From ba5c96e596524a030c9d8cdc053fcc367a281395 Mon Sep 17 00:00:00 2001 From: Aleksandr Pasechnik Date: Fri, 27 Mar 2026 13:53:01 -0400 Subject: [PATCH 1/3] chore: nightly serverless-init builds --- .github/workflows/nightly-serverless-init.yml | 120 ++++++++++++++++++ 1 file changed, 120 insertions(+) create mode 100644 .github/workflows/nightly-serverless-init.yml diff --git a/.github/workflows/nightly-serverless-init.yml b/.github/workflows/nightly-serverless-init.yml new file mode 100644 index 000000000..399e2077e --- /dev/null +++ b/.github/workflows/nightly-serverless-init.yml @@ -0,0 +1,120 @@ +name: Nightly serverless-init build + +on: + schedule: + # 2 AM UTC (~9 PM ET), daily + - cron: "0 2 * * *" + workflow_dispatch: + +env: + IMAGE_NAME: datadog/datadog-lambda-extension/serverless-init + REGISTRY: ghcr.io + +jobs: + build-nightly: + runs-on: ubuntu-22.04 + permissions: + packages: write + strategy: + matrix: + arrays: + - { dockerFile: "Dockerfile.serverless-init.build", isAlpine: "false", tagSuffix: "" } + - { dockerFile: "Dockerfile.serverless-init.alpine.build", isAlpine: "true", tagSuffix: "-alpine" } + name: "Nightly Build (isAlpine: ${{ matrix.arrays.isAlpine }})" + steps: + - uses: actions/checkout@v6.0.2 + + - uses: actions/checkout@v6.0.2 + with: + repository: DataDog/datadog-agent + ref: main + path: datadog-agent + + - name: Compute version tags + id: meta + run: | + STAMP=$(date -u +%Y%m%d) + SHORT_SHA=$(git -C datadog-agent rev-parse --short=8 HEAD) + echo "stamp=${STAMP}" >> "$GITHUB_OUTPUT" + echo "short_sha=${SHORT_SHA}" >> "$GITHUB_OUTPUT" + echo "version=nightly-${STAMP}-${SHORT_SHA}" >> "$GITHUB_OUTPUT" + + # Pin QEMU to a known-good version. See release-serverless-init.yml + # and test-qemu-versions.yml for context on QEMU breakage history. + - name: Set up QEMU + uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4.0.0 + with: + image: tonistiigi/binfmt:qemu-v10.1.3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v4 + + - name: Build binaries + working-directory: ./scripts + run: ./build_serverless_init.sh + env: + AGENT_PATH: datadog-agent + VERSION: ${{ steps.meta.outputs.version }} + SERVERLESS_INIT: "true" + ALPINE: ${{ matrix.arrays.isAlpine }} + + - name: Set up build directory and copy binaries + run: cp -r .layers/. ./scripts/bin/ + + - name: Set up tracer installation script + run: cp ./scripts/serverless_init_dotnet.sh ./scripts/bin/ + + - name: Login to GHCR + uses: docker/login-action@v4 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push + uses: docker/build-push-action@v7 + with: + context: ./scripts + file: ./scripts/${{ matrix.arrays.dockerFile }} + push: true + tags: | + ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest-main${{ matrix.arrays.tagSuffix }} + ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:main-${{ steps.meta.outputs.stamp }}-${{ steps.meta.outputs.short_sha }}${{ matrix.arrays.tagSuffix }} + provenance: false + platforms: linux/amd64,linux/arm64 + + retry: + needs: [build-nightly] + if: failure() && fromJSON(github.run_attempt) < 2 + runs-on: ubuntu-22.04 + permissions: + actions: write + steps: + - name: Retry failed action + env: + GH_REPO: ${{ github.repository }} + GH_TOKEN: ${{ github.token }} + run: gh workflow run retry-workflow.yml -F run_id=${{ github.run_id }} + + notify: + needs: [build-nightly] + if: failure() && fromJSON(github.run_attempt) >= 2 + runs-on: ubuntu-22.04 + steps: + - name: Notify Slack + env: + SLACK_CHANNEL: "#serverless-agent" + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} + run: | + set -x + + OPS_MESSAGE=":gh-check-failed: Nightly serverless-init build failed! + + The nightly build from datadog-agent main did not succeed after retry. + + See ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}/actions/runs/${GITHUB_RUN_ID} for details." + + curl -H "Content-type: application/json" -X POST "$SLACK_WEBHOOK" -d '{ + "channel": "'"$SLACK_CHANNEL"'", + "text": "'"$OPS_MESSAGE"'" + }' From 01a6e71e0c10bc312bd2e7c65173b371ffe79df7 Mon Sep 17 00:00:00 2001 From: Aleksandr Pasechnik Date: Fri, 27 Mar 2026 14:00:25 -0400 Subject: [PATCH 2/3] chore: address review comments --- .github/workflows/nightly-serverless-init.yml | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) diff --git a/.github/workflows/nightly-serverless-init.yml b/.github/workflows/nightly-serverless-init.yml index 399e2077e..9551c004f 100644 --- a/.github/workflows/nightly-serverless-init.yml +++ b/.github/workflows/nightly-serverless-init.yml @@ -22,9 +22,9 @@ jobs: - { dockerFile: "Dockerfile.serverless-init.alpine.build", isAlpine: "true", tagSuffix: "-alpine" } name: "Nightly Build (isAlpine: ${{ matrix.arrays.isAlpine }})" steps: - - uses: actions/checkout@v6.0.2 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - uses: actions/checkout@v6.0.2 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: repository: DataDog/datadog-agent ref: main @@ -47,7 +47,7 @@ jobs: image: tonistiigi/binfmt:qemu-v10.1.3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v4 + uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0 - name: Build binaries working-directory: ./scripts @@ -65,14 +65,14 @@ jobs: run: cp ./scripts/serverless_init_dotnet.sh ./scripts/bin/ - name: Login to GHCR - uses: docker/login-action@v4 + uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push - uses: docker/build-push-action@v7 + uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0 with: context: ./scripts file: ./scripts/${{ matrix.arrays.dockerFile }} @@ -106,15 +106,11 @@ jobs: SLACK_CHANNEL: "#serverless-agent" SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} run: | - set -x - OPS_MESSAGE=":gh-check-failed: Nightly serverless-init build failed! The nightly build from datadog-agent main did not succeed after retry. See ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}/actions/runs/${GITHUB_RUN_ID} for details." - curl -H "Content-type: application/json" -X POST "$SLACK_WEBHOOK" -d '{ - "channel": "'"$SLACK_CHANNEL"'", - "text": "'"$OPS_MESSAGE"'" - }' + curl -H "Content-type: application/json" -X POST "$SLACK_WEBHOOK" \ + -d "$(jq -n --arg channel "$SLACK_CHANNEL" --arg text "$OPS_MESSAGE" '{channel: $channel, text: $text}')" From 9d3a537b06a75afe51d615e52394e336c09043da Mon Sep 17 00:00:00 2001 From: Aleksandr Pasechnik Date: Fri, 27 Mar 2026 15:12:12 -0400 Subject: [PATCH 3/3] chore: permission fix and comment cleanup --- .github/workflows/nightly-serverless-init.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/nightly-serverless-init.yml b/.github/workflows/nightly-serverless-init.yml index 9551c004f..6605dd1ae 100644 --- a/.github/workflows/nightly-serverless-init.yml +++ b/.github/workflows/nightly-serverless-init.yml @@ -2,7 +2,7 @@ name: Nightly serverless-init build on: schedule: - # 2 AM UTC (~9 PM ET), daily + # 2 AM UTC (~9-10 PM ET), daily - cron: "0 2 * * *" workflow_dispatch: @@ -14,6 +14,7 @@ jobs: build-nightly: runs-on: ubuntu-22.04 permissions: + contents: read packages: write strategy: matrix: