mirror of
https://github.com/grafana/grafana.git
synced 2025-01-24 07:17:08 -06:00
4958 lines
126 KiB
YAML
4958 lines
126 KiB
YAML
---
|
|
clone:
|
|
retries: 3
|
|
depends_on: []
|
|
environment:
|
|
EDITION: oss
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: pr-verify-drone
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- echo $DRONE_RUNNER_NAME
|
|
image: alpine:3.19.1
|
|
name: identify-runner
|
|
- commands:
|
|
- go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd
|
|
depends_on: []
|
|
environment:
|
|
CGO_ENABLED: 0
|
|
image: golang:1.22.4-alpine
|
|
name: compile-build-cmd
|
|
- commands:
|
|
- ./bin/build verify-drone
|
|
depends_on:
|
|
- compile-build-cmd
|
|
image: byrnedo/alpine-curl:0.1.8
|
|
name: lint-drone
|
|
trigger:
|
|
event:
|
|
- pull_request
|
|
paths:
|
|
exclude:
|
|
- docs/**
|
|
- '*.md'
|
|
include:
|
|
- scripts/drone/**
|
|
- .drone.yml
|
|
- .drone.star
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on: []
|
|
environment:
|
|
EDITION: oss
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: pr-verify-starlark
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- echo $DRONE_RUNNER_NAME
|
|
image: alpine:3.19.1
|
|
name: identify-runner
|
|
- commands:
|
|
- go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd
|
|
depends_on: []
|
|
environment:
|
|
CGO_ENABLED: 0
|
|
image: golang:1.22.4-alpine
|
|
name: compile-build-cmd
|
|
- commands:
|
|
- go install github.com/bazelbuild/buildtools/buildifier@latest
|
|
- buildifier --lint=warn -mode=check -r .
|
|
depends_on:
|
|
- compile-build-cmd
|
|
image: golang:1.22.4-alpine
|
|
name: lint-starlark
|
|
trigger:
|
|
event:
|
|
- pull_request
|
|
paths:
|
|
exclude:
|
|
- docs/**
|
|
- '*.md'
|
|
include:
|
|
- scripts/drone/**
|
|
- .drone.star
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on: []
|
|
environment:
|
|
EDITION: oss
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: pr-test-frontend
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- echo $DRONE_RUNNER_NAME
|
|
image: alpine:3.19.1
|
|
name: identify-runner
|
|
- commands:
|
|
- yarn install --immutable || yarn install --immutable
|
|
depends_on: []
|
|
image: node:20.9.0-alpine
|
|
name: yarn-install
|
|
- commands:
|
|
- apk add --update git bash
|
|
- yarn betterer ci
|
|
depends_on:
|
|
- yarn-install
|
|
image: node:20.9.0-alpine
|
|
name: betterer-frontend
|
|
- commands:
|
|
- apk add --update curl jq bash
|
|
- is_fork=$(curl "https://$GITHUB_TOKEN@api.github.com/repos/grafana/grafana/pulls/$DRONE_PULL_REQUEST"
|
|
| jq .head.repo.fork)
|
|
- if [ "$is_fork" != false ]; then return 1; fi
|
|
- git clone "https://$${GITHUB_TOKEN}@github.com/grafana/grafana-enterprise.git"
|
|
../grafana-enterprise
|
|
- cd ../grafana-enterprise
|
|
- if git checkout ${DRONE_SOURCE_BRANCH}; then echo "checked out ${DRONE_SOURCE_BRANCH}";
|
|
elif git checkout ${DRONE_TARGET_BRANCH}; then echo "git checkout ${DRONE_TARGET_BRANCH}";
|
|
else git checkout main; fi
|
|
- cd ../
|
|
- ln -s src grafana
|
|
- cd ./grafana-enterprise
|
|
- ./build.sh
|
|
environment:
|
|
GITHUB_TOKEN:
|
|
from_secret: github_token
|
|
failure: ignore
|
|
image: alpine/git:2.40.1
|
|
name: clone-enterprise
|
|
- commands:
|
|
- yarn run ci:test-frontend
|
|
depends_on:
|
|
- yarn-install
|
|
environment:
|
|
TEST_MAX_WORKERS: 50%
|
|
image: node:20.9.0-alpine
|
|
name: test-frontend
|
|
trigger:
|
|
event:
|
|
- pull_request
|
|
paths:
|
|
exclude:
|
|
- docs/**
|
|
- '*.md'
|
|
- pkg/**
|
|
- packaging/**
|
|
- go.sum
|
|
- go.mod
|
|
include: []
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on: []
|
|
environment:
|
|
EDITION: oss
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: pr-lint-frontend
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- apk add --update curl jq bash
|
|
- is_fork=$(curl "https://$GITHUB_TOKEN@api.github.com/repos/grafana/grafana/pulls/$DRONE_PULL_REQUEST"
|
|
| jq .head.repo.fork)
|
|
- if [ "$is_fork" != false ]; then return 1; fi
|
|
- git clone "https://$${GITHUB_TOKEN}@github.com/grafana/grafana-enterprise.git"
|
|
../grafana-enterprise
|
|
- cd ../grafana-enterprise
|
|
- if git checkout ${DRONE_SOURCE_BRANCH}; then echo "checked out ${DRONE_SOURCE_BRANCH}";
|
|
elif git checkout ${DRONE_TARGET_BRANCH}; then echo "git checkout ${DRONE_TARGET_BRANCH}";
|
|
else git checkout main; fi
|
|
- cd ../
|
|
- ln -s src grafana
|
|
- cd ./grafana-enterprise
|
|
- ./build.sh
|
|
environment:
|
|
GITHUB_TOKEN:
|
|
from_secret: github_token
|
|
failure: ignore
|
|
image: alpine/git:2.40.1
|
|
name: clone-enterprise
|
|
- commands:
|
|
- echo $DRONE_RUNNER_NAME
|
|
image: alpine:3.19.1
|
|
name: identify-runner
|
|
- commands:
|
|
- yarn install --immutable || yarn install --immutable
|
|
depends_on: []
|
|
image: node:20.9.0-alpine
|
|
name: yarn-install
|
|
- commands:
|
|
- yarn run prettier:check
|
|
- yarn run lint
|
|
- yarn run typecheck
|
|
depends_on:
|
|
- yarn-install
|
|
environment:
|
|
TEST_MAX_WORKERS: 50%
|
|
image: node:20.9.0-alpine
|
|
name: lint-frontend
|
|
- commands:
|
|
- |-
|
|
make i18n-extract || (echo "
|
|
Extraction failed. Make sure that you have no dynamic translation phrases, such as 't(\`preferences.theme.\$${themeID}\`, themeName)' and that no translation key is used twice. Search the output for '[warning]' to find the offending file." && false)
|
|
- "\n file_diff=$(git diff --dirstat public/locales)\n if
|
|
[ -n \"$file_diff\" ]; then\n echo $file_diff\n echo
|
|
\"\nTranslation extraction has not been committed. Please run 'make i18n-extract',
|
|
commit the changes and push again.\"\n exit 1\n fi\n
|
|
\ "
|
|
depends_on:
|
|
- yarn-install
|
|
image: node:20-bookworm
|
|
name: verify-i18n
|
|
trigger:
|
|
event:
|
|
- pull_request
|
|
paths:
|
|
exclude:
|
|
- docs/**
|
|
- '*.md'
|
|
- pkg/**
|
|
- packaging/**
|
|
- go.sum
|
|
- go.mod
|
|
include: []
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on: []
|
|
environment:
|
|
EDITION: oss
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: pr-test-backend
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- apk add --update curl jq bash
|
|
- is_fork=$(curl "https://$GITHUB_TOKEN@api.github.com/repos/grafana/grafana/pulls/$DRONE_PULL_REQUEST"
|
|
| jq .head.repo.fork)
|
|
- if [ "$is_fork" != false ]; then return 1; fi
|
|
- git clone "https://$${GITHUB_TOKEN}@github.com/grafana/grafana-enterprise.git"
|
|
../grafana-enterprise
|
|
- cd ../grafana-enterprise
|
|
- if git checkout ${DRONE_SOURCE_BRANCH}; then echo "checked out ${DRONE_SOURCE_BRANCH}";
|
|
elif git checkout ${DRONE_TARGET_BRANCH}; then echo "git checkout ${DRONE_TARGET_BRANCH}";
|
|
else git checkout main; fi
|
|
- cd ../
|
|
- ln -s src grafana
|
|
- cd ./grafana-enterprise
|
|
- ./build.sh
|
|
environment:
|
|
GITHUB_TOKEN:
|
|
from_secret: github_token
|
|
failure: ignore
|
|
image: alpine/git:2.40.1
|
|
name: clone-enterprise
|
|
- commands:
|
|
- echo $DRONE_RUNNER_NAME
|
|
image: alpine:3.19.1
|
|
name: identify-runner
|
|
- commands:
|
|
- '# It is required that code generated from Thema/CUE be committed and in sync
|
|
with its inputs.'
|
|
- '# The following command will fail if running code generators produces any diff
|
|
in output.'
|
|
- apk add --update make
|
|
- CODEGEN_VERIFY=1 make gen-cue
|
|
depends_on: []
|
|
image: golang:1.22.4-alpine
|
|
name: verify-gen-cue
|
|
- commands:
|
|
- '# It is required that generated jsonnet is committed and in sync with its inputs.'
|
|
- '# The following command will fail if running code generators produces any diff
|
|
in output.'
|
|
- apk add --update make
|
|
- CODEGEN_VERIFY=1 make gen-jsonnet
|
|
depends_on: []
|
|
image: golang:1.22.4-alpine
|
|
name: verify-gen-jsonnet
|
|
- commands:
|
|
- apk add --update make
|
|
- make gen-go
|
|
depends_on:
|
|
- verify-gen-cue
|
|
image: golang:1.22.4-alpine
|
|
name: wire-install
|
|
- commands:
|
|
- apk add --update build-base shared-mime-info shared-mime-info-lang
|
|
- go list -f '{{.Dir}}/...' -m | xargs go test -tags requires_buildifer -short -covermode=atomic
|
|
-timeout=5m
|
|
depends_on:
|
|
- wire-install
|
|
image: golang:1.22.4-alpine
|
|
name: test-backend
|
|
- commands:
|
|
- apk add --update build-base
|
|
- go test -count=1 -covermode=atomic -timeout=5m -run '^TestIntegration' $(find
|
|
./pkg -type f -name '*_test.go' -exec grep -l '^func TestIntegration' '{}' '+'
|
|
| grep -o '\(.*\)/' | sort -u)
|
|
depends_on:
|
|
- wire-install
|
|
image: golang:1.22.4-alpine
|
|
name: test-backend-integration
|
|
trigger:
|
|
event:
|
|
- pull_request
|
|
paths:
|
|
exclude:
|
|
- docs/**
|
|
- '*.md'
|
|
include:
|
|
- Makefile
|
|
- pkg/**
|
|
- packaging/**
|
|
- .drone.yml
|
|
- conf/**
|
|
- go.sum
|
|
- go.mod
|
|
- public/app/plugins/**/plugin.json
|
|
- docs/sources/setup-grafana/configure-grafana/feature-toggles/**
|
|
- devenv/**
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on: []
|
|
environment:
|
|
EDITION: oss
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: pr-lint-backend
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- echo $DRONE_RUNNER_NAME
|
|
image: alpine:3.19.1
|
|
name: identify-runner
|
|
- commands:
|
|
- go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd
|
|
depends_on: []
|
|
environment:
|
|
CGO_ENABLED: 0
|
|
image: golang:1.22.4-alpine
|
|
name: compile-build-cmd
|
|
- commands:
|
|
- apk add --update curl jq bash
|
|
- is_fork=$(curl "https://$GITHUB_TOKEN@api.github.com/repos/grafana/grafana/pulls/$DRONE_PULL_REQUEST"
|
|
| jq .head.repo.fork)
|
|
- if [ "$is_fork" != false ]; then return 1; fi
|
|
- git clone "https://$${GITHUB_TOKEN}@github.com/grafana/grafana-enterprise.git"
|
|
../grafana-enterprise
|
|
- cd ../grafana-enterprise
|
|
- if git checkout ${DRONE_SOURCE_BRANCH}; then echo "checked out ${DRONE_SOURCE_BRANCH}";
|
|
elif git checkout ${DRONE_TARGET_BRANCH}; then echo "git checkout ${DRONE_TARGET_BRANCH}";
|
|
else git checkout main; fi
|
|
- cd ../
|
|
- ln -s src grafana
|
|
- cd ./grafana-enterprise
|
|
- ./build.sh
|
|
environment:
|
|
GITHUB_TOKEN:
|
|
from_secret: github_token
|
|
failure: ignore
|
|
image: alpine/git:2.40.1
|
|
name: clone-enterprise
|
|
- commands:
|
|
- apk add --update make
|
|
- make gen-go
|
|
depends_on: []
|
|
image: golang:1.22.4-alpine
|
|
name: wire-install
|
|
- commands:
|
|
- go run scripts/modowners/modowners.go check go.mod
|
|
image: golang:1.22.4-alpine
|
|
name: validate-modfile
|
|
- commands:
|
|
- apk add --update make
|
|
- make swagger-validate
|
|
image: golang:1.22.4-alpine
|
|
name: validate-openapi-spec
|
|
trigger:
|
|
event:
|
|
- pull_request
|
|
paths:
|
|
exclude:
|
|
- docs/**
|
|
- '*.md'
|
|
include:
|
|
- .golangci.toml
|
|
- Makefile
|
|
- pkg/**
|
|
- packaging/**
|
|
- .drone.yml
|
|
- conf/**
|
|
- go.sum
|
|
- go.mod
|
|
- public/app/plugins/**/plugin.json
|
|
- devenv/**
|
|
- .bingo/**
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on: []
|
|
environment:
|
|
EDITION: oss
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: pr-build-e2e
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- echo $DRONE_RUNNER_NAME
|
|
image: alpine:3.19.1
|
|
name: identify-runner
|
|
- commands:
|
|
- mkdir -p bin
|
|
- curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v3.0.50/grabpl
|
|
- chmod +x bin/grabpl
|
|
image: byrnedo/alpine-curl:0.1.8
|
|
name: grabpl
|
|
- commands:
|
|
- go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd
|
|
depends_on: []
|
|
environment:
|
|
CGO_ENABLED: 0
|
|
image: golang:1.22.4-alpine
|
|
name: compile-build-cmd
|
|
- commands:
|
|
- '# It is required that code generated from Thema/CUE be committed and in sync
|
|
with its inputs.'
