diff --git a/.github/workflows/snapshot.yml b/.github/workflows/snapshot.yml index f985425da2..144ae08b1a 100644 --- a/.github/workflows/snapshot.yml +++ b/.github/workflows/snapshot.yml @@ -75,7 +75,38 @@ jobs: with: subject-path: "${{ github.workspace }}/**/target/*.jar" - - if: ${{ failure() }} + build-docker-images: + name: "Build docker images" + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: elastic/apm-pipeline-library/.github/actions/docker-login@current + with: + registry: docker.elastic.co + secret: secret/apm-team/ci/docker-registry/prod + url: ${{ secrets.VAULT_ADDR }} + roleId: ${{ secrets.VAULT_ROLE_ID }} + secretId: ${{ secrets.VAULT_SECRET_ID }} + - name: prepare context for testing docker build + run: | + mkdir -p elastic-apm-agent/target + curl -L -s -o elastic-apm-agent/target/apm-agent-java-1.49.0.jar \ + "https://oss.sonatype.org/service/local/artifact/maven/redirect?r=releases&g=co.elastic.apm&a=elastic-apm-agent&v=1.49.0" + - name: "Build docker image" + run: ./scripts/docker-release/build_docker.sh "test" + + notify: + needs: + - build-docker-images + - deploy + - validate + runs-on: ubuntu-latest + steps: + - id: check + uses: elastic/apm-pipeline-library/.github/actions/check-dependent-jobs@current + with: + needs: ${{ toJSON(needs) }} + - if: ${{ failure() && ! inputs.dry_run }} uses: elastic/apm-pipeline-library/.github/actions/slack-message@current with: url: ${{ secrets.VAULT_ADDR }} diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 2a5689fa04..0757c17d93 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -330,8 +330,14 @@ docker.elastic.co and are located in the `observability` namespace. For example, to download the v1.12.0 of the agent, use the following: +```bash +docker pull docker.elastic.co/observability/apm-agent-java:1.12.0 ``` -docker pull docker.elastic.co/observability/apm-agent-java:1.12.0 + +In addition, you can use the `wolfi` version by adding the suffix `-wolfi` + +```bash +docker pull docker.elastic.co/observability/apm-agent-java:1.12.0-wolfi ``` #### Creating images for a Release diff --git a/Dockerfile.wolfi b/Dockerfile.wolfi new file mode 100644 index 0000000000..9770c50ea1 --- /dev/null +++ b/Dockerfile.wolfi @@ -0,0 +1,7 @@ +FROM docker.elastic.co/wolfi/chainguard-base@sha256:9f940409f96296ef56140bcc4665c204dd499af4c32c96cc00e792558097c3f1 +RUN mkdir /usr/agent +ARG JAR_FILE +ARG HANDLER_FILE +COPY ${JAR_FILE} /usr/agent/elastic-apm-agent.jar +COPY ${HANDLER_FILE} /usr/agent/elastic-apm-handler +RUN chmod +x /usr/agent/elastic-apm-handler diff --git a/scripts/docker-release/build_docker.sh b/scripts/docker-release/build_docker.sh index 6b6b3554da..97a1a7f522 100755 --- a/scripts/docker-release/build_docker.sh +++ b/scripts/docker-release/build_docker.sh @@ -38,18 +38,24 @@ then fi echo "INFO: Starting Docker build for version $RELEASE_VERSION" +for DOCKERFILE in "Dockerfile" "Dockerfile.wolfi" ; do + DOCKER_TAG=$RELEASE_VERSION + if [[ $DOCKERFILE =~ "wolfi" ]]; then + DOCKER_TAG="${RELEASE_VERSION}-wolfi" + fi + docker build -t docker.elastic.co/$NAMESPACE/apm-agent-java:$DOCKER_TAG \ + --platform linux/amd64 \ + --build-arg JAR_FILE=apm-agent-java.jar \ + --build-arg HANDLER_FILE=apm-agent-lambda-layer/src/main/assembly/elastic-apm-handler \ + --file $DOCKERFILE . -docker build -t docker.elastic.co/$NAMESPACE/apm-agent-java:$RELEASE_VERSION \ - --platform linux/amd64 \ - --build-arg JAR_FILE=apm-agent-java.jar \ - --build-arg HANDLER_FILE=apm-agent-lambda-layer/src/main/assembly/elastic-apm-handler . - -if [ $? -eq 0 ] -then - echo "INFO: Docker image built successfully" -else - echo "ERROR: Problem building Docker image!" -fi + if [ $? -eq 0 ] + then + echo "INFO: Docker image built successfully" + else + echo "ERROR: Problem building Docker image!" + fi +done function finish { diff --git a/scripts/docker-release/push_docker.sh b/scripts/docker-release/push_docker.sh index b30fd7e5ad..b6fc1ae1bf 100755 --- a/scripts/docker-release/push_docker.sh +++ b/scripts/docker-release/push_docker.sh @@ -32,6 +32,7 @@ readonly DOCKER_PUSH_IMAGE_LATEST="$DOCKER_REGISTRY_URL/$DOCKER_IMAGE_NAME:lates echo "INFO: Pushing image $DOCKER_PUSH_IMAGE to $DOCKER_REGISTRY_URL" docker push $DOCKER_PUSH_IMAGE || { echo "You may need to run 'docker login' first and then re-run this script"; exit 1; } +docker push "${DOCKER_PUSH_IMAGE}-wolfi" || { echo "You may need to run 'docker login' first and then re-run this script"; exit 1; } readonly LATEST_TAG=$(git tag --list --sort=version:refname "v*" | grep -v RC | sed s/^v// | tail -n 1) @@ -40,4 +41,6 @@ then echo "INFO: Current version ($RELEASE_VERSION) is the latest version. Tagging and pushing $DOCKER_PUSH_IMAGE_LATEST ..." docker tag $DOCKER_PUSH_IMAGE $DOCKER_PUSH_IMAGE_LATEST docker push $DOCKER_PUSH_IMAGE_LATEST || { echo "You may need to run 'docker login' first and then re-run this script"; exit 1; } + docker tag "${DOCKER_PUSH_IMAGE}-wolfi" "${DOCKER_PUSH_IMAGE_LATEST}-wolfi" + docker push "${DOCKER_PUSH_IMAGE_LATEST}-wolfi" || { echo "You may need to run 'docker login' first and then re-run this script"; exit 1; } fi