Blame - Earthfile - atmosphere

blob: 2b6d89a5d9b78068d66760a9179132851ebd3aab [file] [log] [blame]

Mohammed Naser	1de5519	2023-04-28 17:13:35 -0400	[diff] [blame]	1	VERSION --use-copy-link 0.7
Mohammed Naser	8613c86	2023-04-24 17:26:51 -0400	[diff] [blame]	2
Mohammed Naser	168acc3	2024-01-09 17:15:26 -0500	[diff] [blame]	3	go.build:
				4	FROM golang:1.21
				5	WORKDIR /src
				6	ARG GOOS=linux
				7	ARG GOARCH=amd64
				8	ARG VARIANT
				9	COPY --dir go.mod go.sum ./
				10	RUN go mod download
				11
				12	libvirt-tls-sidecar.build:
				13	FROM +go.build
				14	ARG GOOS=linux
				15	ARG GOARCH=amd64
				16	ARG VARIANT
				17	COPY --dir cmd internal ./
				18	RUN GOARM=${VARIANT#"v"} go build -o main cmd/libvirt-tls-sidecar/main.go
				19	SAVE ARTIFACT ./main
				20
				21	libvirt-tls-sidecar.platform-image:
				22	ARG TARGETPLATFORM
				23	ARG TARGETARCH
				24	ARG TARGETVARIANT
				25	FROM --platform=$TARGETPLATFORM ./images/base+image
				26	COPY \
				27	--platform=linux/amd64 \
				28	(+libvirt-tls-sidecar.build/main --GOARCH=$TARGETARCH --VARIANT=$TARGETVARIANT) /usr/bin/libvirt-tls-sidecar
				29	ENTRYPOINT ["/usr/bin/libvirt-tls-sidecar"]
Mohammed Naser	168acc3	2024-01-09 17:15:26 -0500	[diff] [blame]	30	SAVE IMAGE --push ghcr.io/vexxhost/atmosphere/libvirt-tls-sidecar:latest
				31
				32	libvirt-tls-sidecar.image:
				33	BUILD --platform=linux/amd64 --platform=linux/arm64 +libvirt-tls-sidecar.platform-image
				34
Mohammed Naser	1de5519	2023-04-28 17:13:35 -0400	[diff] [blame]	35	build.wheels:
Mohammed Naser	7060df8	2023-12-29 15:12:17 -0500	[diff] [blame]	36	FROM ./images/builder+image
Mohammed Naser	8613c86	2023-04-24 17:26:51 -0400	[diff] [blame]	37	COPY pyproject.toml poetry.lock ./
Mohammed Naser	1de5519	2023-04-28 17:13:35 -0400	[diff] [blame]	38	ARG --required only
				39	RUN poetry export --only=${only} -f requirements.txt --without-hashes > requirements.txt
Mohammed Naser	8613c86	2023-04-24 17:26:51 -0400	[diff] [blame]	40	RUN pip wheel -r requirements.txt --wheel-dir=/wheels
				41	SAVE ARTIFACT requirements.txt
				42	SAVE ARTIFACT /wheels
Mohammed Naser	1de5519	2023-04-28 17:13:35 -0400	[diff] [blame]	43	SAVE IMAGE --cache-hint
Mohammed Naser	8613c86	2023-04-24 17:26:51 -0400	[diff] [blame]	44
Mohammed Naser	1de5519	2023-04-28 17:13:35 -0400	[diff] [blame]	45	build.venv:
				46	ARG --required only
				47	FROM +build.wheels --only ${only}
Mohammed Naser	8613c86	2023-04-24 17:26:51 -0400	[diff] [blame]	48	RUN python3 -m venv /venv
				49	ENV PATH=/venv/bin:$PATH
				50	RUN pip install -r requirements.txt
Mohammed Naser	1de5519	2023-04-28 17:13:35 -0400	[diff] [blame]	51	SAVE IMAGE --cache-hint
				52
				53	build.venv.dev:
				54	FROM +build.venv --only main,dev
Mohammed Naser	8613c86	2023-04-24 17:26:51 -0400	[diff] [blame]	55	SAVE ARTIFACT /venv
				56
Mohammed Naser	1de5519	2023-04-28 17:13:35 -0400	[diff] [blame]	57	build.venv.runtime:
