grafana/.drone.yml
Dimitris Sotirakis 8a04af412e
Build pipeline: Cleanup build-main pipeline steps (#38484)
* Refactor dependencies

* Regenerate drone.yml

* Reorder steps in starlark files

* Make build depend on test

* Make test steps depend on lint

* Make gen-version step depend on build steps

* Refactor step dependencies

* Move e2e-tests step before upload_cdn

* Sync with main
2021-08-26 10:11:22 +03:00

3484 lines
86 KiB
YAML

---
kind: pipeline
type: docker
name: test-pr
platform:
os: linux
arch: amd64
steps:
- name: identify-runner
image: alpine:3.14.1
commands:
- echo $DRONE_RUNNER_NAME
- name: initialize
image: grafana/build-container:1.4.1
commands:
- mkdir -p bin
- curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v2.4.0/grabpl
- chmod +x bin/grabpl
- ./bin/grabpl verify-drone
- curl -fLO https://github.com/jwilder/dockerize/releases/download/v$${DOCKERIZE_VERSION}/dockerize-linux-amd64-v$${DOCKERIZE_VERSION}.tar.gz
- tar -C bin -xzvf dockerize-linux-amd64-v$${DOCKERIZE_VERSION}.tar.gz
- rm dockerize-linux-amd64-v$${DOCKERIZE_VERSION}.tar.gz
- yarn install --frozen-lockfile --no-progress
environment:
DOCKERIZE_VERSION: 0.6.1
- name: codespell
image: grafana/build-container:1.4.1
commands:
- "echo -e \"unknwon\nreferer\nerrorstring\neror\niam\nwan\" > words_to_ignore.txt"
- codespell -I words_to_ignore.txt docs/
depends_on:
- initialize
- name: shellcheck
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl shellcheck
depends_on:
- initialize
- name: lint-backend
image: grafana/build-container:1.4.1
commands:
- make gen-go
- ./bin/grabpl lint-backend --edition oss
environment:
CGO_ENABLED: 1
depends_on:
- initialize
- name: test-backend
image: grafana/build-container:1.4.1
commands:
- "[ $(grep FocusConvey -R pkg | wc -l) -eq \"0\" ] || exit 1"
- ./bin/grabpl test-backend --edition oss
- ./bin/grabpl integration-tests --edition oss
depends_on:
- lint-backend
- name: test-frontend
image: grafana/build-container:1.4.1
commands:
- yarn run ci:test-frontend
environment:
TEST_MAX_WORKERS: 50%
depends_on:
- lint-backend
- name: build-backend
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl build-backend --jobs 8 --edition oss --build-id ${DRONE_BUILD_NUMBER} --variants linux-x64,linux-x64-musl,osx64,win64 --no-pull-enterprise
depends_on:
- test-backend
- name: build-frontend
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl build-frontend --jobs 8 --no-install-deps --edition oss --build-id ${DRONE_BUILD_NUMBER} --no-pull-enterprise
depends_on:
- test-frontend
- name: build-plugins
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl build-plugins --jobs 8 --edition oss --no-install-deps
depends_on:
- lint-backend
- name: validate-scuemata
image: grafana/build-container:1.4.1
commands:
- ./bin/linux-amd64/grafana-cli cue validate-schema --grafana-root .
depends_on:
- build-backend
- name: gen-version
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl gen-version --build-id ${DRONE_BUILD_NUMBER}
depends_on:
- build-plugins
- build-backend
- build-frontend
- codespell
- shellcheck
- name: package
image: grafana/build-container:1.4.1
commands:
- . scripts/build/gpg-test-vars.sh && ./bin/grabpl package --jobs 8 --edition oss --build-id ${DRONE_BUILD_NUMBER} --no-pull-enterprise --variants linux-x64,linux-x64-musl,osx64,win64
depends_on:
- gen-version
- name: end-to-end-tests-server
image: grafana/build-container:1.4.1
detach: true
commands:
- ./e2e/start-server
environment:
PORT: 3001
depends_on:
- package
- name: end-to-end-tests
image: grafana/ci-e2e:12.19.0-1
commands:
- ./node_modules/.bin/cypress install
- ./bin/grabpl e2e-tests --port 3001
environment:
HOST: end-to-end-tests-server
depends_on:
- end-to-end-tests-server
- name: build-storybook
image: grafana/build-container:1.4.1
commands:
- yarn storybook:build
- ./bin/grabpl verify-storybook
environment:
NODE_OPTIONS: --max_old_space_size=4096
depends_on:
- package
- name: build-frontend-docs
image: grafana/build-container:1.4.1
commands:
- ./scripts/ci-reference-docs-lint.sh ci
depends_on:
- build-frontend
- name: build-docs-website
image: grafana/docs-base:latest
commands:
- mkdir -p /hugo/content/docs/grafana
- cp -r docs/sources/* /hugo/content/docs/grafana/latest/
- cd /hugo && make prod
depends_on:
- build-frontend-docs
- name: copy-packages-for-docker
image: grafana/build-container:1.4.1
commands:
- ls dist/*.tar.gz*
- cp dist/*.tar.gz* packaging/docker/
depends_on:
- end-to-end-tests-server
- name: build-docker-images
image: grafana/drone-grafana-docker:0.3.2
settings:
archs: amd64
dry_run: true
edition: oss
depends_on:
- copy-packages-for-docker
- name: postgres-integration-tests
image: grafana/build-container:1.4.1
commands:
- apt-get update
- apt-get install -yq postgresql-client
- ./bin/dockerize -wait tcp://postgres:5432 -timeout 120s
- psql -p 5432 -h postgres -U grafanatest -d grafanatest -f devenv/docker/blocks/postgres_tests/setup.sql
- go clean -testcache
- ./bin/grabpl integration-tests --database postgres
environment:
GRAFANA_TEST_DB: postgres
PGPASSWORD: grafanatest
POSTGRES_HOST: postgres
depends_on:
- test-backend
- test-frontend
- name: mysql-integration-tests
image: grafana/build-container:1.4.1
commands:
- apt-get update
- apt-get install -yq default-mysql-client
- ./bin/dockerize -wait tcp://mysql:3306 -timeout 120s
- cat devenv/docker/blocks/mysql_tests/setup.sql | mysql -h mysql -P 3306 -u root -prootpass
- go clean -testcache
- ./bin/grabpl integration-tests --database mysql
environment:
GRAFANA_TEST_DB: mysql
MYSQL_HOST: mysql
depends_on:
- test-backend
- test-frontend
services:
- name: postgres
image: postgres:12.3-alpine
environment:
POSTGRES_DB: grafanatest
POSTGRES_PASSWORD: grafanatest
POSTGRES_USER: grafanatest
- name: mysql
image: mysql:5.6.48
environment:
MYSQL_DATABASE: grafana_tests
MYSQL_PASSWORD: password
MYSQL_ROOT_PASSWORD: rootpass
MYSQL_USER: grafana
node:
type: no-parallel
trigger:
event:
- pull_request
---
kind: pipeline
type: docker
name: build-main
platform:
os: linux
arch: amd64
steps:
- name: identify-runner
image: alpine:3.14.1
commands:
- echo $DRONE_RUNNER_NAME
- name: initialize
image: grafana/build-container:1.4.1
commands:
- mkdir -p bin
- curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v2.4.0/grabpl
- chmod +x bin/grabpl
- ./bin/grabpl verify-drone
- curl -fLO https://github.com/jwilder/dockerize/releases/download/v$${DOCKERIZE_VERSION}/dockerize-linux-amd64-v$${DOCKERIZE_VERSION}.tar.gz
- tar -C bin -xzvf dockerize-linux-amd64-v$${DOCKERIZE_VERSION}.tar.gz
- rm dockerize-linux-amd64-v$${DOCKERIZE_VERSION}.tar.gz
- yarn install --frozen-lockfile --no-progress
environment:
DOCKERIZE_VERSION: 0.6.1
- name: trigger-enterprise-downstream
image: grafana/drone-downstream
settings:
params:
- SOURCE_BUILD_NUMBER=${DRONE_BUILD_NUMBER}
- SOURCE_COMMIT=${DRONE_COMMIT}
repositories:
- grafana/grafana-enterprise@main
server: https://drone.grafana.net
token:
from_secret: drone_token
- name: codespell
image: grafana/build-container:1.4.1
commands:
- "echo -e \"unknwon\nreferer\nerrorstring\neror\niam\nwan\" > words_to_ignore.txt"
- codespell -I words_to_ignore.txt docs/
depends_on:
- initialize
- name: shellcheck
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl shellcheck
depends_on:
- initialize
- name: lint-backend
image: grafana/build-container:1.4.1
commands:
- make gen-go
- ./bin/grabpl lint-backend --edition oss
environment:
CGO_ENABLED: 1
depends_on:
- initialize
- name: test-backend
image: grafana/build-container:1.4.1
commands:
- "[ $(grep FocusConvey -R pkg | wc -l) -eq \"0\" ] || exit 1"
- ./bin/grabpl test-backend --edition oss
- ./bin/grabpl integration-tests --edition oss
depends_on:
- lint-backend
- name: test-frontend
image: grafana/build-container:1.4.1
commands:
- yarn run ci:test-frontend
environment:
TEST_MAX_WORKERS: 50%
depends_on:
- lint-backend
- name: build-backend
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl build-backend --jobs 8 --edition oss --build-id ${DRONE_BUILD_NUMBER} --no-pull-enterprise
depends_on:
- test-backend
- name: build-frontend
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl build-frontend --jobs 8 --no-install-deps --edition oss --build-id ${DRONE_BUILD_NUMBER} --no-pull-enterprise
depends_on:
- test-frontend
- name: build-plugins
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl build-plugins --jobs 8 --edition oss --no-install-deps --sign --signing-admin
environment:
GRAFANA_API_KEY:
from_secret: grafana_api_key
depends_on:
- lint-backend
- name: validate-scuemata
image: grafana/build-container:1.4.1
commands:
- ./bin/linux-amd64/grafana-cli cue validate-schema --grafana-root .
