diff --git a/.github/release-drafter.yml b/.github/release-drafter.yml deleted file mode 100644 index 59bc948a..00000000 --- a/.github/release-drafter.yml +++ /dev/null @@ -1,30 +0,0 @@ -name-template: 'v$RESOLVED_VERSION' -tag-template: 'v$RESOLVED_VERSION' - -template: | - ## General Changes - - $CHANGES - -categories: -- title: '🚀 Features' - labels: - - 'feature' - - 'enhancement' -- title: '🐛 Bug Fixes' - labels: - - 'fix' - - 'bugfix' - - 'bug' - -version-resolver: - major: - labels: - - 'major' - minor: - labels: - - 'minor' - patch: - labels: - - 'patch' - default: patch diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml deleted file mode 100644 index cc46092c..00000000 --- a/.github/workflows/codeql-analysis.yml +++ /dev/null @@ -1,71 +0,0 @@ -# For most projects, this workflow file will not need changing; you simply need -# to commit it to your repository. -# -# You may wish to alter this file to override the set of languages analyzed, -# or to provide custom queries or build logic. -name: "CodeQL" - -on: - push: - branches: [master] - pull_request: - # The branches below must be a subset of the branches above - branches: [master] - schedule: - - cron: '0 4 * * 6' - -jobs: - analyze: - name: Analyze - runs-on: ubuntu-latest - - strategy: - fail-fast: false - matrix: - # Override automatic language detection by changing the below list - # Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python'] - language: ['go'] - # Learn more... - # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection - - steps: - - name: Checkout repository - uses: actions/checkout@v3 - with: - # We must fetch at least the immediate parents so that if this is - # a pull request then we can checkout the head. - fetch-depth: 2 - - # If this run was triggered by a pull request event, then checkout - # the head of the pull request instead of the merge commit. - - run: git checkout HEAD^2 - if: ${{ github.event_name == 'pull_request' }} - - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@v1 - with: - languages: ${{ matrix.language }} - # If you wish to specify custom queries, you can do so here or in a config file. - # By default, queries listed here will override any specified in a config file. - # Prefix the list here with "+" to use these queries and those in the config file. - # queries: ./path/to/local/query, your-org/your-repo/queries@main - - # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). - # If this step fails, then you should remove it and run the build manually (see below) - - name: Autobuild - uses: github/codeql-action/autobuild@v1 - - # ℹī¸ Command-line programs to run using the OS shell. - # 📚 https://git.io/JvXDl - - # ✏ī¸ If the Autobuild fails above, remove it and uncomment the following three lines - # and modify them (or add more) to build your code if your project - # uses a compiled language - - #- run: | - # make bootstrap - # make release - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v1 diff --git a/.github/workflows/dev.yml b/.github/workflows/dev.yml new file mode 100644 index 00000000..b09a4029 --- /dev/null +++ b/.github/workflows/dev.yml @@ -0,0 +1,14 @@ +name: Dev Build and Publish + +on: + push: + branches: + - master + +jobs: + build-for-dev: + uses: ./.github/workflows/factory.yml + with: + tag: ${{ github.ref_name }}-head + push: true + secrets: inherit \ No newline at end of file diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml deleted file mode 100644 index ae8e096f..00000000 --- a/.github/workflows/docker.yaml +++ /dev/null @@ -1,116 +0,0 @@ ---- -name: Docker Build Action -on: - pull_request: - branches: - - master - release: - types: - - published - push: - branches: - - master - -env: - REGISTRY: ghcr.io - IMAGE_NAME: ${{ github.repository }} - PROVISIONER_IMAGE_NAME: ${{ github.repository }}-provisioner - -jobs: - lint: - name: Lint - runs-on: ubuntu-latest - - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: Set up Go 1.19 - uses: actions/setup-go@v3 - with: - go-version: 1.19 - - - name: Lint - uses: golangci/golangci-lint-action@v3 - with: - args: --build-tags integration -p bugs -p unused --timeout=10m - - test: - name: Test - runs-on: ubuntu-latest - - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: Set up Go 1.19 - uses: actions/setup-go@v3 - with: - go-version: 1.19 - - - name: Create k8s Kind Cluster - uses: helm/kind-action@v1.5.0 - with: - install_only: true - - - name: Test - run: | - make test - - build-platforms: - name: Docker Build Platforms - runs-on: ubuntu-latest - needs: - - lint - - test - env: - DOCKER_REGISTRY_TOKEN: ${{ secrets.DOCKER_REGISTRY_TOKEN }} - - steps: - - name: Log in to the container registry - if: ${{ env.DOCKER_REGISTRY_TOKEN != '' }} - uses: docker/login-action@v2 - with: - registry: ${{ env.REGISTRY }} - username: ${{ secrets.DOCKER_REGISTRY_USER }} - password: ${{ secrets.DOCKER_REGISTRY_TOKEN }} - - - name: Checkout - if: ${{ env.DOCKER_REGISTRY_TOKEN != '' }} - uses: actions/checkout@v3 - - - name: Set up Go 1.19 - if: ${{ env.DOCKER_REGISTRY_TOKEN != '' }} - uses: actions/setup-go@v3 - with: - go-version: 1.19 - - - name: Set up Docker Buildx - if: ${{ env.DOCKER_REGISTRY_TOKEN != '' }} - uses: docker/setup-buildx-action@v2 - - - name: Make tag - if: ${{ env.DOCKER_REGISTRY_TOKEN != '' }} - run: | - [ "${GITHUB_EVENT_NAME}" == 'pull_request' ] && echo "tag=${GITHUB_HEAD_REF##*/}" >> $GITHUB_ENV || true - [ "${GITHUB_EVENT_NAME}" == 'release' ] && echo "tag=${GITHUB_REF##*/}" >> $GITHUB_ENV || true - [ "${GITHUB_EVENT_NAME}" == 'push' ] && echo "tag=latest" >> $GITHUB_ENV || true - - - name: Build and push image - if: ${{ env.DOCKER_REGISTRY_TOKEN != '' }} - uses: docker/build-push-action@v3 - with: - context: . - push: true - tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.tag }} - platforms: linux/amd64,linux/arm64,linux/arm/v7 - - - name: Build and push provisioner image - if: ${{ env.DOCKER_REGISTRY_TOKEN != '' }} - uses: docker/build-push-action@v3 - with: - context: . - push: true - tags: ${{ env.REGISTRY }}/${{ env.PROVISIONER_IMAGE_NAME }}:${{ env.tag }} - file: cmd/provisioner/Dockerfile - platforms: linux/amd64,linux/arm64,linux/arm/v7 diff --git a/.github/workflows/factory.yml b/.github/workflows/factory.yml new file mode 100644 index 00000000..c8d053bf --- /dev/null +++ b/.github/workflows/factory.yml @@ -0,0 +1,67 @@ +on: + workflow_call: + inputs: + tag: + required: true + type: string + push: + required: true + type: boolean + +env: + repo: "rancher" + provisionerImageName: "harvester-lvm-provisioner" + pluginImageName: "harvester-lvm-csi-plugin" + +jobs: + dapper-build: + runs-on: ubuntu-latest + permissions: + contents: read + id-token: write + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Run dapper + run: make ci + + - name: Read some Secrets + uses: rancher-eio/read-vault-secrets@main + if: ${{ inputs.push == true }} + with: + secrets: | + secret/data/github/repo/${{ github.repository }}/csi-driver-lvm credentials username | DOCKER_USERNAME ; + secret/data/github/repo/${{ github.repository }}/csi-driver-lvm credentials password | DOCKER_PASSWORD + - name: Login to Docker Hub + uses: docker/login-action@v3 + if: ${{ inputs.push == true }} + with: + username: ${{ env.DOCKER_USERNAME }} + password: ${{ env.DOCKER_PASSWORD }} + + - name: Docker Build (CSI Plugin) + uses: docker/build-push-action@v5 + with: + provenance: false + context: . + platforms: linux/amd64,linux/arm64 + file: package/Dockerfile + push: ${{ inputs.push }} + tags: ${{ env.repo }}/${{ env.pluginImageName }}:${{ inputs.tag }} + + - name: Docker Build (LVM Provisioner) + uses: docker/build-push-action@v5 + with: + provenance: false + context: . + platforms: linux/amd64,linux/arm64 + file: package/Dockerfile.provisioner + push: ${{ inputs.push }} + tags: ${{ env.repo }}/${{ env.provisionerImageName }}:${{ inputs.tag }} diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml new file mode 100644 index 00000000..99b36ed9 --- /dev/null +++ b/.github/workflows/pr.yml @@ -0,0 +1,13 @@ +name: Pull Request Build + +on: + pull_request: + types: [opened, reopened, synchronize] + +jobs: + build-for-PR: + uses: ./.github/workflows/factory.yml + with: + tag: pr-${{ github.event.number }} + push: false + secrets: inherit \ No newline at end of file diff --git a/.github/workflows/release-drafter.yaml b/.github/workflows/release-drafter.yaml deleted file mode 100644 index da232f3c..00000000 --- a/.github/workflows/release-drafter.yaml +++ /dev/null @@ -1,15 +0,0 @@ ---- -name: Release Drafter Action - -on: - push: - branches: - - master - -jobs: - build: - runs-on: ubuntu-latest - steps: - - uses: release-drafter/release-drafter@v5 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 00000000..4d2dfd25 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,14 @@ +name: Release Build and Publish + +on: + push: + tags: + - v** + +jobs: + build-for-release: + uses: ./.github/workflows/factory.yml + with: + tag: ${{ github.ref_name }} + push: true + secrets: inherit \ No newline at end of file diff --git a/package/Dockerfile b/package/Dockerfile index bacaa641..03058e39 100644 --- a/package/Dockerfile +++ b/package/Dockerfile @@ -1,8 +1,19 @@ +# syntax=docker/dockerfile:1.7.0 + FROM registry.suse.com/bci/bci-base:15.5 RUN zypper -n rm container-suseconnect && \ zypper -n install util-linux-systemd lvm2 e2fsprogs nvme-cli device-mapper xfsprogs && \ zypper -n clean -a && rm -rf /tmp/* /var/tmp/* /usr/share/doc/packages/* -COPY bin/lvmplugin /usr/bin/ +ARG TARGETPLATFORM + +RUN if [ "$TARGETPLATFORM" != "linux/amd64" ] && [ "$TARGETPLATFORM" != "linux/arm64" ]; then \ + echo "Error: Unsupported TARGETPLATFORM: $TARGETPLATFORM" && \ + exit 1; \ + fi + +ENV ARCH=${TARGETPLATFORM#linux/} + +COPY bin/lvmplugin-${ARCH} /usr/bin/lvmplugin ENTRYPOINT ["lvmplugin"] diff --git a/package/Dockerfile.provisioner b/package/Dockerfile.provisioner index e765337f..bb8e2251 100644 --- a/package/Dockerfile.provisioner +++ b/package/Dockerfile.provisioner @@ -1,9 +1,19 @@ +# syntax=docker/dockerfile:1.7.0 + FROM registry.suse.com/bci/bci-base:15.5 RUN zypper -n rm container-suseconnect && \ zypper -n install lvm2 e2fsprogs smartmontools nvme-cli device-mapper && \ zypper -n clean -a && rm -rf /tmp/* /var/tmp/* /usr/share/doc/packages/* -COPY bin/csi-lvmplugin-provisioner /csi-lvmplugin-provisioner +ARG TARGETPLATFORM + +RUN if [ "$TARGETPLATFORM" != "linux/amd64" ] && [ "$TARGETPLATFORM" != "linux/arm64" ]; then \ + echo "Error: Unsupported TARGETPLATFORM: $TARGETPLATFORM" && \ + exit 1; \ + fi + +ENV ARCH=${TARGETPLATFORM#linux/} +COPY bin/csi-lvmplugin-provisioner-${ARCH} /usr/bin/csi-lvmplugin-provisioner USER root ENTRYPOINT ["csi-lvmplugin-provisioner"] diff --git a/scripts/build b/scripts/build index 8ead75c2..2ab5a84f 100755 --- a/scripts/build +++ b/scripts/build @@ -13,5 +13,7 @@ fi LINKFLAGS="-X github.com/hravester/csi-driver-lvm/pkg/version.Version=$VERSION -X github.com/harvester/csi-driver-lvm/pkg/version.GitCommit=$COMMIT $LINKFLAGS" -CGO_ENABLED=0 go build -ldflags "$LINKFLAGS $OTHER_LINKFLAGS" -o bin/lvmplugin -CGO_ENABLED=0 go build -ldflags "$LINKFLAGS $OTHER_LINKFLAGS" -o bin/csi-lvmplugin-provisioner cmd/provisioner/*.go +for arch in "amd64" "arm64"; do + GOARCH="$arch" CGO_ENABLED=0 go build -ldflags "$LINKFLAGS $OTHER_LINKFLAGS" -o bin/lvmplugin-"$arch" + GOARCH="$arch" CGO_ENABLED=0 go build -ldflags "$LINKFLAGS $OTHER_LINKFLAGS" -o bin/csi-lvmplugin-provisioner-"$arch" cmd/provisioner/*.go +done