Merge pull request #96 from hivelocity/tg/align-makefile-to-caph

🌱 build in container, remove tools.go, add release process
hivelocity · Jul 20, 2023 · 9595091 · 9595091
2 parents 3b555ba + c4d0d8a
commit 9595091
Show file tree

Hide file tree

Showing 4,082 changed files with 1,671 additions and 1,247,243 deletions.
diff --git a/.builder-image-version.txt b/.builder-image-version.txt
@@ -0,0 +1 @@
+0.0.2
diff --git a/.github/actions/manager-image/action.yaml b/.github/actions/manager-image/action.yaml
@@ -1,5 +1,5 @@
 name: "Manager Image"
-description: "Build and Push Manager Image"
+description: "Build and Push Manager Image (Action)"
 inputs:
   registry_password:
     description: "registry_password"
@@ -58,7 +58,7 @@ runs:
         platforms: linux/amd64
         target: import-cache
 
-    - name: Build and push manager image
+    - name: Build and push manager image (Step)
       uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671 # v4
       with:
         provenance: false

diff --git a/.github/labeler.yaml b/.github/labeler.yaml
@@ -0,0 +1,16 @@
+---
+area/code:
+  - "controllers/**/*"
+  - "pkg/**/*"
+area/api:
+  - "api/**/*"
+  - "config/crd/**/*"
+area/github:
+  - ".github/**/*"
+area/hack:
+  - "hack/**/*"
+  - "Makefile"
+area/test:
+  - "test/**/*"
+area/templates:
+  - "templates/**/*"
diff --git a/.github/labels.yaml b/.github/labels.yaml
@@ -0,0 +1,80 @@
+---
+# Area
+- name: area/code
+  color: "72ccf3"
+  description: >-
+    Changes made in the code directory
+- name: area/api
+  color: "72ccf3"
+  description: >-
+    Changes made in the api directory
+- name: area/github
+  color: "72ccf3"
+  description: >-
+    Changes made in the github directory
+- name: area/hack
+  color: "72ccf3"
+  description: >-
+    Changes made in the hack directory
+- name: area/test
+  color: "72ccf3"
+  description: >-
+    Changes made in the test directory
+- name: area/templates
+  color: "72ccf3"
+  description: >-
+    Changes made in the templates directory
+# Update
+- name: update/container
+  color: "ffc300"
+- name: update/github-action
+  color: "ffc300"
+- name: update/helm
+  color: "ffc300"
+- name: update/go
+  color: "ffc300"
+# Semantic Type
+- name: type/patch
+  color: "FFEC19"
+- name: type/minor
+  color: "FF9800"
+- name: type/major
+  color: "F6412D"
+# Size
+- name: size/XS
+  color: "009900"
+  description: >-
+    Denotes a PR that changes 0-20 lines, ignoring generated files.
+- name: size/S
+  color: "77bb00"
+  description: >-
+    Denotes a PR that changes 20-50 lines, ignoring generated files.
+- name: size/M
+  color: "eebb00"
+  description: >-
+    Denotes a PR that changes 50-200 lines, ignoring generated files.
+- name: size/L
+  color: "ee9900"
+  description: >-
+    Denotes a PR that changes 200-800 lines, ignoring generated files.
+- name: size/XL
+  color: "ee5500"
+  description: >-
+    Denotes a PR that changes 800-2000 lines, ignoring generated files.
+- name: size/XXL
+  color: "ee0000"
+  description: >-
+    Denotes a PR that changes 2000+ lines, ignoring generated files.
+# Uncategorized
+- name: bug
+  color: "ee0701"
+- name: do-not-merge
+  color: "ee0701"
+- name: docs
+  color: "F4D1B7"
+- name: enhancement
+  color: "84b6eb"
+- name: link-checker
+  color: "7B55D7"
+- name: question
+  color: "cc317c"
diff --git a/.github/linters/.markdownlint.yaml b/.github/linters/.markdownlint.yaml
diff --git a/.github/linters/.prettierignore b/.github/linters/.prettierignore
diff --git a/.github/linters/.prettierrc.yaml b/.github/linters/.prettierrc.yaml
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -0,0 +1,157 @@
+name: Build Caphv Image
+# yamllint disable rule:line-length
+on: # yamllint disable-line rule:truthy
+  push:
+    branches:
+      - main