depends_on:
- build-backend
- name: gen-version
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl gen-version --build-id ${DRONE_BUILD_NUMBER}
depends_on:
- build-plugins
- build-backend
- build-frontend
- codespell
- shellcheck
- name: package
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl package --jobs 8 --edition oss --build-id ${DRONE_BUILD_NUMBER} --no-pull-enterprise --sign
environment:
GITHUB_TOKEN:
from_secret: github_token
GPG_KEY_PASSWORD:
from_secret: gpg_key_password
GPG_PRIV_KEY:
from_secret: gpg_priv_key
GPG_PUB_KEY:
from_secret: gpg_pub_key
GRAFANA_API_KEY:
from_secret: grafana_api_key
depends_on:
- gen-version
- name: end-to-end-tests-server
image: grafana/build-container:1.4.1
detach: true
commands:
- ./e2e/start-server
environment:
PORT: 3001
depends_on:
- package
- name: end-to-end-tests
image: grafana/ci-e2e:12.19.0-1
commands:
- ./node_modules/.bin/cypress install
- ./bin/grabpl e2e-tests --port 3001
environment:
HOST: end-to-end-tests-server
depends_on:
- end-to-end-tests-server
- name: build-storybook
image: grafana/build-container:1.4.1
commands:
- yarn storybook:build
- ./bin/grabpl verify-storybook
environment:
NODE_OPTIONS: --max_old_space_size=4096
depends_on:
- package
- name: publish-storybook
image: grafana/grafana-ci-deploy:1.3.1
commands:
- printenv GCP_KEY | base64 -d > /tmp/gcpkey.json
- gcloud auth activate-service-account --key-file=/tmp/gcpkey.json
- gsutil -m rsync -d -r ./packages/grafana-ui/dist/storybook gs://grafana-storybook/canary
environment:
GCP_KEY:
from_secret: gcp_key
depends_on:
- build-storybook
- end-to-end-tests
- name: test-a11y-frontend
image: buildkite/puppeteer
commands:
- yarn wait-on http://$HOST:$PORT
- yarn -s test:accessibility --json > pa11y-ci-results.json
environment:
GRAFANA_MISC_STATS_API_KEY:
from_secret: grafana_misc_stats_api_key
HOST: end-to-end-tests-server
PORT: 3001
failure: ignore
depends_on:
- end-to-end-tests-server
- name: publish-frontend-metrics
image: grafana/build-container:1.4.1
commands:
- ./scripts/ci-frontend-metrics.sh | ./bin/grabpl publish-metrics $${GRAFANA_MISC_STATS_API_KEY}
environment:
GRAFANA_MISC_STATS_API_KEY:
from_secret: grafana_misc_stats_api_key
failure: ignore
depends_on:
- test-a11y-frontend
- name: build-frontend-docs
image: grafana/build-container:1.4.1
commands:
- ./scripts/ci-reference-docs-lint.sh ci
depends_on:
- build-frontend
- name: copy-packages-for-docker
image: grafana/build-container:1.4.1
commands:
- ls dist/*.tar.gz*
- cp dist/*.tar.gz* packaging/docker/
depends_on:
- end-to-end-tests-server
- name: build-docker-images
image: grafana/drone-grafana-docker:0.3.2
settings:
edition: oss
password:
from_secret: docker_password
username:
from_secret: docker_user
depends_on:
- copy-packages-for-docker
- name: build-docker-images-ubuntu
image: grafana/drone-grafana-docker:0.3.2
settings:
edition: oss
password:
from_secret: docker_password
ubuntu: true
username:
from_secret: docker_user
depends_on:
- copy-packages-for-docker
- name: postgres-integration-tests
image: grafana/build-container:1.4.1
commands:
- apt-get update
- apt-get install -yq postgresql-client
- ./bin/dockerize -wait tcp://postgres:5432 -timeout 120s
- psql -p 5432 -h postgres -U grafanatest -d grafanatest -f devenv/docker/blocks/postgres_tests/setup.sql
- go clean -testcache
- ./bin/grabpl integration-tests --database postgres
environment:
GRAFANA_TEST_DB: postgres
PGPASSWORD: grafanatest
POSTGRES_HOST: postgres
depends_on:
- test-backend
- test-frontend
- name: mysql-integration-tests
image: grafana/build-container:1.4.1
commands:
- apt-get update
- apt-get install -yq default-mysql-client
- ./bin/dockerize -wait tcp://mysql:3306 -timeout 120s
- cat devenv/docker/blocks/mysql_tests/setup.sql | mysql -h mysql -P 3306 -u root -prootpass
- go clean -testcache
- ./bin/grabpl integration-tests --database mysql
environment:
GRAFANA_TEST_DB: mysql
MYSQL_HOST: mysql
depends_on:
- test-backend
- test-frontend
- name: release-canary-npm-packages
image: grafana/build-container:1.4.1
commands:
- ./scripts/circle-release-canary-packages.sh
environment:
GITHUB_PACKAGE_TOKEN:
from_secret: github_package_token
depends_on:
- end-to-end-tests
- name: upload-packages
image: grafana/grafana-ci-deploy:1.3.1
commands:
- ./bin/grabpl upload-packages --edition oss --packages-bucket grafana-downloads
environment:
GCP_GRAFANA_UPLOAD_KEY:
from_secret: gcp_key
depends_on:
- end-to-end-tests
- mysql-integration-tests
- postgres-integration-tests
- name: upload-cdn-assets
image: grafana/grafana-ci-deploy:1.3.1
commands:
- ./bin/grabpl upload-cdn --edition oss --bucket "grafana-static-assets"
environment:
GCP_GRAFANA_UPLOAD_KEY:
from_secret: gcp_key
depends_on:
- end-to-end-tests-server
services:
- name: postgres
image: postgres:12.3-alpine
environment:
POSTGRES_DB: grafanatest
POSTGRES_PASSWORD: grafanatest
POSTGRES_USER: grafanatest
- name: mysql
image: mysql:5.6.48
environment:
MYSQL_DATABASE: grafana_tests
MYSQL_PASSWORD: password
MYSQL_ROOT_PASSWORD: rootpass
MYSQL_USER: grafana
node:
type: no-parallel
trigger:
branch:
- main
event:
- push
---
kind: pipeline
type: docker
name: windows-main
platform:
os: windows
arch: amd64
version: 1809
steps:
- name: identify-runner
image: mcr.microsoft.com/windows:1809
commands:
- echo $env:DRONE_RUNNER_NAME
- name: initialize
image: grafana/ci-wix:0.1.1
commands:
- $$ProgressPreference = "SilentlyContinue"
- Invoke-WebRequest https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v2.4.0/windows/grabpl.exe -OutFile grabpl.exe
- name: build-windows-installer
image: grafana/ci-wix:0.1.1
commands:
- $$gcpKey = $$env:GCP_KEY
- "[System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($$gcpKey)) > gcpkey.json"
- dos2unix gcpkey.json
- gcloud auth activate-service-account --key-file=gcpkey.json
- rm gcpkey.json
- cp C:\App\nssm-2.24.zip .
- .\grabpl.exe windows-installer --edition oss --build-id $$env:DRONE_BUILD_NUMBER
- $$fname = ((Get-Childitem grafana*.msi -name) -split "`n")[0]
- gsutil cp $$fname gs://grafana-downloads/oss/main/
- gsutil cp "$$fname.sha256" gs://grafana-downloads/oss/main/
environment:
GCP_KEY:
from_secret: gcp_key
depends_on:
- initialize
trigger:
branch:
- main
event:
- push
depends_on:
- build-main
---
kind: pipeline
type: docker
name: publish-main
platform:
os: linux
arch: amd64
steps:
- name: identify-runner
image: alpine:3.14.1
commands:
- echo $DRONE_RUNNER_NAME
- name: initialize
image: grafana/build-container:1.4.1
commands:
- mkdir -p bin
- curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v2.4.0/grabpl
- chmod +x bin/grabpl
- ./bin/grabpl verify-drone
environment:
DOCKERIZE_VERSION: 0.6.1
- name: publish-packages-oss
image: grafana/grafana-ci-deploy:1.3.1
commands:
- printenv GCP_KEY | base64 -d > /tmp/gcpkey.json
- ./bin/grabpl publish-packages --edition oss --gcp-key /tmp/gcpkey.json --build-id ${DRONE_BUILD_NUMBER}
environment:
GCP_KEY:
from_secret: gcp_key
GPG_KEY_PASSWORD:
from_secret: gpg_key_password
GPG_PRIV_KEY:
from_secret: gpg_priv_key
GPG_PUB_KEY:
from_secret: gpg_pub_key
GRAFANA_COM_API_KEY:
from_secret: grafana_api_key
depends_on:
- initialize
node:
type: no-parallel
trigger:
branch:
- main
event:
- push
depends_on:
- build-main
- windows-main
---
kind: pipeline
type: docker
name: notify-main
platform:
os: linux
arch: amd64
steps:
- name: slack
image: plugins/slack
settings:
channel: grafana-ci-notifications
template: "Build {{build.number}} failed for commit: <https://github.com/{{repo.owner}}/{{repo.name}}/commit/{{build.commit}}|{{ truncate build.commit 8 }}>: {{build.link}}\nBranch: <https://github.com/{{ repo.owner }}/{{ repo.name }}/commits/{{ build.branch }}|{{ build.branch }}>\nAuthor: {{build.author}}"
webhook:
from_secret: slack_webhook
trigger:
branch:
- main
event:
- push
status:
- failure
depends_on:
- build-main
- windows-main
- publish-main
---
kind: pipeline
type: docker
name: oss-build-release
platform:
os: linux
arch: amd64
steps:
- name: identify-runner
image: alpine:3.14.1
commands:
- echo $DRONE_RUNNER_NAME
- name: initialize
image: grafana/build-container:1.4.1
commands:
- mkdir -p bin
- curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v2.4.0/grabpl
- chmod +x bin/grabpl
- ./bin/grabpl verify-drone
- ./bin/grabpl verify-version ${DRONE_TAG}
- curl -fLO https://github.com/jwilder/dockerize/releases/download/v$${DOCKERIZE_VERSION}/dockerize-linux-amd64-v$${DOCKERIZE_VERSION}.tar.gz
- tar -C bin -xzvf dockerize-linux-amd64-v$${DOCKERIZE_VERSION}.tar.gz
- rm dockerize-linux-amd64-v$${DOCKERIZE_VERSION}.tar.gz
- yarn install --frozen-lockfile --no-progress
environment:
DOCKERIZE_VERSION: 0.6.1
- name: codespell
image: grafana/build-container:1.4.1
commands:
- "echo -e \"unknwon\nreferer\nerrorstring\neror\niam\nwan\" > words_to_ignore.txt"
- codespell -I words_to_ignore.txt docs/
depends_on:
- initialize
- name: shellcheck
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl shellcheck
depends_on:
- initialize
- name: lint-backend
image: grafana/build-container:1.4.1
commands:
- make gen-go
- ./bin/grabpl lint-backend --edition oss
environment:
CGO_ENABLED: 1
depends_on:
- initialize
- name: test-backend
image: grafana/build-container:1.4.1
commands:
- "[ $(grep FocusConvey -R pkg | wc -l) -eq \"0\" ] || exit 1"
- ./bin/grabpl test-backend --edition oss --tries 5
- ./bin/grabpl integration-tests --edition oss --tries 5
depends_on:
- lint-backend
- name: test-frontend
image: grafana/build-container:1.4.1
commands:
- yarn run ci:test-frontend
environment:
TEST_MAX_WORKERS: 50%
depends_on:
- lint-backend
- name: build-backend
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl build-backend --jobs 8 --edition oss --github-token $${GITHUB_TOKEN} --no-pull-enterprise ${DRONE_TAG}
environment:
GITHUB_TOKEN:
from_secret: github_token
depends_on:
- test-backend
- name: build-frontend
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl build-frontend --jobs 8 --github-token $${GITHUB_TOKEN} --no-install-deps --edition oss --no-pull-enterprise ${DRONE_TAG}
depends_on:
- test-frontend
- name: build-plugins
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl build-plugins --jobs 8 --edition oss --no-install-deps --sign --signing-admin
environment:
GRAFANA_API_KEY:
from_secret: grafana_api_key
depends_on:
- lint-backend
- name: validate-scuemata
image: grafana/build-container:1.4.1
commands:
- ./bin/linux-amd64/grafana-cli cue validate-schema --grafana-root .
