Gitiles
Code Review Sign In
review.vexxhost.dev / atmosphere / 8b9822b961947456d4d2266d235192921bf244da / . / Earthfile
blob: 2b145a4bd851ea6f241c92eaaa5ab5c0cf828695 [file] [log] [blame]
Mohammed Naser12207172024-02-05 18:49:35 -0500[diff] [blame]1VERSION --use-copy-link --try 0.8
2
Mohammed Naser12207172024-02-05 18:49:35 -0500[diff] [blame]3lint:
4 BUILD +lint.ansible-lint
5 BUILD +lint.markdownlint
Mohammed Naser12207172024-02-05 18:49:35 -0500[diff] [blame]6
Mohammed Naser12207172024-02-05 18:49:35 -0500[diff] [blame]7lint.markdownlint:
8 FROM davidanson/markdownlint-cli2
9 COPY --dir docs/ .markdownlint.yaml .markdownlint-cli2.jsonc /src
10 WORKDIR /src
11 TRY
12 RUN markdownlint-cli2 **
13 FINALLY
14 SAVE ARTIFACT /src/junit.xml AS LOCAL junit.xml
15 END
16
17lint.ansible-lint:
18 FROM registry.gitlab.com/pipeline-components/ansible-lint:latest
19 COPY --dir meta/ molecule/ playbooks/ plugins/ roles/ tests/ .ansible-lint CHANGELOG.md galaxy.yml /code
20 TRY
21 RUN ansible-lint -v --show-relpath -f pep8 --nocolor | ansible-lint-junit -o ansible-lint.xml
22 FINALLY
23 SAVE ARTIFACT ansible-lint.xml AS LOCAL ansible-lint.xml
24 END
25
Mohammed Naser12207172024-02-05 18:49:35 -0500[diff] [blame]26unit.go:
27 FROM golang:1.21
28 RUN go install github.com/jstemmer/go-junit-report/v2@latest
29 COPY --dir go.mod go.sum /src
30 WORKDIR /src
31 RUN go mod download
32 COPY --dir charts/ cmd/ internal/ roles/ tools/ /src
33 TRY
34 RUN go test -v 2>&1 ./... | go-junit-report -set-exit-code > junit-go.xml
35 FINALLY
36 SAVE ARTIFACT /src/junit-go.xml AS LOCAL junit-go.xml
37 END
38
39build.collection:
40 FROM registry.gitlab.com/pipeline-components/ansible-lint:latest
41 COPY . /src
42 RUN ansible-galaxy collection build /src
43 SAVE ARTIFACT /code/*.tar.gz AS LOCAL dist/
Mohammed Naser8613c862023-04-24 17:26:51 -0400[diff] [blame]44
Mohammed Naser168acc32024-01-09 17:15:26 -0500[diff] [blame]45go.build:
46 FROM golang:1.21
47 WORKDIR /src
48 ARG GOOS=linux
49 ARG GOARCH=amd64
50 ARG VARIANT
51 COPY --dir go.mod go.sum ./
52 RUN go mod download
53
54libvirt-tls-sidecar.build:
55 FROM +go.build
56 ARG GOOS=linux
57 ARG GOARCH=amd64
58 ARG VARIANT
59 COPY --dir cmd internal ./
60 RUN GOARM=${VARIANT#"v"} go build -o main cmd/libvirt-tls-sidecar/main.go
61 SAVE ARTIFACT ./main
62
63libvirt-tls-sidecar.platform-image:
64 ARG TARGETPLATFORM
65 ARG TARGETARCH
66 ARG TARGETVARIANT
67 FROM --platform=$TARGETPLATFORM ./images/base+image
68 COPY \
69 --platform=linux/amd64 \
70 (+libvirt-tls-sidecar.build/main --GOARCH=$TARGETARCH --VARIANT=$TARGETVARIANT) /usr/bin/libvirt-tls-sidecar
71 ENTRYPOINT ["/usr/bin/libvirt-tls-sidecar"]
Mohammed Naser1dfea6b2024-02-09 01:04:26 -0500[diff] [blame]72 ARG REGISTRY=ghcr.io/vexxhost/atmosphere
Mohammed Naser12207172024-02-05 18:49:35 -0500[diff] [blame]73 SAVE IMAGE --push ${REGISTRY}/libvirt-tls-sidecar:latest
Mohammed Naser168acc32024-01-09 17:15:26 -0500[diff] [blame]74
75libvirt-tls-sidecar.image:
76 BUILD --platform=linux/amd64 --platform=linux/arm64 +libvirt-tls-sidecar.platform-image
77
Mohammed Naser1de55192023-04-28 17:13:35 -0400[diff] [blame]78build.wheels:
Mohammed Naser7060df82023-12-29 15:12:17 -0500[diff] [blame]79 FROM ./images/builder+image
Mohammed Naser8613c862023-04-24 17:26:51 -0400[diff] [blame]80 COPY pyproject.toml poetry.lock ./
Mohammed Naser1de55192023-04-28 17:13:35 -0400[diff] [blame]81 ARG --required only
82 RUN poetry export --only=${only} -f requirements.txt --without-hashes > requirements.txt
Mohammed Naser8613c862023-04-24 17:26:51 -0400[diff] [blame]83 RUN pip wheel -r requirements.txt --wheel-dir=/wheels
84 SAVE ARTIFACT requirements.txt
85 SAVE ARTIFACT /wheels
Mohammed Naser1de55192023-04-28 17:13:35 -0400[diff] [blame]86 SAVE IMAGE --cache-hint
Mohammed Naser8613c862023-04-24 17:26:51 -0400[diff] [blame]87
Mohammed Naser1de55192023-04-28 17:13:35 -0400[diff] [blame]88build.venv:
89 ARG --required only
