diff --git a/.github/actions/detect-docker-image-tags/action.yaml b/.github/actions/detect-docker-image-tags/action.yaml index e5b0a12d26..9ffe91135d 100644 --- a/.github/actions/detect-docker-image-tags/action.yaml +++ b/.github/actions/detect-docker-image-tags/action.yaml @@ -52,6 +52,7 @@ runs: ["vdaas/vald-index-creation"]="manager.index.creator.image.tag" ["vdaas/vald-index-save"]="manager.index.saver.image.tag" ["vdaas/vald-helm-operator"]="image.tag" + ["vdaas/vald-ci-container"]="" ) for image in ${IMAGES} diff --git a/.github/actions/determine-docker-image-tag/action.yaml b/.github/actions/determine-docker-image-tag/action.yaml index bfb63a1719..f50ee093fc 100644 --- a/.github/actions/determine-docker-image-tag/action.yaml +++ b/.github/actions/determine-docker-image-tag/action.yaml @@ -20,6 +20,9 @@ outputs: PRIMARY_TAG: description: "Primary tag" value: ${{ steps.determine_tag_name.outputs.PRIMARY_TAG }} + DEFAULT_TAG: + description: "default tag. Tag to be used if the primary tag does not exist" + value: ${{ steps.determine_tag_name.outputs.DEFAULT_TAG }} runs: using: "composite" @@ -28,6 +31,7 @@ runs: shell: bash run: | echo "GITHUB_REF $GITHUB_REF" + echo "GITHUB_BASE_REF $GITHUB_BASE_REF" echo "GITHUB_EVENT_PATH $GITHUB_EVENT_PATH" echo "GITHUB_EVENT_NAME ${{ github.event_name }}" echo "GITHUB_EVENT_NUMBER ${{ github.event.number }}" @@ -38,20 +42,40 @@ runs: run: | if [[ "$GITHUB_REF" =~ ^refs/tags/.* ]]; then tag_name=`echo $GITHUB_REF | sed -e 's:^refs/tags/::'` + echo "${tag_name}" > versions/VALD_VERSION + primary_tag="${tag_name}" - elif [ "${{ github.event_name }}" = "pull_request" ]; then - pr_num=`cat $GITHUB_EVENT_PATH | jq -r ".number"` - echo "PR-${pr_num}" > versions/VALD_VERSION - primary_tag="pr-${pr_num}" - elif [ "${{ github.event_name }}" = "pull_request_target" ]; then + default_tag="nightly" + elif [[ "${{ github.event_name }}" = "pull_request" || "${{ github.event_name }}" = "pull_request_target" ]]; then pr_num=`cat $GITHUB_EVENT_PATH | jq -r ".number"` echo "PR-${pr_num}" > versions/VALD_VERSION + primary_tag="pr-${pr_num}" + default_tag="nightly" + + # For pull request to the release branch, use the release branch latest tag as the default tag (vx.x). + # This is only set if the event that triggers the workflow execution is pull_request or pull_request_target. + if [[ "$GITHUB_BASE_REF" =~ ^release/v([0-9]+)\.([0-9]+)$ ]]; then + tag_name=`echo $GITHUB_BASE_REF | sed -e 's:^release/::'` + default_tag="${tag_name}" + fi elif [ "$GITHUB_REF" = "refs/heads/main" ]; then echo "nightly" > versions/VALD_VERSION + primary_tag="nightly" + default_tag="nightly" + elif [[ "$GITHUB_REF" =~ ^refs/heads/release/v([0-9]+)\.([0-9]+)$ ]]; then + tag_name=`echo $GITHUB_REF | sed -e 's:^refs/heads/release/::'` + echo "${tag_name}" > versions/VALD_VERSION + + primary_tag="${tag_name}" + default_tag="nightly" else primary_tag="unknown" + default_tag="unknown" fi + echo "PRIMARY_TAG is determined: ${primary_tag}" + echo "DEFAULT_TAG is determined: ${default_tag}" echo "PRIMARY_TAG=${primary_tag}" >> $GITHUB_OUTPUT + echo "DEFAULT_TAG=${default_tag}" >> $GITHUB_OUTPUT diff --git a/.github/actions/docker-build/action.yaml b/.github/actions/docker-build/action.yaml index d1cca998b6..d8a3e5342c 100644 --- a/.github/actions/docker-build/action.yaml +++ b/.github/actions/docker-build/action.yaml @@ -15,6 +15,7 @@ # name: "Build Docker images" description: "A action to build Docker images and publish them" + inputs: target: description: "Build target" @@ -44,6 +45,7 @@ outputs: EXTRA_TAGS: description: "Extra tags" value: ${{ steps.add_extra_tags.outputs.EXTRA_TAGS }} + runs: using: "composite" steps: @@ -60,9 +62,11 @@ runs: echo "ALTER_IMAGE_NAME=${alter_image_name}" >> $GITHUB_OUTPUT env: TARGET: ${{ inputs.target }} + - name: Determine tag name id: determine_tag_name uses: ./.github/actions/determine-docker-image-tag + - name: Determine platforms shell: bash id: determine_platforms @@ -82,6 +86,7 @@ runs: echo "PLATFORMS=${platforms}" >> $GITHUB_OUTPUT env: TARGET_PLATFORMS: ${{ inputs.platforms }} + - name: Add extra tags shell: bash id: add_extra_tags @@ -97,6 +102,7 @@ runs: IMAGE_NAME: ${{ steps.image_name.outputs.IMAGE_NAME }} ALTER_IMAGE_NAME: ${{ steps.image_name.outputs.ALTER_IMAGE_NAME }} PRIMARY_TAG: ${{ steps.determine_tag_name.outputs.PRIMARY_TAG }} + - name: Build and Push shell: bash id: build_and_push diff --git a/.github/actions/e2e-deploy-vald-helm-operator/action.yaml b/.github/actions/e2e-deploy-vald-helm-operator/action.yaml index e8f4e645ec..30bc2d0feb 100644 --- a/.github/actions/e2e-deploy-vald-helm-operator/action.yaml +++ b/.github/actions/e2e-deploy-vald-helm-operator/action.yaml @@ -41,6 +41,10 @@ inputs: description: "If you want to use local charts, set this to true." required: false default: "true" + default_image_tag: + description: "Default image tag. e.g) nightly, vx.x, vx.x.x, pr-xxx" + required: true + default: "nightly" outputs: POD_NAME: description: "A pod name that waited for" @@ -67,12 +71,13 @@ runs: if: ${{ inputs.use_local_charts == 'false' }} run: | helm install vald-helm-operator \ - --set image.tag=nightly \ + --set image.tag=${DEFAULT_IMAGE_TAG} \ ${HELM_EXTRA_OPTIONS} \ charts/vald-helm-operator/. sleep 3 env: + DEFAULT_IMAGE_TAG: ${{ inputs.default_image_tag }} HELM_EXTRA_OPTIONS: ${{ inputs.helm_extra_options }} - name: Deploy vald helm operator from local charts @@ -80,9 +85,10 @@ runs: id: deploy_vald_helm_operator_local if: ${{ inputs.use_local_charts == 'true' }} run: | - make k8s/vald-helm-operator/deploy VERSION=nightly HELM_EXTRA_OPTIONS="${HELM_EXTRA_OPTIONS}" + make k8s/vald-helm-operator/deploy VERSION=${DEFAULT_IMAGE_TAG} HELM_EXTRA_OPTIONS="${HELM_EXTRA_OPTIONS}" sleep 3 env: + DEFAULT_IMAGE_TAG: ${{ inputs.default_image_tag }} HELM_EXTRA_OPTIONS: ${{ inputs.helm_extra_options }} - name: Deploy vald diff --git a/.github/actions/e2e-deploy-vald/action.yaml b/.github/actions/e2e-deploy-vald/action.yaml index d862932157..6ba3b275e6 100644 --- a/.github/actions/e2e-deploy-vald/action.yaml +++ b/.github/actions/e2e-deploy-vald/action.yaml @@ -41,6 +41,10 @@ inputs: description: "If you want to use local charts, set this to true." required: false default: "true" + default_image_tag: + description: "Default image tag. e.g) nightly, vx.x, vx.x.x" + required: true + default: "nightly" outputs: POD_NAME: description: "A pod name that waited for" @@ -68,7 +72,7 @@ runs: run: | helm install \ --values ${VALUES} \ - --set defaults.image.tag=nightly \ + --set defaults.image.tag=${DEFAULT_IMAGE_TAG} \ ${HELM_EXTRA_OPTIONS} \ --generate-name charts/vald @@ -81,6 +85,7 @@ runs: podname=`kubectl get pods --selector=${WAIT_FOR_SELECTOR} | tail -1 | awk '{print $1}'` echo "POD_NAME=${podname}" >> $GITHUB_OUTPUT env: + DEFAULT_IMAGE_TAG: ${{ inputs.default_image_tag }} VALUES: ${{ inputs.values }} HELM_EXTRA_OPTIONS: ${{ inputs.helm_extra_options }} WAIT_FOR_SELECTOR: ${{ inputs.wait_for_selector }} @@ -91,7 +96,7 @@ runs: id: deploy_vald_local if: ${{ inputs.use_local_charts == 'true' }} run: | - make k8s/vald/deploy VERSION=nightly HELM_VALUES=${VALUES} HELM_EXTRA_OPTIONS="${HELM_EXTRA_OPTIONS}" + make k8s/vald/deploy VERSION=${DEFAULT_IMAGE_TAG} HELM_VALUES=${VALUES} HELM_EXTRA_OPTIONS="${HELM_EXTRA_OPTIONS}" sleep 3 @@ -102,6 +107,7 @@ runs: podname=`kubectl get pods --selector=${WAIT_FOR_SELECTOR} | tail -1 | awk '{print $1}'` echo "POD_NAME=${podname}" >> $GITHUB_OUTPUT env: + DEFAULT_IMAGE_TAG: ${{ inputs.default_image_tag }} VALUES: ${{ inputs.values }} HELM_EXTRA_OPTIONS: ${{ inputs.helm_extra_options }} WAIT_FOR_SELECTOR: ${{ inputs.wait_for_selector }} diff --git a/.github/actions/setup-e2e/action.yaml b/.github/actions/setup-e2e/action.yaml index 5b81f33ea7..a2a17bbcef 100644 --- a/.github/actions/setup-e2e/action.yaml +++ b/.github/actions/setup-e2e/action.yaml @@ -15,6 +15,7 @@ # name: "Setup E2E environment" description: "A action to set up the environment for executing E2E test" + inputs: require_libhdf5: description: "If libhdf5 is not required, set this to false" @@ -40,6 +41,7 @@ inputs: description: "Image names" required: false default: "vdaas/vald-agent-ngt vdaas/vald-discoverer-k8s vdaas/vald-lb-gateway vdaas/vald-manager-index" + outputs: HELM_EXTRA_OPTIONS: description: "Helm extra options that specifies E2E target image tags" @@ -47,6 +49,10 @@ outputs: IMAGE_TAGS: description: "Specifies E2E target image tags" value: ${{ steps.specify_container_versions.outputs.IMAGE_TAGS }} + DEFAULT_IMAGE_TAG: + description: "Default E2E target image tag" + value: ${{ steps.determine_tag_name.outputs.DEFAULT_TAG }} + runs: using: "composite" steps: diff --git a/.github/workflows/_detect-ci-container.yml b/.github/workflows/_detect-ci-container.yml new file mode 100644 index 0000000000..4b70527e17 --- /dev/null +++ b/.github/workflows/_detect-ci-container.yml @@ -0,0 +1,70 @@ +# +# Copyright (C) 2019-2024 vdaas.org vald team +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# You may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +name: "Detect CI container image tag" +on: + workflow_call: + outputs: + TAG_NAME: + description: "The docker image tag name" + value: ${{ jobs.detect.outputs.TAG_NAME }} + +env: + TARGET_IMAGE: vdaas/vald-ci-container + +jobs: + detect: + runs-on: ubuntu-latest + outputs: + TAG_NAME: ${{ steps.merge_detection_results.outputs.TAG_NAME }} + steps: + - uses: actions/checkout@v3 + + - name: Determine Docker image tag + id: determine_tag_name + uses: ./.github/actions/determine-docker-image-tag + + - name: Detect Docker image tag for primary + id: detect_primary_tag_name + uses: ./.github/actions/detect-docker-image-tags + with: + images: ${{ env.TARGET_IMAGE }} + tag_name: ${{ steps.determine_tag_name.outputs.PRIMARY_TAG }} + + - name: Detect Docker image tag for default + id: detect_default_tag_name + uses: ./.github/actions/detect-docker-image-tags + with: + images: ${{ env.TARGET_IMAGE }} + tag_name: ${{ steps.determine_tag_name.outputs.DEFAULT_TAG }} + + - name: Merge Docker image tag detection results + id: merge_detection_results + run: | + TAG_NAME="nightly" + + if [ -n "${DEFAULT_TAG_RESULT}" ]; then + TAG_NAME=${{ steps.determine_tag_name.outputs.DEFAULT_TAG }} + fi + + if [ -n "${PRIMARY_TAG_RESULT}" ]; then + TAG_NAME=${{ steps.determine_tag_name.outputs.PRIMARY_TAG }} + fi + + echo "TAG_NAME=${TAG_NAME}" + echo "TAG_NAME=${TAG_NAME}" >> $GITHUB_OUTPUT + env: + PRIMARY_TAG_RESULT: ${{ steps.detect_primary_tag_name.outputs.IMAGE_TAGS }} + DEFAULT_TAG_RESULT: ${{ steps.detect_default_tag_name.outputs.IMAGE_TAGS }} diff --git a/.github/workflows/_docker-image-scan.yaml b/.github/workflows/_docker-image-scan.yaml index 2317964ada..91fbfc6b17 100644 --- a/.github/workflows/_docker-image-scan.yaml +++ b/.github/workflows/_docker-image-scan.yaml @@ -26,9 +26,11 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 + - name: Set Git config run: | git config --global --add safe.directory ${GITHUB_WORKSPACE} + - name: Build the Docker image id: build_image run: | @@ -46,6 +48,7 @@ jobs: TARGET: ${{ inputs.target }} LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" PRIMARY_TAG: ${{ github.sha }} + - name: Scan the Docker image uses: ./.github/actions/scan-docker-image with: diff --git a/.github/workflows/_docker-image.yaml b/.github/workflows/_docker-image.yaml index 1e6f79caf4..db3db1019e 100644 --- a/.github/workflows/_docker-image.yaml +++ b/.github/workflows/_docker-image.yaml @@ -26,9 +26,11 @@ on: description: "If it is specified, specified platforms will be used." required: false default: "" + concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref != 'refs/heads/main' && github.ref || github.sha }}-${{ github.event_name }}-${{ inputs.target }} cancel-in-progress: true + jobs: dump-contexts-to-log: runs-on: ubuntu-latest @@ -37,7 +39,13 @@ jobs: - uses: ./.github/actions/dump-context build: runs-on: ubuntu-latest - if: ${{ (github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == false) || (github.event.pull_request.head.repo.fork == true && github.event_name == 'pull_request_target' && contains(github.event.pull_request.labels.*.name, 'ci/approved')) || (github.event_name == 'push' && github.ref == 'refs/heads/main') || startsWith( github.ref, 'refs/tags/') }} + if: >- + ${{ (github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == false) || + (github.event.pull_request.head.repo.fork == true && github.event_name == 'pull_request_target' && contains(github.event.pull_request.labels.*.name, 'ci/approved')) || + (github.event_name == 'push' && github.ref == 'refs/heads/main') || + (github.event_name == 'push' && startsWith( github.ref, 'refs/heads/release/v')) || + startsWith( github.ref, 'refs/tags/') + }} steps: - name: Get ref id: ref @@ -47,17 +55,21 @@ jobs: else echo ref=${{ github.sha }} >> $GITHUB_OUTPUT fi + - uses: actions/checkout@v4 with: ref: ${{ steps.ref.outputs.ref }} + - name: Set Git config run: | git config --global --add safe.directory ${GITHUB_WORKSPACE} + - name: Setup QEMU uses: docker/setup-qemu-action@v3 with: image: tonistiigi/binfmt:master platforms: linux/amd64,linux/arm64 + - name: Setup Docker Buildx id: buildx uses: docker/setup-buildx-action@v3 @@ -68,11 +80,13 @@ jobs: image=moby/buildkit:master network=host buildkitd-flags: "--debug --oci-worker-gc=false" + - name: Login to DockerHub uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USER }} password: ${{ secrets.DOCKERHUB_PASS }} + - name: Login to GitHub Container Registry uses: docker/login-action@v3 with: @@ -81,6 +95,7 @@ jobs: # password: ${{ secrets.GITHUB_TOKEN }} username: ${{ secrets.PACKAGE_USER }} password: ${{ secrets.PACKAGE_TOKEN }} + - name: Build and Publish id: build_and_publish uses: ./.github/actions/docker-build @@ -88,6 +103,7 @@ jobs: target: ${{ inputs.target }} platforms: ${{ inputs.platforms }} builder: ${{ steps.buildx.outputs.name }} + - name: Scan the Docker image if: startsWith( github.ref, 'refs/tags/') uses: ./.github/actions/scan-docker-image @@ -99,6 +115,7 @@ jobs: if: github.ref == 'refs/heads/main' || startsWith( github.ref, 'refs/tags/') steps: - uses: actions/checkout@v4 + - uses: ./.github/actions/notify-slack with: author_name: ${{ inputs.target }} image build diff --git a/.github/workflows/_release-pr.yml b/.github/workflows/_release-pr.yml new file mode 100644 index 0000000000..369813b220 --- /dev/null +++ b/.github/workflows/_release-pr.yml @@ -0,0 +1,133 @@ +# +# Copyright (C) 2019-2024 vdaas.org vald team +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# You may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +name: "Create release PR" +on: + workflow_call: + inputs: + release_branch_name: + type: string + description: "The release branch name. e.g release/v1.7" + required: true + release_tag: + type: string + description: "The release tag" + required: true + +jobs: + dump-contexts-to-log: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: ./.github/actions/dump-context + + detect-ci-container: + uses: ./.github/workflows/_detect-ci-container.yml + secrets: inherit + + create: + needs: + - dump-contexts-to-log + - detect-ci-container + runs-on: ubuntu-latest + container: + image: ghcr.io/vdaas/vald/vald-ci-container:${{ needs.detect-ci-container.outputs.TAG_NAME }} + env: + RELEASE_BRANCH_NAME: ${{ inputs.release_branch_name }} + PREPARE_RELEASE_BRANCH_NAME: prepare/${{ inputs.release_branch_name }} + RELEASE_TAG: ${{ inputs.release_tag }} + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 0 + token: ${{ secrets.DISPATCH_TOKEN }} + + - name: Set Git config + run: | + git config --global --add safe.directory ${GITHUB_WORKSPACE} + + - uses: crazy-max/ghaction-import-gpg@v4 + with: + gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} + git_user_signingkey: true + git_commit_gpgsign: true + + - name: Update for new release + id: update_for_new_release + run: | + git checkout ${RELEASE_BRANCH_NAME} + git checkout -b ${PREPARE_RELEASE_BRANCH_NAME} && git push origin ${PREPARE_RELEASE_BRANCH_NAME} + + LAST_COMMIT_MESSAGE=`git log --pretty=format:%s -1` + PR_NUM=`echo "${LAST_COMMIT_MESSAGE}" | grep -o "#[[:digit:]]\+" | sed -e 's/#//' | head -1` + + PREVIOUS_VERSION=`cat versions/VALD_VERSION` + echo "${RELEASE_TAG}" > versions/VALD_VERSION + + sed -i -e "s/^version: .*$/version: ${RELEASE_TAG}/" charts/vald/Chart.yaml + sed -i -r "s/^(\s*)tag\s*:\s*v[0-9]+\.[0-9]+\.[0-9]+\s*$/\1tag: ${RELEASE_TAG}/" charts/vald/values.yaml + sed -i -e "s/^version: .*$/version: ${RELEASE_TAG}/" charts/vald-helm-operator/Chart.yaml + sed -i -r "s/^(\s*)tag\s*:\s*v[0-9]+\.[0-9]+\.[0-9]+\s*$/\1tag: ${RELEASE_TAG}/" charts/vald-helm-operator/values.yaml + + make helm/schema/vald + make helm/schema/vald-helm-operator + make helm/schema/crd/vald + make helm/schema/crd/vald-helm-operator + make k8s/manifest/update + make k8s/manifest/helm-operator/update + make helm/docs/vald + make helm/docs/vald-helm-operator + + BODY="" + if [ ! -z "${PR_NUM}" ]; then + BODY=`curl -s -H "Authorization: Bearer ${GITHUB_TOKEN}" "https://api.github.com/repos/${GITHUB_REPOSITORY}/pulls/${PR_NUM}" | jq -r '.body'` + fi + + if [ -z "$BODY" ]; then + BODY=`git log --pretty=format:'- %s' ${PREVIOUS_VERSION}..${RELEASE_BRANCH_NAME} | grep "#[[:digit:]]\+" | sed -e "s/\[\(patch\|minor\|major\)\] *//g" | sed -e "s%#\([[:digit:]]\+\)%[&](https://github.com/vdaas/vald/pull/\1)%"` + fi + + CHANGELOG=`make changelog/next/print BODY="$BODY"` + make changelog/update BODY="$BODY" + + make format + + git add \ + CHANGELOG.md \ + charts/vald-helm-operator/Chart.yaml \ + charts/vald-helm-operator/README.md \ + charts/vald-helm-operator/values.schema.json \ + charts/vald-helm-operator/values.yaml \ + charts/vald/Chart.yaml \ + charts/vald/README.md \ + charts/vald/values.schema.json \ + charts/vald/values.yaml \ + k8s \ + versions/VALD_VERSION + git commit -S --signoff -m ":bookmark: :robot: Release ${RELEASE_TAG}" + git push -u origin ${PREPARE_RELEASE_BRANCH_NAME} + + curl --include --verbose --fail \ + -H "Accept: application/json" \ + -H "Content-Type:application/json" \ + -H "Authorization: token ${GITHUB_TOKEN}" \ + --request POST \ + --data "{\"title\": \":bookmark: :robot: Release ${RELEASE_TAG}\", \"head\": \"${PREPARE_RELEASE_BRANCH_NAME}\", \"base\": \"${RELEASE_BRANCH_NAME}\", \"body\": \"Release PR for ${RELEASE_TAG}.\", \"maintainer_can_modify\": true}" \ + $API_URL + + env: + GITHUB_USER: ${{ secrets.DISPATCH_USER }} + GITHUB_TOKEN: ${{ secrets.DISPATCH_TOKEN }} + API_URL: https://api.github.com/repos/vdaas/vald/pulls diff --git a/.github/workflows/_update-protobuf.yaml b/.github/workflows/_update-protobuf.yaml index 435e0af614..67588ab0b7 100644 --- a/.github/workflows/_update-protobuf.yaml +++ b/.github/workflows/_update-protobuf.yaml @@ -21,7 +21,6 @@ on: type: string description: "Dispatch target repository" required: true - default: "" jobs: dispatch: @@ -29,7 +28,10 @@ jobs: steps: - name: Dispatch run: | - curl --fail -u "${USER}:${TOKEN}" -X POST https://api.github.com/repos/vdaas/${REPO}/dispatches -H 'Accept: application/vnd.github.everest-preview+json' --data '{"event_type": "update-protobuf"}' + curl --fail -u "${USER}:${TOKEN}" \ + -X POST https://api.github.com/repos/vdaas/${REPO}/dispatches \ + -H 'Accept: application/vnd.github.everest-preview+json' \ + --data '{"event_type": "update-protobuf"}' env: REPO: ${{ inputs.repo }} USER: ${{ secrets.DISPATCH_USER }} diff --git a/.github/workflows/backport.yml b/.github/workflows/backport.yml new file mode 100644 index 0000000000..5bad8d1dcd --- /dev/null +++ b/.github/workflows/backport.yml @@ -0,0 +1,87 @@ +# +# Copyright (C) 2019-2024 vdaas.org vald team +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# You may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +name: "Run backport PR" +on: + pull_request: + types: + - "closed" + +env: + TARGET_LABEL_NAME_PREFIX: "actions/backport/" + BACKPORT_BRANCH_NAME_PREFIX: "backport" + +jobs: + dump-contexts-to-log: + runs-on: ubuntu-latest + if: ${{ github.event.pull_request.merged == true }} + steps: + - uses: actions/checkout@v3 + - uses: ./.github/actions/dump-context + + create: + runs-on: ubuntu-latest + needs: [dump-contexts-to-log] + + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 0 + token: ${{ secrets.DISPATCH_TOKEN }} + + - name: Set Git config + run: | + git config --global --add safe.directory ${GITHUB_WORKSPACE} + + - uses: crazy-max/ghaction-import-gpg@v4 + with: + gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} + git_user_signingkey: true + git_commit_gpgsign: true + + - name: Set context + id: set_context + run: | + LABEL_NAMES=`cat ${GITHUB_EVENT_PATH} | jq -r --arg PREFIX $TARGET_LABEL_NAME_PREFIX '[.pull_request.labels[]? | select(.name | startswith($PREFIX)) | .name] | join(" ")'` + + echo "LABEL_NAMES=${LABEL_NAMES}" >> $GITHUB_OUTPUT # e.g.) actions/backport/v1.7 actions/backport/v1.8 + echo "${LABEL_NAMES}" + + - name: Create PR + if: ${{ steps.set_context.outputs.LABEL_NAMES != '' }} + env: + LABEL_NAMES: ${{ steps.set_context.outputs.LABEL_NAMES }} + GITHUB_USER: ${{ secrets.DISPATCH_USER }} + GITHUB_TOKEN: ${{ secrets.DISPATCH_TOKEN }} + run: | + for LABEL_NAME in ${LABEL_NAMES}; do + BRANCH_NAME=`echo "${LABEL_NAME}" | sed -e "s:^${TARGET_LABEL_NAME_PREFIX}::"` # e.g) release/vx.x, main + BACKPORT_BRANCH_NAME="${BACKPORT_BRANCH_NAME_PREFIX}/${BRANCH_NAME}/${GITHUB_HEAD_REF}" # e.g) backport/release/vx.x/{current branch name} + + echo "BRANCH_NAME=${BRANCH_NAME}" + echo "BACKPORT_BRANCH_NAME=${BACKPORT_BRANCH_NAME}" + echo "SHA=${GITHUB_SHA}" + + git checkout ${BRANCH_NAME} + git checkout -b ${BACKPORT_BRANCH_NAME} + + # Force cherry-pick. The conflicts will be modified within the backport PR. + git cherry-pick $GITHUB_SHA || (git add -A && git cherry-pick --continue --no-edit) + git push origin ${BACKPORT_BRANCH_NAME} + + gh pr create --base ${BRANCH_NAME} \ + --title "Backport to ${BRANCH_NAME}" \ + --body-file .github/PULL_REQUEST_TEMPLATE.md + done diff --git a/.github/workflows/build-protobuf.yml b/.github/workflows/build-protobuf.yml index 8a99257fa0..4a3cc0df0d 100644 --- a/.github/workflows/build-protobuf.yml +++ b/.github/workflows/build-protobuf.yml @@ -18,6 +18,8 @@ on: push: branches: - main + - "release/v*.*" + - "!release/v*.*.*" paths: - "apis/proto/**" - "versions/GO_VERSION" diff --git a/.github/workflows/chatops.yml b/.github/workflows/chatops.yml index 35c99c51f5..353f6a64d8 100644 --- a/.github/workflows/chatops.yml +++ b/.github/workflows/chatops.yml @@ -358,7 +358,7 @@ jobs: git_commit_gpgsign: true - uses: ./.github/actions/setup-go - if: steps.check_comments_gen_test.outputs.BOOL_TRIGGERED == 'true' && steps.check_permissions.outputs.EXECUTABLE == 'true' + if: steps.check_comments_format.outputs.BOOL_TRIGGERED == 'true' && steps.check_permissions.outputs.EXECUTABLE == 'true' - name: update and push id: format_push diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index a3799423cc..3c02a4aaf5 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -18,6 +18,8 @@ on: push: branches: - main + - "release/v*.*" + - "!release/v*.*.*" tags: - "*.*.*" - "v*.*.*" @@ -26,6 +28,8 @@ on: pull_request: branches: - main + - "release/v*.*" + - "!release/v*.*.*" paths: - ".github/workflows/codeql-analysis.yml" - "**.go" diff --git a/.github/workflows/dockers-agent-ngt-image.yml b/.github/workflows/dockers-agent-ngt-image.yml index e264b44261..331428d710 100644 --- a/.github/workflows/dockers-agent-ngt-image.yml +++ b/.github/workflows/dockers-agent-ngt-image.yml @@ -17,7 +17,9 @@ name: "Build docker image: agent-ngt" on: push: branches: - - main + - "main" + - "release/v*.*" + - "!release/v*.*.*" tags: - "*.*.*" - "v*.*.*" diff --git a/.github/workflows/dockers-agent-sidecar-image.yml b/.github/workflows/dockers-agent-sidecar-image.yml index 6cc6940a9c..a95948e15f 100644 --- a/.github/workflows/dockers-agent-sidecar-image.yml +++ b/.github/workflows/dockers-agent-sidecar-image.yml @@ -17,7 +17,9 @@ name: "Build docker image: agent-sidecar" on: push: branches: - - main + - "main" + - "release/v*.*" + - "!release/v*.*.*" tags: - "*.*.*" - "v*.*.*" diff --git a/.github/workflows/dockers-ci-container-image.yml b/.github/workflows/dockers-ci-container-image.yml index a93f0953f6..b347e63db3 100644 --- a/.github/workflows/dockers-ci-container-image.yml +++ b/.github/workflows/dockers-ci-container-image.yml @@ -17,7 +17,14 @@ name: "Build docker image: ci-container" on: push: branches: - - main + - "main" + - "release/v*.*" + - "!release/v*.*.*" + tags: + - "*.*.*" + - "v*.*.*" + - "*.*.*-*" + - "v*.*.*-*" paths: - ".github/actions/docker-build/actions.yaml" - ".github/workflows/_docker-image.yaml" @@ -47,8 +54,6 @@ on: - "Makefile.d/**" - "versions/GO_VERSION" - "versions/NGT_VERSION" - schedule: - - cron: "0 1 * * *" jobs: build: diff --git a/.github/workflows/dockers-dev-container-image.yml b/.github/workflows/dockers-dev-container-image.yml index 12953b13ae..a71551a111 100644 --- a/.github/workflows/dockers-dev-container-image.yml +++ b/.github/workflows/dockers-dev-container-image.yml @@ -17,7 +17,9 @@ name: "Build docker image: dev-container" on: push: branches: - - main + - "main" + - "release/v*.*" + - "!release/v*.*.*" paths: - ".github/actions/docker-build/actions.yaml" - ".github/workflows/_docker-image.yaml" @@ -47,8 +49,6 @@ on: - "Makefile.d/**" - "versions/GO_VERSION" - "versions/NGT_VERSION" - schedule: - - cron: "0 1 * * *" jobs: build: diff --git a/.github/workflows/dockers-discoverer-k8s-image.yml b/.github/workflows/dockers-discoverer-k8s-image.yml index 900b92e8b5..6591924953 100644 --- a/.github/workflows/dockers-discoverer-k8s-image.yml +++ b/.github/workflows/dockers-discoverer-k8s-image.yml @@ -17,7 +17,9 @@ name: "Build docker image: discoverer-k8s" on: push: branches: - - main + - "main" + - "release/v*.*" + - "!release/v*.*.*" tags: - "*.*.*" - "v*.*.*" diff --git a/.github/workflows/dockers-gateway-filter-image.yml b/.github/workflows/dockers-gateway-filter-image.yml index 89650d563e..96636e666f 100644 --- a/.github/workflows/dockers-gateway-filter-image.yml +++ b/.github/workflows/dockers-gateway-filter-image.yml @@ -17,7 +17,9 @@ name: "Build docker image: gateway-filter" on: push: branches: - - main + - "main" + - "release/v*.*" + - "!release/v*.*.*" tags: - "*.*.*" - "v*.*.*" diff --git a/.github/workflows/dockers-gateway-lb-image.yml b/.github/workflows/dockers-gateway-lb-image.yml index 77ef2baf15..215b41b428 100644 --- a/.github/workflows/dockers-gateway-lb-image.yml +++ b/.github/workflows/dockers-gateway-lb-image.yml @@ -17,7 +17,9 @@ name: "Build docker image: gateway-lb" on: push: branches: - - main + - "main" + - "release/v*.*" + - "!release/v*.*.*" tags: - "*.*.*" - "v*.*.*" diff --git a/.github/workflows/dockers-helm-operator-image.yml b/.github/workflows/dockers-helm-operator-image.yml index c36d88d0a8..1010c145b9 100644 --- a/.github/workflows/dockers-helm-operator-image.yml +++ b/.github/workflows/dockers-helm-operator-image.yml @@ -17,7 +17,9 @@ name: "Build docker image: helm-operator" on: push: branches: - - main + - "main" + - "release/v*.*" + - "!release/v*.*.*" tags: - "*.*.*" - "v*.*.