From 2af966305b47105fd2dbc3e9cf387a275b79d70b Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Mon, 18 Mar 2024 15:24:36 -0600 Subject: [PATCH] chore: add upgrade testing and task cleanups (#73) * chore: add upgrade testing and task cleanups * add upgrade to test action * increase timeout * update the flow for testing upgrades * update the flow for testing upgrades * update the flow for testing upgrades * fix actions refs * fix package create ref * add matrix to test * update to latest uds-common release --- .github/workflows/ci-docs-shim.yaml | 7 ++- .github/workflows/commitlint.yaml | 2 +- .github/workflows/lint.yaml | 35 +++++++++++ .github/workflows/tag-and-release.yaml | 4 +- .github/workflows/test.yaml | 18 +++--- README.md | 10 +--- tasks.yaml | 80 ++++++++++++++------------ tasks/create.yaml | 21 ------- tasks/dependencies.yaml | 5 ++ tasks/lint.yaml | 14 ----- tasks/publish.yaml | 17 ++++-- tasks/test.yaml | 15 ++++- 12 files changed, 123 insertions(+), 105 deletions(-) create mode 100644 .github/workflows/lint.yaml delete mode 100644 tasks/create.yaml create mode 100644 tasks/dependencies.yaml delete mode 100644 tasks/lint.yaml diff --git a/.github/workflows/ci-docs-shim.yaml b/.github/workflows/ci-docs-shim.yaml index 02ea9c09..ad8e133a 100644 --- a/.github/workflows/ci-docs-shim.yaml +++ b/.github/workflows/ci-docs-shim.yaml @@ -22,13 +22,14 @@ on: jobs: run-test: - name: Create and Deploy Flavor ${{ matrix.flavor }} + name: ${{ matrix.type }} ${{ matrix.flavor }} runs-on: "ubuntu-latest" timeout-minutes: 20 strategy: matrix: flavor: [upstream, registry1] + type: [install, upgrade] steps: - - name: Shim for Deploy ${{ matrix.flavor }} + - name: Shim for ${{ matrix.type }} ${{ matrix.flavor }} run: | - echo "Documentation-only change detected; marking Deploy ${{ matrix.flavor }} as successful." + echo "Documentation-only change detected; marking ${{ matrix.type }} ${{ matrix.flavor }} as successful." diff --git a/.github/workflows/commitlint.yaml b/.github/workflows/commitlint.yaml index 26933bc0..abd9dc7d 100644 --- a/.github/workflows/commitlint.yaml +++ b/.github/workflows/commitlint.yaml @@ -12,4 +12,4 @@ on: jobs: validate: name: Validate - uses: defenseunicorns/uds-common/.github/workflows/commitlint.yaml@442bae718050ea9a47254851a45632aabeb13b17 + uses: defenseunicorns/uds-common/.github/workflows/commitlint.yaml@275e839e80667938baf1c1dda0f543261ba57618 # v0.3.1 diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml new file mode 100644 index 00000000..1a69d930 --- /dev/null +++ b/.github/workflows/lint.yaml @@ -0,0 +1,35 @@ +name: Scan + +on: + # This workflow is triggered on pull requests to the main branch. + pull_request: + + # This allows other repositories to call this workflow in a reusable way + workflow_call: + +jobs: + validate: + runs-on: ubuntu-latest + name: Lint + permissions: + contents: read # Allows reading the repo contents + + steps: + - name: Checkout + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + with: + fetch-depth: 0 + + - name: Environment setup + uses: defenseunicorns/uds-common/.github/actions/setup@275e839e80667938baf1c1dda0f543261ba57618 # v0.3.1 + with: + username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} + password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} + + - name: Install lint deps + run: | + uds run lint:deps + + - name: Lint the repository + run: | + uds run lint:yaml diff --git a/.github/workflows/tag-and-release.yaml b/.github/workflows/tag-and-release.yaml index b3608975..18208cda 100644 --- a/.github/workflows/tag-and-release.yaml +++ b/.github/workflows/tag-and-release.yaml @@ -36,7 +36,7 @@ jobs: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Environment setup - uses: defenseunicorns/uds-common/.github/actions/setup@442bae718050ea9a47254851a45632aabeb13b17 + uses: defenseunicorns/uds-common/.github/actions/setup@275e839e80667938baf1c1dda0f543261ba57618 # v0.3.1 with: username: ${{secrets.IRON_BANK_ROBOT_USERNAME}} password: ${{secrets.IRON_BANK_ROBOT_PASSWORD}} @@ -53,6 +53,6 @@ jobs: - name: Save logs if: always() - uses: defenseunicorns/uds-common/.github/actions/save-logs@442bae718050ea9a47254851a45632aabeb13b17 + uses: defenseunicorns/uds-common/.github/actions/save-logs@275e839e80667938baf1c1dda0f543261ba57618 # v0.3.1 with: suffix: '${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }}' diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index a95ad61d..5f1f6b82 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -4,7 +4,7 @@ name: Test on: pull_request: branches: [main] - types: [milestoned, opened, edited, synchronize] + types: [milestoned, opened, edited, synchronize] paths-ignore: - "**.md" - "**.jpg" @@ -21,7 +21,7 @@ on: - "CODEOWNERS" - "LICENSE" - "CONTRIBUTING.md" - - "SECURITY.md" + - "SECURITY.md" # Abort prior jobs in the same workflow / PR concurrency: @@ -33,30 +33,32 @@ permissions: jobs: run-test: - name: Create and Deploy Flavor ${{ matrix.flavor }} + name: ${{ matrix.type }} ${{ matrix.flavor }} runs-on: uds-ubuntu-big-boy-8-core - timeout-minutes: 20 + timeout-minutes: 25 strategy: matrix: flavor: [upstream, registry1] + type: [install, upgrade] steps: - name: Checkout repository uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Environment setup - uses: defenseunicorns/uds-common/.github/actions/setup@442bae718050ea9a47254851a45632aabeb13b17 + uses: defenseunicorns/uds-common/.github/actions/setup@275e839e80667938baf1c1dda0f543261ba57618 # v0.3.1 with: username: ${{secrets.IRON_BANK_ROBOT_USERNAME}} password: ${{secrets.IRON_BANK_ROBOT_PASSWORD}} - name: Test - uses: defenseunicorns/uds-common/.github/actions/test@442bae718050ea9a47254851a45632aabeb13b17 + uses: defenseunicorns/uds-common/.github/actions/test@275e839e80667938baf1c1dda0f543261ba57618 # v0.3.1 with: flavor: ${{ matrix.flavor }} + type: ${{ matrix.type }} - name: Save logs if: always() - uses: defenseunicorns/uds-common/.github/actions/save-logs@442bae718050ea9a47254851a45632aabeb13b17 + uses: defenseunicorns/uds-common/.github/actions/save-logs@275e839e80667938baf1c1dda0f543261ba57618 # v0.3.1 with: - suffix: ${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }} + suffix: ${{ matrix.type }}-${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }} diff --git a/README.md b/README.md index f8c02824..e4f02bf9 100644 --- a/README.md +++ b/README.md @@ -75,15 +75,7 @@ The released packages can be found in [ghcr](https://github.com/defenseunicorns/ *For local dev, this requires you install [uds-cli](https://github.com/defenseunicorns/uds-cli?tab=readme-ov-file#install) -| Task | Description | Example | -| ---- | ----------- | ------- | -| setup-cluster | Uses the `k3d-core-istio` bundle to create a cluster for testing against | `uds run setup-cluster` | -| create-package | Creates just the GitLab package | `uds run create-package --set FLAVOR=` | -| create-test-bundle | Creates GitLab and GitLab dependency packages and then bundles them | `uds run create-test-bundle` | -| deploy-test-bundle | Deploy GitLab and GitLab dependency bundle | `uds run deploy-test-bundle` | -| test-package | Run checks against a deployed package | `uds run test-package` | -| cleanup | Teardown the cluster | `uds run cleanup` | -| cleanup-bundle | Remove the GitLab Bundle | `uds run cleanup-bundle` | +> :white_check_mark: **Tip:** To get a list of tasks to run you can use `uds run --list`! ## Contributing diff --git a/tasks.yaml b/tasks.yaml index bc90896f..fe060691 100644 --- a/tasks.yaml +++ b/tasks.yaml @@ -1,63 +1,67 @@ includes: - cleanup: ./tasks/cleanup.yaml - - create: ./tasks/create.yaml - - lint: ./tasks/lint.yaml - - deploy: https://raw.githubusercontent.com/defenseunicorns/uds-common-tasks/v0.2.2/tasks/deploy.yaml - - setup: https://raw.githubusercontent.com/defenseunicorns/uds-common-tasks/v0.2.2/tasks/setup.yaml + - dependencies: ./tasks/dependencies.yaml - test: ./tasks/test.yaml + - create: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.1/tasks/create.yaml + - lint: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.1/tasks/lint.yaml + - pull: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.1/tasks/pull.yaml + - deploy: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.1/tasks/deploy.yaml + - setup: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.1/tasks/setup.yaml tasks: - name: default description: Create K3D Cluster with UDS-Core + Gitlab actions: - - task: create-test-bundle - - task: setup-cluster - - task: deploy-test-bundle + - task: create-gl-test-bundle + - task: setup:k3d-test-cluster + - task: deploy:test-bundle - - name: create-package + - name: create-gl-package description: Create UDS Gitlab Package, No dependencies included actions: - - task: create:gitlab-package + - task: create:package + with: + options: "--skip-sbom" - - name: cleanup - description: Destroy k3d Cluster + - name: create-gl-test-bundle + description: Create a local UDS Gitlab bundle with dependencies actions: - - task: cleanup:cluster + - task: create-gl-package + - task: dependencies:create + - task: create:test-bundle - - name: cleanup-bundle - description: Remove the Deployed UDS Gitlab Bundle + - name: create-gl-latest-release-bundle + description: Create UDS Gitlab bundle with dependencies based on the latest release actions: - - task: cleanup:bundle - - - name: lint-check - description: "Run linting checks" - actions: - - task: lint:check - - - name: lint-fix - description: "Fix linting issues" - actions: - - task: lint:fix + - task: pull:latest-package-release + # TODO (@WSTARR): This is currently needed to get around the chicken+egg condition when release please updates the version in GH + - description: Get the current Zarf package name + cmd: cat zarf.yaml | yq .metadata.version + setVariables: + - name: CURRENT_VERSION + - description: Move the latest to the current (needed to make this work on release-please PRs) + cmd: test -f zarf-package-gitlab-${UDS_ARCH}-${CURRENT_VERSION}.tar.zst || mv zarf-package-gitlab-${UDS_ARCH}-*.tar.zst zarf-package-gitlab-${UDS_ARCH}-${CURRENT_VERSION}.tar.zst + - task: dependencies:create + - task: create:test-bundle # CI will execute the following (via uds-common/.github/actions/test) so they need to be here with these names - - name: create-test-bundle - description: Create UDS Gitlab bundle with dependencies - actions: - - task: create:gitlab-test-bundle - - - name: setup-cluster - description: Deploy k3d cluster using uds-common-tasks + - name: test-package + description: Test the GitLab package from the current branch actions: + - task: create-gl-test-bundle - task: setup:k3d-test-cluster - - - name: deploy-test-bundle - description: Deploy UDS Gitlab bundle with dependencies using uds-common-tasks - actions: - task: deploy:test-bundle + - task: test:health-check + - task: test:ingress - - name: test-package - description: Run health checks and ingress tests + - name: test-upgrade + description: Test an upgrade from the latest released package to the current branch actions: + - task: create-gl-latest-release-bundle + - task: setup:k3d-test-cluster + - task: deploy:test-bundle + - task: create-gl-test-bundle + - task: deploy:test-bundle - task: test:health-check - task: test:ingress diff --git a/tasks/create.yaml b/tasks/create.yaml deleted file mode 100644 index ad2d4f2b..00000000 --- a/tasks/create.yaml +++ /dev/null @@ -1,21 +0,0 @@ -variables: - - name: FLAVOR - default: "registry1" - -tasks: - - name: gitlab-test-bundle - description: Create the UDS bundle with Gitlab and its dependencies - actions: - - task: gitlab-package - - task: dependency-package - - cmd: uds create