90 FROM +build.wheels --only ${only}
Mohammed Naser8613c862023-04-24 17:26:51 -0400[diff] [blame]91 RUN python3 -m venv /venv
92 ENV PATH=/venv/bin:$PATH
93 RUN pip install -r requirements.txt
Mohammed Naser1de55192023-04-28 17:13:35 -0400[diff] [blame]94 SAVE IMAGE --cache-hint
95
96build.venv.dev:
97 FROM +build.venv --only main,dev
Mohammed Naser8613c862023-04-24 17:26:51 -0400[diff] [blame]98 SAVE ARTIFACT /venv
99
Mohammed Naser1de55192023-04-28 17:13:35 -0400[diff] [blame]100build.venv.runtime:
101 FROM +build.venv --only main
102 SAVE ARTIFACT /venv
103
104build.collections:
105 FROM +build.venv.runtime
106 COPY charts /src/charts
107 COPY meta /src/meta
108 COPY playbooks /src/playbooks
109 COPY plugins /src/plugins
110 COPY roles /src/roles
111 COPY galaxy.yml /src/galaxy.yml
112 RUN ansible-galaxy collection install --collections-path /usr/share/ansible/collections /src
113 SAVE ARTIFACT /usr/share/ansible/collections
114 SAVE IMAGE --cache-hint
115
116image:
Michiel Piscaerb19c1cf2024-01-08 22:09:04 +0100[diff] [blame]117 ARG RELEASE=2023.1
118 FROM ./images/cloud-archive-base+image --RELEASE ${RELEASE}
Mohammed Naser1de55192023-04-28 17:13:35 -0400[diff] [blame]119 ENV ANSIBLE_PIPELINING=True
Mohammed Naseraa48ddb2023-12-30 00:11:22 -0500[diff] [blame]120 DO ./images+APT_INSTALL --PACKAGES "rsync openssh-client"
Mohammed Nasere720d782023-07-10 15:57:21 -0400[diff] [blame]121 COPY +build.venv.runtime/venv /venv
122 ENV PATH=/venv/bin:$PATH
123 COPY +build.collections/ /usr/share/ansible
Mohammed Naser1de55192023-04-28 17:13:35 -0400[diff] [blame]124 ARG tag=latest
Mohammed Naser1dfea6b2024-02-09 01:04:26 -0500[diff] [blame]125 ARG REGISTRY=ghcr.io/vexxhost/atmosphere
Mohammed Naser12207172024-02-05 18:49:35 -0500[diff] [blame]126 SAVE IMAGE --push ${REGISTRY}:${tag}
Mohammed Naser8613c862023-04-24 17:26:51 -0400[diff] [blame]127
Mohammed Naser7060df82023-12-29 15:12:17 -0500[diff] [blame]128images:
Mohammed Naser1dfea6b2024-02-09 01:04:26 -0500[diff] [blame]129 ARG REGISTRY=ghcr.io/vexxhost/atmosphere
Mohammed Naser12207172024-02-05 18:49:35 -0500[diff] [blame]130 BUILD +libvirt-tls-sidecar.image --REGISTRY=${REGISTRY}
131 BUILD ./images/barbican+image --REGISTRY=${REGISTRY}
132 BUILD ./images/cinder+image --REGISTRY=${REGISTRY}
133 BUILD ./images/cluster-api-provider-openstack+image --REGISTRY=${REGISTRY}
134 BUILD ./images/designate+image --REGISTRY=${REGISTRY}
135 BUILD ./images/glance+image --REGISTRY=${REGISTRY}
136 BUILD ./images/heat+image --REGISTRY=${REGISTRY}
137 BUILD ./images/horizon+image --REGISTRY=${REGISTRY}
138 BUILD ./images/ironic+image --REGISTRY=${REGISTRY}
139 BUILD ./images/keystone+image --REGISTRY=${REGISTRY}
140 BUILD ./images/kubernetes-entrypoint+image --REGISTRY=${REGISTRY}
141 BUILD ./images/libvirtd+image --REGISTRY=${REGISTRY}
142 BUILD ./images/magnum+image --REGISTRY=${REGISTRY}
143 BUILD ./images/manila+image --REGISTRY=${REGISTRY}
144 BUILD ./images/netoffload+image --REGISTRY=${REGISTRY}
145 BUILD ./images/neutron+image --REGISTRY=${REGISTRY}
146 BUILD ./images/nova-ssh+image --REGISTRY=${REGISTRY}
147 BUILD ./images/nova+image --REGISTRY=${REGISTRY}
148 BUILD ./images/octavia+image --REGISTRY=${REGISTRY}
149 BUILD ./images/openvswitch+image --REGISTRY=${REGISTRY}
150 BUILD ./images/ovn+images --REGISTRY=${REGISTRY}
151 BUILD ./images/placement+image --REGISTRY=${REGISTRY}
152 BUILD ./images/senlin+image --REGISTRY=${REGISTRY}
153 BUILD ./images/staffeln+image --REGISTRY=${REGISTRY}
154 BUILD ./images/tempest+image --REGISTRY=${REGISTRY}
Mohammed Naser7060df82023-12-29 15:12:17 -0500[diff] [blame]155
Mohammed Naser7a848bc2024-01-22 21:58:11 -0500[diff] [blame]156SCAN_IMAGE:
Mohammed Naser12207172024-02-05 18:49:35 -0500[diff] [blame]157 FUNCTION
Mohammed Naser7a848bc2024-01-22 21:58:11 -0500[diff] [blame]158 ARG --required IMAGE
159 # TODO(mnaser): Include secret scanning when it's more reliable.
