mirror of
https://github.com/grafana/grafana.git
synced 2024-11-29 04:04:00 -06:00
52cd6068d1
* CircleCI: Make k8s deployment depend on enterprise Docker image * CircleCI: Upgrade grabpl
1256 lines
41 KiB
YAML
1256 lines
41 KiB
YAML
version: 2.1
|
|
|
|
aliases:
|
|
# Workflow filters
|
|
- &filter-only-release
|
|
branches:
|
|
only: chore/test-release-pipeline
|
|
tags:
|
|
only: /^v[0-9]+(\.[0-9]+){2}(-.+|[^-.]*)$/
|
|
- &filter-not-release-or-master
|
|
tags:
|
|
ignore: /^v[0-9]+(\.[0-9]+){2}(-.+|[^-.]*)$/
|
|
branches:
|
|
ignore: master
|
|
- &filter-only-master
|
|
branches:
|
|
only: master
|
|
- &filter-master-or-release
|
|
branches:
|
|
only:
|
|
- master
|
|
- chore/test-release-pipeline
|
|
tags:
|
|
only: /^v[0-9]+(\.[0-9]+){2}(-.+|[^-.]*)$/
|
|
|
|
executors:
|
|
grafana-build:
|
|
docker:
|
|
- image: grafana/build-container:1.2.13
|
|
grafana-publish:
|
|
docker:
|
|
- image: grafana/grafana-ci-deploy:1.2.4
|
|
docker:
|
|
machine:
|
|
image: circleci/classic:201808-01
|
|
cloud-sdk:
|
|
docker:
|
|
- image: google/cloud-sdk
|
|
windows-installer:
|
|
docker:
|
|
- image: grafana/wix-toolset-ci:v3
|
|
|
|
jobs:
|
|
install-grabpl:
|
|
description: Install the Grafana Build Pipeline tool
|
|
executor: grafana-build
|
|
steps:
|
|
- run:
|
|
name: Install Grafana Build Pipeline
|
|
command: |
|
|
curl -fLO https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v0.2.4/grabpl
|
|
chmod +x grabpl
|
|
mkdir bin
|
|
mv grabpl bin/
|
|
- persist_to_workspace:
|
|
root: .
|
|
paths:
|
|
- bin/grabpl
|
|
|
|
build-backend:
|
|
description: "Build a certain variant of Grafana back-end binaries"
|
|
parameters:
|
|
edition:
|
|
type: string
|
|
variant:
|
|
type: string
|
|
executor: grafana-build
|
|
steps:
|
|
- run:
|
|
name: Exit if enterprise and forked PR
|
|
command: |
|
|
if [[ "<< parameters.edition >>" == "enterprise" && -n "$CIRCLE_PR_NUMBER" ]]; then
|
|
echo "Nothing to do for forked PRs, so marking this step successful"
|
|
circleci step halt
|
|
fi
|
|
- attach_workspace:
|
|
at: /tmp/workspace
|
|
- checkout
|
|
- run:
|
|
name: CI job started
|
|
command: ./scripts/ci-job-started.sh
|
|
- run:
|
|
name: Build Grafana backend
|
|
command: |
|
|
if [[ -n $CIRCLE_TAG ]]; then
|
|
# A release build
|
|
/tmp/workspace/bin/grabpl build-backend --edition << parameters.edition >> \
|
|
--variants << parameters.variant >> $CIRCLE_TAG
|
|
elif [[ $CIRCLE_BRANCH == "chore/test-release-pipeline" ]]; then
|
|
# We're testing the release pipeline
|
|
/tmp/workspace/bin/grabpl build-backend --edition << parameters.edition >> \
|
|
--variants << parameters.variant >> v6.7.0-beta1
|
|
else
|
|
# A master or PR build
|
|
/tmp/workspace/bin/grabpl build-backend --edition << parameters.edition >> \
|
|
--variants << parameters.variant >> --build-id $CIRCLE_WORKFLOW_ID
|
|
fi
|
|
- run:
|
|
name: Move artifacts
|
|
command: mkdir -p << parameters.edition >> && mv bin << parameters.edition >>/
|
|
- persist_to_workspace:
|
|
root: .
|
|
paths:
|
|
- << parameters.edition >>/bin/*
|
|
- run:
|
|
name: CI job failed
|
|
command: ./scripts/ci-job-failed.sh
|
|
when: on_fail
|
|
- run:
|
|
name: CI job succeeded
|
|
command: ./scripts/ci-job-succeeded.sh
|
|
when: on_success
|
|
|
|
build-frontend:
|
|
description: "Build Grafana front-end artifacts"
|
|
parameters:
|
|
edition:
|
|
type: string
|
|
resource_class: large
|
|
executor: grafana-build
|
|
steps:
|
|
- run:
|
|
name: Exit if enterprise and forked PR
|
|
command: |
|
|
if [[ "<< parameters.edition >>" == "enterprise" && -n "$CIRCLE_PR_NUMBER" ]]; then
|
|
echo "Nothing to do for forked PRs, so marking this step successful"
|
|
circleci step halt
|
|
fi
|
|
- attach_workspace:
|
|
at: /tmp/workspace
|
|
- checkout
|
|
- run:
|
|
name: Increase node memory
|
|
command: |
|
|
export NODE_OPTIONS=--max_old_space_size=4096
|
|
- run:
|
|
name: CI job started
|
|
command: ./scripts/ci-job-started.sh
|
|
- run:
|
|
name: Build Grafana frontend
|
|
command: /tmp/workspace/bin/grabpl build-frontend --edition << parameters.edition >>
|
|
- run:
|
|
name: Move artifacts
|
|
command: mkdir << parameters.edition >> && cp -r public << parameters.edition >>/
|
|
- persist_to_workspace:
|
|
root: .