*" diff --git a/.github/workflows/dockers-image-scan.yml b/.github/workflows/dockers-image-scan.yml index 755c296cfe..682649ee88 100644 --- a/.github/workflows/dockers-image-scan.yml +++ b/.github/workflows/dockers-image-scan.yml @@ -26,58 +26,72 @@ jobs: steps: - uses: actions/checkout@v4 - uses: ./.github/actions/dump-context + agent-ngt: uses: ./.github/workflows/_docker-image-scan.yaml with: target: agent-ngt + agent-sidecar: uses: ./.github/workflows/_docker-image-scan.yaml with: target: agent-sidecar + ci-container: uses: ./.github/workflows/_docker-image-scan.yaml with: target: ci-container + dev-container: uses: ./.github/workflows/_docker-image-scan.yaml with: target: dev-container + discoverer-k8s: uses: ./.github/workflows/_docker-image-scan.yaml with: target: discoverer-k8s + gateway-lb: uses: ./.github/workflows/_docker-image-scan.yaml with: target: gateway-lb + gateway-filter: uses: ./.github/workflows/_docker-image-scan.yaml with: target: gateway-filter + index-correction: uses: ./.github/workflows/_docker-image-scan.yaml with: target: index-correction + index-creation: uses: ./.github/workflows/_docker-image-scan.yaml with: target: index-creation + index-save: uses: ./.github/workflows/_docker-image-scan.yaml with: target: index-save + loadtest: uses: ./.github/workflows/_docker-image-scan.yaml with: target: loadtest + manager-index: uses: ./.github/workflows/_docker-image-scan.yaml with: target: manager-index + operator-helm: uses: ./.github/workflows/_docker-image-scan.yaml with: target: operator/helm + readreplica-rotate: uses: ./.github/workflows/_docker-image-scan.yaml with: diff --git a/.github/workflows/dockers-loadtest-image.yml b/.github/workflows/dockers-loadtest-image.yml index 6baab75a43..7f624a22c5 100644 --- a/.github/workflows/dockers-loadtest-image.yml +++ b/.github/workflows/dockers-loadtest-image.yml @@ -17,7 +17,9 @@ name: "Build docker image: loadtest" on: push: branches: - - main + - "main" + - "release/v*.*" + - "!release/v*.*.*" tags: - "*.*.*" - "v*.*.*" diff --git a/.github/workflows/dockers-manager-index-image.yml b/.github/workflows/dockers-manager-index-image.yml index d48f0fc546..107b353b15 100644 --- a/.github/workflows/dockers-manager-index-image.yml +++ b/.github/workflows/dockers-manager-index-image.yml @@ -17,7 +17,9 @@ name: "Build docker image: manager-index" on: push: branches: - - main + - "main" + - "release/v*.*" + - "!release/v*.*.*" tags: - "*.*.*" - "v*.*.*" diff --git a/.github/workflows/dockers-release-branch-image.yaml b/.github/workflows/dockers-release-branch-image.yaml new file mode 100644 index 0000000000..56a29a7c1e --- /dev/null +++ b/.github/workflows/dockers-release-branch-image.yaml @@ -0,0 +1,122 @@ +# +# Copyright (C) 2019-2024 vdaas.org vald team +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# You may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +name: "Build docker images when the release branch is created" +on: + push: + branches: + - "release/v*.*" + - "!release/v*.*.*" + +jobs: + dump-contexts-to-log: + if: github.event.created + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: ./.github/actions/dump-context + + agent-ngt: + needs: [dump-contexts-to-log] + uses: ./.github/workflows/_docker-image.yaml + with: + target: agent-ngt + secrets: inherit + + agent-sidecar: + needs: [dump-contexts-to-log] + uses: ./.github/workflows/_docker-image.yaml + with: + target: agent-sidecar + secrets: inherit + + ci-container: + needs: [dump-contexts-to-log] + uses: ./.github/workflows/_docker-image.yaml + with: + target: ci-container + platforms: linux/amd64 + secrets: inherit + + discoverer-k8s: + needs: [dump-contexts-to-log] + uses: ./.github/workflows/_docker-image.yaml + with: + target: discoverer-k8s + secrets: inherit + + gateway-lb: + needs: [dump-contexts-to-log] + uses: ./.github/workflows/_docker-image.yaml + with: + target: gateway-lb + secrets: inherit + + gateway-filter: + needs: [dump-contexts-to-log] + uses: ./.github/workflows/_docker-image.yaml + with: + target: gateway-filter + secrets: inherit + + index-correction: + needs: [dump-contexts-to-log] + uses: ./.github/workflows/_docker-image.yaml + with: + target: index-correction + secrets: inherit + + index-creation: + needs: [dump-contexts-to-log] + uses: ./.github/workflows/_docker-image.yaml + with: + target: index-creation + secrets: inherit + + index-save: + needs: [dump-contexts-to-log] + uses: ./.github/workflows/_docker-image.yaml + with: + target: index-save + secrets: inherit + + loadtest: + needs: [dump-contexts-to-log] + uses: ./.github/workflows/_docker-image.yaml + with: + target: loadtest + platforms: linux/amd64 + secrets: inherit + + manager-index: + needs: [dump-contexts-to-log] + uses: ./.github/workflows/_docker-image.yaml + with: + target: manager-index + secrets: inherit + + operator-helm: + needs: [dump-contexts-to-log] + uses: ./.github/workflows/_docker-image.yaml + with: + target: operator/helm + secrets: inherit + + readreplica-rotate: + needs: [dump-contexts-to-log] + uses: ./.github/workflows/_docker-image.yaml + with: + target: readreplica-rotate + secrets: inherit diff --git a/.github/workflows/e2e-chaos.yaml b/.github/workflows/e2e-chaos.yaml index 64d3a2c4ed..7ffd651dc7 100644 --- a/.github/workflows/e2e-chaos.yaml +++ b/.github/workflows/e2e-chaos.yaml @@ -60,6 +60,7 @@ jobs: id: deploy_vald uses: ./.github/actions/e2e-deploy-vald with: + default_image_tag: ${{ steps.setup_e2e.outputs.DEFAULT_IMAGE_TAG }} helm_extra_options: ${{ steps.setup_e2e.outputs.HELM_EXTRA_OPTIONS }} values: ${{ env.VALUES }} wait_for_selector: app=vald-lb-gateway @@ -104,6 +105,7 @@ jobs: id: deploy_vald uses: ./.github/actions/e2e-deploy-vald with: + default_image_tag: ${{ steps.setup_e2e.outputs.DEFAULT_IMAGE_TAG }} helm_extra_options: ${{ steps.setup_e2e.outputs.HELM_EXTRA_OPTIONS }} values: ${{ env.VALUES }} wait_for_selector: app=vald-lb-gateway @@ -148,6 +150,7 @@ jobs: id: deploy_vald uses: ./.github/actions/e2e-deploy-vald with: + default_image_tag: ${{ steps.setup_e2e.outputs.DEFAULT_IMAGE_TAG }} helm_extra_options: ${{ steps.setup_e2e.outputs.HELM_EXTRA_OPTIONS }} values: ${{ env.VALUES }} wait_for_selector: app=vald-lb-gateway @@ -192,6 +195,7 @@ jobs: id: deploy_vald uses: ./.github/actions/e2e-deploy-vald with: + default_image_tag: ${{ steps.setup_e2e.outputs.DEFAULT_IMAGE_TAG }} helm_extra_options: ${{ steps.setup_e2e.outputs.HELM_EXTRA_OPTIONS }} values: ${{ env.VALUES }} wait_for_selector: app=vald-lb-gateway diff --git a/.github/workflows/e2e-max-dim.yml b/.github/workflows/e2e-max-dim.yml index 919a4930a1..ed913b8039 100644 --- a/.github/workflows/e2e-max-dim.yml +++ b/.github/workflows/e2e-max-dim.yml @@ -67,7 +67,7 @@ jobs: fi export HELM_EXTRA_OPTIOINS="--set agent.ngt.dimension=${DIM}" - make k8s/vald/deploy VERSION="nightly" HELM_VALUES=${VALUES} HELM_EXTRA_OPTIONS="${HELM_EXTRA_OPTIOINS}" + make k8s/vald/deploy VERSION=${DEFAULT_IMAGE_TAG} HELM_VALUES=${VALUES} HELM_EXTRA_OPTIONS="${HELM_EXTRA_OPTIOINS}" sleep 3 @@ -105,6 +105,7 @@ jobs: echo "MAX_BIT=${BIT}" >> $GITHUB_OUTPUT echo "MAX_BIT=${BIT}" env: + DEFAULT_IMAGE_TAG: ${{ steps.setup_e2e.outputs.DEFAULT_IMAGE_TAG }} WAIT_FOR_SELECTOR: app=vald-agent-ngt WAIT_FOR_TIMEOUT: 29m VALUES: .github/helm/values/values-max-dim.yaml diff --git a/.github/workflows/e2e-profiling.yml b/.github/workflows/e2e-profiling.yml index 18e7fe8066..2ca061611f 100644 --- a/.github/workflows/e2e-profiling.yml +++ b/.github/workflows/e2e-profiling.yml @@ -56,6 +56,7 @@ jobs: id: deploy_vald uses: ./.github/actions/e2e-deploy-vald with: + default_image_tag: ${{ steps.setup_e2e.outputs.DEFAULT_IMAGE_TAG }} helm_extra_options: ${{ steps.setup_e2e.outputs.HELM_EXTRA_OPTIONS }} values: .github/helm/values/values-profile.yaml wait_for_selector: app=vald-lb-gateway diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml index e4dabcdffa..28f0722a11 100644 --- a/.github/workflows/e2e.yml +++ b/.github/workflows/e2e.yml @@ -55,6 +55,7 @@ jobs: id: deploy_vald uses: ./.github/actions/e2e-deploy-vald with: + default_image_tag: ${{ steps.setup_e2e.outputs.DEFAULT_IMAGE_TAG }} helm_extra_options: ${{ steps.setup_e2e.outputs.HELM_EXTRA_OPTIONS }} values: .github/helm/values/values-lb.yaml wait_for_selector: app=vald-lb-gateway @@ -106,6 +107,7 @@ jobs: - name: Merge Docker image tag run: | + yq e ".spec.defaults.image.tag=\"${{ steps.setup_e2e.outputs.DEFAULT_IMAGE_TAG }}\"" -i ./.github/valdrelease/valdrelease.yaml IMAGE_TAGS=(${{ steps.setup_e2e.outputs.IMAGE_TAGS }}) for IMAGE_TAG in "${IMAGE_TAGS[@]}" @@ -122,6 +124,7 @@ jobs: id: deploy_vald uses: ./.github/actions/e2e-deploy-vald-helm-operator with: + default_image_tag: ${{ steps.vald_helm_operator.outputs.DEFAULT_IMAGE_TAG }} helm_extra_options: ${{ steps.vald_helm_operator.outputs.HELM_EXTRA_OPTIONS }} valdrelease: ./.github/valdrelease/valdrelease.yaml wait_for_selector: app=vald-lb-gateway @@ -216,6 +219,7 @@ jobs: id: deploy_vald uses: ./.github/actions/e2e-deploy-vald with: + default_image_tag: ${{ steps.setup_e2e.outputs.DEFAULT_IMAGE_TAG }} helm_extra_options: ${{ steps.setup_e2e.outputs.HELM_EXTRA_OPTIONS }} values: .github/helm/values/values-lb.yaml wait_for_selector: app=vald-lb-gateway @@ -259,6 +263,7 @@ jobs: id: deploy_vald uses: ./.github/actions/e2e-deploy-vald with: + default_image_tag: ${{ steps.setup_e2e.outputs.DEFAULT_IMAGE_TAG }} helm_extra_options: ${{ steps.setup_e2e.outputs.HELM_EXTRA_OPTIONS }} values: .github/helm/values/values-lb.yaml wait_for_selector: app=vald-lb-gateway @@ -336,6 +341,7 @@ jobs: id: deploy_vald uses: ./.github/actions/e2e-deploy-vald with: + default_image_tag: ${{ steps.setup_e2e.outputs.DEFAULT_IMAGE_TAG }} require_minio: "true" helm_extra_options: ${{ steps.setup_e2e.outputs.HELM_EXTRA_OPTIONS }} values: .github/helm/values/values-agent-sidecar.yaml diff --git a/.github/workflows/format.yml b/.github/workflows/format.yml index e8825a3064..ab0005f4b3 100644 --- a/.github/workflows/format.yml +++ b/.github/workflows/format.yml @@ -27,11 +27,15 @@ jobs: - uses: actions/checkout@v4 - uses: ./.github/actions/dump-context + detect-ci-container: + uses: ./.github/workflows/_detect-ci-container.yml + format: if: ${{ github.event_name == 'push' }} runs-on: ubuntu-latest + needs: [detect-ci-container] container: - image: ghcr.io/vdaas/vald/vald-ci-container:nightly + image: ghcr.io/vdaas/vald/vald-ci-container:${{ needs.detect-ci-container.outputs.TAG_NAME }} steps: - uses: actions/checkout@v4 with: @@ -95,8 +99,9 @@ jobs: check-format-diff: if: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == false }} runs-on: ubuntu-latest + needs: [detect-ci-container] container: - image: ghcr.io/vdaas/vald/vald-ci-container:nightly + image: ghcr.io/vdaas/vald/vald-ci-container:${{ needs.detect-ci-container.outputs.TAG_NAME }} steps: - uses: actions/checkout@v4 with: diff --git a/.github/workflows/helm.yml b/.github/workflows/helm.yml index 4faa410c41..7e26021309 100644 --- a/.github/workflows/helm.yml +++ b/.github/workflows/helm.yml @@ -29,70 +29,6 @@ jobs: - uses: actions/checkout@v4 - uses: ./.github/actions/dump-context - update-k8s-manifest: - name: Update k8s manifest - runs-on: ubuntu-latest - container: - image: ghcr.io/vdaas/vald/vald-ci-container:nightly - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Set Git config - run: | - git config --global --add safe.directory ${GITHUB_WORKSPACE} - - - uses: crazy-max/ghaction-import-gpg@v4 - with: - gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} - git_user_signingkey: true - git_commit_gpgsign: true - - - name: Setup Helm environment - uses: ./.github/actions/setup-helm - - - name: Switch new branch - id: switch_to_new_branch - run: | - TIMESTAMP=$(date +%Y%m%d_%H%M%S_%3N) - BRANCH_NAME="documentation/k8s-manifests/update_k8s_manifests_${TIMESTAMP}" - git checkout main - git checkout -b ${BRANCH_NAME} - echo "BRANCH_NAME=${BRANCH_NAME}" >> $GITHUB_OUTPUT - - - name: Update k8s-dir - run: | - make k8s/manifest/update - make k8s/manifest/helm-operator/update - - - name: Run formatter and license.go - run: | - make format/yaml - make license - - - name: Push to main - continue-on-error: true - run: | - git add k8s - git commit -S --signoff -m ":robot: Automatically update k8s manifests" - - git remote set-url origin "https://${GITHUB_USER}:${GITHUB_TOKEN}@github.com/${GITHUB_REPOSITORY}.git" - git push -u origin ${BRANCH_NAME} - - curl --include --verbose --fail \ - -H "Accept: application/json" \ - -H "Content-Type:application/json" \ - -H "Authorization: token ${GITHUB_TOKEN}" \ - --request POST \ - --data "{\"title\": \"Update K8s manifests\", \"head\": \"${BRANCH_NAME}\", \"base\": \"main\", \"body\": \"K8s manifests are updated.\", \"maintainer_can_modify\": true}" \ - $API_URL - env: - GITHUB_USER: ${{ secrets.DISPATCH_USER }} - GITHUB_TOKEN: ${{ secrets.DISPATCH_TOKEN }} - API_URL: https://api.github.com/repos/vdaas/vald/pulls - BRANCH_NAME: ${{ steps.switch_to_new_branch.outputs.BRANCH_NAME }} - update-helm-chart: name: Update Helm chart runs-on: ubuntu-latest diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000000..e6129f6fa3 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,83 @@ +# +# Copyright (C) 2019-2024 vdaas.org vald team +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# You may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +name: "Run release" +on: + pull_request: + branches: + - "release/v*.*" + - "!release/v*.*.*" + types: + - "closed" + +jobs: + dump-contexts-to-log: + if: >- + ${{ github.event.pull_request.merged == true && startsWith(github.event.pull_request.title, ':bookmark: :robot: Release') }} + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: ./.github/actions/dump-context + + release: + needs: + - dump-contexts-to-log + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 0 + token: ${{ secrets.DISPATCH_TOKEN }} + + - name: Set Git config + run: | + git config --global --add safe.directory ${GITHUB_WORKSPACE} + + - uses: crazy-max/ghaction-import-gpg@v4 + with: + gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} + git_user_signingkey: true + git_commit_gpgsign: true + + - name: Create release tag + id: create_release_tag + env: + GITHUB_USER: ${{ secrets.DISPATCH_USER }} + GITHUB_TOKEN: ${{ secrets.DISPATCH_TOKEN }} + run: | + VERSION=`cat versions/VALD_VERSION` + + git tag ${VERSION} + + git remote set-url origin "https://${GITHUB_USER}:${GITHUB_TOKEN}@github.com/${GITHUB_REPOSITORY}.git" + + git push origin ${VERSION} + echo "VERSION=${VERSION}" >> $GITHUB_OUTPUT + + - name: Create release + uses: softprops/action-gh-release@v1 + env: + GITHUB_TOKEN: ${{ secrets.DISPATCH_TOKEN }} + with: + tag_name: ${{ steps.create_release_tag.outputs.VERSION }} + name: Release ${{ steps.create_release_tag.outputs.VERSION }} + body: | + See [CHANGELOG.md](https://github.com/vdaas/vald/blob/${{ steps.create_release_tag.outputs.VERSION }}/CHANGELOG.md) for details. + draft: false + prerelease: false + + - name: Add the version to goproxy + run: | + curl "https://proxy.golang.org/github.com/vdaas/vald/@v/${{ steps.create_release_tag.outputs.VERSION }}.info" diff --git a/.github/workflows/semver-major-minor.yaml b/.github/workflows/semver-major-minor.yaml new file mode 100644 index 0000000000..70791df5fd --- /dev/null +++ b/.github/workflows/semver-major-minor.yaml @@ -0,0 +1,109 @@ +# +# Copyright (C) 2019-2024 vdaas.org vald team +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# You may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +name: "Run [major/minor] Release" +on: + push: + branches: + - "main" +env: + BACKPORT_LABEL_PREFIX: "actions/backport/" + +jobs: + dump-contexts-to-log: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: ./.github/actions/dump-context + + semver-auto: + runs-on: ubuntu-latest + needs: [dump-contexts-to-log] + outputs: + RELEASE_BRANCH_NAME: ${{ steps.upgrade_semver.outputs.RELEASE_BRANCH_NAME }} + RELEASE_TAG: ${{ steps.upgrade_semver.outputs.RELEASE_TAG }} + RELEASE: ${{ steps.setup_for_release.outputs.RELEASE }} + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 0 + token: ${{ secrets.DISPATCH_TOKEN }} + + - name: Set Git config + run: | + git config --global --add safe.directory ${GITHUB_WORKSPACE} + + - name: Set context + id: set_context + run: | + LATEST_TAG=`git tag --sort=v:refname | tail -n 1` + UNSUPPORTED_VERSION=`git tag --sort=v:refname | sed -E 's/^v([0-9]+\.[0-9]+).*$/v\1/' | uniq | tail -n 2 | head -n 1` + RELEASE_KIND=`git log --pretty=format:%s -1 | sed -n -E 's:^\[(major|minor)\].*:\1:p'` + + echo "LATEST_TAG=${LATEST_TAG}" >> $GITHUB_OUTPUT # e.g) v1.7.6 + echo "RELEASE_KIND=${RELEASE_KIND}" >> $GITHUB_OUTPUT # e.g) major or minor + echo "UNSUPPORTED_VERSION=${UNSUPPORTED_VERSION}" >> $GITHUB_OUTPUT # e.g) v1.6 + + echo "LATEST_TAG=${LATEST_TAG}" + echo "RELEASE_KIND=${RELEASE_KIND}" + echo "UNSUPPORTED_VERSION=${UNSUPPORTED_VERSION}" + + - name: Upgrade semver + id: upgrade_semver + if: ${{ steps.set_context.outputs.RELEASE_KIND != '' }} + env: + LATEST_TAG: ${{ steps.set_context.outputs.LATEST_TAG }} + RELEASE_KIND: ${{ steps.set_context.outputs.RELEASE_KIND }} + run: | + IFS=. read -r version minor patch <<< `echo "${LATEST_TAG}" | sed -e 's:^v::'` # e.g) version=1, minor=7, patch=7 + + case ${RELEASE_KIND} in + major) RELEASE_TAG="v$((version+1)).0.0"; RELEASE_BRANCH_NAME="release/v$((version+1)).0"; ;; + minor) RELEASE_TAG="v$version.$((minor+1)).0"; RELEASE_BRANCH_NAME="release/v$version.$((minor+1))"; ;; + *) echo "no need to update"; exit 0; ;; + esac + + echo "RELEASE_TAG=${RELEASE_TAG}" >> $GITHUB_OUTPUT + echo "RELEASE_BRANCH_NAME=${RELEASE_BRANCH_NAME}" >> $GITHUB_OUTPUT + + echo "RELEASE_TAG=${RELEASE_TAG}" + echo "RELEASE_BRANCH_NAME=${RELEASE_BRANCH_NAME}" + + - name: Setup for release + id: setup_for_release + if: ${{ steps.upgrade_semver.outputs.RELEASE_TAG != '' }} + env: + RELEASE_TAG: ${{ steps.upgrade_semver.outputs.RELEASE_TAG }} + RELEASE_BRANCH_NAME: ${{ steps.upgrade_semver.outputs.RELEASE_BRANCH_NAME }} + GITHUB_USER: ${{ secrets.DISPATCH_USER }} + GITHUB_TOKEN: ${{ secrets.DISPATCH_TOKEN }} + run: | + git checkout -b ${RELEASE_BRANCH_NAME} && git push origin ${RELEASE_BRANCH_NAME} + gh label create "${BACKPORT_LABEL_PREFIX}${RELEASE_BRANCH_NAME}" # e.g) actions/backport/release/v1.8 + + echo "RELEASE=true" >> $GITHUB_OUTPUT + echo "RELEASE_TAG=${RELEASE_TAG}" + echo "RELEASE_BRANCH_NAME=${RELEASE_BRANCH_NAME}" + echo "LABEL_NAME=${BACKPORT_LABEL_PREFIX}${RELEASE_BRANCH_NAME}" + + release-pr: + if: ${{ needs.semver-auto.outputs.RELEASE == 'true' }} + needs: + - semver-auto + uses: ./.github/workflows/_release-pr.yml + with: + release_branch_name: ${{ needs.semver-auto.outputs.RELEASE_BRANCH_NAME }} + release_tag: ${{ needs.semver-auto.outputs.RELEASE_TAG }} + secrets: inherit diff --git a/.github/workflows/semver-patch.yaml b/.github/workflows/semver-patch.yaml new file mode 100644 index 0000000000..9164d0dbde --- /dev/null +++ b/.github/workflows/semver-patch.yaml @@ -0,0 +1,83 @@ +# +# Copyright (C) 2019-2024 vdaas.org vald team +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# You may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +name: "Run [patch] release" +on: + push: + branches: + - "release/v*.*" + - "!release/v*.*.*" + +jobs: + dump-contexts-to-log: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: ./.github/actions/dump-context + + semver-auto: + runs-on: ubuntu-latest + outputs: + RELEASE_BRANCH_NAME_SUFFIX: ${{ steps.set_context.outputs.RELEASE_BRANCH_NAME_SUFFIX }} + RELEASE_TAG: ${{ steps.upgrade_semver.outputs.RELEASE_TAG }} + RELEASE: ${{ steps.upgrade_semver.outputs.RELEASE }} + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 0 + + - name: Set context + id: set_context + run: | + RELEASE_BRANCH_NAME_SUFFIX=`echo '${{ github.ref }}' | sed -e 's:^refs/heads/release/::'` + BRANCH_LATEST_TAG=`git tag --sort=v:refname | grep ${RELEASE_BRANCH_NAME_SUFFIX} | tail -n 1` + RELEASE_KIND=`git log --pretty=format:%s -1 | sed -n -E 's:^\[(patch)\].*:\1:p'` + + echo "RELEASE_BRANCH_NAME_SUFFIX=${RELEASE_BRANCH_NAME_SUFFIX}" >> $GITHUB_OUTPUT # e.g) vx.x + echo "BRANCH_LATEST_TAG=${BRANCH_LATEST_TAG}" >> $GITHUB_OUTPUT # e.g) vx.x.x or empty + echo "RELEASE_KIND=${RELEASE_KIND}" >> $GITHUB_OUTPUT # e.g) patch or empty + + echo "RELEASE_BRANCH_NAME_SUFFIX=${RELEASE_BRANCH_NAME_SUFFIX}" + echo "BRANCH_LATEST_TAG=${BRANCH_LATEST_TAG}" + echo "RELEASE_KIND=${RELEASE_KIND}" + + - name: Upgrade semver + id: upgrade_semver + if: ${{ steps.set_context.outputs.RELEASE_KIND != '' }} + env: + BRANCH_LATEST_TAG: ${{ steps.set_context.outputs.BRANCH_LATEST_TAG }} + RELEASE_KIND: ${{ steps.set_context.outputs.RELEASE_KIND }} + run: | + IFS=. read -r version minor patch <<< "${BRANCH_LATEST_TAG}" # e.g) version=v1, minor=7, patch=7 + + case ${RELEASE_KIND} in + patch) RELEASE_TAG="$version.$minor.