Blame - Earthfile - atmosphere

blob: a986488cb76b4f84c974aab12f8c9c6f19efd768 [file] [log] [blame]

Mohammed Naser	1220717	2024-02-05 18:49:35 -0500	[diff] [blame]	1	VERSION --use-copy-link --try 0.8
				2
Mohammed Naser	1220717	2024-02-05 18:49:35 -0500	[diff] [blame]	3	lint:
				4	BUILD +lint.ansible-lint
				5	BUILD +lint.markdownlint
				6	BUILD +lint.image-manifest
				7
Mohammed Naser	1220717	2024-02-05 18:49:35 -0500	[diff] [blame]	8	lint.markdownlint:
				9	FROM davidanson/markdownlint-cli2
				10	COPY --dir docs/ .markdownlint.yaml .markdownlint-cli2.jsonc /src
				11	WORKDIR /src
				12	TRY
				13	RUN markdownlint-cli2 **
				14	FINALLY
				15	SAVE ARTIFACT /src/junit.xml AS LOCAL junit.xml
				16	END
				17
				18	lint.ansible-lint:
				19	FROM registry.gitlab.com/pipeline-components/ansible-lint:latest
				20	COPY --dir meta/ molecule/ playbooks/ plugins/ roles/ tests/ .ansible-lint CHANGELOG.md galaxy.yml /code
				21	TRY
				22	RUN ansible-lint -v --show-relpath -f pep8 --nocolor \| ansible-lint-junit -o ansible-lint.xml
				23	FINALLY
				24	SAVE ARTIFACT ansible-lint.xml AS LOCAL ansible-lint.xml
				25	END
				26
				27	lint.image-manifest:
				28	FROM quay.io/skopeo/stable:latest
				29	COPY roles/defaults/vars/main.yml /defaults.yml
				30	FOR IMAGE IN $(cat /defaults.yml \| grep sha256 \| cut -d' ' -f4 \| sort \| uniq \| sed 's/:[^@]*//')
				31	BUILD +lint.image-manifest.image --IMAGE ${IMAGE}
				32	END
				33
				34	lint.image-manifest.image:
				35	FROM quay.io/skopeo/stable:latest
				36	ARG --required IMAGE
				37	RUN skopeo inspect --no-tags docker://${IMAGE} >/dev/null && echo "Manifest is valid for ${IMAGE}" \|\| echo "Manifest is not valid for ${IMAGE}"
				38
				39	unit.go:
				40	FROM golang:1.21
				41	RUN go install github.com/jstemmer/go-junit-report/v2@latest
				42	COPY --dir go.mod go.sum /src
				43	WORKDIR /src
				44	RUN go mod download
				45	COPY --dir charts/ cmd/ internal/ roles/ tools/ /src
				46	TRY
				47	RUN go test -v 2>&1 ./... \| go-junit-report -set-exit-code > junit-go.xml
				48	FINALLY
				49	SAVE ARTIFACT /src/junit-go.xml AS LOCAL junit-go.xml
				50	END
				51
				52	build.collection:
				53	FROM registry.gitlab.com/pipeline-components/ansible-lint:latest
				54	COPY . /src
				55	RUN ansible-galaxy collection build /src
				56	SAVE ARTIFACT /code/*.tar.gz AS LOCAL dist/
Mohammed Naser	8613c86	2023-04-24 17:26:51 -0400	[diff] [blame]	57
Mohammed Naser	168acc3	2024-01-09 17:15:26 -0500	[diff] [blame]	58	go.build:
				59	FROM golang:1.21
				60	WORKDIR /src
				61	ARG GOOS=linux
				62	ARG GOARCH=amd64
				63	ARG VARIANT
				64	COPY --dir go.mod go.sum ./
				65	RUN go mod download
				66
				67	libvirt-tls-sidecar.build:
				68	FROM +go.build
				69	ARG GOOS=linux
				70	ARG GOARCH=amd64
				71	ARG VARIANT
				72	COPY --dir cmd internal ./
				73	RUN GOARM=${VARIANT#"v"} go build -o main cmd/libvirt-tls-sidecar/main.go
				74	SAVE ARTIFACT ./main
				75
