elastic · v1v · Feb 10, 2025 · Feb 10, 2025 · Feb 10, 2025 · Feb 10, 2025
@@ -0,0 +1,52 @@
+---
+name: docker build and push
+inputs:
+  docker-registry:
+    description: 'The docker registry'
+    required: true
+  docker-username:
+    description: 'The docker username'
+    required: true
+  docker-password:
+    description: 'The docker password'
+    required: true
+  make-directory:
+    description: 'What directory to run make from'
+    required: true
+  make-file:
+    description: 'What Makefile'
+    required: true
+  make-goal-suffix:
+    description: 'What make goal suffix'
+    required: true
+
+runs:
+  using: "composite"
+  steps:
+    # TODO: use google auth action
+    - name: Docker login
+      uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
+      with:
+        registry: ${{ inputs.docker-registry }}
+        username: ${{ inputs.docker-username }}
+        password: ${{ inputs.docker-password }}
+
+    - name: Docker build
+      run: make -C "${MAKE_DIR}" -f "${MAKEFILE}" build${MAKE_GOAL_SUFFIX}
+      env:
+        MAKE_DIR: "${{ inputs.make-directory }}"
+        MAKEFILE: "${{ inputs.make-file }}"
+        MAKE_GOAL_SUFFIX: "${{ inputs.make-goal-suffix }}"
+      shell: bash
+
+    - name: Docker build
+      run: make -C "${MAKE_DIR}" -f "${MAKEFILE}" push${MAKE_GOAL_SUFFIX}
+      env:
+        MAKE_DIR: "${{ inputs.make-directory }}"
+        MAKEFILE: "${{ inputs.make-file }}"
+        MAKE_GOAL_SUFFIX: "${{ inputs.make-goal-suffix }}"
+      shell: bash
+
+    - name: Docker images
+      run: docker images --format "table {{.Repository}}:{{.Tag}}\t{{.Size}}"
+      shell: bash
@@ -0,0 +1,86 @@
+---
+name: ci
+
+on:
+  push: ~
+
+permissions:
+  contents: read
+
+env:
+  # TODO: support for other release branches with the format [0-9]+.[0-9]+
+  REPOSITORY: "${{ startsWith(github.head_ref, 'main') && 'docker.elastic.co/beats-dev' || 'docker.elastic.co/observability-ci' }}"
+  # TODO: use the google bucket instead
+  GS_BUCKET_PATH: "golang-crossbuild-tmp"
+  # TODO: bypass access to the google bucket for now
+  CI: "false"
+  # NOTE: as long as we don't use the google bucket but downloading from github
+  GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+jobs:
+  build-push:
+    permissions:
+      contents: read
+      id-token: write
+    strategy:
+      fail-fast: false
+      matrix:
+        makefile: [
+          "Makefile",
+          "Makefile.debian9",
+          "Makefile.debian10",
+          "Makefile.debian11",
+          "Makefile.debian12"
+        ]
+        fips: [ "false", "true" ]
+    runs-on: "ubuntu-24.04"
+    env:
+      FIPS: "${{matrix.fips}}"
+    steps:
+      - uses: actions/checkout@v4
+
+      # TODO: move to the build-push composite action
+      #       then need to enable the support ci-fpm ane ci-llvm-apple
+      - uses: elastic/oblt-actions/google/auth@v1
+
+      - name: Debug gcloud CLI
+        run: |
+          gcloud info || true
+          gsutil list -lra gs://golang-crossbuild-tmp/private || true
+          gcloud auth list --filter=status:ACTIVE --format="value(account)" || true
+
+      - name: Docker build and push
+        uses: ./.github/actions/build-push
+        with:
+          docker-registry: ${{ secrets.ELASTIC_DOCKER_REGISTRY }}
+          docker-username: ${{ secrets.ELASTIC_DOCKER_USERNAME }}
+          docker-password: ${{ secrets.ELASTIC_DOCKER_PASSWORD }}
+          make-directory: 'go'
+          make-file: "${{matrix.makefile}}"
+
+  build-push-arm:
+    permissions:
+      contents: read
+      id-token: write
+    strategy:
+      fail-fast: false
+      matrix:
+        fips: [ "false", "true" ]
+    runs-on: "ubuntu-24.04-arm"
+    env:
+      FIPS: "${{matrix.fips}}"
+    steps:
+      - uses: actions/checkout@v4
+
+      # TODO: move to the build-push composite action
+      - uses: elastic/oblt-actions/google/auth@v1
+
+      - name: Docker build and push
+        uses: ./.github/actions/build-push
+        with:
+          docker-registry: ${{ secrets.ELASTIC_DOCKER_REGISTRY }}
+          docker-username: ${{ secrets.ELASTIC_DOCKER_USERNAME }}
+          docker-password: ${{ secrets.ELASTIC_DOCKER_PASSWORD }}
+          make-directory: 'go'
+          make-file: 'Makefile.debian9'
+          make-goal-suffix: '-arm'
@@ -7,7 +7,7 @@ NPCAP_VERSION := 1.80
 NPCAP_FILE    := npcap-$(NPCAP_VERSION)-oem.exe
 SUFFIX_NPCAP_VERSION := -npcap-$(NPCAP_VERSION)
 NPCAP_REPOSITORY := docker.elastic.co/observability-ci
-GS_BUCKET_PATH ?= ingest-buildkite-ci
+GS_BUCKET_PATH ?=
 
 
 ifeq ($(BUILDX),1)
@@ -18,18 +18,28 @@ endif
 
 # Requires login at google storage.
 copy-npcap:
+	@echo 'cp gs://$(GS_BUCKET_PATH)/private/$(NPCAP_FILE)'
 ifeq ($(CI),true)
 	@gsutil cp gs://$(GS_BUCKET_PATH)/private/$(NPCAP_FILE) ../npcap/lib/$(NPCAP_FILE)
 else
 	@echo 'Only available if running in the CI'
+	mkdir -p ../npcap/lib/
+	touch ../npcap/lib/npcap-1.80-oem.exe
 endif
 
 # Requires login at google storage.
 copy-sdks:
+	@echo 'cp gs://$(GS_BUCKET_PATH)/sdks'
 ifeq ($(CI),true)
-	@gcloud storage cp gs://ingest-buildkite-ci/sdks . --recursive
+	@gcloud storage cp gs://$(GS_BUCKET_PATH)/sdks . --recursive
 else
 	@echo 'Only available if running in the CI'
+	mkdir -p sdks/
+	gh api https://github.com/the-tcpdump-group/tcpdump-htdocs/raw/refs/heads/master/release/libpcap-1.8.1.tar.gz -H "Accept: application/vnd.github.raw" > sdks/libpcap-1.8.1.tar.gz
+	curl -sSfL -o sdks/MacOSX10.11.sdk.tar.xz https://s3.amazonaws.com/beats-files/deps/MacOSX10.11.sdk.tar.xz
+	curl -sSfL -o sdks/WpdPack_4_1_2.zip https://www.winpcap.org/install/bin/WpdPack_4_1_2.zip
+# see https://github.com/elastic/golang-crossbuild/pull/454/files#diff-36b826ca106e191815b93280143b7cfd13c583e4adc3e27442a5057ac7294586L54
+	curl -sSfL -o sdks/MacOSX11.3.sdk.tar.xz https://github.com/phracker/MacOSX-SDKs/releases/download/11.3/MacOSX11.3.sdk.tar.xz
 endif
 
 push: