cncf-tags · rossf7 · Jan 4, 2025 · Jan 4, 2025 · Jan 8, 2025 · Jan 12, 2025
@@ -0,0 +1,4 @@
+/dagger.gen.go linguist-generated
+/internal/dagger/** linguist-generated
+/internal/querybuilder/** linguist-generated
+/internal/telemetry/** linguist-generated
@@ -0,0 +1,24 @@
+name: Benchmark Pipeline Test
+
+on:
+  push:
+
+concurrency:
+  group: benchmark
+
+jobs:
+  pipeline:
+    runs-on: ubuntu-24.04
+    steps:
+      - uses: actions/checkout@v4
+      - uses: dagger/dagger-for-github@v7
+        with:
+          module: "."
+          version: "0.15.1"
+          args: benchmark-pipeline-test
+              --source='.'
+              --cncf-project='falco'
+              --config='modern-ebpf'
+              --version='0.39.2'
+              --benchmark-job-url='https://raw.githubusercontent.com/falcosecurity/cncf-green-review-testing/2551137b1a09bd0594f76b09e82e08c98f95efd3/benchmark-tests/falco-benchmark-tests.yaml'
+              --benchmark-job-duration-mins=2
@@ -45,90 +45,21 @@ jobs:
           echo "| benchmark_job_url | ${{ github.event.inputs.benchmark_job_url }} |" >> $GITHUB_STEP_SUMMARY
           echo "| benchmark_job_duration_mins | ${{ github.event.inputs.benchmark_job_duration_mins }} |" >> $GITHUB_STEP_SUMMARY
 
-  deploy:
+  benchmark:
     runs-on: ubuntu-24.04
     steps:
       - uses: actions/checkout@v4
-      - uses: azure/setup-kubectl@v4
+      - run: echo "${{ secrets.KUBECONFIG }}" > ./kube-config
+      - uses: dagger/dagger-for-github@v7
         with:
-          version: v1.30.2
-        id: install
-      - run: mkdir ~/.kube && echo "${{ secrets.KUBECONFIG }}" > ~/.kube/config
-      - name: Select the manifest
-        run: |
-          MANIFEST=projects/${{ inputs.cncf_project }}
-          CONFIG=${{ inputs.config }}
-          if [[ -n $CONFIG ]]; then
-            echo "Configuration provided"
-            MANIFEST=$MANIFEST/$CONFIG.yaml
-          else
-            MANIFEST=$MANIFEST/${{ inputs.cncf_project }}.yaml
-          fi
-
-          if ! test -f "$MANIFEST"; then
-            echo "The provided inputs are invalid."
-            exit 1
-          fi
-
-          export VERSION=${{ inputs.version }}
-          envsubst < $MANIFEST > manifest.yaml
-      - uses: actions/upload-artifact@v4
-        with:
-          name: manifest
-          path: manifest.yaml
-      - name: Apply the manifest
-        run: |
-          kubectl apply -f manifest.yaml
-
-          sleep 20
-
-          kubectl wait pod \
-          --all \
-          --for=condition=Ready \
-          --namespace=benchmark
-
-  benchmark-job:
-    runs-on: ubuntu-24.04
-    needs: deploy
-    steps:
-      - uses: actions/checkout@v4
-      - uses: azure/setup-kubectl@v4
-        with:
-          version: v1.30.2
-        id: install
-      - run: mkdir ~/.kube && echo "${{ secrets.KUBECONFIG }}" > ~/.kube/config
-      - name: Run the benchmark job
-        run: |
-          kubectl apply -f ${{ inputs.benchmark_job_url }}
-
-          sleep 20
-
-          kubectl wait pod \
-          --all \
-          --for=condition=Ready \
-          --namespace=falco # TODO: Revert to "benchmark" this after merging https://github.com/falcosecurity/cncf-green-review-testing/pull/22
-
-      - name: Wait for the benchmark job to complete
-        run: |
-          sleep ${{ inputs.benchmark_job_duration_mins }}m
-
-      - name: Delete the benchmark job
-        run: |
-          kubectl delete -f ${{ inputs.benchmark_job_url }} --wait
-
-  delete:
-    runs-on: ubuntu-24.04
-    needs: benchmark-job
-    if: ${{ always() }}
-    steps:
-      - uses: actions/checkout@v4
-      - uses: azure/setup-kubectl@v4
-        with:
-          version: v1.30.2
-        id: install
-      - run: mkdir ~/.kube && echo "${{ secrets.KUBECONFIG }}" > ~/.kube/config
-
-      - uses: actions/download-artifact@v4
-        with:
-          name: manifest
-      - run: kubectl delete -f manifest.yaml --wait
+          module: "."
