Skip to content

chore: [k217] fix: sanatize structured metadata at query time (#13994) #159

chore: [k217] fix: sanatize structured metadata at query time (#13994)

chore: [k217] fix: sanatize structured metadata at query time (#13994) #159

concurrency:
group: "create-release-pr-${{ github.sha }}"
env:
BUILD_ARTIFACTS_BUCKET: "loki-build-artifacts"
BUILD_TIMEOUT: 40
CHANGELOG_PATH: "CHANGELOG.md"
DOCKER_USERNAME: "grafana"
DRY_RUN: false
IMAGE_PREFIX: "grafana"
RELEASE_LIB_REF: "main"
RELEASE_REPO: "grafana/loki"
SKIP_VALIDATION: false
USE_GITHUB_APP_TOKEN: true
VERSIONING_STRATEGY: "always-bump-minor"
jobs:
check:
uses: "grafana/loki-release/.github/workflows/check.yml@main"
with:
build_image: "grafana/loki-build-image:0.33.6"
golang_ci_lint_version: "v1.55.1"
release_lib_ref: "main"
skip_validation: false
use_github_app_token: true
create-release-pr:
needs:
- "dist"
- "fluent-bit"
- "fluentd"
- "logcli"
- "logstash"
- "loki"
- "loki-canary"
- "loki-canary-boringcrypto"
- "promtail"
- "querytee"
runs-on: "ubuntu-latest"
steps:
- name: "pull code to release"
uses: "actions/checkout@v4"
with:
path: "release"
repository: "${{ env.RELEASE_REPO }}"
- name: "pull release library code"
uses: "actions/checkout@v4"
with:
path: "lib"
ref: "${{ env.RELEASE_LIB_REF }}"
repository: "grafana/loki-release"
- name: "setup node"
uses: "actions/setup-node@v4"
with:
node-version: 20
- id: "extract_branch"
name: "extract branch name"
run: |
echo "branch=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" >> $GITHUB_OUTPUT
working-directory: "release"
- id: "get_github_app_token"
if: "${{ fromJSON(env.USE_GITHUB_APP_TOKEN) }}"
name: "get github app token"
uses: "actions/create-github-app-token@v1"
with:
app-id: "${{ secrets.APP_ID }}"
owner: "${{ github.repository_owner }}"
private-key: "${{ secrets.APP_PRIVATE_KEY }}"
- id: "github_app_token"
name: "set github token"
run: |
if [[ "${USE_GITHUB_APP_TOKEN}" == "true" ]]; then
echo "token=${{ steps.get_github_app_token.outputs.token }}" >> $GITHUB_OUTPUT
else
echo "token=${{ secrets.GH_TOKEN }}" >> $GITHUB_OUTPUT
fi
- env:
SHA: "${{ github.sha }}"
id: "release"
name: "release please"
run: |
npm install
npm exec -- release-please release-pr \
--changelog-path "${CHANGELOG_PATH}" \
--consider-all-branches \
--group-pull-request-title-pattern "chore\${scope}: release\${component} \${version}" \
--label "backport main,autorelease: pending,product-approved" \
--manifest-file .release-please-manifest.json \
--pull-request-footer "Merging this PR will release the [artifacts](https://console.cloud.google.com/storage/browser/${BUILD_ARTIFACTS_BUCKET}/${SHA}) of ${SHA}" \
--pull-request-title-pattern "chore\${scope}: release\${component} \${version}" \
--release-as "${{ needs.dist.outputs.version }}" \
--release-type simple \
--repo-url "${{ env.RELEASE_REPO }}" \
--separate-pull-requests false \
--target-branch "${{ steps.extract_branch.outputs.branch }}" \
--token "${{ steps.github_app_token.outputs.token }}" \
--dry-run ${{ fromJSON(env.DRY_RUN) }}
working-directory: "lib"
dist:
needs:
- "version"
outputs:
version: "${{ needs.version.outputs.version }}"
runs-on: "ubuntu-latest"
steps:
- name: "clean up build tools cache"
run: "rm -rf /opt/hostedtoolcache"
- name: "pull code to release"