|
|
paths:
|
|
- << parameters.edition >>/public/*
|
|
- run:
|
|
name: CI job failed
|
|
command: ./scripts/ci-job-failed.sh
|
|
when: on_fail
|
|
- run:
|
|
name: CI job succeeded
|
|
command: ./scripts/ci-job-succeeded.sh
|
|
when: on_success
|
|
|
|
build-release-publisher:
|
|
description: "Build release-publisher"
|
|
executor: grafana-build
|
|
steps:
|
|
- checkout
|
|
- run:
|
|
name: CI job started
|
|
command: ./scripts/ci-job-started.sh
|
|
- run:
|
|
name: Test and build Grafana.com release publisher
|
|
command: |
|
|
cd scripts/build/release_publisher
|
|
go test .
|
|
go build -o release_publisher .
|
|
- persist_to_workspace:
|
|
root: .
|
|
paths:
|
|
- scripts/build/release_publisher/release_publisher
|
|
- run:
|
|
name: CI job failed
|
|
command: ./scripts/ci-job-failed.sh
|
|
when: on_fail
|
|
- run:
|
|
name: CI job succeeded
|
|
command: ./scripts/ci-job-succeeded.sh
|
|
when: on_success
|
|
|
|
shellcheck:
|
|
machine: true
|
|
steps:
|
|
- attach_workspace:
|
|
at: /tmp/workspace
|
|
- checkout
|
|
- run:
|
|
name: CI job started
|
|
command: ./scripts/ci-job-started.sh
|
|
- run:
|
|
name: ShellCheck
|
|
command: /tmp/workspace/bin/grabpl shellcheck
|
|
- run:
|
|
name: CI job failed
|
|
command: ./scripts/ci-job-failed.sh
|
|
when: on_fail
|
|
- run:
|
|
name: CI job succeeded
|
|
command: ./scripts/ci-job-succeeded.sh
|
|
when: on_success
|
|
|
|
build-oss-windows-installer:
|
|
executor: windows-installer
|
|
resource_class: large
|
|
steps:
|
|
- attach_workspace:
|
|
at: /tmp/workspace
|
|
- checkout
|
|
- run:
|
|
name: CI job started
|
|
command: ./scripts/ci-job-started.sh
|
|
- run:
|
|
name: Copy artifacts from workspace
|
|
command: cp -r /tmp/workspace/oss/dist .
|
|
- run:
|
|
name: Build Windows installer
|
|
command: ./scripts/build/ci-msi-build/ci-msi-build-oss.sh
|
|
- run:
|
|
name: Move artifacts
|
|
command: mkdir oss && mv dist oss/
|
|
- persist_to_workspace:
|
|
root: .
|
|
paths:
|
|
- oss/dist/grafana-*.msi
|
|
- oss/dist/grafana-*.msi.sha256
|
|
- run:
|
|
name: CI job failed
|
|
command: ./scripts/ci-job-failed.sh
|
|
when: on_fail
|
|
- run:
|
|
name: CI job succeeded
|
|
command: ./scripts/ci-job-succeeded.sh
|
|
when: on_success
|
|
|
|
build-enterprise-windows-installer:
|
|
executor: windows-installer
|
|
resource_class: large
|
|
steps:
|
|
- run:
|
|
name: Exit if forked PR
|
|
command: |
|
|
if [[ -n "$CIRCLE_PR_NUMBER" ]]; then
|
|
echo "Nothing to do for forked PRs, so marking this step successful"
|
|
circleci step halt
|
|
fi
|
|
- attach_workspace:
|
|
at: /tmp/workspace
|
|
- checkout
|
|
- run:
|
|
name: CI job started
|
|
command: "./scripts/ci-job-started.sh"
|
|
- run:
|
|
name: Copy artifacts from workspace
|
|
command: cp -r /tmp/workspace/enterprise/dist enterprise-dist
|
|
- run:
|
|
name: Build Windows installer
|
|
command: ./scripts/build/ci-msi-build/ci-msi-build-ee.sh
|
|
- run:
|
|
name: Move artifacts
|
|
command: mkdir enterprise && mv enterprise-dist enterprise/dist
|
|
- persist_to_workspace:
|
|
root: .
|
|
paths:
|
|
- enterprise/dist/grafana-*.msi
|
|
- enterprise/dist/grafana-*.msi.sha256
|
|
- run:
|
|
name: CI job failed
|
|
command: "./scripts/ci-job-failed.sh"
|
|
when: on_fail
|
|
- run:
|
|
name: CI job succeeded
|
|
command: "./scripts/ci-job-succeeded.sh"
|
|
when: on_success
|
|
|
|
release-next-packages:
|
|
executor: grafana-build
|
|
steps:
|
|
- run:
|
|
name: Exit if forked PR
|
|
command: |
|
|
if [[ -n "$CIRCLE_PR_NUMBER" ]]; then
|
|
echo "Nothing to do for forked PRs, so marking this step successful"
|
|
circleci step halt
|
|
fi
|
|
- attach_workspace:
|
|
at: /tmp/workspace
|
|
- checkout
|
|
- run:
|
|
name: CI job started
|
|
command: ./scripts/ci-job-started.sh
|
|
- run:
|
|
name: Bootstrap lerna
|
|
command: npx lerna bootstrap
|
|
- run:
|
|
name: npm - Prepare auth token
|
|
command: "echo //registry.npmjs.org/:_authToken=$NPM_TOKEN >> ~/.npmrc"
|
|
- run:
|
|
name: Release next packages
|
|
command: ./scripts/circle-release-next-packages.sh
|
|
- run:
|
|
name: CI job failed
|
|
command: ./scripts/ci-job-failed.sh
|
|
when: on_fail
|
|
- run:
|
|
name: CI job succeeded
|
|
command: ./scripts/ci-job-succeeded.sh
|
|
when: on_success
|
|
|
|
package-oss:
|
|
executor: grafana-build
|
|
resource_class: large
|
|
steps:
|
|
- attach_workspace:
|
|
at: /tmp/workspace
|
|
- checkout
|
|
- run:
|
|
name: CI job started
|
|
command: ./scripts/ci-job-started.sh
|
|
- run:
|
|
name: Copy artifacts from workspace
|
|
command: cp -r /tmp/workspace/oss/* .
|
|
- run:
|
|
name: Package Grafana
|
|
command: |
|
|
if [[ -n "$CIRCLE_PR_NUMBER" ]]; then
|
|
echo Using test GPG key pair since building a forked PR
|
|
source scripts/build/gpg-test-vars.sh
|
|
fi
|
|
|
|
if [[ -n $CIRCLE_TAG ]]; then
|
|
# A release build
|
|
/tmp/workspace/bin/grabpl package --edition oss $CIRCLE_TAG
|
|
elif [[ $CIRCLE_BRANCH == "chore/test-release-pipeline" ]]; then
|
|
# We're testing the release pipeline
|
|
/tmp/workspace/bin/grabpl package --edition oss v6.7.0-beta1
|
|
elif [[ $CIRCLE_BRANCH == "master" ]]; then
|
|
# A master build
|
|
/tmp/workspace/bin/grabpl package --edition oss --build-id $CIRCLE_WORKFLOW_ID
|
|
else
|
|
# A PR build
|
|
/tmp/workspace/bin/grabpl package --edition oss --build-id $CIRCLE_WORKFLOW_ID --variants \
|
|
linux-x64,linux-x64-musl,osx64,win64
|
|
fi
|
|
- run:
|
|
name: Move artifacts
|
|
command: |
|
|
mkdir -p oss
|
|
mv dist oss/
|
|
- persist_to_workspace:
|
|
root: .
|
|
paths:
|
|
- oss/dist/*
|
|
- run:
|
|
name: CI job failed
|
|
command: ./scripts/ci-job-failed.sh
|
|
when: on_fail
|
|
- run:
|
|
name: CI job succeeded
|
|
command: ./scripts/ci-job-succeeded.sh
|
|
when: on_success
|
|
|
|
package-enterprise:
|
|
executor: grafana-build
|
|
resource_class: large
|
|
steps:
|
|
- run:
|
|
name: Exit if forked PR
|
|
command: |
|
|
if [[ -n "$CIRCLE_PR_NUMBER" ]]; then
|
|
echo "Nothing to do for forked PRs, so marking this step successful"
|
|
circleci step halt
|
|
fi
|
|
- attach_workspace:
|
|
at: /tmp/workspace
|
|
- checkout
|
|
- run:
|
|
name: CI job started
|
|
command: ./scripts/ci-job-started.sh
|
|
- run:
|
|
name: Copy artifacts from workspace
|
|
command: cp -r /tmp/workspace/enterprise/* .
|
|
- run:
|
|
name: Package Grafana
|
|
command: |
|
|
if [[ -n $CIRCLE_TAG ]]; then
|
|
# A release build
|
|
/tmp/workspace/bin/grabpl package --edition enterprise $CIRCLE_TAG
|
|
elif [[ $CIRCLE_BRANCH == "chore/test-release-pipeline" ]]; then
|
|
# We're testing the release pipeline
|
|
/tmp/workspace/bin/grabpl package --edition enterprise v6.7.0-beta1
|
|
elif [[ $CIRCLE_BRANCH == "master" ]]; then
|
|
# A master build
|
|
/tmp/workspace/bin/grabpl package --edition enterprise --build-id $CIRCLE_WORKFLOW_ID
|
|
else
|
|
# A PR build
|
|
/tmp/workspace/bin/grabpl package --edition enterprise --build-id $CIRCLE_WORKFLOW_ID --variants \
|
|
linux-x64,linux-x64-musl,osx64,win64
|
|
fi
|
|
- run:
|
|
name: Move artifacts
|
|
command: |
|
|
mkdir -p enterprise
|
|
mv dist enterprise/
|
|
- persist_to_workspace:
|
|
root: .
|
|
paths:
|
|
- enterprise/dist/*
|
|
- run:
|
|
name: CI job failed
|
|
command: ./scripts/ci-job-failed.sh
|
|
when: on_fail
|
|
- run:
|
|
name: CI job succeeded
|
|
command: ./scripts/ci-job-succeeded.sh
|
|
when: on_success
|
|
|
|
publish-packages:
|
|
description: "Publish packages"
|
|
resource_class: large
|
|
parameters:
|
|
edition:
|
|
type: string
|
|
executor: grafana-publish
|
|
steps:
|
|
- run:
|
|
name: Exit if forked PR
|
|
command: |
|
|
if [[ -n "$CIRCLE_PR_NUMBER" ]]; then
|
|
echo "Nothing to do for forked PRs, so marking this step successful"
|
|
circleci step halt
|
|
fi
|
|
- attach_workspace:
|
|
at: /tmp/workspace
|
|
- checkout
|
|
- run:
|
|
name: CI job started
|
|
command: ./scripts/ci-job-started.sh
|
|
- run:
|
|
name: Publish packages
|
|
command: |
|
|
cp -r /tmp/workspace/<< parameters.edition >>/dist .
