diff --git a/.pipelines/azure-pipeline-build.yml b/.pipelines/azure-pipeline-build.yml index 430e27d86..4e5c206a2 100644 --- a/.pipelines/azure-pipeline-build.yml +++ b/.pipelines/azure-pipeline-build.yml @@ -25,10 +25,12 @@ variables: IS_MAIN_BRANCH: $[eq(variables['Build.SourceBranchName'], 'main')] jobs: -- job: Common - displayName: Set image tags and publish Ev2 artifacts +- job: Image_Tags_and_Ev2_Artifacts + displayName: "Build: Set image tags and publish Ev2 artifacts" pool: name: Azure-Pipelines-CI-Test-EO + variables: + skipComponentGovernanceDetection: true steps: - checkout: self submodules: true @@ -156,15 +158,16 @@ jobs: pathToPublish: '$(Build.ArtifactStagingDirectory)' artifactName: drop -- job: Reference_App_Golang_Linux - displayName: Build reference app image for golang linux +- job: Linux_Golang_Reference_App + displayName: "Build: linux golang reference app image" pool: name: Azure-Pipelines-CI-Test-EO - dependsOn: common + dependsOn: Image_Tags_and_Ev2_Artifacts variables: - LINUX_REF_APP_GOLANG_FULL_IMAGE_NAME: $[ dependencies.common.outputs['setup.LINUX_REF_APP_GOLANG_FULL_IMAGE_NAME'] ] + LINUX_REF_APP_GOLANG_FULL_IMAGE_NAME: $[ dependencies.Image_Tags_and_Ev2_Artifacts.outputs['setup.LINUX_REF_APP_GOLANG_FULL_IMAGE_NAME'] ] # This is necessary because of: https://github.com/moby/moby/issues/37965 DOCKER_BUILDKIT: 1 + condition: and(eq(variables.IS_PR, false), eq(variables.IS_MAIN_BRANCH, true)) steps: - checkout: self persistCredentials: true @@ -179,15 +182,16 @@ jobs: workingDirectory: $(Build.SourcesDirectory)/internal/referenceapp/golang displayName: "Build: build and push reference app golang linux image to dev ACR" -- job: Reference_App_Python_Linux - displayName: Build reference app image for python linux +- job: Linux_Python_Reference_App + displayName: "Build: linux python reference app image" pool: name: Azure-Pipelines-CI-Test-EO - dependsOn: common + dependsOn: Image_Tags_and_Ev2_Artifacts variables: - LINUX_REF_APP_PYTHON_FULL_IMAGE_NAME: $[ dependencies.common.outputs['setup.LINUX_REF_APP_PYTHON_FULL_IMAGE_NAME'] ] + LINUX_REF_APP_PYTHON_FULL_IMAGE_NAME: $[ dependencies.Image_Tags_and_Ev2_Artifacts.outputs['setup.LINUX_REF_APP_PYTHON_FULL_IMAGE_NAME'] ] # This is necessary because of: https://github.com/moby/moby/issues/37965 DOCKER_BUILDKIT: 1 + condition: and(eq(variables.IS_PR, false), eq(variables.IS_MAIN_BRANCH, true)) steps: - checkout: self persistCredentials: true @@ -202,54 +206,50 @@ jobs: workingDirectory: $(Build.SourcesDirectory)/internal/referenceapp/python displayName: "Build: build and push reference app python linux image to dev ACR" -- job: Reference_App_Golang_Windows - displayName: Build reference app image for golang windows +- job: Golang_Windows_Reference_App + displayName: "Build: windows golang reference app image" pool: name: Azure-Pipelines-Windows-CI-Test-EO - dependsOn: common + dependsOn: Image_Tags_and_Ev2_Artifacts variables: - WINDOWS_REF_APP_GOLANG_FULL_IMAGE_NAME: $[ dependencies.common.outputs['setup.WINDOWS_REF_APP_GOLANG_FULL_IMAGE_NAME'] ] + WINDOWS_REF_APP_GOLANG_FULL_IMAGE_NAME: $[ dependencies.Image_Tags_and_Ev2_Artifacts.outputs['setup.WINDOWS_REF_APP_GOLANG_FULL_IMAGE_NAME'] ] + skipComponentGovernanceDetection: true + condition: and(eq(variables.IS_PR, false), eq(variables.IS_MAIN_BRANCH, true)) steps: - powershell: | docker build . --isolation=hyperv --file windows/Dockerfile -t $(WINDOWS_REF_APP_GOLANG_FULL_IMAGE_NAME) docker login containerinsightsprod.azurecr.io -u $(ACR_USERNAME) -p $(ACR_PASSWORD) docker push $(WINDOWS_REF_APP_GOLANG_FULL_IMAGE_NAME) displayName: "Build: build and push reference app golang windows image to dev ACR" - condition: eq(variables.IS_PR, false) workingDirectory: $(Build.SourcesDirectory)/internal/referenceapp/golang -- job: Reference_App_Python_Windows - displayName: Build reference app image for python windows +- job: Windows_Python_Reference_App + displayName: "Build: windows python reference app image" pool: name: Azure-Pipelines-Windows-CI-Test-EO - dependsOn: common + dependsOn: Image_Tags_and_Ev2_Artifacts variables: - WINDOWS_REF_APP_PYTHON_FULL_IMAGE_NAME: $[ dependencies.common.outputs['setup.WINDOWS_REF_APP_PYTHON_FULL_IMAGE_NAME'] ] + WINDOWS_REF_APP_PYTHON_FULL_IMAGE_NAME: $[ dependencies.Image_Tags_and_Ev2_Artifacts.outputs['setup.WINDOWS_REF_APP_PYTHON_FULL_IMAGE_NAME'] ] + skipComponentGovernanceDetection: true + condition: and(eq(variables.IS_PR, false), eq(variables.IS_MAIN_BRANCH, true)) steps: - powershell: | docker build . --isolation=hyperv --file windows/Dockerfile -t $(WINDOWS_REF_APP_PYTHON_FULL_IMAGE_NAME) docker login containerinsightsprod.azurecr.io -u $(ACR_USERNAME) -p $(ACR_PASSWORD) docker push $(WINDOWS_REF_APP_PYTHON_FULL_IMAGE_NAME) displayName: "Build: build and push reference