From 2ab3b4fe0575baddc59469f7d9978d6c08e28f71 Mon Sep 17 00:00:00 2001 From: mitulshah-suse Date: Thu, 4 Jul 2024 20:02:22 +0530 Subject: [PATCH] Move from drone to GHA for kdm 2.7 (#1429) --- .drone.yml | 1181 --------------------- .github/runs-on.yml | 1 + .github/workflows/fossa.yaml | 28 + .github/workflows/provisioning-tests.yaml | 78 ++ .github/workflows/workflow.yaml | 105 ++ Dockerfile.dapper | 7 +- scripts/dispatch | 25 - scripts/provisioning-tests | 14 +- scripts/test-run-required.sh | 12 +- scripts/validate-ci | 3 - scripts/version | 6 +- 11 files changed, 239 insertions(+), 1221 deletions(-) delete mode 100644 .drone.yml create mode 100644 .github/runs-on.yml create mode 100644 .github/workflows/fossa.yaml create mode 100644 .github/workflows/provisioning-tests.yaml create mode 100644 .github/workflows/workflow.yaml delete mode 100755 scripts/dispatch diff --git a/.drone.yml b/.drone.yml deleted file mode 100644 index 7644a6724..000000000 --- a/.drone.yml +++ /dev/null @@ -1,1181 +0,0 @@ ---- -kind: pipeline -name: amd64 - -platform: - os: linux - arch: amd64 - -steps: - - name: validate - image: rancher/dapper:v0.6.0 - commands: - - dapper ci - environment: - REGISTRY_ENDPOINT: - from_secret: REGISTRY_ENDPOINT - volumes: - - name: docker - path: /var/run/docker.sock - - - name: mirror-images - image: rancher/dapper:v0.6.0 - commands: - - dapper mirror-images - environment: - REGISTRY_ENDPOINT: - from_secret: REGISTRY_ENDPOINT - REGISTRY_USERNAME: - from_secret: REGISTRY_USERNAME - REGISTRY_PASSWORD: - from_secret: REGISTRY_PASSWORD - volumes: - - name: docker - path: /var/run/docker.sock - depends_on: - - validate - when: - ref: - include: - - "refs/heads/release-v*" - event: - - push - instance: - - drone-publish.rancher.io - - - name: upload - pull: default - image: plugins/gcs - settings: - acl: - - allUsers:READER - cache_control: "public,no-cache,proxy-revalidate" - source: data - target: releases.rancher.com/kontainer-driver-metadata/${DRONE_BRANCH} - token: - from_secret: google_auth_key - when: - event: - - push - depends_on: - - validate - - mirror-images - - - name: dispatch - image: curlimages/curl:7.81.0 - user: root - environment: - PAT_USERNAME: - from_secret: pat_username - PAT_TOKEN: - from_secret: github_token - commands: - - apk -U --no-cache add bash - - scripts/dispatch - when: - event: - - push - depends_on: - - upload - -volumes: -- name: docker - host: - path: /var/run/docker.sock - ---- - -kind: pipeline -name: provisioning-tests-rke2-1-27 - -platform: - os: linux - arch: amd64 - -environment: - V2PROV_TEST_DIST: "rke2" - V2PROV_TEST_RUN_REGEX: "^Test_Provisioning_.*$" - KDM_TEST_K8S_MINOR: "27" - -steps: - - name: provisioning-tests-pr - image: rancher/dapper:v0.6.0 - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - event: - - pull_request - - name: provisioning-tests-push - image: rancher/dapper:v0.6.0 - failure: ignore - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - instance: - - drone-publish.rancher.io - ref: - include: - - "refs/heads/dev-v2.*" - event: - - push - -volumes: - - name: docker - host: - path: /var/run/docker.sock - -trigger: - event: - exclude: - - promote - ---- - -kind: pipeline -name: provisioning-tests-rke2-1-26 - -platform: - os: linux - arch: amd64 - -environment: - V2PROV_TEST_DIST: "rke2" - V2PROV_TEST_RUN_REGEX: "^Test_Provisioning_.*$" - KDM_TEST_K8S_MINOR: "26" - -steps: - - name: provisioning-tests-pr - image: rancher/dapper:v0.6.0 - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - event: - - pull_request - - name: provisioning-tests-push - image: rancher/dapper:v0.6.0 - failure: ignore - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - instance: - - drone-publish.rancher.io - ref: - include: - - "refs/heads/dev-v2.