|
|
if [[ $CIRCLE_BRANCH == "chore/test-release-pipeline" ]]; then
|
|
# We're testing the release pipeline
|
|
/tmp/workspace/bin/grabpl publish-packages --edition << parameters.edition >> \
|
|
--deb-db-bucket grafana-testing-aptly-db --deb-repo-bucket grafana-testing-repo --packages-bucket \
|
|
grafana-downloads-test --rpm-repo-bucket grafana-testing-repo --simulate-release
|
|
else
|
|
/tmp/workspace/bin/grabpl publish-packages --edition << parameters.edition >>
|
|
fi
|
|
- run:
|
|
name: CI job failed
|
|
command: ./scripts/ci-job-failed.sh
|
|
when: on_fail
|
|
- run:
|
|
name: CI job succeeded
|
|
command: ./scripts/ci-job-succeeded.sh
|
|
when: on_success
|
|
|
|
publish-storybook:
|
|
description: "Publish Storybook"
|
|
executor: grafana-publish
|
|
steps:
|
|
- checkout
|
|
- run:
|
|
name: CI job started
|
|
command: ./scripts/ci-job-started.sh
|
|
- run:
|
|
name: Publish Storybook
|
|
command: |
|
|
yarn install --frozen-lockfile --no-progress
|
|
yarn storybook:build
|
|
|
|
if [[ -n "$CIRCLE_PR_NUMBER" ]]; then
|
|
echo "Nothing to do for forked PRs, so marking this step successful"
|
|
circleci step halt
|
|
fi
|
|
|
|
if [[ $CIRCLE_BRANCH == "chore/test-release-pipeline" ]]; then
|
|
# We're testing the release pipeline
|
|
echo Testing release
|
|
elif [[ $CIRCLE_BRANCH == "master" ]]; then
|
|
echo $GCP_GRAFANA_UPLOAD_KEY > /tmp/gcpkey.json
|
|
gcloud auth activate-service-account --key-file=/tmp/gcpkey.json
|
|
gsutil -m rsync -d -r ./packages/grafana-ui/dist/storybook gs://grafana-storybook/canary
|
|
elif [[ -n $CIRCLE_TAG ]]; then
|
|
echo $GCP_GRAFANA_UPLOAD_KEY > /tmp/gcpkey.json
|
|
gcloud auth activate-service-account --key-file=/tmp/gcpkey.json
|
|
gsutil -m rsync -d -r ./packages/grafana-ui/dist/storybook gs://grafana-storybook/latest
|
|
gsutil -m rsync -d -r ./packages/grafana-ui/dist/storybook gs://grafana-storybook/$CIRCLE_TAG
|
|
fi
|
|
- run:
|
|
name: CI job failed
|
|
command: ./scripts/ci-job-failed.sh
|
|
when: on_fail
|
|
- run:
|
|
name: CI job succeeded
|
|
command: ./scripts/ci-job-succeeded.sh
|
|
when: on_success
|
|
|
|
build-docker-images:
|
|
description: "Build Docker images"
|
|
resource_class: large
|
|
parameters:
|
|
edition:
|
|
type: string
|
|
ubuntu:
|
|
type: boolean
|
|
executor: docker
|
|
steps:
|
|
- run:
|
|
name: Exit if enterprise and forked PR
|
|
command: |
|
|
if [[ "<< parameters.edition >>" == "enterprise" && -n "$CIRCLE_PR_NUMBER" ]]; then
|
|
echo "Nothing to do for forked PRs, so marking this step successful"
|
|
circleci step halt
|
|
fi
|
|
- attach_workspace:
|
|
at: /tmp/workspace
|
|
- checkout
|
|
- run:
|
|
name: CI job started
|
|
command: ./scripts/ci-job-started.sh
|
|
- run: docker info
|
|
# XXX: Is this necessary?
|
|
- run: docker run --privileged linuxkit/binfmt:v0.6
|
|
- run:
|
|
name: Copy Grafana archives
|
|
command: |
|
|
cp -r /tmp/workspace/<< parameters.edition >>/dist .
|
|
- run:
|
|
name: Build Docker images
|
|
command: |
|
|
if [[ -n $CIRCLE_TAG || $CIRCLE_BRANCH == "chore/test-release-pipeline" || $CIRCLE_BRANCH == "master" ]]; then
|
|
# It's a full build
|
|
/tmp/workspace/bin/grabpl build-docker --edition << parameters.edition >> \
|
|
--ubuntu=<< parameters.ubuntu >>
|
|
else
|
|
# We're testing a branch
|
|
/tmp/workspace/bin/grabpl build-docker --edition << parameters.edition >> \
|
|
--ubuntu=<< parameters.ubuntu >> --archs amd64
|
|
fi
|
|
mkdir -p << parameters.edition >>/docker
|
|
mv docker/*.tar << parameters.edition >>/docker/
|
|
- persist_to_workspace:
|
|
root: .
|
|
paths:
|
|
- << parameters.edition >>/docker/*.tar
|
|
- run:
|
|
name: CI job failed
|
|
command: ./scripts/ci-job-failed.sh
|
|
when: on_fail
|
|
- run:
|
|
name: CI job succeeded
|
|
command: ./scripts/ci-job-succeeded.sh
|
|
when: on_success
|
|
|
|
publish-docker-images:
|
|
description: Publish Docker images
|
|
resource_class: large
|
|
parameters:
|
|
edition:
|
|
type: string
|
|
ubuntu:
|
|
type: boolean
|
|
executor: docker
|
|
steps:
|
|
- run:
|
|
name: Exit if forked PR
|
|
command: |
|
|
if [[ -n "$CIRCLE_PR_NUMBER" ]]; then
|
|
echo "Nothing to do for forked PRs, so marking this step successful"
|
|
circleci step halt
|
|
fi
|
|
- attach_workspace:
|
|
at: /tmp/workspace
|
|
- checkout
|
|
- run:
|
|
name: CI job started
|
|
command: ./scripts/ci-job-started.sh
|
|
- run:
|
|
name: Copy artifacts from workspace
|
|
command: |
|
|
cp -r /tmp/workspace/<< parameters.edition >>/docker .
|
|
cp -r /tmp/workspace/<< parameters.edition >>/dist .
