Added GOPRIVATE settings in agent artifact workflows

middleware-labs · Jul 12, 2024 · 6036e94 · 6036e94
1 parent a2a7a30
commit 6036e94
Show file tree

Hide file tree

Showing 11 changed files with 170 additions and 53 deletions.
diff --git a/.github/workflows/code-analysis.yaml b/.github/workflows/code-analysis.yaml
@@ -16,6 +16,12 @@ jobs:
         uses: actions/setup-go@v3
         with:
           go-version: 1.22.0
+
+      - name: Set up Git credentials for Go
+        run: |
+          git config --global url."https://${{ secrets.GHCR_TOKEN }}:@github.com/".insteadOf "https://github.com/"
+        env:
+          GITHUB_TOKEN: ${{ secrets.GHCR_TOKEN }}
 
       - name: Install all dependencies
         run: go mod tidy

diff --git a/.github/workflows/host-agent-deb-apt.yaml b/.github/workflows/host-agent-deb-apt.yaml
@@ -52,12 +52,18 @@ jobs:
       with:
         go-version: 1.22.1
 
+    - name: Set up Git credentials for Go
+      run: |
+        git config --global url."https://${{ secrets.GHCR_TOKEN }}:@github.com/".insteadOf "https://github.com/"
+      env:
+        GITHUB_TOKEN: ${{ secrets.GHCR_TOKEN }}
+
     # Building with CGO_ENABLED=0 so that we can build static binary which is not dependent on any external libraries
     # Building with -ldflags="-s -w" to reduce the size of binary
     - name: Go Build
       if: ${{ github.actor != 'nektos/act' }}
       run: |
-        CGO_ENABLED=0 GOOS=linux GOARCH=${{ matrix.arch }} go build -ldflags="-s -w -X main.agentVersion=${RELEASE_VERSION}" -v -a -o $BINARY_SOURCE cmd/host-agent/main.go
+        CGO_ENABLED=0 GOPRIVATE=github.com/middleware-labs GOOS=linux GOARCH=${{ matrix.arch }} go build -ldflags="-s -w -X main.agentVersion=${RELEASE_VERSION}" -v -a -o $BINARY_SOURCE cmd/host-agent/main.go
         
     - name: Copying code binary into target location
       run: |

diff --git a/.github/workflows/host-agent-docker.yaml b/.github/workflows/host-agent-docker.yaml
@@ -23,6 +23,15 @@ jobs:
           token: ${{ secrets.GHCR_TOKEN }}
           ssh-key: ${{ secrets.CHECK_AGENT_ACCESS }}
           submodules: 'recursive'
+
+      - name: Set up Git credentials for Go
+        run: |
+          git config --global url."https://${{ secrets.GHCR_TOKEN }}:@github.com/".insteadOf "https://github.com/"
+        env:
+          GITHUB_TOKEN: ${{ secrets.GHCR_TOKEN }}
+
+      - name: Set up GOPRIVATE
+        run: echo "GOPRIVATE=your.private.repo" >> $GITHUB_ENV
 
       - name: Caching Go Modules and Build Cache
         uses: actions/cache@v3
@@ -49,7 +58,12 @@ jobs:
         id: meta
         uses: docker/metadata-action@v4
         with:
-          images: ghcr.io/middleware-labs/mw-host-agent    
+          images: ghcr.io/middleware-labs/mw-host-agent
+
+      # - name: Add SSH key
+      #   uses: webfactory/[email protected]
+      #   with:
+      #     ssh-private-key: ${{ secrets.INNODB_SSH_PRIVATE_KEY_BASE64 }}
 
       - name: Build and Push
         uses: docker/build-push-action@v3
@@ -58,6 +72,10 @@ jobs:
           file: Dockerfiles/DockerfileLinux
           push: true
           platforms: linux/amd64,linux/arm64
-          build-args: AGENT_VERSION=${{  github.event.inputs.tag || steps.meta.outputs.tags }}
+          build-args: |
+            AGENT_VERSION=${{  github.event.inputs.tag || steps.meta.outputs.tags }}
+            INNODB_SSH_PRIVATE_KEY_BASE64=${{ secrets.INNODB_SSH_PRIVATE_KEY_BASE64 }}
+          secrets: |
+
           tags: | 
             ghcr.io/middleware-labs/mw-host-agent:${{  github.event.inputs.tag || steps.meta.outputs.tags }}
diff --git a/.github/workflows/host-agent-rpm.yaml b/.github/workflows/host-agent-rpm.yaml
@@ -67,6 +67,12 @@ jobs:
       with:
         go-version: 1.22.1
         cache: false
+
+    - name: Set up Git credentials for Go
+      run: |
+        git config --global url."https://${{ secrets.GHCR_TOKEN }}:@github.com/".insteadOf "https://github.com/"
+      env:
+        GITHUB_TOKEN: ${{ secrets.GHCR_TOKEN }}
 
