From 4e365b1c92a8deb54ea622625bbb6c80a587cb27 Mon Sep 17 00:00:00 2001 From: cnouguier Date: Wed, 17 Apr 2024 22:43:34 +0200 Subject: [PATCH] wip; Refactor CI to use GitHub actions and generic bash scripts #4 --- .github/workflows/main.yaml | 23 +++++++++++ .gitmodules | 3 ++ .travis.yml | 35 ----------------- scripts/build.sh | 78 +++++++++++++++++++++++++++++++++++++ scripts/init_runner.sh | 23 +++++++++++ scripts/kash | 1 + scripts/setup_workspace.sh | 54 +++++++++++++++++++++++++ 7 files changed, 182 insertions(+), 35 deletions(-) create mode 100644 .github/workflows/main.yaml create mode 100644 .gitmodules delete mode 100644 .travis.yml create mode 100755 scripts/build.sh create mode 100755 scripts/init_runner.sh create mode 160000 scripts/kash create mode 100755 scripts/setup_workspace.sh diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml new file mode 100644 index 0000000..ba7bbc1 --- /dev/null +++ b/.github/workflows/main.yaml @@ -0,0 +1,23 @@ +name: ci +on: [ push, workflow_dispatch ] + +jobs: + build: + name: Build + if: ${{ !contains(github.event.head_commit.message, 'skip build') }} + runs-on: ubuntu-22.04 + steps: + - name: Checkout repo + uses: actions/checkout@v4 + with: + submodules: true + - name: Init runner + run: bash ./scripts/init_runner.sh ${{ github.job }} + - name: Setup workspace + env: + GITHUB_DEVELOPMENT_PAT: ${{ secrets.GH_DEVELOPMENT_PAT }} + run: bash ./scripts/setup_workspace.sh + - name: Build job + env: + SOPS_AGE_KEY: ${{ secrets.SOPS_AGE_KEY }} + run: bash ./scripts/build.sh -p -r ${{ github.job }} diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 0000000..f78f6c2 --- /dev/null +++ b/.gitmodules @@ -0,0 +1,3 @@ +[submodule "scripts/kash"] + path = scripts/kash + url = https://github.com/kalisio/kash diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 90438af..0000000 --- a/.travis.yml +++ /dev/null @@ -1,35 +0,0 @@ -language: node_js -node_js: - - '16' -services: - - docker - -notifications: - email: false - slack: - rooms: - - secure: UWogAh6p3Au6dF1jKwAUOdzoGgVYC3NUXka2qaeCPHzh5i0He0vgKPHhAZaAzT5oYvylYJ2VycA9qW2oRG9DaFkazH2T7terpC6jde/UZkP9oA8yhyy2jMdmJvJbx1YJdqIYaqf7kIQeVrt09kHH6S5ebVNcpLqfbXIYSgulLSPLyG2Mu0TcXjxdlHxJxkLJIfHoMzLBhQcmbVWk7xcLKaCyMDmxaDxiOTfYRuKWZUQygkhlp6hu6CUK0GrdGB0RhEu9byRZ8KbgyA6Tvrfem8PRcQCjnl9MobH3nd1GeDWRl703qVGUFe31HlaStLUrz9EoCWOicIfWd/0rrfkLXn3TeWgcruMU9Qm//q0CBzB//onOOE2mXV/h5JjjwdlNRVKlvruhyKzgV8qkxspxW7dJSXcPfOr3mhZqQ+YuYxk81dKUUm2xrIo2s/Wwq6h+fuGxOSEXnc6ECQA1ceuMlkwoH6RoUwpL9qFVPsij9KewJUiTURVpDJ47qq9/MI86Krhd44Y1H4HFsrKLYFK8eJqKdGA80LMej1x0RYD8Ga/rxaSP33pbkLu62cL6ySAvtyIlZFTfBX7SktHhirwZtSHuG0eaDyzyDQFGWM53NJtIpK+vWd9B/tJarqhIDcpRytUXi1WX7OAd6vuag8QhMCtLeWoOsqnyUFLbIEQX9MQ= - on_success: always - on_failure: always - -before_script: - - docker login -u="$DOCKER_USER" -p="$DOCKER_PASSWORD" - -script: - - | - REPO_SLUG="$TRAVIS_REPO_SLUG" - IMAGE_NAME=${REPO_SLUG,,} # to lowercase - if [[ -z "$TRAVIS_TAG" ]]; then - IMAGE_TAG=latest - KRAWLER_TAG=latest - else - IMAGE_TAG=$(node -p -e "require('./package.json').version") - KRAWLER_TAG=$(node -p -e "require('./package.json').peerDependencies['@kalisio/krawler']") - fi - docker build --build-arg KRAWLER_TAG=$KRAWLER_TAG -f dockerfile -t $IMAGE_NAME:$IMAGE_TAG . - -deploy: - provider: script - script: docker push $IMAGE_NAME:$IMAGE_TAG - on: - all_branches: true \ No newline at end of file diff --git a/scripts/build.sh b/scripts/build.sh new file mode 100755 index 0000000..28324a8 --- /dev/null +++ b/scripts/build.sh @@ -0,0 +1,78 @@ +#!