160 RUN \
161 trivy image \
162 --skip-db-update \
163 --skip-java-db-update \
164 --scanners vuln \
165 --exit-code 1 \
166 --ignore-unfixed \
167 ${IMAGE}
168
169scan-image:
170 FROM ./images/trivy+image
171 ARG --required IMAGE
172 DO +SCAN_IMAGE --IMAGE ${IMAGE}
173
174scan-images:
175 FROM ./images/trivy+image
176 COPY roles/defaults/vars/main.yml /defaults.yml
177 # TODO(mnaser): Scan all images eventually
Mohammed Naser12207172024-02-05 18:49:35 -0500[diff] [blame]178 FOR IMAGE IN $(cat /defaults.yml | egrep -E 'ghcr.io/vexxhost|registry.atmosphere.dev' | cut -d' ' -f4 | sort | uniq)
Mohammed Naser7a848bc2024-01-22 21:58:11 -0500[diff] [blame]179 BUILD +scan-image --IMAGE ${IMAGE}
Mohammed Naser7a848bc2024-01-22 21:58:11 -0500[diff] [blame]180 END
181
Mohammed Naser8613c862023-04-24 17:26:51 -0400[diff] [blame]182pin-images:
Mohammed Naser1de55192023-04-28 17:13:35 -0400[diff] [blame]183 FROM +build.venv.dev
ricolinb8ab0172023-06-01 15:41:02 +0800[diff] [blame]184 COPY roles/defaults/vars/main.yml /defaults.yml
Mohammed Naser8613c862023-04-24 17:26:51 -0400[diff] [blame]185 COPY build/pin-images.py /usr/local/bin/pin-images
Mohammed Naser1dfea6b2024-02-09 01:04:26 -0500[diff] [blame]186 ARG REGISTRY=ghcr.io/vexxhost/atmosphere
Mohammed Naser12207172024-02-05 18:49:35 -0500[diff] [blame]187 RUN --no-cache /usr/local/bin/pin-images --registry ${REGISTRY} /defaults.yml /pinned.yml
ricolinb8ab0172023-06-01 15:41:02 +0800[diff] [blame]188 SAVE ARTIFACT /pinned.yml AS LOCAL roles/defaults/vars/main.yml
Mohammed Naserd03bba32023-04-25 12:54:58 +0000[diff] [blame]189
190gh:
191 FROM alpine:3
192 RUN apk add --no-cache github-cli
193
194trigger-image-sync:
195 FROM +gh
196 ARG --required project
197 RUN --secret GITHUB_TOKEN gh workflow run --repo vexxhost/docker-openstack-${project} sync.yml
Mohammed Naser0c428872023-09-21 12:59:20 +0000[diff] [blame]198
199image-sync:
200 FROM golang:1.19
201 ARG --required project
202 WORKDIR /src
203 COPY . /src
204 RUN --secret GITHUB_TOKEN go run ./cmd/atmosphere-ci image repo sync ${project}
Mohammed Naser7f3eb562024-01-23 16:49:57 -0500[diff] [blame]205
206mkdocs-image:
207 FROM ghcr.io/squidfunk/mkdocs-material:9.5.4
208 RUN pip install \
209 mkdocs-literate-nav
210 SAVE IMAGE mkdocs
211
212mkdocs-serve:
213 LOCALLY
214 WITH DOCKER --load=+mkdocs-image
215 RUN docker run --rm -p 8000:8000 -v ${PWD}:/docs mkdocs
216 END
217
218mkdocs-build:
219 FROM +mkdocs-image
220 COPY . /docs
221 RUN mkdocs build
Mohammed Naser39953522024-01-23 16:53:31 -0500[diff] [blame]222 RUN --push --secret GITHUB_TOKEN git remote set-url origin https://x-access-token:${GITHUB_TOKEN}@github.com/vexxhost/atmosphere.git
Mohammed Naser7f3eb562024-01-23 16:49:57 -0500[diff] [blame]223 RUN --push mkdocs gh-deploy --force