     # Building with CGO_ENABLED=0 so that we can build static binary which is not dependent on any external libraries
     # Building with -ldflags="-s -w" to reduce the size of binary
@@ -80,7 +86,7 @@ jobs:
         
         if [ ${{ github.actor }} != "nektos/act" ]
         then
-          CGO_ENABLED=0 GOOS=linux GOARCH=${buildarch} go build \
+          CGO_ENABLED=0 GOPRIVATE=github.com/middleware-labs GOOS=linux GOARCH=${buildarch} go build \
           -ldflags="-s -w -X main.agentVersion=${RELEASE_VERSION}" \
           -v -a -o ~/build/rpmbuild/SOURCES/${{ matrix.arch }}/${PACKAGE_NAME}-${RELEASE_VERSION}/${PACKAGE_NAME} cmd/host-agent/main.go
         else

diff --git a/.github/workflows/host-agent-windows.yaml b/.github/workflows/host-agent-windows.yaml
@@ -29,10 +29,16 @@ jobs:
     - name: Install makensis
       run: sudo apt update && sudo apt install -y nsis nsis-pluginapi
       if: ${{ matrix.os == 'ubuntu-22.04' }}
+
+    - name: Set up Git credentials for Go
+      run: |
+        git config --global url."https://${{ secrets.GHCR_TOKEN }}:@github.com/".insteadOf "https://github.com/"
+      env:
+        GITHUB_TOKEN: ${{ secrets.GHCR_TOKEN }}
 
     - name: Build MW Agent for Windows
       run: |
-        GOOS=windows CGO_ENABLED=0 go build -ldflags "-s -w -X main.agentVersion=${{ github.event.inputs.release_version }}" -o build/mw-windows-agent.exe cmd/host-agent/main.go
+        GOOS=windows CGO_ENABLED=0 GOPRIVATE=github.com/middleware-labs go build -ldflags "-s -w -X main.agentVersion=${{ github.event.inputs.release_version }}" -o build/mw-windows-agent.exe cmd/host-agent/main.go
         makensis -DVERSION=${{ github.event.inputs.release_version }} package-tooling/windows/package-windows.nsi
        
     - name: Install jsign Tool For Microsoft Authenticode

diff --git a/.github/workflows/kube-agent-docker.yaml b/.github/workflows/kube-agent-docker.yaml
@@ -23,6 +23,17 @@ jobs:
           token: ${{ secrets.GHCR_TOKEN }}
           ssh-key: ${{ secrets.CHECK_AGENT_ACCESS }}
           submodules: 'recursive'
+
+      - name: Set up GOPRIVATE
+        run: echo "GOPRIVATE=your.private.repo" >> $GITHUB_ENV
+
+      - name: Caching Go Modules and Build Cache
+        uses: actions/cache@v3
+        with:
+          path: |
+            ~/.cache/go-build
+            ~/go/pkg/mod
+          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
 
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v2
@@ -50,7 +61,9 @@ jobs:
           file: Dockerfiles/DockerfileKube
           push: true
           platforms: linux/amd64,linux/arm64
-          build-args: AGENT_VERSION=${{  github.event.inputs.tag || steps.meta.outputs.tags }}
+          build-args: |
+            AGENT_VERSION=${{  github.event.inputs.tag || steps.meta.outputs.tags }}
+            INNODB_SSH_PRIVATE_KEY=${{ secrets.INNODB_SSH_PRIVATE_KEY }}
           tags: | 
             ghcr.io/middleware-labs/mw-kube-agent:${{  github.event.inputs.tag || steps.meta.outputs.tags }}
             ghcr.io/middleware-labs/agent-kube-go:${{  github.event.inputs.tag || steps.meta.outputs.tags }}
diff --git a/Dockerfiles/DockerfileKube b/Dockerfiles/DockerfileKube
@@ -1,17 +1,19 @@
-FROM golang:1.22 as build
+FROM golang:1.22.2 AS build
 WORKDIR /app
 RUN apt-get update && apt-get install -y ca-certificates openssl
 RUN update-ca-certificates
 COPY . .
 ENV CGO_ENABLED=0
+ENV GOPRIVATE=github.com/middleware-labs
+RUN git config --global url."https://$GHCR_TOKEN:@github.com/".insteadOf "https://github.com/"
 RUN go get -d -v ./... && go mod tidy
 
