-
Notifications
You must be signed in to change notification settings - Fork 25
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Move aperture/helm releases back to setup config
This is required due to release-components being a setup job
- Loading branch information
1 parent
4e8e2c1
commit 7b5e125
Showing
2 changed files
with
195 additions
and
220 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -3,6 +3,178 @@ version: 2.1 | |
| # this allows to use CircleCI's dynamic configuration feature | ||
| setup: true | ||
|
|
||
| executors: | ||
| base-cimg-executor: | ||
| docker: | ||
| - image: cimg/base:2021.07 | ||
| ubuntu-go-executor: | ||
| docker: | ||
| - image: cimg/go:1.19 | ||
|
|
||
| # TODO: Sync this with continue-workflows.yml | ||
| commands: | ||
| asdf_install: | ||
| description: "Install tools using ASDF" | ||
| parameters: | ||
| tools: | ||
| type: string | ||
| description: | ||
| "Newline separated list of tools to install. If empty, will install | ||
| everything." | ||
| default: "" | ||
| cache_name: | ||
| type: string | ||
| description: "Name of asdf cache" | ||
| default: "default" | ||
| steps: | ||
| - run: | ||
| name: Install ASDF | ||
| command: | | ||
| git clone https://github.com/asdf-vm/asdf.git ~/.asdf --branch v0.10.2 | ||
| printf '\nsource "${HOME}/.asdf/asdf.sh"\n' >> "${BASH_ENV}" | ||
| date +%m > ~/month | ||
| date +%d > ~/day | ||
| # We need to restore ASDF cache after installing, otherwise we will try to clone it to non-empty dir | ||
| - restore_cache: | ||
| name: Restore ASDF cache | ||
| keys: | ||
| - aperture-asdf-cache-v7-{{ checksum "~/month" }}-<< parameters.cache_name >>-{{ checksum ".tool-versions" }}-{{ checksum "go.mod" }} | ||
| - aperture-asdf-cache-v7-{{ checksum "~/month" }}-<< parameters.cache_name >>- | ||
| - run: | ||
| name: Install ASDF tools | ||
| environment: | ||
| TOOLS: << parameters.tools >> | ||
| command: .circleci/scripts/asdf_install.sh | ||
| asdf_save_cache: | ||
| parameters: | ||
| cache_name: | ||
| type: string | ||
| description: "Name of asdf cache" | ||
| default: "default" | ||
| steps: | ||
| - save_cache: | ||
| name: Save ASDF cache | ||
| key: aperture-asdf-cache-v7-{{ checksum "~/month" }}-<< parameters.cache_name >>-{{ checksum ".tool-versions" }}-{{ checksum "go.mod" }} | ||
| paths: | ||
| - ~/.asdf | ||
| opsninja_install: | ||
| steps: | ||
| - add_ssh_keys: | ||
| fingerprints: | ||
| - "8d:43:0f:09:ed:86:44:23:4f:43:88:29:71:bf:92:e7" # fluxninja/cloud R/O | ||
| - run: | ||
| name: Install opsninja and its dependencies | ||
| command: | | ||
| # We need R/O access to cloud repository to be able to fetch opsninja library | ||
| # FIXME: make "releases" of opsninja library somehow, even as a separate repository | ||
| # to limit exposure. | ||
| export CLOUD_RO_KEY_FINGERPRINT="8d:43:0f:09:ed:86:44:23:4f:43:88:29:71:bf:92:e7" | ||
| export GIT_SSH_COMMAND="ssh -i ~/.ssh/id_rsa_$(echo "${CLOUD_RO_KEY_FINGERPRINT}" | tr -d ':')" | ||
| export SSH_AUTH_SOCK="" | ||
| # Bust asdf cache as our opsninja version is always 0.0.0 | ||
| pip uninstall -y opsninja | ||
| pip install 'git+ssh://[email protected]/fluxninja/cloud@main#egg=opsninja&subdirectory=ops/apps/opsninja/' | ||
| asdf reshim | ||
| jobs: | ||
| release-components: | ||
| executor: base-cimg-executor | ||
| steps: | ||
| - checkout | ||
| - asdf_install: | ||
| cache_name: release | ||
| tools: |- | ||
| python | ||
| gcloud | ||
| - opsninja_install | ||
| - run: | ||
| name: Schedule release jobs | ||
| working_directory: ops/apps/opsninja | ||
| command: fn circleci trigger-release --tag << pipeline.git.tag >> | ||
| - asdf_save_cache: | ||
| cache_name: release | ||
| package-agent: | ||
| parameters: | ||
| executor: | ||
| type: executor | ||
| description: executor to use for this job | ||