				76	libvirt-tls-sidecar.platform-image:
				77	ARG TARGETPLATFORM
				78	ARG TARGETARCH
				79	ARG TARGETVARIANT
				80	FROM --platform=$TARGETPLATFORM ./images/base+image
				81	COPY \
				82	--platform=linux/amd64 \
				83	(+libvirt-tls-sidecar.build/main --GOARCH=$TARGETARCH --VARIANT=$TARGETVARIANT) /usr/bin/libvirt-tls-sidecar
				84	ENTRYPOINT ["/usr/bin/libvirt-tls-sidecar"]
Mohammed Naser	1dfea6b	2024-02-09 01:04:26 -0500	[diff] [blame]	85	ARG REGISTRY=ghcr.io/vexxhost/atmosphere
Mohammed Naser	1220717	2024-02-05 18:49:35 -0500	[diff] [blame]	86	SAVE IMAGE --push ${REGISTRY}/libvirt-tls-sidecar:latest
Mohammed Naser	168acc3	2024-01-09 17:15:26 -0500	[diff] [blame]	87
				88	libvirt-tls-sidecar.image:
				89	BUILD --platform=linux/amd64 --platform=linux/arm64 +libvirt-tls-sidecar.platform-image
				90
Mohammed Naser	1de5519	2023-04-28 17:13:35 -0400	[diff] [blame]	91	build.wheels:
Mohammed Naser	7060df8	2023-12-29 15:12:17 -0500	[diff] [blame]	92	FROM ./images/builder+image
Mohammed Naser	8613c86	2023-04-24 17:26:51 -0400	[diff] [blame]	93	COPY pyproject.toml poetry.lock ./
Mohammed Naser	1de5519	2023-04-28 17:13:35 -0400	[diff] [blame]	94	ARG --required only
				95	RUN poetry export --only=${only} -f requirements.txt --without-hashes > requirements.txt
Mohammed Naser	8613c86	2023-04-24 17:26:51 -0400	[diff] [blame]	96	RUN pip wheel -r requirements.txt --wheel-dir=/wheels
				97	SAVE ARTIFACT requirements.txt
				98	SAVE ARTIFACT /wheels
Mohammed Naser	1de5519	2023-04-28 17:13:35 -0400	[diff] [blame]	99	SAVE IMAGE --cache-hint
Mohammed Naser	8613c86	2023-04-24 17:26:51 -0400	[diff] [blame]	100
Mohammed Naser	1de5519	2023-04-28 17:13:35 -0400	[diff] [blame]	101	build.venv:
				102	ARG --required only
				103	FROM +build.wheels --only ${only}
Mohammed Naser	8613c86	2023-04-24 17:26:51 -0400	[diff] [blame]	104	RUN python3 -m venv /venv
				105	ENV PATH=/venv/bin:$PATH
				106	RUN pip install -r requirements.txt
Mohammed Naser	1de5519	2023-04-28 17:13:35 -0400	[diff] [blame]	107	SAVE IMAGE --cache-hint
				108
				109	build.venv.dev:
				110	FROM +build.venv --only main,dev
Mohammed Naser	8613c86	2023-04-24 17:26:51 -0400	[diff] [blame]	111	SAVE ARTIFACT /venv
				112
Mohammed Naser	1de5519	2023-04-28 17:13:35 -0400	[diff] [blame]	113	build.venv.runtime:
				114	FROM +build.venv --only main
				115	SAVE ARTIFACT /venv
				116
				117	build.collections:
				118	FROM +build.venv.runtime
				119	COPY charts /src/charts
				120	COPY meta /src/meta
				121	COPY playbooks /src/playbooks
				122	COPY plugins /src/plugins
				123	COPY roles /src/roles
				124	COPY galaxy.yml /src/galaxy.yml
				125	RUN ansible-galaxy collection install --collections-path /usr/share/ansible/collections /src
				126	SAVE ARTIFACT /usr/share/ansible/collections
				127	SAVE IMAGE --cache-hint
				128
				129	image:
Michiel Piscaer	b19c1cf	2024-01-08 22:09:04 +0100	[diff] [blame]	130	ARG RELEASE=2023.1
				131	FROM ./images/cloud-archive-base+image --RELEASE ${RELEASE}