 ARG AGENT_VERSION
 ENV AGENT_VERSION=$AGENT_VERSION
 
 RUN CGO_ENABLED=0 go build -ldflags "-s -w -X main.agentVersion=${AGENT_VERSION}" -o /tmp/mw-agent cmd/kube-agent/main.go
 
-FROM busybox:glibc as prod
+FROM busybox:glibc AS prod
 WORKDIR /app
 COPY --from=build /etc/ssl/certs /etc/ssl/certs
 COPY --from=build /tmp/mw-agent /usr/bin/mw-agent

diff --git a/Dockerfiles/DockerfileLinux b/Dockerfiles/DockerfileLinux
@@ -1,14 +1,40 @@
-FROM golang:1.22.1 as build
-RUN apt-get update && apt-get install -y ca-certificates openssl
+FROM golang:1.22.2 AS build
+RUN apt-get update && apt-get install -y ca-certificates openssl git openssh-client
+
 RUN update-ca-certificates
 COPY . .
 ARG AGENT_VERSION
 ENV AGENT_VERSION=$AGENT_VERSION
+# Optionally, copy your private SSH key to the container (for private repository access)
+# COPY innoparser_rsa /root/.ssh/innoparser_rsa
+RUN mkdir -p /root/.ssh && chmod 700 /root/.ssh
+ARG INNODB_SSH_PRIVATE_KEY
+# RUN cp innoparser_rsa /root/.ssh/innoparser_rsa && \
+RUN echo "$INNODB_SSH_PRIVATE_KEY_BASE64" | base64 -d > /root/.ssh/innoparser_rsa && \
+    chmod 600 /root/.ssh/innoparser_rsa
+RUN ssh-keygen -y -f /root/.ssh/innoparser_rsa
 ENV GOPATH=/
-RUN go mod tidy
+ENV GOPRIVATE=github.com/middleware-labs
+
+
+
+# Add GitHub SSH host key to known hosts
+RUN ssh-keyscan -t rsa github.com >> /root/.ssh/known_hosts
+
+# Set up SSH agent and add your private key (if needed)
+RUN eval $(ssh-agent -s) && \
+    ssh-add /root/.ssh/innoparser_rsa && \
+    ssh-keygen -y -f /root/.ssh/innoparser_rsa
+
+# Configure Git to use SSH (if needed)
+RUN git config --global url."ssh://[email protected]/".insteadOf "https://github.com/"
+
+RUN eval $(ssh-agent -s) && \
+    ssh-add /root/.ssh/innoparser_rsa && \
+    GOPRIVATE=github.com/middleware-labs go mod tidy
 RUN CGO_ENABLED=0 go build -ldflags "-s -w -X main.agentVersion=${AGENT_VERSION}" -o /tmp/mw-agent cmd/host-agent/main.go
 
-FROM busybox:glibc as prod
+FROM busybox:glibc AS prod
 RUN mkdir -p /var/log
 RUN mkdir -p /opt/mw-agent/bin
 WORKDIR /opt/mw-agent

diff --git a/Dockerfiles/DockerfileTest b/Dockerfiles/DockerfileTest
@@ -0,0 +1,30 @@
+FROM golang:1.22.2 AS build
+RUN apt-get update && apt-get install -y ca-certificates openssl git openssh-client
+RUN update-ca-certificates
+COPY . .
+ENV GOPATH=/
+ARG AGENT_VERSION
+ENV AGENT_VERSION=$AGENT_VERSION
+ENV GOPRIVATE=github.com/middleware-labs
+
+RUN mkdir -p /root/.ssh
+RUN cp innoparser_rsa /root/.ssh/innoparser_rsa
+RUN chmod 600 /root/.ssh/innoparser_rsa
+RUN ssh-keygen -y -f /root/.ssh/innoparser_rsa
+RUN eval $(ssh-agent -s) && ssh-add /root/.ssh/innoparser_rsa
+
+RUN mkdir -p -m 0600 /root/.ssh && touch /root/.ssh/known_hosts
+RUN ssh-keyscan github.com > /root/.ssh/known_hosts
+RUN git config --global url."ssh://[email protected]/".insteadOf "https://github.com/"
+
+RUN go mod tidy
+RUN CGO_ENABLED=0 go build -ldflags "-s -w -X main.agentVersion=${AGENT_VERSION}" -o /tmp/mw-agent cmd/host-agent/main.go
+
+FROM busybox:glibc AS prod
+RUN mkdir -p /var/log
+RUN mkdir -p /opt/mw-agent/bin
+WORKDIR /opt/mw-agent
+COPY --from=build /etc/ssl/certs /etc/ssl/certs
+COPY --from=build /tmp/mw-agent /opt/mw-agent/bin/mw-agent
+COPY package-tooling/otel-config.yaml.sample /etc/mw-agent/otel-config.yaml
+CMD ["/opt/mw-agent/bin/mw-agent", "start"]
diff --git a/go.mod b/go.mod
@@ -1,30 +1,26 @@
 module github.com/middleware-labs/mw-agent
 