+          version: "0.15.1"
+          args: benchmark-pipeline
+              --source='.'
+              --kubeconfig='/src/kube-config'
+              --cncf-project='${{ inputs.cncf_project }}'
+              --config='${{ inputs.config }}'
+              --version='${{ inputs.version }}'
+              --benchmark-job-url='${{ inputs.benchmark_job_url }}'
+              --benchmark-job-duration-mins=${{ inputs.benchmark_job_duration_mins }}
+      - run: rm ./kube-config
@@ -2,3 +2,8 @@ infrastructure/equinix-metal/.terraform/
 infrastructure/equinix-metal/terraform.tfvars
 infrastructure/equinix-metal/.terraform.lock.hcl
 .idea
+/dagger.gen.go
+/internal/dagger
+/internal/querybuilder
+/internal/telemetry
+green-reviews-test-kubeconfig
@@ -0,0 +1,8 @@
+# Dockerfile is used to build an image for the dagger container with tools that
+# are needed for the pipeline. 
+FROM alpine:3.21
+
+RUN echo "http://dl-cdn.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories && \
+    apk update
+
+RUN apk add ca-certificates flux kubectl --no-cache
@@ -0,0 +1,55 @@
+# Default target
+.PHONY: all
+all: verify
+
+KUBECONFIG = green-reviews-test-kubeconfig
+
+# Get a terminal for debugging
+.PHONY: debug
+debug:
+	dagger call terminal --source=. --kubeconfig=/src/$(KUBECONFIG)
+
+# Regenerate client bindings for the Dagger API
+.PHONY: develop
+develop:
+	dagger develop
+
+# Install dagger
+install:
+	helm upgrade --install \
+		--namespace=dagger \
+		--create-namespace \
+		dagger oci://registry.dagger.io/dagger-helm && \
+	kubectl wait \
+		--for condition=Ready \
+		--timeout=60s pod \
+		--selector=name=dagger-dagger-helm-engine \
+		--namespace=dagger && \
+	DAGGER_ENGINE_POD_NAME=$$(kubectl get pod \
+			--selector=name=dagger-dagger-helm-engine \
+			--namespace=dagger \
+			--output=jsonpath='{.items[0].metadata.name}') && \
+	_EXPERIMENTAL_DAGGER_RUNNER_HOST="kube-pod://$$DAGGER_ENGINE_POD_NAME?namespace=dagger" && \
+	echo "Install complete - add env vars to your shell" && \
+	echo "export DAGGER_ENGINE_POD_NAME=\"$$DAGGER_ENGINE_POD_NAME\"" && \
+	echo "export _EXPERIMENTAL_DAGGER_RUNNER_HOST=\"$$_EXPERIMENTAL_DAGGER_RUNNER_HOST\""
+
+# Bootstrap cluster with flux and monitoring stack
+.PHONY: setup
+setup:
+	dagger call setup-cluster \
+		--source=. --kubeconfig=/src/$(KUBECONFIG)
+
+# Test pipeline with default values
+.PHONY: test
+test:
+	dagger call benchmark-pipeline-test \
+		--source=. --kubeconfig=/src/$(KUBECONFIG)
+
+# Verify tools are installed
+.PHONY: verify
+verify:
+	dagger version
+	helm version
+	kubectl version --client
+	yq --version
@@ -28,7 +28,7 @@ spec:
   chart:
     spec:
       chart: kepler
-      version: '0.5.3'
+      version: '0.5.12'
       sourceRef:
         kind: HelmRepository
         name: kepler

@@ -0,0 +1,13 @@
+{
+  "name": "green-reviews-tooling",
+  "engineVersion": "v0.15.1",
+  "sdk": "go",
+  "dependencies": [
+    {
+      "name": "k3s",
+      "source": "github.com/marcosnils/daggerverse/k3s@k3s/v0.1.7",
+      "pin": "833ec36632b2457862f6e3bf1f7107ad65e3e515"
+    }
+  ],
+  "source": "."