|
|
- '# The following command will fail if running code generators produces any diff
|
|
in output.'
|
|
- apk add --update make
|
|
- CODEGEN_VERIFY=1 make gen-cue
|
|
depends_on: []
|
|
image: golang:1.22.4-alpine
|
|
name: verify-gen-cue
|
|
- commands:
|
|
- '# It is required that generated jsonnet is committed and in sync with its inputs.'
|
|
- '# The following command will fail if running code generators produces any diff
|
|
in output.'
|
|
- apk add --update make
|
|
- CODEGEN_VERIFY=1 make gen-jsonnet
|
|
depends_on: []
|
|
image: golang:1.22.4-alpine
|
|
name: verify-gen-jsonnet
|
|
- commands:
|
|
- apk add --update make
|
|
- make gen-go
|
|
depends_on:
|
|
- verify-gen-cue
|
|
image: golang:1.22.4-alpine
|
|
name: wire-install
|
|
- commands:
|
|
- yarn install --immutable || yarn install --immutable
|
|
depends_on: []
|
|
image: node:20.9.0-alpine
|
|
name: yarn-install
|
|
- commands:
|
|
- apk add --update jq bash
|
|
- yarn packages:build
|
|
- yarn packages:pack
|
|
- ./scripts/validate-npm-packages.sh
|
|
depends_on:
|
|
- yarn-install
|
|
environment:
|
|
NODE_OPTIONS: --max_old_space_size=8192
|
|
image: node:20.9.0-alpine
|
|
name: build-frontend-packages
|
|
- failure: ignore
|
|
image: grafana/drone-downstream
|
|
name: trigger-enterprise-downstream
|
|
settings:
|
|
params:
|
|
- SOURCE_BUILD_NUMBER=${DRONE_COMMIT}
|
|
- SOURCE_COMMIT=${DRONE_COMMIT}
|
|
- OSS_PULL_REQUEST=${DRONE_PULL_REQUEST}
|
|
repositories:
|
|
- grafana/grafana-enterprise@${DRONE_SOURCE_BRANCH}
|
|
server: https://drone.grafana.net
|
|
token:
|
|
from_secret: drone_token
|
|
- commands:
|
|
- /src/grafana-build artifacts -a targz:grafana:linux/amd64 -a targz:grafana:linux/arm64
|
|
-a targz:grafana:linux/arm/v7 --go-version=1.22.4 --yarn-cache=$$YARN_CACHE_FOLDER
|
|
--build-id=$$DRONE_BUILD_NUMBER --grafana-dir=$$PWD > packages.txt
|
|
depends_on:
|
|
- yarn-install
|
|
environment:
|
|
_EXPERIMENTAL_DAGGER_CLOUD_TOKEN:
|
|
from_secret: dagger_token
|
|
image: grafana/grafana-build:main
|
|
name: rgm-package
|
|
pull: always
|
|
volumes:
|
|
- name: docker
|
|
path: /var/run/docker.sock
|
|
- commands:
|
|
- apk add --update tar bash
|
|
- mkdir grafana
|
|
- tar --strip-components=1 -xvf ./dist/*amd64.tar.gz -C grafana
|
|
- cp -r devenv scripts tools grafana && cd grafana && ./scripts/grafana-server/start-server
|
|
depends_on:
|
|
- rgm-package
|
|
detach: true
|
|
environment:
|
|
GF_APP_MODE: development
|
|
GF_SERVER_HTTP_PORT: "3001"
|
|
GF_SERVER_ROUTER_LOGGING: "1"
|
|
image: alpine:3.19.1
|
|
name: grafana-server
|
|
- commands:
|
|
- ./bin/build e2e-tests --port 3001 --suite dashboards-suite
|
|
depends_on:
|
|
- grafana-server
|
|
environment:
|
|
HOST: grafana-server
|
|
image: cypress/included:13.10.0
|
|
name: end-to-end-tests-dashboards-suite
|
|
- commands:
|
|
- ./bin/build e2e-tests --port 3001 --suite smoke-tests-suite
|
|
depends_on:
|
|
- grafana-server
|
|
environment:
|
|
HOST: grafana-server
|
|
image: cypress/included:13.10.0
|
|
name: end-to-end-tests-smoke-tests-suite
|
|
- commands:
|
|
- ./bin/build e2e-tests --port 3001 --suite panels-suite
|
|
depends_on:
|
|
- grafana-server
|
|
environment:
|
|
HOST: grafana-server
|
|
image: cypress/included:13.10.0
|
|
name: end-to-end-tests-panels-suite
|
|
- commands:
|
|
- ./bin/build e2e-tests --port 3001 --suite various-suite
|
|
depends_on:
|
|
- grafana-server
|
|
environment:
|
|
HOST: grafana-server
|
|
image: cypress/included:13.10.0
|
|
name: end-to-end-tests-various-suite
|
|
- commands:
|
|
- cd /
|
|
- ./cpp-e2e/scripts/ci-run.sh azure ${DRONE_SOURCE_BRANCH}
|
|
depends_on:
|
|
- grafana-server
|
|
environment:
|
|
AZURE_SP_APP_ID:
|
|
from_secret: azure_sp_app_id
|
|
AZURE_SP_PASSWORD:
|
|
from_secret: azure_sp_app_pw
|
|
AZURE_TENANT:
|
|
from_secret: azure_tenant
|
|
CYPRESS_CI: "true"
|
|
GITHUB_TOKEN:
|
|
from_secret: github_token
|
|
HOST: grafana-server
|
|
image: us-docker.pkg.dev/grafanalabs-dev/cloud-data-sources/e2e-13.10.0:1.0.0
|
|
name: end-to-end-tests-cloud-plugins-suite-azure
|
|
when:
|
|
paths:
|
|
include:
|
|
- pkg/tsdb/azuremonitor/**
|
|
- public/app/plugins/datasource/azuremonitor/**
|
|
- e2e/cloud-plugins-suite/azure-monitor.spec.ts
|
|
repo:
|
|
- grafana/grafana
|
|
- commands:
|
|
- npx wait-on@7.0.1 http://$HOST:$PORT
|
|
- yarn playwright install --with-deps chromium
|
|
- yarn e2e:playwright
|
|
depends_on:
|
|
- grafana-server
|
|
environment:
|
|
HOST: grafana-server
|
|
PORT: "3001"
|
|
PROV_DIR: /grafana/scripts/grafana-server/tmp/conf/provisioning
|
|
image: node:20-bookworm
|
|
name: playwright-plugin-e2e
|
|
- commands:
|
|
- apt-get update
|
|
- apt-get install -yq zip
|
|
- printenv GCP_GRAFANA_UPLOAD_ARTIFACTS_KEY > /tmp/gcpkey_upload_artifacts.json
|
|
- gcloud auth activate-service-account --key-file=/tmp/gcpkey_upload_artifacts.json
|
|
- gsutil cp -r ./playwright-report/. gs://releng-pipeline-artifacts-dev/${DRONE_BUILD_NUMBER}/playwright-report
|
|
- export E2E_PLAYWRIGHT_REPORT_URL=https://storage.googleapis.com/releng-pipeline-artifacts-dev/${DRONE_BUILD_NUMBER}/playwright-report/index.html
|
|
- "echo \"E2E Playwright report uploaded to: \n $${E2E_PLAYWRIGHT_REPORT_URL}\""
|
|
depends_on:
|
|
- playwright-plugin-e2e
|
|
environment:
|
|
GCP_GRAFANA_UPLOAD_ARTIFACTS_KEY:
|
|
from_secret: gcp_upload_artifacts_key
|
|
failure: ignore
|
|
image: google/cloud-sdk:431.0.0
|
|
name: playwright-e2e-report-upload
|
|
when:
|
|
status:
|
|
- success
|
|
- failure
|
|
- commands:
|
|
- if [ ! -d ./playwright-report/trace ]; then echo 'all tests passed'; exit 0; fi
|
|
- export E2E_PLAYWRIGHT_REPORT_URL=https://storage.googleapis.com/releng-pipeline-artifacts-dev/${DRONE_BUILD_NUMBER}/playwright-report/index.html
|
|
- 'curl -L -X POST https://api.github.com/repos/grafana/grafana/issues/${DRONE_PULL_REQUEST}/comments
|
|
-H "Accept: application/vnd.github+json" -H "Authorization: Bearer $${GITHUB_TOKEN}"
|
|
-H "X-GitHub-Api-Version: 2022-11-28" -d "{\"body\":\"❌ Failed to run Playwright
|
|
plugin e2e tests. <br /> <br /> Click [here]($${E2E_PLAYWRIGHT_REPORT_URL}) to
|
|
browse the Playwright report and trace viewer. <br /> For information on how to
|
|
run Playwright tests locally, refer to the [Developer guide](https://github.com/grafana/grafana/blob/main/contribute/developer-guide.md#to-run-the-playwright-tests).