uses: "actions/checkout@v4"
with:
path: "release"
repository: "${{ env.RELEASE_REPO }}"
- name: "auth gcs"
uses: "google-github-actions/auth@v2"
with:
credentials_json: "${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}"
- name: "Set up Cloud SDK"
uses: "google-github-actions/setup-gcloud@v2"
with:
version: ">= 452.0.0"
- id: "get-secrets"
name: "get nfpm signing keys"
uses: "grafana/shared-workflows/actions/get-vault-secrets@main"
with:
common_secrets: |
NFPM_SIGNING_KEY=packages-gpg:private-key
NFPM_PASSPHRASE=packages-gpg:passphrase
- env:
BUILD_IN_CONTAINER: false
DRONE_TAG: "${{ needs.version.outputs.version }}"
IMAGE_TAG: "${{ needs.version.outputs.version }}"
NFPM_SIGNING_KEY_FILE: "nfpm-private-key.key"
SKIP_ARM: false
if: "${{ fromJSON(needs.version.outputs.pr_created) }}"
name: "build artifacts"
run: |
cat <<EOF | docker run \
--interactive \
--env BUILD_IN_CONTAINER \
--env DRONE_TAG \
--env IMAGE_TAG \
--env NFPM_PASSPHRASE \
--env NFPM_SIGNING_KEY \
--env NFPM_SIGNING_KEY_FILE \
--env SKIP_ARM \
--volume .:/src/loki \
--workdir /src/loki \
--entrypoint /bin/sh "grafana/loki-build-image:0.33.6"
git config --global --add safe.directory /src/loki
echo "${NFPM_SIGNING_KEY}" > $NFPM_SIGNING_KEY_FILE
make dist packages
EOF
working-directory: "release"
- if: "${{ fromJSON(needs.version.outputs.pr_created) }}"
name: "upload artifacts"
uses: "google-github-actions/upload-cloud-storage@v2"
with:
destination: "${{ env.BUILD_ARTIFACTS_BUCKET }}/${{ github.sha }}"
path: "release/dist"
process_gcloudignore: false
fluent-bit:
needs:
- "version"
runs-on: "ubuntu-latest"
steps:
- name: "pull release library code"
uses: "actions/checkout@v4"
with:
path: "lib"
ref: "${{ env.RELEASE_LIB_REF }}"
repository: "grafana/loki-release"
- name: "pull code to release"
uses: "actions/checkout@v4"
with:
path: "release"
repository: "${{ env.RELEASE_REPO }}"
- name: "setup node"
uses: "actions/setup-node@v4"
with:
node-version: 20
- name: "auth gcs"
uses: "google-github-actions/auth@v2"
with:
credentials_json: "${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}"
- name: "Set up QEMU"
uses: "docker/setup-qemu-action@v3"
- name: "set up docker buildx"
uses: "docker/setup-buildx-action@v3"
- id: "platform"
name: "parse image platform"
run: |
mkdir -p images
platform="$(echo "${{ matrix.platform}}" | sed "s/\(.*\)\/\(.*\)/\1-\2/")"
echo "platform=${platform}" >> $GITHUB_OUTPUT
echo "platform_short=$(echo ${{ matrix.platform }} | cut -d / -f 2)" >> $GITHUB_OUTPUT
working-directory: "release"
- env:
IMAGE_TAG: "${{ needs.version.outputs.version }}"
if: "${{ fromJSON(needs.version.outputs.pr_created) }}"
name: "Build and export"
timeout-minutes: "${{ fromJSON(env.BUILD_TIMEOUT) }}"
uses: "docker/build-push-action@v5"
with:
build-args: "IMAGE_TAG=${{ needs.version.outputs.version }}"
context: "release"
file: "release/clients/cmd/fluent-bit/Dockerfile"
outputs: "type=docker,dest=release/images/fluent-bit-plugin-loki-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar"
platforms: "${{ matrix.platform }}"
tags: "${{ env.IMAGE_PREFIX }}/fluent-bit-plugin-loki:${{ needs.version.outputs.version }}-${{ steps.platform.outputs.platform_short }}"
- if: "${{ fromJSON(needs.version.outputs.pr_created) }}"
name: "upload artifacts"