depends_on:
- build-backend
- name: gen-version
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl gen-version ${DRONE_TAG}
depends_on:
- build-plugins
- build-backend
- build-frontend
- codespell
- shellcheck
- name: package
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl package --jobs 8 --edition oss --github-token $${GITHUB_TOKEN} --no-pull-enterprise --sign ${DRONE_TAG}
environment:
GITHUB_TOKEN:
from_secret: github_token
GPG_KEY_PASSWORD:
from_secret: gpg_key_password
GPG_PRIV_KEY:
from_secret: gpg_priv_key
GPG_PUB_KEY:
from_secret: gpg_pub_key
GRAFANA_API_KEY:
from_secret: grafana_api_key
depends_on:
- gen-version
- name: end-to-end-tests-server
image: grafana/build-container:1.4.1
detach: true
commands:
- ./e2e/start-server
environment:
PORT: 3001
depends_on:
- package
- name: end-to-end-tests
image: grafana/ci-e2e:12.19.0-1
commands:
- ./node_modules/.bin/cypress install
- ./bin/grabpl e2e-tests --port 3001 --tries 3
environment:
HOST: end-to-end-tests-server
depends_on:
- end-to-end-tests-server
- name: build-storybook
image: grafana/build-container:1.4.1
commands:
- yarn storybook:build
- ./bin/grabpl verify-storybook
environment:
NODE_OPTIONS: --max_old_space_size=4096
depends_on:
- package
- name: copy-packages-for-docker
image: grafana/build-container:1.4.1
commands:
- ls dist/*.tar.gz*
- cp dist/*.tar.gz* packaging/docker/
depends_on:
- end-to-end-tests-server
- name: build-docker-images
image: grafana/drone-grafana-docker:0.3.2
settings:
edition: oss
password:
from_secret: docker_password
username:
from_secret: docker_user
depends_on:
- copy-packages-for-docker
- name: build-docker-images-ubuntu
image: grafana/drone-grafana-docker:0.3.2
settings:
edition: oss
password:
from_secret: docker_password
ubuntu: true
username:
from_secret: docker_user
depends_on:
- copy-packages-for-docker
- name: postgres-integration-tests
image: grafana/build-container:1.4.1
commands:
- apt-get update
- apt-get install -yq postgresql-client
- ./bin/dockerize -wait tcp://postgres:5432 -timeout 120s
- psql -p 5432 -h postgres -U grafanatest -d grafanatest -f devenv/docker/blocks/postgres_tests/setup.sql
- go clean -testcache
- ./bin/grabpl integration-tests --database postgres
environment:
GRAFANA_TEST_DB: postgres
PGPASSWORD: grafanatest
POSTGRES_HOST: postgres
depends_on:
- test-backend
- test-frontend
- name: mysql-integration-tests
image: grafana/build-container:1.4.1
commands:
- apt-get update
- apt-get install -yq default-mysql-client
- ./bin/dockerize -wait tcp://mysql:3306 -timeout 120s
- cat devenv/docker/blocks/mysql_tests/setup.sql | mysql -h mysql -P 3306 -u root -prootpass
- go clean -testcache
- ./bin/grabpl integration-tests --database mysql
environment:
GRAFANA_TEST_DB: mysql
MYSQL_HOST: mysql
depends_on:
- test-backend
- test-frontend
- name: upload-cdn-assets
image: grafana/grafana-ci-deploy:1.3.1
commands:
- ./bin/grabpl upload-cdn --edition oss --bucket "grafana-static-assets"
environment:
GCP_GRAFANA_UPLOAD_KEY:
from_secret: gcp_key
depends_on:
- end-to-end-tests-server
- name: upload-packages
image: grafana/grafana-ci-deploy:1.3.1
commands:
- ./bin/grabpl upload-packages --edition oss --packages-bucket grafana-downloads
environment:
GCP_GRAFANA_UPLOAD_KEY:
from_secret: gcp_key
depends_on:
- end-to-end-tests
- mysql-integration-tests
- postgres-integration-tests
- name: publish-storybook
image: grafana/grafana-ci-deploy:1.3.1
commands:
- printenv GCP_KEY | base64 -d > /tmp/gcpkey.json
- gcloud auth activate-service-account --key-file=/tmp/gcpkey.json
- gsutil -m rsync -d -r ./packages/grafana-ui/dist/storybook gs://grafana-storybook/latest
- gsutil -m rsync -d -r ./packages/grafana-ui/dist/storybook gs://grafana-storybook/${DRONE_TAG}
environment:
GCP_KEY:
from_secret: gcp_key
depends_on:
- build-storybook
- end-to-end-tests
- name: release-npm-packages
image: grafana/build-container:1.4.1
commands:
- ./scripts/build/release-packages.sh ${DRONE_TAG}
environment:
GITHUB_PACKAGE_TOKEN:
from_secret: github_package_token
NPM_TOKEN:
from_secret: npm_token
depends_on:
- publish-storybook
services:
- name: postgres
image: postgres:12.3-alpine
environment:
POSTGRES_DB: grafanatest
POSTGRES_PASSWORD: grafanatest
POSTGRES_USER: grafanatest
- name: mysql
image: mysql:5.6.48
environment:
MYSQL_DATABASE: grafana_tests
MYSQL_PASSWORD: password
MYSQL_ROOT_PASSWORD: rootpass
MYSQL_USER: grafana
node:
type: no-parallel
trigger:
ref:
- refs/tags/v*
---
kind: pipeline
type: docker
name: oss-windows-release
platform:
os: windows
arch: amd64
version: 1809
steps:
- name: identify-runner
image: mcr.microsoft.com/windows:1809
commands:
- echo $env:DRONE_RUNNER_NAME
- name: initialize
image: grafana/ci-wix:0.1.1
commands:
- $$ProgressPreference = "SilentlyContinue"
- Invoke-WebRequest https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v2.4.0/windows/grabpl.exe -OutFile grabpl.exe
- name: build-windows-installer
image: grafana/ci-wix:0.1.1
commands:
- $$gcpKey = $$env:GCP_KEY
- "[System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($$gcpKey)) > gcpkey.json"
- dos2unix gcpkey.json
- gcloud auth activate-service-account --key-file=gcpkey.json
- rm gcpkey.json
- cp C:\App\nssm-2.24.zip .
- .\grabpl.exe windows-installer --edition oss ${DRONE_TAG}
- $$fname = ((Get-Childitem grafana*.msi -name) -split "`n")[0]
- gsutil cp $$fname gs://grafana-downloads/oss/release/
- gsutil cp "$$fname.sha256" gs://grafana-downloads/oss/release/
environment:
GCP_KEY:
from_secret: gcp_key
depends_on:
- initialize
trigger:
ref:
- refs/tags/v*
depends_on:
- oss-build-release
---
kind: pipeline
type: docker
name: enterprise-build-release
platform:
os: linux
arch: amd64
clone:
disable: true
steps:
- name: identify-runner
image: alpine:3.14.1
commands:
- echo $DRONE_RUNNER_NAME
- name: clone
image: grafana/build-container:1.4.1
commands:
- mkdir -p bin
- curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v2.4.0/grabpl
- chmod +x bin/grabpl
- git clone "https://$${GITHUB_TOKEN}@github.com/grafana/grafana-enterprise.git"
- cd grafana-enterprise
- git checkout ${DRONE_TAG}
environment:
GITHUB_TOKEN:
from_secret: github_token
- name: initialize
image: grafana/build-container:1.4.1
commands:
- mv bin/grabpl /tmp/
- rmdir bin
- mv grafana-enterprise /tmp/
- /tmp/grabpl init-enterprise /tmp/grafana-enterprise ${DRONE_TAG}
- mv /tmp/grafana-enterprise/deployment_tools_config.json deployment_tools_config.json
- mkdir bin
- mv /tmp/grabpl bin/
- ./bin/grabpl verify-drone
- ./bin/grabpl verify-version ${DRONE_TAG}
- curl -fLO https://github.com/jwilder/dockerize/releases/download/v$${DOCKERIZE_VERSION}/dockerize-linux-amd64-v$${DOCKERIZE_VERSION}.tar.gz
- tar -C bin -xzvf dockerize-linux-amd64-v$${DOCKERIZE_VERSION}.tar.gz
- rm dockerize-linux-amd64-v$${DOCKERIZE_VERSION}.tar.gz
- yarn install --frozen-lockfile --no-progress
environment:
DOCKERIZE_VERSION: 0.6.1
depends_on:
- clone
- name: codespell
image: grafana/build-container:1.4.1
commands:
- "echo -e \"unknwon\nreferer\nerrorstring\neror\niam\nwan\" > words_to_ignore.txt"
- codespell -I words_to_ignore.txt docs/
depends_on:
- initialize
- name: shellcheck
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl shellcheck
depends_on:
- initialize
- name: lint-backend
image: grafana/build-container:1.4.1
commands:
- make gen-go
- ./bin/grabpl lint-backend --edition enterprise
environment:
CGO_ENABLED: 1
depends_on:
- initialize
- name: test-backend
image: grafana/build-container:1.4.1
commands:
- "[ $(grep FocusConvey -R pkg | wc -l) -eq \"0\" ] || exit 1"
- ./bin/grabpl test-backend --edition enterprise --tries 5
- ./bin/grabpl integration-tests --edition enterprise --tries 5
depends_on:
- lint-backend
- name: test-frontend
image: grafana/build-container:1.4.1
commands:
- yarn run ci:test-frontend
environment:
TEST_MAX_WORKERS: 50%
depends_on:
- lint-backend
- name: build-backend
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl build-backend --jobs 8 --edition enterprise --github-token $${GITHUB_TOKEN} --no-pull-enterprise ${DRONE_TAG}
environment:
GITHUB_TOKEN:
from_secret: github_token
depends_on:
- test-backend
- name: build-frontend
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl build-frontend --jobs 8 --github-token $${GITHUB_TOKEN} --no-install-deps --edition enterprise --no-pull-enterprise ${DRONE_TAG}
depends_on:
- test-frontend
- name: build-plugins
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl build-plugins --jobs 8 --edition enterprise --no-install-deps --sign --signing-admin
environment:
GRAFANA_API_KEY:
from_secret: grafana_api_key
depends_on:
- lint-backend
- name: validate-scuemata
image: grafana/build-container:1.4.1
commands:
- ./bin/linux-amd64/grafana-cli cue validate-schema --grafana-root .