|
|
- run:
|
|
name: Publish Docker images
|
|
command: |
|
|
if [[ $CIRCLE_BRANCH == "chore/test-release-pipeline" ]]; then
|
|
# We're testing the release pipeline
|
|
/tmp/workspace/bin/grabpl publish-docker --edition << parameters.edition >> --ubuntu=<< parameters.ubuntu >> --dry-run
|
|
else
|
|
/tmp/workspace/bin/grabpl publish-docker --edition << parameters.edition >> --ubuntu=<< parameters.ubuntu >>
|
|
fi
|
|
- run:
|
|
name: CI job failed
|
|
command: ./scripts/ci-job-failed.sh
|
|
when: on_fail
|
|
- run:
|
|
name: CI job succeeded
|
|
command: ./scripts/ci-job-succeeded.sh
|
|
when: on_success
|
|
|
|
end-to-end-tests:
|
|
resource_class: large
|
|
docker:
|
|
- image: circleci/node:12-browsers
|
|
steps:
|
|
- attach_workspace:
|
|
at: /tmp/workspace
|
|
- checkout
|
|
- restore_cache:
|
|
key: dependency-cache-{{ checksum "yarn.lock" }}
|
|
- run:
|
|
name: yarn install
|
|
command: yarn install --pure-lockfile --no-progress
|
|
no_output_timeout: 5m
|
|
- save_cache:
|
|
key: dependency-cache-{{ checksum "yarn.lock" }}
|
|
paths:
|
|
- node_modules
|
|
- run:
|
|
name: Start grafana-server
|
|
command: ./e2e/start-server
|
|
background: true
|
|
- run:
|
|
name: Run end-to-end tests
|
|
command: ./e2e/run-suite
|
|
no_output_timeout: 5m
|
|
- store_artifacts:
|
|
path: e2e/suite1/screenshots
|
|
destination: screenshots
|
|
- store_artifacts:
|
|
path: e2e/suite1/videos
|
|
destination: output-videos
|
|
- store_artifacts:
|
|
path: e2e/tmp/data/log
|
|
destination: logs
|
|
|
|
mysql-integration-test:
|
|
resource_class: large
|
|
docker:
|
|
- image: circleci/golang:1.13.4
|
|
- image: circleci/mysql:5.6-ram
|
|
environment:
|
|
MYSQL_ROOT_PASSWORD: rootpass
|
|
MYSQL_DATABASE: grafana_tests
|
|
MYSQL_USER: grafana
|
|
MYSQL_PASSWORD: password
|
|
working_directory: /go/src/github.com/grafana/grafana
|
|
steps:
|
|
- checkout
|
|
- run:
|
|
name: ci job started
|
|
command: "./scripts/ci-job-started.sh"
|
|
- run: sudo apt update
|
|
- run: sudo apt install -y default-mysql-client
|
|
- run: dockerize -wait tcp://127.0.0.1:3306 -timeout 120s
|
|
- run: cat devenv/docker/blocks/mysql_tests/setup.sql | mysql -h 127.0.0.1 -P 3306 -u root -prootpass
|
|
- run:
|
|
name: mysql integration tests
|
|
command: "./scripts/circle-test-mysql.sh"
|
|
- run:
|
|
name: ci job failed
|
|
command: "./scripts/ci-job-failed.sh"
|
|
when: on_fail
|
|
- run:
|
|
name: ci job succeeded
|
|
command: "./scripts/ci-job-succeeded.sh"
|
|
when: on_success
|
|
|
|
postgres-integration-test:
|
|
resource_class: large
|
|
docker:
|
|
- image: circleci/golang:1.13.4
|
|
- image: circleci/postgres:9.3-ram
|
|
environment:
|
|
POSTGRES_USER: grafanatest
|
|
POSTGRES_PASSWORD: grafanatest
|
|
POSTGRES_DB: grafanatest
|
|
working_directory: /go/src/github.com/grafana/grafana
|
|
steps:
|
|
- checkout
|
|
- run:
|
|
name: ci job started
|
|
command: "./scripts/ci-job-started.sh"
|
|
- run: sudo apt update
|
|
- run: sudo apt install -y postgresql-client
|
|
- run: dockerize -wait tcp://127.0.0.1:5432 -timeout 120s
|
|
- run: "PGPASSWORD=grafanatest psql -p 5432 -h 127.0.0.1 -U grafanatest -d grafanatest -f devenv/docker/blocks/postgres_tests/setup.sql"
|
|
- run:
|
|
name: postgres integration tests
|
|
command: "./scripts/circle-test-postgres.sh"
|
|
- run:
|
|
name: ci job failed
|
|
command: "./scripts/ci-job-failed.sh"
|
|
when: on_fail
|
|
- run:
|
|
name: ci job succeeded
|
|
command: "./scripts/ci-job-succeeded.sh"
|
|
when: on_success
|
|
|
|
codespell:
|
|
docker:
|
|
- image: circleci/python
|
|
steps:
|
|
- checkout
|
|
- run:
|
|
name: install codespell
|
|
command: "sudo pip install codespell"
|
|
- run:
|
|
# Important: all words have to be in lowercase, and separated by "\n".
|
|
name: exclude known exceptions
|
|
command: 'echo -e "unknwon\nreferer\nerrorstring\neror" > words_to_ignore.txt'
|
|
- run:
|
|
name: check documentation spelling errors
|
|
command: "codespell -I ./words_to_ignore.txt docs/"
|
|
|
|
lint-go:
|
|
docker:
|
|
- image: circleci/golang:1.13.4
|
|
resource_class: large
|
|
working_directory: /go/src/github.com/grafana/grafana
|
|
environment:
|
|
# we need CGO because of go-sqlite3
|
|
CGO_ENABLED: 1
|
|
# Reduce golangci-lint memory usage (default is 100)
|
|
GOGC: 20
|
|
steps:
|
|
- checkout
|
|
- run:
|
|
name: Install Go linters
|
|
command: |
|
|
pushd /tmp
|
|
curl -fLO https://github.com/golangci/golangci-lint/releases/download/v1.24.0/golangci-lint-1.24.0-linux-amd64.tar.gz
|
|
echo 241ca454102e909de04957ff8a5754c757cefa255758b3e1fba8a4533d19d179 \
|
|
golangci-lint-1.24.0-linux-amd64.tar.gz | sha256sum --check --strict --status
|
|
tar -xf golangci-lint-1.24.0-linux-amd64.tar.gz
|
|
sudo mv golangci-lint-1.24.0-linux-amd64/golangci-lint /usr/local/bin/
|
|
popd
|
|
make scripts/go/bin/revive scripts/go/bin/gosec
|
|
- run:
|
|
name: Lint Go
|
|
command: |
|
|
go vet ./pkg/...
|
|
golangci-lint run -v -j 4 --config scripts/go/configs/ci/.golangci.yml -E deadcode -E gofmt \
|
|
-E gosimple -E ineffassign -E structcheck -E typecheck ./pkg/...
|
|
golangci-lint run -v -j 4 --config scripts/go/configs/ci/.golangci.yml -E unconvert -E unused \
|
|
-E varcheck -E goconst -E errcheck -E staticcheck ./pkg/...
|
|
./scripts/go/bin/revive -formatter stylish -config ./scripts/go/configs/revive.toml ./pkg/...
