Gitiles
Code Review Sign In
review.vexxhost.dev / atmosphere / 738bb0fe7b101354436ed86c83bbb5b968a03153 / . / Earthfile
blob: 0ef8ed3ecb617cfd35afe7f3108f0797ad979d57 [file] [log] [blame]
Mohammed Naser1de55192023-04-28 17:13:35 -0400[diff] [blame]1VERSION --use-copy-link 0.7
Mohammed Naser8613c862023-04-24 17:26:51 -0400[diff] [blame]2
Mohammed Naser168acc32024-01-09 17:15:26 -0500[diff] [blame]3go.build:
4 FROM golang:1.21
5 WORKDIR /src
6 ARG GOOS=linux
7 ARG GOARCH=amd64
8 ARG VARIANT
9 COPY --dir go.mod go.sum ./
10 RUN go mod download
11
12libvirt-tls-sidecar.build:
13 FROM +go.build
14 ARG GOOS=linux
15 ARG GOARCH=amd64
16 ARG VARIANT
17 COPY --dir cmd internal ./
18 RUN GOARM=${VARIANT#"v"} go build -o main cmd/libvirt-tls-sidecar/main.go
19 SAVE ARTIFACT ./main
20
21libvirt-tls-sidecar.platform-image:
22 ARG TARGETPLATFORM
23 ARG TARGETARCH
24 ARG TARGETVARIANT
25 FROM --platform=$TARGETPLATFORM ./images/base+image
26 COPY \
27 --platform=linux/amd64 \
28 (+libvirt-tls-sidecar.build/main --GOARCH=$TARGETARCH --VARIANT=$TARGETVARIANT) /usr/bin/libvirt-tls-sidecar
29 ENTRYPOINT ["/usr/bin/libvirt-tls-sidecar"]
Mohammed Naser168acc32024-01-09 17:15:26 -0500[diff] [blame]30 SAVE IMAGE --push ghcr.io/vexxhost/atmosphere/libvirt-tls-sidecar:latest
31
32libvirt-tls-sidecar.image:
33 BUILD --platform=linux/amd64 --platform=linux/arm64 +libvirt-tls-sidecar.platform-image
34
Mohammed Naser1de55192023-04-28 17:13:35 -0400[diff] [blame]35build.wheels:
Mohammed Naser7060df82023-12-29 15:12:17 -0500[diff] [blame]36 FROM ./images/builder+image
Mohammed Naser8613c862023-04-24 17:26:51 -0400[diff] [blame]37 COPY pyproject.toml poetry.lock ./
Mohammed Naser1de55192023-04-28 17:13:35 -0400[diff] [blame]38 ARG --required only
39 RUN poetry export --only=${only} -f requirements.txt --without-hashes > requirements.txt
Mohammed Naser8613c862023-04-24 17:26:51 -0400[diff] [blame]40 RUN pip wheel -r requirements.txt --wheel-dir=/wheels
41 SAVE ARTIFACT requirements.txt
42 SAVE ARTIFACT /wheels
Mohammed Naser1de55192023-04-28 17:13:35 -0400[diff] [blame]43 SAVE IMAGE --cache-hint
Mohammed Naser8613c862023-04-24 17:26:51 -0400[diff] [blame]44
Mohammed Naser1de55192023-04-28 17:13:35 -0400[diff] [blame]45build.venv:
46 ARG --required only
47 FROM +build.wheels --only ${only}
Mohammed Naser8613c862023-04-24 17:26:51 -0400[diff] [blame]48 RUN python3 -m venv /venv
49 ENV PATH=/venv/bin:$PATH
50 RUN pip install -r requirements.txt
Mohammed Naser1de55192023-04-28 17:13:35 -0400[diff] [blame]51 SAVE IMAGE --cache-hint
52
53build.venv.dev:
54 FROM +build.venv --only main,dev
Mohammed Naser8613c862023-04-24 17:26:51 -0400[diff] [blame]55 SAVE ARTIFACT /venv
56
Mohammed Naser1de55192023-04-28 17:13:35 -0400[diff] [blame]57build.venv.runtime:
58 FROM +build.venv --only main
59 SAVE ARTIFACT /venv
60
61build.collections:
62 FROM +build.venv.runtime
63 COPY charts /src/charts
64 COPY meta /src/meta
65 COPY playbooks /src/playbooks
66 COPY plugins /src/plugins
67 COPY roles /src/roles
68 COPY galaxy.yml /src/galaxy.yml
69 RUN ansible-galaxy collection install --collections-path /usr/share/ansible/collections /src
70 SAVE ARTIFACT /usr/share/ansible/collections