bundle --confirm --no-progress --architecture=${UDS_ARCH} - - - name: gitlab-package - description: Create the UDS Gitlab Zarf Package - actions: - - cmd: uds zarf package create --confirm --no-progress --architecture=${ZARF_ARCHITECTURE} --flavor ${FLAVOR} - - - name: dependency-package - description: Create the Minio, PostgreSQL, and Redis Dependency Zarf Packages - actions: - - cmd: uds zarf package create src/dev-secrets/ --confirm --no-progress --architecture=${UDS_ARCH} --skip-sbom diff --git a/tasks/dependencies.yaml b/tasks/dependencies.yaml new file mode 100644 index 00000000..3791fc09 --- /dev/null +++ b/tasks/dependencies.yaml @@ -0,0 +1,5 @@ +tasks: + - name: create + description: Create the Dev-Secrets Dependency Zarf Package + actions: + - cmd: uds zarf package create src/dev-secrets/ --confirm --no-progress --architecture=${UDS_ARCH} --skip-sbom diff --git a/tasks/lint.yaml b/tasks/lint.yaml deleted file mode 100644 index 878fff5b..00000000 --- a/tasks/lint.yaml +++ /dev/null @@ -1,14 +0,0 @@ -tasks: - - name: fix - description: "Fix formatting issues in the repo" - actions: - - description: "Pepr Format" - cmd: npx pepr format - - - name: check - description: "Run linting checks" - actions: - - description: install yamllint deps - cmd: pip install yamllint - - description: yaml lint - cmd: yamllint . -c .yamllint --no-warnings diff --git a/tasks/publish.yaml b/tasks/publish.yaml index 91f1c62d..4e1a5057 100644 --- a/tasks/publish.yaml +++ b/tasks/publish.yaml @@ -1,5 +1,6 @@ includes: - - publish: https://raw.githubusercontent.com/defenseunicorns/uds-common-tasks/v0.2.2/tasks/publish.yaml + - create: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.1/tasks/create.yaml + - publish: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.1/tasks/publish.yaml variables: - name: TARGET_REPO @@ -18,11 +19,15 @@ tasks: - name: package description: Build and publish the packages actions: - - description: Create the packages - cmd: | - set -e - ZARF_ARCHITECTURE=amd64 uds run -f tasks/create.yaml gitlab-package --set FLAVOR=${FLAVOR} - ZARF_ARCHITECTURE=arm64 uds run -f tasks/create.yaml gitlab-package --set FLAVOR=${FLAVOR} + - description: Create the AMD64 package + task: create:package + with: + options: -a amd64 + + - description: Create the ARM64 package + task: create:package + with: + options: -a arm64 - description: Publish the packages task: publish:package diff --git a/tasks/test.yaml b/tasks/test.yaml index c533b526..db95e25a 100644 --- a/tasks/test.yaml +++ b/tasks/test.yaml @@ -7,6 +7,7 @@ tasks: kind: Deployment name: gitlab-gitlab-exporter namespace: gitlab + condition: Available - description: Gitlab Registry Health Check wait: @@ -14,6 +15,7 @@ tasks: kind: Deployment name: gitlab-registry namespace: gitlab + condition: Available - description: Gitlab Shell Health Check wait: @@ -21,6 +23,7 @@ tasks: kind: Deployment name: gitlab-gitlab-shell namespace: gitlab + condition: Available - description: Gitlab Toolbox Health Check wait: @@ -28,6 +31,7 @@ tasks: kind: Deployment name: gitlab-toolbox namespace: gitlab + condition: Available - description: Gitlab Sidekiq Health Check wait: @@ -35,6 +39,7 @@ tasks: kind: Deployment name: gitlab-sidekiq-all-in-1-v2 namespace: gitlab + condition: Available - description: Gitlab Webservice Health Check wait: @@ -42,20 +47,24 @@ tasks: kind: Deployment name: gitlab-webservice-default namespace: gitlab + condition: Available + # StatefulSets don't show conditions themselves so we look for an underlying Pod - description: Gitlab Gitaly Health Check wait: cluster: - kind: StatefulSet - name: gitlab-gitaly + kind: Pod + name: app=gitaly namespace: gitlab + condition: Ready - description: Gitlab Migrations Health Check wait: cluster: kind: Job - name: gitlab-migrations-1 + name: app=migrations namespace: gitlab + condition: Complete - name: ingress actions: