diff --git a/.drone.star b/.drone.star index 1051ac1918c..0d55e51ea10 100644 --- a/.drone.star +++ b/.drone.star @@ -22,6 +22,7 @@ load( 'publish_image_pipelines_public', 'publish_image_pipelines_security', ) +load('scripts/drone/pipelines/github.star', 'publish_github_pipeline') load('scripts/drone/version.star', 'version_branch_pipelines') load('scripts/drone/events/cron.star', 'cronjobs') load('scripts/drone/vault.star', 'secrets') @@ -40,6 +41,8 @@ def main(ctx): ) + publish_image_pipelines_public() + publish_image_pipelines_security() + + publish_github_pipeline('public') + + publish_github_pipeline('security') + publish_artifacts_pipelines('security') + publish_artifacts_pipelines('public') + publish_npm_pipelines() diff --git a/.drone.yml b/.drone.yml index b8ebfe2ace7..ea697f09994 100644 --- a/.drone.yml +++ b/.drone.yml @@ -4098,6 +4098,132 @@ volumes: clone: retries: 3 depends_on: [] +environment: + EDITION: enterprise2 +image_pull_secrets: +- dockerconfigjson +kind: pipeline +name: publish-github-public +node: + type: no-parallel +platform: + arch: amd64 + os: linux +services: [] +steps: +- commands: + - go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd + depends_on: [] + environment: + CGO_ENABLED: 0 + image: golang:1.19.3 + name: compile-build-cmd +- commands: + - ./bin/build artifacts docker fetch --edition enterprise2 + depends_on: + - compile-build-cmd + environment: + DOCKER_ENTERPRISE2_REPO: + from_secret: docker_enterprise2_repo + DOCKER_PASSWORD: + from_secret: docker_password + DOCKER_USER: + from_secret: docker_username + GCP_KEY: + from_secret: gcp_key + image: google/cloud-sdk + name: fetch-images-enterprise2 + volumes: + - name: docker + path: /var/run/docker.sock +- commands: + - ./bin/build publish github --repo $${GH_REGISTRY} --create + depends_on: + - fetch-images-enterprise2 + environment: + GH_REGISTRY: + from_secret: gh_registry + GH_TOKEN: + from_secret: github_token + image: grafana/grafana-ci-deploy:1.3.3 + name: publish-github +trigger: + event: + - promote + target: + - public +type: docker +volumes: +- host: + path: /var/run/docker.sock + name: docker +--- +clone: + retries: 3 +depends_on: [] +environment: + EDITION: enterprise2 +image_pull_secrets: +- dockerconfigjson +kind: pipeline +name: publish-github-security +node: + type: no-parallel +platform: + arch: amd64 + os: linux +services: [] +steps: +- commands: + - go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd + depends_on: [] + environment: + CGO_ENABLED: 0 + image: golang:1.19.3 + name: compile-build-cmd +- commands: + - ./bin/build artifacts docker fetch --edition enterprise2 + depends_on: + - compile-build-cmd + environment: + DOCKER_ENTERPRISE2_REPO: + from_secret: docker_enterprise2_repo + DOCKER_PASSWORD: + from_secret: docker_password + DOCKER_USER: + from_secret: docker_username + GCP_KEY: + from_secret: gcp_key + image: google/cloud-sdk + name: fetch-images-enterprise2 + volumes: + - name: docker + path: /var/run/docker.sock +- commands: + - ./bin/build publish github --repo $${GH_REGISTRY} --create + depends_on: + - fetch-images-enterprise2 + environment: + GH_REGISTRY: + from_secret: gh_registry + GH_TOKEN: + from_secret: github_token + image: grafana/grafana-ci-deploy:1.3.3 + name: publish-github +trigger: + event: + - promote + target: + - security +type: docker +volumes: +- host: + path: /var/run/docker.sock + name: docker +--- +clone: + retries: 3 +depends_on: [] environment: EDITION: all image_pull_secrets: @@ -6318,6 +6444,6 @@ kind: secret name: packages_secret_access_key --- kind: signature -hmac: dcf24226fae30872050cdc031430374d811e6bbe13158ce0fbf234c90c1d83f9 +hmac: 7045c606549d05fbe66b2e683b318c7063a4e875e1a94168d5f5b03bb7e319c6 ... diff --git a/pkg/build/cmd/main.go b/pkg/build/cmd/main.go index bd507dee212..6bc823e9e6d 100644 --- a/pkg/build/cmd/main.go +++ b/pkg/build/cmd/main.go @@ -238,9 +238,8 @@ func main() { Flags: []cli.Flag{ &dryRunFlag, &cli.StringFlag{ - Name: "path", - Required: true, - Usage: "Path to the asset to be published", + Name: "path", + Usage: "Path to the asset to be published", }, &cli.StringFlag{ Name: "repo", diff --git a/pkg/build/cmd/publishgithub.go b/pkg/build/cmd/publishgithub.go index 5217b16c98a..bdec497f9d2 100644 --- a/pkg/build/cmd/publishgithub.go +++ b/pkg/build/cmd/publishgithub.go @@ -114,6 +114,10 @@ func getPublishGithubFlags(ctx *cli.Context) (*publishGithubFlags, error) { name := strings.Split(fullRepo, "/")[1] create := ctx.Value("create").(bool) artifactPath := ctx.Value("path").(string) + if artifactPath == "" { + artifactPath = fmt.Sprintf("grafana-enterprise2-%s-amd64.img", metadata.GrafanaVersion) + fmt.Printf("path argument is not provided, resolving to default %s...\n", artifactPath) + } return &publishGithubFlags{ artifactPath: artifactPath, create: create, diff --git a/scripts/drone/pipelines/github.star b/scripts/drone/pipelines/github.star new file mode 100644 index 00000000000..06096327295 --- /dev/null +++ b/scripts/drone/pipelines/github.star @@ -0,0 +1,36 @@ +load( + 'scripts/drone/steps/lib.star', + 'download_grabpl_step', + 'publish_images_step', + 'compile_build_cmd', + 'fetch_images_step', + 'publish_image', +) + +load('scripts/drone/vault.star', 'from_secret') + +load( + 'scripts/drone/utils/utils.star', + 'pipeline', +) + +def publish_github_step(): + return { + 'name': 'publish-github', + 'image': publish_image, + 'commands': ['./bin/build publish github --repo $${GH_REGISTRY} --create'], + 'depends_on': ['fetch-images-enterprise2'], + 'environment': { + 'GH_TOKEN': from_secret('github_token'), + 'GH_REGISTRY': from_secret('gh_registry'), + }, + } + +def publish_github_pipeline(mode): + trigger = { + 'event': ['promote'], + 'target': [mode], + } + return [pipeline( + name='publish-github-{}'.format(mode), trigger=trigger, steps=[compile_build_cmd(), fetch_images_step('enterprise2'), publish_github_step()], edition="", environment = {'EDITION': 'enterprise2'} + ),]