From 83b04594f4eb42aa62cc3d59197a80e9fce057d8 Mon Sep 17 00:00:00 2001 From: Mario Macias Date: Mon, 28 Oct 2024 16:08:53 +0100 Subject: [PATCH] Replace drone by github actions for image publishing (#1271) * Replace drone by github actions for image publishing * retitle actions --- .drone/drone.jsonnet | 85 -------------- .drone/drone.yml | 109 ------------------ .github/workflows/publish_dockerhub_main.yml | 33 ++++++ .../workflows/publish_dockerhub_release.yml | 35 ++++++ .github/workflows/pull_request.yml | 9 -- Makefile | 17 +-- README.md | 2 +- scripts/check-drone-drift.sh | 34 ------ 8 files changed, 71 insertions(+), 253 deletions(-) delete mode 100644 .drone/drone.jsonnet delete mode 100644 .drone/drone.yml create mode 100644 .github/workflows/publish_dockerhub_main.yml create mode 100644 .github/workflows/publish_dockerhub_release.yml delete mode 100755 scripts/check-drone-drift.sh diff --git a/.drone/drone.jsonnet b/.drone/drone.jsonnet deleted file mode 100644 index b5d367931..000000000 --- a/.drone/drone.jsonnet +++ /dev/null @@ -1,85 +0,0 @@ -// Run "make drone" to regenerate drone.yml from this file -local archs = ['arm64', 'amd64']; - -local onPRs = { - event: ['pull_request'], -}; - -local onTag = { - event: ['tag'], -}; - -local onMain = { - event: ['push'], -}; - -local pipeline(name) = { - kind: 'pipeline', - name: name, - steps: [], - trigger: { - // Only trigger pipelines for PRs, tags (v*), or pushes to "main". - ref: ['refs/heads/main', 'refs/tags/v*'], - }, -}; - -local secret(name, vault_path, vault_key) = { - kind: 'secret', - name: name, - get: { - path: vault_path, - name: vault_key, - }, -}; -local docker_username_secret = secret('docker_username', 'infra/data/ci/docker_hub', 'username'); -local docker_password_secret = secret('docker_password', 'infra/data/ci/docker_hub', 'password'); - -local buildx(stepName, app, auto_tag, tags) = { - name: 'beyla-%s-docker-buildx' % stepName, - image: 'thegeeklab/drone-docker-buildx:24', - privileged: true, - settings: { - auto_tag: auto_tag, - build_args_from_env: ['DRONE_TAG'], - tags: tags, - repo: 'grafana/%s' % app, - dockerfile: 'Dockerfile', - platforms: ['linux/%s' % arch for arch in archs], - username: { from_secret: docker_username_secret.name }, - password: { from_secret: docker_password_secret.name }, - dry_run: false, - }, -}; - -local beyla() = pipeline('beyla') { - steps+: [ - buildx('dryrun', 'beyla-dryrun', false, 'test') { - when: onPRs, // TODO: if container creation fails, make the PR fail - settings+: { - dry_run: true, - }, - }, - ] + [ - // on each new version, it tags version `a.b.c` and `a.b` - buildx('tagged', 'beyla', true, '') { - when: onTag, - }, - ] + [ - // on each new version, it tags version `latest`, - // equivalent to the versions from the previous section - buildx('latest', 'beyla', false, 'latest') { - when: onTag, - }, - ] + [ - buildx('main', 'beyla', false, 'main') { - when: onMain, - }, - ], -}; - -[ - beyla(), -] + [ - docker_username_secret, - docker_password_secret, -] diff --git a/.drone/drone.yml b/.drone/drone.yml deleted file mode 100644 index bd5939910..000000000 --- a/.drone/drone.yml +++ /dev/null @@ -1,109 +0,0 @@ ---- -kind: pipeline -name: beyla -steps: -- image: thegeeklab/drone-docker-buildx:24 - name: beyla-dryrun-docker-buildx - privileged: true - settings: - auto_tag: false - build_args_from_env: - - DRONE_TAG - dockerfile: Dockerfile - dry_run: true - password: - from_secret: docker_password - platforms: - - linux/arm64 - - linux/amd64 - repo: grafana/beyla-dryrun - tags: test - username: - from_secret: docker_username - when: - event: - - pull_request -- image: thegeeklab/drone-docker-buildx:24 - name: beyla-tagged-docker-buildx - privileged: true - settings: - auto_tag: true - build_args_from_env: - - DRONE_TAG - dockerfile: Dockerfile - dry_run: false - password: - from_secret: docker_password - platforms: - - linux/arm64 - - linux/amd64 - repo: grafana/beyla - tags: "" - username: - from_secret: docker_username - when: - event: - - tag -- image: thegeeklab/drone-docker-buildx:24 - name: beyla-latest-docker-buildx - privileged: true - settings: - auto_tag: false - build_args_from_env: - - DRONE_TAG - dockerfile: Dockerfile - dry_run: false - password: - from_secret: docker_password - platforms: - - linux/arm64 - - linux/amd64 - repo: grafana/beyla - tags: latest - username: - from_secret: docker_username - when: - event: - - tag -- image: thegeeklab/drone-docker-buildx:24 - name: beyla-main-docker-buildx - privileged: true - settings: - auto_tag: false - build_args_from_env: - - DRONE_TAG - dockerfile: Dockerfile - dry_run: false - password: - from_secret: docker_password - platforms: - - linux/arm64 - - linux/amd64 - repo: grafana/beyla - tags: main - username: - from_secret: docker_username - when: - event: - - push -trigger: - ref: - - refs/heads/main - - refs/tags/v* ---- -get: - name: username - path: infra/data/ci/docker_hub -kind: secret -name: docker_username ---- -get: - name: password - path: infra/data/ci/docker_hub -kind: secret -name: docker_password ---- -kind: signature -hmac: 80d28c3b23c53bdd6b5c90e2881d39901c0b01d4cdcc435de61d34112a267965 - -... diff --git a/.github/workflows/publish_dockerhub_main.yml b/.github/workflows/publish_dockerhub_main.yml new file mode 100644 index 000000000..4a3873f8c --- /dev/null +++ b/.github/workflows/publish_dockerhub_main.yml @@ -0,0 +1,33 @@ +# TODO: trigger only if testing or any other checks previously succeeded +name: Push to DockerHub (main) +on: + push: + branches: + - main + +permissions: + contents: read + id-token: write + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - id: checkout + uses: actions/checkout@v4 + + - id: push-to-dockerhub + uses: grafana/shared-workflows/actions/build-push-to-dockerhub@main + with: + repository: grafana/beyla + context: . + # cache image layers from/to github actions internal cache, for faster building + cache-from: type=gha + cache-to: type=gha,mode=max + platforms: |- + "linux/amd64" + "linux/arm64" + tags: |- + "main" + push: true \ No newline at end of file diff --git a/.github/workflows/publish_dockerhub_release.yml b/.github/workflows/publish_dockerhub_release.yml new file mode 100644 index 000000000..93ec0e263 --- /dev/null +++ b/.github/workflows/publish_dockerhub_release.yml @@ -0,0 +1,35 @@ +# TODO: trigger only if testing or any other checks previously succeeded +name: Push to DockerHub (release) +on: + push: + tags: + - 'v[0-9]+.[0-9]+.[0-9]+' + +permissions: + contents: read + id-token: write + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - id: checkout + uses: actions/checkout@v4 + + - id: push-to-dockerhub + uses: grafana/shared-workflows/actions/build-push-to-dockerhub@main + with: + repository: grafana/beyla + context: . + # cache image layers from/to github actions internal cache, for faster building + cache-from: type=gha + cache-to: type=gha,mode=max + platforms: |- + "linux/amd64" + "linux/arm64" + tags: |- + "type=semver,pattern={{major}}" + "type=semver,pattern={{major}}.{{minor}}" + "type=semver,pattern={{major}}.{{minor}}.