diff --git a/.drone.yml b/.drone.yml deleted file mode 100644 index 01dc56d587..0000000000 --- a/.drone.yml +++ /dev/null @@ -1,356 +0,0 @@ ---- - -kind: pipeline -type: docker -name: linux-amd64 -platform: - os: linux - arch: amd64 -steps: -- name: build - image: rancher/dapper:v0.5.8 - environment: - CROSS: "windows" - commands: - - dapper ci - volumes: - - name: docker - path: /var/run/docker.sock -- name: fossa - image: registry.suse.com/suse/sle15:15.3 - failure: ignore - environment: - FOSSA_API_KEY: - from_secret: FOSSA_API_KEY - commands: - - zypper -n install curl unzip tar - - "curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/master/install-latest.sh | bash" - - fossa analyze - - fossa test - when: - instance: - - drone-publish.rancher.io - ref: - include: - - "refs/heads/master" - event: - - push - - tag -- name: github_binary_release - image: plugins/github-release - settings: - api_key: - from_secret: github_token - prerelease: true - checksum: - - sha256 - checksum_file: CHECKSUMsum-amd64.txt - checksum_flatten: true - files: - - "dist/artifacts/*" - when: - instance: - - drone-publish.rancher.io - ref: - - refs/head/master - - refs/tags/* - event: - - tag -- name: upload-tag - pull: default - image: plugins/gcs - settings: - acl: - - allUsers:READER - cache_control: "no-cache,must-revalidate" - source: ./dist/artifacts - target: releases.rancher.com/fleet/${DRONE_TAG} - token: - from_secret: google_auth_key - when: - event: - - tag -- name: upload-latest - pull: default - image: plugins/gcs - settings: - acl: - - allUsers:READER - cache_control: "no-cache,must-revalidate" - source: ./dist/artifacts - target: releases.rancher.com/fleet/latest - token: - from_secret: google_auth_key - when: - event: - - tag -- name: docker-publish-agent - image: plugins/docker - settings: - dockerfile: package/Dockerfile.agent - password: - from_secret: docker_password - repo: "rancher/fleet-agent" - tag: "${DRONE_TAG}-linux-amd64" - username: - from_secret: docker_username - build_args: - - "ARCH=amd64" - when: - instance: - - drone-publish.rancher.io - ref: - - refs/head/master - - refs/tags/* - event: - - tag -- name: docker-publish - image: plugins/docker - settings: - dockerfile: package/Dockerfile - password: - from_secret: docker_password - repo: "rancher/fleet" - tag: "${DRONE_TAG}-linux-amd64" - username: - from_secret: docker_username - build_args: - - "ARCH=amd64" - when: - instance: - - drone-publish.rancher.io - ref: - - refs/head/master - - refs/tags/* - event: - - tag -volumes: -- name: docker - host: - path: /var/run/docker.sock - ---- - -kind: pipeline -type: docker -name: linux-arm64 -platform: - os: linux - arch: arm64 -steps: -- name: build - image: rancher/dapper:v0.5.8 - commands: - - dapper build - volumes: - - name: docker - path: /var/run/docker.sock -- name: github_binary_release - image: plugins/github-release - settings: - api_key: - from_secret: github_token - prerelease: true - checksum: - - sha256 - checksum_file: CHECKSUMsum-arm64.txt - checksum_flatten: true - files: - - "dist/artifacts/*" - when: - instance: - - drone-publish.rancher.io - ref: - - refs/head/master - - refs/tags/* - event: - - tag -- name: docker-publish-agent - image: plugins/docker - settings: - dockerfile: package/Dockerfile.agent - password: - from_secret: docker_password - repo: "rancher/fleet-agent" - tag: "${DRONE_TAG}-linux-arm64" - username: - from_secret: docker_username - build_args: - - "ARCH=arm64" - when: - instance: - - drone-publish.rancher.io - ref: - - refs/head/master - - refs/tags/* - event: - - tag -- name: docker-publish - image: plugins/docker - settings: - dockerfile: package/Dockerfile - password: - from_secret: docker_password - repo: "rancher/fleet" - tag: "${DRONE_TAG}-linux-arm64" - username: - from_secret: docker_username - build_args: - - "ARCH=arm64" - when: - instance: - - drone-publish.rancher.io - ref: - - refs/head/master - - refs/tags/* - event: - - tag -volumes: -- name: docker - host: - path: /var/run/docker.sock - ---- - -kind: pipeline -type: docker -name: windows-1809 -platform: - os: windows - arch: amd64 - version: 1809 -# Currently have to define "depth" as otherwise clone fails at -# https://github.com/drone/drone-git/blob/39d233b3d9eccc68e66508a06a725a2567f33143/windows/clone-tag.ps1#L12 -clone: - depth: 20 -steps: -- name: docker-publish-agent - image: plugins/docker:windows-1809-amd64 - settings: - purge: false - dockerfile: package/Dockerfile-windows.agent - password: - from_secret: docker_password - repo: "rancher/fleet-agent" - tag: "${DRONE_TAG}-windows-1809" - username: - from_secret: docker_username - build_args: - - "SERVERCORE_VERSION=1809" - - "RELEASES=releases.rancher.com" - - "VERSION=${DRONE_TAG}" - context: package/ - custom_dns: 1.1.1.1 - volumes: - - name: docker - path: \\\\.\\pipe\\docker_engine - when: - instance: - - drone-publish.rancher.io - ref: - - refs/head/master - - refs/tags/* - event: - - tag -volumes: - - name: docker - host: - path: \\\\.\\pipe\\docker_engine -depends_on: -- linux-amd64 - ---- - -kind: pipeline -type: docker -name: windows-2022 -platform: - os: windows - arch: amd64 - version: 2022 -# Currently have to define "depth" as otherwise clone fails at -# https://github.com/drone/drone-git/blob/39d233b3d9eccc68e66508a06a725a2567f33143/windows/clone-tag.ps1#L12 -clone: - depth: 20 -steps: - - name: docker-publish-agent - image: rancher/drone-images:docker-amd64-ltsc2022 - settings: - dockerfile: package/Dockerfile-windows.agent - password: - from_secret: docker_password - repo: "rancher/fleet-agent" - tag: "${DRONE_TAG}-windows-ltsc2022" - username: - from_secret: docker_username - build_args: - - "SERVERCORE_VERSION=ltsc2022" - - "RELEASES=releases.rancher.com" - - "VERSION=${DRONE_TAG}" - - ARCH=amd64 - context: package/ - custom_dns: 1.1.1.1 - volumes: - - name: docker - path: \\\\.\\pipe\\docker_engine - when: - instance: - - drone-publish.rancher.io - ref: - - refs/head/master - - refs/tags/* - event: - - tag -volumes: - - name: docker - host: - path: \\\\.\\pipe\\docker_engine -depends_on: - - linux-amd64 - ---- - -kind: pipeline -type: docker -name: manifest -platform: - os: linux - arch: amd64 -steps: -- name: manifest - image: plugins/manifest:1.0.2 - settings: - username: - from_secret: docker_username - password: - from_secret: docker_password - spec: manifest.tmpl - when: - instance: - - drone-publish.rancher.io - ref: - - refs/head/master - - refs/tags/* - event: - - tag -- name: manifest-agent - image: plugins/manifest:1.0.2 - settings: - username: - from_secret: docker_username - password: - from_secret: docker_password - spec: manifest-agent.tmpl - when: - instance: - - drone-publish.rancher.io - ref: - - refs/head/master - - refs/tags/* - event: - - tag -depends_on: -- linux-amd64 -- linux-arm64 -- windows-1809 -- windows-2022 diff --git a/.github/workflows/release-fleet.yml b/.github/workflows/release-fleet.yml new file mode 100644 index 0000000000..8feb2fe17c --- /dev/null +++ b/.github/workflows/release-fleet.yml @@ -0,0 +1,119 @@ +# Fleet release workflow +name: Fleet release + +on: + push: + tags: + - v** + +permissions: + contents: write + packages: write + id-token: write # this is important, it's how we authenticate with Vault + +env: + GOARCH: amd64 + CGO_ENABLED: 0 + SETUP_K3D_VERSION: 'v5.5.1' + +jobs: + build-fleet: + runs-on: ubuntu-latest + if: github.repository == 'rancher/fleet' + steps: + - name: Check out Fleet + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version-file: 'go.mod' + check-latest: true + + - name: "Read Vault Secrets" + uses: rancher-eio/read-vault-secrets@main + with: + secrets: | + secret/data/github/repo/${{ github.repository }}/dockerhub/rancher/credentials username | DOCKER_USERNAME ; + secret/data/github/repo/${{ github.repository }}/dockerhub/rancher/credentials password | DOCKER_PASSWORD ; + secret/data/github/repo/${{ github.repository }}/fossa/credential token | FOSSA_API_KEY + + - name: Run FOSSA scan + uses: fossas/fossa-action@v1.3.3 + with: + api-key: ${{ env.FOSSA_API_KEY }} + + - name: Run FOSSA tests + uses: fossas/fossa-action@v1.3.3 + with: + api-key: ${{ env.FOSSA_API_KEY }} + run-tests: false + + - name: Check for code changes + run: | + ./.github/scripts/check-for-auto-generated-changes.sh + go mod verify + + - name: Run unit tests + run: go test -cover -tags=test $(go list ./... | grep -v -e /e2e -e /integrationtests) + + - name: Install Ginkgo CLI + run: go install github.com/onsi/ginkgo/v2/ginkgo + + - name: Run integration tests + env: + SETUP_ENVTEST_VER: v0.0.0-20240115093953-9e6e3b144a69 + ENVTEST_K8S_VERSION: 1.28 + run: ./.github/scripts/run-integration-tests.sh + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log into Docker Container registry + uses: docker/login-action@v3 + with: + username: ${{ env.DOCKER_USERNAME }} + password: ${{ env.DOCKER_PASSWORD }} + + - name: Run GoReleaser + uses: goreleaser/goreleaser-action@v6 + id: goreleaser + with: + distribution: goreleaser + version: '~> v2' + args: release --clean --verbose + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Upload charts to release + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + repo: "rancher" + run: | + version=$(echo '${{ steps.goreleaser.outputs.metadata }}' | jq -r '.version') + tag=$(echo '${{ steps.goreleaser.outputs.metadata }}' | jq -r '.tag') + echo "publishing helm chart for (repo: $repo, tag: $tag, version: $version)" + + # Replace rancher/fleet, rancher/fleet-agent and rancher/gitjob image names, but not eg. rancher/kubectl + sed -i \ + -e "s@repository: rancher/\(fleet.*\|gitjob\).*@repository: $repo/\\1@" \ + -e "s/tag:.*/tag: $tag/" \ + charts/fleet/values.yaml + + sed -i \ + -e "s@repository: rancher/\(fleet.*\|gitjob\).*@repository: $repo/\\1@" \ + -e "s/tag: dev/tag: $tag/" \ + charts/fleet-agent/values.yaml + + helm package --version="$version" --app-version="$version" -d ./dist ./charts/fleet + helm package --version="$version" --app-version="$version" -d ./dist ./charts/fleet-crd + helm package --version="$version" --app-version="$version" -d ./dist ./charts/fleet-agent + + for f in $(find dist/ -name '*.tgz'); do + gh release upload $tag $f + done diff --git a/.goreleaser.yaml b/.goreleaser.yaml new file mode 100644 index 0000000000..d4a7b9d028 --- /dev/null +++ b/.goreleaser.yaml @@ -0,0 +1,190 @@ +--- +version: 2 + +project_name: fleet +release: + prerelease: auto + +before: + hooks: + - go mod download + +archives: + - id: fleet-controller + format: binary + name_template: "{{ .Binary }}" + builds: + - fleet-controller + + - id: fleet-agent + format: binary + name_template: "{{ .Binary }}" + builds: + - fleet-agent + + - id: fleet-cli + format: binary + name_template: "{{ .Binary }}" + builds: + - fleet-cli + +builds: + - + id: fleet-controller + main: ./cmd/fleetcontroller + binary: fleetcontroller-{{ .Os }}-{{ .Arch }}{{ if .Arm }}64{{ end }} + no_unique_dist_dir: true + # gcflags: + # - all="-N -l" + ldflags: + - -w -s + - -X github.com/rancher/fleet/pkg/version.GitCommit={{ .Commit }} + - -X github.com/rancher/fleet/pkg/version.Version={{ .Tag }} + targets: + - linux_amd64_v1 + - linux_arm64 + - + id: fleet-agent + main: ./cmd/fleetagent + binary: fleetagent-{{ .Os }}-{{ .Arch }}{{ if .Arm }}64{{ end }} + no_unique_dist_dir: true + ldflags: + - -w -s + - -X github.com/rancher/fleet/pkg/version.GitCommit={{ .Commit }} + - -X github.com/rancher/fleet/pkg/version.Version={{ .Tag }} + targets: + - linux_amd64_v1 + - linux_arm64 + - windows_amd64 + - + id: fleet-cli + main: ./cmd/fleetcli + binary: fleet-{{ .Os }}-{{ .Arch }}{{ if .Arm }}64{{ end }} + no_unique_dist_dir: true + ldflags: + - -w -s + - -X github.com/rancher/fleet/pkg/version.GitCommit={{ .Commit }} + - -X github.com/rancher/fleet/pkg/version.Version={{ .Tag }} + targets: + - linux_amd64_v1 + - linux_arm64 + - windows_amd64 + +changelog: + ## Delegate Changelog to release-drafter + disable: false + use: github + +env: + - CGO_ENABLED=0 + +snapshot: + name_template: "{{ .Tag }}-next" + +dockers: + # fleet-controller images + - + use: buildx + + # GOOS of the built binaries/packages that should be used. + goos: linux + + # GOARCH of the built binaries/packages that should be used. + goarch: amd64 + + # IDs to filter the binaries/packages. + ids: + - fleet-controller + + # Templates of the Docker image names. + image_templates: + - "docker.io/rancher/fleet:{{ .Tag }}-linux-amd64" + + # Path to the Dockerfile (from the project root). + dockerfile: package/Dockerfile + + # Template of the docker build flags. + build_flag_templates: + - "--pull" + - "--label=org.opencontainers.image.created={{.Date}}" + - "--label=org.opencontainers.image.title={{.ProjectName}}" + - "--label=org.opencontainers.image.revision={{.FullCommit}}" + - "--label=org.opencontainers.image.version={{.Version}}" + - "--label=org.opencontainers.image.source=https://github.com/rancher/fleet" + - "--build-arg=ARCH=amd64" + - "--build-arg=BUILD_ENV=goreleaser" + - "--platform=linux/amd64" + - + use: buildx + goos: linux + goarch: arm64 + ids: + - fleet-controller + image_templates: + - "docker.io/rancher/fleet:{{ .Tag }}-linux-arm64" + dockerfile: package/Dockerfile + build_flag_templates: + - "--pull" + - "--label=org.opencontainers.image.created={{.Date}}" + - "--label=org.opencontainers.image.title={{.ProjectName}}" + - "--label=org.opencontainers.image.revision={{.FullCommit}}" + - "--label=org.opencontainers.image.version={{.Version}}" + - "--label=org.opencontainers.image.source=https://github.com/rancher/fleet" + - "--build-arg=ARCH=arm64" + - "--build-arg=BUILD_ENV=goreleaser" + - "--platform=linux/arm64/v8" + # fleet-agent images + - + use: buildx + goos: linux + goarch: amd64 + ids: + - fleet-agent + - fleet-cli + image_templates: + - "docker.io/rancher/fleet-agent:{{ .Tag }}-linux-amd64" + dockerfile: package/Dockerfile.agent + build_flag_templates: + - "--pull" + - "--label=org.opencontainers.image.created={{.Date}}" + - "--label=org.opencontainers.image.title={{.ProjectName}}" + - "--label=org.opencontainers.image.revision={{.FullCommit}}" + - "--label=org.opencontainers.image.version={{.Version}}" + - "--label=org.opencontainers.image.source=https://github.com/rancher/fleet" + - "--build-arg=ARCH=amd64" + - "--build-arg=BUILD_ENV=goreleaser" + - "--platform=linux/amd64" + extra_files: [ "package/log.sh" ] + - + use: buildx + goos: linux + goarch: arm64 + ids: + - fleet-agent + - fleet-cli + image_templates: + - "docker.io/rancher/fleet-agent:{{ .Tag }}-linux-arm64" + dockerfile: package/Dockerfile.agent + build_flag_templates: + - "--pull" + - "--label=org.opencontainers.image.created={{.Date}}" + - "--label=org.opencontainers.image.title={{.ProjectName}}" + - "--label=org.opencontainers.image.revision={{.FullCommit}}" + - "--label=org.opencontainers.image.version={{.Version}}" + - "--label=org.opencontainers.image.source=https://github.com/rancher/fleet" + - "--build-arg=ARCH=arm64" + - "--build-arg=BUILD_ENV=goreleaser" + - "--platform=linux/arm64/v8" + extra_files: [ "package/log.sh" ] + +docker_manifests: + # https://goreleaser.com/customization/docker_manifest/ + - name_template: "docker.io/rancher/fleet:{{ .Tag }}" + image_templates: + - "docker.io/rancher/fleet:{{ .Tag }}-linux-amd64" + - "docker.io/rancher/fleet:{{ .Tag }}-linux-arm64" + + - name_template: "docker.io/rancher/fleet-agent:{{ .Tag }}" + image_templates: + - "docker.io/rancher/fleet-agent:{{ .Tag }}-linux-amd64" + - "docker.io/rancher/fleet-agent:{{ .Tag }}-linux-arm64" diff --git a/charts/fleet/charts/gitjob/Chart.yaml b/charts/fleet/charts/gitjob/Chart.yaml index 7a518403e2..3ca05eccd1 100644 --- a/charts/fleet/charts/gitjob/Chart.yaml +++ b/charts/fleet/charts/gitjob/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -appVersion: 0.9.8 +appVersion: 0.9.10 description: Controller that run jobs based on git events name: gitjob -version: 0.9.8 +version: 0.9.10 diff --git a/charts/fleet/charts/gitjob/values.yaml b/charts/fleet/charts/gitjob/values.yaml index 65816b124c..12dfca0276 100644 --- a/charts/fleet/charts/gitjob/values.yaml +++ b/charts/fleet/charts/gitjob/values.yaml @@ -1,6 +1,6 @@ gitjob: repository: rancher/gitjob - tag: v0.9.8 + tag: v0.9.10 global: cattle: diff --git a/package/Dockerfile b/package/Dockerfile index 742e0ca69f..6b3b115eb6 100644 --- a/package/Dockerfile +++ b/package/Dockerfile @@ -1,15 +1,20 @@ ARG BUILD_ENV=dapper +ARG ARCH -FROM registry.suse.com/bci/bci-base:15.5 AS base +FROM --platform=linux/$ARCH registry.suse.com/bci/bci-base:15.6 AS base RUN zypper in --no-recommends -y git-core openssh; rm -fr /var/cache/* /var/log/*log FROM base AS copy_dapper ONBUILD ARG ARCH -ONBUILD COPY bin/fleetcontroller-linux-${ARCH} /usr/bin/fleetcontroller +ONBUILD COPY bin/fleetcontroller-linux-$ARCH /usr/bin/fleetcontroller FROM base AS copy_buildx ONBUILD ARG TARGETARCH -ONBUILD COPY bin/fleetcontroller-linux-${TARGETARCH} /usr/bin/fleetcontroller +ONBUILD COPY bin/fleetcontroller-linux-$TARGETARCH /usr/bin/fleetcontroller + +FROM base AS copy_goreleaser +ONBUILD ARG ARCH +ONBUILD COPY fleetcontroller-linux-$ARCH /usr/bin/fleetcontroller FROM copy_${BUILD_ENV} USER 1000 diff --git a/package/Dockerfile.agent b/package/Dockerfile.agent index b2f84ca73b..4deb68d62d 100644 --- a/package/Dockerfile.agent +++ b/package/Dockerfile.agent @@ -1,6 +1,7 @@ ARG BUILD_ENV=dapper +ARG ARCH -FROM registry.suse.com/bci/bci-base:15.5 AS base +FROM --platform=linux/$ARCH registry.suse.com/bci/bci-base:15.6 AS base RUN zypper in --no-recommends -y git-core openssh; rm -fr /var/cache/* /var/log/*log COPY package/log.sh /usr/bin/ @@ -14,6 +15,11 @@ ONBUILD ARG TARGETARCH ONBUILD COPY bin/fleetagent-linux-$TARGETARCH /usr/bin/fleetagent ONBUILD COPY bin/fleet-linux-$TARGETARCH /usr/bin/fleet +FROM base AS copy_goreleaser +ONBUILD ARG ARCH +ONBUILD COPY fleetagent-linux-$ARCH /usr/bin/fleetagent +ONBUILD COPY fleet-linux-$ARCH /usr/bin/fleet + FROM copy_${BUILD_ENV} USER 1000 CMD ["fleetagent"]