From 6e940deeab8c95996fc79a5b03acc42518e9f64d Mon Sep 17 00:00:00 2001 From: Spencer Smith Date: Thu, 7 Sep 2023 16:29:12 -0400 Subject: [PATCH] chore: rekres repo to enable github actions This PR enables github actions with a rekres from latest. Other version bumps come along for the ride of course. Signed-off-by: Spencer Smith --- .drone.yml | 325 -------------------------------------- .github/workflows/ci.yaml | 79 ++++++++- .golangci.yml | 4 +- .kres.yaml | 8 +- Dockerfile | 16 +- Makefile | 24 ++- 6 files changed, 112 insertions(+), 344 deletions(-) delete mode 100644 .drone.yml diff --git a/.drone.yml b/.drone.yml deleted file mode 100644 index 5cd7230..0000000 --- a/.drone.yml +++ /dev/null @@ -1,325 +0,0 @@ ---- -# THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. -# -# Generated on 2023-06-07T15:12:34Z by kres latest. - -kind: pipeline -type: kubernetes -name: default - -platform: - os: linux - arch: amd64 - -steps: -- name: setup-ci - pull: always - image: autonomy/build-container:latest - commands: - - sleep 5 - - git fetch --tags - - install-ci-key - - docker buildx create --driver docker-container --platform linux/amd64 --name local --use unix:///var/outer-run/docker.sock - - docker buildx inspect --bootstrap - environment: - SSH_KEY: - from_secret: ssh_key - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - -- name: base - pull: always - image: autonomy/build-container:latest - commands: - - make base - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - depends_on: - - setup-ci - -- name: unit-tests - pull: always - image: autonomy/build-container:latest - commands: - - make unit-tests - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - depends_on: - - base - -- name: unit-tests-race - pull: always - image: autonomy/build-container:latest - commands: - - make unit-tests-race - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - depends_on: - - base - -- name: coverage - pull: always - image: autonomy/build-container:latest - commands: - - make coverage - environment: - CODECOV_TOKEN: - from_secret: CODECOV_TOKEN - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - depends_on: - - unit-tests - -- name: importvet - pull: always - image: autonomy/build-container:latest - commands: - - make importvet - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - depends_on: - - base - -- name: lint - pull: always - image: autonomy/build-container:latest - commands: - - make lint - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - depends_on: - - base - -- name: image-importvet - pull: always - image: autonomy/build-container:latest - commands: - - make image-importvet - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - depends_on: - - importvet - - lint - - unit-tests - -- name: push-importvet - pull: always - image: autonomy/build-container:latest - commands: - - docker login ghcr.io --username "$${GHCR_USERNAME}" --password "$${GHCR_PASSWORD}" - - make image-importvet - environment: - GHCR_PASSWORD: - from_secret: ghcr_token - GHCR_USERNAME: - from_secret: ghcr_username - PLATFORM: linux/amd64,linux/arm64 - PUSH: true - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - when: - event: - exclude: - - pull_request - depends_on: - - image-importvet - -- name: release-notes - pull: always - image: autonomy/build-container:latest - commands: - - make release-notes - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - when: - event: - - tag - depends_on: - - unit-tests - - coverage - - importvet - - image-importvet - - lint - -- name: release - pull: always - image: plugins/github-release - settings: - api_key: - from_secret: github_token - checksum: - - sha256 - - sha512 - draft: true - files: - - _out/* - note: _out/RELEASE_NOTES.md - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - when: - event: - - tag - depends_on: - - release-notes - -services: -- name: docker - image: docker:24.0-dind - entrypoint: - - dockerd - commands: - - --dns=8.8.8.8 - - --dns=8.8.4.4 - - --mtu=1500 - - --log-level=error - privileged: true - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - -volumes: -- name: outer-docker-socket - host: - path: /var/ci-docker -- name: docker-socket - temp: - medium: memory -- name: buildx - temp: - medium: memory -- name: ssh - temp: - medium: memory - -trigger: - branch: - exclude: - - renovate/* - - dependabot/* - event: - exclude: - - promote - - cron - ---- -kind: pipeline -type: kubernetes -name: notify - -platform: - os: linux - arch: amd64 - -clone: - disable: true - -steps: -- name: slack - image: plugins/slack - settings: - channel: proj-talos-maintainers - link_names: true - template: "{{#if build.pull }}\n*{{#success build.status}}✓ Success{{else}}✕ Fail{{/success}}*: {{ repo.owner }}/{{ repo.name }} - \n{{else}}\n*{{#success build.status}}✓ Success{{else}}✕ Fail{{/success}}: {{ repo.owner }}/{{ repo.name }} - Build #{{ build.number }}* (type: `{{ build.event }}`)\n{{/if}}\nCommit: \nBranch: \nAuthor: {{ build.author }}\n<{{ build.link }}|Visit build page>" - webhook: - from_secret: slack_webhook - when: - status: - - success - - failure - -trigger: - branch: - exclude: - - renovate/* - - dependabot/* - status: - - success - - failure - -depends_on: -- default - -... diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 79bf66a..09e8a32 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -5,7 +5,7 @@ name: default - main tags: - v* - pull_request: + pull_request: {} env: CI_ARGS: --cache-from=type=registry,ref=registry.dev.siderolabs.io/${GITHUB_REPOSITORY}:buildcache --cache-to=type=registry,ref=registry.dev.siderolabs.io/${GITHUB_REPOSITORY}:buildcache,mode=max jobs: @@ -13,7 +13,80 @@ jobs: permissions: contents: write packages: write - runs-on: self-hosted + runs-on: + - self-hosted + - X64 steps: - name: checkout - uses: actions/checkout@v3 \ No newline at end of file + uses: actions/checkout@v3 + - name: Unshallow + run: | + git fetch --prune --unshallow + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + with: + config-inline: | + [worker.oci] + gc = true + gckeepstorage = 100000 # 100 GiB + + [[worker.oci.gcpolicy]] + keepBytes = 32212254720 # 30 GiB + keepDuration = 604800 + filters = [ "type==source.local", "type==exec.cachemount", "type==source.git.checkout"] + [[worker.oci.gcpolicy]] + all = true + keepBytes = 107374182400 # 100 GiB + - name: base + run: | + make base + - name: unit-tests + run: | + make unit-tests + - name: unit-tests-race + run: | + make unit-tests-race + - name: coverage + run: | + make coverage + - name: importvet + run: | + make importvet + - name: lint + run: | + make lint + - name: Login to registry + if: github.event_name != 'pull_request' + uses: docker/login-action@v2 + with: + password: ${{ secrets.GITHUB_TOKEN }} + registry: ghcr.io + username: ${{ github.repository_owner }} + - name: image-importvet + run: | + make image-importvet + - name: push-importvet + if: github.event_name != 'pull_request' + env: + PLATFORM: linux/amd64,linux/arm64 + PUSH: "true" + run: | + make image-importvet + - name: Generate Checksums + if: startsWith(github.ref, 'refs/tags/') + run: | + sha256sum _out/importvet-* > _out/sha256sum.txt + sha512sum _out/importvet-* > _out/sha512sum.txt + - name: release-notes + if: startsWith(github.ref, 'refs/tags/') + run: | + make release-notes + - name: Release + if: startsWith(github.ref, 'refs/tags/') + uses: crazy-max/ghaction-github-release@v1 + with: + body_path: _out/RELEASE_NOTES.md + draft: "true" + files: |- + _out/importvet-* + _out/sha*.txt diff --git a/.golangci.yml b/.golangci.yml index 092fcf0..b4844a7 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2023-06-07T15:12:34Z by kres latest. +# Generated on 2023-09-07T20:28:51Z by kres latest. # options for analysis running run: @@ -74,6 +74,8 @@ linters-settings: govet: check-shadowing: true enable-all: true + disable: + - loopclosure lll: line-length: 200 tab-width: 4 diff --git a/.kres.yaml b/.kres.yaml index b4efa99..4da9c38 100644 --- a/.kres.yaml +++ b/.kres.yaml @@ -3,7 +3,7 @@ kind: common.Image name: image-importvet spec: pushLatest: false - droneExtraEnvironment: + extraEnvironment: PLATFORM: linux/amd64,linux/arm64 --- kind: golang.Build @@ -15,3 +15,9 @@ spec: linux-arm64: GOOS: linux GOARCH: arm64 +--- +kind: common.Release +name: release +spec: + artifacts: + - importvet-* \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index 48d4b7a..bccfb40 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,22 +1,22 @@ -# syntax = docker/dockerfile-upstream:1.5.2-labs +# syntax = docker/dockerfile-upstream:1.6.0-labs # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2023-06-07T15:14:03Z by kres latest. +# Generated on 2023-09-07T20:28:51Z by kres latest. ARG TOOLCHAIN # cleaned up specs and compiled versions FROM scratch AS generate -FROM ghcr.io/siderolabs/ca-certificates:v1.4.1 AS image-ca-certificates +FROM ghcr.io/siderolabs/ca-certificates:v1.6.0-alpha.0-10-gd3d7d29 AS image-ca-certificates -FROM ghcr.io/siderolabs/fhs:v1.4.1 AS image-fhs +FROM ghcr.io/siderolabs/fhs:v1.6.0-alpha.0-10-gd3d7d29 AS image-fhs # runs markdownlint -FROM docker.io/node:20.2.0-alpine3.17 AS lint-markdown +FROM docker.io/node:20.5.1-alpine3.18 AS lint-markdown WORKDIR /src -RUN npm i -g markdownlint-cli@0.34.0 +RUN npm i -g markdownlint-cli@0.35.0 RUN npm i sentences-per-line@0.2.1 COPY .markdownlint.json . COPY ./README.md ./README.md @@ -31,6 +31,10 @@ FROM --platform=${BUILDPLATFORM} toolchain AS tools ENV GO111MODULE on ARG CGO_ENABLED ENV CGO_ENABLED ${CGO_ENABLED} +ARG GOTOOLCHAIN +ENV GOTOOLCHAIN ${GOTOOLCHAIN} +ARG GOEXPERIMENT +ENV GOEXPERIMENT ${GOEXPERIMENT} ENV GOPATH /go ARG DEEPCOPY_VERSION RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg go install github.com/siderolabs/deep-copy@${DEEPCOPY_VERSION} \ diff --git a/Makefile b/Makefile index dbf034c..bb5baa2 100644 --- a/Makefile +++ b/Makefile @@ -1,11 +1,12 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2023-06-07T15:12:34Z by kres latest. +# Generated on 2023-09-07T20:28:51Z by kres latest. # common variables SHA := $(shell git describe --match=none --always --abbrev=8 --dirty) TAG := $(shell git describe --tag --always --dirty) +ABBREV_TAG := $(shell git describe --tags >/dev/null 2>/dev/null && git describe --tag --always --match v[0-9]\* --abbrev=0 || echo 'undefined') BRANCH := $(shell git rev-parse --abbrev-ref HEAD) ARTIFACTS := _out WITH_DEBUG ?= false @@ -13,18 +14,20 @@ WITH_RACE ?= false REGISTRY ?= ghcr.io USERNAME ?= siderolabs REGISTRY_AND_USERNAME ?= $(REGISTRY)/$(USERNAME) -PROTOBUF_GO_VERSION ?= 1.28.1 +PROTOBUF_GO_VERSION ?= 1.31.0 GRPC_GO_VERSION ?= 1.3.0 -GRPC_GATEWAY_VERSION ?= 2.16.0 +GRPC_GATEWAY_VERSION ?= 2.17.1 VTPROTOBUF_VERSION ?= 0.4.0 DEEPCOPY_VERSION ?= v0.5.5 -GOLANGCILINT_VERSION ?= v1.53.2 +GOLANGCILINT_VERSION ?= v1.54.2 GOFUMPT_VERSION ?= v0.5.0 -GO_VERSION ?= 1.20 -GOIMPORTS_VERSION ?= v0.9.3 +GO_VERSION ?= 1.21 +GOIMPORTS_VERSION ?= v0.12.0 GO_BUILDFLAGS ?= GO_LDFLAGS ?= CGO_ENABLED ?= 0 +GOTOOLCHAIN ?= local +GOEXPERIMENT ?= loopvar TESTPKGS ?= ./... KRES_IMAGE ?= ghcr.io/siderolabs/kres:latest CONFORMANCE_IMAGE ?= ghcr.io/siderolabs/conform:latest @@ -37,18 +40,22 @@ PROGRESS ?= auto PUSH ?= false CI_ARGS ?= COMMON_ARGS = --file=Dockerfile +COMMON_ARGS += --provenance=false COMMON_ARGS += --progress=$(PROGRESS) COMMON_ARGS += --platform=$(PLATFORM) COMMON_ARGS += --push=$(PUSH) COMMON_ARGS += --build-arg=ARTIFACTS="$(ARTIFACTS)" COMMON_ARGS += --build-arg=SHA="$(SHA)" COMMON_ARGS += --build-arg=TAG="$(TAG)" +COMMON_ARGS += --build-arg=ABBREV_TAG="$(ABBREV_TAG)" COMMON_ARGS += --build-arg=USERNAME="$(USERNAME)" COMMON_ARGS += --build-arg=REGISTRY="$(REGISTRY)" COMMON_ARGS += --build-arg=TOOLCHAIN="$(TOOLCHAIN)" COMMON_ARGS += --build-arg=CGO_ENABLED="$(CGO_ENABLED)" COMMON_ARGS += --build-arg=GO_BUILDFLAGS="$(GO_BUILDFLAGS)" COMMON_ARGS += --build-arg=GO_LDFLAGS="$(GO_LDFLAGS)" +COMMON_ARGS += --build-arg=GOTOOLCHAIN="$(GOTOOLCHAIN)" +COMMON_ARGS += --build-arg=GOEXPERIMENT="$(GOEXPERIMENT)" COMMON_ARGS += --build-arg=PROTOBUF_GO_VERSION="$(PROTOBUF_GO_VERSION)" COMMON_ARGS += --build-arg=GRPC_GO_VERSION="$(GRPC_GO_VERSION)" COMMON_ARGS += --build-arg=GRPC_GATEWAY_VERSION="$(GRPC_GATEWAY_VERSION)" @@ -58,7 +65,7 @@ COMMON_ARGS += --build-arg=GOLANGCILINT_VERSION="$(GOLANGCILINT_VERSION)" COMMON_ARGS += --build-arg=GOIMPORTS_VERSION="$(GOIMPORTS_VERSION)" COMMON_ARGS += --build-arg=GOFUMPT_VERSION="$(GOFUMPT_VERSION)" COMMON_ARGS += --build-arg=TESTPKGS="$(TESTPKGS)" -TOOLCHAIN ?= docker.io/golang:1.20-alpine +TOOLCHAIN ?= docker.io/golang:1.21-alpine # help menu @@ -126,7 +133,8 @@ lint-gofumpt: ## Runs gofumpt linter. .PHONY: fmt fmt: ## Formats the source code @docker run --rm -it -v $(PWD):/src -w /src golang:$(GO_VERSION) \ - bash -c "export GO111MODULE=on; export GOPROXY=https://proxy.golang.org; \ + bash -c "export GOEXPERIMENT=loopvar; export GOTOOLCHAIN=local; \ + export GO111MODULE=on; export GOPROXY=https://proxy.golang.org; \ go install mvdan.cc/gofumpt@$(GOFUMPT_VERSION) && \ gofumpt -w ."