				58	FROM +build.venv --only main
				59	SAVE ARTIFACT /venv
				60
				61	build.collections:
				62	FROM +build.venv.runtime
				63	COPY charts /src/charts
				64	COPY meta /src/meta
				65	COPY playbooks /src/playbooks
				66	COPY plugins /src/plugins
				67	COPY roles /src/roles
				68	COPY galaxy.yml /src/galaxy.yml
				69	RUN ansible-galaxy collection install --collections-path /usr/share/ansible/collections /src
				70	SAVE ARTIFACT /usr/share/ansible/collections
				71	SAVE IMAGE --cache-hint
				72
				73	image:
Michiel Piscaer	b19c1cf	2024-01-08 22:09:04 +0100	[diff] [blame]	74	ARG RELEASE=2023.1
				75	FROM ./images/cloud-archive-base+image --RELEASE ${RELEASE}
Mohammed Naser	1de5519	2023-04-28 17:13:35 -0400	[diff] [blame]	76	ENV ANSIBLE_PIPELINING=True
Mohammed Naser	aa48ddb	2023-12-30 00:11:22 -0500	[diff] [blame]	77	DO ./images+APT_INSTALL --PACKAGES "rsync openssh-client"
Mohammed Naser	e720d78	2023-07-10 15:57:21 -0400	[diff] [blame]	78	COPY +build.venv.runtime/venv /venv
				79	ENV PATH=/venv/bin:$PATH
				80	COPY +build.collections/ /usr/share/ansible
Mohammed Naser	1de5519	2023-04-28 17:13:35 -0400	[diff] [blame]	81	ARG tag=latest
Mohammed Naser	ccc70cc	2023-04-28 22:20:34 +0000	[diff] [blame]	82	SAVE IMAGE --push ghcr.io/vexxhost/atmosphere:${tag}
Mohammed Naser	8613c86	2023-04-24 17:26:51 -0400	[diff] [blame]	83
Mohammed Naser	7060df8	2023-12-29 15:12:17 -0500	[diff] [blame]	84	images:
Mohammed Naser	7a848bc	2024-01-22 21:58:11 -0500	[diff] [blame^]	85	BUILD +libvirt-tls-sidecar.image
Mohammed Naser	05726e7	2024-01-02 14:55:33 -0500	[diff] [blame]	86	BUILD ./images/barbican+image
Mohammed Naser	9b9b3e2	2024-01-02 15:17:43 -0500	[diff] [blame]	87	BUILD ./images/cinder+image
Mohammed Naser	7060df8	2023-12-29 15:12:17 -0500	[diff] [blame]	88	BUILD ./images/cluster-api-provider-openstack+image
Mohammed Naser	6a31b34	2024-01-02 15:26:44 -0500	[diff] [blame]	89	BUILD ./images/designate+image
Mohammed Naser	05726e7	2024-01-02 14:55:33 -0500	[diff] [blame]	90	BUILD ./images/glance+image
				91	BUILD ./images/heat+image
Mohammed Naser	c639230	2024-01-04 00:43:02 -0500	[diff] [blame]	92	BUILD ./images/horizon+image
				93	BUILD ./images/ironic+image
				94	BUILD ./images/keystone+image
Mohammed Naser	a386867	2024-01-20 13:54:40 -0500	[diff] [blame]	95	BUILD ./images/kubernetes-entrypoint+image
Mohammed Naser	19d6312	2024-01-08 17:10:05 -0500	[diff] [blame]	96	BUILD ./images/libvirtd+image
Mohammed Naser	c639230	2024-01-04 00:43:02 -0500	[diff] [blame]	97	BUILD ./images/magnum+image
				98	BUILD ./images/manila+image
Mohammed Naser	7a848bc	2024-01-22 21:58:11 -0500	[diff] [blame^]	99	BUILD ./images/netoffload+image
Mohammed Naser	c639230	2024-01-04 00:43:02 -0500	[diff] [blame]	100	BUILD ./images/neutron+image
Mohammed Naser	a386867	2024-01-20 13:54:40 -0500	[diff] [blame]	101	BUILD ./images/nova-ssh+image