{{patch}}" + push: true \ No newline at end of file diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml index b3ea20d25..6066bbf71 100644 --- a/.github/workflows/pull_request.yml +++ b/.github/workflows/pull_request.yml @@ -17,15 +17,6 @@ jobs: - uses: actions/checkout@v3 with: lfs: true -# TODO: -# - name: Check Drone.yml is up-to-date -# uses: chrislennon/action-drone@v1 -# with: -# version: 1.7.0 -# - run: make check-drone-drift -# env: -# DRONE_SERVER: ${{ secrets.DRONE_SERVER }} -# DRONE_TOKEN: ${{ secrets.DRONE_TOKEN }} - name: Set up Go uses: actions/setup-go@v3 with: diff --git a/Makefile b/Makefile index b9900a4b5..8478fde30 100644 --- a/Makefile +++ b/Makefile @@ -4,8 +4,8 @@ MAIN_GO_FILE ?= cmd/$(CMD)/main.go GOOS ?= linux GOARCH ?= amd64 -# DRONE_TAG is set from Drone. Required for building container images. -RELEASE_VERSION := $(if $(DRONE_TAG),$(DRONE_TAG),$(shell git describe --tags --always)) +# RELEASE_VERSION will contain the tag name, or the branch name if current commit is not a tag +RELEASE_VERSION := $(shell git describe --all | cut -d/ -f2) RELEASE_REVISION := $(shell git rev-parse --short HEAD ) BUILDINFO_PKG ?= github.com/grafana/beyla/pkg/buildinfo TEST_OUTPUT ?= ./testoutput @@ -25,7 +25,6 @@ GEN_IMG ?= ghcr.io/grafana/beyla-generator:main COMPOSE_ARGS ?= -f test/integration/docker-compose.yml OCI_BIN ?= docker -DRONE ?= drone # BPF code generator dependencies CLANG ?= clang @@ -326,18 +325,6 @@ oats-test: oats-test-sql oats-test-redis oats-test-kafka oats-test-debug: oats-prereq cd test/oats/kafka && TESTCASE_BASE_PATH=./yaml TESTCASE_MANUAL_DEBUG=true TESTCASE_TIMEOUT=1h $(GINKGO) -v -r -.PHONY: drone -drone: - @echo "### Regenerating and signing .drone/drone.yml" - drone jsonnet --format --stream --source .drone/drone.jsonnet --target .drone/drone.yml - drone lint .drone/drone.yml - drone sign --save grafana/beyla .drone/drone.yml || echo "You must set DRONE_SERVER and DRONE_TOKEN. These values can be found on your [drone account](http://drone.grafana.net/account) page." - -.PHONY: check-drone-drift -check-drone-drift: - @echo "### checking that Drone.yml is up-to-date" - ./scripts/check-drone-drift.sh - .PHONY: update-licenses update-licenses: prereqs @echo "### Updating third_party_licenses.csv" diff --git a/README.md b/README.md index b93c79972..cabc58a79 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ Open source zero-code automatic instrumentation with eBPF and OpenTelemetry. -[![Build Status](https://drone.grafana.net/api/badges/grafana/beyla/status.svg?ref=refs/heads/main)](https://drone.grafana.net/grafana/beyla) +![status badge](https://github.com/grafana/beyla/actions/workflows/publish_dockerhub.yml/badge.svg) ## Introduction diff --git a/scripts/check-drone-drift.sh b/scripts/check-drone-drift.sh deleted file mode 100755 index e831f1e09..000000000 --- a/scripts/check-drone-drift.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/usr/bin/env bash - -set -uo pipefail - -command -v drone >/dev/null 2>&1 || { echo "drone is not installed"; exit 1; } - -DRONE_JSONNET_FILE=".drone/drone.jsonnet" -DRONE_CONFIG_FILE=".drone/drone.yml" -DRONE_ACTUAL_CONFIG_FILE="$(mktemp)" -DRONE_EXPECTED_CONFIG_FILE="$(mktemp)" - -# Check for a drift between the jsonnet and the resulting file consumed by Drone -drone jsonnet \ - --stream --format \ - --source "${DRONE_JSONNET_FILE}" \ - --target "${DRONE_EXPECTED_CONFIG_FILE}" - -# remove last 5 lines which contain the signature -echo "Current file: ${DRONE_CONFIG_FILE}" -echo "Cut file: ${DRONE_ACTUAL_CONFIG_FILE}" -echo "Generated file: ${DRONE_EXPECTED_CONFIG_FILE}" -head -n -5 "${DRONE_CONFIG_FILE}" > "${DRONE_ACTUAL_CONFIG_FILE}" -diff "${DRONE_EXPECTED_CONFIG_FILE}" "${DRONE_ACTUAL_CONFIG_FILE}" - -EXIT_STATUS=$? -if [[ "${EXIT_STATUS}" -eq 1 ]]; then - echo "There is a drift between ${DRONE_JSONNET_FILE} and ${DRONE_CONFIG_FILE}" - echo "You can fix it by running:" - echo "make drone" -else - echo "${DRONE_CONFIG_FILE} is up to date" -fi - -exit "${EXIT_STATUS}"