uses: "google-github-actions/upload-cloud-storage@v2"
with:
destination: "${{ env.BUILD_ARTIFACTS_BUCKET }}/${{ github.sha }}/images"
path: "release/images/fluent-bit-plugin-loki-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar"
process_gcloudignore: false
strategy:
fail-fast: true
matrix:
platform:
- "linux/amd64"
fluentd:
needs:
- "version"
runs-on: "ubuntu-latest"
steps:
- name: "pull release library code"
uses: "actions/checkout@v4"
with:
path: "lib"
ref: "${{ env.RELEASE_LIB_REF }}"
repository: "grafana/loki-release"
- name: "pull code to release"
uses: "actions/checkout@v4"
with:
path: "release"
repository: "${{ env.RELEASE_REPO }}"
- name: "setup node"
uses: "actions/setup-node@v4"
with:
node-version: 20
- name: "auth gcs"
uses: "google-github-actions/auth@v2"
with:
credentials_json: "${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}"
- name: "Set up QEMU"
uses: "docker/setup-qemu-action@v3"
- name: "set up docker buildx"
uses: "docker/setup-buildx-action@v3"
- id: "platform"
name: "parse image platform"
run: |
mkdir -p images
platform="$(echo "${{ matrix.platform}}" | sed "s/\(.*\)\/\(.*\)/\1-\2/")"
echo "platform=${platform}" >> $GITHUB_OUTPUT
echo "platform_short=$(echo ${{ matrix.platform }} | cut -d / -f 2)" >> $GITHUB_OUTPUT
working-directory: "release"
- env:
IMAGE_TAG: "${{ needs.version.outputs.version }}"
if: "${{ fromJSON(needs.version.outputs.pr_created) }}"
name: "Build and export"
timeout-minutes: "${{ fromJSON(env.BUILD_TIMEOUT) }}"
uses: "docker/build-push-action@v5"
with:
build-args: "IMAGE_TAG=${{ needs.version.outputs.version }}"
context: "release"
file: "release/clients/cmd/fluentd/Dockerfile"
outputs: "type=docker,dest=release/images/fluent-plugin-loki-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar"
platforms: "${{ matrix.platform }}"
tags: "${{ env.IMAGE_PREFIX }}/fluent-plugin-loki:${{ needs.version.outputs.version }}-${{ steps.platform.outputs.platform_short }}"
- if: "${{ fromJSON(needs.version.outputs.pr_created) }}"
name: "upload artifacts"
uses: "google-github-actions/upload-cloud-storage@v2"
with:
destination: "${{ env.BUILD_ARTIFACTS_BUCKET }}/${{ github.sha }}/images"
path: "release/images/fluent-plugin-loki-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar"
process_gcloudignore: false
strategy:
fail-fast: true
matrix:
platform:
- "linux/amd64"
logcli:
needs:
- "version"
runs-on: "ubuntu-latest"
steps:
- name: "pull release library code"
uses: "actions/checkout@v4"
with:
path: "lib"
ref: "${{ env.RELEASE_LIB_REF }}"
repository: "grafana/loki-release"
- name: "pull code to release"
uses: "actions/checkout@v4"
with:
path: "release"
repository: "${{ env.RELEASE_REPO }}"
- name: "setup node"
uses: "actions/setup-node@v4"
with:
node-version: 20
- name: "auth gcs"
uses: "google-github-actions/auth@v2"
with:
credentials_json: "${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}"
- name: "Set up QEMU"
uses: "docker/setup-qemu-action@v3"
- name: "set up docker buildx"
uses: "docker/setup-buildx-action@v3"
- id: "platform"
name: "parse image platform"
run: |
mkdir -p images
platform="$(echo "${{ matrix.platform}}" | sed "s/\(.*\)\/\(.*\)/\1-\2/")"
echo "platform=${platform}" >> $GITHUB_OUTPUT
echo "platform_short=$(echo ${{ matrix.platform }} | cut -d / -f 2)" >> $GITHUB_OUTPUT