71 SAVE IMAGE --cache-hint
72
73image:
Michiel Piscaerb19c1cf2024-01-08 22:09:04 +0100[diff] [blame]74 ARG RELEASE=2023.1
75 FROM ./images/cloud-archive-base+image --RELEASE ${RELEASE}
Mohammed Naser1de55192023-04-28 17:13:35 -0400[diff] [blame]76 ENV ANSIBLE_PIPELINING=True
Mohammed Naseraa48ddb2023-12-30 00:11:22 -0500[diff] [blame]77 DO ./images+APT_INSTALL --PACKAGES "rsync openssh-client"
Mohammed Nasere720d782023-07-10 15:57:21 -0400[diff] [blame]78 COPY +build.venv.runtime/venv /venv
79 ENV PATH=/venv/bin:$PATH
80 COPY +build.collections/ /usr/share/ansible
Mohammed Naser1de55192023-04-28 17:13:35 -0400[diff] [blame]81 ARG tag=latest
Mohammed Naserccc70cc2023-04-28 22:20:34 +0000[diff] [blame]82 SAVE IMAGE --push ghcr.io/vexxhost/atmosphere:${tag}
Mohammed Naser8613c862023-04-24 17:26:51 -0400[diff] [blame]83
Mohammed Naser7060df82023-12-29 15:12:17 -0500[diff] [blame]84images:
Mohammed Naser7a848bc2024-01-22 21:58:11 -0500[diff] [blame]85 BUILD +libvirt-tls-sidecar.image
Mohammed Naser05726e72024-01-02 14:55:33 -0500[diff] [blame]86 BUILD ./images/barbican+image
Mohammed Naser9b9b3e22024-01-02 15:17:43 -0500[diff] [blame]87 BUILD ./images/cinder+image
Mohammed Naser7060df82023-12-29 15:12:17 -0500[diff] [blame]88 BUILD ./images/cluster-api-provider-openstack+image
Mohammed Naser6a31b342024-01-02 15:26:44 -0500[diff] [blame]89 BUILD ./images/designate+image
Mohammed Naser05726e72024-01-02 14:55:33 -0500[diff] [blame]90 BUILD ./images/glance+image
91 BUILD ./images/heat+image
Mohammed Naserc6392302024-01-04 00:43:02 -0500[diff] [blame]92 BUILD ./images/horizon+image
93 BUILD ./images/ironic+image
94 BUILD ./images/keystone+image
Mohammed Nasera3868672024-01-20 13:54:40 -0500[diff] [blame]95 BUILD ./images/kubernetes-entrypoint+image
Mohammed Naser19d63122024-01-08 17:10:05 -0500[diff] [blame]96 BUILD ./images/libvirtd+image
Mohammed Naserc6392302024-01-04 00:43:02 -0500[diff] [blame]97 BUILD ./images/magnum+image
98 BUILD ./images/manila+image
Mohammed Naser7a848bc2024-01-22 21:58:11 -0500[diff] [blame]99 BUILD ./images/netoffload+image
Mohammed Naserc6392302024-01-04 00:43:02 -0500[diff] [blame]100 BUILD ./images/neutron+image
Mohammed Nasera3868672024-01-20 13:54:40 -0500[diff] [blame]101 BUILD ./images/nova-ssh+image
Mohammed Naser7a848bc2024-01-22 21:58:11 -0500[diff] [blame]102 BUILD ./images/nova+image
Mohammed Naser05726e72024-01-02 14:55:33 -0500[diff] [blame]103 BUILD ./images/octavia+image
Mohammed Naser19d63122024-01-08 17:10:05 -0500[diff] [blame]104 BUILD ./images/openvswitch+image
105 BUILD ./images/ovn+images
Mohammed Naser05726e72024-01-02 14:55:33 -0500[diff] [blame]106 BUILD ./images/placement+image
Mohammed Nasera7301772024-01-02 15:02:39 -0500[diff] [blame]107 BUILD ./images/senlin+image
Mohammed Naser7a848bc2024-01-22 21:58:11 -0500[diff] [blame]108 BUILD ./images/staffln+image
Mohammed Naser19d63122024-01-08 17:10:05 -0500[diff] [blame]109 BUILD ./images/tempest+image
Mohammed Naser7060df82023-12-29 15:12:17 -0500[diff] [blame]110
Mohammed Naser7a848bc2024-01-22 21:58:11 -0500[diff] [blame]111SCAN_IMAGE:
112 COMMAND
113 ARG --required IMAGE
114 # TODO(mnaser): Include secret scanning when it's more reliable.
