diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..3c68d15 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,7 @@ +# THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. +# +# Generated on 2023-11-02T12:25:12Z by kres a0777d5-dirty. + +* +!README.md +!pkg.yaml diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 3a41f40..26eab9e 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -1,8 +1,12 @@ +# THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. +# +# Generated on 2023-11-02T12:26:41Z by kres latest. + name: default concurrency: group: ${{ github.head_ref || github.run_id }} cancel-in-progress: true -on: +"on": push: branches: - main @@ -15,20 +19,23 @@ on: - release-* jobs: default: - if: (!startsWith(github.head_ref, 'renovate/') && !startsWith(github.head_ref, 'dependabot/')) permissions: + actions: read + contents: write packages: write + pull-requests: read runs-on: - self-hosted - pkgs + if: (!startsWith(github.head_ref, 'renovate/') && !startsWith(github.head_ref, 'dependabot/')) outputs: labels: ${{ steps.workflow-run-info.outputs.pullRequestLabels }} services: buildkitd: - image: moby/buildkit:buildx-stable-1 + image: moby/buildkit:v0.12.2 + options: --privileged ports: - 1234:1234 - options: --privileged volumes: - /var/lib/buildkit/${{ github.repository }}:/var/lib/buildkit - /usr/etc/buildkit/buildkitd.toml:/etc/buildkit/buildkitd.toml @@ -41,12 +48,12 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 with: - driver: remote - endpoint: tcp://localhost:1234 append: | - endpoint: tcp://buildkit-arm64.ci.svc.cluster.local:1234 platforms: linux/arm64 - - name: build + driver: remote + endpoint: tcp://localhost:1234 + - name: Build run: | make - name: Login to registry @@ -59,12 +66,22 @@ jobs: - name: Push to registry if: github.event_name != 'pull_request' run: | - make PUSH=true + make PUSH=true - name: Retrieve workflow info id: workflow-run-info uses: potiuk/get-workflow-origin@v1_5 with: token: ${{ secrets.GITHUB_TOKEN }} + - name: release-notes + if: startsWith(github.ref, 'refs/tags/') + run: | + make release-notes + - name: Release + if: startsWith(github.ref, 'refs/tags/') + uses: crazy-max/ghaction-github-release@v2 + with: + body_path: _out/RELEASE_NOTES.md + draft: "true" reproducibility: runs-on: - self-hosted @@ -74,10 +91,10 @@ jobs: - default services: buildkitd: - image: moby/buildkit:buildx-stable-1 + image: moby/buildkit:v0.12.2 + options: --privileged ports: - 1234:1234 - options: --privileged volumes: - /var/lib/buildkit/${{ github.repository }}:/var/lib/buildkit - /usr/etc/buildkit/buildkitd.toml:/etc/buildkit/buildkitd.toml @@ -90,11 +107,11 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 with: - driver: remote - endpoint: tcp://localhost:1234 append: | - endpoint: tcp://buildkit-arm64.ci.svc.cluster.local:1234 platforms: linux/arm64 - - name: reproducibility + driver: remote + endpoint: tcp://localhost:1234 + - name: reproducibility-test run: | make reproducibility-test diff --git a/.github/workflows/slack-notify.yaml b/.github/workflows/slack-notify.yaml index 3d28228..e3aa8ba 100644 --- a/.github/workflows/slack-notify.yaml +++ b/.github/workflows/slack-notify.yaml @@ -1,16 +1,20 @@ +# THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. +# +# Generated on 2023-11-02T12:26:41Z by kres latest. + name: slack-notify "on": workflow_run: workflows: - default - weekly - - integration types: - completed jobs: slack-notify: runs-on: - self-hosted + - generic if: ${{ github.event.workflow_run.conclusion != 'skipped' }} steps: - name: Retrieve Workflow Run Info @@ -35,7 +39,7 @@ jobs: "fields": [ { "type": "mrkdwn", - "text": "${{ github.event.workflow_run.event == 