depends_on:
- build-backend
- name: lint-backend-enterprise2
image: grafana/build-container:1.4.1
commands:
- make gen-go
- ./bin/grabpl lint-backend --edition enterprise2
environment:
CGO_ENABLED: 1
depends_on:
- initialize
- name: test-backend-enterprise2
image: grafana/build-container:1.4.1
commands:
- "[ $(grep FocusConvey -R pkg | wc -l) -eq \"0\" ] || exit 1"
- ./bin/grabpl test-backend --edition enterprise2 --tries 5
- ./bin/grabpl integration-tests --edition enterprise2 --tries 5
depends_on:
- lint-backend
- name: build-backend-enterprise2
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl build-backend --jobs 8 --edition enterprise2 --github-token $${GITHUB_TOKEN} --no-pull-enterprise ${DRONE_TAG}
environment:
GITHUB_TOKEN:
from_secret: github_token
depends_on:
- test-backend-enterprise2
- name: gen-version
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl gen-version ${DRONE_TAG}
depends_on:
- build-plugins
- build-backend
- build-frontend
- codespell
- shellcheck
- build-backend-enterprise2
- test-backend-enterprise2
- name: package
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl package --jobs 8 --edition enterprise --github-token $${GITHUB_TOKEN} --no-pull-enterprise --sign ${DRONE_TAG}
environment:
GITHUB_TOKEN:
from_secret: github_token
GPG_KEY_PASSWORD:
from_secret: gpg_key_password
GPG_PRIV_KEY:
from_secret: gpg_priv_key
GPG_PUB_KEY:
from_secret: gpg_pub_key
GRAFANA_API_KEY:
from_secret: grafana_api_key
depends_on:
- gen-version
- name: end-to-end-tests-server
image: grafana/build-container:1.4.1
detach: true
commands:
- ./e2e/start-server
environment:
PACKAGE_FILE: dist/grafana-enterprise-*linux-amd64.tar.gz
PORT: 3001
RUNDIR: e2e/tmp-grafana-enterprise
depends_on:
- package
- name: end-to-end-tests
image: grafana/ci-e2e:12.19.0-1
commands:
- ./node_modules/.bin/cypress install
- ./bin/grabpl e2e-tests --port 3001 --tries 3
environment:
HOST: end-to-end-tests-server
depends_on:
- end-to-end-tests-server
- name: copy-packages-for-docker
image: grafana/build-container:1.4.1
commands:
- ls dist/*.tar.gz*
- cp dist/*.tar.gz* packaging/docker/
depends_on:
- end-to-end-tests-server
- name: build-docker-images
image: grafana/drone-grafana-docker:0.3.2
settings:
edition: enterprise
password:
from_secret: docker_password
username:
from_secret: docker_user
depends_on:
- copy-packages-for-docker
- name: build-docker-images-ubuntu
image: grafana/drone-grafana-docker:0.3.2
settings:
edition: enterprise
password:
from_secret: docker_password
ubuntu: true
username:
from_secret: docker_user
depends_on:
- copy-packages-for-docker
- name: postgres-integration-tests
image: grafana/build-container:1.4.1
commands:
- apt-get update
- apt-get install -yq postgresql-client
- ./bin/dockerize -wait tcp://postgres:5432 -timeout 120s
- psql -p 5432 -h postgres -U grafanatest -d grafanatest -f devenv/docker/blocks/postgres_tests/setup.sql
- go clean -testcache
- ./bin/grabpl integration-tests --database postgres
environment:
GRAFANA_TEST_DB: postgres
PGPASSWORD: grafanatest
POSTGRES_HOST: postgres
depends_on:
- test-backend
- test-frontend
- name: mysql-integration-tests
image: grafana/build-container:1.4.1
commands:
- apt-get update
- apt-get install -yq default-mysql-client
- ./bin/dockerize -wait tcp://mysql:3306 -timeout 120s
- cat devenv/docker/blocks/mysql_tests/setup.sql | mysql -h mysql -P 3306 -u root -prootpass
- go clean -testcache
- ./bin/grabpl integration-tests --database mysql
environment:
GRAFANA_TEST_DB: mysql
MYSQL_HOST: mysql
depends_on:
- test-backend
- test-frontend
- name: redis-integration-tests
image: grafana/build-container:1.4.1
commands:
- ./bin/dockerize -wait tcp://redis:6379/0 -timeout 120s
- ./bin/grabpl integration-tests
environment:
REDIS_URL: redis://redis:6379/0
depends_on:
- test-backend
- test-frontend
- name: memcached-integration-tests
image: grafana/build-container:1.4.1
commands:
- ./bin/dockerize -wait tcp://memcached:11211 -timeout 120s
- ./bin/grabpl integration-tests
environment:
MEMCACHED_HOSTS: memcached:11211
depends_on:
- test-backend
- test-frontend
- name: upload-cdn-assets
image: grafana/grafana-ci-deploy:1.3.1
commands:
- ./bin/grabpl upload-cdn --edition enterprise --bucket "grafana-static-assets"
environment:
GCP_GRAFANA_UPLOAD_KEY:
from_secret: gcp_key
depends_on:
- end-to-end-tests-server
- name: upload-packages
image: grafana/grafana-ci-deploy:1.3.1
commands:
- ./bin/grabpl upload-packages --edition enterprise --packages-bucket grafana-downloads
environment:
GCP_GRAFANA_UPLOAD_KEY:
from_secret: gcp_key
depends_on:
- end-to-end-tests
- mysql-integration-tests
- postgres-integration-tests
- redis-integration-tests
- memcached-integration-tests
- name: package-enterprise2
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl package --jobs 8 --edition enterprise2 --github-token $${GITHUB_TOKEN} --no-pull-enterprise --sign ${DRONE_TAG}
environment:
GITHUB_TOKEN:
from_secret: github_token
GPG_KEY_PASSWORD:
from_secret: gpg_key_password
GPG_PRIV_KEY:
from_secret: gpg_priv_key
GPG_PUB_KEY:
from_secret: gpg_pub_key
GRAFANA_API_KEY:
from_secret: grafana_api_key
depends_on:
- gen-version
- name: end-to-end-tests-server-enterprise2
image: grafana/build-container:1.4.1
detach: true
commands:
- ./e2e/start-server
environment:
PACKAGE_FILE: dist/grafana-enterprise2-*linux-amd64.tar.gz
PORT: 3002
RUNDIR: e2e/tmp-grafana-enterprise2
depends_on:
- package-enterprise2
- name: end-to-end-tests-enterprise2
image: grafana/ci-e2e:12.19.0-1
commands:
- ./node_modules/.bin/cypress install
- ./bin/grabpl e2e-tests --port 3002 --tries 3
environment:
HOST: end-to-end-tests-server-enterprise2
depends_on:
- end-to-end-tests-server-enterprise2
- name: upload-cdn-assets-enterprise2
image: grafana/grafana-ci-deploy:1.3.1
commands:
- ./bin/grabpl upload-cdn --edition enterprise2 --bucket "grafana-static-assets"
environment:
GCP_GRAFANA_UPLOAD_KEY:
from_secret: gcp_key
depends_on:
- end-to-end-tests-server-enterprise2
- name: upload-packages-enterprise2
image: grafana/grafana-ci-deploy:1.3.1
commands:
- ./bin/grabpl upload-packages --edition enterprise2 --packages-bucket grafana-downloads-enterprise2
environment:
GCP_GRAFANA_UPLOAD_KEY:
from_secret: gcp_key
depends_on:
- end-to-end-tests-enterprise2
- mysql-integration-tests
- postgres-integration-tests
- redis-integration-tests
- memcached-integration-tests
services:
- name: postgres
image: postgres:12.3-alpine
environment:
POSTGRES_DB: grafanatest
POSTGRES_PASSWORD: grafanatest
POSTGRES_USER: grafanatest
- name: mysql
image: mysql:5.6.48
environment:
MYSQL_DATABASE: grafana_tests
MYSQL_PASSWORD: password
MYSQL_ROOT_PASSWORD: rootpass
MYSQL_USER: grafana
- name: redis
image: redis:6.2.1-alpine
- name: memcached
image: memcached:1.6.9-alpine
image_pull_secrets:
- dockerconfigjson
node:
type: no-parallel
trigger:
ref:
- refs/tags/v*
---
kind: pipeline
type: docker
name: enterprise-windows-release
platform:
os: windows
arch: amd64
version: 1809
clone:
disable: true
steps:
- name: identify-runner
image: mcr.microsoft.com/windows:1809
commands:
- echo $env:DRONE_RUNNER_NAME
- name: clone
image: grafana/ci-wix:0.1.1
commands:
- $$ProgressPreference = "SilentlyContinue"
- Invoke-WebRequest https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v2.4.0/windows/grabpl.exe -OutFile grabpl.exe
- git clone "https://$$env:GITHUB_TOKEN@github.com/grafana/grafana-enterprise.git"
- cd grafana-enterprise
- git checkout ${DRONE_TAG}
environment:
GITHUB_TOKEN:
from_secret: github_token
- name: initialize
image: grafana/ci-wix:0.1.1
commands:
- cp -r grafana-enterprise C:\App\grafana-enterprise
- rm -r -force grafana-enterprise
- cp grabpl.exe C:\App\grabpl.exe
- rm -force grabpl.exe
- C:\App\grabpl.exe init-enterprise C:\App\grafana-enterprise
- cp C:\App\grabpl.exe grabpl.exe
depends_on:
- clone
- name: build-windows-installer
image: grafana/ci-wix:0.1.1
commands:
- $$gcpKey = $$env:GCP_KEY
- "[System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($$gcpKey)) > gcpkey.json"
- dos2unix gcpkey.json
- gcloud auth activate-service-account --key-file=gcpkey.json
- rm gcpkey.json
- cp C:\App\nssm-2.24.zip .
- .\grabpl.exe windows-installer --edition enterprise ${DRONE_TAG}
- $$fname = ((Get-Childitem grafana*.msi -name) -split "`n")[0]
- gsutil cp $$fname gs://grafana-downloads/enterprise/release/
- gsutil cp "$$fname.sha256" gs://grafana-downloads/enterprise/release/
environment:
GCP_KEY:
from_secret: gcp_key
depends_on:
- initialize
image_pull_secrets:
- dockerconfigjson
trigger:
ref:
- refs/tags/v*
depends_on:
- enterprise-build-release
---
kind: pipeline
type: docker
name: publish-release
platform:
os: linux
arch: amd64
steps:
- name: identify-runner
image: alpine:3.14.1
commands:
- echo $DRONE_RUNNER_NAME
- name: initialize
image: grafana/build-container:1.4.1
commands:
- mkdir -p bin
- curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v2.4.0/grabpl
- chmod +x bin/grabpl
- ./bin/grabpl verify-drone
- ./bin/grabpl verify-version ${DRONE_TAG}
environment:
DOCKERIZE_VERSION: 0.6.1
- name: publish-packages-oss
image: grafana/grafana-ci-deploy:1.3.1
commands:
- printenv GCP_KEY | base64 -d > /tmp/gcpkey.json
- ./bin/grabpl publish-packages --edition oss --gcp-key /tmp/gcpkey.json ${DRONE_TAG}
environment:
GCP_KEY:
from_secret: gcp_key
GPG_KEY_PASSWORD:
from_secret: gpg_key_password
GPG_PRIV_KEY:
from_secret: gpg_priv_key
GPG_PUB_KEY:
from_secret: gpg_pub_key
GRAFANA_COM_API_KEY:
from_secret: grafana_api_key
depends_on:
- initialize
- name: publish-packages-enterprise
image: grafana/grafana-ci-deploy:1.3.1
commands:
- printenv GCP_KEY | base64 -d > /tmp/gcpkey.json
- ./bin/grabpl publish-packages --edition enterprise --gcp-key /tmp/gcpkey.json ${DRONE_TAG}
environment:
GCP_KEY:
from_secret: gcp_key
GPG_KEY_PASSWORD:
from_secret: gpg_key_password
GPG_PRIV_KEY:
from_secret: gpg_priv_key
GPG_PUB_KEY:
from_secret: gpg_pub_key
GRAFANA_COM_API_KEY:
from_secret: grafana_api_key
depends_on:
- initialize
node:
type: no-parallel
trigger:
ref:
- refs/tags/v*
depends_on:
- oss-build-release
- oss-windows-release
- enterprise-build-release
- enterprise-windows-release
---
kind: pipeline
type: docker
name: notify-release
platform:
os: linux
arch: amd64
steps:
- name: slack
image: plugins/slack
settings:
channel: grafana-ci-notifications
template: "Build {{build.number}} failed for commit: <https://github.com/{{repo.owner}}/{{repo.name}}/commit/{{build.commit}}|{{ truncate build.commit 8 }}>: {{build.link}}\nBranch: <https://github.com/{{ repo.owner }}/{{ repo.name }}/commits/{{ build.branch }}|{{ build.branch }}>\nAuthor: {{build.author}}"
webhook:
from_secret: slack_webhook
trigger:
ref:
- refs/tags/v*
status:
- failure
depends_on:
- oss-build-release
- oss-windows-release
- enterprise-build-release
- enterprise-windows-release
- publish-release
---
kind: pipeline
type: docker
name: oss-build-test-release
platform:
os: linux
arch: amd64
steps:
- name: identify-runner
image: alpine:3.14.1
commands:
- echo $DRONE_RUNNER_NAME
- name: initialize
image: grafana/build-container:1.4.1
commands:
- mkdir -p bin
- curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v2.4.0/grabpl
- chmod +x bin/grabpl
- ./bin/grabpl verify-drone
- ./bin/grabpl verify-version v7.3.0-test
- curl -fLO https://github.com/jwilder/dockerize/releases/download/v$${DOCKERIZE_VERSION}/dockerize-linux-amd64-v$${DOCKERIZE_VERSION}.tar.gz
- tar -C bin -xzvf dockerize-linux-amd64-v$${DOCKERIZE_VERSION}.tar.gz
- rm dockerize-linux-amd64-v$${DOCKERIZE_VERSION}.tar.gz
- yarn install --frozen-lockfile --no-progress
environment:
DOCKERIZE_VERSION: 0.6.1
- name: codespell
image: grafana/build-container:1.4.1
commands:
- "echo -e \"unknwon\nreferer\nerrorstring\neror\niam\nwan\" > words_to_ignore.txt"
- codespell -I words_to_ignore.txt docs/
depends_on:
- initialize
- name: shellcheck
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl shellcheck
depends_on:
- initialize
- name: lint-backend
image: grafana/build-container:1.4.1
commands:
- make gen-go
- ./bin/grabpl lint-backend --edition oss
environment:
CGO_ENABLED: 1
depends_on:
- initialize
- name: test-backend
image: grafana/build-container:1.4.1
commands:
- "[ $(grep FocusConvey -R pkg | wc -l) -eq \"0\" ] || exit 1"
- ./bin/grabpl test-backend --edition oss --tries 5
- ./bin/grabpl integration-tests --edition oss --tries 5
depends_on:
- lint-backend
- name: test-frontend
image: grafana/build-container:1.4.1
commands:
- yarn run ci:test-frontend
environment:
TEST_MAX_WORKERS: 50%
depends_on:
- lint-backend
- name: build-backend
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl build-backend --jobs 8 --edition oss --github-token $${GITHUB_TOKEN} --no-pull-enterprise v7.3.0-test
environment:
GITHUB_TOKEN:
from_secret: github_token
depends_on:
- test-backend
- name: build-frontend
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl build-frontend --jobs 8 --github-token $${GITHUB_TOKEN} --no-install-deps --edition oss --no-pull-enterprise v7.3.0-test
depends_on:
- test-frontend
- name: build-plugins
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl build-plugins --jobs 8 --edition oss --no-install-deps --sign --signing-admin
environment:
GRAFANA_API_KEY:
from_secret: grafana_api_key
depends_on:
- lint-backend
- name: validate-scuemata
image: grafana/build-container:1.4.1
commands:
- ./bin/linux-amd64/grafana-cli cue validate-schema --grafana-root .