|
|
./scripts/go/bin/revive -formatter stylish ./pkg/services/alerting/...
|
|
./scripts/go/bin/gosec -quiet -exclude=G104,G107,G108,G201,G202,G204,G301,G304,G401,G402,G501 \
|
|
-conf=./scripts/go/configs/gosec.json ./pkg/...
|
|
|
|
test-frontend:
|
|
resource_class: large
|
|
docker:
|
|
- image: circleci/node:12
|
|
steps:
|
|
- checkout
|
|
- run:
|
|
name: CI job started
|
|
command: "./scripts/ci-job-started.sh"
|
|
- restore_cache:
|
|
key: dependency-cache-{{ checksum "yarn.lock" }}
|
|
- run:
|
|
name: yarn install
|
|
command: "yarn install --frozen-lockfile --no-progress"
|
|
no_output_timeout: 15m
|
|
- save_cache:
|
|
key: dependency-cache-{{ checksum "yarn.lock" }}
|
|
paths:
|
|
- node_modules
|
|
- run:
|
|
name: frontend tests
|
|
command: "./scripts/circle-test-frontend.sh"
|
|
- store_test_results:
|
|
path: reports/junit
|
|
- run:
|
|
name: CI job failed
|
|
command: "./scripts/ci-job-failed.sh"
|
|
when: on_fail
|
|
- run:
|
|
name: CI job succeeded
|
|
command: "./scripts/ci-job-succeeded.sh"
|
|
when: on_success
|
|
|
|
test-backend:
|
|
docker:
|
|
- image: circleci/golang:1.13.4
|
|
working_directory: /go/src/github.com/grafana/grafana
|
|
steps:
|
|
- checkout
|
|
- run:
|
|
name: CI job started
|
|
command: "./scripts/ci-job-started.sh"
|
|
- run:
|
|
name: build backend and run go tests
|
|
command: "./scripts/circle-test-backend.sh"
|
|
- run:
|
|
name: CI job failed
|
|
command: "./scripts/ci-job-failed.sh"
|
|
when: on_fail
|
|
- run:
|
|
name: CI job succeeded
|
|
command: "./scripts/ci-job-succeeded.sh"
|
|
when: on_success
|
|
|
|
build-docs-website:
|
|
docker:
|
|
- image: grafana/build-container:1.2.13
|
|
working_directory: /docs
|
|
steps:
|
|
- checkout
|
|
- setup_remote_docker
|
|
- run:
|
|
name: CI job started
|
|
command: "./scripts/ci-job-started.sh"
|
|
- run:
|
|
name: Install docker
|
|
command: |
|
|
apt-get update
|
|
apt-get install -y docker.io
|
|
- run:
|
|
name: Build grafana docs website
|
|
command: |
|
|
# https://circleci.com/docs/2.0/building-docker-images/#mounting-folders
|
|
# create a dummy container which will hold a volume with config
|
|
docker create -v /hugo/content/docs/grafana --name docs-website alpine:3.4 /bin/true
|
|
# copy a config file into this volume
|
|
docker cp ${PWD}/docs/sources docs-website:/hugo/content/docs/grafana/latest
|
|
# start an application container using this volume
|
|
docker run --volumes-from docs-website --rm -it grafana/docs-base:latest /bin/bash -c 'npm i && make prod'
|
|
- run:
|
|
name: CI job failed
|
|
command: "docker stop docs-website && docker rm docs-website && ./scripts/ci-job-failed.sh"
|
|
when: on_fail
|
|
- run:
|
|
name: CI job succeeded
|
|
command: "docker stop docs-website && docker rm docs-website && ./scripts/ci-job-succeeded.sh"
|
|
when: on_success
|
|
|
|
deploy-to-kubernetes:
|
|
description: "Deploy Grafana master Docker image to Kubernetes"
|
|
executor: grafana-build
|
|
steps:
|
|
- attach_workspace:
|
|
at: /tmp/workspace
|
|
- run:
|
|
name: Deploy to Kubernetes
|
|
command: |
|
|
/tmp/workspace/bin/grabpl deploy-to-k8s $CIRCLE_WORKFLOW_ID
|
|
|
|
release-packages:
|
|
docker:
|
|
- image: circleci/node:12
|
|
steps:
|
|
- run:
|
|
name: Exit if forked PR
|
|
command: |
|
|
if [[ -n "$CIRCLE_PR_NUMBER" ]]; then
|
|
echo "Nothing to do for forked PRs, so marking this step successful"
|
|
circleci step halt
|
|
fi
|
|
- checkout
|
|
- run:
|
|
name: CI job started
|
|
command: "./scripts/ci-job-started.sh"
|
|
- run:
|
|
name: Bootstrap lerna
|
|
command: "npx lerna bootstrap"
|
|
- run:
|
|
name: npm - Prepare auth token
|
|
command: "echo //registry.npmjs.org/:_authToken=$NPM_TOKEN >> ~/.npmrc"
|
|
- run:
|
|
name: Release packages
|
|
command: ./scripts/build/release-packages.sh "${CIRCLE_TAG}"
|
|
- run:
|
|
name: CI job failed
|
|
command: "./scripts/ci-job-failed.sh"
|
|
when: on_fail
|
|
- run:
|
|
name: CI job succeeded
|
|
command: "./scripts/ci-job-succeeded.sh"
|
|
when: on_success
|
|
|
|
scan-docker-master:
|
|
docker:
|
|
- image: circleci/buildpack-deps:stretch
|
|
steps:
|
|
- setup_remote_docker
|
|
- restore_cache:
|
|
key: vulnerability-db
|
|
- run:
|
|
name: Install trivy
|
|
command: |
|
|
VERSION=$(
|
|
curl --silent "https://api.github.com/repos/aquasecurity/trivy/releases/latest" | \
|
|
grep '"tag_name":' | \
|
|
sed -E 's/.*"v([^"]+)".*/\1/'
|
|
)
|
|
|
|
wget https://github.com/aquasecurity/trivy/releases/download/v${VERSION}/trivy_${VERSION}_Linux-64bit.tar.gz
|
|
tar zxvf trivy_${VERSION}_Linux-64bit.tar.gz
|
|
sudo mv trivy /usr/local/bin
|
|
- run:
|
|
name: Clear trivy cache
|
|
command: trivy --clear-cache
|
|
- run:
|
|
name: Scan the latest grafana master alpine image with trivy