Mohammed Naser	1de5519	2023-04-28 17:13:35 -0400	[diff] [blame]	132	ENV ANSIBLE_PIPELINING=True
Mohammed Naser	aa48ddb	2023-12-30 00:11:22 -0500	[diff] [blame]	133	DO ./images+APT_INSTALL --PACKAGES "rsync openssh-client"
Mohammed Naser	e720d78	2023-07-10 15:57:21 -0400	[diff] [blame]	134	COPY +build.venv.runtime/venv /venv
				135	ENV PATH=/venv/bin:$PATH
				136	COPY +build.collections/ /usr/share/ansible
Mohammed Naser	1de5519	2023-04-28 17:13:35 -0400	[diff] [blame]	137	ARG tag=latest
Mohammed Naser	1dfea6b	2024-02-09 01:04:26 -0500	[diff] [blame]	138	ARG REGISTRY=ghcr.io/vexxhost/atmosphere
Mohammed Naser	1220717	2024-02-05 18:49:35 -0500	[diff] [blame]	139	SAVE IMAGE --push ${REGISTRY}:${tag}
Mohammed Naser	8613c86	2023-04-24 17:26:51 -0400	[diff] [blame]	140
Mohammed Naser	7060df8	2023-12-29 15:12:17 -0500	[diff] [blame]	141	images:
Mohammed Naser	1dfea6b	2024-02-09 01:04:26 -0500	[diff] [blame]	142	ARG REGISTRY=ghcr.io/vexxhost/atmosphere
Mohammed Naser	1220717	2024-02-05 18:49:35 -0500	[diff] [blame]	143	BUILD +libvirt-tls-sidecar.image --REGISTRY=${REGISTRY}
				144	BUILD ./images/barbican+image --REGISTRY=${REGISTRY}
				145	BUILD ./images/cinder+image --REGISTRY=${REGISTRY}
				146	BUILD ./images/cluster-api-provider-openstack+image --REGISTRY=${REGISTRY}
				147	BUILD ./images/designate+image --REGISTRY=${REGISTRY}
				148	BUILD ./images/glance+image --REGISTRY=${REGISTRY}
				149	BUILD ./images/heat+image --REGISTRY=${REGISTRY}
				150	BUILD ./images/horizon+image --REGISTRY=${REGISTRY}
				151	BUILD ./images/ironic+image --REGISTRY=${REGISTRY}
				152	BUILD ./images/keystone+image --REGISTRY=${REGISTRY}
				153	BUILD ./images/kubernetes-entrypoint+image --REGISTRY=${REGISTRY}
				154	BUILD ./images/libvirtd+image --REGISTRY=${REGISTRY}
				155	BUILD ./images/magnum+image --REGISTRY=${REGISTRY}
				156	BUILD ./images/manila+image --REGISTRY=${REGISTRY}
				157	BUILD ./images/netoffload+image --REGISTRY=${REGISTRY}
				158	BUILD ./images/neutron+image --REGISTRY=${REGISTRY}
				159	BUILD ./images/nova-ssh+image --REGISTRY=${REGISTRY}
				160	BUILD ./images/nova+image --REGISTRY=${REGISTRY}
				161	BUILD ./images/octavia+image --REGISTRY=${REGISTRY}
				162	BUILD ./images/openvswitch+image --REGISTRY=${REGISTRY}
				163	BUILD ./images/ovn+images --REGISTRY=${REGISTRY}
				164	BUILD ./images/placement+image --REGISTRY=${REGISTRY}
				165	BUILD ./images/senlin+image --REGISTRY=${REGISTRY}
				166	BUILD ./images/staffeln+image --REGISTRY=${REGISTRY}
				167	BUILD ./images/tempest+image --REGISTRY=${REGISTRY}
Mohammed Naser	7060df8	2023-12-29 15:12:17 -0500	[diff] [blame]	168
Mohammed Naser	7a848bc	2024-01-22 21:58:11 -0500	[diff] [blame]	169	SCAN_IMAGE:
Mohammed Naser	1220717	2024-02-05 18:49:35 -0500	[diff] [blame]	170	FUNCTION
Mohammed Naser	7a848bc	2024-01-22 21:58:11 -0500	[diff] [blame]	171	ARG --required IMAGE
				172	# TODO(mnaser): Include secret scanning when it's more reliable.