/usr/bin/env bash +set -euo pipefail +# set -x + +THIS_FILE=$(readlink -f "${BASH_SOURCE[0]}") +THIS_DIR=$(dirname "$THIS_FILE") +ROOT_DIR=$(dirname "$THIS_DIR") + +. "$THIS_DIR/kash/kash.sh" + +## Parse options +## + +PUBLISH=false +CI_STEP_NAME="Build" +while getopts "pr:" option; do + case $option in + p) # publish + PUBLISH=true + ;; + r) # report outcome to slack + CI_STEP_NAME=$OPTARG + trap 'slack_ci_report "$ROOT_DIR" "$CI_STEP_NAME" "$?" "$SLACK_WEBHOOK_JOBS"' EXIT + ;; + *) + ;; + esac +done + +## Init workspace +## + +WORKSPACE_DIR="$(dirname "$ROOT_DIR")" +init_job_infos "$ROOT_DIR" + +JOB=$(get_job_name) +VERSION=$(get_job_version) +KRAWLER_VERSION=$(get_job_krawler_version) +GIT_TAG=$(get_job_tag) + +if [[ -z "$GIT_TAG" ]]; then + echo "About to build ${JOB} development version based on krawler development version..." +else + echo "About to build ${JOB} v${VERSION} based on krawler ${KRAWLER_VERSION}..." +fi + +load_env_files "$WORKSPACE_DIR/development/common/kalisio_dockerhub.enc.env" "$WORKSPACE_DIR/development/common/SLACK_WEBHOOK_JOBS.enc.env" +load_value_files "$WORKSPACE_DIR/development/common/KALISIO_DOCKERHUB_PASSWORD.enc.value" + +## Build container +## + +# Remove trailing @ in module name +IMAGE_NAME="kalisio/$JOB" +if [[ -z "$GIT_TAG" ]]; then + IMAGE_TAG=latest + KRAWLER_TAG=latest +else + IMAGE_TAG=$VERSION + KRAWLER_TAG=$KRAWLER_VERSION +fi + +begin_group "Building container ..." + +docker login --username "$KALISIO_DOCKERHUB_USERNAME" --password-stdin < "$KALISIO_DOCKERHUB_PASSWORD" +# DOCKER_BUILDKIT is here to be able to use Dockerfile specific dockerginore (job.Dockerfile.dockerignore) +DOCKER_BUILDKIT=1 docker build -f dockerfile \ + --build-arg KRAWLER_TAG=$KRAWLER_TAG \ + -t "$IMAGE_NAME:$IMAGE_TAG" \ + "$WORKSPACE_DIR/$JOB" + +if [ "$PUBLISH" = true ]; then + docker push "$IMAGE_NAME:$IMAGE_TAG" +fi + +docker logout + +end_group "Building container ..." diff --git a/scripts/init_runner.sh b/scripts/init_runner.sh new file mode 100755 index 0000000..79e543e --- /dev/null +++ b/scripts/init_runner.sh @@ -0,0 +1,23 @@ +#!/usr/bin/env bash +set -euo pipefail +# set -x + +JOB_ID=$1 + +THIS_FILE=$(readlink -f "${BASH_SOURCE[0]}") +THIS_DIR=$(dirname "$THIS_FILE") +# ROOT_DIR=$(dirname "$THIS_DIR") + +. "$THIS_DIR/kash/kash.sh" + +### Github Actions + +init_github_build() { + install_reqs age sops nvm node16 +} + +begin_group "Init $CI_ID for $JOB_ID" + +init_"${CI_ID}_${JOB_ID}" + +end_group "Init $CI_ID for $JOB_ID" diff --git a/scripts/kash b/scripts/kash new file mode 160000 index 0000000..f387bad --- /dev/null +++ b/scripts/kash @@ -0,0 +1 @@ +Subproject commit f387bade72f40b3901caf82005060edd5856e766 diff --git a/scripts/setup_workspace.sh b/scripts/setup_workspace.sh new file mode 100755 index 0000000..3e49319 --- /dev/null +++ b/scripts/setup_workspace.sh @@ -0,0 +1,54 @@ +#!/usr/bin/env bash +set -euo pipefail +# set -x + +THIS_FILE=$(readlink -f "${BASH_SOURCE[0]}") +THIS_DIR=$(dirname "$THIS_FILE") +ROOT_DIR=$(dirname "$THIS_DIR") + +. "$THIS_DIR/kash/kash.sh" + +## Parse options +## + +WORKSPACE_BRANCH= +WORKSPACE_TAG= + +begin_group "Setting up workspace ..." + +if [ "$CI" = true ]; then + WORKSPACE_DIR="$(dirname "$ROOT_DIR")" + DEVELOPMENT_REPO_URL="https://$GITHUB_DEVELOPMENT_PAT@github.com/kalisio/development.git" +else + while getopts "b:t" option; do + case $option in + b) # defines branch + WORKSPACE_BRANCH=$OPTARG;; + t) # defines tag + WORKSPACE_TAG=$OPTARG;; + *) + ;; + esac + done + shift $((OPTIND-1)) + WORKSPACE_DIR="$1" + + # NOTE: cloning krawler could be avoided if we could parse app_version from tag/branch name instead + # In this case, the kli would clone krawler + GIT_OPS="--recurse-submodules" + if [ -n "$WORKSPACE_TAG" ] || [ -n "$WORKSPACE_BRANCH" ]; then + GIT_OPS="$GIT_OPS --branch ${WORKSPACE_TAG:-$WORKSPACE_BRANCH}" + fi + git clone --depth 1 $GIT_OPS "$GITHUB_URL/kalisio/k-meteoradar.git" "$WORKSPACE_DIR/k-meteoradar" + + DEVELOPMENT_REPO_URL="$GITHUB_URL/kalisio/development.git" + + # unset KALISIO_DEVELOPMENT_DIR because we want kli to clone everything in $WORKSPACE_DIR + unset KALISIO_DEVELOPMENT_DIR +fi + +# clone development in $WORKSPACE_DIR +DEVELOPMENT_DIR="$WORKSPACE_DIR/development" +git clone --depth 1 "$DEVELOPMENT_REPO_URL" "$DEVELOPMENT_DIR" + +end_group "Setting up workspace ..."