From 94c5bc47d0bbd54183929c93ff769d1f25411094 Mon Sep 17 00:00:00 2001 From: Woojoong Kim Date: Mon, 1 Jul 2024 01:50:08 -0700 Subject: [PATCH] github action version check fix (#751) * github action version check fix Signed-off-by: Woojoong Kim * github action version check fix Signed-off-by: Woojoong Kim * github action version check fix Signed-off-by: Woojoong Kim --------- Signed-off-by: Woojoong Kim --- .github/workflows/build-test.yml | 34 +++++++++++ .github/workflows/code-scan.yml | 48 +++++++++++++++ .github/workflows/release.yml | 101 +++++++++++++++++++++++++++++++ .gitignore | 1 + Makefile | 39 +++++------- build/bin/helm_lint.sh | 16 +++++ build/bin/release | 61 ------------------- build/bin/version_check.sh | 81 +++++++++++++++++++++++++ onos-cli/Chart.yaml | 2 +- onos-operator/Chart.yaml | 9 ++- onos-umbrella/Chart.yaml | 4 +- tlaplus-monitor/Chart.yaml | 4 +- 12 files changed, 309 insertions(+), 91 deletions(-) create mode 100644 .github/workflows/build-test.yml create mode 100644 .github/workflows/code-scan.yml create mode 100644 .github/workflows/release.yml create mode 100755 build/bin/helm_lint.sh delete mode 100755 build/bin/release create mode 100755 build/bin/version_check.sh diff --git a/.github/workflows/build-test.yml b/.github/workflows/build-test.yml new file mode 100644 index 00000000..393b6f9e --- /dev/null +++ b/.github/workflows/build-test.yml @@ -0,0 +1,34 @@ +# SPDX-License-Identifier: Apache-2.0 +# Copyright 2024 Intel Corporation + +name: Build and test workflow +on: + pull_request: + branches: + - master + push: + branches: + - master + +jobs: + build: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: Set up Helm + uses: azure/setup-helm@v4 + with: + version: latest + token: ${{ secrets.GH_ONOS_PAT }} + - name: build + run: make deps + test: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: Unit tests + run: make test diff --git a/.github/workflows/code-scan.yml b/.github/workflows/code-scan.yml new file mode 100644 index 00000000..44129197 --- /dev/null +++ b/.github/workflows/code-scan.yml @@ -0,0 +1,48 @@ +# SPDX-License-Identifier: Apache-2.0 +# Copyright 2024 Intel Corporation + +name: Code scan workflow + +on: + pull_request: + branches: + - master + push: + branches: + - master + +jobs: + version-check: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: check version + run: | + sudo snap install yq + export COMPARISON_BRANCH=origin/master + git branch -a + make check-version + lint: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: helm-lint + run: make lint + license: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: check license + run: make license + fossa-check: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: FOSSA scan + uses: fossa-contrib/fossa-action@v3 + with: + fossa-api-key: 6d304c09a3ec097ba4517724e4a4d17d diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 00000000..8f78f429 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,101 @@ +# SPDX-License-Identifier: Apache-2.0 +# Copyright 2024 Intel Corporation +# Copyright 2024 Kyunghee University +name: Publish image and tag/release code + +on: + push: + branches: + - master + +jobs: + version-check: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: check version + run: | + sudo snap install yq + export COMPARISON_BRANCH=origin/master + git branch -a + make check-version + + tag_versions: + runs-on: ubuntu-latest + needs: version-check + if: github.repository_owner == 'onosproject' + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: create