+  # If the cache was cleaned we should re-build the cache with the latest commit
+  workflow_run:
+    workflows:
+      - "Caphv Image Cache Cleaner"
+    branches:
+      - main
+    types:
+      - completed
+env:
+  IMAGE_NAME: caphv-staging
+  REGISTRY: ghcr.io/hivelocity
+  metadata_flavor: latest=true
+  metadata_tags: type=sha,prefix=sha-,format=short
+permissions:
+  contents: read
+  packages: write
+  # Required to generate OIDC tokens for `sigstore/cosign-installer` authentication
+  id-token: write
+jobs:
+  manager-image:
+    name: Build and push manager image (Build)
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
+        with:
+          fetch-depth: 0
+      - uses: ./.github/actions/setup-go
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@ecf95283f03858871ff00b787d79c419715afc34 # v2
+
+      - name: Generate metadata
+        id: meta
+        uses: ./.github/actions/metadata
+        with:
+          metadata_flavor: ${{ env.metadata_flavor }}
+          metadata_tags: ${{ env.metadata_tags }}
+
+      - name: Login to ghcr.io for CI
+        uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Install Cosign
+        uses: sigstore/cosign-installer@dd6b2e2b610a11fd73dd187a43d57cc1394e35f9 # v3.0.5
+
+      - name: Setup Env
+        run: |
+          DOCKER_BUILD_LDFLAGS="$(hack/version.sh)"
+          echo 'DOCKER_BUILD_LDFLAGS<<EOF' >> $GITHUB_ENV
+          echo $DOCKER_BUILD_LDFLAGS >> $GITHUB_ENV
+          echo 'EOF' >> $GITHUB_ENV
+
+      # Load Golang cache build from GitHub
+      - name: Load Caphv Golang cache build from GitHub
+        uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
+        id: cache
+        with:
+          path: /tmp/.cache/caphv
+          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}-caphv-${{ github.sha }}
+          restore-keys: |
+            ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}-caphv-
+            ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}-
+            ${{ runner.os }}-go-
+
+      - name: Create Caphv cache directory
+        if: ${{ steps.cache.outputs.cache-hit != 'true' }}
+        shell: bash
+        run: |
+          mkdir -p /tmp/.cache/caphv
+
+      # Import GitHub's cache build to docker cache
+      - name: Copy Caphv Golang cache to docker cache
+        uses: docker/build-push-action@2eb1c1961a95fc15694676618e422e8ba1d63825 # v4.1.1
+        with:
+          provenance: false
+          context: /tmp/.cache/caphv
+          file: ./images/cache/Dockerfile
+          push: false
+          platforms: linux/amd64
+          target: import-cache
+
+      - name: Build and push manager image (Build Step)
+        uses: docker/build-push-action@2eb1c1961a95fc15694676618e422e8ba1d63825 # v4
+        id: docker_build_release
+        with:
+          provenance: false
+          context: .
+          file: ./images/caphv/Dockerfile
+          push: true
+          build-args: |
+            LDFLAGS=${{ env.DOCKER_BUILD_LDFLAGS }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          platforms: linux/amd64,linux/arm64
+
+      - name: Sign Container Images
+        env:
+          COSIGN_EXPERIMENTAL: "true"
+        run: |
+          cosign sign --yes ghcr.io/hivelocity/caphv-staging@${{ steps.docker_build_release.outputs.digest }}
+
+      - name: Image Releases digests
+        shell: bash
+        run: |
+          mkdir -p image-digest/
+          echo "ghcr.io/hivelocity/caphv-staging:{{ steps.meta.outputs.tags }}@${{ steps.docker_build_release.outputs.digest }}" >> image-digest/caphv.txt
+
+      # Upload artifact digests
+      - name: Upload artifact digests
+        uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
+        with:
+          name: image-digest caphv
+          path: image-digest
+          retention-days: 90
+