'pull_request' && format('*Pull Request:* {0} (`{1}`)\n<{2}/pull/{3}|{4}>', github.repository, github.ref_name, github.event.repository.html_url, steps.retrieve-workflow-run-info.outputs.pullRequestNumber, github.event.workflow_run.display_title) || format('*Build:* {0}#{1} (`{2}`)', github.repository, github.sha, github.ref_name) }}" + "text": "${{ github.event.workflow_run.event == 'pull_request' && format('*Pull Request:* {0} (`{1}`)\n<{2}/pull/{3}|{4}>', github.repository, github.ref_name, github.event.repository.html_url, steps.retrieve-workflow-run-info.outputs.pullRequestNumber, github.event.workflow_run.display_title) || format('*Build:* {0} (`{1}`)\n<{2}/commit/{3}|{4}>', github.repository, github.ref_name, github.event.repository.html_url, github.sha, github.event.workflow_run.display_title) }}" }, { "type": "mrkdwn", diff --git a/.github/workflows/cron.yaml b/.github/workflows/weekly.yaml similarity index 81% rename from .github/workflows/cron.yaml rename to .github/workflows/weekly.yaml index 2bdc0d6..fa57332 100644 --- a/.github/workflows/cron.yaml +++ b/.github/workflows/weekly.yaml @@ -1,10 +1,14 @@ +# THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. +# +# Generated on 2023-11-02T12:26:41Z by kres latest. + name: weekly concurrency: group: ${{ github.head_ref || github.run_id }} cancel-in-progress: true -on: +"on": schedule: - - cron: '30 1 * * 1' + - cron: 30 1 * * 1 jobs: reproducibility: runs-on: @@ -12,10 +16,10 @@ jobs: - pkgs services: buildkitd: - image: moby/buildkit:buildx-stable-1 + image: moby/buildkit:v0.12.2 + options: --privileged ports: - 1234:1234 - options: --privileged volumes: - /var/lib/buildkit/${{ github.repository }}:/var/lib/buildkit - /usr/etc/buildkit/buildkitd.toml:/etc/buildkit/buildkitd.toml @@ -28,11 +32,11 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 with: - driver: remote - endpoint: tcp://localhost:1234 append: | - endpoint: tcp://buildkit-arm64.ci.svc.cluster.local:1234 platforms: linux/arm64 - - name: reproducibility + driver: remote + endpoint: tcp://localhost:1234 + - name: reproducibility-test run: | make reproducibility-test diff --git a/.gitignore b/.gitignore index 1bf7ec9..ef64096 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,5 @@ -_out* +# THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. +# +# Generated on 2023-11-02T12:25:12Z by kres a0777d5-dirty. + +_out diff --git a/.kres.yaml b/.kres.yaml new file mode 100644 index 0000000..bc2440c --- /dev/null +++ b/.kres.yaml @@ -0,0 +1,6 @@ +--- +kind: pkgfile.Build +spec: + targets: + - tools + reproducibleTargetName: tools diff --git a/Makefile b/Makefile index 457ab19..ed7f860 100644 --- a/Makefile +++ b/Makefile @@ -1,65 +1,131 @@ +# THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. +# +# Generated on 2023-11-02T12:30:07Z by kres latest. + +# common variables + +SHA := $(shell git describe --match=none --always --abbrev=8 --dirty) +TAG := $(shell git describe --tag --always --dirty) +ABBREV_TAG := $(shell git describe --tags >/dev/null 2>/dev/null && git describe --tag --always --match v[0-9]\* --abbrev=0 || echo 'undefined') +BRANCH := $(shell git rev-parse --abbrev-ref HEAD) +ARTIFACTS := _out REGISTRY ?= ghcr.io -USERNAME ?= siderolabs -SHA ?= $(shell git describe --match=none --always --abbrev=8 --dirty) -TAG ?= $(shell git describe --tag --always --dirty) -BRANCH ?= $(shell git rev-parse --abbrev-ref HEAD) -REGISTRY_AND_USERNAME := $(REGISTRY)/$(USERNAME) -# inital commit time -# git rev-list --max-parents=0 HEAD -# git log e2983a47abbfaf9cb1cc740c87af26f29a837ee0 --pretty=%ct -SOURCE_DATE_EPOCH ?= "1559830076" - -# Sync bldr image with Pkgfile +USERNAME ?= talos-systems +REGISTRY_AND_USERNAME ?