app python windows image to dev ACR" - condition: eq(variables.IS_PR, false) workingDirectory: $(Build.SourcesDirectory)/internal/referenceapp/python -- job: Linux - displayName: Build linux image +- job: SDL_Binary_Scan + displayName: "SDL: linux binary scanning" pool: name: Azure-Pipelines-CI-Test-EO - dependsOn: common - variables: - LINUX_FULL_IMAGE_NAME: $[ dependencies.common.outputs['setup.LINUX_FULL_IMAGE_NAME'] ] - # This is necessary because of: https://github.com/moby/moby/issues/37965 - DOCKER_BUILDKIT: 1 steps: - checkout: self submodules: true - task: CodeQL3000Init@0 displayName: 'SDL: init codeql' - condition: or(eq(variables.IS_PR, true), eq(variables.IS_MAIN_BRANCH, true)) - task: GoTool@0 displayName: "Build: specify golang version" @@ -259,20 +259,17 @@ jobs: - bash: | sudo apt-get install build-essential -y make - condition: or(eq(variables.IS_PR, true), eq(variables.IS_MAIN_BRANCH, true)) workingDirectory: $(Build.SourcesDirectory)/otelcollector/opentelemetry-collector-builder/ displayName: "SDL: build otelcollector, promconfigvalidator, targetallocator, and fluent-bit plugin for scanning" - task: BinSkim@4 displayName: 'SDL: run binskim' - condition: or(eq(variables.IS_PR, true), eq(variables.IS_MAIN_BRANCH, true)) inputs: InputType: 'CommandLine' arguments: 'analyze --rich-return-code $(Build.SourcesDirectory)/otelcollector/opentelemetry-collector-builder/otelcollector $(Build.SourcesDirectory)/otelcollector/prom-config-validator-builder/promconfigvalidator $(Build.SourcesDirectory)/otelcollector/otel-allocator/targetallocator $(Build.SourcesDirectory)/otelcollector/fluent-bit/src/out_appinsights.so' - task: Gosec@1 displayName: 'SDL: run gosec' - condition: or(eq(variables.IS_PR, true), eq(variables.IS_MAIN_BRANCH, true)) inputs: targetPattern: 'gosecPattern' targetGosecPattern: '$(Build.SourcesDirectory)/otelcollector' @@ -283,36 +280,48 @@ jobs: chmod 775 DevSkim_linux_0.6.9/devskim ./DevSkim_linux_0.6.9/devskim analyze $(Build.SourcesDirectory)/otelcollector --ignore-globs **/deploy/dashboard/**,**/react/static/** --severity critical,important displayName: 'SDL: run devskim' - condition: or(eq(variables.IS_PR, true), eq(variables.IS_MAIN_BRANCH, true)) workingDirectory: $(Build.SourcesDirectory) - bash: | sudo gem install brakeman -v 5.4.1 brakeman $(Build.SourcesDirectory)/otelcollector/configmapparser --force displayName: 'SDL: run brakeman' - condition: or(eq(variables.IS_PR, true), eq(variables.IS_MAIN_BRANCH, true)) + + +- job: Linux_Prometheus_Collector + displayName: "Build: linux prometheus-collector image" + pool: + name: Azure-Pipelines-CI-Test-EO + dependsOn: Image_Tags_and_Ev2_Artifacts + variables: + LINUX_FULL_IMAGE_NAME: $[ dependencies.Image_Tags_and_Ev2_Artifacts.outputs['setup.LINUX_FULL_IMAGE_NAME'] ] + # This is necessary because of: https://github.com/moby/moby/issues/37965 + DOCKER_BUILDKIT: 1 + steps: + - checkout: self + submodules: true + + - task: CodeQL3000Init@0 + displayName: 'SDL: init codeql' + + - task: GoTool@0 + displayName: "Build: specify golang version" + inputs: + version: '1.20' - bash: | mkdir -p $(Build.ArtifactStagingDirectory)/linux # Necessary due to necessary due to https://stackoverflow.com/questions/60080264/docker-cannot-build-multi-platform-images-with-docker-buildx sudo apt-get update && sudo apt-get -y install qemu binfmt-support qemu-user-static + docker system prune --volumes -y + docker login containerinsightsprod.azurecr.io -u $(ACR_USERNAME) -p $(ACR_PASSWORD) docker run --rm --privileged multiarch/qemu-user-static --reset -p yes docker buildx create --name dockerbuilder docker buildx use dockerbuilder - docker login containerinsightsprod.azurecr.io -u $(ACR_USERNAME) -p $(ACR_PASSWORD) - if [ "$(Build.Reason)" != "PullRequest" ]; then - docker buildx build . --platform=linux/amd64,linux/arm64 --file ./build/linux/Dockerfile -t $(LINUX_FULL_IMAGE_NAME) --metadata-file $(Build.ArtifactStagingDirectory)/linux/metadata.json --push - docker pull $(LINUX_FULL_IMAGE_NAME) - else - - # Build multiarch image to make sure there are no issues - docker buildx build . --platform=linux/amd64,linux/arm64 --file ./build/linux/Dockerfile -t $(LINUX_FULL_IMAGE_NAME) --metadata-file $(Build.ArtifactStagingDirectory)/linux/metadata.json - - # Load in amd64 image to run vulnerability scan - docker buildx build . --file ./build/linux/Dockerfile -t $(LINUX_FULL_IMAGE_NAME) --metadata-file $(Build.ArtifactStagingDirectory)/linux/metadata.json - fi + docker buildx build . --platform=linux/amd64,linux/arm64 --file ./build/linux/Dockerfile -t $(LINUX_FULL_IMAGE_NAME) --metadata-file $(Build.ArtifactStagingDirectory)/linux/metadata.json --push + docker pull $(LINUX_FULL_IMAGE_NAME) workingDirectory: $(Build.SourcesDirectory)/otelcollector/ displayName: "Build: build