }} build steps: - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 - name: Setup with node and yarn uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 with: node-version: '18' cache: 'yarn' cache-dependency-path: 'ui/yarn.lock' - name: Build UI run: | CONSUL_VERSION=${{ needs.set-product-version.outputs.product-version }} CONSUL_DATE=${{ needs.set-product-version.outputs.product-date }} CONSUL_BINARY_TYPE=${CONSUL_BINARY_TYPE} CONSUL_COPYRIGHT_YEAR=$(git show -s --format=%cd --date=format:%Y HEAD) echo "consul_version is ${CONSUL_VERSION}" echo "consul_date is ${CONSUL_DATE}" echo "consul binary type is ${CONSUL_BINARY_TYPE}" echo "consul copyright year is ${CONSUL_COPYRIGHT_YEAR}" cd ui && make && cd .. rm -rf agent/uiserver/dist mv ui/packages/consul-ui/dist agent/uiserver/ - name: Go Build env: PRODUCT_VERSION: ${{ needs.set-product-version.outputs.product-version }} PRERELEASE_VERSION: ${{ needs.set-product-version.outputs.pre-version }} CGO_ENABLED: "0" GOLDFLAGS: "${{needs.set-product-version.outputs.shared-ldflags}}" uses: hashicorp/actions-go-build@v1 with: product_name: ${{ env.PKG_NAME }} product_version: ${{ needs.set-product-version.outputs.product-version }} go_version: ${{ needs.get-go-version.outputs.go-version }} os: ${{ matrix.goos }} arch: ${{ matrix.goarch }} reproducible: report instructions: |- cp LICENSE $TARGET_DIR/LICENSE.txt go build -ldflags="$GOLDFLAGS" -o "$BIN_PATH" -trimpath -buildvcs=false - name: Copy license file if: ${{ !endsWith(github.repository, '-enterprise') }} env: LICENSE_DIR: ".release/linux/package/usr/share/doc/${{ env.PKG_NAME }}" run: | mkdir -p "$LICENSE_DIR" cp LICENSE "$LICENSE_DIR/LICENSE.txt" - name: Package if: ${{ matrix.goos == 'linux' }} uses: hashicorp/actions-packaging-linux@v1 with: name: ${{ github.event.repository.name }} description: "Consul is a distributed, highly available, and data center aware solution to connect and configure applications across dynamic, distributed infrastructure. " arch: ${{ matrix.goarch }} version: ${{ needs.set-product-version.outputs.product-version }} maintainer: "HashiCorp" homepage: "https://github.com/hashicorp/consul" license: "BSL-1.1" binary: "dist/${{ env.PKG_NAME }}" deb_depends: "openssl" rpm_depends: "openssl" config_dir: ".release/linux/package" preinstall: ".release/linux/preinstall" postinstall: ".release/linux/postinstall" preremove: ".release/linux/preremove" postremove: ".release/linux/postremove" - name: Set Package Names if: ${{ matrix.goos == 'linux' }} run: | echo "RPM_PACKAGE=$(basename out/*.rpm)" >> $GITHUB_ENV echo "DEB_PACKAGE=$(basename out/*.deb)" >> $GITHUB_ENV - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 if: ${{ matrix.goos == 'linux' }} with: name: ${{ env.RPM_PACKAGE }} path: out/${{ env.RPM_PACKAGE }} - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 if: ${{ matrix.goos == 'linux' }} with: name: ${{ env.DEB_PACKAGE }} path: out/${{ env.DEB_PACKAGE }} build-s390x: needs: - set-product-version - get-go-version if: ${{ endsWith(github.repository, '-enterprise') }} runs-on: ubuntu-latest strategy: matrix: include: - {goos: "linux", goarch: "s390x"} fail-fast: true name: Go ${{ needs.get-go-version.outputs.go-version }} ${{ matrix.goos }} ${{ matrix.goarch }} build steps: - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 - name: Setup with node and yarn uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 with: node-version: '18' cache: 'yarn' cache-dependency-path: 'ui/yarn.lock' - name: Build UI run: | CONSUL_VERSION=${{ needs.set-product-version.outputs.product-version }} CONSUL_DATE=${{ needs.set-product-version.outputs.product-date }} CONSUL_BINARY_TYPE=${CONSUL_BINARY_TYPE} CONSUL_COPYRIGHT_YEAR=$(git show -s --format=%cd --date=format:%Y HEAD) echo "consul_version is ${CONSUL_VERSION}" echo "consul_date is ${CONSUL_DATE}" echo "consul binary type is ${CONSUL_BINARY_TYPE}" echo "consul copyright year is ${CONSUL_COPYRIGHT_YEAR}" cd ui && make && cd .. rm -rf agent/uiserver/dist mv ui/packages/consul-ui/dist agent/uiserver/ - name: Go Build env: PRODUCT_VERSION: ${{ needs.set-product-version.outputs.product-version }} PRERELEASE_VERSION: ${{ needs.set-product-version.outputs.pre-version }} CGO_ENABLED: "0" GOLDFLAGS: "${{needs.set-product-version.outputs.shared-ldflags}}" uses: hashicorp/actions-go-build@v1 with: product_name: ${{ env.PKG_NAME }} product_version: ${{ needs.set-product-version.outputs.product-version }} go_version: ${{ needs.get-go-version.outputs.go-version }} os: ${{ matrix.goos }} arch: ${{ matrix.goarch }} reproducible: report instructions: |- cp LICENSE $TARGET_DIR/LICENSE.txt go build -ldflags="$GOLDFLAGS" -o "$BIN_PATH" -trimpath -buildvcs=false build-darwin: needs: - set-product-version - get-go-version runs-on: macos-latest strategy: matrix: goos: [ darwin ] goarch: [ "amd64", "arm64" ] fail-fast: true name: Go ${{ needs.get-go-version.outputs.go-version }} ${{ matrix.goos }} ${{ matrix.goarch }} build steps: - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 - name: Setup with node and yarn uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 with: node-version: '18' cache: 'yarn' cache-dependency-path: 'ui/yarn.lock' - name: Build UI run: | CONSUL_VERSION=${{ needs.set-product-version.outputs.product-version }} CONSUL_BINARY_TYPE=${CONSUL_BINARY_TYPE} CONSUL_COPYRIGHT_YEAR=$(git show -s --format=%cd --date=format:%Y HEAD) echo "consul_version is ${CONSUL_VERSION}" echo "consul binary type is ${CONSUL_BINARY_TYPE}" echo "consul copyright year is ${CONSUL_COPYRIGHT_YEAR}" cd ui && make && cd .. rm -rf agent/uiserver/dist mv ui/packages/consul-ui/dist agent/uiserver/ - name: Go Build env: PRODUCT_VERSION: ${{ needs.set-product-version.outputs.product-version }} PRERELEASE_VERSION: ${{ needs.set-product-version.outputs.pre-version }} CGO_ENABLED: "0" GOLDFLAGS: "${{needs.set-product-version.outputs.shared-ldflags}}" uses: hashicorp/actions-go-build@v1 with: product_name: ${{ env.PKG_NAME }} product_version: ${{ needs.set-product-version.outputs.product-version }} go_version: ${{ needs.get-go-version.outputs.go-version }} os: ${{ matrix.goos }} arch: ${{ matrix.goarch }} reproducible: report instructions: |- cp LICENSE $TARGET_DIR/LICENSE.txt go build -ldflags="$GOLDFLAGS" -tags netcgo -o "$BIN_PATH" -trimpath -buildvcs=false build-docker: name: Docker ${{ matrix.arch }} build needs: - set-product-version - build runs-on: ubuntu-latest strategy: matrix: include: - { arch: "386" } - { arch: "arm" } - { arch: "amd64" } - { arch: "arm64" } env: repo: ${{github.event.repository.name}} version: ${{needs.set-product-version.outputs.product-version}} steps: - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 # Strip everything but MAJOR.MINOR from the version string and add a `-dev` suffix # This naming convention will be used ONLY for per-commit dev images - name: Set docker dev tag run: | echo "full_dev_tag=${{ env.version }}" echo "full_dev_tag=${{ env.version }}" >> $GITHUB_ENV echo "minor_dev_tag=$(echo ${{ env.version }}| sed -E 's/([0-9]+\.[0-9]+)\.[0-9]+(-[0-9a-zA-Z\+\.]+)?$/\1\2/')" echo "minor_dev_tag=$(echo ${{ env.version }}| sed -E 's/([0-9]+\.[0-9]+)\.[0-9]+(-[0-9a-zA-Z\+\.]+)?$/\1\2/')" >> $GITHUB_ENV - name: Docker Build (Action) uses: hashicorp/actions-docker-build@v2 with: version: ${{env.version}} target: default arch: ${{matrix.arch}} tags: | docker.io/hashicorp/${{env.repo}}:${{env.version}} public.ecr.aws/hashicorp/${{env.repo}}:${{env.version}} dev_tags: | docker.io/hashicorppreview/${{ env.repo }}:${{ env.full_dev_tag }} docker.io/hashicorppreview/${{ env.repo }}:${{ env.full_dev_tag }}-${{ github.sha }} docker.io/hashicorppreview/${{ env.repo }}:${{ env.minor_dev_tag }} docker.io/hashicorppreview/${{ env.repo }}:${{ env.minor_dev_tag }}-${{ github.sha }} smoke_test: .github/scripts/verify_docker.sh v${{ env.version }} build-docker-ubi-dockerhub: name: Docker Build UBI Images needs: - set-product-version - build runs-on: ubuntu-latest env: repo: ${{github.event.repository.name}} version: ${{needs.set-product-version.outputs.product-version}} steps: - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 # Strip everything but MAJOR.MINOR from the version string and add a `-dev` suffix # This naming convention will be used ONLY for per-commit dev images - name: Set docker dev tag run: | echo "full_dev_tag=${{ env.version }}" echo "full_dev_tag=${{ env.version }}" >> $GITHUB_ENV echo "minor_dev_tag=$(echo ${{ env.version }}| sed -E 's/([0-9]+\.[0-9]+)\.[0-9]+(-[0-9a-zA-Z\+\.]+)?$/\1\2/')" echo "minor_dev_tag=$(echo ${{ env.version }}| sed -E 's/([0-9]+\.[0-9]+)\.[0-9]+(-[0-9a-zA-Z\+\.]+)?