From c14345d004f25bf6c975ff6493607b51adf4bbb9 Mon Sep 17 00:00:00 2001 From: Eric Wyles <23637493+ericwyles@users.noreply.github.com> Date: Tue, 12 Mar 2024 09:45:19 -0500 Subject: [PATCH 1/4] updates to use latest uds-common actions --- .github/workflows/commitlint.yaml | 2 +- .github/workflows/pull-requests.yaml | 66 -------------------------- .github/workflows/tag-and-release.yaml | 10 ++-- .github/workflows/test.yaml | 56 ++++++++++++++++++++++ 4 files changed, 62 insertions(+), 72 deletions(-) delete mode 100644 .github/workflows/pull-requests.yaml create mode 100644 .github/workflows/test.yaml diff --git a/.github/workflows/commitlint.yaml b/.github/workflows/commitlint.yaml index c83ce2b0..54ef3a69 100644 --- a/.github/workflows/commitlint.yaml +++ b/.github/workflows/commitlint.yaml @@ -8,4 +8,4 @@ on: jobs: validate: name: Validate - uses: defenseunicorns/uds-common/.github/workflows/commitlint.yaml@417b9c2bc088f664c616c9929a2b3ce448d251f7 + uses: defenseunicorns/uds-common/.github/workflows/commitlint.yaml@442bae718050ea9a47254851a45632aabeb13b17 diff --git a/.github/workflows/pull-requests.yaml b/.github/workflows/pull-requests.yaml deleted file mode 100644 index d7b1507d..00000000 --- a/.github/workflows/pull-requests.yaml +++ /dev/null @@ -1,66 +0,0 @@ -name: Test - -# This workflow is triggered on pull requests to the main branch. -on: - pull_request: - paths: - - ".github/**" - - "bundle/**" - - "values/**" - - "tasks/**" - - "src/**" - - "chart/**" - - "tasks.yaml" - - "zarf.yaml" - - # milestoned is added here as a workaround for release-please not triggering PR workflows (PRs should be added to a milestone to trigger the workflow). - types: [milestoned, opened, reopened, synchronize] - -# Permissions for the GITHUB_TOKEN used by the workflow. -permissions: - id-token: write # Needed for OIDC-related operations. - contents: read # Allows reading the content of the repository. - pull-requests: read # Allows reading pull request metadata. - -# Default settings for all run commands in the workflow jobs. -defaults: - run: - shell: bash -e -o pipefail {0} # Ensures that scripts fail on error and pipefail is set. - -jobs: - deploy: - runs-on: "ubuntu-latest" - timeout-minutes: 20 - strategy: - matrix: - flavor: [upstream, registry1] - name: Deploy ${{ matrix.flavor }} - - steps: - - name: Checkout repository - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - - name: Environment setup - uses: defenseunicorns/uds-common/.github/actions/setup@417b9c2bc088f664c616c9929a2b3ce448d251f7 - - - name: Iron Bank Login - if: ${{ matrix.flavor == 'registry1' }} - run: uds zarf tools registry login -u "${{secrets.IRON_BANK_ROBOT_USERNAME}}" -p "${{secrets.IRON_BANK_ROBOT_PASSWORD}}" registry1.dso.mil - - - name: Create test bundle - run: uds run create-test-bundle --set FLAVOR=${{ matrix.flavor }} - - - name: Setup cluster - run: uds run setup-cluster - - - name: Deploy test bundle - run: uds run deploy-test-bundle - - - name: Test package - run: uds run test-package - - - name: Save logs - if: always() - uses: defenseunicorns/uds-common/.github/actions/save-logs@417b9c2bc088f664c616c9929a2b3ce448d251f7 - with: - suffix: '${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }}' diff --git a/.github/workflows/tag-and-release.yaml b/.github/workflows/tag-and-release.yaml index 02fe692b..1cbe6f62 100644 --- a/.github/workflows/tag-and-release.yaml +++ b/.github/workflows/tag-and-release.yaml @@ -36,13 +36,13 @@ jobs: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Environment setup - uses: defenseunicorns/uds-common/.github/actions/setup@417b9c2bc088f664c616c9929a2b3ce448d251f7 - - - name: Iron Bank Login - run: uds zarf tools registry login -u "${{secrets.IRON_BANK_ROBOT_USERNAME}}" -p "${{secrets.IRON_BANK_ROBOT_PASSWORD}}" registry1.dso.mil + uses: defenseunicorns/uds-common/.github/actions/setup@442bae718050ea9a47254851a45632aabeb13b17 + with: + username: ${{secrets.IRON_BANK_ROBOT_USERNAME}} + password: ${{secrets.IRON_BANK_ROBOT_PASSWORD}} - name: Login to GHCR - uses: docker/login-action@v3 + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3 with: registry: ghcr.io username: dummy diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml new file mode 100644 index 00000000..1bd9c2b7 --- /dev/null +++ b/.github/workflows/test.yaml @@ -0,0 +1,56 @@ +name: Test + +# This workflow is triggered on pull requests to the main branch. +on: + pull_request: + paths: + - ".github/**" + - "bundle/**" + - "values/**" + - "tasks/**" + - "src/**" + - "chart/**" + - "tasks.yaml" + - "zarf.yaml" + + # milestoned is added here as a workaround for release-please not triggering PR workflows (PRs should be added to a milestone to trigger the workflow). + types: [milestoned, opened, reopened, synchronize] + +# Abort prior jobs in the same workflow / PR +concurrency: + group: test-${{ github.ref }} + cancel-in-progress: true + +permissions: + contents: read + +jobs: + run-test: + name: Create and Deploy Flavor ${{ matrix.flavor }} + runs-on: ubuntu-latest + timeout-minutes: 20 + strategy: + matrix: + flavor: [upstream, registry1] + + steps: + - name: Checkout repository + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + + - name: Environment setup + uses: defenseunicorns/uds-common/.github/actions/setup@442bae718050ea9a47254851a45632aabeb13b17 + with: + username: ${{secrets.IRON_BANK_ROBOT_USERNAME}} + password: ${{secrets.IRON_BANK_ROBOT_PASSWORD}} + + - name: Test + uses: defenseunicorns/uds-common/.github/actions/test@442bae718050ea9a47254851a45632aabeb13b17 + with: + flavor: ${{ matrix.flavor }} + + - name: Save logs + if: always() + uses: defenseunicorns/uds-common/.github/actions/save-logs@442bae718050ea9a47254851a45632aabeb13b17 + with: + suffix: ${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }} + From 59153c07716c5f2475da9d8f6b36fd39d3e0d21e Mon Sep 17 00:00:00 2001 From: Eric Wyles <23637493+ericwyles@users.noreply.github.com> Date: Tue, 12 Mar 2024 11:29:33 -0500 Subject: [PATCH 2/4] rearrange for clarity --- tasks.yaml | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/tasks.yaml b/tasks.yaml index da514a48..f926d58d 100644 --- a/tasks.yaml +++ b/tasks.yaml @@ -13,21 +13,27 @@ tasks: - task: setup-cluster - task: deploy-test-bundle - - name: setup-cluster - actions: - - task: setup:k3d-test-cluster - - name: create-package actions: - task: create:sonarqube-package + - name: deploy-package + actions: + - task: deploy:sonarqube-package + + - name: cleanup + actions: + - task: cleanup:destroy + +# CI will execute the following (via uds-common/.github/actions/test) so they need to be here with these names + - name: create-test-bundle actions: - task: create:sonarqube-test-bundle - - - name: deploy-package + + - name: setup-cluster actions: - - task: deploy:sonarqube-package + - task: setup:k3d-test-cluster - name: deploy-test-bundle actions: @@ -37,7 +43,3 @@ tasks: actions: - task: test:health-check - task: test:ingress - - - name: cleanup - actions: - - task: cleanup:destroy From 87f15b78b3f8e7038df1cb295293dcdbcc083a4b Mon Sep 17 00:00:00 2001 From: Eric Wyles <23637493+ericwyles@users.noreply.github.com> Date: Tue, 12 Mar 2024 15:32:56 -0500 Subject: [PATCH 3/4] updates from pr comments --- .github/workflows/tag-and-release.yaml | 6 +++++ .github/workflows/test.yaml | 32 +++++++++++++++----------- 2 files changed, 25 insertions(+), 13 deletions(-) diff --git a/.github/workflows/tag-and-release.yaml b/.github/workflows/tag-and-release.yaml