and push image to dev ACR" @@ -381,20 +390,19 @@ jobs: fi workingDirectory: $(Build.SourcesDirectory) displayName: "Build: run trivy scan" - condition: eq(variables.IS_PR, false) - task: CodeQL3000Finalize@0 displayName: 'SDL: run codeql' - condition: or(eq(variables.IS_PR, true), eq(variables.IS_MAIN_BRANCH, true)) - task: ComponentGovernanceComponentDetection@0 displayName: "SDL: run component governance" - condition: and(eq(variables.IS_PR, false), eq(variables.IS_MAIN_BRANCH, true)) inputs: scanType: 'Register' verbosity: 'Verbose' dockerImagesToScan: '$(LINUX_FULL_IMAGE_NAME)' alertWarningLevel: 'High' + sourceScanPath: '$(Build.SourcesDirectory)/otelcollector' + ignoreDirectories: '$(Build.SourcesDirectory)/mixins,$(Build.SourcesDirectory)/tools,$(Build.SourcesDirectory)/otelcollector/react' - task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0 displayName: "Ev2: Generate image artifacts" @@ -405,7 +413,6 @@ jobs: - task: SdtReport@2 displayName: 'SDL: generate report' - condition: or(eq(variables.IS_PR, true), eq(variables.IS_MAIN_BRANCH, true)) inputs: GdnExportAllTools: false GdnExportGdnToolBinSkim: true @@ -417,7 +424,6 @@ jobs: - task: PublishSecurityAnalysisLogs@3 displayName: 'SDL: publish report' - condition: or(eq(variables.IS_PR, true), eq(variables.IS_MAIN_BRANCH, true)) inputs: ArtifactName: 'CodeAnalysisLogs' ArtifactType: 'Container' @@ -434,7 +440,6 @@ jobs: - task: PostAnalysis@2 displayName: 'SDL: Post-Build Analysis' - condition: or(eq(variables.IS_PR, true), eq(variables.IS_MAIN_BRANCH, true)) inputs: GdnBreakAllTools: false GdnBreakGdnToolBinSkim: true @@ -444,15 +449,16 @@ jobs: GdnBreakGdnToolSemmle: true GdnBreakGdnToolSemmleSeverity: 'Warning' -- job: TargetAllocator - displayName: Build target allocator image +- job: Linux_Target_Allocator + displayName: "Build: target allocator image" pool: name: Azure-Pipelines-CI-Test-EO - dependsOn: common + dependsOn: Image_Tags_and_Ev2_Artifacts variables: - TARGET_ALLOCATOR_FULL_IMAGE_NAME: $[ dependencies.common.outputs['setup.TARGET_ALLOCATOR_FULL_IMAGE_NAME'] ] + TARGET_ALLOCATOR_FULL_IMAGE_NAME: $[ dependencies.Image_Tags_and_Ev2_Artifacts.outputs['setup.TARGET_ALLOCATOR_FULL_IMAGE_NAME'] ] # This is necessary because of: https://github.com/moby/moby/issues/37965 DOCKER_BUILDKIT: 1 + skipComponentGovernanceDetection: true steps: - checkout: self persistCredentials: true @@ -466,17 +472,8 @@ jobs: docker buildx create --name dockerbuilder docker buildx use dockerbuilder docker login containerinsightsprod.azurecr.io -u $(ACR_USERNAME) -p $(ACR_PASSWORD) - if [ "$(Build.Reason)" != "PullRequest" ]; then - docker buildx build . --platform=linux/amd64,linux/arm64 --file Dockerfile -t $(TARGET_ALLOCATOR_FULL_IMAGE_NAME) --metadata-file $(Build.ArtifactStagingDirectory)/targetallocator/metadata.json --push - docker pull $(TARGET_ALLOCATOR_FULL_IMAGE_NAME) - else - - # Build multiarch image to make sure there are no issues - docker buildx build . --platform=linux/amd64,linux/arm64 --file Dockerfile -t $(TARGET_ALLOCATOR_FULL_IMAGE_NAME) --metadata-file $(Build.ArtifactStagingDirectory)/targetallocator/metadata.json - - # Load in amd64 image to run vulnerability scan - docker buildx build . --file Dockerfile -t $(TARGET_ALLOCATOR_FULL_IMAGE_NAME) --metadata-file $(Build.ArtifactStagingDirectory)/targetallocator/metadata.json - fi + docker buildx build . --platform=linux/amd64,linux/arm64 --file Dockerfile -t $(TARGET_ALLOCATOR_FULL_IMAGE_NAME) --metadata-file $(Build.ArtifactStagingDirectory)/targetallocator/metadata.json --push + docker pull $(TARGET_ALLOCATOR_FULL_IMAGE_NAME) MEDIA_TYPE=$(docker manifest inspect -v $(TARGET_ALLOCATOR_FULL_IMAGE_NAME) | jq '.Descriptor.mediaType') DIGEST=$(docker manifest inspect -v $(TARGET_ALLOCATOR_FULL_IMAGE_NAME) | jq '.Descriptor.digest') SIZE=$(docker manifest inspect -v $(TARGET_ALLOCATOR_FULL_IMAGE_NAME) | jq '.Descriptor.size') @@ -485,12 +482,14 @@ jobs: EOF workingDirectory: $(Build.SourcesDirectory)/otelcollector/otel-allocator displayName: "Build: build and push target allocator image to dev ACR" + - bash: | curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin trivy image --ignore-unfixed --no-progress --severity HIGH,CRITICAL,MEDIUM --exit-code 1 $(TARGET_ALLOCATOR_FULL_IMAGE_NAME) workingDirectory: $(Build.SourcesDirectory) displayName: "Build: run trivy scan" - condition: eq(variables.IS_PR, false) + + - task: EsrpCodeSigning@3 displayName: "ESRP CodeSigning for TargetAllocator" inputs: @@ -513,6 +512,7 @@ jobs: "toolVersion": "1.0" } ] + - bash: | set -euxo pipefail curl -LO "https://github.com/oras-project/oras/releases/download/v1.0.0/oras_1.0.0_linux_amd64.tar.gz" @@ -528,15 +528,16 @@ jobs: displayName: "ORAS Push Artifacts in $(Build.ArtifactStagingDirectory)/targetallocator/" condition: eq(variables.IS_MAIN_BRANCH, true) -- job: Linux_ConfigReader - displayName: Build linux image for config reader +- job: Linux_Config_Reader + displayName: "Build: config reader image" pool: name: Azure-Pipelines-CI-Test-EO - dependsOn: common + dependsOn: Image_Tags_and_Ev2_Artifacts variables: - LINUX_CONFIG_READER_FULL_IMAGE_NAME: $[ dependencies.common.outputs['setup.LINUX_CONFIG_READER_FULL_IMAGE_NAME'] ] + LINUX_CONFIG_READER_FULL_IMAGE_NAME: $[ dependencies.Image_Tags_and_Ev2_Artifacts.outputs['setup.LINUX_CONFIG_READER_FULL_IMAGE_NAME'] ] # This is necessary because of: https://github.com/moby/moby/issues/37965 DOCKER_BUILDKIT: 1 + skipComponentGovernanceDetection: true steps: - bash: | mkdir -p $(Build.ArtifactStagingDirectory)/linuxcfgreader @@ -548,17 +549,8 @@ jobs: docker buildx create --name dockerbuilder docker buildx use dockerbuilder docker login containerinsightsprod.azurecr.io -u $(ACR_USERNAME) -p $(ACR_PASSWORD) - if [ "$(Build.Reason)" != "PullRequest" ]; then - docker buildx build . --platform=linux/amd64,linux/arm64 --file ./build/linux/configuration-reader/Dockerfile -t $(LINUX_CONFIG_READER_FULL_IMAGE_NAME) --metadata-file $(Build.ArtifactStagingDirectory)/linux/configuration-reader/metadata.json --push - docker pull $(LINUX_CONFIG_READER_FULL_IMAGE_NAME) - else - - # Build multiarch image to make sure there are no issues - docker buildx build . --platform=linux/amd64,linux/arm64 --file ./build/linux/configuration-reader/Dockerfile -t $(LINUX_CONFIG_READER_FULL_IMAGE_NAME) --metadata-file $(Build.ArtifactStagingDirectory)/linux/configuration-reader/metadata.json - - # Load in amd64 image to run vulnerability scan - docker buildx build . --file ./build/linux/configuration-reader/Dockerfile -t $(LINUX_CONFIG_READER_FULL_IMAGE_NAME) --metadata-file $(Build.ArtifactStagingDirectory)/linux/configuration-reader/metadata.json - fi + docker buildx build . --platform=linux/amd64,linux/arm64 --file ./build/linux/configuration-reader/Dockerfile -t $(LINUX_CONFIG_READER_FULL_IMAGE_NAME) --metadata-file $(Build.ArtifactStagingDirectory)/linux/configuration-reader/metadata.json --push + docker pull $(LINUX_CONFIG_READER_FULL_IMAGE_NAME) MEDIA_TYPE=$(docker manifest inspect -v $(LINUX_CONFIG_READER_FULL_IMAGE_NAME) | jq '.Descriptor.mediaType') DIGEST=$(docker manifest inspect -v $(LINUX_CONFIG_READER_FULL_IMAGE_NAME) | jq '.Descriptor.digest') SIZE=$(docker manifest inspect -v $(LINUX_CONFIG_READER_FULL_IMAGE_NAME) | jq '.Descriptor.size') @@ -571,10 +563,8 @@ jobs: - bash: | curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin trivy image --ignore-unfixed --no-progress --severity HIGH,CRITICAL,MEDIUM --exit-code 1 $(LINUX_CONFIG_READER_FULL_IMAGE_NAME) - trivy image --ignore-unfixed --no-progress --severity HIGH,CRITICAL,MEDIUM --exit-code 1 $(KUBE_STATE_METRICS_IMAGE) workingDirectory: $(Build.SourcesDirectory) displayName: "Build: run trivy scan" - condition: eq(variables.IS_PR, false) - task: EsrpCodeSigning@3 displayName: "ESRP CodeSigning for Config Reader" @@ -614,15 +604,16 @@ jobs: displayName: "ORAS Push Artifacts in $(Build.ArtifactStagingDirectory)/linuxcfgreader/" condition: eq(variables.IS_MAIN_BRANCH, true) -- job: Windows2019 - displayName: "Build windows 2019 image" +- job: Windows2019_Prometheus_Collector + displayName: "Build: windows 2019 prometheus-collector image" pool: name: Azure-Pipelines-Windows-CI-Test-EO dependsOn: - - Common + - Image_Tags_and_Ev2_Artifacts variables: - WINDOWS_FULL_IMAGE_NAME: $[ dependencies.common.outputs['setup.WINDOWS_FULL_IMAGE_NAME'] ] - WINDOWS_2019_BASE_IMAGE_VERSION: $[ dependencies.common.outputs['setup.WINDOWS_2019_BASE_IMAGE_VERSION'] ] + WINDOWS_FULL_IMAGE_NAME: $[ dependencies.Image_Tags_and_Ev2_Artifacts.outputs['setup.WINDOWS_FULL_IMAGE_NAME'] ] + WINDOWS_2019_BASE_IMAGE_VERSION: $[ dependencies.Image_Tags_and_Ev2_Artifacts.outputs['setup.WINDOWS_2019_BASE_IMAGE_VERSION'] ] + skipComponentGovernanceDetection: true steps: - task: GoTool@0 displayName: "Build: specify golang version" @@ -638,29 +629,23 @@ jobs: docker build . --isolation=hyperv --file ./build/windows/Dockerfile -t $(WINDOWS_FULL_IMAGE_NAME)-$(WINDOWS_2019_BASE_IMAGE_VERSION) --build-arg WINDOWS_VERSION=$(WINDOWS_2019_BASE_IMAGE_VERSION) workingDirectory: $(Build.SourcesDirectory)/otelcollector/ displayName: "Build: build WS2019 image" + retryCountOnTaskFailure: 2 - powershell: | docker login containerinsightsprod.azurecr.io -u $(ACR_USERNAME) -p $(ACR_PASSWORD) docker push $(WINDOWS_FULL_IMAGE_NAME)-$(WINDOWS_2019_BASE_IMAGE_VERSION) displayName: "Build: push image to dev ACR" - - task: ComponentGovernanceComponentDetection@0 - displayName: "SDL: run component governance" - condition: or(eq(variables.IS_PR, true), eq(variables.IS_MAIN_BRANCH, true)) - inputs: - scanType: 