*" - event: - - push - -volumes: - - name: docker - host: - path: /var/run/docker.sock - -trigger: - event: - exclude: - - promote - ---- - -kind: pipeline -name: provisioning-tests-rke2-1-25 - -platform: - os: linux - arch: amd64 - -environment: - V2PROV_TEST_DIST: "rke2" - V2PROV_TEST_RUN_REGEX: "^Test_Provisioning_.*$" - KDM_TEST_K8S_MINOR: "25" - -steps: - - name: provisioning-tests-pr - image: rancher/dapper:v0.6.0 - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - event: - - pull_request - - name: provisioning-tests-push - image: rancher/dapper:v0.6.0 - failure: ignore - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - instance: - - drone-publish.rancher.io - ref: - include: - - "refs/heads/dev-v2.*" - event: - - push - -volumes: - - name: docker - host: - path: /var/run/docker.sock - -trigger: - event: - exclude: - - promote - ---- - -kind: pipeline -name: provisioning-tests-rke2-1-24 - -platform: - os: linux - arch: amd64 - -environment: - V2PROV_TEST_DIST: "rke2" - V2PROV_TEST_RUN_REGEX: "^Test_Provisioning_.*$" - KDM_TEST_K8S_MINOR: "24" - -steps: - - name: provisioning-tests-pr - image: rancher/dapper:v0.6.0 - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - event: - - pull_request - - name: provisioning-tests-push - image: rancher/dapper:v0.6.0 - failure: ignore - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - instance: - - drone-publish.rancher.io - ref: - include: - - "refs/heads/dev-v2.*" - event: - - push - -volumes: - - name: docker - host: - path: /var/run/docker.sock - -trigger: - event: - exclude: - - promote - ---- - -kind: pipeline -name: provisioning-tests-rke2-1-23 - -platform: - os: linux - arch: amd64 - -environment: - V2PROV_TEST_DIST: "rke2" - V2PROV_TEST_RUN_REGEX: "^Test_Provisioning_.*$" - KDM_TEST_K8S_MINOR: "23" - -steps: - - name: provisioning-tests-pr - image: rancher/dapper:v0.6.0 - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - event: - - pull_request - - name: provisioning-tests-push - image: rancher/dapper:v0.6.0 - failure: ignore - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - instance: - - drone-publish.rancher.io - ref: - include: - - "refs/heads/dev-v2.*" - event: - - push - -volumes: - - name: docker - host: - path: /var/run/docker.sock - -trigger: - event: - exclude: - - promote - ---- - -kind: pipeline -name: provisioning-tests-k3s-1-27 - -platform: - os: linux - arch: amd64 - -environment: - V2PROV_TEST_DIST: "k3s" - V2PROV_TEST_RUN_REGEX: "^Test_Provisioning_.*$" - KDM_TEST_K8S_MINOR: "27" - -steps: - - name: provisioning-tests-pr - image: rancher/dapper:v0.6.0 - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - event: - - pull_request - - name: provisioning-tests-push - image: rancher/dapper:v0.6.0 - failure: ignore - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - instance: - - drone-publish.rancher.io - ref: - include: - - "refs/heads/dev-v2.*" - event: - - push - -volumes: - - name: docker - host: - path: /var/run/docker.sock - -trigger: - event: - exclude: - - promote - ---- - -kind: pipeline -name: provisioning-tests-k3s-1-26 - -platform: - os: linux - arch: amd64 - -environment: - V2PROV_TEST_DIST: "k3s" - V2PROV_TEST_RUN_REGEX: "^Test_Provisioning_.*$" - KDM_TEST_K8S_MINOR: "26" - -steps: - - name: provisioning-tests-pr - image: rancher/dapper:v0.6.0 - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - event: - - pull_request - - name: provisioning-tests-push - image: rancher/dapper:v0.6.0 - failure: ignore - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - instance: - - drone-publish.rancher.io - ref: - include: - - "refs/heads/dev-v2.*" - event: - - push - -volumes: - - name: docker - host: - path: /var/run/docker.sock - -trigger: - event: - exclude: - - promote - ---- - -kind: pipeline -name: provisioning-tests-k3s-1-25 - -platform: - os: linux - arch: amd64 - -environment: - V2PROV_TEST_DIST: "k3s" - V2PROV_TEST_RUN_REGEX: "^Test_Provisioning_.