Mohammed Naser	7a848bc	2024-01-22 21:58:11 -0500	[diff] [blame^]	102	BUILD ./images/nova+image
Mohammed Naser	05726e7	2024-01-02 14:55:33 -0500	[diff] [blame]	103	BUILD ./images/octavia+image
Mohammed Naser	19d6312	2024-01-08 17:10:05 -0500	[diff] [blame]	104	BUILD ./images/openvswitch+image
				105	BUILD ./images/ovn+images
Mohammed Naser	05726e7	2024-01-02 14:55:33 -0500	[diff] [blame]	106	BUILD ./images/placement+image
Mohammed Naser	a730177	2024-01-02 15:02:39 -0500	[diff] [blame]	107	BUILD ./images/senlin+image
Mohammed Naser	7a848bc	2024-01-22 21:58:11 -0500	[diff] [blame^]	108	BUILD ./images/staffln+image
Mohammed Naser	19d6312	2024-01-08 17:10:05 -0500	[diff] [blame]	109	BUILD ./images/tempest+image
Mohammed Naser	7060df8	2023-12-29 15:12:17 -0500	[diff] [blame]	110
Mohammed Naser	7a848bc	2024-01-22 21:58:11 -0500	[diff] [blame^]	111	SCAN_IMAGE:
				112	COMMAND
				113	ARG --required IMAGE
				114	# TODO(mnaser): Include secret scanning when it's more reliable.
				115	RUN \
				116	trivy image \
				117	--skip-db-update \
				118	--skip-java-db-update \
				119	--scanners vuln \
				120	--exit-code 1 \
				121	--ignore-unfixed \
				122	${IMAGE}
				123
				124	scan-image:
				125	FROM ./images/trivy+image
				126	ARG --required IMAGE
				127	DO +SCAN_IMAGE --IMAGE ${IMAGE}
				128
				129	scan-images:
				130	FROM ./images/trivy+image
				131	COPY roles/defaults/vars/main.yml /defaults.yml
				132	# TODO(mnaser): Scan all images eventually
				133	FOR IMAGE IN $(cat /defaults.yml \| grep 'ghcr.io/vexxhost' \| cut -d' ' -f4 \| sort \| uniq)
				134	BUILD +scan-image --IMAGE ${IMAGE}
				135	# DO +SCAN_IMAGE --IMAGE ${IMAGE}
				136	END
				137
Mohammed Naser	8613c86	2023-04-24 17:26:51 -0400	[diff] [blame]	138	pin-images:
Mohammed Naser	1de5519	2023-04-28 17:13:35 -0400	[diff] [blame]	139	FROM +build.venv.dev
ricolin	b8ab017	2023-06-01 15:41:02 +0800	[diff] [blame]	140	COPY roles/defaults/vars/main.yml /defaults.yml
Mohammed Naser	8613c86	2023-04-24 17:26:51 -0400	[diff] [blame]	141	COPY build/pin-images.py /usr/local/bin/pin-images
Mohammed Naser	c639230	2024-01-04 00:43:02 -0500	[diff] [blame]	142	RUN --no-cache /usr/local/bin/pin-images /defaults.yml /pinned.yml
ricolin	b8ab017	2023-06-01 15:41:02 +0800	[diff] [blame]	143	SAVE ARTIFACT /pinned.yml AS LOCAL roles/defaults/vars/main.yml
Mohammed Naser	d03bba3	2023-04-25 12:54:58 +0000	[diff] [blame]	144
				145	gh:
				146	FROM alpine:3
				147	RUN apk add --no-cache github-cli
				148
				149	trigger-image-sync:
				150	FROM +gh
				151	ARG --required project
				152	RUN --secret GITHUB_TOKEN gh workflow run --repo vexxhost/docker-openstack-${project} sync.yml
Mohammed Naser	0c42887	2023-09-21 12:59:20 +0000	[diff] [blame]	153
				154	image-sync:
				155	FROM golang:1.19
				156	ARG --required project
				157	WORKDIR /src
				158	COPY . /src
				159	RUN --secret GITHUB_TOKEN go run ./cmd/atmosphere-ci image repo sync ${project}