depends_on:
- build-backend
- name: gen-version
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl gen-version v7.3.0-test
depends_on:
- build-plugins
- build-backend
- build-frontend
- codespell
- shellcheck
- name: package
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl package --jobs 8 --edition oss --github-token $${GITHUB_TOKEN} --no-pull-enterprise --sign v7.3.0-test
environment:
GITHUB_TOKEN:
from_secret: github_token
GPG_KEY_PASSWORD:
from_secret: gpg_key_password
GPG_PRIV_KEY:
from_secret: gpg_priv_key
GPG_PUB_KEY:
from_secret: gpg_pub_key
GRAFANA_API_KEY:
from_secret: grafana_api_key
depends_on:
- gen-version
- name: end-to-end-tests-server
image: grafana/build-container:1.4.1
detach: true
commands:
- ./e2e/start-server
environment:
PORT: 3001
depends_on:
- package
- name: end-to-end-tests
image: grafana/ci-e2e:12.19.0-1
commands:
- ./node_modules/.bin/cypress install
- ./bin/grabpl e2e-tests --port 3001 --tries 3
environment:
HOST: end-to-end-tests-server
depends_on:
- end-to-end-tests-server
- name: build-storybook
image: grafana/build-container:1.4.1
commands:
- yarn storybook:build
- ./bin/grabpl verify-storybook
environment:
NODE_OPTIONS: --max_old_space_size=4096
depends_on:
- package
- name: copy-packages-for-docker
image: grafana/build-container:1.4.1
commands:
- ls dist/*.tar.gz*
- cp dist/*.tar.gz* packaging/docker/
depends_on:
- end-to-end-tests-server
- name: build-docker-images
image: grafana/drone-grafana-docker:0.3.2
settings:
dry_run: true
edition: oss
depends_on:
- copy-packages-for-docker
- name: build-docker-images-ubuntu
image: grafana/drone-grafana-docker:0.3.2
settings:
dry_run: true
edition: oss
ubuntu: true
depends_on:
- copy-packages-for-docker
- name: postgres-integration-tests
image: grafana/build-container:1.4.1
commands:
- apt-get update
- apt-get install -yq postgresql-client
- ./bin/dockerize -wait tcp://postgres:5432 -timeout 120s
- psql -p 5432 -h postgres -U grafanatest -d grafanatest -f devenv/docker/blocks/postgres_tests/setup.sql
- go clean -testcache
- ./bin/grabpl integration-tests --database postgres
environment:
GRAFANA_TEST_DB: postgres
PGPASSWORD: grafanatest
POSTGRES_HOST: postgres
depends_on:
- test-backend
- test-frontend
- name: mysql-integration-tests
image: grafana/build-container:1.4.1
commands:
- apt-get update
- apt-get install -yq default-mysql-client
- ./bin/dockerize -wait tcp://mysql:3306 -timeout 120s
- cat devenv/docker/blocks/mysql_tests/setup.sql | mysql -h mysql -P 3306 -u root -prootpass
- go clean -testcache
- ./bin/grabpl integration-tests --database mysql
environment:
GRAFANA_TEST_DB: mysql
MYSQL_HOST: mysql
depends_on:
- test-backend
- test-frontend
- name: upload-cdn-assets
image: grafana/grafana-ci-deploy:1.3.1
commands:
- ./bin/grabpl upload-cdn --edition oss --bucket "grafana-static-assets"
environment:
GCP_GRAFANA_UPLOAD_KEY:
from_secret: gcp_key
depends_on:
- end-to-end-tests-server
- name: upload-packages
image: grafana/grafana-ci-deploy:1.3.1
commands:
- ./bin/grabpl upload-packages --edition oss --packages-bucket grafana-downloads-test
environment:
GCP_GRAFANA_UPLOAD_KEY:
from_secret: gcp_key
depends_on:
- end-to-end-tests
- mysql-integration-tests
- postgres-integration-tests
- name: publish-storybook
image: grafana/grafana-ci-deploy:1.3.1
commands:
- echo Testing release
environment:
GCP_KEY:
from_secret: gcp_key
depends_on:
- build-storybook
- end-to-end-tests
- name: release-npm-packages
image: grafana/build-container:1.4.1
environment:
GITHUB_PACKAGE_TOKEN:
from_secret: github_package_token
NPM_TOKEN:
from_secret: npm_token
depends_on:
- publish-storybook
services:
- name: postgres
image: postgres:12.3-alpine
environment:
POSTGRES_DB: grafanatest
POSTGRES_PASSWORD: grafanatest
POSTGRES_USER: grafanatest
- name: mysql
image: mysql:5.6.48
environment:
MYSQL_DATABASE: grafana_tests
MYSQL_PASSWORD: password
MYSQL_ROOT_PASSWORD: rootpass
MYSQL_USER: grafana
node:
type: no-parallel
trigger:
event:
- custom
---
kind: pipeline
type: docker
name: oss-windows-test-release
platform:
os: windows
arch: amd64
version: 1809
steps:
- name: identify-runner
image: mcr.microsoft.com/windows:1809
commands:
- echo $env:DRONE_RUNNER_NAME
- name: initialize
image: grafana/ci-wix:0.1.1
commands:
- $$ProgressPreference = "SilentlyContinue"
- Invoke-WebRequest https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v2.4.0/windows/grabpl.exe -OutFile grabpl.exe
- name: build-windows-installer
image: grafana/ci-wix:0.1.1
commands:
- $$gcpKey = $$env:GCP_KEY
- "[System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($$gcpKey)) > gcpkey.json"
- dos2unix gcpkey.json
- gcloud auth activate-service-account --key-file=gcpkey.json
- rm gcpkey.json
- cp C:\App\nssm-2.24.zip .
- .\grabpl.exe windows-installer --edition oss --packages-bucket grafana-downloads-test v7.3.0-test
- $$fname = ((Get-Childitem grafana*.msi -name) -split "`n")[0]
- gsutil cp $$fname gs://grafana-downloads-test/oss/release/
- gsutil cp "$$fname.sha256" gs://grafana-downloads-test/oss/release/
environment:
GCP_KEY:
from_secret: gcp_key
depends_on:
- initialize
trigger:
event:
- custom
depends_on:
- oss-build-test-release
---
kind: pipeline
type: docker
name: enterprise-build-test-release
platform:
os: linux
arch: amd64
clone:
disable: true
steps:
- name: identify-runner
image: alpine:3.14.1
commands:
- echo $DRONE_RUNNER_NAME
- name: clone
image: grafana/build-container:1.4.1
commands:
- mkdir -p bin
- curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v2.4.0/grabpl
- chmod +x bin/grabpl
- git clone "https://$${GITHUB_TOKEN}@github.com/grafana/grafana-enterprise.git"
- cd grafana-enterprise
- git checkout main
environment:
GITHUB_TOKEN:
from_secret: github_token
- name: initialize
image: grafana/build-container:1.4.1
commands:
- mv bin/grabpl /tmp/
- rmdir bin
- mv grafana-enterprise /tmp/
- /tmp/grabpl init-enterprise /tmp/grafana-enterprise
- mv /tmp/grafana-enterprise/deployment_tools_config.json deployment_tools_config.json
- mkdir bin
- mv /tmp/grabpl bin/
- ./bin/grabpl verify-drone
- ./bin/grabpl verify-version v7.3.0-test
- curl -fLO https://github.com/jwilder/dockerize/releases/download/v$${DOCKERIZE_VERSION}/dockerize-linux-amd64-v$${DOCKERIZE_VERSION}.tar.gz
- tar -C bin -xzvf dockerize-linux-amd64-v$${DOCKERIZE_VERSION}.tar.gz
- rm dockerize-linux-amd64-v$${DOCKERIZE_VERSION}.tar.gz
- yarn install --frozen-lockfile --no-progress
environment:
DOCKERIZE_VERSION: 0.6.1
depends_on:
- clone
- name: codespell
image: grafana/build-container:1.4.1
commands:
- "echo -e \"unknwon\nreferer\nerrorstring\neror\niam\nwan\" > words_to_ignore.txt"
- codespell -I words_to_ignore.txt docs/
depends_on:
- initialize
- name: shellcheck
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl shellcheck
depends_on:
- initialize
- name: lint-backend
image: grafana/build-container:1.4.1
commands:
- make gen-go
- ./bin/grabpl lint-backend --edition enterprise
environment:
CGO_ENABLED: 1
depends_on:
- initialize
- name: test-backend
image: grafana/build-container:1.4.1
commands:
- "[ $(grep FocusConvey -R pkg | wc -l) -eq \"0\" ] || exit 1"
- ./bin/grabpl test-backend --edition enterprise --tries 5
- ./bin/grabpl integration-tests --edition enterprise --tries 5
depends_on:
- lint-backend
- name: test-frontend
image: grafana/build-container:1.4.1
commands:
- yarn run ci:test-frontend
environment:
TEST_MAX_WORKERS: 50%
depends_on:
- lint-backend
- name: build-backend
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl build-backend --jobs 8 --edition enterprise --github-token $${GITHUB_TOKEN} --no-pull-enterprise v7.3.0-test
environment:
GITHUB_TOKEN:
from_secret: github_token
depends_on:
- test-backend
- name: build-frontend
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl build-frontend --jobs 8 --github-token $${GITHUB_TOKEN} --no-install-deps --edition enterprise --no-pull-enterprise v7.3.0-test
depends_on:
- test-frontend
- name: build-plugins
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl build-plugins --jobs 8 --edition enterprise --no-install-deps --sign --signing-admin
environment:
GRAFANA_API_KEY:
from_secret: grafana_api_key
depends_on:
- lint-backend
- name: validate-scuemata
image: grafana/build-container:1.4.1
commands:
- ./bin/linux-amd64/grafana-cli cue validate-schema --grafana-root .