|
|
\"}"'
|
|
depends_on:
|
|
- playwright-e2e-report-upload
|
|
environment:
|
|
GITHUB_TOKEN:
|
|
from_secret: github_token
|
|
failure: ignore
|
|
image: byrnedo/alpine-curl:0.1.8
|
|
name: playwright-e2e-report-post-link
|
|
when:
|
|
status:
|
|
- success
|
|
- failure
|
|
- commands:
|
|
- if [ -z `find ./e2e -type f -name *spec.ts.mp4` ]; then echo 'missing videos';
|
|
false; fi
|
|
- apt-get update
|
|
- apt-get install -yq zip
|
|
- printenv GCP_GRAFANA_UPLOAD_ARTIFACTS_KEY > /tmp/gcpkey_upload_artifacts.json
|
|
- gcloud auth activate-service-account --key-file=/tmp/gcpkey_upload_artifacts.json
|
|
- find ./e2e -type f -name "*spec.ts.mp4" | zip e2e/videos.zip -@
|
|
- gsutil cp e2e/videos.zip gs://$${E2E_TEST_ARTIFACTS_BUCKET}/${DRONE_BUILD_NUMBER}/artifacts/videos/videos.zip
|
|
- export E2E_ARTIFACTS_VIDEO_ZIP=https://storage.googleapis.com/$${E2E_TEST_ARTIFACTS_BUCKET}/${DRONE_BUILD_NUMBER}/artifacts/videos/videos.zip
|
|
- 'echo "E2E Test artifacts uploaded to: $${E2E_ARTIFACTS_VIDEO_ZIP}"'
|
|
- 'curl -X POST https://api.github.com/repos/${DRONE_REPO}/statuses/${DRONE_COMMIT_SHA}
|
|
-H "Authorization: token $${GITHUB_TOKEN}" -d "{\"state\":\"success\",\"target_url\":\"$${E2E_ARTIFACTS_VIDEO_ZIP}\",
|
|
\"description\": \"Click on the details to download e2e recording videos\", \"context\":
|
|
\"e2e_artifacts\"}"'
|
|
depends_on:
|
|
- end-to-end-tests-dashboards-suite
|
|
- end-to-end-tests-panels-suite
|
|
- end-to-end-tests-smoke-tests-suite
|
|
- end-to-end-tests-various-suite
|
|
environment:
|
|
E2E_TEST_ARTIFACTS_BUCKET: releng-pipeline-artifacts-dev
|
|
GCP_GRAFANA_UPLOAD_ARTIFACTS_KEY:
|
|
from_secret: gcp_upload_artifacts_key
|
|
GITHUB_TOKEN:
|
|
from_secret: github_token
|
|
failure: ignore
|
|
image: google/cloud-sdk:431.0.0
|
|
name: e2e-tests-artifacts-upload
|
|
when:
|
|
status:
|
|
- success
|
|
- failure
|
|
- commands:
|
|
- yarn storybook:build
|
|
- ./bin/build verify-storybook
|
|
depends_on:
|
|
- rgm-package
|
|
- build-frontend-packages
|
|
environment:
|
|
NODE_OPTIONS: --max_old_space_size=4096
|
|
image: node:20.9.0-alpine
|
|
name: build-storybook
|
|
when:
|
|
paths:
|
|
include:
|
|
- packages/grafana-ui/**
|
|
- commands:
|
|
- npx wait-on@7.0.1 http://$HOST:$PORT
|
|
- pa11y-ci --config .pa11yci-pr.conf.js
|
|
depends_on:
|
|
- grafana-server
|
|
environment:
|
|
GRAFANA_MISC_STATS_API_KEY:
|
|
from_secret: grafana_misc_stats_api_key
|
|
HOST: grafana-server
|
|
PORT: 3001
|
|
failure: always
|
|
image: grafana/docker-puppeteer:1.1.0
|
|
name: test-a11y-frontend
|
|
- commands:
|
|
- docker run --privileged --rm tonistiigi/binfmt --install all
|
|
- /src/grafana-build artifacts -a docker:grafana:linux/amd64 -a docker:grafana:linux/amd64:ubuntu
|
|
-a docker:grafana:linux/arm64 -a docker:grafana:linux/arm64:ubuntu -a docker:grafana:linux/arm/v7
|
|
-a docker:grafana:linux/arm/v7:ubuntu --yarn-cache=$$YARN_CACHE_FOLDER --build-id=$$DRONE_BUILD_NUMBER
|
|
--go-version=1.22.4 --ubuntu-base=ubuntu:22.04 --alpine-base=alpine:3.19.1 --tag-format='{{
|
|
.version_base }}-{{ .buildID }}-{{ .arch }}' --grafana-dir=$$PWD --ubuntu-tag-format='{{
|
|
.version_base }}-{{ .buildID }}-ubuntu-{{ .arch }}' > docker.txt
|
|
- find ./dist -name '*docker*.tar.gz' -type f | xargs -n1 docker load -i
|
|
depends_on:
|
|
- yarn-install
|
|
environment:
|
|
_EXPERIMENTAL_DAGGER_CLOUD_TOKEN:
|
|
from_secret: dagger_token
|
|
image: grafana/grafana-build:main
|
|
name: rgm-build-docker
|
|
pull: always
|
|
volumes:
|
|
- name: docker
|
|
path: /var/run/docker.sock
|
|
- commands:
|
|
- ./bin/grabpl artifacts docker publish --dockerhub-repo grafana/grafana
|
|
depends_on:
|
|
- rgm-build-docker
|
|
environment:
|
|
DOCKER_PASSWORD:
|
|
from_secret: docker_password
|
|
DOCKER_USER:
|
|
from_secret: docker_username
|
|
GITHUB_APP_ID:
|
|
from_secret: delivery-bot-app-id
|
|
GITHUB_APP_INSTALLATION_ID:
|
|
from_secret: delivery-bot-app-installation-id
|
|
GITHUB_APP_PRIVATE_KEY:
|
|
from_secret: delivery-bot-app-private-key
|
|
failure: ignore
|
|
image: google/cloud-sdk:431.0.0
|
|
name: publish-images-grafana
|
|
volumes:
|
|
- name: docker
|
|
path: /var/run/docker.sock
|
|
trigger:
|
|
event:
|
|
- pull_request
|
|
paths:
|
|
exclude:
|
|
- '*.md'
|
|
- docs/**
|
|
- latest.json
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on: []
|
|
environment:
|
|
EDITION: oss
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: pr-integration-tests
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services:
|
|
- environment:
|
|
PGDATA: /var/lib/postgresql/data/pgdata
|
|
POSTGRES_DB: grafanatest
|
|
POSTGRES_PASSWORD: grafanatest
|
|
POSTGRES_USER: grafanatest
|
|
image: postgres:12.3-alpine
|
|
name: postgres
|
|
volumes:
|
|
- name: postgres
|
|
path: /var/lib/postgresql/data/pgdata
|
|
- commands:
|
|
- docker-entrypoint.sh mysqld --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci
|
|
environment:
|
|
MYSQL_DATABASE: grafana_tests
|
|
MYSQL_PASSWORD: password
|
|
MYSQL_ROOT_PASSWORD: rootpass
|
|
MYSQL_USER: grafana
|
|
image: mysql:5.7.39
|
|
name: mysql57
|
|
volumes:
|
|
- name: mysql57
|
|
path: /var/lib/mysql
|
|
- commands:
|
|
- docker-entrypoint.sh mysqld --default-authentication-plugin=mysql_native_password
|
|
environment:
|
|
MYSQL_DATABASE: grafana_tests
|
|
MYSQL_PASSWORD: password
|
|
MYSQL_ROOT_PASSWORD: rootpass
|
|
MYSQL_USER: grafana
|
|
image: mysql:8.0.32
|
|
name: mysql80
|
|
volumes:
|
|
- name: mysql80
|
|
path: /var/lib/mysql
|
|
- commands:
|
|
- /bin/mimir -target=backend -alertmanager.grafana-alertmanager-compatibility-enabled
|
|
environment: {}
|
|
image: us.gcr.io/kubernetes-dev/mimir:santihernandezc-validate_grafana_am_config-1e903e462-WIP
|
|
name: mimir_backend
|
|
- environment: {}
|
|
image: redis:6.2.11-alpine
|
|
name: redis
|
|
- environment: {}
|
|
image: memcached:1.6.9-alpine
|
|
name: memcached
|
|
steps:
|
|
- commands:
|
|
- apk add --update curl jq bash
|
|
- is_fork=$(curl "https://$GITHUB_TOKEN@api.github.com/repos/grafana/grafana/pulls/$DRONE_PULL_REQUEST"
|
|
| jq .head.repo.fork)
|
|
- if [ "$is_fork" != false ]; then return 1; fi
|
|
- git clone "https://$${GITHUB_TOKEN}@github.com/grafana/grafana-enterprise.git"
|
|
../grafana-enterprise
|
|
- cd ../grafana-enterprise
|
|
- if git checkout ${DRONE_SOURCE_BRANCH}; then echo "checked out ${DRONE_SOURCE_BRANCH}";
|
|
elif git checkout ${DRONE_TARGET_BRANCH}; then echo "git checkout ${DRONE_TARGET_BRANCH}";
|
|
else git checkout main; fi
|
|
- cd ../
|
|
- ln -s src grafana
|
|
- cd ./grafana-enterprise
|
|
- ./build.sh
|
|
environment:
|
|
GITHUB_TOKEN:
|
|
from_secret: github_token
|
|
failure: ignore
|
|
image: alpine/git:2.40.1
|
|
name: clone-enterprise
|
|
- commands:
|
|
- mkdir -p bin
|
|
- curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v3.0.50/grabpl
|
|
- chmod +x bin/grabpl
|
|
image: byrnedo/alpine-curl:0.1.8
|
|
name: grabpl
|
|
- commands:
|
|
- go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd
|
|
depends_on: []
|
|
environment:
|
|
CGO_ENABLED: 0
|
|
image: golang:1.22.4-alpine
|
|
name: compile-build-cmd
|
|
- commands:
|
|
- echo $DRONE_RUNNER_NAME
|
|
image: alpine:3.19.1
|
|
name: identify-runner
|
|
- commands:
|
|
- '# It is required that code generated from Thema/CUE be committed and in sync
|
|
with its inputs.'
|
|
- '# The following command will fail if running code generators produces any diff
|
|
in output.'
|
|
- apk add --update make
|
|
- CODEGEN_VERIFY=1 make gen-cue
|
|
depends_on: []
|
|
image: golang:1.22.4-alpine
|
|
name: verify-gen-cue
|
|
- commands:
|
|
- '# It is required that generated jsonnet is committed and in sync with its inputs.'
|
|
- '# The following command will fail if running code generators produces any diff
|
|
in output.'
|
|
- apk add --update make
|
|
- CODEGEN_VERIFY=1 make gen-jsonnet
|
|
depends_on: []
|
|
image: golang:1.22.4-alpine
|
|
name: verify-gen-jsonnet
|
|
- commands:
|
|
- apk add --update make
|
|
- make gen-go
|
|
depends_on:
|
|
- verify-gen-cue
|
|
image: golang:1.22.4-alpine
|
|
name: wire-install
|
|
- commands:
|
|
- dockerize -wait tcp://postgres:5432 -timeout 120s
|
|
image: jwilder/dockerize:0.6.1
|
|
name: wait-for-postgres
|
|
- commands:
|
|
- apk add --update build-base
|
|
- apk add --update postgresql-client
|
|
- psql -p 5432 -h postgres -U grafanatest -d grafanatest -f devenv/docker/blocks/postgres_tests/setup.sql
|
|
- go clean -testcache
|
|
- go test -p=1 -count=1 -covermode=atomic -timeout=5m -run '^TestIntegration' $(find
|
|
./pkg -type f -name '*_test.go' -exec grep -l '^func TestIntegration' '{}' '+'
|
|
| grep -o '\(.*\)/' | sort -u)
|
|
depends_on:
|
|
- wire-install
|
|
- wait-for-postgres
|
|
environment:
|
|
GRAFANA_TEST_DB: postgres
|
|
PGPASSWORD: grafanatest
|
|
POSTGRES_HOST: postgres
|
|
image: golang:1.22.4-alpine
|
|
name: postgres-integration-tests
|
|
- commands:
|
|
- dockerize -wait tcp://mysql57:3306 -timeout 120s
|
|
image: jwilder/dockerize:0.6.1
|
|
name: wait-for-mysql-5.7
|
|
- commands:
|
|
- apk add --update build-base
|
|
- apk add --update mysql-client
|
|
- cat devenv/docker/blocks/mysql_tests/setup.sql | mysql -h mysql57 -P 3306 -u root
|
|
-prootpass
|
|
- go clean -testcache
|
|
- go test -p=1 -count=1 -covermode=atomic -timeout=5m -run '^TestIntegration' $(find
|
|
./pkg -type f -name '*_test.go' -exec grep -l '^func TestIntegration' '{}' '+'
|
|
| grep -o '\(.*\)/' | sort -u)
|
|
depends_on:
|
|
- wire-install
|
|
- wait-for-mysql-5.7
|
|
environment:
|
|
GRAFANA_TEST_DB: mysql
|
|
MYSQL_HOST: mysql57
|
|
image: golang:1.22.4-alpine
|
|
name: mysql-5.7-integration-tests
|
|
- commands:
|
|
- dockerize -wait tcp://mysql80:3306 -timeout 120s
|
|
image: jwilder/dockerize:0.6.1
|
|
name: wait-for-mysql-8.0
|
|
- commands:
|
|
- apk add --update build-base
|
|
- apk add --update mysql-client
|
|
- cat devenv/docker/blocks/mysql_tests/setup.sql | mysql -h mysql80 -P 3306 -u root
|
|
-prootpass
|
|
- go clean -testcache
|
|
- go test -p=1 -count=1 -covermode=atomic -timeout=5m -run '^TestIntegration' $(find
|
|
./pkg -type f -name '*_test.go' -exec grep -l '^func TestIntegration' '{}' '+'
|
|
| grep -o '\(.*\)/' | sort -u)
|
|
depends_on:
|
|
- wire-install
|
|
- wait-for-mysql-8.0
|
|
environment:
|
|
GRAFANA_TEST_DB: mysql
|
|
MYSQL_HOST: mysql80
|
|
image: golang:1.22.4-alpine
|
|
name: mysql-8.0-integration-tests
|
|
- commands:
|
|
- dockerize -wait tcp://redis:6379 -timeout 120s
|
|
image: jwilder/dockerize:0.6.1
|
|
name: wait-for-redis
|
|
- commands:
|
|
- apk add --update build-base
|
|
- go clean -testcache
|
|
- go list -f '{{.Dir}}/...' -m | xargs go test -run IntegrationRedis -covermode=atomic
|
|
-timeout=2m
|
|
depends_on:
|
|
- wire-install
|
|
- wait-for-redis
|
|
environment:
|
|
REDIS_URL: redis://redis:6379/0
|
|
image: golang:1.22.4-alpine
|
|
name: redis-integration-tests
|
|
- commands:
|
|
- dockerize -wait tcp://memcached:11211 -timeout 120s
|
|
image: jwilder/dockerize:0.6.1
|
|
name: wait-for-memcached
|
|
- commands:
|
|
- apk add --update build-base
|
|
- go clean -testcache
|
|
- go list -f '{{.Dir}}/...' -m | xargs go test -run IntegrationMemcached -covermode=atomic
|
|
-timeout=2m
|
|
depends_on:
|
|
- wire-install
|
|
- wait-for-memcached
|
|
environment:
|
|
MEMCACHED_HOSTS: memcached:11211
|
|
image: golang:1.22.4-alpine
|
|
name: memcached-integration-tests
|
|
- commands:
|
|
- dockerize -wait tcp://mimir_backend:8080 -timeout 120s
|
|
image: jwilder/dockerize:0.6.1
|
|
name: wait-for-remote-alertmanager
|
|
- commands:
|
|
- apk add --update build-base
|
|
- go clean -testcache
|
|
- go test -run TestIntegrationRemoteAlertmanager -covermode=atomic -timeout=2m ./pkg/services/ngalert/...