+}
@@ -0,0 +1,70 @@
+# Development
+
+We use [dagger](https://docs.dagger.io/) and its Go SDK to run the pipeline
+locally during development and in automated tests using GitHub Actions.
+
+## Tools
+
+Docs use [kind](https://kind.sigs.k8s.io/docs/user/quick-start/) to create a local cluster. 
+Other tooling like `minikube` or `k3d` should also work but is untested.
+
+These additional tools need to be installed.
+
+- `dagger` https://docs.dagger.io/install
+- `kubectl` https://kubernetes.io/docs/tasks/tools/
+- `helm` https://helm.sh/docs/helm/helm_install/
+- `yq` https://github.com/mikefarah/yq/#install
+
+## Setup
+
+- Verify CLIs are installed
+
+```sh
+make
+```
+
+- Create kind cluster and add kubeconfig to source dir so dagger can access it.
+
+```sh
+kind create cluster
+kind get kubeconfig | yq e '.clusters[0].cluster.server = "https://kubernetes.default"' - > green-reviews-test-kubeconfig
+```
+
+- Install dagger engine. 
+
+```sh
+make install
+```
+
+- Add `DAGGER_ENGINE_POD_NAME` and `_EXPERIMENTAL_DAGGER_RUNNER_HOST` env vars to your shell. See https://docs.dagger.io/integrations/kubernetes/#example
+
+- Bootstrap cluster with flux and monitoring stack.
+
+```sh
+make setup
+```
+
+## Test
+
+- Run integration test.
+
+```sh
+make test
+```
+
+## Debugging
+
+- Get an [interactive terminal](https://docs.dagger.io/api/terminal/) for trouble shooting.
+
+```sh
+make debug
+```
+
+## Development
+
+- Run [dagger develop](https://docs.dagger.io/reference/cli/#dagger-develop) to
+regenerate client bindings for the dagger API.
+
+```sh
+make develop
+```
@@ -0,0 +1,51 @@
+module github.com/cncf-tags/green-reviews-tooling
+
+go 1.23.2
+
+require (
+	github.com/99designs/gqlgen v0.17.57
+	github.com/Khan/genqlient v0.7.0
+	github.com/vektah/gqlparser/v2 v2.5.19
+	go.opentelemetry.io/otel v1.27.0
+	go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc v0.0.0-20240518090000-14441aefdf88
+	go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp v0.3.0
+	go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.27.0
+	go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.27.0
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.27.0
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.27.0
+	go.opentelemetry.io/otel/log v0.3.0
+	go.opentelemetry.io/otel/metric v1.27.0
+	go.opentelemetry.io/otel/sdk v1.27.0
+	go.opentelemetry.io/otel/sdk/log v0.3.0
+	go.opentelemetry.io/otel/sdk/metric v1.27.0
+	go.opentelemetry.io/otel/trace v1.27.0
+	go.opentelemetry.io/proto/otlp v1.3.1
+	golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa
+	golang.org/x/sync v0.10.0
+	google.golang.org/grpc v1.68.0
+)
+
+require (
+	github.com/cenkalti/backoff/v4 v4.3.0 // indirect
+	github.com/go-logr/logr v1.4.2 // indirect
+	github.com/go-logr/stdr v1.2.2 // indirect
+	github.com/google/uuid v1.6.0 // indirect
+	github.com/grpc-ecosystem/grpc-gateway/v2 v2.22.0 // indirect
+	github.com/sosodev/duration v1.3.1 // indirect
+	github.com/stretchr/testify v1.10.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.27.0 // indirect
+	golang.org/x/net v0.29.0 // indirect
+	golang.org/x/sys v0.28.0 // indirect
+	golang.org/x/text v0.21.0 // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20240903143218-8af14fe29dc1 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20240903143218-8af14fe29dc1 // indirect
+	google.golang.org/protobuf v1.35.2 // indirect
+)
+
+replace go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc => go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc v0.0.0-20240518090000-14441aefdf88
+
+replace go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp => go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp v0.3.0
+
+replace go.opentelemetry.io/otel/log => go.opentelemetry.io/otel/log v0.3.0
+
+replace go.opentelemetry.io/otel/sdk/log => go.opentelemetry.io/otel/sdk/log v0.3.0