aliases: # Workflow filters - &filter-only-release branches: ignore: /.*/ tags: only: /^v[0-9]+(\.[0-9]+){2}(-.+|[^-.]*)$/ - &filter-not-release-or-master tags: ignore: /^v[0-9]+(\.[0-9]+){2}(-.+|[^-.]*)$/ branches: ignore: master - &filter-only-master branches: only: master version: 2 jobs: mysql-integration-test: docker: - image: circleci/golang:1.12.9 - image: circleci/mysql:5.6-ram environment: MYSQL_ROOT_PASSWORD: rootpass MYSQL_DATABASE: grafana_tests MYSQL_USER: grafana MYSQL_PASSWORD: password working_directory: /go/src/ steps: - checkout - run: sudo apt update - run: sudo apt install -y default-mysql-client - run: dockerize -wait tcp:// -timeout 120s - run: cat devenv/docker/blocks/mysql_tests/setup.sql | mysql -h -P 3306 -u root -prootpass - run: name: mysql integration tests command: './scripts/' postgres-integration-test: docker: - image: circleci/golang:1.12.9 - image: circleci/postgres:9.3-ram environment: POSTGRES_USER: grafanatest POSTGRES_PASSWORD: grafanatest POSTGRES_DB: grafanatest working_directory: /go/src/ steps: - checkout - run: sudo apt update - run: sudo apt install -y postgresql-client - run: dockerize -wait tcp:// -timeout 120s - run: 'PGPASSWORD=grafanatest psql -p 5432 -h -U grafanatest -d grafanatest -f devenv/docker/blocks/postgres_tests/setup.sql' - run: name: postgres integration tests command: './scripts/' cache-server-test: docker: - image: circleci/golang:1.12.9 - image: circleci/redis:4-alpine - image: memcached working_directory: /go/src/ steps: - checkout - run: dockerize -wait tcp:// -timeout 120s - run: dockerize -wait tcp:// -timeout 120s - run: name: cache server tests command: './scripts/' end-to-end-test: docker: - image: circleci/node:10-browsers - image: grafana/grafana-dev:master-$CIRCLE_SHA1 steps: - run: dockerize -wait tcp:// -timeout 120s - checkout - restore_cache: key: dependency-cache-{{ checksum "yarn.lock" }} - run: name: yarn install command: 'yarn install --pure-lockfile --no-progress' no_output_timeout: 5m - save_cache: key: dependency-cache-{{ checksum "yarn.lock" }} paths: - node_modules - run: name: run end-to-end tests command: 'env BASE_URL= yarn e2e-tests' no_output_timeout: 5m - store_artifacts: path: public/e2e-test/screenShots/theTruth destination: expected-screenshots - store_artifacts: path: public/e2e-test/screenShots/theOutput destination: output-screenshots end-to-end-test-release: docker: - image: circleci/node:10-browsers - image: grafana/grafana-dev:$CIRCLE_TAG steps: - run: dockerize -wait tcp:// -timeout 120s - checkout - restore_cache: key: dependency-cache-{{ checksum "yarn.lock" }} - run: name: yarn install command: 'yarn install --pure-lockfile --no-progress' no_output_timeout: 5m - save_cache: key: dependency-cache-{{ checksum "yarn.lock" }} paths: - node_modules - run: name: run end-to-end tests command: 'env BASE_URL= yarn e2e-tests' no_output_timeout: 5m - store_artifacts: path: public/e2e-test/screenShots/theTruth destination: expected-screenshots - store_artifacts: path: public/e2e-test/screenShots/theOutput destination: output-screenshots codespell: docker: - image: circleci/python steps: - checkout - run: name: install codespell command: 'sudo pip install codespell' - run: # Important: all words have to be in lowercase, and separated by "\n". name: exclude known exceptions command: 'echo -e "unknwon\nreferer\nerrorstring" > words_to_ignore.txt' - run: name: check documentation spelling errors command: 'codespell -I ./words_to_ignore.txt docs/' lint-go: docker: - image: circleci/golang:1.12.9 environment: # we need CGO because of go-sqlite3 CGO_ENABLED: 1 working_directory: /go/src/ steps: - checkout - run: name: Lint Go command: 'make lint-go' shellcheck: machine: true working_directory: ~/go/src/ steps: - checkout - run: name: ShellCheck command: 'make shellcheck' test-frontend: docker: - image: circleci/node:10 steps: - checkout - restore_cache: key: dependency-cache-{{ checksum "yarn.lock" }} - run: name: yarn install command: 'yarn install --frozen-lockfile --no-progress' no_output_timeout: 15m - save_cache: key: dependency-cache-{{ checksum "yarn.lock" }} paths: - node_modules - run: name: frontend tests command: './scripts/' test-backend: docker: - image: circleci/golang:1.12.9 working_directory: /go/src/ steps: - checkout - run: name: build backend and run go tests command: './scripts/' build-all: docker: - image: grafana/build-container:1.2.8 working_directory: /go/src/ steps: - checkout - run: name: prepare build tools command: '/tmp/' - restore_cache: key: phantomjs-binaries-{{ checksum "scripts/build/" }} - run: name: download phantomjs binaries command: './scripts/build/' - save_cache: key: phantomjs-binaries-{{ checksum "scripts/build/" }} paths: - /tmp/phantomjs - run: name: build and package grafana command: './scripts/build/' - run: name: sign packages command: './scripts/build/' - run: name: verify signed packages command: | mkdir -p ~/.rpmdb/pubkeys curl -s > ~/.rpmdb/pubkeys/grafana.key ./scripts/build/ dist/*.rpm - run: name: sha-sum packages command: 'go run build.go sha-dist' - run: name: Test and build release publisher command: 'cd scripts/build/release_publisher && go test . && go build -o release_publisher .' - persist_to_workspace: root: . paths: - dist/* - scripts/*.sh - scripts/build/release_publisher/release_publisher - scripts/build/ build: docker: - image: grafana/build-container:1.2.8 working_directory: /go/src/ steps: - checkout - run: name: prepare build tools command: '/tmp/' - run: name: build and package grafana command: './scripts/build/' - run: name: sign packages command: './scripts/build/' - run: name: sha-sum packages command: 'go run build.go sha-dist' - run: name: Test release publisher command: 'cd scripts/build/release_publisher && go test .' - persist_to_workspace: root: . paths: - dist/* build-fast-backend: docker: - image: grafana/build-container:1.2.8 working_directory: /go/src/ steps: - checkout - run: name: prepare build tools command: '/tmp/' - run: name: build grafana backend command: './scripts/build/ --fast --backend-only' - persist_to_workspace: root: . paths: - bin/* build-fast-frontend: docker: - image: grafana/build-container:1.2.8 working_directory: /go/src/ steps: - checkout - run: name: prepare build tools command: '/tmp/' - restore_cache: key: frontend-dependency-cache-{{ checksum "yarn.lock" }} - run: name: build grafana frontend command: './scripts/build/ --fast --frontend-only' - save_cache: key: frontend-dependency-cache-{{ checksum "yarn.lock" }} paths: - node_modules - persist_to_workspace: root: . paths: - public/build/* - tools/phantomjs/* build-fast-package: docker: - image: grafana/build-container:1.2.8 working_directory: /go/src/ steps: - checkout - attach_workspace: at: . - restore_cache: key: frontend-dependency-cache-{{ checksum "yarn.lock" }} - run: name: prepare build tools command: '/tmp/' - run: name: package grafana command: './scripts/build/ --fast --package-only' - run: name: sha-sum packages command: 'go run build.go sha-dist' - run: name: Test release publisher command: 'cd scripts/build/release_publisher && go test .' - persist_to_workspace: root: /go/src/ paths: - dist/* build-fast-save: docker: - image: grafana/build-container:1.2.8 working_directory: /go/src/ steps: - checkout - attach_workspace: at: . - restore_cache: key: dependency-cache-{{ checksum "yarn.lock" }} - run: name: debug cache command: 'ls -al /go/src/' - run: name: prepare build tools command: '/tmp/' - run: name: build grafana backend command: './scripts/build/ --fast --backend-only' - run: name: build grafana frontend command: './scripts/build/ --fast --frontend-only' - save_cache: key: dependency-cache-{{ checksum "yarn.lock" }} paths: - /go/src/ - run: name: package grafana command: './scripts/build/ --fast --package-only' - run: name: sign packages command: './scripts/build/' - run: name: sha-sum packages command: 'go run build.go sha-dist' - run: name: Test release publisher command: 'cd scripts/build/release_publisher && go test .' - persist_to_workspace: root: . paths: - dist/* grafana-docker-master: machine: image: circleci/classic:201808-01 steps: - checkout - attach_workspace: at: . - run: docker info - run: docker run --privileged linuxkit/binfmt:v0.6 - run: cp dist/grafana-latest.linux-*.tar.gz