|
|
depends_on:
|
|
- wire-install
|
|
- wait-for-remote-alertmanager
|
|
environment:
|
|
AM_TENANT_ID: test
|
|
AM_URL: http://mimir_backend:8080
|
|
image: golang:1.22.4-alpine
|
|
name: remote-alertmanager-integration-tests
|
|
trigger:
|
|
event:
|
|
- pull_request
|
|
paths:
|
|
exclude:
|
|
- docs/**
|
|
- '*.md'
|
|
include:
|
|
- pkg/**
|
|
- packaging/**
|
|
- .drone.yml
|
|
- conf/**
|
|
- go.sum
|
|
- go.mod
|
|
- public/app/plugins/**/plugin.json
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
- name: postgres
|
|
temp:
|
|
medium: memory
|
|
- name: mysql57
|
|
temp:
|
|
medium: memory
|
|
- name: mysql80
|
|
temp:
|
|
medium: memory
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on: []
|
|
environment:
|
|
EDITION: oss
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: pr-docs
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- echo $DRONE_RUNNER_NAME
|
|
image: alpine:3.19.1
|
|
name: identify-runner
|
|
- commands:
|
|
- yarn install --immutable || yarn install --immutable
|
|
depends_on: []
|
|
image: node:20.9.0-alpine
|
|
name: yarn-install
|
|
- commands:
|
|
- pip3 install codespell
|
|
- codespell -I docs/.codespellignore docs/
|
|
image: python:3.8
|
|
name: codespell
|
|
- commands:
|
|
- yarn run prettier:checkDocs
|
|
depends_on:
|
|
- yarn-install
|
|
environment:
|
|
NODE_OPTIONS: --max_old_space_size=8192
|
|
image: node:20.9.0-alpine
|
|
name: lint-docs
|
|
- commands:
|
|
- mkdir -p /hugo/content/docs/grafana/latest
|
|
- 'echo -e ''---\nredirectURL: /docs/grafana/latest/\ntype: redirect\nversioned:
|
|
true\n---\n'' > /hugo/content/docs/grafana/_index.md'
|
|
- cp -r docs/sources/* /hugo/content/docs/grafana/latest/
|
|
- cd /hugo && make prod
|
|
image: grafana/docs-base:latest
|
|
name: build-docs-website
|
|
pull: always
|
|
- commands:
|
|
- '# It is required that code generated from Thema/CUE be committed and in sync
|
|
with its inputs.'
|
|
- '# The following command will fail if running code generators produces any diff
|
|
in output.'
|
|
- apk add --update make
|
|
- CODEGEN_VERIFY=1 make gen-cue
|
|
depends_on: []
|
|
image: golang:1.22.4-alpine
|
|
name: verify-gen-cue
|
|
trigger:
|
|
event:
|
|
- pull_request
|
|
paths:
|
|
include:
|
|
- '*.md'
|
|
- docs/**
|
|
- packages/**/*.md
|
|
- latest.json
|
|
repo:
|
|
- grafana/grafana
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on: []
|
|
environment:
|
|
EDITION: oss
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: pr-shellcheck
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd
|
|
depends_on: []
|
|
environment:
|
|
CGO_ENABLED: 0
|
|
image: golang:1.22.4-alpine
|
|
name: compile-build-cmd
|
|
- commands:
|
|
- apt-get update -yq && apt-get install shellcheck
|
|
- shellcheck -e SC1071 -e SC2162 scripts/**/*.sh
|
|
image: ubuntu:22.04
|
|
name: shellcheck
|
|
trigger:
|
|
event:
|
|
- pull_request
|
|
paths:
|
|
exclude:
|
|
- '*.md'
|
|
- docs/**
|
|
- latest.json
|
|
include:
|
|
- scripts/**/*.sh
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on: []
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: pr-swagger-gen
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- apk add --update curl jq bash
|
|
- is_fork=$(curl "https://$GITHUB_TOKEN@api.github.com/repos/grafana/grafana/pulls/$DRONE_PULL_REQUEST"
|
|
| jq .head.repo.fork)
|
|
- if [ "$is_fork" != false ]; then return 1; fi
|
|
- git clone "https://$${GITHUB_TOKEN}@github.com/grafana/grafana-enterprise.git"
|
|
../grafana-enterprise
|
|
- cd ../grafana-enterprise
|
|
- if git checkout ${DRONE_SOURCE_BRANCH}; then echo "checked out ${DRONE_SOURCE_BRANCH}";
|
|
elif git checkout ${DRONE_TARGET_BRANCH}; then echo "git checkout ${DRONE_TARGET_BRANCH}";
|
|
else git checkout main; fi
|
|
- cd ../
|
|
- ln -s src grafana
|
|
- cd ./grafana-enterprise
|
|
- ./build.sh
|
|
environment:
|
|
GITHUB_TOKEN:
|
|
from_secret: github_token
|
|
failure: ignore
|
|
image: alpine/git:2.40.1
|
|
name: clone-enterprise
|
|
- commands:
|
|
- apk add --update git make
|
|
- make swagger-clean && make openapi3-gen
|
|
- for f in public/api-merged.json public/openapi3.json; do git add $f; done
|
|
- if [ -z "$(git diff --name-only --cached)" ]; then echo "Everything seems up to
|
|
date!"; else git diff --cached && echo "Please ensure the branch is up-to-date,
|
|
then regenerate the specification by running make swagger-clean && make openapi3-gen"
|
|
&& return 1; fi
|
|
depends_on:
|
|
- clone-enterprise
|
|
environment:
|
|
GITHUB_TOKEN:
|
|
from_secret: github_token
|
|
image: golang:1.22.4-alpine
|
|
name: swagger-gen
|
|
trigger:
|
|
event:
|
|
- pull_request
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on: []
|
|
environment:
|
|
EDITION: oss
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: pr-integration-benchmarks
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services:
|
|
- environment:
|
|
PGDATA: /var/lib/postgresql/data/pgdata
|
|
POSTGRES_DB: grafanatest
|
|
POSTGRES_PASSWORD: grafanatest
|
|
POSTGRES_USER: grafanatest
|
|
image: postgres:12.3-alpine
|
|
name: postgres
|
|
volumes:
|
|
- name: postgres
|
|
path: /var/lib/postgresql/data/pgdata
|
|
- commands:
|
|
- docker-entrypoint.sh mysqld --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci
|
|
environment:
|
|
MYSQL_DATABASE: grafana_tests
|
|
MYSQL_PASSWORD: password
|
|
MYSQL_ROOT_PASSWORD: rootpass
|
|
MYSQL_USER: grafana
|
|
image: mysql:5.7.39
|
|
name: mysql57
|
|
volumes:
|
|
- name: mysql57
|
|
path: /var/lib/mysql
|
|
- commands:
|
|
- docker-entrypoint.sh mysqld --default-authentication-plugin=mysql_native_password
|
|
environment:
|
|
MYSQL_DATABASE: grafana_tests
|
|
MYSQL_PASSWORD: password
|
|
MYSQL_ROOT_PASSWORD: rootpass
|
|
MYSQL_USER: grafana
|
|
image: mysql:8.0.32
|
|
name: mysql80
|
|
volumes:
|
|
- name: mysql80
|
|
path: /var/lib/mysql
|
|
- commands:
|
|
- /bin/mimir -target=backend -alertmanager.grafana-alertmanager-compatibility-enabled
|
|
environment: {}
|
|
image: us.gcr.io/kubernetes-dev/mimir:santihernandezc-validate_grafana_am_config-1e903e462-WIP
|
|
name: mimir_backend
|
|
- environment: {}
|
|
image: redis:6.2.11-alpine
|
|
name: redis
|
|
- environment: {}
|
|
image: memcached:1.6.9-alpine
|
|
name: memcached
|
|
steps:
|
|
- commands:
|
|
- apk add --update curl jq bash
|
|
- git clone "https://$${GITHUB_TOKEN}@github.com/grafana/grafana-enterprise.git"
|
|
../grafana-enterprise
|
|
- cd ../grafana-enterprise
|
|
- if git checkout ${DRONE_SOURCE_BRANCH}; then echo "checked out ${DRONE_SOURCE_BRANCH}";
|
|
elif git checkout ${DRONE_TARGET_BRANCH}; then echo "git checkout ${DRONE_TARGET_BRANCH}";
|
|
else git checkout main; fi
|
|
- cd ../
|
|
- ln -s src grafana
|
|
- cd ./grafana-enterprise
|
|
- ./build.sh
|
|
environment:
|
|
GITHUB_TOKEN:
|
|
from_secret: github_token
|
|
failure: ignore
|
|
image: alpine/git:2.40.1
|
|
name: clone-enterprise
|
|
- commands:
|
|
- go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd
|
|
depends_on: []
|
|
environment:
|
|
CGO_ENABLED: 0
|
|
image: golang:1.22.4-alpine
|
|
name: compile-build-cmd
|
|
- commands:
|
|
- '# It is required that code generated from Thema/CUE be committed and in sync
|
|
with its inputs.'
|
|
- '# The following command will fail if running code generators produces any diff
|
|
in output.'
|
|
- apk add --update make
|
|
- CODEGEN_VERIFY=1 make gen-cue
|
|
depends_on:
|
|
- clone-enterprise
|
|
image: golang:1.22.4-alpine
|
|
name: verify-gen-cue
|
|
- commands:
|
|
- '# It is required that generated jsonnet is committed and in sync with its inputs.'
|
|
- '# The following command will fail if running code generators produces any diff
|
|
in output.'
|
|
- apk add --update make
|
|
- CODEGEN_VERIFY=1 make gen-jsonnet
|
|
depends_on:
|
|
- clone-enterprise
|
|
image: golang:1.22.4-alpine
|
|
name: verify-gen-jsonnet
|
|
- commands:
|
|
- apk add --update make
|
|
- make gen-go
|
|
depends_on:
|
|
- verify-gen-cue
|
|
image: golang:1.22.4-alpine
|
|
name: wire-install
|
|
- commands:
|
|
- apk add --update build-base
|
|
- if [ -z ${GO_PACKAGES} ]; then echo 'missing GO_PACKAGES'; false; fi
|
|
- go test -v -run=^$ -benchmem -timeout=1h -count=8 -bench=. ${GO_PACKAGES}
|
|
depends_on:
|
|
- wire-install
|
|
image: golang:1.22.4-alpine
|
|
name: sqlite-benchmark-integration-tests
|
|
- commands:
|
|
- apk add --update build-base
|
|
- if [ -z ${GO_PACKAGES} ]; then echo 'missing GO_PACKAGES'; false; fi
|
|
- go test -v -run=^$ -benchmem -timeout=1h -count=8 -bench=. ${GO_PACKAGES}
|
|
depends_on:
|
|
- wire-install
|
|
environment:
|
|
GRAFANA_TEST_DB: postgres
|
|
PGPASSWORD: grafanatest
|
|
POSTGRES_HOST: postgres
|
|
image: golang:1.22.4-alpine
|
|
name: postgres-benchmark-integration-tests
|
|
- commands:
|
|
- apk add --update build-base
|
|
- if [ -z ${GO_PACKAGES} ]; then echo 'missing GO_PACKAGES'; false; fi
|
|
- go test -v -run=^$ -benchmem -timeout=1h -count=8 -bench=. ${GO_PACKAGES}
|
|
depends_on:
|
|
- wire-install
|
|
environment:
|
|
GRAFANA_TEST_DB: mysql
|
|
MYSQL_HOST: mysql57
|
|
image: golang:1.22.4-alpine
|
|
name: mysql-5.7-benchmark-integration-tests
|
|
- commands:
|
|
- apk add --update build-base
|
|
- if [ -z ${GO_PACKAGES} ]; then echo 'missing GO_PACKAGES'; false; fi
|
|
- go test -v -run=^$ -benchmem -timeout=1h -count=8 -bench=. ${GO_PACKAGES}
|
|
depends_on:
|
|
- wire-install
|
|
environment:
|
|
GRAFANA_TEST_DB: mysql
|
|
MYSQL_HOST: mysql80
|
|
image: golang:1.22.4-alpine
|
|
name: mysql-8.0-benchmark-integration-tests
|
|
trigger:
|
|
event:
|
|
- promote
|
|
target:
|
|
- gobenchmarks
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
- name: postgres
|
|
temp:
|
|
medium: memory
|
|
- name: mysql57
|
|
temp:
|
|
medium: memory
|
|
- name: mysql80
|
|
temp:
|
|
medium: memory
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on: []
|
|
environment:
|
|
EDITION: oss
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: main-docs
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- echo $DRONE_RUNNER_NAME
|
|
image: alpine:3.19.1
|
|
name: identify-runner
|
|
- commands:
|
|
- yarn install --immutable || yarn install --immutable
|
|
depends_on: []
|
|
image: node:20.9.0-alpine
|
|
name: yarn-install
|
|
- commands:
|
|
- pip3 install codespell
|
|
- codespell -I docs/.codespellignore docs/
|
|
image: python:3.8
|
|
name: codespell
|
|
- commands:
|
|
- yarn run prettier:checkDocs
|
|
depends_on:
|
|
- yarn-install
|
|
environment:
|
|
NODE_OPTIONS: --max_old_space_size=8192
|
|
image: node:20.9.0-alpine
|
|
name: lint-docs
|
|
- commands:
|
|
- mkdir -p /hugo/content/docs/grafana/latest
|
|
- 'echo -e ''---\nredirectURL: /docs/grafana/latest/\ntype: redirect\nversioned:
|
|
true\n---\n'' > /hugo/content/docs/grafana/_index.md'
|
|
- cp -r docs/sources/* /hugo/content/docs/grafana/latest/
|
|
- cd /hugo && make prod
|
|
image: grafana/docs-base:latest
|
|
name: build-docs-website
|
|
pull: always
|
|
- commands:
|
|
- '# It is required that code generated from Thema/CUE be committed and in sync
|
|
with its inputs.'