| default: ubuntu-go-executor | ||
| workspace-name: | ||
| type: string | ||
| description: the name of the workspace to which built packages should be added | ||
| default: packages | ||
| goarch: | ||
| type: string | ||
| description: the GOARCH to use for the build | ||
| default: amd64 | ||
| executor: <<parameters.executor>> | ||
| environment: | ||
| PACKAGES_DIR: "/tmp/packages" | ||
| GOARCH: <<parameters.goarch>> | ||
| steps: | ||
| - checkout | ||
| - run: | ||
| name: "Set build vars" | ||
| command: | | ||
| GIT_BRANCH="$(git branch --show-current)" | ||
| GIT_COMMIT_HASH="$(git log -n1 --format=%H)" | ||
| GOOS="$(go env GOOS)" | ||
| VERSION="$(cut -d/ -f3- \<<<"${RELEASE_TAG}")" | ||
| if which dpkg; then | ||
| PACKAGER=deb | ||
| elif which rpm; then | ||
| PACKAGER=rpm | ||
| elif which apk; then | ||
| PACKAGER=apk | ||
| else | ||
| echo "Unable to determine proper packager for current OS" | ||
| exit 1 | ||
| fi | ||
| export GIT_BRANCH GIT_COMMIT_HASH GOOS VERSION PACKAGER | ||
| declare -p GIT_BRANCH GIT_COMMIT_HASH GOOS VERSION PACKAGER >> "${BASH_ENV}" | ||
| environment: | ||
| RELEASE_TAG: <<pipeline.git.tag>> | ||
| - run: | ||
| name: "Compile agent and plugins" | ||
| command: | | ||
| SOURCE="./cmd/aperture-agent" TARGET="./dist/aperture-agent" ./pkg/info/build.sh | ||
| for plugin_dir in ./plugins/*/aperture-plugin-*; do | ||
| plugin="$(basename "${plugin_dir}")" | ||
| echo "Building plugin ${plugin}" | ||
| SOURCE="${plugin_dir}" TARGET="./dist/plugins/${plugin}.so" ./pkg/plugins/build.sh | ||
| done | ||
| environment: | ||
| CGO_ENABLED: "1" | ||
| PREFIX: "aperture" | ||
| LDFLAGS: "-s -w" | ||
| - run: | ||
| name: Install nFPM | ||
| command: | | ||
| filename="nfpm_amd64.${PACKAGER}" | ||
| file="/tmp/${filename}" | ||
| curl --silent --show-error --location https://github.com/goreleaser/nfpm/releases/latest/download/${filename} -o "${file}" | ||
| case "${PACKAGER}" in | ||
| deb) sudo dpkg -i "${file}";; | ||
| rpm) sudo rpm -i "${file}";; | ||
| apk) sudo apk add --allow-untrusted "${file}";; | ||
| *) echo "Unknown packager ${PACKAGER}"; exit 1;; | ||
| esac | ||
| which nfpm | ||
| - run: | ||
| name: Package | ||
| command: | | ||
| mkdir -p dist/packages/ | ||
| nfpm package --packager "${PACKAGER}" --target dist/packages/ | ||
| ls -l dist/packages/ | ||
| helm-release: | ||
| executor: base-cimg-executor | ||
| steps: | ||
| - checkout | ||
| - run: | ||
| name: "Package and release Helm Chart" | ||
| command: .circleci/scripts/helm_release.sh | ||
|
|
||
| orbs: | ||
| path-filtering: circleci/[email protected] | ||
| continuation: circleci/[email protected] | ||
|
|
@@ -44,15 +216,33 @@ workflows: | |
| - path-filtering/filter: | ||
| <<: *path_filtering_job | ||
| base-revision: main | ||
| release: | ||
| release-components: | ||
| when: | ||
| matches: { value: << pipeline.git.tag >>, pattern: "^releases/.*$" } | ||
| matches: { value: << pipeline.git.tag >>, pattern: "^releases/(?!charts).*$" } | ||
| jobs: | ||
| - continuation/continue: | ||
| configuration_path: .circleci/releases.yaml | ||
| # both this and workflow's "when" is needed | ||
| - release-components: | ||
| # both this and workflow's when is needed | ||
| filters: | ||
| branches: | ||
| ignore: /.+/ | ||
| tags: | ||
| only: /^releases\/.*$/ | ||
| - package-agent: | ||
| # both this and workflow's when is needed | ||
| filters: | ||
| branches: | ||
| ignore: /.+/ | ||
| tags: | ||
| only: /^releases\/aperture-agent\/.*$/ | ||
| matrix: | ||
| parameters: | ||
| executor: [ ubuntu-go-executor ] | ||
| goarch: [ amd64 ] | ||
| helm-release: | ||
| when: | ||
| matches: { value: << pipeline.git.tag >>, pattern: "^releases/charts/.*/v.*" } | ||
| jobs: | ||
| - helm-release: | ||
| filters: | ||
| tags: | ||
| only: /^releases/charts/.*/v.*/ | ||
Oops, something went wrong.