release using REST API + run: | + export COMPARISON_BRANCH=${{ github.event.before }} + sudo snap install yq + target_charts=$(./build/bin/version_check.sh get_changed_charts) + while IFS= read -r tc + do + tc_ver=$(yq e '.version' $tc/Chart.yaml) + tag_name=$tc-$tc_ver + curl -L \ + -X POST \ + -H "Accept: application/vnd.github+json" \ + -H "Authorization: Bearer ${{ secrets.GH_ONOS_PAT }}" \ + -H "X-GitHub-Api-Version: 2022-11-28" \ + https://api.github.com/repos/${{ github.repository }}/releases \ + -d '{ + "tag_name": "'"$tag_name"'", + "target_commitish": "${{ github.event.repository.default_branch }}", + "name": "'"$tag_name"'", + "draft": false, + "prerelease": false, + "generate_release_notes": true + }' + done <<< $target_charts + + publish-charts: + runs-on: ubuntu-latest + needs: version-check + if: (github.repository_owner == 'onosproject') + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: Set up Helm + uses: azure/setup-helm@v4 + with: + version: latest + token: ${{ secrets.GH_ONOS_PAT }} + - name: build + run: make deps + - name: publish charts + run: | + export COMPARISON_BRANCH=${{ github.event.before }} + sudo snap install yq rsync + target_charts=$(./build/bin/version_check.sh get_changed_charts) + rm -rf staging && mkdir -p staging/onos-helm-charts + while IFS= read -r tc + do + mkdir -p staging/onos-helm-charts/$tc + tc_ver=$(yq e '.version' $tc/Chart.yaml) + helm package $tc --destination staging/onos-helm-charts/$tc + done <<< $target_charts + cd staging + curl -o current-index.yaml https://charts.onosproject.org/index.yaml + helm repo index onos-helm-charts --url https://charts.onosproject.org/onos-helm-charts --merge current-index.yaml + rm -rf current-index.yaml + mv onos-helm-charts/index.yaml . + cd .. + chmod -R g+r staging/ + - name: rsync deployments + uses: burnett01/rsync-deployments@7.0.1 + with: + switches: -rvzh + path: staging/ + remote_path: /srv/sites/charts.onosproject.org + remote_host: static.opennetworking.org + remote_user: ${{ secrets.JENKINS_USERNAME }} + remote_key: ${{ secrets.JENKINS_SSHKEY }} + remote_key_pass: ${{ secrets.JENKINS_PASSPHRASE }} diff --git a/.gitignore b/.gitignore index 686d87e1..37ed36d4 100644 --- a/.gitignore +++ b/.gitignore @@ -10,3 +10,4 @@ staging/ requirements.lock **/charts/* build/build-tools +venv diff --git a/Makefile b/Makefile index a63fd544..0bf859aa 100644 --- a/Makefile +++ b/Makefile @@ -2,34 +2,20 @@ # # SPDX-License-Identifier: Apache-2.0 -.PHONY: all test clean +.PHONY: all test clean version-check -all: test +COMPARISON_BRANCH ?= master -build-tools:=$(shell if [ ! -d "./build/build-tools" ]; then cd build && git clone https://github.com/onosproject/build-tools.git; fi) -include ./build/build-tools/make/onf-common.mk +all: deps -jenkins-test: jenkins_version_check deps # @HELP run the jenkins verification tests - docker pull quay.io/helmpack/chart-testing:v3.7.0 - docker run --rm --name ct --volume `pwd`:/charts quay.io/helmpack/chart-testing:v3.7.0 sh -c "ct lint \ - --charts charts/onos-config,charts/onos-topo,charts/onos-cli,charts/onos-umbrella,charts/device-simulator \ - --debug --validate-maintainers=false" +lint: # @HELP run helm lint + ./build/bin/helm_lint.sh -test: # @HELP run the integration tests -test: version_check deps - (kubectl delete ns onos-topo || exit 0) && kubectl create ns onos-topo && helmit test -n onos-topo ./test -c . --suite onos-topo - (kubectl delete ns onos-config || exit 0) && kubectl create ns onos-config && helmit test -n onos-config ./test -c . --suite onos-config - (kubectl delete ns onos-umbrella || exit 0) && kubectl create ns onos-umbrella && helmit test -n onos-umbrella ./test -c . --suite onos-umbrella - -version_check: # @HELP run the version checker on the charts - COMPARISON_BRANCH=master ./build/build-tools/chart_version_check +check-version: # @HELP run the version checker on the charts + COMPARISON_BRANCH=${COMPARISON_BRANCH} ./build/bin/version_check.sh all -jenkins_version_check: # @HELP run the version checker on the charts - export COMPARISON_BRANCH=origin/master && export WORKSPACE=`pwd` && ./build/build-tools/chart_version_check - -jenkins-publish: # @HELP publish version on github - cd .. && GO111MODULE=on go install github.com/mikefarah/yq/v4@v4.16.2 - ./build/build-tools/release-chart-merge-commit https://charts.onosproject.org ${WEBSITE_USER} ${WEBSITE_PASSWORD} +test: # @HELP run the integration tests +test: deps license lint clean:: # @HELP clean up temporary files. rm -rf onos-umbrella/charts onos-umbrella/Chart.lock @@ -39,3 +25,10 @@ deps: clean license helm dep build onos-umbrella helm dep build scale-sim +license: # @HELP run license checks + rm -rf venv + python3 -m venv venv + . ./venv/bin/activate;\ + python3 -m pip install --upgrade pip;\ + python3 -m pip install reuse;\ + reuse lint \ No newline at end of file diff --git a/build/bin/helm_lint.sh b/build/bin/helm_lint.sh new file mode 100755 index 00000000..b3bda48f --- /dev/null +++ b/build/bin/helm_lint.sh @@ -0,0 +1,16 @@ +#!/bin/bash +# SPDX-License-Identifier: Apache-2.0 +# Copyright 2024 Intel Corporation + +exit_code=0 + +for dir in $(find . -maxdepth 1 -mindepth 1 -type d); do + if [[ -f "$dir/Chart.yaml" ]]; then + helm lint "$dir" + if [ $? == 1 ] + then + exit_code=2 + fi + fi +done +exit $exit_code \ No newline at end of file diff --git a/build/bin/release b/build/bin/release deleted file mode 100755 index 47014bdd..00000000 --- a/build/bin/release +++ /dev/null @@ -1,61 +0,0 @@ -#!/bin/bash - -# SPDX-FileCopyrightText: 2022 2020-present Open Networking Foundation -# -# SPDX-License-Identifier: Apache-2.0 - -if [ "$#" -lt "1" ]; then - echo "must specify chart directory" - exit 1 -fi - -set -x -set -e - -chart=$1 - -owner=${GITHUB_USER:-onosproject} -repo=${GITHUB_REPO:-onos-helm-charts} -branch=${GITHUB_BRANCH:-gh-pages} -token=${GITHUB_TOKEN} - -rm -rf build/release - -# Create a fresh clone of the repository -git clone --branch master git@github.com:$owner/$repo.git build/release - -cd build/release - -# Package the Helm chart -helm package $chart --dependency-update --destination package - -# Upload the Helm chart release -cr upload \ - --owner $owner \ - --git-repo $repo \ - --package-path package \ - --token $token - -# Switch to the gh-pages branch -git checkout gh-pages - -# Update the repository index -cr index \ - --index-path index.yaml \ - --owner $owner \ - --git-repo $repo \ - --charts-repo https://raw.githubusercontent.com/$owner/$repo/$branch \ - --package-path package \ - --token $token - -# Commit the updated index.yaml and on to README -go run github.com/onosproject/onos-helm-charts/build/cmd/index2md > README.md -git add index.yaml README.md -git commit -m "Add $chart release to index.yaml" index.yaml README.md -git push origin gh-pages - -git checkout master - -cd ../.. - -rm -rf build/release diff --git a/build/bin/version_check.sh b/build/bin/version_check.sh new file mode 100755 index 00000000..ccb6f4d2 --- /dev/null +++ b/build/bin/version_check.sh @@ -0,0 +1,81 @@ +#!