|
|
- '# The following command will fail if running code generators produces any diff
|
|
in output.'
|
|
- apk add --update make
|
|
- CODEGEN_VERIFY=1 make gen-cue
|
|
depends_on: []
|
|
image: golang:1.22.4-alpine
|
|
name: verify-gen-cue
|
|
trigger:
|
|
branch: main
|
|
event:
|
|
- push
|
|
paths:
|
|
include:
|
|
- '*.md'
|
|
- docs/**
|
|
- packages/**/*.md
|
|
- latest.json
|
|
repo:
|
|
- grafana/grafana
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on: []
|
|
environment:
|
|
EDITION: oss
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: main-test-frontend
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- echo $DRONE_RUNNER_NAME
|
|
image: alpine:3.19.1
|
|
name: identify-runner
|
|
- commands:
|
|
- yarn install --immutable || yarn install --immutable
|
|
depends_on: []
|
|
image: node:20.9.0-alpine
|
|
name: yarn-install
|
|
- commands:
|
|
- apk add --update git bash
|
|
- yarn betterer ci
|
|
depends_on:
|
|
- yarn-install
|
|
image: node:20.9.0-alpine
|
|
name: betterer-frontend
|
|
- commands:
|
|
- yarn run ci:test-frontend
|
|
depends_on:
|
|
- yarn-install
|
|
environment:
|
|
TEST_MAX_WORKERS: 50%
|
|
image: node:20.9.0-alpine
|
|
name: test-frontend
|
|
trigger:
|
|
branch: main
|
|
event:
|
|
- push
|
|
paths:
|
|
exclude:
|
|
- '*.md'
|
|
- docs/**
|
|
- latest.json
|
|
repo:
|
|
- grafana/grafana
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on: []
|
|
environment:
|
|
EDITION: oss
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: main-lint-frontend
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- echo $DRONE_RUNNER_NAME
|
|
image: alpine:3.19.1
|
|
name: identify-runner
|
|
- commands:
|
|
- yarn install --immutable || yarn install --immutable
|
|
depends_on: []
|
|
image: node:20.9.0-alpine
|
|
name: yarn-install
|
|
- commands:
|
|
- yarn run prettier:check
|
|
- yarn run lint
|
|
- yarn run typecheck
|
|
depends_on:
|
|
- yarn-install
|
|
environment:
|
|
TEST_MAX_WORKERS: 50%
|
|
image: node:20.9.0-alpine
|
|
name: lint-frontend
|
|
- commands:
|
|
- |-
|
|
make i18n-extract || (echo "
|
|
Extraction failed. Make sure that you have no dynamic translation phrases, such as 't(\`preferences.theme.\$${themeID}\`, themeName)' and that no translation key is used twice. Search the output for '[warning]' to find the offending file." && false)
|
|
- "\n file_diff=$(git diff --dirstat public/locales)\n if
|
|
[ -n \"$file_diff\" ]; then\n echo $file_diff\n echo
|
|
\"\nTranslation extraction has not been committed. Please run 'make i18n-extract',
|
|
commit the changes and push again.\"\n exit 1\n fi\n
|
|
\ "
|
|
depends_on:
|
|
- yarn-install
|
|
image: node:20-bookworm
|
|
name: verify-i18n
|
|
trigger:
|
|
branch: main
|
|
event:
|
|
- push
|
|
paths:
|
|
exclude:
|
|
- '*.md'
|
|
- docs/**
|
|
- latest.json
|
|
repo:
|
|
- grafana/grafana
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on: []
|
|
environment:
|
|
EDITION: oss
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: main-test-backend
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- echo $DRONE_RUNNER_NAME
|
|
image: alpine:3.19.1
|
|
name: identify-runner
|
|
- commands:
|
|
- '# It is required that code generated from Thema/CUE be committed and in sync
|
|
with its inputs.'
|
|
- '# The following command will fail if running code generators produces any diff
|
|
in output.'
|
|
- apk add --update make
|
|
- CODEGEN_VERIFY=1 make gen-cue
|
|
depends_on: []
|
|
image: golang:1.22.4-alpine
|
|
name: verify-gen-cue
|
|
- commands:
|
|
- '# It is required that generated jsonnet is committed and in sync with its inputs.'
|
|
- '# The following command will fail if running code generators produces any diff
|
|
in output.'
|
|
- apk add --update make
|
|
- CODEGEN_VERIFY=1 make gen-jsonnet
|
|
depends_on: []
|
|
image: golang:1.22.4-alpine
|
|
name: verify-gen-jsonnet
|
|
- commands:
|
|
- apk add --update make
|
|
- make gen-go
|
|
depends_on:
|
|
- verify-gen-cue
|
|
image: golang:1.22.4-alpine
|
|
name: wire-install
|
|
- commands:
|
|
- apk add --update build-base shared-mime-info shared-mime-info-lang
|
|
- go list -f '{{.Dir}}/...' -m | xargs go test -tags requires_buildifer -short -covermode=atomic
|
|
-timeout=5m
|
|
depends_on:
|
|
- wire-install
|
|
image: golang:1.22.4-alpine
|
|
name: test-backend
|
|
- commands:
|
|
- apk add --update build-base
|
|
- go test -count=1 -covermode=atomic -timeout=5m -run '^TestIntegration' $(find
|
|
./pkg -type f -name '*_test.go' -exec grep -l '^func TestIntegration' '{}' '+'
|
|
| grep -o '\(.*\)/' | sort -u)
|
|
depends_on:
|
|
- wire-install
|
|
image: golang:1.22.4-alpine
|
|
name: test-backend-integration
|
|
trigger:
|
|
branch: main
|
|
event:
|
|
- push
|
|
paths:
|
|
exclude:
|
|
- '*.md'
|
|
- docs/**
|
|
- latest.json
|
|
repo:
|
|
- grafana/grafana
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on: []
|
|
environment:
|
|
EDITION: oss
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: main-lint-backend
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- echo $DRONE_RUNNER_NAME
|
|
image: alpine:3.19.1
|
|
name: identify-runner
|
|
- commands:
|
|
- go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd
|
|
depends_on: []
|
|
environment:
|
|
CGO_ENABLED: 0
|
|
image: golang:1.22.4-alpine
|
|
name: compile-build-cmd
|
|
- commands:
|
|
- apk add --update make
|
|
- make gen-go
|
|
depends_on: []
|
|
image: golang:1.22.4-alpine
|
|
name: wire-install
|
|
- commands:
|
|
- go run scripts/modowners/modowners.go check go.mod
|
|
image: golang:1.22.4-alpine
|
|
name: validate-modfile
|
|
- commands:
|
|
- apk add --update make
|
|
- make swagger-validate
|
|
image: golang:1.22.4-alpine
|
|
name: validate-openapi-spec
|
|
- commands:
|
|
- ./bin/build verify-drone
|
|
depends_on:
|
|
- compile-build-cmd
|
|
image: byrnedo/alpine-curl:0.1.8
|
|
name: lint-drone
|
|
trigger:
|
|
branch: main
|
|
event:
|
|
- push
|
|
paths:
|
|
exclude:
|
|
- '*.md'
|
|
- docs/**
|
|
- latest.json
|
|
repo:
|
|
- grafana/grafana
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on: []
|
|
environment:
|
|
EDITION: oss
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: main-build-e2e-publish
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- echo $DRONE_RUNNER_NAME
|
|
image: alpine:3.19.1
|
|
name: identify-runner
|
|
- commands:
|
|
- mkdir -p bin
|
|
- curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v3.0.50/grabpl
|
|
- chmod +x bin/grabpl
|
|
image: byrnedo/alpine-curl:0.1.8
|
|
name: grabpl
|
|
- commands:
|
|
- go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd
|
|
depends_on: []
|
|
environment:
|
|
CGO_ENABLED: 0
|
|
image: golang:1.22.4-alpine
|
|
name: compile-build-cmd
|
|
- commands:
|
|
- '# It is required that code generated from Thema/CUE be committed and in sync
|
|
with its inputs.'
|
|
- '# The following command will fail if running code generators produces any diff
|
|
in output.'
|
|
- apk add --update make
|
|
- CODEGEN_VERIFY=1 make gen-cue
|
|
depends_on: []
|
|
image: golang:1.22.4-alpine
|
|
name: verify-gen-cue
|
|
- commands:
|
|
- '# It is required that generated jsonnet is committed and in sync with its inputs.'
|
|
- '# The following command will fail if running code generators produces any diff
|
|
in output.'