working-directory: "release"
- env:
IMAGE_TAG: "${{ needs.version.outputs.version }}"
if: "${{ fromJSON(needs.version.outputs.pr_created) }}"
name: "Build and export"
timeout-minutes: "${{ fromJSON(env.BUILD_TIMEOUT) }}"
uses: "docker/build-push-action@v5"
with:
build-args: "IMAGE_TAG=${{ needs.version.outputs.version }}"
context: "release"
file: "release/cmd/logcli/Dockerfile"
outputs: "type=docker,dest=release/images/logcli-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar"
platforms: "${{ matrix.platform }}"
tags: "${{ env.IMAGE_PREFIX }}/logcli:${{ needs.version.outputs.version }}-${{ steps.platform.outputs.platform_short }}"
- if: "${{ fromJSON(needs.version.outputs.pr_created) }}"
name: "upload artifacts"
uses: "google-github-actions/upload-cloud-storage@v2"
with:
destination: "${{ env.BUILD_ARTIFACTS_BUCKET }}/${{ github.sha }}/images"
path: "release/images/logcli-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar"
process_gcloudignore: false
strategy:
fail-fast: true
matrix:
platform:
- "linux/amd64"
- "linux/arm64"
- "linux/arm"
logstash:
needs:
- "version"
runs-on: "ubuntu-latest"
steps:
- name: "pull release library code"
uses: "actions/checkout@v4"
with:
path: "lib"
ref: "${{ env.RELEASE_LIB_REF }}"
repository: "grafana/loki-release"
- name: "pull code to release"
uses: "actions/checkout@v4"
with:
path: "release"
repository: "${{ env.RELEASE_REPO }}"
- name: "setup node"
uses: "actions/setup-node@v4"
with:
node-version: 20
- name: "auth gcs"
uses: "google-github-actions/auth@v2"
with:
credentials_json: "${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}"
- name: "Set up QEMU"
uses: "docker/setup-qemu-action@v3"
- name: "set up docker buildx"
uses: "docker/setup-buildx-action@v3"
- id: "platform"
name: "parse image platform"
run: |
mkdir -p images
platform="$(echo "${{ matrix.platform}}" | sed "s/\(.*\)\/\(.*\)/\1-\2/")"
echo "platform=${platform}" >> $GITHUB_OUTPUT
echo "platform_short=$(echo ${{ matrix.platform }} | cut -d / -f 2)" >> $GITHUB_OUTPUT
working-directory: "release"
- env:
IMAGE_TAG: "${{ needs.version.outputs.version }}"
if: "${{ fromJSON(needs.version.outputs.pr_created) }}"
name: "Build and export"
timeout-minutes: "${{ fromJSON(env.BUILD_TIMEOUT) }}"
uses: "docker/build-push-action@v5"
with:
build-args: "IMAGE_TAG=${{ needs.version.outputs.version }}"
context: "release"
file: "release/clients/cmd/logstash/Dockerfile"
outputs: "type=docker,dest=release/images/logstash-output-loki-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar"
platforms: "${{ matrix.platform }}"
tags: "${{ env.IMAGE_PREFIX }}/logstash-output-loki:${{ needs.version.outputs.version }}-${{ steps.platform.outputs.platform_short }}"
- if: "${{ fromJSON(needs.version.outputs.pr_created) }}"
name: "upload artifacts"
uses: "google-github-actions/upload-cloud-storage@v2"
with:
destination: "${{ env.BUILD_ARTIFACTS_BUCKET }}/${{ github.sha }}/images"
path: "release/images/logstash-output-loki-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar"
process_gcloudignore: false
strategy:
fail-fast: true
matrix:
platform:
- "linux/amd64"
loki:
needs:
- "version"
runs-on: "ubuntu-latest"
steps:
- name: "pull release library code"
uses: "actions/checkout@v4"
with:
path: "lib"
ref: "${{ env.RELEASE_LIB_REF }}"