*$" - KDM_TEST_K8S_MINOR: "25" - -steps: - - name: provisioning-tests-pr - image: rancher/dapper:v0.6.0 - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - event: - - pull_request - - name: provisioning-tests-push - image: rancher/dapper:v0.6.0 - failure: ignore - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - instance: - - drone-publish.rancher.io - ref: - include: - - "refs/heads/dev-v2.*" - event: - - push - -volumes: - - name: docker - host: - path: /var/run/docker.sock - -trigger: - event: - exclude: - - promote - ---- - -kind: pipeline -name: provisioning-tests-k3s-1-24 - -platform: - os: linux - arch: amd64 - -environment: - V2PROV_TEST_DIST: "k3s" - V2PROV_TEST_RUN_REGEX: "^Test_Provisioning_.*$" - KDM_TEST_K8S_MINOR: "24" - -steps: - - name: provisioning-tests-pr - image: rancher/dapper:v0.6.0 - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - event: - - pull_request - - name: provisioning-tests-push - image: rancher/dapper:v0.6.0 - failure: ignore - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - instance: - - drone-publish.rancher.io - ref: - include: - - "refs/heads/dev-v2.*" - event: - - push - -volumes: - - name: docker - host: - path: /var/run/docker.sock - -trigger: - event: - exclude: - - promote - ---- - -kind: pipeline -name: provisioning-tests-k3s-1-23 - -platform: - os: linux - arch: amd64 - -environment: - V2PROV_TEST_DIST: "k3s" - V2PROV_TEST_RUN_REGEX: "^Test_Provisioning_.*$" - KDM_TEST_K8S_MINOR: "23" - -steps: - - name: provisioning-tests-pr - image: rancher/dapper:v0.6.0 - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - event: - - pull_request - - name: provisioning-tests-push - image: rancher/dapper:v0.6.0 - failure: ignore - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - instance: - - drone-publish.rancher.io - ref: - include: - - "refs/heads/dev-v2.*" - event: - - push - -volumes: - - name: docker - host: - path: /var/run/docker.sock - -trigger: - event: - exclude: - - promote - ---- - -kind: pipeline -name: provisioning-operations-tests-rke2-1-27 - -platform: - os: linux - arch: amd64 - -environment: - V2PROV_TEST_DIST: "rke2" - V2PROV_TEST_RUN_REGEX: "^Test_Operation_SetA_.*$" - KDM_TEST_K8S_MINOR: "27" - -steps: - - name: provisioning-operations-tests-pr - image: rancher/dapper:v0.6.0 - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - event: - - pull_request - - name: provisioning-operations-tests-push - image: rancher/dapper:v0.6.0 - failure: ignore - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - instance: - - drone-publish.rancher.io - ref: - include: - - "refs/heads/dev-v2.*" - event: - - push - -volumes: - - name: docker - host: - path: /var/run/docker.sock - -trigger: - event: - exclude: - - promote - ---- - -kind: pipeline -name: provisioning-operations-tests-rke2-1-26 - -platform: - os: linux - arch: amd64 - -environment: - V2PROV_TEST_DIST: "rke2" - V2PROV_TEST_RUN_REGEX: "^Test_Operation_SetA_.*$" - KDM_TEST_K8S_MINOR: "26" - -steps: - - name: provisioning-operations-tests-pr - image: rancher/dapper:v0.6.0 - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - event: - - pull_request - - name: provisioning-operations-tests-push - image: rancher/dapper:v0.6.0 - failure: ignore - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - instance: - - drone-publish.rancher.io - ref: - include: - - "refs/heads/dev-v2.*" - event: - - push - -volumes: - - name: docker - host: - path: /var/run/docker.sock - -trigger: - event: - exclude: - - promote - ---- - -kind: pipeline -name: provisioning-operations-tests-rke2-1-25 - -platform: - os: linux - arch: amd64 - -environment: - V2PROV_TEST_DIST: "rke2" - V2PROV_TEST_RUN_REGEX: "^Test_Operation_SetA_.