depends_on:
- build-backend
- name: lint-backend-enterprise2
image: grafana/build-container:1.4.1
commands:
- make gen-go
- ./bin/grabpl lint-backend --edition enterprise2
environment:
CGO_ENABLED: 1
depends_on:
- initialize
- name: test-backend-enterprise2
image: grafana/build-container:1.4.1
commands:
- "[ $(grep FocusConvey -R pkg | wc -l) -eq \"0\" ] || exit 1"
- ./bin/grabpl test-backend --edition enterprise2 --tries 5
- ./bin/grabpl integration-tests --edition enterprise2 --tries 5
depends_on:
- lint-backend
- name: build-backend-enterprise2
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl build-backend --jobs 8 --edition enterprise2 --github-token $${GITHUB_TOKEN} --no-pull-enterprise v7.3.0-test
environment:
GITHUB_TOKEN:
from_secret: github_token
depends_on:
- test-backend-enterprise2
- name: gen-version
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl gen-version v7.3.0-test
depends_on:
- build-plugins
- build-backend
- build-frontend
- codespell
- shellcheck
- build-backend-enterprise2
- test-backend-enterprise2
- name: package
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl package --jobs 8 --edition enterprise --github-token $${GITHUB_TOKEN} --no-pull-enterprise --sign v7.3.0-test
environment:
GITHUB_TOKEN:
from_secret: github_token
GPG_KEY_PASSWORD:
from_secret: gpg_key_password
GPG_PRIV_KEY:
from_secret: gpg_priv_key
GPG_PUB_KEY:
from_secret: gpg_pub_key
GRAFANA_API_KEY:
from_secret: grafana_api_key
depends_on:
- gen-version
- name: end-to-end-tests-server
image: grafana/build-container:1.4.1
detach: true
commands:
- ./e2e/start-server
environment:
PACKAGE_FILE: dist/grafana-enterprise-*linux-amd64.tar.gz
PORT: 3001
RUNDIR: e2e/tmp-grafana-enterprise
depends_on:
- package
- name: end-to-end-tests
image: grafana/ci-e2e:12.19.0-1
commands:
- ./node_modules/.bin/cypress install
- ./bin/grabpl e2e-tests --port 3001 --tries 3
environment:
HOST: end-to-end-tests-server
depends_on:
- end-to-end-tests-server
- name: copy-packages-for-docker
image: grafana/build-container:1.4.1
commands:
- ls dist/*.tar.gz*
- cp dist/*.tar.gz* packaging/docker/
depends_on:
- end-to-end-tests-server
- name: build-docker-images
image: grafana/drone-grafana-docker:0.3.2
settings:
dry_run: true
edition: enterprise
depends_on:
- copy-packages-for-docker
- name: build-docker-images-ubuntu
image: grafana/drone-grafana-docker:0.3.2
settings:
dry_run: true
edition: enterprise
ubuntu: true
depends_on:
- copy-packages-for-docker
- name: postgres-integration-tests
image: grafana/build-container:1.4.1
commands:
- apt-get update
- apt-get install -yq postgresql-client
- ./bin/dockerize -wait tcp://postgres:5432 -timeout 120s
- psql -p 5432 -h postgres -U grafanatest -d grafanatest -f devenv/docker/blocks/postgres_tests/setup.sql
- go clean -testcache
- ./bin/grabpl integration-tests --database postgres
environment:
GRAFANA_TEST_DB: postgres
PGPASSWORD: grafanatest
POSTGRES_HOST: postgres
depends_on:
- test-backend
- test-frontend
- name: mysql-integration-tests
image: grafana/build-container:1.4.1
commands:
- apt-get update
- apt-get install -yq default-mysql-client
- ./bin/dockerize -wait tcp://mysql:3306 -timeout 120s
- cat devenv/docker/blocks/mysql_tests/setup.sql | mysql -h mysql -P 3306 -u root -prootpass
- go clean -testcache
- ./bin/grabpl integration-tests --database mysql
environment:
GRAFANA_TEST_DB: mysql
MYSQL_HOST: mysql
depends_on:
- test-backend
- test-frontend
- name: redis-integration-tests
image: grafana/build-container:1.4.1
commands:
- ./bin/dockerize -wait tcp://redis:6379/0 -timeout 120s
- ./bin/grabpl integration-tests
environment:
REDIS_URL: redis://redis:6379/0
depends_on:
- test-backend
- test-frontend
- name: memcached-integration-tests
image: grafana/build-container:1.4.1
commands:
- ./bin/dockerize -wait tcp://memcached:11211 -timeout 120s
- ./bin/grabpl integration-tests
environment:
MEMCACHED_HOSTS: memcached:11211
depends_on:
- test-backend
- test-frontend
- name: upload-cdn-assets
image: grafana/grafana-ci-deploy:1.3.1
commands:
- ./bin/grabpl upload-cdn --edition enterprise --bucket "grafana-static-assets"
environment:
GCP_GRAFANA_UPLOAD_KEY:
from_secret: gcp_key
depends_on:
- end-to-end-tests-server
- name: upload-packages
image: grafana/grafana-ci-deploy:1.3.1
commands:
- ./bin/grabpl upload-packages --edition enterprise --packages-bucket grafana-downloads-test
environment:
GCP_GRAFANA_UPLOAD_KEY:
from_secret: gcp_key
depends_on:
- end-to-end-tests
- mysql-integration-tests
- postgres-integration-tests
- redis-integration-tests
- memcached-integration-tests
- name: package-enterprise2
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl package --jobs 8 --edition enterprise2 --github-token $${GITHUB_TOKEN} --no-pull-enterprise --sign v7.3.0-test
environment:
GITHUB_TOKEN:
from_secret: github_token
GPG_KEY_PASSWORD:
from_secret: gpg_key_password
GPG_PRIV_KEY:
from_secret: gpg_priv_key
GPG_PUB_KEY:
from_secret: gpg_pub_key
GRAFANA_API_KEY:
from_secret: grafana_api_key
depends_on:
- gen-version
- name: end-to-end-tests-server-enterprise2
image: grafana/build-container:1.4.1
detach: true
commands:
- ./e2e/start-server
environment:
PACKAGE_FILE: dist/grafana-enterprise2-*linux-amd64.tar.gz
PORT: 3002
RUNDIR: e2e/tmp-grafana-enterprise2
depends_on:
- package-enterprise2
- name: end-to-end-tests-enterprise2
image: grafana/ci-e2e:12.19.0-1
commands:
- ./node_modules/.bin/cypress install
- ./bin/grabpl e2e-tests --port 3002 --tries 3
environment:
HOST: end-to-end-tests-server-enterprise2
depends_on:
- end-to-end-tests-server-enterprise2
- name: upload-cdn-assets-enterprise2
image: grafana/grafana-ci-deploy:1.3.1
commands:
- ./bin/grabpl upload-cdn --edition enterprise2 --bucket "grafana-static-assets"
environment:
GCP_GRAFANA_UPLOAD_KEY:
from_secret: gcp_key
depends_on:
- end-to-end-tests-server-enterprise2
- name: upload-packages-enterprise2
image: grafana/grafana-ci-deploy:1.3.1
commands:
- ./bin/grabpl upload-packages --edition enterprise2 --packages-bucket grafana-downloads-test
environment:
GCP_GRAFANA_UPLOAD_KEY:
from_secret: gcp_key
depends_on:
- end-to-end-tests-enterprise2
- mysql-integration-tests
- postgres-integration-tests
- redis-integration-tests
- memcached-integration-tests
services:
- name: postgres
image: postgres:12.3-alpine
environment:
POSTGRES_DB: grafanatest
POSTGRES_PASSWORD: grafanatest
POSTGRES_USER: grafanatest
- name: mysql
image: mysql:5.6.48
environment:
MYSQL_DATABASE: grafana_tests
MYSQL_PASSWORD: password
MYSQL_ROOT_PASSWORD: rootpass
MYSQL_USER: grafana
- name: redis
image: redis:6.2.1-alpine
- name: memcached
image: memcached:1.6.9-alpine
image_pull_secrets:
- dockerconfigjson
node:
type: no-parallel
trigger:
event:
- custom
---
kind: pipeline
type: docker
name: enterprise-windows-test-release
platform:
os: windows
arch: amd64
version: 1809
clone:
disable: true
steps:
- name: identify-runner
image: mcr.microsoft.com/windows:1809
commands:
- echo $env:DRONE_RUNNER_NAME
- name: clone
image: grafana/ci-wix:0.1.1
commands:
- $$ProgressPreference = "SilentlyContinue"
- Invoke-WebRequest https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v2.4.0/windows/grabpl.exe -OutFile grabpl.exe
- git clone "https://$$env:GITHUB_TOKEN@github.com/grafana/grafana-enterprise.git"
- cd grafana-enterprise
- git checkout main
environment:
GITHUB_TOKEN:
from_secret: github_token
- name: initialize
image: grafana/ci-wix:0.1.1
commands:
- cp -r grafana-enterprise C:\App\grafana-enterprise
- rm -r -force grafana-enterprise
- cp grabpl.exe C:\App\grabpl.exe
- rm -force grabpl.exe
- C:\App\grabpl.exe init-enterprise C:\App\grafana-enterprise
- cp C:\App\grabpl.exe grabpl.exe
depends_on:
- clone
- name: build-windows-installer
image: grafana/ci-wix:0.1.1
commands:
- $$gcpKey = $$env:GCP_KEY
- "[System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($$gcpKey)) > gcpkey.json"
- dos2unix gcpkey.json
- gcloud auth activate-service-account --key-file=gcpkey.json
- rm gcpkey.json
- cp C:\App\nssm-2.24.zip .
- .\grabpl.exe windows-installer --edition enterprise --packages-bucket grafana-downloads-test v7.3.0-test
- $$fname = ((Get-Childitem grafana*.msi -name) -split "`n")[0]
- gsutil cp $$fname gs://grafana-downloads-test/enterprise/release/
- gsutil cp "$$fname.sha256" gs://grafana-downloads-test/enterprise/release/
environment:
GCP_KEY:
from_secret: gcp_key
depends_on:
- initialize
image_pull_secrets:
- dockerconfigjson
trigger:
event:
- custom
depends_on:
- enterprise-build-test-release
---
kind: pipeline
type: docker
name: publish-test-release
platform:
os: linux
arch: amd64
steps:
- name: identify-runner
image: alpine:3.14.1
commands:
- echo $DRONE_RUNNER_NAME
- name: initialize
image: grafana/build-container:1.4.1
commands:
- mkdir -p bin
- curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v2.4.0/grabpl
- chmod +x bin/grabpl
- ./bin/grabpl verify-drone
- ./bin/grabpl verify-version v7.3.0-test
environment:
DOCKERIZE_VERSION: 0.6.1
- name: publish-packages-oss
image: grafana/grafana-ci-deploy:1.3.1
commands:
- printenv GCP_KEY | base64 -d > /tmp/gcpkey.json
- ./bin/grabpl publish-packages --edition oss --gcp-key /tmp/gcpkey.json --deb-db-bucket grafana-testing-aptly-db --deb-repo-bucket grafana-testing-repo --packages-bucket grafana-downloads-test --rpm-repo-bucket grafana-testing-repo --simulate-release v7.3.0-test
environment:
GCP_KEY:
from_secret: gcp_key
GPG_KEY_PASSWORD:
from_secret: gpg_key_password
GPG_PRIV_KEY:
from_secret: gpg_priv_key
GPG_PUB_KEY:
from_secret: gpg_pub_key
GRAFANA_COM_API_KEY:
from_secret: grafana_api_key
depends_on:
- initialize
- name: publish-packages-enterprise
image: grafana/grafana-ci-deploy:1.3.1
commands:
- printenv GCP_KEY | base64 -d > /tmp/gcpkey.json
- ./bin/grabpl publish-packages --edition enterprise --gcp-key /tmp/gcpkey.json --deb-db-bucket grafana-testing-aptly-db --deb-repo-bucket grafana-testing-repo --packages-bucket grafana-downloads-test --rpm-repo-bucket grafana-testing-repo --simulate-release v7.3.0-test
environment:
GCP_KEY:
from_secret: gcp_key
GPG_KEY_PASSWORD:
from_secret: gpg_key_password
GPG_PRIV_KEY:
from_secret: gpg_priv_key
GPG_PUB_KEY:
from_secret: gpg_pub_key
GRAFANA_COM_API_KEY:
from_secret: grafana_api_key
depends_on:
- initialize
node:
type: no-parallel
trigger:
event:
- custom
depends_on:
- oss-build-test-release
- oss-windows-test-release
- enterprise-build-test-release
- enterprise-windows-test-release
---
kind: pipeline
type: docker
name: notify-test-release
platform:
os: linux
arch: amd64
steps:
- name: slack
image: plugins/slack
settings:
channel: grafana-ci-notifications
template: "Build {{build.number}} failed for commit: <https://github.com/{{repo.owner}}/{{repo.name}}/commit/{{build.commit}}|{{ truncate build.commit 8 }}>: {{build.link}}\nBranch: <https://github.com/{{ repo.owner }}/{{ repo.name }}/commits/{{ build.branch }}|{{ build.branch }}>\nAuthor: {{build.author}}"
webhook:
from_secret: slack_webhook
trigger:
event:
- custom
status:
- failure
depends_on:
- oss-build-test-release
- oss-windows-test-release
- enterprise-build-test-release
- enterprise-windows-test-release
- publish-test-release
---
kind: pipeline
type: docker
name: oss-build-release-branch
platform:
os: linux
arch: amd64
steps:
- name: identify-runner
image: alpine:3.14.1
commands:
- echo $DRONE_RUNNER_NAME
- name: initialize
image: grafana/build-container:1.4.1
commands:
- mkdir -p bin
- curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v2.4.0/grabpl
- chmod +x bin/grabpl
- ./bin/grabpl verify-drone
- curl -fLO https://github.com/jwilder/dockerize/releases/download/v$${DOCKERIZE_VERSION}/dockerize-linux-amd64-v$${DOCKERIZE_VERSION}.tar.gz
- tar -C bin -xzvf dockerize-linux-amd64-v$${DOCKERIZE_VERSION}.tar.gz
- rm dockerize-linux-amd64-v$${DOCKERIZE_VERSION}.tar.gz
- yarn install --frozen-lockfile --no-progress
environment:
DOCKERIZE_VERSION: 0.6.1
- name: codespell
image: grafana/build-container:1.4.1
commands:
- "echo -e \"unknwon\nreferer\nerrorstring\neror\niam\nwan\" > words_to_ignore.txt"
- codespell -I words_to_ignore.txt docs/
depends_on:
- initialize
- name: shellcheck
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl shellcheck
depends_on:
- initialize
- name: lint-backend
image: grafana/build-container:1.4.1
commands:
- make gen-go
- ./bin/grabpl lint-backend --edition oss
environment:
CGO_ENABLED: 1
depends_on:
- initialize
- name: test-backend
image: grafana/build-container:1.4.1
commands:
- "[ $(grep FocusConvey -R pkg | wc -l) -eq \"0\" ] || exit 1"
- ./bin/grabpl test-backend --edition oss
- ./bin/grabpl integration-tests --edition oss
depends_on:
- lint-backend
- name: test-frontend
image: grafana/build-container:1.4.1
commands:
- yarn run ci:test-frontend
environment:
TEST_MAX_WORKERS: 50%
depends_on:
- lint-backend
- name: build-backend
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl build-backend --jobs 8 --edition oss --build-id ${DRONE_BUILD_NUMBER} --no-pull-enterprise
depends_on:
- test-backend
- name: build-frontend
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl build-frontend --jobs 8 --no-install-deps --edition oss --build-id ${DRONE_BUILD_NUMBER} --no-pull-enterprise
depends_on:
- test-frontend
- name: build-plugins
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl build-plugins --jobs 8 --edition oss --no-install-deps --sign --signing-admin
environment:
GRAFANA_API_KEY:
from_secret: grafana_api_key
depends_on:
- lint-backend
- name: validate-scuemata
image: grafana/build-container:1.4.1
commands:
- ./bin/linux-amd64/grafana-cli cue validate-schema --grafana-root .