|
|
command: trivy --exit-code 1 grafana/grafana:master
|
|
- run:
|
|
name: Scan the latest grafana master ubuntu image with trivy
|
|
command: trivy --exit-code 1 grafana/grafana:master-ubuntu
|
|
- save_cache:
|
|
key: vulnerability-db
|
|
paths:
|
|
- $HOME/.cache/trivy
|
|
|
|
workflows:
|
|
build-pipeline:
|
|
jobs:
|
|
# No filters, meaning this job runs for all branches
|
|
- install-grabpl
|
|
- build-backend:
|
|
filters: *filter-master-or-release
|
|
edition: oss
|
|
variant: armv6
|
|
name: build-oss-backend-armv6
|
|
requires:
|
|
- install-grabpl
|
|
- build-backend:
|
|
filters: *filter-master-or-release
|
|
edition: oss
|
|
variant: armv7
|
|
name: build-oss-backend-armv7
|
|
requires:
|
|
- install-grabpl
|
|
- build-backend:
|
|
filters: *filter-master-or-release
|
|
edition: oss
|
|
variant: armv7-musl
|
|
name: build-oss-backend-armv7-musl
|
|
requires:
|
|
- install-grabpl
|
|
- build-backend:
|
|
filters: *filter-master-or-release
|
|
edition: oss
|
|
variant: arm64
|
|
name: build-oss-backend-arm64
|
|
requires:
|
|
- install-grabpl
|
|
- build-backend:
|
|
filters: *filter-master-or-release
|
|
edition: oss
|
|
variant: arm64-musl
|
|
name: build-oss-backend-arm64-musl
|
|
requires:
|
|
- install-grabpl
|
|
- build-backend:
|
|
# No filters, meaning this job runs for all branches
|
|
edition: oss
|
|
variant: osx64
|
|
name: build-oss-backend-osx64
|
|
requires:
|
|
- install-grabpl
|
|
- build-backend:
|
|
# No filters, meaning this job runs for all branches
|
|
edition: oss
|
|
variant: win64
|
|
name: build-oss-backend-win64
|
|
requires:
|
|
- install-grabpl
|
|
- build-backend:
|
|
# No filters, meaning this job runs for all branches
|
|
edition: oss
|
|
variant: linux-x64
|
|
name: build-oss-backend-linux-x64
|
|
requires:
|
|
- install-grabpl
|
|
- build-backend:
|
|
# No filters, meaning this job runs for all branches
|
|
edition: oss
|
|
variant: linux-x64-musl
|
|
name: build-oss-backend-linux-x64-musl
|
|
requires:
|
|
- install-grabpl
|
|
- build-frontend:
|
|
# No filters, meaning this job runs for all branches
|
|
name: build-oss-frontend
|
|
edition: oss
|
|
requires:
|
|
- install-grabpl
|
|
- build-backend:
|
|
filters: *filter-master-or-release
|
|
name: build-enterprise-backend-armv6
|
|
edition: enterprise
|
|
variant: armv6
|
|
requires:
|
|
- install-grabpl
|
|
- build-backend:
|
|
filters: *filter-master-or-release
|
|
name: build-enterprise-backend-armv7
|
|
edition: enterprise
|
|
variant: armv7
|
|
requires:
|
|
- install-grabpl
|
|
- build-backend:
|
|
filters: *filter-master-or-release
|
|
name: build-enterprise-backend-armv7-musl
|
|
edition: enterprise
|
|
variant: armv7-musl
|
|
requires:
|
|
- install-grabpl
|
|
- build-backend:
|
|
filters: *filter-master-or-release
|
|
name: build-enterprise-backend-arm64
|
|
edition: enterprise
|
|
variant: arm64
|
|
requires:
|
|
- install-grabpl
|
|
- build-backend:
|
|
filters: *filter-master-or-release
|
|
name: build-enterprise-backend-arm64-musl
|
|
edition: enterprise
|
|
variant: arm64-musl
|
|
requires:
|
|
- install-grabpl
|
|
- build-backend:
|
|
# No filters, meaning this job runs for all branches
|
|
name: build-enterprise-backend-osx64
|
|
edition: enterprise
|
|
variant: osx64
|
|
requires:
|
|
- install-grabpl
|
|
- build-backend:
|
|
# No filters, meaning this job runs for all branches
|
|
name: build-enterprise-backend-win64
|
|
edition: enterprise
|
|
variant: win64
|
|
requires:
|
|
- install-grabpl
|
|
- build-backend:
|
|
# No filters, meaning this job runs for all branches
|
|
name: build-enterprise-backend-linux-x64
|
|
edition: enterprise
|
|
variant: linux-x64
|
|
requires:
|
|
- install-grabpl
|
|
- build-backend:
|
|
# No filters, meaning this job runs for all branches
|
|
name: build-enterprise-backend-linux-x64-musl
|
|
edition: enterprise
|
|
variant: linux-x64-musl
|
|
requires:
|
|
- install-grabpl
|
|
- build-frontend:
|
|
# No filters, meaning this job runs for all branches
|
|
name: build-enterprise-frontend
|
|
edition: enterprise
|
|
requires:
|
|
- install-grabpl
|
|
- build-release-publisher:
|
|
filters: *filter-master-or-release
|
|
- codespell:
|
|
# No filters, meaning this job runs for all branches
|
|
requires:
|
|
- install-grabpl
|
|
- lint-go:
|
|
# No filters, meaning this job runs for all branches
|
|
requires:
|
|
- install-grabpl
|
|
- shellcheck:
|
|
# No filters, meaning this job runs for all branches
|
|
requires:
|
|
- install-grabpl
|
|
- test-backend:
|
|
# No filters, meaning this job runs for all branches
|
|
requires:
|
|
- install-grabpl
|
|
- lint-go
|
|
- test-frontend:
|
|
# No filters, meaning this job runs for all branches
|
|
requires:
|
|
- install-grabpl
|
|
- mysql-integration-test:
|
|
# No filters, meaning this job runs for all branches
|
|
requires:
|
|
- install-grabpl
|
|
- lint-go
|
|
- postgres-integration-test:
|
|
# No filters, meaning this job runs for all branches
|
|
requires:
|
|
- install-grabpl
|
|
- lint-go
|
|
- package-oss:
|
|
# No filters, meaning this job runs for all branches
|
|
requires:
|
|
- install-grabpl
|
|
- build-oss-backend-armv6
|
|
- build-oss-backend-armv7
|
|
- build-oss-backend-armv7-musl
|
|
- build-oss-backend-arm64
|
|
- build-oss-backend-arm64-musl
|
|
- build-oss-backend-osx64
|
|
- build-oss-backend-win64
|
|
- build-oss-backend-linux-x64
|
|
- build-oss-backend-linux-x64-musl
|
|
- build-oss-frontend
|
|
- test-backend
|
|
- test-frontend
|
|
- codespell
|
|
- shellcheck
|
|
- mysql-integration-test
|
|
- postgres-integration-test
|
|
- package-enterprise:
|
|
# No filters, meaning this job runs for all branches
|
|
requires:
|
|
- install-grabpl
|
|
- build-enterprise-backend-armv6
|
|
- build-enterprise-backend-armv7
|
|
- build-enterprise-backend-armv7-musl
|
|
- build-enterprise-backend-arm64
|
|
- build-enterprise-backend-arm64-musl
|
|
- build-enterprise-backend-osx64
|
|
- build-enterprise-backend-win64
|
|
- build-enterprise-backend-linux-x64
|
|
- build-enterprise-backend-linux-x64-musl
|
|
- build-enterprise-frontend
|
|
- test-backend
|
|
- test-frontend
|
|
- codespell
|
|
- shellcheck
|
|
- mysql-integration-test
|
|
- postgres-integration-test
|
|
- build-oss-windows-installer:
|
|
# No filters, meaning this job runs for all branches
|
|
requires:
|
|
- package-oss
|
|
- build-enterprise-windows-installer:
|
|
# No filters, meaning this job runs for all branches
|
|
requires:
|
|
- package-enterprise
|
|
- release-next-packages:
|
|
filters: *filter-only-master
|
|
requires:
|
|
- test-frontend
|
|
- release-packages:
|
|
filters: *filter-only-release
|
|
requires:
|
|
- end-to-end-tests
|
|
- publish-packages:
|
|
filters: *filter-master-or-release
|
|
name: publish-oss-packages
|
|
edition: oss
|
|
requires:
|
|
- package-oss
|
|
- build-oss-windows-installer
|
|
- end-to-end-tests
|
|
- build-release-publisher
|
|
- publish-packages:
|
|
filters: *filter-master-or-release
|
|
name: publish-enterprise-packages
|
|
edition: enterprise
|
|
requires:
|
|
- package-enterprise
|
|
- build-enterprise-windows-installer
|
|
- end-to-end-tests
|
|
- build-release-publisher
|
|
- publish-storybook
|
|
- build-docker-images:
|
|
# No filters, meaning this job runs for all branches
|
|
name: build-oss-docker-images
|
|
edition: oss
|
|
ubuntu: false
|
|
requires:
|
|
- package-oss
|
|
- build-oss-windows-installer
|
|
- build-docker-images:
|
|
# No filters, meaning this job runs for all branches
|
|
name: build-oss-ubuntu-docker-images
|
|
edition: oss
|
|
ubuntu: true
|
|
requires:
|
|
- package-oss
|
|
- build-oss-windows-installer
|
|
- build-docker-images:
|
|
# No filters, meaning this job runs for all branches
|
|
name: build-enterprise-docker-images
|
|
edition: enterprise
|
|
ubuntu: false
|
|
requires:
|
|
- package-enterprise
|
|
- build-enterprise-windows-installer
|
|
- build-docker-images:
|
|
# No filters, meaning this job runs for all branches
|
|
name: build-enterprise-ubuntu-docker-images
|
|
edition: enterprise
|
|
ubuntu: true
|
|
requires:
|
|
- package-enterprise
|
|
- build-enterprise-windows-installer
|
|
- end-to-end-tests:
|
|
# No filters, meaning this job runs for all branches
|
|
requires:
|
|
- package-oss
|
|
- publish-docker-images:
|
|
filters: *filter-master-or-release
|
|
name: publish-oss-docker-images
|
|
edition: oss
|
|
ubuntu: false
|
|
requires:
|
|
- build-oss-docker-images
|
|
- end-to-end-tests
|
|
- publish-docker-images:
|
|
filters: *filter-master-or-release
|
|
name: publish-oss-ubuntu-docker-images
|
|
edition: oss
|
|
ubuntu: true
|
|
requires:
|
|
- build-oss-ubuntu-docker-images
|
|
- end-to-end-tests
|
|
- publish-docker-images:
|
|
filters: *filter-master-or-release
|
|
name: publish-enterprise-docker-images
|
|
edition: enterprise
|
|
ubuntu: false
|
|
requires:
|
|
- build-enterprise-docker-images
|
|
- end-to-end-tests
|
|
- publish-docker-images:
|
|
filters: *filter-master-or-release
|
|
name: publish-enterprise-ubuntu-docker-images
|
|
edition: enterprise
|
|
ubuntu: true
|
|
requires:
|
|
- build-enterprise-ubuntu-docker-images
|
|
- end-to-end-tests
|
|
- build-docs-website:
|
|
filters: *filter-not-release-or-master
|
|
- deploy-to-kubernetes:
|
|
filters: *filter-only-master
|
|
requires:
|
|
- publish-enterprise-docker-images
|
|
|
|
nightly:
|
|
triggers:
|
|
- schedule:
|
|
cron: "0 0 * * *"
|
|
filters: *filter-only-master
|
|
jobs:
|
|
- scan-docker-master
|