packaging/docker - run: cd packaging/docker && ./ "master-${CIRCLE_SHA1}" - run: rm packaging/docker/grafana-latest.linux-*.tar.gz - run: cp enterprise-dist/grafana-enterprise-*.linux-amd64.tar.gz packaging/docker/grafana-latest.linux-x64.tar.gz - run: cd packaging/docker && ./ "master" grafana-docker-pr: machine: image: circleci/classic:201808-01 steps: - checkout - attach_workspace: at: . - run: docker info - run: docker run --privileged linuxkit/binfmt:v0.6 - run: cp dist/grafana-latest.linux-*.tar.gz packaging/docker - run: cd packaging/docker && ./ --fast "${CIRCLE_SHA1}" grafana-docker-release: machine: image: circleci/classic:201808-01 steps: - checkout - attach_workspace: at: . - run: docker info - run: docker run --privileged linuxkit/binfmt:v0.6 - run: cp dist/grafana-latest.linux-*.tar.gz packaging/docker - run: cd packaging/docker && ./ "${CIRCLE_TAG}" - run: rm packaging/docker/grafana-latest.linux-*.tar.gz - run: cp enterprise-dist/grafana-enterprise-*.linux-amd64.tar.gz packaging/docker/grafana-latest.linux-x64.tar.gz - run: cd packaging/docker && ./ "${CIRCLE_TAG}" build-enterprise: docker: - image: grafana/build-container:1.2.8 working_directory: /go/src/ steps: - checkout - run: name: prepare build tools command: '/tmp/' - run: name: checkout enterprise command: './scripts/build/' - run: name: test enterprise command: 'go test ./pkg/extensions/...' - run: name: build and package enterprise command: './scripts/build/ -enterprise' - run: name: sign packages command: './scripts/build/' - run: name: sha-sum packages command: 'go run build.go sha-dist' - run: name: move enterprise packages into their own folder command: 'mv dist enterprise-dist' - persist_to_workspace: root: . paths: - enterprise-dist/* build-all-enterprise: docker: - image: grafana/build-container:1.2.8 working_directory: /go/src/ steps: - checkout - run: name: prepare build tools command: '/tmp/' - run: name: checkout enterprise command: './scripts/build/' - restore_cache: key: phantomjs-binaries-{{ checksum "scripts/build/" }} - run: name: download phantomjs binaries command: './scripts/build/' - save_cache: key: phantomjs-binaries-{{ checksum "scripts/build/" }} paths: - /tmp/phantomjs - run: name: test enterprise command: 'go test ./pkg/extensions/...' - run: name: build and package grafana command: './scripts/build/ -enterprise' - run: name: sign packages command: './scripts/build/' - run: name: verify signed packages command: | mkdir -p ~/.rpmdb/pubkeys curl -s > ~/.rpmdb/pubkeys/grafana.key ./scripts/build/ dist/*.rpm - run: name: sha-sum packages command: 'go run build.go sha-dist' - run: name: move enterprise packages into their own folder command: 'mv dist enterprise-dist' - persist_to_workspace: root: . paths: - enterprise-dist/* deploy-enterprise-master: docker: - image: grafana/grafana-ci-deploy:1.2.2 steps: - attach_workspace: at: . - run: name: gcp credentials command: 'echo ${GCP_GRAFANA_UPLOAD_KEY} > /tmp/gcpkey.json' - run: name: sign in to gcp command: '/opt/google-cloud-sdk/bin/gcloud auth activate-service-account --key-file=/tmp/gcpkey.json' - run: name: deploy to gcp command: '/opt/google-cloud-sdk/bin/gsutil cp ./enterprise-dist/* gs://$GCP_BUCKET_NAME/enterprise/master' - run: name: Deploy to command: | cd enterprise-dist ../scripts/build/release_publisher/release_publisher -apikey ${GRAFANA_COM_API_KEY} -enterprise -version "v$(cat grafana.version)" --nightly deploy-enterprise-release: docker: - image: grafana/grafana-ci-deploy:1.2.2 steps: - checkout - attach_workspace: at: . - run: name: gcp credentials command: 'echo ${GCP_GRAFANA_UPLOAD_KEY} > /tmp/gcpkey.json' - run: name: sign in to gcp command: '/opt/google-cloud-sdk/bin/gcloud auth activate-service-account --key-file=/tmp/gcpkey.json' - run: name: deploy to gcp command: '/opt/google-cloud-sdk/bin/gsutil cp ./enterprise-dist/* gs://$GCP_BUCKET_NAME/enterprise/release' - run: name: Deploy to command: './scripts/build/ --enterprise' - run: name: Load GPG private key command: './scripts/build/' - run: name: Update Debian repository command: './scripts/build/update_repo/ "enterprise" "$GPG_KEY_PASSWORD" "$CIRCLE_TAG" "enterprise-dist"' - run: name: Update RPM repository command: './scripts/build/update_repo/ "enterprise" "$GPG_KEY_PASSWORD" "$CIRCLE_TAG" "enterprise-dist"' deploy-master: docker: - image: grafana/grafana-ci-deploy:1.2.2 steps: - attach_workspace: at: . - run: name: Trigger Windows build command: './scripts/ ${APPVEYOR_TOKEN} ${CIRCLE_SHA1} master' - run: name: gcp credentials command: 'echo ${GCP_GRAFANA_UPLOAD_KEY} > /tmp/gcpkey.json' - run: name: sign in to gcp command: '/opt/google-cloud-sdk/bin/gcloud auth activate-service-account --key-file=/tmp/gcpkey.json' - run: name: deploy to gcp command: '/opt/google-cloud-sdk/bin/gsutil cp ./dist/* gs://$GCP_BUCKET_NAME/oss/master' - run: name: Publish to command: | rm dist/*latest* || true cd dist && ../scripts/build/release_publisher/release_publisher -apikey ${GRAFANA_COM_API_KEY} -version "v$(cat grafana.version)" --nightly deploy-release: docker: - image: grafana/grafana-ci-deploy:1.2.2 steps: - checkout - attach_workspace: at: . - run: name: gcp credentials command: 'echo ${GCP_GRAFANA_UPLOAD_KEY} > /tmp/gcpkey.json' - run: name: sign in to gcp command: '/opt/google-cloud-sdk/bin/gcloud auth activate-service-account --key-file=/tmp/gcpkey.json' - run: name: deploy to gcp command: '/opt/google-cloud-sdk/bin/gsutil cp ./dist/* gs://$GCP_BUCKET_NAME/oss/release' - run: name: Deploy to command: './scripts/build/' - run: name: Load GPG private key command: './scripts/build/' - run: name: Update Debian repository command: './scripts/build/update_repo/ "oss" "$GPG_KEY_PASSWORD" "$CIRCLE_TAG" "dist"' - run: name: Update RPM repository command: './scripts/build/update_repo/ "oss" "$GPG_KEY_PASSWORD" "$CIRCLE_TAG" "dist"' build-oss-msi: docker: - image: grafana/wix-toolset-ci:v3 steps: - checkout - attach_workspace: at: . - run: name: Build OSS MSI command: './scripts/build/ci-msi-build/' - persist_to_workspace: root: . paths: - dist/grafana-*.msi - dist/grafana-*.msi.sha256 store-build-artifacts: docker: - image: circleci/node:10 steps: - attach_workspace: at: . - store_artifacts: path: ./dist trigger-docs-update: docker: - image: circleci/python:3.6.8 steps: - checkout - run: name: Trigger Docs update command: | if git diff --name-only HEAD^ | grep -q "^docs"; then echo "Build URL:" curl -s -u "$DOCS_CIRCLE_TOKEN:" \ -d build_parameters[CIRCLE_JOB]=pull-submodule-changes \ \ | jq .build_url else echo "-- no changes to docs files --" fi build-grafana-packages: docker: - image: circleci/node:10 steps: - checkout - run: name: Boostrap lerna command: 'npx lerna bootstrap' - run: name: Build packages command: yarn packages:build release-next-packages: docker: - image: circleci/node:10 steps: - checkout - run: name: Boostrap lerna command: 'npx lerna bootstrap' - run: name: npm - Prepare auth token command: 'echo //$NPM_TOKEN >> ~/.npmrc' - run: name: Release next packages command: './scripts/' release-packages: docker: - image: circleci/node:10 steps: - checkout - run: name: Boostrap lerna command: 'npx lerna bootstrap' - run: name: npm - Prepare auth token command: 'echo //$NPM_TOKEN >> ~/.npmrc' - run: name: Release packages command: ./scripts/build/ "${CIRCLE_TAG}" scan-docker-master: docker: - image: circleci/buildpack-deps:stretch steps: - setup_remote_docker - restore_cache: key: vulnerability-db - run: name: Install trivy command: | VERSION=$( curl --silent "" | \ grep '"tag_name":' | \ sed -E 's/.*"v([^"]+)".*/\1/' ) wget${VERSION}/trivy_${VERSION}_Linux-64bit.tar.gz tar zxvf trivy_${VERSION}_Linux-64bit.tar.gz sudo mv trivy /usr/local/bin - run: name: Scan the latest grafana master image with trivy command: trivy --exit-code 1 --quiet --auto-refresh --clear-cache grafana/grafana:master - save_cache: key: vulnerability-db paths: - $HOME/.cache/trivy workflows: version: 2 build-master: jobs: - build-all: filters: *filter-only-master - build-all-enterprise: filters: *filter-only-master - codespell: filters: *filter-only-master - lint-go: filters: *filter-only-master - shellcheck: filters: *filter-only-master - test-frontend: filters: *filter-only-master - test-backend: filters: *filter-only-master - mysql-integration-test: filters: *filter-only-master - postgres-integration-test: filters: *filter-only-master - deploy-master: requires: - build-all - test-backend - test-frontend - codespell - lint-go - shellcheck - mysql-integration-test - postgres-integration-test - build-oss-msi filters: *filter-only-master - grafana-docker-master: requires: - build-all - build-all-enterprise - test-backend - test-frontend - codespell - lint-go - shellcheck - mysql-integration-test - postgres-integration-test filters: *filter-only-master - deploy-enterprise-master: requires: - build-all - test-backend - test-frontend - codespell - lint-go - shellcheck - mysql-integration-test - postgres-integration-test - build-all-enterprise filters: *filter-only-master - build-oss-msi: requires: - build-all - test-backend - test-frontend - codespell - lint-go - shellcheck - mysql-integration-test - postgres-integration-test filters: *filter-only-master - end-to-end-test: requires: - grafana-docker-master filters: *filter-only-master - trigger-docs-update: requires: - end-to-end-test filters: *filter-only-master - release-next-packages: requires: - build-all - test-frontend filters: *filter-only-master release: jobs: - build-all: filters: *filter-only-release - build-all-enterprise: filters: *filter-only-release - codespell: filters: *filter-only-release - lint-go: filters: *filter-only-release - shellcheck: filters: *filter-only-release - test-frontend: filters: *filter-only-release - test-backend: filters: *filter-only-release - mysql-integration-test: filters: *filter-only-release - postgres-integration-test: filters: *filter-only-release - deploy-release: requires: - build-all - test-backend - test-frontend - codespell - lint-go - shellcheck - mysql-integration-test - postgres-integration-test - build-oss-msi filters: *filter-only-release - deploy-enterprise-release: requires: - build-all - build-all-enterprise - test-backend - test-frontend - codespell - lint-go - shellcheck - mysql-integration-test - postgres-integration-test filters: *filter-only-release - grafana-docker-release: requires: - build-all - build-all-enterprise - test-backend - test-frontend - codespell - lint-go - shellcheck - mysql-integration-test - postgres-integration-test filters: *filter-only-release - release-packages: requires: - build-all - test-backend - test-frontend - codespell - lint-go - shellcheck - mysql-integration-test - postgres-integration-test - build-oss-msi filters: *filter-only-release - build-oss-msi: requires: - build-all - test-backend - test-frontend - codespell - lint-go - shellcheck - mysql-integration-test - postgres-integration-test filters: *filter-only-release - end-to-end-test-release: requires: - grafana-docker-release filters: *filter-only-release build-branches-and-prs: jobs: - build-fast-backend: filters: *filter-not-release-or-master - build-fast-frontend: filters: *filter-not-release-or-master - build-grafana-packages: filters: *filter-not-release-or-master - build-fast-package: filters: *filter-not-release-or-master requires: - build-fast-backend - build-fast-frontend - codespell: filters: *filter-not-release-or-master - lint-go: filters: *filter-not-release-or-master - lint-go: filters: *filter-not-release-or-master - shellcheck: filters: *filter-not-release-or-master - test-frontend: filters: *filter-not-release-or-master - test-backend: filters: *filter-not-release-or-master - mysql-integration-test: filters: *filter-not-release-or-master - postgres-integration-test: filters: *filter-not-release-or-master - cache-server-test: filters: *filter-not-release-or-master - grafana-docker-pr: requires: - build-fast-package - test-backend - test-frontend - codespell - lint-go - shellcheck - mysql-integration-test - postgres-integration-test - cache-server-test filters: *filter-not-release-or-master - store-build-artifacts: requires: - build-fast-package - test-backend - test-frontend - codespell - lint-go - shellcheck - mysql-integration-test - postgres-integration-test - cache-server-test filters: *filter-not-release-or-master nightly: triggers: - schedule: cron: "0 0 * * *" filters: *filter-only-master jobs: - scan-docker-master