repository: "grafana/loki-release"
- name: "pull code to release"
uses: "actions/checkout@v4"
with:
path: "release"
repository: "${{ env.RELEASE_REPO }}"
- name: "setup node"
uses: "actions/setup-node@v4"
with:
node-version: 20
- name: "auth gcs"
uses: "google-github-actions/auth@v2"
with:
credentials_json: "${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}"
- name: "Set up QEMU"
uses: "docker/setup-qemu-action@v3"
- name: "set up docker buildx"
uses: "docker/setup-buildx-action@v3"
- id: "platform"
name: "parse image platform"
run: |
mkdir -p images
platform="$(echo "${{ matrix.platform}}" | sed "s/\(.*\)\/\(.*\)/\1-\2/")"
echo "platform=${platform}" >> $GITHUB_OUTPUT
echo "platform_short=$(echo ${{ matrix.platform }} | cut -d / -f 2)" >> $GITHUB_OUTPUT
working-directory: "release"
- env:
IMAGE_TAG: "${{ needs.version.outputs.version }}"
if: "${{ fromJSON(needs.version.outputs.pr_created) }}"
name: "Build and export"
timeout-minutes: "${{ fromJSON(env.BUILD_TIMEOUT) }}"
uses: "docker/build-push-action@v5"
with:
build-args: "IMAGE_TAG=${{ needs.version.outputs.version }}"
context: "release"
file: "release/cmd/loki/Dockerfile"
outputs: "type=docker,dest=release/images/loki-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar"
platforms: "${{ matrix.platform }}"
tags: "${{ env.IMAGE_PREFIX }}/loki:${{ needs.version.outputs.version }}-${{ steps.platform.outputs.platform_short }}"
- if: "${{ fromJSON(needs.version.outputs.pr_created) }}"
name: "upload artifacts"
uses: "google-github-actions/upload-cloud-storage@v2"
with:
destination: "${{ env.BUILD_ARTIFACTS_BUCKET }}/${{ github.sha }}/images"
path: "release/images/loki-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar"
process_gcloudignore: false
strategy:
fail-fast: true
matrix:
platform:
- "linux/amd64"
- "linux/arm64"
- "linux/arm"
loki-canary:
needs:
- "version"
runs-on: "ubuntu-latest"
steps:
- name: "pull release library code"
uses: "actions/checkout@v4"
with:
path: "lib"
ref: "${{ env.RELEASE_LIB_REF }}"
repository: "grafana/loki-release"
- name: "pull code to release"
uses: "actions/checkout@v4"
with:
path: "release"
repository: "${{ env.RELEASE_REPO }}"
- name: "setup node"
uses: "actions/setup-node@v4"
with:
node-version: 20
- name: "auth gcs"
uses: "google-github-actions/auth@v2"
with:
credentials_json: "${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}"
- name: "Set up QEMU"
uses: "docker/setup-qemu-action@v3"
- name: "set up docker buildx"
uses: "docker/setup-buildx-action@v3"
- id: "platform"
name: "parse image platform"
run: |
mkdir -p images
platform="$(echo "${{ matrix.platform}}" | sed "s/\(.*\)\/\(.*\)/\1-\2/")"
echo "platform=${platform}" >> $GITHUB_OUTPUT
echo "platform_short=$(echo ${{ matrix.platform }} | cut -d / -f 2)" >> $GITHUB_OUTPUT
working-directory: "release"
- env:
IMAGE_TAG: "${{ needs.version.outputs.version }}"
if: "${{ fromJSON(needs.version.outputs.pr_created) }}"
name: "Build and export"
timeout-minutes: "${{ fromJSON(env.BUILD_TIMEOUT) }}"
uses: "docker/build-push-action@v5"
with:
build-args: "IMAGE_TAG=${{ needs.version.outputs.version }}"
context: "release"
file: "release/cmd/loki-canary/Dockerfile"
outputs: "type=docker,dest=release/images/loki-canary-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar"
platforms: "${{ matrix.platform }}"