= $(REGISTRY)/$(USERNAME) +KRES_IMAGE ?= ghcr.io/siderolabs/kres:latest +CONFORMANCE_IMAGE ?= ghcr.io/siderolabs/conform:latest + +# source date epoch of first commit + +INITIAL_COMMIT_SHA := $(shell git rev-list --max-parents=0 HEAD) +SOURCE_DATE_EPOCH := $(shell git log $(INITIAL_COMMIT_SHA) --pretty=%ct) + +# sync bldr image with pkgfile + BLDR_IMAGE := ghcr.io/siderolabs/bldr:v0.2.3 -BLDR ?= docker run --rm --volume $(PWD):/tools --entrypoint=/bldr \ - $(BLDR_IMAGE) graph --root=/tools +BLDR := docker run --rm --user $(shell id -u):$(shell id -g) --volume $(PWD):/src --entrypoint=/bldr $(BLDR_IMAGE) --root=/src + +# docker build settings BUILD := docker buildx build PLATFORM ?= linux/amd64,linux/arm64 PROGRESS ?= auto PUSH ?= false -DEST ?= _out -COMMON_ARGS := --file=Pkgfile +CI_ARGS ?= +COMMON_ARGS = --file=Pkgfile COMMON_ARGS += --provenance=false COMMON_ARGS += --progress=$(PROGRESS) COMMON_ARGS += --platform=$(PLATFORM) COMMON_ARGS += --build-arg=SOURCE_DATE_EPOCH=$(SOURCE_DATE_EPOCH) +# targets defines all the available targets + TARGETS = tools -all: $(TARGETS) ## Builds all known pkgs. +# help menu -.PHONY: help -help: ## This help menu. - @grep -E '^[a-zA-Z0-9\.%_-]+:.*?## .*$$' $(MAKEFILE_LIST) | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}' +export define HELP_MENU_HEADER +# Getting Started -target-%: ## Builds the specified target defined in the Pkgfile. The build result will only remain in the build cache. - @$(BUILD) \ - --target=$* \ - $(COMMON_ARGS) \ - $(TARGET_ARGS) . +To build this project, you must have the following installed: -local-%: ## Builds the specified target defined in the Pkgfile using the local output type. The build result will be output to the specified local destination. - @$(MAKE) target-$* TARGET_ARGS="--output=type=local,dest=$(DEST) $(TARGET_ARGS)" +- git +- make +- docker (19.03 or higher) -reproducibility-test: - @$(MAKE) reproducibility-test-local-tools +## Creating a Builder Instance + +The build process makes use of experimental Docker features (buildx). +To enable experimental features, add 'experimental: "true"' to '/etc/docker/daemon.json' on +Linux or enable experimental features in Docker GUI for Windows or Mac. + +To create a builder instance, run: + + docker buildx create --name local --use + + +If you already have a compatible builder instance, you may use that instead. -reproducibility-test-local-%: ## Builds the specified target defined in the Pkgfile using the local output type. The build result will be output to the specified local destination. - @rm -rf _out1/ _out2/ - @$(MAKE) local-$* DEST=_out1 - @$(MAKE) local-$* DEST=_out2 TARGET_ARGS="--no-cache" - @touch -ch -t $$(date -d @$(SOURCE_DATE_EPOCH) +%Y%m%d0000) _out1 _out2 - @diffoscope _out1 _out2 - @rm -rf _out1/ _out2/ +## Artifacts -docker-%: ## Builds the specified target defined in the Pkgfile using the docker output type. The build result will be loaded into Docker. +All artifacts will be output to ./$(ARTIFACTS). Images will be tagged with the +registry "$(REGISTRY)", username "$(USERNAME)", and a dynamic tag (e.g. $(IMAGE):$(TAG)). +The registry and username can be overridden by exporting REGISTRY, and USERNAME +respectively. + +endef + +all: $(TARGETS) ## Builds all targets defined. + +.PHONY: clean +clean: ## Cleans up all artifacts. + @rm -rf $(ARTIFACTS) + +target-%: ## Builds the specified target defined in the Pkgfile. The build result will only remain in the build cache. + @$(BUILD) --target=$* $(COMMON_ARGS) $(TARGET_ARGS) $(CI_ARGS) . + +local-%: ## Builds the specified target defined in the Pkgfile using the local output type. The build result will be output to the specified