From b58995ee193f542b490a03f5233a5dfee7ed9f73 Mon Sep 17 00:00:00 2001 From: Tom Dohrmann Date: Mon, 19 Aug 2024 13:09:15 +0200 Subject: [PATCH] release: generate deployment files for all platforms --- .github/workflows/release.yml | 29 ++++++++++++++++------------- e2e/release/release_test.go | 7 ++++--- packages/scripts.nix | 3 ++- 3 files changed, 22 insertions(+), 17 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index c1a69cd3c0..04e7cc14a3 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -291,17 +291,20 @@ jobs: with: name: image-replacements.txt path: ./image-replacements.txt - - name: Create portable coordinator resource definitions + - name: Create coordinator resource definitions run: | mkdir -p workspace - nix run .#scripts.write-coordinator-yaml -- "${coordinatorImgTagged}" > workspace/coordinator.yml - nix shell .#contrast --command resourcegen --image-replacements ./image-replacements.txt --platform AKS-CLH-SNP \ - --namespace kube-system runtime > workspace/runtime.yml - nix shell .#contrast --command resourcegen --image-replacements ./image-replacements.txt --platform AKS-CLH-SNP \ - --add-load-balancers emojivoto-sm-ingress > workspace/emojivoto-demo.yml + for platform in aks-clh-snp k3s-qemu-tdx k3s-qemu-snp rke2-qemu-tdx + do + nix run .#scripts.write-coordinator-yaml -- "${coordinatorImgTagged}" "${platform}" > workspace/coordinator-$platform.yml + nix shell .#contrast --command resourcegen --image-replacements ./image-replacements.txt --platform $platform \ + --namespace kube-system runtime > workspace/runtime-$platform.yml + nix shell .#contrast --command resourcegen --image-replacements ./image-replacements.txt --platform $platform \ + --add-load-balancers emojivoto-sm-ingress > workspace/emojivoto-demo-$platform.yml + done - name: Update coordinator policy hash run: | - yq < workspace/coordinator.yml \ + yq < workspace/coordinator-aks-clh-snp.yml \ 'select(.kind == "StatefulSet") | .spec.template.metadata.annotations["io.katacontainers.config.agent.policy"]' | base64 -d | sha256sum | cut -d " " -f1 > cli/cmd/assets/coordinator-policy-hash @@ -321,9 +324,9 @@ jobs: name: contrast-release-artifacts path: | result-cli/bin/contrast - workspace/coordinator.yml - workspace/runtime.yml - workspace/emojivoto-demo.yml + workspace/coordinator-*.yml + workspace/runtime-*.yml + workspace/emojivoto-demo-*.yml - name: Create draft release uses: softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191 # v2.0.8 with: @@ -334,9 +337,9 @@ jobs: fail_on_unmatched_files: true files: | result-cli/bin/contrast - workspace/coordinator.yml - workspace/runtime.yml - workspace/emojivoto-demo.yml + workspace/coordinator-*.yml + workspace/runtime-*.yml + workspace/emojivoto-demo-*.yml - name: Reset temporary changes run: | git reset --hard ${{ needs.process-inputs.outputs.WORKING_BRANCH }} diff --git a/e2e/release/release_test.go b/e2e/release/release_test.go index 66e41c850d..f4ad2d9c1e 100644 --- a/e2e/release/release_test.go +++ b/e2e/release/release_test.go @@ -90,7 +90,7 @@ func TestRelease(t *testing.T) { ctx, cancel := context.WithTimeout(ctx, 5*time.Minute) defer cancel() - yaml, err := os.ReadFile(path.Join(dir, "runtime.yml")) + yaml, err := os.ReadFile(path.Join(dir, "runtime-aks-clh-snp.yml")) require.NoError(err) resources, err := kubeapi.UnmarshalUnstructuredK8SResource(yaml) require.NoError(err) @@ -105,7 +105,7 @@ func TestRelease(t *testing.T) { ctx, cancel := context.WithTimeout(ctx, 5*time.Minute) defer cancel() - yaml, err := os.ReadFile(path.Join(dir, "coordinator.yml")) + yaml, err := os.ReadFile(path.Join(dir, "coordinator-aks-clh-snp.yml")) require.NoError(err) resources, err := kubeapi.UnmarshalUnstructuredK8SResource(yaml) require.NoError(err) @@ -120,12 +120,13 @@ func TestRelease(t *testing.T) { require := require.New(t) require.NoError(os.Mkdir(path.Join(dir, "deployment"), 0o777)) - require.NoError(os.Rename(path.Join(dir, "emojivoto-demo.yml"), path.Join(dir, "deployment", "emojivoto-demo.yml"))) + require.NoError(os.Rename(path.Join(dir, "emojivoto-demo-aks-clh-snp.yml"), path.Join(dir, "deployment", "emojivoto-demo.yml"))) infos, err := os.ReadDir(path.Join(dir, "deployment")) require.NoError(err) for _, info := range infos { name := path.Join(path.Join(dir, "deployment"), info.Name()) + t.Log(name) yaml, err := os.ReadFile(name) require.NoError(err) resources, err := kubeapi.UnmarshalUnstructuredK8SResource(yaml) diff --git a/packages/scripts.nix b/packages/scripts.nix index fe6cf6663e..5b3478dffa 100644 --- a/packages/scripts.nix +++ b/packages/scripts.nix @@ -160,12 +160,13 @@ ]; text = '' imageRef=$1 + platform=$2 tmpdir=$(mktemp -d) trap 'rm -rf $tmpdir' EXIT echo "ghcr.io/edgelesssys/contrast/coordinator:latest=$imageRef" > "$tmpdir/image-replacements.txt" - resourcegen --platform AKS-CLH-SNP --image-replacements "$tmpdir/image-replacements.txt" --add-load-balancers coordinator > "$tmpdir/coordinator_base.yml" + resourcegen --platform "$platform" --image-replacements "$tmpdir/image-replacements.txt" --add-load-balancers coordinator > "$tmpdir/coordinator_base.yml" pushd "$tmpdir" >/dev/null cp ${pkgs.microsoft.genpolicy.rules-coordinator}/genpolicy-rules.rego rules.rego