tags: "${{ env.IMAGE_PREFIX }}/loki-canary:${{ needs.version.outputs.version }}-${{ steps.platform.outputs.platform_short }}"
- if: "${{ fromJSON(needs.version.outputs.pr_created) }}"
name: "upload artifacts"
uses: "google-github-actions/upload-cloud-storage@v2"
with:
destination: "${{ env.BUILD_ARTIFACTS_BUCKET }}/${{ github.sha }}/images"
path: "release/images/loki-canary-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar"
process_gcloudignore: false
strategy:
fail-fast: true
matrix:
platform:
- "linux/amd64"
- "linux/arm64"
- "linux/arm"
loki-canary-boringcrypto:
needs:
- "version"
runs-on: "ubuntu-latest"
steps:
- name: "pull release library code"
uses: "actions/checkout@v4"
with:
path: "lib"
ref: "${{ env.RELEASE_LIB_REF }}"
repository: "grafana/loki-release"
- name: "pull code to release"
uses: "actions/checkout@v4"
with:
path: "release"
repository: "${{ env.RELEASE_REPO }}"
- name: "setup node"
uses: "actions/setup-node@v4"
with:
node-version: 20
- name: "auth gcs"
uses: "google-github-actions/auth@v2"
with:
credentials_json: "${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}"
- name: "Set up QEMU"
uses: "docker/setup-qemu-action@v3"
- name: "set up docker buildx"
uses: "docker/setup-buildx-action@v3"
- id: "platform"
name: "parse image platform"
run: |
mkdir -p images
platform="$(echo "${{ matrix.platform}}" | sed "s/\(.*\)\/\(.*\)/\1-\2/")"
echo "platform=${platform}" >> $GITHUB_OUTPUT
echo "platform_short=$(echo ${{ matrix.platform }} | cut -d / -f 2)" >> $GITHUB_OUTPUT
working-directory: "release"
- env:
IMAGE_TAG: "${{ needs.version.outputs.version }}"
if: "${{ fromJSON(needs.version.outputs.pr_created) }}"
name: "Build and export"
timeout-minutes: "${{ fromJSON(env.BUILD_TIMEOUT) }}"
uses: "docker/build-push-action@v5"
with:
build-args: "IMAGE_TAG=${{ needs.version.outputs.version }}"
context: "release"
file: "release/cmd/loki-canary-boringcrypto/Dockerfile"
outputs: "type=docker,dest=release/images/loki-canary-boringcrypto-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar"
platforms: "${{ matrix.platform }}"
tags: "${{ env.IMAGE_PREFIX }}/loki-canary-boringcrypto:${{ needs.version.outputs.version }}-${{ steps.platform.outputs.platform_short }}"
- if: "${{ fromJSON(needs.version.outputs.pr_created) }}"
name: "upload artifacts"
uses: "google-github-actions/upload-cloud-storage@v2"
with:
destination: "${{ env.BUILD_ARTIFACTS_BUCKET }}/${{ github.sha }}/images"
path: "release/images/loki-canary-boringcrypto-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar"
process_gcloudignore: false
strategy:
fail-fast: true
matrix:
platform:
- "linux/amd64"
- "linux/arm64"
- "linux/arm"
promtail:
needs:
- "version"
runs-on: "ubuntu-latest"
steps:
- name: "pull release library code"
uses: "actions/checkout@v4"
with:
path: "lib"
ref: "${{ env.RELEASE_LIB_REF }}"
repository: "grafana/loki-release"
- name: "pull code to release"
uses: "actions/checkout@v4"
with:
path: "release"
repository: "${{ env.RELEASE_REPO }}"
- name: "setup node"
uses: "actions/setup-node@v4"
with:
node-version: 20
- name: "auth gcs"
uses: "google-github-actions/auth@v2"
with:
credentials_json: "${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}"
- name: "Set up QEMU"
uses: "docker/setup-qemu-action@v3"