local destination. + @$(MAKE) target-$* TARGET_ARGS="--output=type=local,dest=$(DEST) $(TARGET_ARGS)" + +docker-%: ## Builds the specified target defined in the Pkgfile using the docker output type. The build result will be loaded into Docker. @$(MAKE) target-$* TARGET_ARGS="$(TARGET_ARGS)" +reproducibility-test: ## Builds the reproducibility test target + @$(MAKE) reproducibility-test-local-tools + +reproducibility-test-local-%: ## Builds the specified target defined in the Pkgfile using the local output type with and without cahce. The build result will be output to the specified local destination + @rm -rf $(ARTIFACTS)/build-a $(ARTIFACTS)/build-b + @$(MAKE) local-$* DEST=$(ARTIFACTS)/build-a + @$(MAKE) local-$* DEST=$(ARTIFACTS)/build-b TARGET_ARGS="--no-cache" + @touch -ch -t $$(date -d @$(SOURCE_DATE_EPOCH) +%Y%m%d0000) $(ARTIFACTS)/build-a $(ARTIFACTS)/build-b + @diffoscope $(ARTIFACTS)/build-a $(ARTIFACTS)/build-b + @rm -rf $(ARTIFACTS)/build-a $(ARTIFACTS)/build-b + .PHONY: $(TARGETS) $(TARGETS): @$(MAKE) docker-$@ TARGET_ARGS="--tag=$(REGISTRY_AND_USERNAME)/$@:$(TAG) --push=$(PUSH)" .PHONY: deps.png -deps.png: ## Regenerate deps.png. - @$(BLDR) graph | dot -Tpng > deps.png +deps.png: ## Generates a dependency graph of the Pkgfile. + @$(BLDR) graph | dot -Tpng -o deps.png + +.PHONY: rekres +rekres: + @docker pull $(KRES_IMAGE) + @docker run --rm --net=host --user $(shell id -u):$(shell id -g) -v $(PWD):/src -w /src -e GITHUB_TOKEN $(KRES_IMAGE) + +.PHONY: help +help: ## This help menu. + @echo "$$HELP_MENU_HEADER" + @grep -E '^[a-zA-Z%_-]+:.*?## .*$$' $(MAKEFILE_LIST) | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}' + +.PHONY: release-notes +release-notes: + mkdir -p $(ARTIFACTS) + @ARTIFACTS=$(ARTIFACTS) ./hack/release.sh $@ $(ARTIFACTS)/RELEASE_NOTES.md $(TAG) + +.PHONY: conformance +conformance: + @docker pull $(CONFORMANCE_IMAGE) + @docker run --rm -it -v $(PWD):/src -w /src $(CONFORMANCE_IMAGE) enforce + diff --git a/Pkgfile b/Pkgfile index 581dc2e..cd453cf 100644 --- a/Pkgfile +++ b/Pkgfile @@ -5,7 +5,7 @@ format: v1alpha2 vars: - TOOLCHAIN_IMAGE: ghcr.io/siderolabs/toolchain:v0.8.0-10-gfee0af0 + TOOLCHAIN_IMAGE: ghcr.io/siderolabs/toolchain:v0.8.0-12-g804d345 # renovate: datasource=github-releases depName=abseil/abseil-cpp abseil_version: 20230802.1 diff --git a/deps.png b/deps.png index 790536f..7f112db 100644 Binary files a/deps.png and b/deps.png differ diff --git a/hack/release.sh b/hack/release.sh new file mode 100755 index 0000000..d9ee34e --- /dev/null +++ b/hack/release.sh @@ -0,0 +1,66 @@ +#!/bin/bash + +# THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. +# +# Generated on 2023-11-02T12:25:12Z by kres a0777d5-dirty. + +set -e + +RELEASE_TOOL_IMAGE="ghcr.io/siderolabs/release-tool:latest" + +function release-tool { + docker pull "${RELEASE_TOOL_IMAGE}" >/dev/null + docker run --rm -w /src -v "${PWD}":/src:ro "${RELEASE_TOOL_IMAGE}" -l -d -n -t "${1}" ./hack/release.toml +} + +function changelog { + if [ "$#" -eq 1 ]; then + (release-tool ${1}; echo; cat CHANGELOG.md) > CHANGELOG.md- && mv CHANGELOG.md- CHANGELOG.md + else + echo 1>&2 "Usage: $0 changelog [tag]" + exit 1 + fi +} + +function release-notes { + release-tool "${2}" > "${1}" +} + +function cherry-pick { + if [ $# -ne 2 ]; then + echo 1>&2 "Usage: $0 cherry-pick " + exit 1 + fi + + git checkout $2 + git fetch + git rebase upstream/$2 + git cherry-pick -x $1 +} + +function commit { + if [ $# -ne 1 ]; then + echo 1>&2 "Usage: $0 commit " + exit 1 + fi + + git commit -s -m "release($1): prepare release" -m "This is the official $1 release." +} + +if declare -f "$1" > /dev/null +then + cmd="$1" + shift + $cmd "$@" +else + cat <