depends_on:
- build-backend
- name: gen-version
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl gen-version --build-id ${DRONE_BUILD_NUMBER}
depends_on:
- build-plugins
- build-backend
- build-frontend
- codespell
- shellcheck
- name: package
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl package --jobs 8 --edition oss --build-id ${DRONE_BUILD_NUMBER} --no-pull-enterprise --sign
environment:
GITHUB_TOKEN:
from_secret: github_token
GPG_KEY_PASSWORD:
from_secret: gpg_key_password
GPG_PRIV_KEY:
from_secret: gpg_priv_key
GPG_PUB_KEY:
from_secret: gpg_pub_key
GRAFANA_API_KEY:
from_secret: grafana_api_key
depends_on:
- gen-version
- name: end-to-end-tests-server
image: grafana/build-container:1.4.1
detach: true
commands:
- ./e2e/start-server
environment:
PORT: 3001
depends_on:
- package
- name: end-to-end-tests
image: grafana/ci-e2e:12.19.0-1
commands:
- ./node_modules/.bin/cypress install
- ./bin/grabpl e2e-tests --port 3001 --tries 3
environment:
HOST: end-to-end-tests-server
depends_on:
- end-to-end-tests-server
- name: build-storybook
image: grafana/build-container:1.4.1
commands:
- yarn storybook:build
- ./bin/grabpl verify-storybook
environment:
NODE_OPTIONS: --max_old_space_size=4096
depends_on:
- package
- name: copy-packages-for-docker
image: grafana/build-container:1.4.1
commands:
- ls dist/*.tar.gz*
- cp dist/*.tar.gz* packaging/docker/
depends_on:
- end-to-end-tests-server
- name: build-docker-images
image: grafana/drone-grafana-docker:0.3.2
settings:
dry_run: true
edition: oss
depends_on:
- copy-packages-for-docker
- name: build-docker-images-ubuntu
image: grafana/drone-grafana-docker:0.3.2
settings:
dry_run: true
edition: oss
ubuntu: true
depends_on:
- copy-packages-for-docker
- name: postgres-integration-tests
image: grafana/build-container:1.4.1
commands:
- apt-get update
- apt-get install -yq postgresql-client
- ./bin/dockerize -wait tcp://postgres:5432 -timeout 120s
- psql -p 5432 -h postgres -U grafanatest -d grafanatest -f devenv/docker/blocks/postgres_tests/setup.sql
- go clean -testcache
- ./bin/grabpl integration-tests --database postgres
environment:
GRAFANA_TEST_DB: postgres
PGPASSWORD: grafanatest
POSTGRES_HOST: postgres
depends_on:
- test-backend
- test-frontend
- name: mysql-integration-tests
image: grafana/build-container:1.4.1
commands:
- apt-get update
- apt-get install -yq default-mysql-client
- ./bin/dockerize -wait tcp://mysql:3306 -timeout 120s
- cat devenv/docker/blocks/mysql_tests/setup.sql | mysql -h mysql -P 3306 -u root -prootpass
- go clean -testcache
- ./bin/grabpl integration-tests --database mysql
environment:
GRAFANA_TEST_DB: mysql
MYSQL_HOST: mysql
depends_on:
- test-backend
- test-frontend
- name: upload-cdn-assets
image: grafana/grafana-ci-deploy:1.3.1
commands:
- ./bin/grabpl upload-cdn --edition oss --bucket "grafana-static-assets"
environment:
GCP_GRAFANA_UPLOAD_KEY:
from_secret: gcp_key
depends_on:
- end-to-end-tests-server
- name: upload-packages
image: grafana/grafana-ci-deploy:1.3.1
commands:
- ./bin/grabpl upload-packages --edition oss --packages-bucket grafana-downloads
environment:
GCP_GRAFANA_UPLOAD_KEY:
from_secret: gcp_key
depends_on:
- end-to-end-tests
- mysql-integration-tests
- postgres-integration-tests
services:
- name: postgres
image: postgres:12.3-alpine
environment:
POSTGRES_DB: grafanatest
POSTGRES_PASSWORD: grafanatest
POSTGRES_USER: grafanatest
- name: mysql
image: mysql:5.6.48
environment:
MYSQL_DATABASE: grafana_tests
MYSQL_PASSWORD: password
MYSQL_ROOT_PASSWORD: rootpass
MYSQL_USER: grafana
node:
type: no-parallel
trigger:
ref:
- refs/heads/v[0-9]*
---
kind: pipeline
type: docker
name: oss-windows-release-branch
platform:
os: windows
arch: amd64
version: 1809
steps:
- name: identify-runner
image: mcr.microsoft.com/windows:1809
commands:
- echo $env:DRONE_RUNNER_NAME
- name: initialize
image: grafana/ci-wix:0.1.1
commands:
- $$ProgressPreference = "SilentlyContinue"
- Invoke-WebRequest https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v2.4.0/windows/grabpl.exe -OutFile grabpl.exe
- name: build-windows-installer
image: grafana/ci-wix:0.1.1
commands:
- $$gcpKey = $$env:GCP_KEY
- "[System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($$gcpKey)) > gcpkey.json"
- dos2unix gcpkey.json
- gcloud auth activate-service-account --key-file=gcpkey.json
- rm gcpkey.json
- cp C:\App\nssm-2.24.zip .
environment:
GCP_KEY:
from_secret: gcp_key
depends_on:
- initialize
trigger:
ref:
- refs/heads/v[0-9]*
depends_on:
- oss-build-release-branch
---
kind: pipeline
type: docker
name: enterprise-build-release-branch
platform:
os: linux
arch: amd64
clone:
disable: true
steps:
- name: identify-runner
image: alpine:3.14.1
commands:
- echo $DRONE_RUNNER_NAME
- name: clone
image: grafana/build-container:1.4.1
commands:
- mkdir -p bin
- curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v2.4.0/grabpl
- chmod +x bin/grabpl
- git clone "https://$${GITHUB_TOKEN}@github.com/grafana/grafana-enterprise.git"
- cd grafana-enterprise
- git checkout ${DRONE_BRANCH}
environment:
GITHUB_TOKEN:
from_secret: github_token
- name: initialize
image: grafana/build-container:1.4.1
commands:
- mv bin/grabpl /tmp/
- rmdir bin
- mv grafana-enterprise /tmp/
- /tmp/grabpl init-enterprise /tmp/grafana-enterprise
- mv /tmp/grafana-enterprise/deployment_tools_config.json deployment_tools_config.json
- mkdir bin
- mv /tmp/grabpl bin/
- ./bin/grabpl verify-drone
- curl -fLO https://github.com/jwilder/dockerize/releases/download/v$${DOCKERIZE_VERSION}/dockerize-linux-amd64-v$${DOCKERIZE_VERSION}.tar.gz
- tar -C bin -xzvf dockerize-linux-amd64-v$${DOCKERIZE_VERSION}.tar.gz
- rm dockerize-linux-amd64-v$${DOCKERIZE_VERSION}.tar.gz
- yarn install --frozen-lockfile --no-progress
environment:
DOCKERIZE_VERSION: 0.6.1
depends_on:
- clone
- name: codespell
image: grafana/build-container:1.4.1
commands:
- "echo -e \"unknwon\nreferer\nerrorstring\neror\niam\nwan\" > words_to_ignore.txt"
- codespell -I words_to_ignore.txt docs/
depends_on:
- initialize
- name: shellcheck
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl shellcheck
depends_on:
- initialize
- name: lint-backend
image: grafana/build-container:1.4.1
commands:
- make gen-go
- ./bin/grabpl lint-backend --edition enterprise
environment:
CGO_ENABLED: 1
depends_on:
- initialize
- name: test-backend
image: grafana/build-container:1.4.1
commands:
- "[ $(grep FocusConvey -R pkg | wc -l) -eq \"0\" ] || exit 1"
- ./bin/grabpl test-backend --edition enterprise
- ./bin/grabpl integration-tests --edition enterprise
depends_on:
- lint-backend
- name: test-frontend
image: grafana/build-container:1.4.1
commands:
- yarn run ci:test-frontend
environment:
TEST_MAX_WORKERS: 50%
depends_on:
- lint-backend
- name: build-backend
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl build-backend --jobs 8 --edition enterprise --build-id ${DRONE_BUILD_NUMBER} --no-pull-enterprise
depends_on:
- test-backend
- name: build-frontend
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl build-frontend --jobs 8 --no-install-deps --edition enterprise --build-id ${DRONE_BUILD_NUMBER} --no-pull-enterprise
depends_on:
- test-frontend
- name: build-plugins
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl build-plugins --jobs 8 --edition enterprise --no-install-deps --sign --signing-admin
environment:
GRAFANA_API_KEY:
from_secret: grafana_api_key
depends_on:
- lint-backend
- name: validate-scuemata
image: grafana/build-container:1.4.1
commands:
- ./bin/linux-amd64/grafana-cli cue validate-schema --grafana-root .