+      # Store docker's golang's cache build locally only on the main branch
+      - name: Store Caphv Golang cache build locally
+        if: ${{ steps.cache.outputs.cache-hit != 'true' }}
+        uses: docker/build-push-action@2eb1c1961a95fc15694676618e422e8ba1d63825 # v4.1.1
+        with:
+          provenance: false
+          context: .
+          file: ./images/cache/Dockerfile
+          push: false
+          outputs: type=local,dest=/tmp/docker-cache-caphv
+          platforms: linux/amd64
+          target: export-cache
+
+      # Store docker's golang's cache build locally only on the main branch
+      - name: Store Caphv Golang cache in GitHub cache path
+        if: ${{ steps.cache.outputs.cache-hit != 'true' }}
+        shell: bash
+        run: |
+          mkdir -p /tmp/.cache/caphv/
+          if [ -f /tmp/docker-cache-caphv/tmp/go-build-cache.tar.gz ]; then
+          cp /tmp/docker-cache-caphv/tmp/go-build-cache.tar.gz /tmp/.cache/caphv/
+          fi
+          if [ -f /tmp/docker-cache-caphv/tmp/go-pkg-cache.tar.gz ]; then
+          cp /tmp/docker-cache-caphv/tmp/go-pkg-cache.tar.gz /tmp/.cache/caphv/
+          fi
+
+      - name: Image Digests Output
+        shell: bash
+        run: |
+          cd image-digest/
+          find -type f | sort | xargs -d '\n' cat
diff --git a/.github/workflows/e2e-basic.yaml b/.github/workflows/e2e-basic.yaml
@@ -0,0 +1,47 @@
+name: E2E Basic (Manual)
+on:
+  workflow_dispatch:
+env:
+  IMAGE_NAME: caphv-staging
+  REGISTRY: ghcr.io/hivelocity
+  metadata_flavor: latest=false
+  metadata_tags: type=sha
+  registry_password: ${{ secrets.GITHUB_TOKEN }}
+jobs:
+  manager-image:
+    name: Build and push manager image (e2e basic)
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout
+        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
+      - name: Build and push manager image (e2e basic step)
+        id: manager-image
+        uses: ./.github/actions/manager-image
+
+  test-release:
+    name: Test Release
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout
+        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
+      - name: Test Release
+        id: manager-image
+        uses: ./.github/actions/test-release
+
+  e2e-basic:
+    name: Test e2e Basic
+    concurrency: ci-${{ github.ref }}-e2e-basic
+    runs-on: ubuntu-latest
+    needs:
+      - manager-image
+      - test-release
+    steps:
+      - name: checkout
+        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
+      - name: Run e2e Test
+        id: e2e
+        uses: ./.github/actions/e2e
+        with:
+          e2e_name: basic
+          e2e_make_target: test-e2e
+          e2e_hivelocity_token: ${{ secrets.HIVELOCITY_API_KEY }}
diff --git a/.github/workflows/main-promote-builder-image.yml b/.github/workflows/main-promote-builder-image.yml
@@ -0,0 +1,28 @@
+name: Promote Latest tag to Caphv Builder Image
+on: # yamllint disable-line rule:truthy
+  push:
+    branches:
+      - main
+    paths:
+      - "images/builder/Dockerfile"
+jobs:
+  promote-build-image:
+    name: Promote Latest tag to Caphv Builder Image
+    runs-on: ubuntu-latest
+    container:
+      image: ghcr.io/syself/caphv-builder:0.0.2 # TODO: Change to ghcr.io/hivelocity (when we have the perms)
+      credentials:
+        username: ${{ github.actor }}
+        password: ${{ secrets.github_token }}
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
+      - name: Fixup git permissions
+        # https://github.com/actions/checkout/issues/766
+        shell: bash
+        run: git config --global --add safe.directory "$GITHUB_WORKSPACE"
+      - name: Promote Latest tag to Caphv Builder Image
+        env:
+          PASSWORD: ${{ secrets.GITHUB_TOKEN }}
+          USERNAME: ${{ github.actor }}
+        run: make builder-image-promote-latest