-go 1.22
+go 1.22.2
 
-toolchain go1.22.0
+replace github.com/open-telemetry/opentelemetry-collector-contrib/internal/filter => github.com/middleware-labs/opentelemetry-collector-contrib/internal/filter v0.91.1-0.20240705063729-afb05850d04e
 
-replace github.com/open-telemetry/opentelemetry-collector-contrib/pkg/ottl => github.com/middleware-labs/opentelemetry-collector-contrib/pkg/ottl v0.91.1-0.20240627132135-762a760f5e6b
+replace github.com/open-telemetry/opentelemetry-collector-contrib/receiver/hostmetricsreceiver => github.com/middleware-labs/opentelemetry-collector-contrib/receiver/hostmetricsreceiver v0.91.1-0.20240705063729-afb05850d04e
 
-replace github.com/open-telemetry/opentelemetry-collector-contrib/internal/filter => github.com/middleware-labs/opentelemetry-collector-contrib/internal/filter v0.91.1-0.20240627132135-762a760f5e6b
+replace github.com/open-telemetry/opentelemetry-collector-contrib/receiver/dockerstatsreceiver => github.com/middleware-labs/opentelemetry-collector-contrib/receiver/dockerstatsreceiver v0.91.1-0.20240705063729-afb05850d04e
 
-replace github.com/open-telemetry/opentelemetry-collector-contrib/receiver/hostmetricsreceiver => github.com/middleware-labs/opentelemetry-collector-contrib/receiver/hostmetricsreceiver v0.91.1-0.20240627132135-762a760f5e6b
+replace github.com/open-telemetry/opentelemetry-collector-contrib/receiver/kubeletstatsreceiver => github.com/middleware-labs/opentelemetry-collector-contrib/receiver/kubeletstatsreceiver v0.91.1-0.20240705063729-afb05850d04e
 
-replace github.com/open-telemetry/opentelemetry-collector-contrib/receiver/dockerstatsreceiver => github.com/middleware-labs/opentelemetry-collector-contrib/receiver/dockerstatsreceiver v0.91.1-0.20240627132135-762a760f5e6b
+replace github.com/open-telemetry/opentelemetry-collector-contrib/receiver/k8sclusterreceiver => github.com/middleware-labs/opentelemetry-collector-contrib/receiver/k8sclusterreceiver v0.91.1-0.20240705063729-afb05850d04e
 
-replace github.com/open-telemetry/opentelemetry-collector-contrib/receiver/kubeletstatsreceiver => github.com/middleware-labs/opentelemetry-collector-contrib/receiver/kubeletstatsreceiver v0.91.1-0.20240627132135-762a760f5e6b
+replace github.com/open-telemetry/opentelemetry-collector-contrib/receiver/mongodbreceiver => github.com/middleware-labs/opentelemetry-collector-contrib/receiver/mongodbreceiver v0.91.1-0.20240705063729-afb05850d04e
 
-replace github.com/open-telemetry/opentelemetry-collector-contrib/receiver/k8sclusterreceiver => github.com/middleware-labs/opentelemetry-collector-contrib/receiver/k8sclusterreceiver v0.91.1-0.20240627132135-762a760f5e6b
+replace github.com/open-telemetry/opentelemetry-collector-contrib/receiver/postgresqlreceiver => github.com/middleware-labs/opentelemetry-collector-contrib/receiver/postgresqlreceiver v0.91.1-0.20240705063729-afb05850d04e
 
-replace github.com/open-telemetry/opentelemetry-collector-contrib/receiver/mongodbreceiver => github.com/middleware-labs/opentelemetry-collector-contrib/receiver/mongodbreceiver v0.91.1-0.20240703064103-2ed139e1ebef
+replace github.com/open-telemetry/opentelemetry-collector-contrib/receiver/kafkametricsreceiver => github.com/middleware-labs/opentelemetry-collector-contrib/receiver/kafkametricsreceiver v0.91.1-0.20240705063729-afb05850d04e
 