$((patch+1))"; ;; + *) echo "not supported semver kind"; exit 1; ;; + esac + + echo "RELEASE=true" >> $GITHUB_OUTPUT + echo "RELEASE_TAG=${RELEASE_TAG}" >> $GITHUB_OUTPUT # e.g) vx.x.x + + echo "RELEASE_TAG=${RELEASE_TAG}" + + release-pr: + if: ${{ needs.semver-auto.outputs.RELEASE == 'true' }} + needs: + - semver-auto + uses: ./.github/workflows/_release-pr.yml + with: + release_branch_name: "release/${{ needs.semver-auto.outputs.RELEASE_BRANCH_NAME_SUFFIX }}" + release_tag: ${{ needs.semver-auto.outputs.RELEASE_TAG }} + secrets: inherit diff --git a/.github/workflows/semver.yml b/.github/workflows/semver.yml deleted file mode 100644 index cafd18e362..0000000000 --- a/.github/workflows/semver.yml +++ /dev/null @@ -1,156 +0,0 @@ -# -# Copyright (C) 2019-2024 vdaas.org vald team -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# You may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -name: Run semver -on: - push: - branches: - - main -jobs: - dump-contexts-to-log: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - uses: ./.github/actions/dump-context - semver-auto: - name: Run semver-auto - runs-on: ubuntu-latest - container: - image: ghcr.io/vdaas/vald/vald-ci-container:nightly - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 0 - token: ${{ secrets.DISPATCH_TOKEN }} - - name: Set Git config - run: | - git config --global --add safe.directory ${GITHUB_WORKSPACE} - - uses: crazy-max/ghaction-import-gpg@v4 - with: - gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} - git_user_signingkey: true - git_commit_gpgsign: true - - name: Get latest gitwerk - run: | - curl -fsSLO \ - -H "Authorization: Bearer ${GITHUB_TOKEN}" \ - https://github.com/rinx/gitwerk/releases/latest/download/gitwerk-linux-amd64.zip - unzip gitwerk-linux-amd64.zip - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - name: Run gitwerk semver-auto - id: semver - run: | - GITWERK_RESULT=`./gitwerk --stdin sv << EOF - (defn sv [] - (let [repo (git/repo ".") - message (-> repo - (git/latest-log) - :full-message) - tag (or (-> repo - (git/tags) - (semver/latest-tag)) - (semver/default-version-str)) - new-tag (semver/contextual-semver message tag)] - (if (not (= tag new-tag)) - new-tag - "not-updated"))) - EOF` - if [ "${GITWERK_RESULT}" = "not-updated" ]; then - echo "version not updated" - exit 0 - fi - echo "version updated: ${GITWERK_RESULT}" - - git checkout main - - LAST_COMMIT_MESSAGE=`git log --pretty=format:%s -1` - PR_NUM=`echo "$LAST_COMMIT_MESSAGE" | grep -o "#[[:digit:]]\+" | sed -e 's/#//' | head -1` - - PREVIOUS_VERSION=`cat versions/VALD_VERSION` - - echo "${GITWERK_RESULT}" > versions/VALD_VERSION - - sed -i -e "s/^version: .*$/version: ${GITWERK_RESULT}/" charts/vald/Chart.yaml - sed -i -r "s/^(\s*)tag\s*:\s*v[0-9]+\.[0-9]+\.[0-9]+\s*$/\1tag: ${GITWERK_RESULT}/" charts/vald/values.yaml - sed -i -e "s/^version: .*$/version: ${GITWERK_RESULT}/" charts/vald-helm-operator/Chart.yaml - sed -i -r "s/^(\s*)tag\s*:\s*v[0-9]+\.[0-9]+\.[0-9]+\s*$/\1tag: ${GITWERK_RESULT}/" charts/vald-helm-operator/values.yaml - - make helm/schema/vald - make helm/schema/vald-helm-operator - make helm/schema/crd/vald - make helm/schema/crd/vald-helm-operator - make k8s/manifest/update - make k8s/manifest/helm-operator/update - make helm/docs/vald - make helm/docs/vald-helm-operator - - BODY="" - if [ ! -z "${PR_NUM}" ]; then - BODY=`curl -s -H "Authorization: Bearer ${GITHUB_TOKEN}" "https://api.github.com/repos/${GITHUB_REPOSITORY}/pulls/${PR_NUM}" | jq -r '.body'` - fi - - if [ -z "$BODY" ]; then - BODY=`git log --pretty=format:'- %s' ${PREVIOUS_VERSION}..main | grep "#[[:digit:]]\+" | sed -e "s/\[\(patch\|minor\|major\)\] *//g" | sed -e "s%#\([[:digit:]]\+\)%[&](https://github.com/vdaas/vald/pull/\1)%"` - fi - - CHANGELOG=`make changelog/next/print BODY="$BODY"` - make changelog/update BODY="$BODY" - - make format - - git add \ - CHANGELOG.md \ - charts/vald-helm-operator/Chart.yaml \ - charts/vald-helm-operator/README.md \ - charts/vald-helm-operator/values.schema.json \ - charts/vald-helm-operator/values.yaml \ - charts/vald/Chart.yaml \ - charts/vald/README.md \ - charts/vald/values.schema.json \ - charts/vald/values.yaml \ - k8s \ - versions/VALD_VERSION - - git commit -S --signoff -m ":bookmark: :robot: Release ${GITWERK_RESULT}" - - git tag ${GITWERK_RESULT} - - git remote set-url origin "https://${GITHUB_USER}:${GITHUB_TOKEN}@github.com/${GITHUB_REPOSITORY}.git" - - git push origin main - git push origin ${GITWERK_RESULT} - - echo "RELEASE=true" >> $GITHUB_OUTPUT - echo "VERSION=${GITWERK_RESULT}" >> $GITHUB_OUTPUT - env: - GITHUB_USER: ${{ secrets.DISPATCH_USER }} - GITHUB_TOKEN: ${{ secrets.DISPATCH_TOKEN }} - - name: Create release - if: steps.semver.outputs.RELEASE == 'true' - id: create_release - uses: softprops/action-gh-release@v1 - env: - GITHUB_TOKEN: ${{ secrets.DISPATCH_TOKEN }} - with: - tag_name: ${{ steps.semver.outputs.VERSION }} - release_name: Release ${{ steps.semver.outputs.VERSION }} - body: | - See [CHANGELOG.md](https://github.com/vdaas/vald/blob/${{ steps.semver.outputs.VERSION }}/CHANGELOG.md) for details. - draft: false - prerelease: false - - name: Add the version to goproxy - run: | - curl "https://proxy.golang.org/github.com/vdaas/vald/@v/${{ steps.semver.outputs.VERSION }}.info" diff --git a/.github/workflows/test-hack.yml b/.github/workflows/test-hack.yml index 280d5f160d..85133a16dc 100644 --- a/.github/workflows/test-hack.yml +++ b/.github/workflows/test-hack.yml @@ -18,6 +18,8 @@ on: push: branches: - main + - "release/v*.*" + - "!release/v*.*.*" paths: - "go.mod" - "go.sum" @@ -48,11 +50,15 @@ jobs: - uses: actions/checkout@v4 - uses: ./.github/actions/dump-context + detect-ci-container: + uses: ./.github/workflows/_detect-ci-container.yml + test-hack: name: Run tests for hack packages runs-on: ubuntu-latest + needs: [detect-ci-container] container: - image: ghcr.io/vdaas/vald/vald-ci-container:nightly + image: ghcr.io/vdaas/vald/vald-ci-container:${{ needs.detect-ci-container.outputs.TAG_NAME }} defaults: run: working-directory: ${{ env.GOPATH }}/${{ env.PROJECT_ROOT_DIR }} diff --git a/.github/workflows/unit-test.yaml b/.github/workflows/unit-test.yaml index 7da30d5da1..1fd3541355 100644 --- a/.github/workflows/unit-test.yaml +++ b/.github/workflows/unit-test.yaml @@ -18,6 +18,8 @@ on: push: branches: - main + - "release/v*.*" + - "!release/v*.*.*" paths: - "go.mod" - "go.sum" @@ -41,11 +43,15 @@ jobs: - uses: actions/checkout@v4 - uses: ./.github/actions/dump-context + detect-ci-container: + uses: ./.github/workflows/_detect-ci-container.yml + test-cmd: name: Run tests for cmd packages runs-on: ubuntu-latest + needs: [detect-ci-container] container: - image: ghcr.io/vdaas/vald/vald-ci-container:nightly + image: ghcr.io/vdaas/vald/vald-ci-container:${{ needs.detect-ci-container.outputs.TAG_NAME }} steps: - uses: actions/checkout@v4 @@ -64,8 +70,9 @@ jobs: test-internal: name: Run tests for internal packages runs-on: ubuntu-latest + needs: [detect-ci-container] container: - image: ghcr.io/vdaas/vald/vald-ci-container:nightly + image: ghcr.io/vdaas/vald/vald-ci-container:${{ needs.detect-ci-container.outputs.TAG_NAME }} steps: - uses: actions/checkout@v4 @@ -84,8 +91,9 @@ jobs: test-pkg: name: Run tests for pkg packages runs-on: ubuntu-latest + needs: [detect-ci-container] container: - image: ghcr.io/vdaas/vald/vald-ci-container:nightly + image: ghcr.io/vdaas/vald/vald-ci-container:${{ needs.detect-ci-container.outputs.TAG_NAME }} steps: - uses: actions/checkout@v4