index 1cbe6f62..04fd7a16 100644 --- a/.github/workflows/tag-and-release.yaml +++ b/.github/workflows/tag-and-release.yaml @@ -50,3 +50,9 @@ jobs: - name: Publish Package run: uds run -f tasks/publish.yaml package --set FLAVOR=${{ matrix.flavor }} + + - name: Save logs + if: always() + uses: defenseunicorns/uds-common/.github/actions/save-logs@442bae718050ea9a47254851a45632aabeb13b17 + with: + suffix: ${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }} \ No newline at end of file diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 1bd9c2b7..ab063c02 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -1,20 +1,26 @@ name: Test -# This workflow is triggered on pull requests to the main branch. on: pull_request: - paths: - - ".github/**" - - "bundle/**" - - "values/**" - - "tasks/**" - - "src/**" - - "chart/**" - - "tasks.yaml" - - "zarf.yaml" - - # milestoned is added here as a workaround for release-please not triggering PR workflows (PRs should be added to a milestone to trigger the workflow). - types: [milestoned, opened, reopened, synchronize] + branches: [main] + types: [milestoned, opened, edited, synchronize] + paths-ignore: + - "**.md" + - "**.jpg" + - "**.png" + - "**.gif" + - "**.svg" + - "adr/**" + - "docs/**" + - ".gitignore" + - "renovate.json" + - ".release-please-config.json" + - "release-please-config.json" + - "oscal-component.yaml" + - "CODEOWNERS" + - "LICENSE" + - "CONTRIBUTING.md" + - "SECURITY.md" # Abort prior jobs in the same workflow / PR concurrency: From 2b45cd784f1be633501ca3eda2db284d7e8f8d49 Mon Sep 17 00:00:00 2001 From: Eric Wyles <23637493+ericwyles@users.noreply.github.com> Date: Tue, 12 Mar 2024 15:46:46 -0500 Subject: [PATCH 4/4] pull deploy and setup includes from uds-common --- tasks.yaml | 8 ++++---- tasks/deploy.yaml | 10 ---------- tasks/setup.yaml | 5 ----- 3 files changed, 4 insertions(+), 19 deletions(-) delete mode 100644 tasks/deploy.yaml delete mode 100644 tasks/setup.yaml diff --git a/tasks.yaml b/tasks.yaml index f926d58d..c887c6cd 100644 --- a/tasks.yaml +++ b/tasks.yaml @@ -1,8 +1,8 @@ includes: - cleanup: ./tasks/cleanup.yaml - create: ./tasks/create.yaml - - deploy: ./tasks/deploy.yaml - - setup: ./tasks/setup.yaml + - deploy: https://raw.githubusercontent.com/defenseunicorns/uds-common-tasks/v0.2.2/tasks/deploy.yaml + - setup: https://raw.githubusercontent.com/defenseunicorns/uds-common-tasks/v0.2.2/tasks/setup.yaml - test: ./tasks/test.yaml tasks: @@ -19,7 +19,7 @@ tasks: - name: deploy-package actions: - - task: deploy:sonarqube-package + - task: deploy:package - name: cleanup actions: @@ -37,7 +37,7 @@ tasks: - name: deploy-test-bundle actions: - - task: deploy:sonarqube-test-bundle + - task: deploy:test-bundle - name: test-package actions: diff --git a/tasks/deploy.yaml b/tasks/deploy.yaml deleted file mode 100644 index fec2273c..00000000 --- a/tasks/deploy.yaml +++ /dev/null @@ -1,10 +0,0 @@ -tasks: - - name: sonarqube-package - actions: - - description: Deploy the UDS Sonarqube Zarf Package - cmd: uds zarf package deploy zarf-package-sonarqube-${UDS_ARCH}-*.tar.zst --confirm --no-progress - - - name: sonarqube-test-bundle - actions: - - description: Deploy the UDS bundle with Sonarqube and its dependencies - cmd: UDS_CONFIG=bundle/uds-config.yaml uds deploy bundle/uds-bundle-sonarqube-test-${UDS_ARCH}-*.tar.zst --confirm --no-progress diff --git a/tasks/setup.yaml b/tasks/setup.yaml deleted file mode 100644 index d83377f3..00000000 --- a/tasks/setup.yaml +++ /dev/null @@ -1,5 +0,0 @@ -tasks: - - name: k3d-test-cluster - actions: - - description: Create k3d cluster with UDS Core - cmd: uds deploy oci://defenseunicorns/uds/bundles/k3d-core-istio-dev:0.9.2-${UDS_ARCH} --confirm --no-progress