Skip to content

Commit

Permalink
ci(shared): bump vendored ci files
Browse files Browse the repository at this point in the history
  • Loading branch information
galoybot committed Apr 29, 2024
1 parent ab472a3 commit 471c797
Show file tree
Hide file tree
Showing 9 changed files with 77 additions and 25 deletions.
4 changes: 0 additions & 4 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,3 @@ updates:
directory: "/" # Location of package manifests
schedule:
interval: "daily"
- package-ecosystem: "cargo"
directory: "/"
schedule:
interval: "daily"
22 changes: 22 additions & 0 deletions .github/workflows/audit.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
#! Auto synced from Shared CI Resources repository
#! Don't change this file, instead change it in github.com/GaloyMoney/concourse-shared

name: Audit

on:
pull_request:
branches: [main]

jobs:
audit:
name: Audit
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: 20
cache: "yarn"
- run: yarn install --frozen-lockfile
- name: Run audit
run: make audit
22 changes: 22 additions & 0 deletions .github/workflows/check-code.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
#! Auto synced from Shared CI Resources repository
#! Don't change this file, instead change it in github.com/GaloyMoney/concourse-shared

name: Check Code

on:
pull_request:
branches: [main]

jobs:
check-code:
name: Check Code
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: 20
cache: "yarn"
- run: yarn install --frozen-lockfile
- name: Run check code
run: make check-code
2 changes: 1 addition & 1 deletion .github/workflows/spelling.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout Actions Repository
uses: actions/checkout@v4
uses: actions/checkout@v3
- name: Spell Check Repo
uses: crate-ci/typos@master
with:
Expand Down
10 changes: 5 additions & 5 deletions ci/vendir.lock.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,14 +2,14 @@ apiVersion: vendir.k14s.io/v1alpha1
directories:
- contents:
- git:
commitTitle: 'feat: allow public or private repo selection (#34)'
sha: 53fc9dd805d3574d200e8e6e99f856c0912b52a8
commitTitle: 'chore: use nix for rust check-code (#52)'
sha: a14ab78128be32e6e1d37f21def9a83351531bde
path: .
path: ../.github/workflows/vendor
- contents:
- git:
commitTitle: 'feat: allow public or private repo selection (#34)'
sha: 53fc9dd805d3574d200e8e6e99f856c0912b52a8
commitTitle: 'chore: use nix for rust check-code (#52)'
sha: a14ab78128be32e6e1d37f21def9a83351531bde
path: .
path: ./vendor
path: vendor
kind: LockConfig
4 changes: 2 additions & 2 deletions ci/vendir.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ directories:
- path: . # Copy this folder out to ..
git:
url: https://github.com/GaloyMoney/concourse-shared.git
ref: 53fc9dd805d3574d200e8e6e99f856c0912b52a8
ref: a14ab78128be32e6e1d37f21def9a83351531bde
includePaths:
- shared/actions/*
excludePaths:
Expand All @@ -20,7 +20,7 @@ directories:
- path: .
git:
url: https://github.com/GaloyMoney/concourse-shared.git
ref: 53fc9dd805d3574d200e8e6e99f856c0912b52a8
ref: a14ab78128be32e6e1d37f21def9a83351531bde
includePaths:
- shared/ci/**/*
excludePaths:
Expand Down
27 changes: 17 additions & 10 deletions ci/vendor/pipeline-fragments.lib.yml
Original file line number Diff line number Diff line change
Expand Up @@ -265,21 +265,27 @@ plan:
run:
path: pipeline-tasks/ci/vendor/tasks/docker-prep-docker-build-env.sh
- task: build
privileged: true
config:
platform: linux
image_resource:
type: registry-image
source:
repository: vito/oci-build-task
repository: gcr.io/kaniko-project/executor
tag: debug
inputs:
- name: repo
outputs:
- name: image
params:
CONTEXT: repo
run:
path: build
path: /kaniko/executor
args:
- --dockerfile=Dockerfile
- --context=repo
- --use-new-run
- --single-snapshot
- --cache=false
- --no-push
- --tar-path=image/image.tar
- put: edge-image
params:
image: image/image.tar
Expand Down Expand Up @@ -370,6 +376,7 @@ plan:
platform: linux
image_resource: #@ nodejs_task_image_config()
inputs:
- name: repo
- name: pipeline-tasks
- name: edge-image
- name: charts-repo
Expand Down Expand Up @@ -400,7 +407,7 @@ webhook_token: ((webhook.secret))
name: pipeline-tasks
type: git
source:
paths: [ci/vendor/*, ci/tasks/*, ci/config/*, ci/apps/tasks/*, Makefile]
paths: [ci/vendor/*, ci/tasks/*, ci/config/*, Makefile]
uri: #@ data.values.git_uri
branch: #@ data.values.git_branch
private_key: #@ data.values.github_private_key
Expand All @@ -413,14 +420,14 @@ source:
tag: edge
username: #@ data.values.docker_registry_user
password: #@ data.values.docker_registry_password
repository: #@ public_docker_registry() if publicRepo else private_docker_registry() + "/" + data.values.gh_repository
repository: #@ public_docker_registry() + "/" + data.values.gh_repository if publicRepo else private_docker_registry() + "/" + data.values.gh_repository
#@ end

#@ def nodejs_deps_resource(webhook = False):
name: deps
type: git
source:
paths: [core/api/yarn.lock]
paths: [yarn.lock]
uri: #@ data.values.git_uri
branch: #@ data.values.git_branch
private_key: #@ data.values.github_private_key
Expand Down Expand Up @@ -477,13 +484,13 @@ source:
private_key: #@ data.values.github_private_key
#@ end

#@ def versioned_image_resource():
#@ def versioned_image_resource(publicRepo = True):
name: versioned-image
type: registry-image
source:
username: #@ data.values.docker_registry_user
password: #@ data.values.docker_registry_password
repository: #@ public_docker_registry() + "/" + data.values.gh_repository
repository: #@ public_docker_registry() + "/" + data.values.gh_repository if publicRepo else private_docker_registry() + "/" + data.values.gh_repository
#@ end

#@ def gh_release_resource():
Expand Down
7 changes: 5 additions & 2 deletions ci/vendor/tasks/chart-open-charts-pr.sh
Original file line number Diff line number Diff line change
Expand Up @@ -6,12 +6,15 @@
set -eu

export digest=$(cat ./edge-image/digest)
export ref=$(cat ./repo/.git/short_ref)

pushd charts-repo

ref=$(yq e '.image.git_ref' charts/${CHARTS_SUBDIR}/values.yaml)
git checkout ${BRANCH}
old_ref=$(yq e '.image.git_ref' charts/${CHARTS_SUBDIR}/values.yaml)

old_digest=$(yq e '.image.digest' "./charts/${CHARTS_SUBDIR}/values.yaml")
old_ref=$(grep "digest: \"${old_digest}\"" "./charts/${CHARTS_SUBDIR}/values.yaml" \
| sed -n 's/.*commit_ref=\([^;]*\);.*/\1/p' | tr -d ' \n')

cat <<EOF >> ../body.md
# Bump ${CHARTS_SUBDIR} image
Expand Down
4 changes: 3 additions & 1 deletion ci/vendor/tasks/docker-bump-image-digest.sh
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,9 @@ export app_version=$(cat version/version)
pushd charts-repo

yq -i e '.image.digest = strenv(digest)' ./charts/${CHARTS_SUBDIR}/values.yaml
yq -i e '.image.git_ref = strenv(ref)' ./charts/${CHARTS_SUBDIR}/values.yaml

sed -i "s|\(digest: \"${digest}\"\).*$|\1 # METADATA:: repository=https://github.com/GaloyMoney/${CHARTS_SUBDIR};commit_ref=${ref};app=${CHARTS_SUBDIR};|g" "./charts/${CHARTS_SUBDIR}/values.yaml"

yq -i e '.appVersion = strenv(app_version)' ./charts/${CHARTS_SUBDIR}/Chart.yaml

if [[ -z $(git config --global user.email) ]]; then
Expand Down

0 comments on commit 471c797

Please sign in to comment.