115 RUN \
116 trivy image \
117 --skip-db-update \
118 --skip-java-db-update \
119 --scanners vuln \
120 --exit-code 1 \
121 --ignore-unfixed \
122 ${IMAGE}
123
124scan-image:
125 FROM ./images/trivy+image
126 ARG --required IMAGE
127 DO +SCAN_IMAGE --IMAGE ${IMAGE}
128
129scan-images:
130 FROM ./images/trivy+image
131 COPY roles/defaults/vars/main.yml /defaults.yml
132 # TODO(mnaser): Scan all images eventually
133 FOR IMAGE IN $(cat /defaults.yml | grep 'ghcr.io/vexxhost' | cut -d' ' -f4 | sort | uniq)
134 BUILD +scan-image --IMAGE ${IMAGE}
135 # DO +SCAN_IMAGE --IMAGE ${IMAGE}
136 END
137
Mohammed Naser8613c862023-04-24 17:26:51 -0400[diff] [blame]138pin-images:
Mohammed Naser1de55192023-04-28 17:13:35 -0400[diff] [blame]139 FROM +build.venv.dev
ricolinb8ab0172023-06-01 15:41:02 +0800[diff] [blame]140 COPY roles/defaults/vars/main.yml /defaults.yml
Mohammed Naser8613c862023-04-24 17:26:51 -0400[diff] [blame]141 COPY build/pin-images.py /usr/local/bin/pin-images
Mohammed Naserc6392302024-01-04 00:43:02 -0500[diff] [blame]142 RUN --no-cache /usr/local/bin/pin-images /defaults.yml /pinned.yml
ricolinb8ab0172023-06-01 15:41:02 +0800[diff] [blame]143 SAVE ARTIFACT /pinned.yml AS LOCAL roles/defaults/vars/main.yml
Mohammed Naserd03bba32023-04-25 12:54:58 +0000[diff] [blame]144
145gh:
146 FROM alpine:3
147 RUN apk add --no-cache github-cli
148
149trigger-image-sync:
150 FROM +gh
151 ARG --required project
152 RUN --secret GITHUB_TOKEN gh workflow run --repo vexxhost/docker-openstack-${project} sync.yml
Mohammed Naser0c428872023-09-21 12:59:20 +0000[diff] [blame]153
154image-sync:
155 FROM golang:1.19
156 ARG --required project
157 WORKDIR /src
158 COPY . /src
159 RUN --secret GITHUB_TOKEN go run ./cmd/atmosphere-ci image repo sync ${project}
Mohammed Naser7f3eb562024-01-23 16:49:57 -0500[diff] [blame]160
161mkdocs-image:
162 FROM ghcr.io/squidfunk/mkdocs-material:9.5.4
163 RUN pip install \
164 mkdocs-literate-nav
165 SAVE IMAGE mkdocs
166
167mkdocs-serve:
168 LOCALLY
169 WITH DOCKER --load=+mkdocs-image
170 RUN docker run --rm -p 8000:8000 -v ${PWD}:/docs mkdocs
171 END
172
173mkdocs-build:
174 FROM +mkdocs-image
175 COPY . /docs
176 RUN mkdocs build
177 RUN --push --secret GITHUB_TOKEN git remote set-url origin https://x-access-token:${GITHUB_TOKEN}@github.com/vexxhost/magnum-cluster-api.git
178 RUN --push mkdocs gh-deploy --force