$/\1\2/')" >> $GITHUB_ENV - uses: hashicorp/actions-docker-build@v2 with: version: ${{env.version}} target: ubi arch: amd64 tags: | docker.io/hashicorp/${{env.repo}}:${{env.version}}-ubi public.ecr.aws/hashicorp/${{env.repo}}:${{env.version}}-ubi dev_tags: | docker.io/hashicorppreview/${{ env.repo }}:${{ env.full_dev_tag }}-ubi docker.io/hashicorppreview/${{ env.repo }}:${{ env.full_dev_tag }}-ubi-${{ github.sha }} docker.io/hashicorppreview/${{ env.repo }}:${{ env.minor_dev_tag }}-ubi docker.io/hashicorppreview/${{ env.repo }}:${{ env.minor_dev_tag }}-ubi-${{ github.sha }} smoke_test: .github/scripts/verify_docker.sh v${{ env.version }} redhat_tag: quay.io/redhat-isv-containers/60f9fdbec3a80eac643abedf:${{env.version}}-ubi verify-linux: needs: - set-product-version - build runs-on: ubuntu-latest strategy: matrix: include: - { arch: "386" } - { arch: "arm" } - { arch: "amd64" } - { arch: "arm64" } fail-fast: true env: version: ${{ needs.set-product-version.outputs.product-version }} zip_name: consul_${{ needs.set-product-version.outputs.product-version }}_linux_${{ matrix.arch }}.zip name: Verify ${{ matrix.arch }} linux binary steps: - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 if: ${{ endsWith(github.repository, '-enterprise') || matrix.arch != 's390x' }} - name: Download ${{ matrix.arch }} zip if: ${{ endsWith(github.repository, '-enterprise') || matrix.arch != 's390x' }} uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 with: name: ${{ env.zip_name }} - name: Set up QEMU uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 if: ${{ matrix.arch == 'arm' || matrix.arch == 'arm64' }} with: # this should be a comma-separated string as opposed to an array platforms: arm,arm64 - name: Run verification for ${{ matrix.arch }} binary if: ${{ endsWith(github.repository, '-enterprise') || matrix.arch != 's390x' }} run: .github/scripts/verify_artifact.sh ${{ env.zip_name }} v${{ env.version }} verify-darwin: needs: - set-product-version - build-darwin runs-on: macos-latest strategy: fail-fast: true env: version: ${{needs.set-product-version.outputs.product-version}} zip_name: consul_${{ needs.set-product-version.outputs.product-version }}_darwin_amd64.zip name: Verify amd64 darwin binary steps: - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 - name: Download amd64 darwin zip uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 with: name: ${{ env.zip_name }} - name: Unzip amd64 darwin zip run: unzip ${{ env.zip_name }} - name: Run verification for amd64 darwin binary run: .github/scripts/verify_bin.sh ./consul v${{ env.version }} verify-linux-packages-deb: needs: - build - set-product-version runs-on: ubuntu-latest strategy: matrix: include: - { arch: "i386" } - { arch: "armhf" } - { arch: "amd64" } - { arch: "arm64" } # fail-fast: true env: version: ${{ needs.set-product-version.outputs.product-version }} name: Verify ${{ matrix.arch }} debian package steps: - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 - name: Set package version run: | echo "pkg_version=$(echo ${{ needs.set-product-version.outputs.product-version }} | sed 's/\-/~/g')" >> $GITHUB_ENV - name: Set package name run: | echo "pkg_name=consul_${{ env.pkg_version }}-1_${{ matrix.arch }}.deb" >> $GITHUB_ENV - name: Download workflow artifacts uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 with: name: ${{ env.pkg_name }} - name: Set up QEMU uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 with: platforms: all - name: Verify ${{ matrix.arch }} debian package run: ./.github/scripts/verify_artifact.sh ${{ env.pkg_name }} v${{ env.version }} verify-linux-packages-rpm: needs: - build - set-product-version runs-on: ubuntu-latest strategy: matrix: include: - { arch: "i386" } - { arch: "x86_64" } # TODO(eculver): re-enable when there is a smaller verification container available # - { arch: "armv7hl" } # - { arch: "aarch64" } env: version: ${{ needs.set-product-version.outputs.product-version }} name: Verify ${{ matrix.arch }} rpm steps: - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 - name: Set package version run: | echo "pkg_version=$(echo ${{ needs.set-product-version.outputs.product-version }} | sed 's/\-/~/g')" >> $GITHUB_ENV - name: Set package name run: | echo "pkg_name=consul-${{ env.pkg_version }}-1.${{ matrix.arch }}.rpm" >> $GITHUB_ENV - name: Download workflow artifacts uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 with: name: ${{ env.pkg_name }} - name: Set up QEMU uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 with: platforms: all - name: Verify ${{ matrix.arch }} rpm run: ./.github/scripts/verify_artifact.sh ${{ env.pkg_name }} v${{ env.version }}