*$" - KDM_TEST_K8S_MINOR: "25" - -steps: - - name: provisioning-operations-tests-pr - image: rancher/dapper:v0.6.0 - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - event: - - pull_request - - name: provisioning-operations-tests-push - image: rancher/dapper:v0.6.0 - failure: ignore - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - instance: - - drone-publish.rancher.io - ref: - include: - - "refs/heads/dev-v2.*" - event: - - push - -volumes: - - name: docker - host: - path: /var/run/docker.sock - -trigger: - event: - exclude: - - promote - ---- - -kind: pipeline -name: provisioning-operations-tests-rke2-1-24 - -platform: - os: linux - arch: amd64 - -environment: - V2PROV_TEST_DIST: "rke2" - V2PROV_TEST_RUN_REGEX: "^Test_Operation_SetA_.*$" - KDM_TEST_K8S_MINOR: "24" - -steps: - - name: provisioning-operations-tests-pr - image: rancher/dapper:v0.6.0 - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - event: - - pull_request - - name: provisioning-operations-tests-push - image: rancher/dapper:v0.6.0 - failure: ignore - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - instance: - - drone-publish.rancher.io - ref: - include: - - "refs/heads/dev-v2.*" - event: - - push - -volumes: - - name: docker - host: - path: /var/run/docker.sock - -trigger: - event: - exclude: - - promote - ---- - -kind: pipeline -name: provisioning-operations-tests-rke2-1-23 - -platform: - os: linux - arch: amd64 - -environment: - V2PROV_TEST_DIST: "rke2" - V2PROV_TEST_RUN_REGEX: "^Test_Operation_SetA_.*$" - KDM_TEST_K8S_MINOR: "23" - -steps: - - name: provisioning-operations-tests-pr - image: rancher/dapper:v0.6.0 - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - event: - - pull_request - - name: provisioning-operations-tests-push - image: rancher/dapper:v0.6.0 - failure: ignore - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - instance: - - drone-publish.rancher.io - ref: - include: - - "refs/heads/dev-v2.*" - event: - - push - -volumes: - - name: docker - host: - path: /var/run/docker.sock - -trigger: - event: - exclude: - - promote - ---- - -kind: pipeline -name: provisioning-operations-tests-k3s-1-27 - -platform: - os: linux - arch: amd64 - -environment: - V2PROV_TEST_DIST: "k3s" - V2PROV_TEST_RUN_REGEX: "^Test_Operation_SetA_.*$" - KDM_TEST_K8S_MINOR: "27" - -steps: - - name: provisioning-operations-tests-pr - image: rancher/dapper:v0.6.0 - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - event: - - pull_request - - name: provisioning-operations-tests-push - image: rancher/dapper:v0.6.0 - failure: ignore - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - instance: - - drone-publish.rancher.io - ref: - include: - - "refs/heads/dev-v2.*" - event: - - push - -volumes: - - name: docker - host: - path: /var/run/docker.sock - -trigger: - event: - exclude: - - promote - ---- - -kind: pipeline -name: provisioning-operations-tests-k3s-1-26 - -platform: - os: linux - arch: amd64 - -environment: - V2PROV_TEST_DIST: "k3s" - V2PROV_TEST_RUN_REGEX: "^Test_Operation_SetA_.*$" - KDM_TEST_K8S_MINOR: "26" - -steps: - - name: provisioning-operations-tests-pr - image: rancher/dapper:v0.6.0 - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - event: - - pull_request - - name: provisioning-operations-tests-push - image: rancher/dapper:v0.6.0 - failure: ignore - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - instance: - - drone-publish.rancher.io - ref: - include: - - "refs/heads/dev-v2.*" - event: - - push - -volumes: - - name: docker - host: - path: /var/run/docker.sock - -trigger: - event: - exclude: - - promote - ---- - -kind: pipeline -name: provisioning-operations-tests-k3s-1-25 - -platform: - os: linux - arch: amd64 - -environment: - V2PROV_TEST_DIST: "k3s" - V2PROV_TEST_RUN_REGEX: "^Test_Operation_SetA_.