/bin/bash +# SPDX-License-Identifier: Apache-2.0 +# Copyright 2024 Intel Corporation + +INPUT=$1 + +COMPARISON_BRANCH="${COMPARISON_BRANCH:-master}" + +function is_valid_format() { + # check if version format is matched to SemVer + VER_REGEX='^(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)$' + if [[ ! $(echo $1 | tr -d '\n' | sed s/-dev//) =~ $VER_REGEX ]] + then + echo Version $1 is not in SemVer + return 1 + fi + return 0 +} + +function get_changed_charts() { + while IFS= read -r -d '' chart + do + chart_dir=$(dirname $chart) + chart_dir=$(basename $chart_dir) + chart_diff=$(git diff -p $COMPARISON_BRANCH --name-only ./$chart_dir) + if [ -n "$chart_diff" ] + then + echo $chart_dir + fi + done < <(find . -name Chart.yaml -print0) +} + +function is_unique_version() { + echo "comparison branch $COMPARISON_BRANCH" + + while IFS= read -r -d '' chart + do + chart_dir=$(dirname $chart) + chart_dir=$(basename $chart_dir) + chart_diff=$(git diff -p $COMPARISON_BRANCH --name-only ./$chart_dir) + + if [ -n "$chart_diff" ] + then + chart_ver=$(yq e '.version' ${chart_dir}/Chart.yaml) + + is_valid_format $chart_ver + if [ $? == 1 ] + then + echo $chart_dir does not have SemVer formatted version $chart_ver + return 1 + fi + + for t in $(git tag | grep $chart_dir | cat) + do + pure_t=$(echo $t | sed s/$chart_dir-//) + if [ "$pure_t" == "$chart_ver" ] + then + echo Chart $chart_dir version duplicated $chart_ver=$pure_t + return 1 + fi + done + fi + done < <(find . -name Chart.yaml -print0) + return 0 +} + +case $INPUT in + all) + is_unique_version + ;; + + get_changed_charts) + get_changed_charts + ;; + + *) + echo -n "unknown input" + exit 2 + ;; +esac + diff --git a/onos-cli/Chart.yaml b/onos-cli/Chart.yaml index 4b8e3668..51bdd4ca 100644 --- a/onos-cli/Chart.yaml +++ b/onos-cli/Chart.yaml @@ -7,7 +7,7 @@ name: onos-cli description: ONOS Command Line Interface kubeVersion: ">=1.17.0" type: application -version: 1.3.16 +version: 1.3.17 appVersion: v0.9.36 keywords: - onos diff --git a/onos-operator/Chart.yaml b/onos-operator/Chart.yaml index 114fbff9..9da28432 100644 --- a/onos-operator/Chart.yaml +++ b/onos-operator/Chart.yaml @@ -4,9 +4,9 @@ apiVersion: v2 name: onos-operator -version: 0.5.7 +version: 0.5.8 kubeVersion: ">=1.17.0" -appVersion: v0.5.2 +appVersion: v0.5.3 description: µONOS Operator keywords: - onos @@ -15,3 +15,8 @@ home: https://onosproject.org maintainers: - name: ONOS Support email: support@opennetworking.org +dependencies: + - name: app-operator + version: 0.5.5 + - name: topo-operator + version: 0.5.4 \ No newline at end of file diff --git a/onos-umbrella/Chart.yaml b/onos-umbrella/Chart.yaml index 8004e00d..69a0f813 100644 --- a/onos-umbrella/Chart.yaml +++ b/onos-umbrella/Chart.yaml @@ -7,7 +7,7 @@ name: onos-umbrella description: Umbrella chart to deploy all µONOS kubeVersion: ">=1.17.0" type: application -version: 1.3.32 +version: 1.3.33 appVersion: v1.1.0 keywords: - onos @@ -28,7 +28,7 @@ dependencies: - name: onos-cli condition: import.onos-cli.enabled repository: file://../onos-cli - version: 1.3.16 + version: 1.3.17 - name: device-provisioner condition: import.device-provisioner.enabled repository: file://../device-provisioner diff --git a/tlaplus-monitor/Chart.yaml b/tlaplus-monitor/Chart.yaml index f1d79472..6a717c18 100644 --- a/tlaplus-monitor/Chart.yaml +++ b/tlaplus-monitor/Chart.yaml @@ -6,8 +6,8 @@ apiVersion: v2 name: tlaplus-monitor kubeVersion: ">=1.12.0" type: application -version: 0.0.2 -appVersion: 1.0 +version: 0.0.3 +appVersion: "1.0" description: TLA+ Conformance Monitor keywords: - monitoring