				173	RUN \
				174	trivy image \
				175	--skip-db-update \
				176	--skip-java-db-update \
				177	--scanners vuln \
				178	--exit-code 1 \
				179	--ignore-unfixed \
				180	${IMAGE}
				181
				182	scan-image:
				183	FROM ./images/trivy+image
				184	ARG --required IMAGE
				185	DO +SCAN_IMAGE --IMAGE ${IMAGE}
				186
				187	scan-images:
				188	FROM ./images/trivy+image
				189	COPY roles/defaults/vars/main.yml /defaults.yml
				190	# TODO(mnaser): Scan all images eventually
Mohammed Naser	1220717	2024-02-05 18:49:35 -0500	[diff] [blame]	191	FOR IMAGE IN $(cat /defaults.yml \| egrep -E 'ghcr.io/vexxhost\|registry.atmosphere.dev' \| cut -d' ' -f4 \| sort \| uniq)
Mohammed Naser	7a848bc	2024-01-22 21:58:11 -0500	[diff] [blame]	192	BUILD +scan-image --IMAGE ${IMAGE}
Mohammed Naser	7a848bc	2024-01-22 21:58:11 -0500	[diff] [blame]	193	END
				194
Mohammed Naser	8613c86	2023-04-24 17:26:51 -0400	[diff] [blame]	195	pin-images:
Mohammed Naser	1de5519	2023-04-28 17:13:35 -0400	[diff] [blame]	196	FROM +build.venv.dev
ricolin	b8ab017	2023-06-01 15:41:02 +0800	[diff] [blame]	197	COPY roles/defaults/vars/main.yml /defaults.yml
Mohammed Naser	8613c86	2023-04-24 17:26:51 -0400	[diff] [blame]	198	COPY build/pin-images.py /usr/local/bin/pin-images
Mohammed Naser	1dfea6b	2024-02-09 01:04:26 -0500	[diff] [blame]	199	ARG REGISTRY=ghcr.io/vexxhost/atmosphere
Mohammed Naser	1220717	2024-02-05 18:49:35 -0500	[diff] [blame]	200	RUN --no-cache /usr/local/bin/pin-images --registry ${REGISTRY} /defaults.yml /pinned.yml
ricolin	b8ab017	2023-06-01 15:41:02 +0800	[diff] [blame]	201	SAVE ARTIFACT /pinned.yml AS LOCAL roles/defaults/vars/main.yml
Mohammed Naser	d03bba3	2023-04-25 12:54:58 +0000	[diff] [blame]	202
				203	gh:
				204	FROM alpine:3
				205	RUN apk add --no-cache github-cli
				206
				207	trigger-image-sync:
				208	FROM +gh
				209	ARG --required project
				210	RUN --secret GITHUB_TOKEN gh workflow run --repo vexxhost/docker-openstack-${project} sync.yml
Mohammed Naser	0c42887	2023-09-21 12:59:20 +0000	[diff] [blame]	211
				212	image-sync:
				213	FROM golang:1.19
				214	ARG --required project
				215	WORKDIR /src
				216	COPY . /src
				217	RUN --secret GITHUB_TOKEN go run ./cmd/atmosphere-ci image repo sync ${project}
Mohammed Naser	7f3eb56	2024-01-23 16:49:57 -0500	[diff] [blame]	218
				219	mkdocs-image:
				220	FROM ghcr.io/squidfunk/mkdocs-material:9.5.4
				221	RUN pip install \
				222	mkdocs-literate-nav
				223	SAVE IMAGE mkdocs
				224
				225	mkdocs-serve:
				226	LOCALLY
				227	WITH DOCKER --load=+mkdocs-image
				228	RUN docker run --rm -p 8000:8000 -v ${PWD}:/docs mkdocs
				229	END
				230
				231	mkdocs-build:
				232	FROM +mkdocs-image
				233	COPY . /docs
				234	RUN mkdocs build
Mohammed Naser	3995352	2024-01-23 16:53:31 -0500	[diff] [blame]	235	RUN --push --secret GITHUB_TOKEN git remote set-url origin https://x-access-token:${GITHUB_TOKEN}@github.com/vexxhost/atmosphere.git
Mohammed Naser	7f3eb56	2024-01-23 16:49:57 -0500	[diff] [blame]	236	RUN --push mkdocs gh-deploy --force