- name: "set up docker buildx"
uses: "docker/setup-buildx-action@v3"
- id: "platform"
name: "parse image platform"
run: |
mkdir -p images
platform="$(echo "${{ matrix.platform}}" | sed "s/\(.*\)\/\(.*\)/\1-\2/")"
echo "platform=${platform}" >> $GITHUB_OUTPUT
echo "platform_short=$(echo ${{ matrix.platform }} | cut -d / -f 2)" >> $GITHUB_OUTPUT
working-directory: "release"
- env:
IMAGE_TAG: "${{ needs.version.outputs.version }}"
if: "${{ fromJSON(needs.version.outputs.pr_created) }}"
name: "Build and export"
timeout-minutes: "${{ fromJSON(env.BUILD_TIMEOUT) }}"
uses: "docker/build-push-action@v5"
with:
build-args: "IMAGE_TAG=${{ needs.version.outputs.version }}"
context: "release"
file: "release/clients/cmd/promtail/Dockerfile"
outputs: "type=docker,dest=release/images/promtail-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar"
platforms: "${{ matrix.platform }}"
tags: "${{ env.IMAGE_PREFIX }}/promtail:${{ needs.version.outputs.version }}-${{ steps.platform.outputs.platform_short }}"
- if: "${{ fromJSON(needs.version.outputs.pr_created) }}"
name: "upload artifacts"
uses: "google-github-actions/upload-cloud-storage@v2"
with:
destination: "${{ env.BUILD_ARTIFACTS_BUCKET }}/${{ github.sha }}/images"
path: "release/images/promtail-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar"
process_gcloudignore: false
strategy:
fail-fast: true
matrix:
platform:
- "linux/amd64"
- "linux/arm64"
- "linux/arm"
querytee:
needs:
- "version"
runs-on: "ubuntu-latest"
steps:
- name: "pull release library code"
uses: "actions/checkout@v4"
with:
path: "lib"
ref: "${{ env.RELEASE_LIB_REF }}"
repository: "grafana/loki-release"
- name: "pull code to release"
uses: "actions/checkout@v4"
with:
path: "release"
repository: "${{ env.RELEASE_REPO }}"
- name: "setup node"
uses: "actions/setup-node@v4"
with:
node-version: 20
- name: "auth gcs"
uses: "google-github-actions/auth@v2"
with:
credentials_json: "${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}"
- name: "Set up QEMU"
uses: "docker/setup-qemu-action@v3"
- name: "set up docker buildx"
uses: "docker/setup-buildx-action@v3"
- id: "platform"
name: "parse image platform"
run: |
mkdir -p images
platform="$(echo "${{ matrix.platform}}" | sed "s/\(.*\)\/\(.*\)/\1-\2/")"
echo "platform=${platform}" >> $GITHUB_OUTPUT
echo "platform_short=$(echo ${{ matrix.platform }} | cut -d / -f 2)" >> $GITHUB_OUTPUT
working-directory: "release"
- env:
IMAGE_TAG: "${{ needs.version.outputs.version }}"
if: "${{ fromJSON(needs.version.outputs.pr_created) }}"
name: "Build and export"
timeout-minutes: "${{ fromJSON(env.BUILD_TIMEOUT) }}"
uses: "docker/build-push-action@v5"
with:
build-args: "IMAGE_TAG=${{ needs.version.outputs.version }}"
context: "release"
file: "release/cmd/querytee/Dockerfile"
outputs: "type=docker,dest=release/images/loki-query-tee-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar"
platforms: "${{ matrix.platform }}"
tags: "${{ env.IMAGE_PREFIX }}/loki-query-tee:${{ needs.version.outputs.version }}-${{ steps.platform.outputs.platform_short }}"
- if: "${{ fromJSON(needs.version.outputs.pr_created) }}"
name: "upload artifacts"
uses: "google-github-actions/upload-cloud-storage@v2"
with:
destination: "${{ env.BUILD_ARTIFACTS_BUCKET }}/${{ github.sha }}/images"