|
|
- apk add --update make
|
|
- CODEGEN_VERIFY=1 make gen-jsonnet
|
|
depends_on: []
|
|
image: golang:1.22.4-alpine
|
|
name: verify-gen-jsonnet
|
|
- commands:
|
|
- apk add --update make
|
|
- make gen-go
|
|
depends_on:
|
|
- verify-gen-cue
|
|
image: golang:1.22.4-alpine
|
|
name: wire-install
|
|
- commands:
|
|
- yarn install --immutable || yarn install --immutable
|
|
depends_on: []
|
|
image: node:20.9.0-alpine
|
|
name: yarn-install
|
|
- commands:
|
|
- apk add --update jq
|
|
- new_version=$(cat package.json | jq -r .version | sed s/pre/${DRONE_BUILD_NUMBER}/g)
|
|
- 'echo "New version: $new_version"'
|
|
- yarn run lerna version $new_version --exact --no-git-tag-version --no-push --force-publish
|
|
-y
|
|
- yarn install --mode=update-lockfile
|
|
depends_on:
|
|
- yarn-install
|
|
image: node:20.9.0-alpine
|
|
name: update-package-json-version
|
|
- commands:
|
|
- apk add --update jq bash
|
|
- yarn packages:build
|
|
- yarn packages:pack
|
|
- ./scripts/validate-npm-packages.sh
|
|
depends_on:
|
|
- yarn-install
|
|
- update-package-json-version
|
|
environment:
|
|
NODE_OPTIONS: --max_old_space_size=8192
|
|
image: node:20.9.0-alpine
|
|
name: build-frontend-packages
|
|
- commands:
|
|
- /src/grafana-build artifacts -a targz:grafana:linux/amd64 -a targz:grafana:linux/arm64
|
|
-a targz:grafana:linux/arm/v7 --go-version=1.22.4 --yarn-cache=$$YARN_CACHE_FOLDER
|
|
--build-id=$$DRONE_BUILD_NUMBER --grafana-dir=$$PWD > packages.txt
|
|
depends_on:
|
|
- update-package-json-version
|
|
environment:
|
|
_EXPERIMENTAL_DAGGER_CLOUD_TOKEN:
|
|
from_secret: dagger_token
|
|
image: grafana/grafana-build:main
|
|
name: rgm-package
|
|
pull: always
|
|
volumes:
|
|
- name: docker
|
|
path: /var/run/docker.sock
|
|
- commands:
|
|
- apk add --update tar bash
|
|
- mkdir grafana
|
|
- tar --strip-components=1 -xvf ./dist/*amd64.tar.gz -C grafana
|
|
- cp -r devenv scripts tools grafana && cd grafana && ./scripts/grafana-server/start-server
|
|
depends_on:
|
|
- rgm-package
|
|
detach: true
|
|
environment:
|
|
GF_APP_MODE: development
|
|
GF_SERVER_HTTP_PORT: "3001"
|
|
GF_SERVER_ROUTER_LOGGING: "1"
|
|
image: alpine:3.19.1
|
|
name: grafana-server
|
|
- commands:
|
|
- ./bin/build e2e-tests --port 3001 --suite dashboards-suite
|
|
depends_on:
|
|
- grafana-server
|
|
environment:
|
|
HOST: grafana-server
|
|
image: cypress/included:13.10.0
|
|
name: end-to-end-tests-dashboards-suite
|
|
- commands:
|
|
- ./bin/build e2e-tests --port 3001 --suite smoke-tests-suite
|
|
depends_on:
|
|
- grafana-server
|
|
environment:
|
|
HOST: grafana-server
|
|
image: cypress/included:13.10.0
|
|
name: end-to-end-tests-smoke-tests-suite
|
|
- commands:
|
|
- ./bin/build e2e-tests --port 3001 --suite panels-suite
|
|
depends_on:
|
|
- grafana-server
|
|
environment:
|
|
HOST: grafana-server
|
|
image: cypress/included:13.10.0
|
|
name: end-to-end-tests-panels-suite
|
|
- commands:
|
|
- ./bin/build e2e-tests --port 3001 --suite various-suite
|
|
depends_on:
|
|
- grafana-server
|
|
environment:
|
|
HOST: grafana-server
|
|
image: cypress/included:13.10.0
|
|
name: end-to-end-tests-various-suite
|
|
- commands:
|
|
- cd /
|
|
- ./cpp-e2e/scripts/ci-run.sh azure ${DRONE_SOURCE_BRANCH}
|
|
depends_on:
|
|
- grafana-server
|
|
environment:
|
|
AZURE_SP_APP_ID:
|
|
from_secret: azure_sp_app_id
|
|
AZURE_SP_PASSWORD:
|
|
from_secret: azure_sp_app_pw
|
|
AZURE_TENANT:
|
|
from_secret: azure_tenant
|
|
CYPRESS_CI: "true"
|
|
GITHUB_TOKEN:
|
|
from_secret: github_token
|
|
HOST: grafana-server
|
|
image: us-docker.pkg.dev/grafanalabs-dev/cloud-data-sources/e2e-13.10.0:1.0.0
|
|
name: end-to-end-tests-cloud-plugins-suite-azure
|
|
when:
|
|
paths:
|
|
include:
|
|
- pkg/tsdb/azuremonitor/**
|
|
- public/app/plugins/datasource/azuremonitor/**
|
|
- e2e/cloud-plugins-suite/azure-monitor.spec.ts
|
|
repo:
|
|
- grafana/grafana
|
|
- commands:
|
|
- npx wait-on@7.0.1 http://$HOST:$PORT
|
|
- yarn playwright install --with-deps chromium
|
|
- yarn e2e:playwright
|
|
depends_on:
|
|
- grafana-server
|
|
environment:
|
|
HOST: grafana-server
|
|
PORT: "3001"
|
|
PROV_DIR: /grafana/scripts/grafana-server/tmp/conf/provisioning
|
|
image: node:20-bookworm
|
|
name: playwright-plugin-e2e
|
|
- commands:
|
|
- apt-get update
|
|
- apt-get install -yq zip
|
|
- printenv GCP_GRAFANA_UPLOAD_ARTIFACTS_KEY > /tmp/gcpkey_upload_artifacts.json
|
|
- gcloud auth activate-service-account --key-file=/tmp/gcpkey_upload_artifacts.json
|
|
- gsutil cp -r ./playwright-report/. gs://releng-pipeline-artifacts-dev/${DRONE_BUILD_NUMBER}/playwright-report
|
|
- export E2E_PLAYWRIGHT_REPORT_URL=https://storage.googleapis.com/releng-pipeline-artifacts-dev/${DRONE_BUILD_NUMBER}/playwright-report/index.html
|
|
- "echo \"E2E Playwright report uploaded to: \n $${E2E_PLAYWRIGHT_REPORT_URL}\""
|
|
depends_on:
|
|
- playwright-plugin-e2e
|
|
environment:
|
|
GCP_GRAFANA_UPLOAD_ARTIFACTS_KEY:
|
|
from_secret: gcp_upload_artifacts_key
|
|
failure: ignore
|
|
image: google/cloud-sdk:431.0.0
|
|
name: playwright-e2e-report-upload
|
|
when:
|
|
status:
|
|
- success
|
|
- failure
|
|
- commands:
|
|
- if [ ! -d ./playwright-report/trace ]; then echo 'all tests passed'; exit 0; fi
|
|
- export E2E_PLAYWRIGHT_REPORT_URL=https://storage.googleapis.com/releng-pipeline-artifacts-dev/${DRONE_BUILD_NUMBER}/playwright-report/index.html
|
|
- 'curl -L -X POST https://api.github.com/repos/grafana/grafana/issues/${DRONE_PULL_REQUEST}/comments
|
|
-H "Accept: application/vnd.github+json" -H "Authorization: Bearer $${GITHUB_TOKEN}"
|
|
-H "X-GitHub-Api-Version: 2022-11-28" -d "{\"body\":\"❌ Failed to run Playwright
|
|
plugin e2e tests. <br /> <br /> Click [here]($${E2E_PLAYWRIGHT_REPORT_URL}) to
|
|
browse the Playwright report and trace viewer. <br /> For information on how to
|
|
run Playwright tests locally, refer to the [Developer guide](https://github.com/grafana/grafana/blob/main/contribute/developer-guide.md#to-run-the-playwright-tests).
|
|
\"}"'
|
|
depends_on:
|
|
- playwright-e2e-report-upload
|
|
environment:
|
|
GITHUB_TOKEN:
|
|
from_secret: github_token
|
|
failure: ignore
|
|
image: byrnedo/alpine-curl:0.1.8
|
|
name: playwright-e2e-report-post-link
|
|
when:
|
|
status:
|
|
- success
|
|
- failure
|
|
- commands:
|
|
- if [ -z `find ./e2e -type f -name *spec.ts.mp4` ]; then echo 'missing videos';
|
|
false; fi
|
|
- apt-get update
|
|
- apt-get install -yq zip
|
|
- printenv GCP_GRAFANA_UPLOAD_ARTIFACTS_KEY > /tmp/gcpkey_upload_artifacts.json
|
|
- gcloud auth activate-service-account --key-file=/tmp/gcpkey_upload_artifacts.json
|
|
- find ./e2e -type f -name "*spec.ts.mp4" | zip e2e/videos.zip -@
|
|
- gsutil cp e2e/videos.zip gs://$${E2E_TEST_ARTIFACTS_BUCKET}/${DRONE_BUILD_NUMBER}/artifacts/videos/videos.zip
|
|
- export E2E_ARTIFACTS_VIDEO_ZIP=https://storage.googleapis.com/$${E2E_TEST_ARTIFACTS_BUCKET}/${DRONE_BUILD_NUMBER}/artifacts/videos/videos.zip
|
|
- 'echo "E2E Test artifacts uploaded to: $${E2E_ARTIFACTS_VIDEO_ZIP}"'
|
|
- 'curl -X POST https://api.github.com/repos/${DRONE_REPO}/statuses/${DRONE_COMMIT_SHA}
|
|
-H "Authorization: token $${GITHUB_TOKEN}" -d "{\"state\":\"success\",\"target_url\":\"$${E2E_ARTIFACTS_VIDEO_ZIP}\",
|
|
\"description\": \"Click on the details to download e2e recording videos\", \"context\":
|
|
\"e2e_artifacts\"}"'
|
|
depends_on:
|
|
- end-to-end-tests-dashboards-suite
|
|
- end-to-end-tests-panels-suite
|
|
- end-to-end-tests-smoke-tests-suite
|
|
- end-to-end-tests-various-suite
|
|
environment:
|
|
E2E_TEST_ARTIFACTS_BUCKET: releng-pipeline-artifacts-dev
|
|
GCP_GRAFANA_UPLOAD_ARTIFACTS_KEY:
|
|
from_secret: gcp_upload_artifacts_key
|
|
GITHUB_TOKEN:
|
|
from_secret: github_token
|
|
failure: ignore
|
|
image: google/cloud-sdk:431.0.0
|
|
name: e2e-tests-artifacts-upload
|
|
when:
|
|
status:
|
|
- success
|
|
- failure
|
|
- commands:
|
|
- yarn storybook:build
|
|
- ./bin/build verify-storybook
|
|
depends_on:
|
|
- rgm-package
|
|
- build-frontend-packages
|
|
environment:
|
|
NODE_OPTIONS: --max_old_space_size=4096
|
|
image: node:20.9.0-alpine
|
|
name: build-storybook
|
|
when:
|
|
paths:
|
|
include:
|
|
- packages/grafana-ui/**
|
|
- commands:
|
|
- npx wait-on@7.0.1 http://$HOST:$PORT
|
|
- pa11y-ci --config .pa11yci.conf.js --json > pa11y-ci-results.json
|
|
depends_on:
|
|
- grafana-server
|
|
environment:
|
|
GRAFANA_MISC_STATS_API_KEY:
|
|
from_secret: grafana_misc_stats_api_key
|
|
HOST: grafana-server
|
|
PORT: 3001
|
|
failure: ignore
|
|
image: grafana/docker-puppeteer:1.1.0
|
|
name: test-a11y-frontend
|
|
- commands:
|
|
- ./bin/build store-storybook --deployment canary
|
|
depends_on:
|
|
- build-storybook
|
|
- end-to-end-tests-dashboards-suite
|
|
- end-to-end-tests-panels-suite
|
|
- end-to-end-tests-smoke-tests-suite
|
|
- end-to-end-tests-various-suite
|
|
environment:
|
|
GCP_KEY:
|
|
from_secret: gcp_grafanauploads
|
|
PRERELEASE_BUCKET:
|
|
from_secret: prerelease_bucket
|
|
image: grafana/grafana-ci-deploy:1.3.3
|
|
name: store-storybook
|
|
when:
|
|
paths:
|
|
include:
|
|
- packages/grafana-ui/**
|
|
repo:
|
|
- grafana/grafana
|
|
- commands:
|
|
- apk add --update bash grep git
|
|
- ./scripts/ci-frontend-metrics.sh ./grafana/public/build | ./bin/build publish-metrics
|
|
$$GRAFANA_MISC_STATS_API_KEY
|
|
depends_on:
|
|
- test-a11y-frontend
|
|
environment:
|
|
GRAFANA_MISC_STATS_API_KEY:
|
|
from_secret: grafana_misc_stats_api_key
|
|
failure: ignore
|
|
image: node:20.9.0-alpine
|
|
name: publish-frontend-metrics
|
|
when:
|
|
repo:
|
|
- grafana/grafana
|
|
- commands:
|
|
- docker run --privileged --rm tonistiigi/binfmt --install all
|
|
- /src/grafana-build artifacts -a docker:grafana:linux/amd64 -a docker:grafana:linux/amd64:ubuntu
|
|
-a docker:grafana:linux/arm64 -a docker:grafana:linux/arm64:ubuntu -a docker:grafana:linux/arm/v7
|
|
-a docker:grafana:linux/arm/v7:ubuntu --yarn-cache=$$YARN_CACHE_FOLDER --build-id=$$DRONE_BUILD_NUMBER
|
|
--go-version=1.22.4 --ubuntu-base=ubuntu:22.04 --alpine-base=alpine:3.19.1 --tag-format='{{