*$" - KDM_TEST_K8S_MINOR: "25" - -steps: - - name: provisioning-operations-tests-pr - image: rancher/dapper:v0.6.0 - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - event: - - pull_request - - name: provisioning-operations-tests-push - image: rancher/dapper:v0.6.0 - failure: ignore - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - instance: - - drone-publish.rancher.io - ref: - include: - - "refs/heads/dev-v2.*" - event: - - push - -volumes: - - name: docker - host: - path: /var/run/docker.sock - -trigger: - event: - exclude: - - promote - ---- - -kind: pipeline -name: provisioning-operations-tests-k3s-1-24 - -platform: - os: linux - arch: amd64 - -environment: - V2PROV_TEST_DIST: "k3s" - V2PROV_TEST_RUN_REGEX: "^Test_Operation_SetA_.*$" - KDM_TEST_K8S_MINOR: "24" - -steps: - - name: provisioning-operations-tests-pr - image: rancher/dapper:v0.6.0 - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - event: - - pull_request - - name: provisioning-operations-tests-push - image: rancher/dapper:v0.6.0 - failure: ignore - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - instance: - - drone-publish.rancher.io - ref: - include: - - "refs/heads/dev-v2.*" - event: - - push - -volumes: - - name: docker - host: - path: /var/run/docker.sock - -trigger: - event: - exclude: - - promote - ---- - -kind: pipeline -name: provisioning-operations-tests-k3s-1-23 - -platform: - os: linux - arch: amd64 - -environment: - V2PROV_TEST_DIST: "k3s" - V2PROV_TEST_RUN_REGEX: "^Test_Operation_SetA_.*$" - KDM_TEST_K8S_MINOR: "23" - -steps: - - name: provisioning-operations-tests-pr - image: rancher/dapper:v0.6.0 - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - event: - - pull_request - - name: provisioning-operations-tests-push - image: rancher/dapper:v0.6.0 - failure: ignore - commands: - - dapper provisioning-tests - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock - when: - instance: - - drone-publish.rancher.io - ref: - include: - - "refs/heads/dev-v2.*" - event: - - push - -volumes: - - name: docker - host: - path: /var/run/docker.sock - -trigger: - event: - exclude: - - promote - ---- - -kind: pipeline -name: fossa - -steps: -- name: fossa - image: rancher/drone-fossa:latest - failure: ignore - settings: - api_key: - from_secret: FOSSA_API_KEY - when: - instance: - - drone-publish.rancher.io - diff --git a/.github/runs-on.yml b/.github/runs-on.yml new file mode 100644 index 000000000..adec41405 --- /dev/null +++ b/.github/runs-on.yml @@ -0,0 +1 @@ +_extends: .github-private \ No newline at end of file diff --git a/.github/workflows/fossa.yaml b/.github/workflows/fossa.yaml new file mode 100644 index 000000000..18bc91ad1 --- /dev/null +++ b/.github/workflows/fossa.yaml @@ -0,0 +1,28 @@ +name: Fossa Scan + +on: + push: + branches: + - 'dev-v*' + - 'release-v*' + +jobs: + fossa: + runs-on: ubuntu-latest + permissions: + contents: read + id-token: write + timeout-minutes: 20 + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + - name: Read FOSSA token + uses: rancher-eio/read-vault-secrets@main + with: + secrets: | + secret/data/github/org/rancher/fossa/push token | FOSSA_API_KEY_PUSH_ONLY + - name: FOSSA scan + uses: fossas/fossa-action@main + with: + api-key: ${{ env.FOSSA_API_KEY_PUSH_ONLY }} + run-tests: false \ No newline at end of file diff --git a/.github/workflows/provisioning-tests.yaml b/.github/workflows/provisioning-tests.yaml new file mode 100644 index 000000000..372fcdf05 --- /dev/null +++ b/.github/workflows/provisioning-tests.yaml @@ -0,0 +1,78 @@ +name: Provisioning tests + +on: + push: + branches: + - 'dev-v*' + - 'release-v*' + pull_request: + branches: + - 'dev-v*' + - 'release-v*' + +jobs: + provisioning-test: + permissions: + contents: read + runs-on: runs-on,runner=4cpu-linux-x64,image=legacy-cgroups-for-x64,run-id=${{ github.run_id }} + container: + image: rancher/dapper:v0.6.0 + options: --privileged + timeout-minutes: 90 + strategy: + matrix: + dist: [rke2, k3s] + k8s-minor: [23, 24, 25, 26, 27] + fail-fast: false + steps: + - name: Force Install GIT latest + run: | + apk add git --update-cache + git --version + git config --global --add safe.directory "$GITHUB_WORKSPACE" + - name: Checkout code + uses: actions/checkout@v4 + with: + fetch-depth: "0" + - name: Provisioning test + run: | + dapper provisioning-tests + env: + V2PROV_TEST_DIST: ${{ matrix.dist }} + V2PROV_TEST_RUN_REGEX: "^Test_Provisioning_.*$" + KDM_TEST_K8S_MINOR: ${{ matrix.k8s-minor }} + PREV_COMMIT_PR_SHA: ${{ github.event.pull_request.base.sha }} + PREV_COMMIT_PUSH_SHA: ${{ github.event.before }} + + provisioning-operations-test: + permissions: + contents: read + runs-on: runs-on,runner=4cpu-linux-x64,image=legacy-cgroups-for-x64,run-id=${{ github.run_id }} + container: + image: rancher/dapper:v0.6.0 + options: --privileged + timeout-minutes: 90 + strategy: + fail-fast: false + matrix: + dist: [rke2, k3s] + k8s-minor: [23, 24, 25, 26, 27] + steps: + - name: Force Install GIT latest + run: | + apk add git --update-cache + git --version + git config --global --add safe.directory "$GITHUB_WORKSPACE" + - name: Checkout code + uses: actions/checkout@v4 + with: + fetch-depth: "0" + - name: Provisioning Operations tests + run: | + dapper provisioning-tests + env: + V2PROV_TEST_DIST: ${{ matrix.dist }} + V2PROV_TEST_RUN_REGEX: "^Test_Operation_SetA_.*$" + KDM_TEST_K8S_MINOR: ${{ matrix.k8s-minor }} + PREV_COMMIT_PR_SHA: ${{ github.event.pull_request.base.sha }} + PREV_COMMIT_PUSH_SHA: ${{ github.event.before }} \ No newline at end of file diff --git a/.github/workflows/workflow.yaml b/.github/workflows/workflow.yaml new file mode 100644 index 000000000..51c7e71f2 --- /dev/null +++ b/.github/workflows/workflow.yaml @@ -0,0 +1,105 @@ +name: Main workflow + +on: + push: + branches: + - 'dev-v*' + - 'release-v*' + pull_request: + branches: + - 'dev-v*' + - 'release-v*' + +jobs: + validate: + permissions: + contents: read + id-token: write + runs-on: ubuntu-latest + timeout-minutes: 20 + container: + image: rancher/dapper:v0.6.0 + steps: + - name: Force Install GIT latest + run: | + apk add git --update-cache + git --version + git config --global --add safe.directory "$GITHUB_WORKSPACE" + - name: Checkout code + uses: actions/checkout@v4 + - name: Validate + run: dapper ci + + mirror-images: + permissions: + contents: read + id-token: write + runs-on: ubuntu-latest + timeout-minutes: 10 + needs: validate + container: + image: rancher/dapper:v0.6.0 + if: github.event_name == 'push' && startsWith(github.ref_name, 'release-v') + steps: + - name: Checkout code + uses: actions/checkout@v4 + - name: Retrieve Registy secrets from vault + uses: rancher-eio/read-vault-secrets@main + with: + secrets: | + secret/data/github/repo/${{ github.repository }}/registry-endpoint/credentials token | REGISTRY_ENDPOINT ; + secret/data/github/repo/${{ github.repository }}/registry-username/credentials token | REGISTRY_USERNAME ; + secret/data/github/repo/${{ github.repository }}/registry-password/credentials token | REGISTRY_PASSWORD + - name: Validate + run: dapper mirror-images + + upload: + permissions: + contents: read + id-token: write + runs-on: ubuntu-latest + timeout-minutes: 10 + needs: validate + if: github.event_name == 'push' + steps: + - name: Checkout code + uses: actions/checkout@v4 + - name: Retrieve Google auth from vault + uses: rancher-eio/read-vault-secrets@main + with: + secrets: | + secret/data/github/repo/${{ github.repository }}/google-auth/rancher/credentials token | GOOGLE_AUTH ; + - name: Authenticate with Google Cloud + uses: 'google-github-actions/auth@v2' + with: + credentials_json: '${{ env.GOOGLE_AUTH }}' + - name: Upload to Google Cloud Storage + uses: google-github-actions/upload-cloud-storage@v2 + with: + path: data/ + destination: releases.rancher.com/kontainer-driver-metadata/${{ github.ref_name }} + parent: false + predefinedAcl: publicRead + headers: |- + cache-control: public,no-cache,proxy-revalidate + + dispatch: + permissions: + contents: read + id-token: write + runs-on: ubuntu-latest + timeout-minutes: 10 + needs: upload + if: github.event_name == 'push' && (github.ref_name == 'release-v2.7' || github.ref_name == 'dev-v2.7') + steps: + - name: Checkout code + uses: actions/checkout@v4 + - name: Retrieve token from vault + uses: rancher-eio/read-vault-secrets@main + with: + secrets: | + secret/data/github/repo/${{ github.repository }}/github-token/credentials token | PAT_TOKEN + - name: Run dispatch + run: | + echo ${{ env.PAT_TOKEN }} | gh auth login --with-token + gh workflow run "Go Generate" --repo rancher/rke --ref release/v1.4 -F source_author=${{ github.actor }} \ No newline at end of file diff --git a/Dockerfile.dapper b/Dockerfile.dapper index d9ecd62bd..e6c1975b9 100644 --- a/Dockerfile.dapper +++ b/Dockerfile.dapper @@ -71,14 +71,15 @@ RUN if [[ "${ARCH}" == "amd64" ]]; then \ curl -sL https://github.com/regclient/regclient/releases/download/v0.4.8/regsync-linux-amd64 -o /bin/regsync && chmod +x /bin/regsync; \ fi -ENV DAPPER_ENV REPO TAG CI DRONE_BUILD_NUMBER DRONE_BUILD_EVENT DRONE_TAG DRONE_COMMIT_BEFORE \ +ENV DAPPER_ENV REPO TAG CI \ + PREV_COMMIT_PR_SHA PREV_COMMIT_PUSH_SHA GITHUB_EVENT_NAME GITHUB_RUN_NUMBER GITHUB_REF_TYPE GITHUB_REF_NAME \ REGISTRY_ENDPOINT REGISTRY_USERNAME REGISTRY_PASSWORD \ V2PROV_TEST_DIST V2PROV_TEST_RUN_REGEX KDM_TEST_K8S_MINOR DEBUG ENV DAPPER_SOURCE /go/src/github.com/rancher/kontainer-driver-metadata ENV DAPPER_DOCKER_SOCKET true ARG CI -ARG DRONE_BUILD_NUMBER -ENV DAPPER_RUN_ARGS "--privileged --label CI=${CI} --label DRONE_BUILD_NUMBER=${DRONE_BUILD_NUMBER}" +ARG GITHUB_RUN_NUMBER +ENV DAPPER_RUN_ARGS "--privileged --label CI=${CI} --label DRONE_BUILD_NUMBER=${GITHUB_RUN_NUMBER}" ENV HOME ${DAPPER_SOURCE} ENV GOPATH /go VOLUME /var/lib/rancher diff --git a/scripts/dispatch b/scripts/dispatch deleted file mode 100755 index c7916c6d9..000000000 --- a/scripts/dispatch +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash -set -e -set -x - -REPO="https://api.github.com/repos/rancher/rke/actions/workflows/git-actions-go-generate.yml/dispatches" - -case $DRONE_BRANCH in - dev-v2.7|release-v2.7) - ACTION_TARGET_BRANCH="release/v1.4" - ;; - *) - echo "Not a valid branch, not dispatching event" - exit 0 -esac - -echo "DRONE_BRANCH: $DRONE_BRANCH" -echo "DRONE_COMMIT_AUTHOR: $DRONE_COMMIT_AUTHOR" - -echo "Dispatching to branch ${ACTION_TARGET_BRANCH}" - -# send dispatch event to workflow -curl -XPOST -u "${PAT_USERNAME}:${PAT_TOKEN}" \ - -H "Accept: application/vnd.github.v3+json" \ - -H "Content-Type: application/json" $REPO \ - --data '{"ref": "'"$ACTION_TARGET_BRANCH"'","inputs":{"source_author":"'"$DRONE_COMMIT_AUTHOR"'"}}' diff --git a/scripts/provisioning-tests b/scripts/provisioning-tests index 0e226125f..bc79a495f 100755 --- a/scripts/provisioning-tests +++ b/scripts/provisioning-tests @@ -26,6 +26,16 @@ if [ -z "${CHANNELS_FILE}" ]; then esac fi +# Set previous commit SHA +if [ "${GITHUB_EVENT_NAME}" == "push" ]; then + export PREV_COMMIT_SHA=${PREV_COMMIT_PUSH_SHA} +elif [ "${GITHUB_EVENT_NAME}" == "pull_request" ]; then + export PREV_COMMIT_SHA=${PREV_COMMIT_PR_SHA} +fi + +# To be removed/changed once drone setup is removed from rancher/rancher repo. +export DRONE_BUILD_NUMBER=${GITHUB_RUN_NUMBER} + if ! ./scripts/test-run-required.sh; then exit fi @@ -64,7 +74,7 @@ if [ -z "${SOME_K8S_VERSION}" ]; then # Get git diff in relevant channel file, find all added versions matching k8s minor, and get the last one # There should never be a version of a given distro with multiple patches on the same minor added at the same time # This command should be in sync with the one in test-run-required.sh - SOME_K8S_VERSION=$(git --no-pager diff --no-color -G "^ - version:" $DRONE_COMMIT_BEFORE -- "$CHANNELS_FILE" | grep -P "(^\+\s+- version: v1.