CI: Add rgm to drone (#66991)

* add drone stub that build grafana using 'grafana/build' (dagger)

---------

Co-authored-by: Ricky Whitaker <ricky.whitaker@grafana.com>
This commit is contained in:
Kevin Minehart 2023-05-03 13:56:02 -05:00 committed by GitHub
parent 00a6a14a23
commit 768efe9748
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 243 additions and 1 deletions

View File

@ -20,6 +20,10 @@ load(
"publish_npm_pipelines",
"publish_packages_pipeline",
)
load(
"scripts/drone/rgm.star",
"rgm",
)
load(
"scripts/drone/pipelines/publish_images.star",
"publish_image_pipelines_public",
@ -51,6 +55,7 @@ def main(_ctx):
publish_artifacts_pipelines("public") +
publish_npm_pipelines() +
publish_packages_pipeline() +
rgm() +
artifacts_page_pipeline() +
version_branch_pipelines() +
integration_test_pipelines() +

View File

@ -4546,6 +4546,106 @@ volumes:
path: /var/run/docker.sock
name: docker
---
clone:
retries: 3
depends_on: []
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: '[RGM] Build and upload a grafana.tar.gz to a prerelease bucket when merging
to main'
node:
type: no-parallel
platform:
arch: amd64
os: linux
services: []
steps:
- commands:
- git clone https://github.com/grafana/grafana-build.git rgm
failure: ignore
image: alpine/git
name: clone-rgm
- commands:
- apk update && apk add docker
- export GRAFANA_DIR=$$(pwd)
- cd rgm && ./scripts/drone_publish_main.sh
environment:
DESTINATION:
from_secret: destination
GCP_KEY_BASE64:
from_secret: gcp_key_base64
GITHUB_TOKEN:
from_secret: github_token
failure: ignore
image: golang:1.20.3-alpine
name: rgm-build
volumes:
- name: docker
path: /var/run/docker.sock
trigger:
branch: main
event:
- push
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
---
clone:
retries: 3
depends_on:
- main-test-backend
- main-test-frontend
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: '[RGM] Build and upload a grafana.tar.gz to a prerelease bucket when tagging'
node:
type: no-parallel
platform:
arch: amd64
os: linux
services: []
steps:
- commands:
- git clone https://github.com/grafana/grafana-build.git rgm
failure: ignore
image: alpine/git
name: clone-rgm
- commands:
- apk update && apk add docker
- export GRAFANA_DIR=$$(pwd)
- cd rgm && ./scripts/drone_publish_tag.sh
environment:
DESTINATION:
from_secret: destination
GCP_KEY_BASE64:
from_secret: gcp_key_base64
GITHUB_TOKEN:
from_secret: github_token
failure: ignore
image: golang:1.20.3-alpine
name: rgm-build
volumes:
- name: docker
path: /var/run/docker.sock
trigger:
event:
exclude:
- promote
ref:
exclude:
- refs/tags/*-cloud*
include:
- refs/tags/v*
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
---
clone:
disable: true
depends_on: []
@ -6822,7 +6922,25 @@ get:
kind: secret
name: enterprise2_security_prefix
---
get:
name: gcp_service_account_base64
path: infra/data/ci/grafana-release-eng/rgm
kind: secret
name: gcp_key_base64
---
get:
name: destination
path: infra/data/ci/grafana-release-eng/rgm
kind: secret
name: destination
---
get:
name: pat
path: infra/data/ci/github/grafanabot
kind: secret
name: github_token
---
kind: signature
hmac: e8c29c328c07ab24a7f858cc319c9b35a5bec1fc79531e809e5d3a390bbcbc2f
hmac: d6bfbf6fa92bf3ed68b72ed6315e926aeec8b50e08a44cff1e40f0561007a0fd
...

100
scripts/drone/rgm.star Normal file
View File

@ -0,0 +1,100 @@
"""
rgm uses 'github.com/grafana/grafana-build' to build Grafana on the following events:
* A merge to main
* A tag that begins with a 'v'
"""
load(
"scripts/drone/utils/utils.star",
"pipeline",
)
load(
"scripts/drone/vault.star",
"from_secret",
"rgm_destination",
"rgm_gcp_key_base64",
"rgm_github_token",
)
rgm_env_secrets = {
"GCP_KEY_BASE64": from_secret(rgm_gcp_key_base64),
"DESTINATION": from_secret(rgm_destination),
"GITHUB_TOKEN": from_secret(rgm_github_token),
}
def rgm_build(script = "drone_publish_main.sh"):
clone_step = {
"name": "clone-rgm",
"image": "alpine/git",
"commands": [
"git clone https://github.com/grafana/grafana-build.git rgm",
],
"failure": "ignore",
}
rgm_build_step = {
"name": "rgm-build",
"image": "golang:1.20.3-alpine",
"commands": [
# the docker program is a requirement for running dagger programs
"apk update && apk add docker",
"export GRAFANA_DIR=$$(pwd)",
"cd rgm && ./scripts/{}".format(script),
],
"environment": rgm_env_secrets,
# The docker socket is a requirement for running dagger programs
# In the future we should find a way to use dagger without mounting the docker socket.
"volumes": [{"name": "docker", "path": "/var/run/docker.sock"}],
"failure": "ignore",
}
return [
clone_step,
rgm_build_step,
]
def rgm_main():
trigger = {
"event": [
"push",
],
"branch": "main",
}
return pipeline(
name = "[RGM] Build and upload a grafana.tar.gz to a prerelease bucket when merging to main",
edition = "all",
trigger = trigger,
steps = rgm_build(),
)
def rgm_tag():
trigger = {
"event": {
"exclude": [
"promote",
],
},
"ref": {
"include": [
"refs/tags/v*",
],
"exclude": [
"refs/tags/*-cloud*",
],
},
}
return pipeline(
name = "[RGM] Build and upload a grafana.tar.gz to a prerelease bucket when tagging",
edition = "all",
trigger = trigger,
steps = rgm_build(script = "drone_publish_tag.sh"),
depends_on = ["main-test-backend", "main-test-frontend"],
)
def rgm():
return [
rgm_main(),
rgm_tag(),
]

View File

@ -9,6 +9,10 @@ azure_sp_app_id = "azure_sp_app_id"
azure_sp_app_pw = "azure_sp_app_pw"
azure_tenant = "azure_tenant"
rgm_gcp_key_base64 = "gcp_key_base64"
rgm_destination = "destination"
rgm_github_token = "github_token"
def from_secret(secret):
return {"from_secret": secret}
@ -119,4 +123,19 @@ def secrets():
"infra/data/ci/grafana-release-eng/enterprise2",
"security_prefix",
),
vault_secret(
rgm_gcp_key_base64,
"infra/data/ci/grafana-release-eng/rgm",
"gcp_service_account_base64",
),
vault_secret(
rgm_destination,
"infra/data/ci/grafana-release-eng/rgm",
"destination",
),
vault_secret(
rgm_github_token,
"infra/data/ci/github/grafanabot",
"pat",
),
]