'Register' - verbosity: 'Verbose' - dockerImagesToScan: '$(WINDOWS_FULL_IMAGE_NAME)-$(WINDOWS_2019_BASE_IMAGE_VERSION)' - -- job: Windows2022 - displayName: "Build windows 2022 image" +- job: Windows2022_Prometheus_Collector + displayName: "Build: windows 2022 prometheus-collector image" pool: name: Azure-Pipelines-Windows-CI-Test-EO dependsOn: - - Common + - Image_Tags_and_Ev2_Artifacts variables: - WINDOWS_FULL_IMAGE_NAME: $[ dependencies.common.outputs['setup.WINDOWS_FULL_IMAGE_NAME'] ] - WINDOWS_2022_BASE_IMAGE_VERSION: $[ dependencies.common.outputs['setup.WINDOWS_2022_BASE_IMAGE_VERSION'] ] + WINDOWS_FULL_IMAGE_NAME: $[ dependencies.Image_Tags_and_Ev2_Artifacts.outputs['setup.WINDOWS_FULL_IMAGE_NAME'] ] + WINDOWS_2022_BASE_IMAGE_VERSION: $[ dependencies.Image_Tags_and_Ev2_Artifacts.outputs['setup.WINDOWS_2022_BASE_IMAGE_VERSION'] ] + skipComponentGovernanceDetection: true steps: - task: GoTool@0 displayName: "Build: specify golang version" @@ -676,40 +661,89 @@ jobs: docker build . --isolation=hyperv --file ./build/windows/Dockerfile -t $(WINDOWS_FULL_IMAGE_NAME)-$(WINDOWS_2022_BASE_IMAGE_VERSION) --build-arg WINDOWS_VERSION=$(WINDOWS_2022_BASE_IMAGE_VERSION) workingDirectory: $(Build.SourcesDirectory)/otelcollector/ displayName: "Build: build WS2022 image" + retryCountOnTaskFailure: 2 - powershell: | docker login containerinsightsprod.azurecr.io -u $(ACR_USERNAME) -p $(ACR_PASSWORD) docker push $(WINDOWS_FULL_IMAGE_NAME)-$(WINDOWS_2022_BASE_IMAGE_VERSION) displayName: "Build: push image to dev ACR" - condition: eq(variables.IS_PR, false) - - - task: ComponentGovernanceComponentDetection@0 - displayName: "SDL: run component governance" - condition: or(eq(variables.IS_PR, true), eq(variables.IS_MAIN_BRANCH, true)) - inputs: - scanType: 'Register' - verbosity: 'Verbose' - dockerImagesToScan: '$(WINDOWS_FULL_IMAGE_NAME)-$(WINDOWS_2022_BASE_IMAGE_VERSION)' - alertWarningLevel: 'High' -- job: WindowsMultiArch - displayName: "Build windows multi-arch image" +- job: WindowsMultiArch_Prometheus_Collector + displayName: "Build: windows multi-arch prometheus-collector image" pool: name: Azure-Pipelines-Windows-CI-Test-EO dependsOn: - - Common - - Windows2019 - - Windows2022 + - Image_Tags_and_Ev2_Artifacts + - Windows2019_Prometheus_Collector + - Windows2022_Prometheus_Collector variables: - WINDOWS_FULL_IMAGE_NAME: $[ dependencies.common.outputs['setup.WINDOWS_FULL_IMAGE_NAME'] ] - WINDOWS_2019_BASE_IMAGE_VERSION: $[ dependencies.common.outputs['setup.WINDOWS_2019_BASE_IMAGE_VERSION'] ] - WINDOWS_2022_BASE_IMAGE_VERSION: $[ dependencies.common.outputs['setup.WINDOWS_2022_BASE_IMAGE_VERSION'] ] + WINDOWS_IMAGE_TAG: $[ dependencies.Image_Tags_and_Ev2_Artifacts.outputs['setup.WINDOWS_IMAGE_TAG'] ] + WINDOWS_FULL_IMAGE_NAME: $[ dependencies.Image_Tags_and_Ev2_Artifacts.outputs['setup.WINDOWS_FULL_IMAGE_NAME'] ] + WINDOWS_2019_BASE_IMAGE_VERSION: $[ dependencies.Image_Tags_and_Ev2_Artifacts.outputs['setup.WINDOWS_2019_BASE_IMAGE_VERSION'] ] + WINDOWS_2022_BASE_IMAGE_VERSION: $[ dependencies.Image_Tags_and_Ev2_Artifacts.outputs['setup.WINDOWS_2022_BASE_IMAGE_VERSION'] ] + skipComponentGovernanceDetection: true steps: - task: GoTool@0 displayName: "Build: specify golang version" inputs: version: '1.20' + - bash: | + export ACR_REPOSITORY_VAR="$(ACR_REPOSITORY)" + export ACR_REPOSITORY_WITHOUT_SLASH="${ACR_REPOSITORY_VAR:1}" + + export WINDOWS_2019_TAG="$(WINDOWS_IMAGE_TAG)-$(WINDOWS_2019_BASE_IMAGE_VERSION)" + docker login containerinsightsprod.azurecr.io -u $(ACR_USERNAME) -p $(ACR_PASSWORD) + docker pull $(WINDOWS_FULL_IMAGE_NAME)-$(WINDOWS_2019_BASE_IMAGE_VERSION) + if [ $? -ne 0 ]; then + echo "Failed to pull $(WINDOWS_FULL_IMAGE_NAME)-$(WINDOWS_2019_BASE_IMAGE_VERSION). Checking if MCR image is published." + IMAGES_ARE_PUBLISHED=0 + for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 + do + output=$(curl -s https://$(MCR_REGISTRY)/v2$(MCR_REPOSITORY)/tags/list) + if (echo $output | grep $WINDOWS_2019_TAG) + then + echo "Images are published to mcr" + IMAGES_ARE_PUBLISHED=1 + break + fi + sleep 30 + done + if [ IMAGES_ARE_PUBLISHED -eq 0 ]; then + echo "Images are not published to mcr within the timeout" + exit 1 + fi + + az acr import --name $(ACR_REGISTRY) --source $(MCR_REGISTRY)$(MCR_REPOSITORY):$(IMAGE_TAG) --image $(ACR_REPOSITORY_WITHOUT_SLASH):$(WINDOWS_2019_TAG) + fi + + export WINDOWS_2022_TAG="$(WINDOWS_IMAGE_TAG)-$(WINDOWS_2022_BASE_IMAGE_VERSION)" + docker login containerinsightsprod.azurecr.io -u $(ACR_USERNAME) -p $(ACR_PASSWORD) + docker pull $(WINDOWS_FULL_IMAGE_NAME)-$(WINDOWS_2022_BASE_IMAGE_VERSION) + if [ $? -ne 0 ]; then + echo "Failed to pull $(WINDOWS_FULL_IMAGE_NAME)-$(WINDOWS_2022_BASE_IMAGE_VERSION). Checking if MCR image is published." + IMAGES_ARE_PUBLISHED=0 + for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 + do + output=$(curl -s https://$(MCR_REGISTRY)/v2$(MCR_REPOSITORY)/tags/list) + if (echo $output | grep $WINDOWS_2022_TAG) + then + echo "Images are published to mcr" + IMAGES_ARE_PUBLISHED=1 + break + fi + sleep 30 + done + if [ IMAGES_ARE_PUBLISHED -eq 0 ]; then + echo "Images are not published to mcr within the timeout" + exit 1 + fi + + az acr import --name $(ACR_REGISTRY) --source $(MCR_REGISTRY)$(MCR_REPOSITORY):$(IMAGE_TAG) --image $(ACR_REPOSITORY_WITHOUT_SLASH):$(WINDOWS_2022_TAG) + fi + displayName: "Build: ensure images are present in ACR" + retryCountOnTaskFailure: 3 + - powershell: | New-Item -Path "$(Build.ArtifactStagingDirectory)" -Name "windows" -ItemType "directory" @{"image.name"="$(WINDOWS_FULL_IMAGE_NAME)"} | ConvertTo-Json -Compress | Out-File -Encoding ascii $(Build.ArtifactStagingDirectory)/windows/metadata.json @@ -717,7 +751,7 @@ jobs: docker manifest create $(WINDOWS_FULL_IMAGE_NAME) $(WINDOWS_FULL_IMAGE_NAME)-$(WINDOWS_2019_BASE_IMAGE_VERSION) $(WINDOWS_FULL_IMAGE_NAME)-$(WINDOWS_2022_BASE_IMAGE_VERSION) docker manifest push $(WINDOWS_FULL_IMAGE_NAME) workingDirectory: $(Build.SourcesDirectory)/otelcollector/ - displayName: "Build: Triggering manifest for multi-arc docker image" + displayName: "Build: Windows multi-arch manifest" - task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0 condition: and(eq(variables.IS_PR, false), eq(variables.IS_MAIN_BRANCH, true)) @@ -786,63 +820,20 @@ jobs: pathToPublish: '$(Build.ArtifactStagingDirectory)' artifactName: drop -- job: Chart - displayName: "Package 1P helm chart" +- job: Arc_Helm_Chart + displayName: "Package: Arc helm chart" pool: name: Azure-Pipelines-CI-Test-EO dependsOn: - - Common - - Linux - - WindowsMultiArch + - Image_Tags_and_Ev2_Artifacts + - Linux_Prometheus_Collector variables: - HELM_CHART_NAME: $[ dependencies.common.outputs['setup.HELM_CHART_NAME'] ] - HELM_SEMVER: $[ dependencies.common.outputs['setup.SEMVER'] ] - IMAGE_TAG: $[ dependencies.common.outputs['setup.SEMVER'] ] - IMAGE_TAG_WINDOWS: $[ dependencies.common.outputs['setup.WINDOWS_IMAGE_TAG'] ] - HELM_FULL_IMAGE_NAME: $[ dependencies.common.outputs['setup.HELM_FULL_IMAGE_NAME'] ] - steps: - - task: HelmInstaller@1 - displayName: 'Build: install Helm version' - inputs: - helmVersionToInstall: 3.12.3 - - - bash: | - envsubst < $(Build.SourcesDirectory)/otelcollector/deploy/chart/prometheus-collector/Chart-template.yaml > $(Build.SourcesDirectory)/otelcollector/deploy/chart/prometheus-collector/Chart.yaml && envsubst < $(Build.SourcesDirectory)/otelcollector/deploy/chart/prometheus-collector/values-template.yaml > $(Build.SourcesDirectory)/otelcollector/deploy/chart/prometheus-collector/values.yaml - helm version - displayName: "Build: substitute chart version in Chart.yaml and values.yaml" - - - bash: | - helm dep update - workingDirectory: $(Build.SourcesDirectory)/otelcollector/deploy/chart/prometheus-collector/ - displayName: "Build: update helm dependencies" - - - bash: | - helm package ./prometheus-collector/ - workingDirectory: $(Build.SourcesDirectory)/otelcollector/deploy/chart/ - displayName: "Build: package helm chart" - - - bash: | - helm registry login containerinsightsprod.azurecr.io -u $(ACR_USERNAME) -p $(ACR_PASSWORD) - helm push $(HELM_CHART_NAME)-$(HELM_SEMVER).tgz oci://$(ACR_REGISTRY)$(ACR_REPOSITORY_HELM) - mkdir -p $(Build.ArtifactStagingDirectory)/chart - echo {\"image.name\":\"$(HELM_FULL_IMAGE_NAME)\"} > $(Build.ArtifactStagingDirectory)/chart/metadata.json - workingDirectory: $(Build.SourcesDirectory)/otelcollector/deploy/chart/ - displayName: "Build: push helm chart to dev ACR" - condition: eq(variables.IS_PR, false) - -- job: ARC_Chart - displayName: "Package Arc helm chart" - pool: - name: Azure-Pipelines-CI-Test-EO - dependsOn: - - Common - - Linux - variables: - HELM_SEMVER: $[ dependencies.common.outputs['setup.SEMVER'] ] - IMAGE_TAG: $[ dependencies.common.outputs['setup.SEMVER'] ] - IMAGE_TAG_WINDOWS: $[ dependencies.common.outputs['setup.WINDOWS_IMAGE_TAG'] ] - ARC_HELM_FULL_IMAGE_NAME: $[ dependencies.common.outputs['setup.ARC_HELM_FULL_IMAGE_NAME'] ] + HELM_SEMVER: $[ dependencies.Image_Tags_and_Ev2_Artifacts.outputs['setup.SEMVER'] ] + IMAGE_TAG: $[ dependencies.Image_Tags_and_Ev2_Artifacts.outputs['setup.SEMVER'] ] + IMAGE_TAG_WINDOWS: $[ dependencies.Image_Tags_and_Ev2_Artifacts.outputs['setup.WINDOWS_IMAGE_TAG'] ] + ARC_HELM_FULL_IMAGE_NAME: $[ dependencies.Image_Tags_and_Ev2_Artifacts.outputs['setup.ARC_HELM_FULL_IMAGE_NAME'] ] ARC_EXTENSION: true + skipComponentGovernanceDetection: true steps: - task: HelmInstaller@1 displayName: 'Build: install Helm version' @@ -881,16 +872,17 @@ jobs: pathToPublish: '$(Build.ArtifactStagingDirectory)' artifactName: drop -- job: DeployARC - displayName: "Deploy to ARC dev cluster" +- job: Deploy_Chart_ARC + displayName: "Deploy: Arc dev cluster" condition: and(eq(variables.IS_PR, false), eq(variables.IS_MAIN_BRANCH, true)) pool: name: Azure-Pipelines-CI-Test-EO dependsOn: - - Common - - ARC_Chart + - Image_Tags_and_Ev2_Artifacts + - Arc_Helm_Chart variables: - HELM_SEMVER: $[ dependencies.common.outputs['setup.SEMVER'] ] + HELM_SEMVER: $[ dependencies.Image_Tags_and_Ev2_Artifacts.outputs['setup.SEMVER'] ] + skipComponentGovernanceDetection: true steps: - bash: | # Create JSON request body @@ -956,6 +948,28 @@ jobs: exit 1 fi displayName: "Deploy: Release to dev release train" + + - task: AzureCLI@2 + displayName: "Deploy: wait for ci-dev-arc-wcus cluster to be ready" + inputs: + azureSubscription: 'ContainerInsights_Build_Subscription(9b96ebbd-c57a-42d1-bbe9-b69296e4c7fb)' + scriptType: 'bash' + scriptLocation: 'inlineScript' + inlineScript: | + for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 + do + state=$(az k8s-extension show --name azuremonitor-metrics --cluster-name ci-dev-arc-wcus --resource-group ci-dev-arc-wcus --cluster-type connectedClusters | jq -r '.provisioningState') + if [ $state = "Succeeded" ] + then + echo "Cluster is ready to install extension" + exit 0 + fi + sleep 30 + done + echo "Cluster is installing a different version of the extension" + exit 1 + retryCountOnTaskFailure: 5 + - task: AzureCLI@2 displayName: "Deploy: ci-dev-arc-wcus cluster" inputs: @@ -966,22 +980,22 @@ jobs: az config set extension.use_dynamic_install=yes_without_prompt az k8s-extension update --name azuremonitor-metrics --resource-group ci-dev-arc-wcus --cluster-name ci-dev-arc-wcus --cluster-type connectedClusters --version $HELM_SEMVER --release-train pipeline -- job: Deploy - displayName: "Deploy to dev clusters" +- job: Deploy_AKS_Chart + displayName: "Deploy: AKS dev cluster" pool: name: Azure-Pipelines-CI-Test-EO condition: and(eq(variables.IS_PR, false), eq(variables.IS_MAIN_BRANCH, true)) dependsOn: - - Common - - Linux - - WindowsMultiArch - - ARC_Chart + - Image_Tags_and_Ev2_Artifacts + - Linux_Prometheus_Collector + - WindowsMultiArch_Prometheus_Collector variables: - HELM_CHART_NAME: $[ dependencies.common.outputs['setup.HELM_CHART_NAME'] ] - HELM_SEMVER: $[ dependencies.common.outputs['setup.SEMVER'] ] - IMAGE_TAG: $[ dependencies.common.outputs['setup.SEMVER'] ] - IMAGE_TAG_WINDOWS: $[ dependencies.common.outputs['setup.WINDOWS_IMAGE_TAG'] ] - HELM_FULL_IMAGE_NAME: $[ dependencies.common.outputs['setup.HELM_FULL_IMAGE_NAME'] ] + HELM_CHART_NAME: $[ dependencies.Image_Tags_and_Ev2_Artifacts.outputs['setup.HELM_CHART_NAME'] ] + HELM_SEMVER: $[ dependencies.Image_Tags_and_Ev2_Artifacts.outputs['setup.SEMVER'] ] + IMAGE_TAG: $[ dependencies.Image_Tags_and_Ev2_Artifacts.outputs['setup.SEMVER'] ] + IMAGE_TAG_WINDOWS: $[ dependencies.Image_Tags_and_Ev2_Artifacts.outputs['setup.WINDOWS_IMAGE_TAG'] ] + HELM_FULL_IMAGE_NAME: $[ dependencies.Image_Tags_and_Ev2_Artifacts.outputs['setup.HELM_FULL_IMAGE_NAME'] ] + skipComponentGovernanceDetection: true steps: - checkout: self submodules: true @@ -998,23 +1012,23 @@ jobs: inputs: helmVersionToInstall: 3.12.3 - bash: | - for i in 1 2 3 4 5 6 7 8 9 10 + for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 do sleep 30 echo $(MCR_REGISTRY)$(MCR_REPOSITORY):$(IMAGE_TAG_WINDOWS) echo $(MCR_REGISTRY)$(MCR_REPOSITORY_HELM):$(IMAGE_TAG) - output1=$(curl -s https://$(MCR_REGISTRY)/v2$(MCR_REPOSITORY)/tags/list) - output2=$(curl -s https://$(MCR_REGISTRY)/v2$(MCR_REPOSITORY_HELM)/tags/list) - if (echo $output1 | grep $(IMAGE_TAG_WINDOWS)) && (echo $output2 | grep $(IMAGE_TAG)) + output=$(curl -s https://$(MCR_REGISTRY)/v2$(MCR_REPOSITORY)/tags/list) + if (echo $output | grep $(IMAGE_TAG_WINDOWS)) && (echo $output | grep $(IMAGE_TAG)) then - echo "Images and chart are published to mcr" + echo "Images are published to mcr" exit 0 fi done - echo "Images and chart are not published to mcr within 5 minutes" + echo "Images are not published to mcr within the timeout" exit 1 - displayName: "Check images are pushed to dev MCR" + displayName: "Check images are pushed to dev MCR" + retryCountOnTaskFailure: 5 - bash: | helm pull oci://$(MCR_REGISTRY)$(MCR_REPOSITORY_HELM) --version $(HELM_SEMVER) diff --git a/.pipelines/deployment/ServiceGroupRoot/Parameters/PrometheusCollector.Chart.Parameters.json b/.pipelines/deployment/ServiceGroupRoot/Parameters/PrometheusCollector.Chart.Parameters.json deleted file mode 100644 index 4bd0c644a..000000000 --- a/.pipelines/deployment/ServiceGroupRoot/Parameters/PrometheusCollector.Chart.Parameters.json +++ /dev/null @@ -1,96 +0,0 @@ -{ - "$schema": "http://schema.express.azure.com/schemas/2015-01-01-alpha/RolloutParameters.json", - "contentVersion": "1.0.0.0", - "wait": [ - { - "name": "waitSdpBakeTime", - "properties": { - "duration": "PT24H" - } - } - ], - "shellExtensions": [ - { - "name": "PushAgentToACR", - "type": "ShellExtensionType", - "properties": { - "maxexecutiontime": "PT1H" - }, - "package": { - "reference": { - "path": "artifacts.tar.gz" - } - }, - "launch": { - "command": [ - "/bin/bash", - "pushChartToAcr.sh" - ], - "environmentVariables": [ - { - "name": "ACR_REGISTRY", - "value": "__ACR_REGISTRY__" - }, - { - "name": "PROD_ACR_REPOSITORY", - "value": "__PROD_ACR_CHART_REPOSITORY__" - }, - { - "name": "MCR_REGISTRY", - "value": "__MCR_REGISTRY__" - }, - { - "name": "MCR_REPOSITORY", - "value": "__PROD_MCR_CHART_REPOSITORY__" - }, - { - "name": "PROD_MCR_REPOSITORY", - "value": "__PROD_MCR_CHART_REPOSITORY__" - }, - { - "name": "MCR_REPOSITORY_HELM_DEPENDENCIES", - "value": "__PROD_MCR_REPOSITORY_HELM_DEPENDENCIES__" - }, - { - "name": "IMAGE_TAG", - "value": "__LINUX_TAG__" - }, - { - "name": "IMAGE_TAG_WINDOWS", - "value": "__WINDOWS_TAG__" - }, - { - "name": "HELM_SEMVER", - "value": "__CHART_TAG__" - }, - { - "name": "HELM_CHART_NAME", - "value": "__HELM_CHART_NAME__" - }, - { - "name": "PROD_MCR_KSM_REPOSITORY", - "value": "__PROD_MCR_KSM_REPOSITORY__" - }, - { - "name": "KSM_CHART_TAG", - "value": "__KSM_CHART_TAG__" - }, - { - "name": "PROD_MCR_NE_REPOSITORY", - "value": "__PROD_MCR_NE_REPOSITORY__" - }, - { - "name": "NE_CHART_TAG", - "value": "__NE_CHART_TAG__" - } - ], - "identity": { - "type": "userAssigned", - "userAssignedIdentities": [ - "__MANAGED_IDENTITY__" - ] - } - } - } - ] -} \ No newline at end of file diff --git a/.pipelines/deployment/ServiceGroupRoot/RolloutSpecs/RolloutSpecs.json b/.pipelines/deployment/ServiceGroupRoot/RolloutSpecs/RolloutSpecs.json index 1de6e10c7..466aad44c 100644 --- a/.pipelines/deployment/ServiceGroupRoot/RolloutSpecs/RolloutSpecs.json +++ b/.pipelines/deployment/ServiceGroupRoot/RolloutSpecs/RolloutSpecs.json @@ -60,13 +60,6 @@ "actions": [ "Shell/PushAgentToACR" ], "dependsOn": [ ] }, - { - "name": "Push1PHelmChart", - "targetType": "ServiceResource", - "targetName": "Push1PHelmChart", - "actions": [ "Shell/PushAgentToACR" ], - "dependsOn": [ "PushLinuxAgent", "PushWindowsAgent", "PushKSMChart", "PushNEChart" ] - }, { "name": "PushARCHelmChart", "targetType": "ServiceResource", diff --git a/.pipelines/deployment/ServiceGroupRoot/ScopeBindings/Public.ScopeBindings.json b/.pipelines/deployment/ServiceGroupRoot/ScopeBindings/Public.ScopeBindings.json index c525543c6..1b34e7df5 100644 --- a/.pipelines/deployment/ServiceGroupRoot/ScopeBindings/Public.ScopeBindings.json +++ b/.pipelines/deployment/ServiceGroupRoot/ScopeBindings/Public.ScopeBindings.json @@ -85,10 +85,6 @@ "find": "__PROD_MCR_REPOSITORY_HELM_DEPENDENCIES__", "replaceWith": "$(ProdMCRRepositoryHelmDependencies)" }, - { - "find": "__CHART_TAG__", - "replaceWith": "$(ChartTag)" - }, { "find": "__PUSH_NEW_KSM_CHART__", "replaceWith": "$(PushNewKSMChart)" diff --git a/.pipelines/deployment/ServiceGroupRoot/ServiceModels/Public.ServiceModel.json b/.pipelines/deployment/ServiceGroupRoot/ServiceModels/Public.ServiceModel.json index 292199127..f445997d1 100644 --- a/.pipelines/deployment/ServiceGroupRoot/ServiceModels/Public.ServiceModel.json +++ b/.pipelines/deployment/ServiceGroupRoot/ServiceModels/Public.ServiceModel.json @@ -60,11 +60,6 @@ "InstanceOf": "ShellExtension", "RolloutParametersPath": "Parameters\\PrometheusCollector.ConfigReader.Parameters.json" }, - { - "Name": "Push1PHelmChart", - "InstanceOf": "ShellExtension", - "RolloutParametersPath": "Parameters\\PrometheusCollector.Chart.Parameters.json" - }, { "Name": "PushARCHelmChart", "InstanceOf": "ShellExtension", diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index c282e9a1a..db68a4957 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -11,4 +11,14 @@ instructions provided by the bot. You will only need to do this once across all This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/). For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) -or contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments. \ No newline at end of file +or contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments. + +## Test Images + +After creating a PR, the pipeline will build the images with the tag as the name of the build in the following format: +- Linux: `0.0.0-{branch}-{date}-{commit}` +- Windows: `0.0.0-{branch}-{date}-{commit}-win` +- Config Reader: `0.0.0-{branch}-{date}-{commit}-cfg` +- Target Allocator: `0.0.0-{branch}-{date}-{commit}-targetallocator` + +These values can be substituted into the [values.yaml](./otelcollector/deploy/addon-chart/azure-monitor-metrics-addon/values-template.yaml) and deployed on your cluster. Follow the instructions to deploy through the backdoor [here](./otelcollector/deploy/addon-chart/Readme.md). \ No newline at end of file