$KDM_TEST_K8S_MINOR)" | sed 's/\(^\+\s\+- version: \)//' | tail -n 1) + SOME_K8S_VERSION=$(git --no-pager diff --no-color -G "^ - version:" $PREV_COMMIT_SHA -- "$CHANNELS_FILE" | grep -P "(^\+\s+- version: v1.$KDM_TEST_K8S_MINOR)" | sed 's/\(^\+\s\+- version: \)//' | tail -n 1) else # Only possible when not running in CI and env var is not provided, in this case just use latest from data.json SOME_K8S_VERSION=$(jq -r ".$V2PROV_TEST_DIST.releases[-1].version" <"$METADATA_DIR/data.json") @@ -80,7 +90,7 @@ cd "$RANCHER_DIR" # Uncomment to get provisioning tests to write commands being run to stdout #sed -i '2s/set -e/set -ex/' ./scripts/provisioning-tests -# Uncomment to get startup logs. Don't leave them on because it slows drone down too much +# Uncomment to get startup logs. Don't leave them on because it slows github actions down too much #sed -i '110s/#//' ./scripts/provisioning-tests #sed -i '111s/#//' ./scripts/provisioning-tests #sed -i '141s/#//' ./scripts/provisioning-tests diff --git a/scripts/test-run-required.sh b/scripts/test-run-required.sh index e8dba7dd0..28906fe5b 100755 --- a/scripts/test-run-required.sh +++ b/scripts/test-run-required.sh @@ -2,7 +2,7 @@ set -ex echo "Checking if rancher integration testing is required" -echo "Environment variable DRONE_BUILD_EVENT is ${DRONE_BUILD_EVENT}" +echo "Environment variable GITHUB_EVENT_NAME is ${GITHUB_EVENT_NAME}" if [ -z "$CI" ]; then echo "Not running in CI, rancher integration testing is required" @@ -14,15 +14,15 @@ if [ -z "$KDM_TEST_K8S_MINOR" ]; then exit 1 fi -if [ -z "$DRONE_COMMIT_BEFORE" ]; then - echo "Error: DRONE_COMMIT_BEFORE not defined. This should not be happening in CI" +if [ -z "$PREV_COMMIT_SHA" ]; then + echo "Error: PREV_COMMIT_SHA not defined. This should not be happening in CI" exit 1 fi -# Only run check if Drone build event is 'push' or 'pull_request' -if [ "${DRONE_BUILD_EVENT}" = "push" ] || [ "${DRONE_BUILD_EVENT}" = "pull_request" ]; then +# Only run check if Github build event is 'push' or 'pull_request' +if [ "${GITHUB_EVENT_NAME}" = "push" ] || [ "${GITHUB_EVENT_NAME}" = "pull_request" ]; then # Check if the channels file contains changes to versions from the minor version - if [ "$(git --no-pager diff --no-color -G "^ - version:" $DRONE_COMMIT_BEFORE -- "$CHANNELS_FILE" | grep -c -P "(^\+\s+- version: v1.$KDM_TEST_K8S_MINOR)")" -ne 0 ]; then + if [ "$(git --no-pager diff --no-color -G "^ - version:" $PREV_COMMIT_SHA -- "$CHANNELS_FILE" | grep -c -P "(^\+\s+- version: v1.$KDM_TEST_K8S_MINOR)")" -ne 0 ]; then exit 0 fi fi diff --git a/scripts/validate-ci b/scripts/validate-ci index 0f2cf25ff..cf5bb3f5f 100755 --- a/scripts/validate-ci +++ b/scripts/validate-ci @@ -25,6 +25,3 @@ fi echo Checking if released versions are not changed go run ./pkg/validation/validation.go release-v2.7 - -echo Checking the generated regsync.yaml file -regsync check --config ./regsync.yaml diff --git a/scripts/version b/scripts/version index 41a617373..979b3574a 100644 --- a/scripts/version +++ b/scripts/version @@ -5,7 +5,11 @@ if [ -n "$(git status --porcelain --untracked-files=no)" ]; then fi COMMIT=$(git rev-parse --short HEAD) -GIT_TAG=${DRONE_TAG:-$(git tag -l --contains HEAD | head -n 1)} + +GIT_TAG=$(git tag -l --contains HEAD | head -n 1) +if [[ "$GITHUB_EVENT_NAME" = "push" && "$GITHUB_REF_TYPE" = "tag" ]]; then + GIT_TAG=$GITHUB_REF_NAME +fi if [[ -z "$DIRTY" && -n "$GIT_TAG" ]]; then VERSION=$GIT_TAG