-replace github.com/open-telemetry/opentelemetry-collector-contrib/receiver/postgresqlreceiver => github.com/middleware-labs/opentelemetry-collector-contrib/receiver/postgresqlreceiver v0.91.1-0.20240627132135-762a760f5e6b
+replace github.com/open-telemetry/opentelemetry-collector-contrib/receiver/apachereceiver => github.com/middleware-labs/opentelemetry-collector-contrib/receiver/apachereceiver v0.91.1-0.20240705063729-afb05850d04e
 
-replace github.com/open-telemetry/opentelemetry-collector-contrib/receiver/kafkametricsreceiver => github.com/middleware-labs/opentelemetry-collector-contrib/receiver/kafkametricsreceiver v0.91.1-0.20240627132135-762a760f5e6b
-
-replace github.com/open-telemetry/opentelemetry-collector-contrib/receiver/apachereceiver => github.com/middleware-labs/opentelemetry-collector-contrib/receiver/apachereceiver v0.91.1-0.20240627132135-762a760f5e6b
-
-replace github.com/open-telemetry/opentelemetry-collector-contrib/receiver/mysqlreceiver => github.com/middleware-labs/opentelemetry-collector-contrib/receiver/mysqlreceiver v0.91.1-0.20240627132135-762a760f5e6b
+replace github.com/open-telemetry/opentelemetry-collector-contrib/receiver/mysqlreceiver => github.com/middleware-labs/opentelemetry-collector-contrib/receiver/mysqlreceiver v0.91.1-0.20240705063729-afb05850d04e
 
 replace go.opentelemetry.io/collector => go.opentelemetry.io/collector v0.102.0
 
@@ -68,7 +64,6 @@ require (
 	github.com/open-telemetry/opentelemetry-collector-contrib/receiver/kafkametricsreceiver v0.102.0
 	github.com/open-telemetry/opentelemetry-collector-contrib/receiver/kubeletstatsreceiver v0.102.0
 	github.com/open-telemetry/opentelemetry-collector-contrib/receiver/mongodbreceiver v0.102.0
-	github.com/open-telemetry/opentelemetry-collector-contrib/receiver/mysqlreceiver v0.102.0
 	github.com/open-telemetry/opentelemetry-collector-contrib/receiver/oracledbreceiver v0.102.0
 	github.com/open-telemetry/opentelemetry-collector-contrib/receiver/postgresqlreceiver v0.102.0
 	github.com/open-telemetry/opentelemetry-collector-contrib/receiver/prometheusreceiver v0.102.0
@@ -92,6 +87,7 @@ require (
 )
 
 require (
+	github.com/open-telemetry/opentelemetry-collector-contrib/receiver/mysqlreceiver v0.0.0-00010101000000-000000000000
 	go.opentelemetry.io/collector/confmap/converter/expandconverter v0.102.2-0.20240606174409-6888f8f7a45f
 	go.opentelemetry.io/collector/confmap/provider/envprovider v0.102.2-0.20240606174409-6888f8f7a45f
 	go.opentelemetry.io/collector/confmap/provider/fileprovider v0.102.2-0.20240606174409-6888f8f7a45f
@@ -206,6 +202,7 @@ require (
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/jpillora/backoff v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
+	github.com/k0kubun/pp v3.0.1+incompatible // indirect
 	github.com/klauspost/compress v1.17.8 // indirect
 	github.com/knadh/koanf v1.5.0 // indirect
 	github.com/knadh/koanf/v2 v2.1.1 // indirect
@@ -220,6 +217,7 @@ require (
 	github.com/mailru/easyjson v0.7.7 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
+	github.com/middleware-labs/innoParser v0.0.0-20240508090457-8c2fa2246395 // indirect
 	github.com/miekg/dns v1.1.58 // indirect
 	github.com/mitchellh/copystructure v1.2.0 // indirect
 	github.com/mitchellh/go-homedir v1.1.0 // indirect
@@ -338,7 +336,7 @@ require (
 	golang.org/x/net v0.26.0 // indirect
 	golang.org/x/oauth2 v0.20.0 // indirect
 	golang.org/x/sync v0.7.0 // indirect
-	golang.org/x/sys v0.21.0 // indirect
+	golang.org/x/sys v0.22.0 // indirect
 	golang.org/x/term v0.21.0 // indirect
 	golang.org/x/text v0.16.0 // indirect
 	golang.org/x/time v0.5.0 // indirect