path: "release/images/loki-query-tee-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar"
process_gcloudignore: false
strategy:
fail-fast: true
matrix:
platform:
- "linux/amd64"
version:
needs:
- "check"
outputs:
pr_created: "${{ steps.version.outputs.pr_created }}"
version: "${{ steps.version.outputs.version }}"
runs-on: "ubuntu-latest"
steps:
- name: "pull release library code"
uses: "actions/checkout@v4"
with:
path: "lib"
ref: "${{ env.RELEASE_LIB_REF }}"
repository: "grafana/loki-release"
- name: "pull code to release"
uses: "actions/checkout@v4"
with:
path: "release"
repository: "${{ env.RELEASE_REPO }}"
- name: "setup node"
uses: "actions/setup-node@v4"
with:
node-version: 20
- id: "extract_branch"
name: "extract branch name"
run: |
echo "branch=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" >> $GITHUB_OUTPUT
working-directory: "release"
- id: "get_github_app_token"
if: "${{ fromJSON(env.USE_GITHUB_APP_TOKEN) }}"
name: "get github app token"
uses: "actions/create-github-app-token@v1"
with:
app-id: "${{ secrets.APP_ID }}"
owner: "${{ github.repository_owner }}"
private-key: "${{ secrets.APP_PRIVATE_KEY }}"
- id: "github_app_token"
name: "set github token"
run: |
if [[ "${USE_GITHUB_APP_TOKEN}" == "true" ]]; then
echo "token=${{ steps.get_github_app_token.outputs.token }}" >> $GITHUB_OUTPUT
else
echo "token=${{ secrets.GH_TOKEN }}" >> $GITHUB_OUTPUT
fi
- id: "version"
name: "get release version"
run: |
npm install
if [[ -z "${{ env.RELEASE_AS }}" ]]; then
npm exec -- release-please release-pr \
--consider-all-branches \
--dry-run \
--dry-run-output release.json \
--group-pull-request-title-pattern "chore\${scope}: release\${component} \${version}" \
--manifest-file .release-please-manifest.json \
--pull-request-title-pattern "chore\${scope}: release\${component} \${version}" \
--release-type simple \
--repo-url "${{ env.RELEASE_REPO }}" \
--separate-pull-requests false \
--target-branch "${{ steps.extract_branch.outputs.branch }}" \
--token "${{ steps.github_app_token.outputs.token }}" \
--versioning-strategy "${{ env.VERSIONING_STRATEGY }}"
else
npm exec -- release-please release-pr \
--consider-all-branches \
--dry-run \
--dry-run-output release.json \
--group-pull-request-title-pattern "chore\${scope}: release\${component} \${version}" \
--manifest-file .release-please-manifest.json \
--pull-request-title-pattern "chore\${scope}: release\${component} \${version}" \
--release-type simple \
--repo-url "${{ env.RELEASE_REPO }}" \
--separate-pull-requests false \
--target-branch "${{ steps.extract_branch.outputs.branch }}" \
--token "${{ steps.github_app_token.outputs.token }}" \
--release-as "${{ env.RELEASE_AS }}"
fi
cat release.json
if [[ `jq length release.json` -gt 1 ]]; then
echo 'release-please would create more than 1 PR, so cannot determine correct version'
echo "pr_created=false" >> $GITHUB_OUTPUT
exit 1
fi
if [[ `jq length release.json` -eq 0 ]]; then
echo "pr_created=false" >> $GITHUB_OUTPUT
else
version="$(npm run --silent get-version)"
echo "Parsed version: ${version}"
echo "version=${version}" >> $GITHUB_OUTPUT
echo "pr_created=true" >> $GITHUB_OUTPUT
fi
working-directory: "lib"
name: "Prepare Minor Release PR from Weekly"
"on":
push:
branches:
- "k[0-9]+"
permissions:
contents: "write"
id-token: "write"
pull-requests: "write"