|
|
.version_base }}-{{ .buildID }}-{{ .arch }}' --grafana-dir=$$PWD --ubuntu-tag-format='{{
|
|
.version_base }}-{{ .buildID }}-ubuntu-{{ .arch }}' > docker.txt
|
|
- find ./dist -name '*docker*.tar.gz' -type f | xargs -n1 docker load -i
|
|
depends_on:
|
|
- update-package-json-version
|
|
environment:
|
|
_EXPERIMENTAL_DAGGER_CLOUD_TOKEN:
|
|
from_secret: dagger_token
|
|
image: grafana/grafana-build:main
|
|
name: rgm-build-docker
|
|
pull: always
|
|
volumes:
|
|
- name: docker
|
|
path: /var/run/docker.sock
|
|
- commands:
|
|
- ./bin/grabpl artifacts docker publish --dockerhub-repo grafana/grafana
|
|
depends_on:
|
|
- rgm-build-docker
|
|
environment:
|
|
DOCKER_PASSWORD:
|
|
from_secret: docker_password
|
|
DOCKER_USER:
|
|
from_secret: docker_username
|
|
GCP_KEY:
|
|
from_secret: gcp_grafanauploads
|
|
GITHUB_APP_ID:
|
|
from_secret: delivery-bot-app-id
|
|
GITHUB_APP_INSTALLATION_ID:
|
|
from_secret: delivery-bot-app-installation-id
|
|
GITHUB_APP_PRIVATE_KEY:
|
|
from_secret: delivery-bot-app-private-key
|
|
image: google/cloud-sdk:431.0.0
|
|
name: publish-images-grafana
|
|
volumes:
|
|
- name: docker
|
|
path: /var/run/docker.sock
|
|
when:
|
|
repo:
|
|
- grafana/grafana
|
|
- commands:
|
|
- ./bin/grabpl artifacts docker publish --dockerhub-repo grafana/grafana-oss
|
|
depends_on:
|
|
- rgm-build-docker
|
|
environment:
|
|
DOCKER_PASSWORD:
|
|
from_secret: docker_password
|
|
DOCKER_USER:
|
|
from_secret: docker_username
|
|
GCP_KEY:
|
|
from_secret: gcp_grafanauploads
|
|
GITHUB_APP_ID:
|
|
from_secret: delivery-bot-app-id
|
|
GITHUB_APP_INSTALLATION_ID:
|
|
from_secret: delivery-bot-app-installation-id
|
|
GITHUB_APP_PRIVATE_KEY:
|
|
from_secret: delivery-bot-app-private-key
|
|
image: google/cloud-sdk:431.0.0
|
|
name: publish-images-grafana-oss
|
|
volumes:
|
|
- name: docker
|
|
path: /var/run/docker.sock
|
|
when:
|
|
repo:
|
|
- grafana/grafana
|
|
- commands:
|
|
- apk add --update bash
|
|
- ./scripts/publish-npm-packages.sh --dist-tag 'canary' --registry 'https://registry.npmjs.org'
|
|
depends_on:
|
|
- end-to-end-tests-dashboards-suite
|
|
- end-to-end-tests-panels-suite
|
|
- end-to-end-tests-smoke-tests-suite
|
|
- end-to-end-tests-various-suite
|
|
- build-frontend-packages
|
|
environment:
|
|
NPM_TOKEN:
|
|
from_secret: npm_token
|
|
image: node:20.9.0-alpine
|
|
name: release-canary-npm-packages
|
|
when:
|
|
paths:
|
|
include:
|
|
- packages/**
|
|
repo:
|
|
- grafana/grafana
|
|
- commands:
|
|
- ./bin/build upload-packages --edition oss
|
|
depends_on:
|
|
- end-to-end-tests-dashboards-suite
|
|
- end-to-end-tests-panels-suite
|
|
- end-to-end-tests-smoke-tests-suite
|
|
- end-to-end-tests-various-suite
|
|
environment:
|
|
GCP_KEY:
|
|
from_secret: gcp_grafanauploads_base64
|
|
PRERELEASE_BUCKET:
|
|
from_secret: prerelease_bucket
|
|
image: grafana/grafana-ci-deploy:1.3.3
|
|
name: upload-packages
|
|
when:
|
|
repo:
|
|
- grafana/grafana
|
|
- commands:
|
|
- ./bin/build upload-cdn --edition oss
|
|
depends_on:
|
|
- grafana-server
|
|
environment:
|
|
GCP_KEY:
|
|
from_secret: gcp_grafanauploads
|
|
PRERELEASE_BUCKET:
|
|
from_secret: prerelease_bucket
|
|
image: grafana/grafana-ci-deploy:1.3.3
|
|
name: upload-cdn-assets
|
|
when:
|
|
repo:
|
|
- grafana/grafana
|
|
trigger:
|
|
branch: main
|
|
event:
|
|
- push
|
|
paths:
|
|
exclude:
|
|
- '*.md'
|
|
- docs/**
|
|
- latest.json
|
|
repo:
|
|
- grafana/grafana
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on: []
|
|
environment:
|
|
EDITION: oss
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: main-integration-tests
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services:
|
|
- environment:
|
|
PGDATA: /var/lib/postgresql/data/pgdata
|
|
POSTGRES_DB: grafanatest
|
|
POSTGRES_PASSWORD: grafanatest
|
|
POSTGRES_USER: grafanatest
|
|
image: postgres:12.3-alpine
|
|
name: postgres
|
|
volumes:
|
|
- name: postgres
|
|
path: /var/lib/postgresql/data/pgdata
|
|
- commands:
|
|
- docker-entrypoint.sh mysqld --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci
|
|
environment:
|
|
MYSQL_DATABASE: grafana_tests
|
|
MYSQL_PASSWORD: password
|
|
MYSQL_ROOT_PASSWORD: rootpass
|
|
MYSQL_USER: grafana
|
|
image: mysql:5.7.39
|
|
name: mysql57
|
|
volumes:
|
|
- name: mysql57
|
|
path: /var/lib/mysql
|
|
- commands:
|
|
- docker-entrypoint.sh mysqld --default-authentication-plugin=mysql_native_password
|
|
environment:
|
|
MYSQL_DATABASE: grafana_tests
|
|
MYSQL_PASSWORD: password
|
|
MYSQL_ROOT_PASSWORD: rootpass
|
|
MYSQL_USER: grafana
|
|
image: mysql:8.0.32
|
|
name: mysql80
|
|
volumes:
|
|
- name: mysql80
|
|
path: /var/lib/mysql
|
|
- commands:
|
|
- /bin/mimir -target=backend -alertmanager.grafana-alertmanager-compatibility-enabled
|
|
environment: {}
|
|
image: us.gcr.io/kubernetes-dev/mimir:santihernandezc-validate_grafana_am_config-1e903e462-WIP
|
|
name: mimir_backend
|
|
- environment: {}
|
|
image: redis:6.2.11-alpine
|
|
name: redis
|
|
- environment: {}
|
|
image: memcached:1.6.9-alpine
|
|
name: memcached
|
|
steps:
|
|
- commands:
|
|
- mkdir -p bin
|
|
- curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v3.0.50/grabpl
|
|
- chmod +x bin/grabpl
|
|
image: byrnedo/alpine-curl:0.1.8
|
|
name: grabpl
|
|
- commands:
|
|
- go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd
|
|
depends_on: []
|
|
environment:
|
|
CGO_ENABLED: 0
|
|
image: golang:1.22.4-alpine
|
|
name: compile-build-cmd
|
|
- commands:
|
|
- echo $DRONE_RUNNER_NAME
|
|
image: alpine:3.19.1
|
|
name: identify-runner
|
|
- commands:
|
|
- '# It is required that code generated from Thema/CUE be committed and in sync
|
|
with its inputs.'
|
|
- '# The following command will fail if running code generators produces any diff
|
|
in output.'
|
|
- apk add --update make
|
|
- CODEGEN_VERIFY=1 make gen-cue
|
|
depends_on: []
|
|
image: golang:1.22.4-alpine
|
|
name: verify-gen-cue
|
|
- commands:
|
|
- '# It is required that generated jsonnet is committed and in sync with its inputs.'
|
|
- '# The following command will fail if running code generators produces any diff
|
|
in output.'
|
|
- apk add --update make
|
|
- CODEGEN_VERIFY=1 make gen-jsonnet
|
|
depends_on: []
|
|
image: golang:1.22.4-alpine
|
|
name: verify-gen-jsonnet
|
|
- commands:
|
|
- apk add --update make
|
|
- make gen-go
|
|
depends_on:
|
|
- verify-gen-cue
|
|
image: golang:1.22.4-alpine
|
|
name: wire-install
|
|
- commands:
|
|
- dockerize -wait tcp://postgres:5432 -timeout 120s
|
|
image: jwilder/dockerize:0.6.1
|
|
name: wait-for-postgres
|
|
- commands:
|
|
- apk add --update build-base
|
|
- apk add --update postgresql-client
|
|
- psql -p 5432 -h postgres -U grafanatest -d grafanatest -f devenv/docker/blocks/postgres_tests/setup.sql
|
|
- go clean -testcache
|
|
- go test -p=1 -count=1 -covermode=atomic -timeout=5m -run '^TestIntegration' $(find
|
|
./pkg -type f -name '*_test.go' -exec grep -l '^func TestIntegration' '{}' '+'
|
|
| grep -o '\(.*\)/' | sort -u)
|
|
depends_on:
|
|
- wire-install
|
|
- wait-for-postgres
|
|
environment:
|
|
GRAFANA_TEST_DB: postgres
|
|
PGPASSWORD: grafanatest
|
|
POSTGRES_HOST: postgres
|
|
image: golang:1.22.4-alpine
|
|
name: postgres-integration-tests
|
|
- commands:
|
|
- dockerize -wait tcp://mysql57:3306 -timeout 120s
|
|
image: jwilder/dockerize:0.6.1
|
|
name: wait-for-mysql-5.7
|
|
- commands:
|
|
- apk add --update build-base
|
|
- apk add --update mysql-client
|
|
- cat devenv/docker/blocks/mysql_tests/setup.sql | mysql -h mysql57 -P 3306 -u root
|
|
-prootpass
|
|
- go clean -testcache
|
|
- go test -p=1 -count=1 -covermode=atomic -timeout=5m -run '^TestIntegration' $(find
|
|
./pkg -type f -name '*_test.go' -exec grep -l '^func TestIntegration' '{}' '+'
|
|
| grep -o '\(.*\)/' | sort -u)
|
|
depends_on:
|
|
- wire-install
|
|
- wait-for-mysql-5.7
|
|
environment:
|
|
GRAFANA_TEST_DB: mysql
|
|
MYSQL_HOST: mysql57
|
|
image: golang:1.22.4-alpine
|
|
name: mysql-5.7-integration-tests
|
|
- commands:
|
|
- dockerize -wait tcp://mysql80:3306 -timeout 120s
|
|
image: jwilder/dockerize:0.6.1
|
|
name: wait-for-mysql-8.0
|
|
- commands:
|
|
- apk add --update build-base
|
|
- apk add --update mysql-client
|
|
- cat devenv/docker/blocks/mysql_tests/setup.sql | mysql -h mysql80 -P 3306 -u root
|
|
-prootpass
|
|
- go clean -testcache
|
|
- go test -p=1 -count=1 -covermode=atomic -timeout=5m -run '^TestIntegration' $(find
|
|
./pkg -type f -name '*_test.go' -exec grep -l '^func TestIntegration' '{}' '+'
|
|
| grep -o '\(.*\)/' | sort -u)
|
|
depends_on:
|
|
- wire-install
|
|
- wait-for-mysql-8.0
|
|
environment:
|
|
GRAFANA_TEST_DB: mysql
|
|
MYSQL_HOST: mysql80
|
|
image: golang:1.22.4-alpine
|
|
name: mysql-8.0-integration-tests
|
|
- commands:
|
|
- dockerize -wait tcp://redis:6379 -timeout 120s
|
|
image: jwilder/dockerize:0.6.1
|
|
name: wait-for-redis
|
|
- commands:
|
|
- apk add --update build-base
|
|
- go clean -testcache
|
|
- go list -f '{{.Dir}}/...' -m | xargs go test -run IntegrationRedis -covermode=atomic
|
|
-timeout=2m
|
|
depends_on:
|
|
- wire-install
|
|
- wait-for-redis
|
|
environment:
|
|
REDIS_URL: redis://redis:6379/0
|
|
image: golang:1.22.4-alpine
|
|
name: redis-integration-tests
|
|
- commands:
|
|
- dockerize -wait tcp://memcached:11211 -timeout 120s
|
|
image: jwilder/dockerize:0.6.1
|
|
name: wait-for-memcached
|
|
- commands:
|
|
- apk add --update build-base
|
|
- go clean -testcache
|
|
- go list -f '{{.Dir}}/...' -m | xargs go test -run IntegrationMemcached -covermode=atomic
|
|
-timeout=2m
|
|
depends_on:
|
|
- wire-install
|
|
- wait-for-memcached
|
|
environment:
|
|
MEMCACHED_HOSTS: memcached:11211
|
|
image: golang:1.22.4-alpine
|
|
name: memcached-integration-tests
|
|
- commands:
|
|
- dockerize -wait tcp://mimir_backend:8080 -timeout 120s
|
|
image: jwilder/dockerize:0.6.1
|
|
name: wait-for-remote-alertmanager
|
|
- commands:
|
|
- apk add --update build-base
|
|
- go clean -testcache
|
|
- go test -run TestIntegrationRemoteAlertmanager -covermode=atomic -timeout=2m ./pkg/services/ngalert/...