depends_on:
- build-backend
- name: lint-backend-enterprise2
image: grafana/build-container:1.4.1
commands:
- make gen-go
- ./bin/grabpl lint-backend --edition enterprise2
environment:
CGO_ENABLED: 1
depends_on:
- initialize
- name: test-backend-enterprise2
image: grafana/build-container:1.4.1
commands:
- "[ $(grep FocusConvey -R pkg | wc -l) -eq \"0\" ] || exit 1"
- ./bin/grabpl test-backend --edition enterprise2
- ./bin/grabpl integration-tests --edition enterprise2
depends_on:
- lint-backend
- name: build-backend-enterprise2
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl build-backend --jobs 8 --edition enterprise2 --build-id ${DRONE_BUILD_NUMBER} --variants linux-x64 --no-pull-enterprise
depends_on:
- test-backend-enterprise2
- name: gen-version
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl gen-version --build-id ${DRONE_BUILD_NUMBER}
depends_on:
- build-plugins
- build-backend
- build-frontend
- codespell
- shellcheck
- build-backend-enterprise2
- test-backend-enterprise2
- name: package
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl package --jobs 8 --edition enterprise --build-id ${DRONE_BUILD_NUMBER} --no-pull-enterprise --sign
environment:
GITHUB_TOKEN:
from_secret: github_token
GPG_KEY_PASSWORD:
from_secret: gpg_key_password
GPG_PRIV_KEY:
from_secret: gpg_priv_key
GPG_PUB_KEY:
from_secret: gpg_pub_key
GRAFANA_API_KEY:
from_secret: grafana_api_key
depends_on:
- gen-version
- name: end-to-end-tests-server
image: grafana/build-container:1.4.1
detach: true
commands:
- ./e2e/start-server
environment:
PACKAGE_FILE: dist/grafana-enterprise-*linux-amd64.tar.gz
PORT: 3001
RUNDIR: e2e/tmp-grafana-enterprise
depends_on:
- package
- name: end-to-end-tests
image: grafana/ci-e2e:12.19.0-1
commands:
- ./node_modules/.bin/cypress install
- ./bin/grabpl e2e-tests --port 3001 --tries 3
environment:
HOST: end-to-end-tests-server
depends_on:
- end-to-end-tests-server
- name: build-storybook
image: grafana/build-container:1.4.1
commands:
- yarn storybook:build
- ./bin/grabpl verify-storybook
environment:
NODE_OPTIONS: --max_old_space_size=4096
depends_on:
- package
- name: copy-packages-for-docker
image: grafana/build-container:1.4.1
commands:
- ls dist/*.tar.gz*
- cp dist/*.tar.gz* packaging/docker/
depends_on:
- end-to-end-tests-server
- name: build-docker-images
image: grafana/drone-grafana-docker:0.3.2
settings:
dry_run: true
edition: enterprise
depends_on:
- copy-packages-for-docker
- name: build-docker-images-ubuntu
image: grafana/drone-grafana-docker:0.3.2
settings:
dry_run: true
edition: enterprise
ubuntu: true
depends_on:
- copy-packages-for-docker
- name: postgres-integration-tests
image: grafana/build-container:1.4.1
commands:
- apt-get update
- apt-get install -yq postgresql-client
- ./bin/dockerize -wait tcp://postgres:5432 -timeout 120s
- psql -p 5432 -h postgres -U grafanatest -d grafanatest -f devenv/docker/blocks/postgres_tests/setup.sql
- go clean -testcache
- ./bin/grabpl integration-tests --database postgres
environment:
GRAFANA_TEST_DB: postgres
PGPASSWORD: grafanatest
POSTGRES_HOST: postgres
depends_on:
- test-backend
- test-frontend
- name: mysql-integration-tests
image: grafana/build-container:1.4.1
commands:
- apt-get update
- apt-get install -yq default-mysql-client
- ./bin/dockerize -wait tcp://mysql:3306 -timeout 120s
- cat devenv/docker/blocks/mysql_tests/setup.sql | mysql -h mysql -P 3306 -u root -prootpass
- go clean -testcache
- ./bin/grabpl integration-tests --database mysql
environment:
GRAFANA_TEST_DB: mysql
MYSQL_HOST: mysql
depends_on:
- test-backend
- test-frontend
- name: redis-integration-tests
image: grafana/build-container:1.4.1
commands:
- ./bin/dockerize -wait tcp://redis:6379/0 -timeout 120s
- ./bin/grabpl integration-tests
environment:
REDIS_URL: redis://redis:6379/0
depends_on:
- test-backend
- test-frontend
- name: memcached-integration-tests
image: grafana/build-container:1.4.1
commands:
- ./bin/dockerize -wait tcp://memcached:11211 -timeout 120s
- ./bin/grabpl integration-tests
environment:
MEMCACHED_HOSTS: memcached:11211
depends_on:
- test-backend
- test-frontend
- name: upload-cdn-assets
image: grafana/grafana-ci-deploy:1.3.1
commands:
- ./bin/grabpl upload-cdn --edition enterprise --bucket "grafana-static-assets"
environment:
GCP_GRAFANA_UPLOAD_KEY:
from_secret: gcp_key
depends_on:
- end-to-end-tests-server
- name: upload-packages
image: grafana/grafana-ci-deploy:1.3.1
commands:
- ./bin/grabpl upload-packages --edition enterprise --packages-bucket grafana-downloads
environment:
GCP_GRAFANA_UPLOAD_KEY:
from_secret: gcp_key
depends_on:
- end-to-end-tests
- mysql-integration-tests
- postgres-integration-tests
- redis-integration-tests
- memcached-integration-tests
- name: package-enterprise2
image: grafana/build-container:1.4.1
commands:
- ./bin/grabpl package --jobs 8 --edition enterprise2 --build-id ${DRONE_BUILD_NUMBER} --no-pull-enterprise --variants linux-x64 --sign
environment:
GITHUB_TOKEN:
from_secret: github_token
GPG_KEY_PASSWORD:
from_secret: gpg_key_password
GPG_PRIV_KEY:
from_secret: gpg_priv_key
GPG_PUB_KEY:
from_secret: gpg_pub_key
GRAFANA_API_KEY:
from_secret: grafana_api_key
depends_on:
- gen-version
- name: end-to-end-tests-server-enterprise2
image: grafana/build-container:1.4.1
detach: true
commands:
- ./e2e/start-server
environment:
PACKAGE_FILE: dist/grafana-enterprise2-*linux-amd64.tar.gz
PORT: 3002
RUNDIR: e2e/tmp-grafana-enterprise2
depends_on:
- package-enterprise2
- name: end-to-end-tests-enterprise2
image: grafana/ci-e2e:12.19.0-1
commands:
- ./node_modules/.bin/cypress install
- ./bin/grabpl e2e-tests --port 3002 --tries 3
environment:
HOST: end-to-end-tests-server-enterprise2
depends_on:
- end-to-end-tests-server-enterprise2
- name: upload-cdn-assets-enterprise2
image: grafana/grafana-ci-deploy:1.3.1
commands:
- ./bin/grabpl upload-cdn --edition enterprise2 --bucket "grafana-static-assets"
environment:
GCP_GRAFANA_UPLOAD_KEY:
from_secret: gcp_key
depends_on:
- end-to-end-tests-server-enterprise2
- name: upload-packages-enterprise2
image: grafana/grafana-ci-deploy:1.3.1
commands:
- ./bin/grabpl upload-packages --edition enterprise2 --packages-bucket grafana-downloads-enterprise2
environment:
GCP_GRAFANA_UPLOAD_KEY:
from_secret: gcp_key
depends_on:
- end-to-end-tests-enterprise2
- mysql-integration-tests
- postgres-integration-tests
- redis-integration-tests
- memcached-integration-tests
services:
- name: postgres
image: postgres:12.3-alpine
environment:
POSTGRES_DB: grafanatest
POSTGRES_PASSWORD: grafanatest
POSTGRES_USER: grafanatest
- name: mysql
image: mysql:5.6.48
environment:
MYSQL_DATABASE: grafana_tests
MYSQL_PASSWORD: password
MYSQL_ROOT_PASSWORD: rootpass
MYSQL_USER: grafana
- name: redis
image: redis:6.2.1-alpine
- name: memcached
image: memcached:1.6.9-alpine
image_pull_secrets:
- dockerconfigjson
node:
type: no-parallel
trigger:
ref:
- refs/heads/v[0-9]*
---
kind: pipeline
type: docker
name: enterprise-windows-release-branch
platform:
os: windows
arch: amd64
version: 1809
clone:
disable: true
steps:
- name: identify-runner
image: mcr.microsoft.com/windows:1809
commands:
- echo $env:DRONE_RUNNER_NAME
- name: clone
image: grafana/ci-wix:0.1.1
commands:
- $$ProgressPreference = "SilentlyContinue"
- Invoke-WebRequest https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v2.4.0/windows/grabpl.exe -OutFile grabpl.exe
- git clone "https://$$env:GITHUB_TOKEN@github.com/grafana/grafana-enterprise.git"
- cd grafana-enterprise
- git checkout $$env:DRONE_BRANCH
environment:
GITHUB_TOKEN:
from_secret: github_token
- name: initialize
image: grafana/ci-wix:0.1.1
commands:
- cp -r grafana-enterprise C:\App\grafana-enterprise
- rm -r -force grafana-enterprise
- cp grabpl.exe C:\App\grabpl.exe
- rm -force grabpl.exe
- C:\App\grabpl.exe init-enterprise C:\App\grafana-enterprise
- cp C:\App\grabpl.exe grabpl.exe
depends_on:
- clone
- name: build-windows-installer
image: grafana/ci-wix:0.1.1
commands:
- $$gcpKey = $$env:GCP_KEY
- "[System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($$gcpKey)) > gcpkey.json"
- dos2unix gcpkey.json
- gcloud auth activate-service-account --key-file=gcpkey.json
- rm gcpkey.json
- cp C:\App\nssm-2.24.zip .
environment:
GCP_KEY:
from_secret: gcp_key
depends_on:
- initialize
image_pull_secrets:
- dockerconfigjson
trigger:
ref:
- refs/heads/v[0-9]*
depends_on:
- enterprise-build-release-branch
---
kind: pipeline
type: docker
name: notify-release-branch
platform:
os: linux
arch: amd64
steps:
- name: slack
image: plugins/slack
settings:
channel: grafana-ci-notifications
template: "Build {{build.number}} failed for commit: <https://github.com/{{repo.owner}}/{{repo.name}}/commit/{{build.commit}}|{{ truncate build.commit 8 }}>: {{build.link}}\nBranch: <https://github.com/{{ repo.owner }}/{{ repo.name }}/commits/{{ build.branch }}|{{ build.branch }}>\nAuthor: {{build.author}}"
webhook:
from_secret: slack_webhook
trigger:
ref:
- refs/heads/v[0-9]*
status:
- failure
depends_on:
- oss-build-release-branch
- oss-windows-release-branch
- enterprise-build-release-branch
- enterprise-windows-release-branch
---
kind: pipeline
type: docker
name: scan-docker-images
platform:
os: linux
arch: amd64
steps:
- name: scan-docker-images-unkown-low-medium-vulnerabilities
image: aquasec/trivy:0.18.3
commands:
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM grafana/grafana:latest
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM grafana/grafana:main
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM grafana/grafana:latest-ubuntu
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM grafana/grafana:main-ubuntu
- name: scan-docker-images-high-critical-vulnerabilities
image: aquasec/trivy:0.18.3
commands:
- trivy --exit-code 1 --severity HIGH,CRITICAL grafana/grafana:latest
- trivy --exit-code 1 --severity HIGH,CRITICAL grafana/grafana:main
- trivy --exit-code 1 --severity HIGH,CRITICAL grafana/grafana:latest-ubuntu
- trivy --exit-code 1 --severity HIGH,CRITICAL grafana/grafana:main-ubuntu
- name: slack-notify-failure
image: plugins/slack
settings:
channel: grafana-backend-ops
template: "Nightly docker image scan job for {{repo.name}} failed: {{build.link}}"
webhook:
from_secret: slack_webhook_backend
when:
status:
- failure
trigger:
cron:
- nightly
event:
- cron
---
kind: secret
name: dockerconfigjson
get:
path: secret/data/common/gcr
name: .dockerconfigjson
---
kind: secret
name: github_token
get:
path: infra/data/ci/github/grafanabot
name: pat
---
kind: secret
name: drone_token
get:
path: infra/data/ci/drone
name: machine-user-token
---
kind: signature
hmac: da2adb3b1a629dad5050630a1ea2923c994647223dbe6efde88dcfea8faebcc1
...