|
|
depends_on:
|
|
- wire-install
|
|
- wait-for-remote-alertmanager
|
|
environment:
|
|
AM_TENANT_ID: test
|
|
AM_URL: http://mimir_backend:8080
|
|
image: golang:1.22.4-alpine
|
|
name: remote-alertmanager-integration-tests
|
|
trigger:
|
|
branch: main
|
|
event:
|
|
- push
|
|
paths:
|
|
exclude:
|
|
- '*.md'
|
|
- docs/**
|
|
- latest.json
|
|
repo:
|
|
- grafana/grafana
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
- name: postgres
|
|
temp:
|
|
medium: memory
|
|
- name: mysql57
|
|
temp:
|
|
medium: memory
|
|
- name: mysql80
|
|
temp:
|
|
medium: memory
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on:
|
|
- main-test-frontend
|
|
- main-test-backend
|
|
- main-build-e2e-publish
|
|
- main-integration-tests
|
|
environment:
|
|
EDITION: oss
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: main-windows
|
|
platform:
|
|
arch: amd64
|
|
os: windows
|
|
version: "1809"
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- echo $env:DRONE_RUNNER_NAME
|
|
image: mcr.microsoft.com/windows:1809
|
|
name: identify-runner
|
|
- commands:
|
|
- $$ProgressPreference = "SilentlyContinue"
|
|
- Invoke-WebRequest https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v3.0.50/windows/grabpl.exe
|
|
-OutFile grabpl.exe
|
|
image: grafana/ci-wix:0.1.1
|
|
name: windows-init
|
|
trigger:
|
|
branch: main
|
|
event:
|
|
- push
|
|
paths:
|
|
exclude:
|
|
- '*.md'
|
|
- docs/**
|
|
- latest.json
|
|
repo:
|
|
- grafana/grafana
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: //./pipe/docker_engine/
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on:
|
|
- main-build-e2e-publish
|
|
- main-integration-tests
|
|
environment:
|
|
EDITION: oss
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: main-trigger-downstream
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services: []
|
|
steps:
|
|
- image: grafana/drone-downstream
|
|
name: trigger-enterprise-downstream
|
|
settings:
|
|
params:
|
|
- SOURCE_BUILD_NUMBER=${DRONE_COMMIT}
|
|
- SOURCE_COMMIT=${DRONE_COMMIT}
|
|
repositories:
|
|
- grafana/grafana-enterprise@main
|
|
server: https://drone.grafana.net
|
|
token:
|
|
from_secret: drone_token
|
|
trigger:
|
|
branch: main
|
|
event:
|
|
- push
|
|
paths:
|
|
exclude:
|
|
- '*.md'
|
|
- docs/**
|
|
- latest.json
|
|
repo:
|
|
- grafana/grafana
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on:
|
|
- main-test-frontend
|
|
- main-test-backend
|
|
- main-build-e2e-publish
|
|
- main-integration-tests
|
|
- main-windows
|
|
kind: pipeline
|
|
name: main-notify
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
steps:
|
|
- image: plugins/slack
|
|
name: slack
|
|
settings:
|
|
channel: grafana-ci-notifications
|
|
template: |-
|
|
Build {{build.number}} failed for commit: <https://github.com/{{repo.owner}}/{{repo.name}}/commit/{{build.commit}}|{{ truncate build.commit 8 }}>: {{build.link}}
|
|
Branch: <https://github.com/{{ repo.owner }}/{{ repo.name }}/commits/{{ build.branch }}|{{ build.branch }}>
|
|
Author: {{build.author}}
|
|
webhook:
|
|
from_secret: slack_webhook
|
|
trigger:
|
|
branch: main
|
|
event:
|
|
- push
|
|
paths:
|
|
exclude:
|
|
- '*.md'
|
|
- docs/**
|
|
- latest.json
|
|
repo:
|
|
- grafana/grafana
|
|
status:
|
|
- failure
|
|
type: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on: []
|
|
environment:
|
|
EDITION: oss
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: publish-docker-public
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- echo $DRONE_RUNNER_NAME
|
|
image: alpine:3.19.1
|
|
name: identify-runner
|
|
- commands:
|
|
- mkdir -p bin
|
|
- curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v3.0.50/grabpl
|
|
- chmod +x bin/grabpl
|
|
image: byrnedo/alpine-curl:0.1.8
|
|
name: grabpl
|
|
- commands:
|
|
- go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd
|
|
depends_on: []
|
|
environment:
|
|
CGO_ENABLED: 0
|
|
image: golang:1.22.4-alpine
|
|
name: compile-build-cmd
|
|
- commands:
|
|
- ./bin/build artifacts docker fetch --edition oss
|
|
depends_on:
|
|
- compile-build-cmd
|
|
environment:
|
|
DOCKER_PASSWORD:
|
|
from_secret: docker_password
|
|
DOCKER_USER:
|
|
from_secret: docker_username
|
|
GCP_KEY:
|
|
from_secret: gcp_grafanauploads
|
|
image: google/cloud-sdk:431.0.0
|
|
name: fetch-images
|
|
volumes:
|
|
- name: docker
|
|
path: /var/run/docker.sock
|
|
- commands:
|
|
- ./bin/grabpl artifacts docker publish --dockerhub-repo grafana/grafana --version-tag
|
|
${DRONE_TAG}
|
|
depends_on:
|
|
- fetch-images
|
|
environment:
|
|
DOCKER_PASSWORD:
|
|
from_secret: docker_password
|
|
DOCKER_USER:
|
|
from_secret: docker_username
|
|
GCP_KEY:
|
|
from_secret: gcp_grafanauploads
|
|
GITHUB_APP_ID:
|
|
from_secret: delivery-bot-app-id
|
|
GITHUB_APP_INSTALLATION_ID:
|
|
from_secret: delivery-bot-app-installation-id
|
|
GITHUB_APP_PRIVATE_KEY:
|
|
from_secret: delivery-bot-app-private-key
|
|
image: google/cloud-sdk:431.0.0
|
|
name: publish-images-grafana
|
|
volumes:
|
|
- name: docker
|
|
path: /var/run/docker.sock
|
|
- commands:
|
|
- ./bin/grabpl artifacts docker publish --dockerhub-repo grafana/grafana-oss --version-tag
|
|
${DRONE_TAG}
|
|
depends_on:
|
|
- fetch-images
|
|
environment:
|
|
DOCKER_PASSWORD:
|
|
from_secret: docker_password
|
|
DOCKER_USER:
|
|
from_secret: docker_username
|
|
GCP_KEY:
|
|
from_secret: gcp_grafanauploads
|
|
GITHUB_APP_ID:
|
|
from_secret: delivery-bot-app-id
|
|
GITHUB_APP_INSTALLATION_ID:
|
|
from_secret: delivery-bot-app-installation-id
|
|
GITHUB_APP_PRIVATE_KEY:
|
|
from_secret: delivery-bot-app-private-key
|
|
image: google/cloud-sdk:431.0.0
|
|
name: publish-images-grafana-oss
|
|
volumes:
|
|
- name: docker
|
|
path: /var/run/docker.sock
|
|
trigger:
|
|
event:
|
|
- promote
|
|
target:
|
|
- public
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on: []
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: create-release-pr
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- apk add perl
|
|
- v_target=`echo $${TAG} | perl -pe 's/^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$/v\1.\2.x/'`
|
|
- default_target=`if [[ -n $$LATEST ]]; then echo 'main'; else echo $$v_target;
|
|
fi`
|
|
- backport=`if [[ -n $$LATEST ]]; then echo $$v_target; fi`
|
|
- curl -L $${GH_CLI_URL} | tar -xz --strip-components=1 -C /usr
|
|
- gh workflow run -f dry_run=$${DRY_RUN} -f version=$${TAG} -f target=$${TARGET:-$default_target}
|
|
-f backport=$${BACKPORT:-$default_backport} --repo=grafana/grafana release-pr.yml
|
|
depends_on: []
|
|
environment:
|
|
GH_CLI_URL: https://github.com/cli/cli/releases/download/v2.50.0/gh_2.50.0_linux_amd64.tar.gz
|
|
GITHUB_TOKEN:
|
|
from_secret: github_token
|
|
image: byrnedo/alpine-curl:0.1.8
|
|
name: create-release-pr
|
|
trigger:
|
|
event:
|
|
- promote
|
|
target: release-pr
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on: []
|
|
environment:
|
|
EDITION: oss
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: publish-artifacts-public
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd
|
|
depends_on: []
|
|
environment:
|
|
CGO_ENABLED: 0
|
|
image: golang:1.22.4-alpine
|
|
name: compile-build-cmd
|
|
- commands:
|
|
- ./bin/build artifacts packages --tag $${DRONE_TAG} --src-bucket $${PRERELEASE_BUCKET}
|
|
depends_on:
|
|
- compile-build-cmd
|
|
environment:
|
|
GCP_KEY:
|
|
from_secret: gcp_grafanauploads_base64
|
|
PRERELEASE_BUCKET:
|
|
from_secret: prerelease_bucket
|
|
image: grafana/grafana-ci-deploy:1.3.3
|
|
name: publish-artifacts
|
|
- commands:
|
|
- ./bin/build artifacts static-assets --tag ${DRONE_TAG} --static-asset-editions=grafana-oss
|
|
depends_on:
|
|
- compile-build-cmd
|
|
environment:
|
|
GCP_KEY:
|
|
from_secret: gcp_grafanauploads_base64
|
|
PRERELEASE_BUCKET:
|
|
from_secret: prerelease_bucket
|
|
STATIC_ASSET_EDITIONS:
|
|
from_secret: static_asset_editions
|
|
image: grafana/grafana-ci-deploy:1.3.3
|
|
name: publish-static-assets
|
|
- commands:
|
|
- ./bin/build artifacts storybook --tag ${DRONE_TAG}
|
|
depends_on:
|
|
- compile-build-cmd
|
|
environment:
|
|
GCP_KEY:
|
|
from_secret: gcp_grafanauploads_base64
|
|
PRERELEASE_BUCKET:
|
|
from_secret: prerelease_bucket
|
|
image: grafana/grafana-ci-deploy:1.3.3
|
|
name: publish-storybook
|
|
- commands:
|
|
- apk add perl
|
|
- v_target=`echo $${TAG} | perl -pe 's/^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$/v\1.\2.x/'`
|
|
- default_target=`if [[ -n $$LATEST ]]; then echo 'main'; else echo $$v_target;
|
|
fi`
|
|
- backport=`if [[ -n $$LATEST ]]; then echo $$v_target; fi`
|
|
- curl -L $${GH_CLI_URL} | tar -xz --strip-components=1 -C /usr
|
|
- gh workflow run -f dry_run=$${DRY_RUN} -f version=$${TAG} -f target=$${TARGET:-$default_target}
|
|
-f backport=$${BACKPORT:-$default_backport} --repo=grafana/grafana release-pr.yml
|
|
depends_on:
|
|
- publish-artifacts
|
|
- publish-static-assets
|
|
environment:
|
|
GH_CLI_URL: https://github.com/cli/cli/releases/download/v2.50.0/gh_2.50.0_linux_amd64.tar.gz
|
|
GITHUB_TOKEN:
|
|
from_secret: github_token
|
|
image: byrnedo/alpine-curl:0.1.8
|
|
name: create-release-pr
|
|
trigger:
|
|
event:
|
|
- promote
|
|
target:
|
|
- public
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on: []
|
|
environment:
|
|
EDITION: oss
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: publish-npm-packages-public
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd
|
|
depends_on: []
|
|
environment:
|
|
CGO_ENABLED: 0
|
|
image: golang:1.22.4-alpine
|
|
name: compile-build-cmd
|
|
- commands:
|
|
- yarn install --immutable || yarn install --immutable
|
|
depends_on: []
|
|
image: node:20.9.0-alpine
|
|
name: yarn-install
|
|
- commands:
|
|
- ./bin/build artifacts npm retrieve --tag ${DRONE_TAG}
|
|
depends_on:
|
|
- compile-build-cmd
|
|
- yarn-install
|
|
environment:
|
|
GCP_KEY:
|
|
from_secret: gcp_grafanauploads_base64
|
|
PRERELEASE_BUCKET:
|
|
from_secret: prerelease_bucket
|
|
failure: ignore
|
|
image: grafana/grafana-ci-deploy:1.3.3
|
|
name: retrieve-npm-packages
|
|
- commands:
|
|
- ./bin/build artifacts npm release --tag ${DRONE_TAG}
|
|
depends_on:
|
|
- compile-build-cmd
|
|
- retrieve-npm-packages
|
|
environment:
|
|
NPM_TOKEN:
|
|
from_secret: npm_token
|
|
failure: ignore
|
|
image: node:20.9.0-alpine
|
|
name: release-npm-packages
|
|
trigger:
|
|
event:
|
|
- promote
|
|
target:
|
|
- public
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on:
|
|
- publish-artifacts-public
|
|
- publish-docker-public
|
|
environment:
|
|
EDITION: oss
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: publish-packages
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd
|
|
depends_on: []
|
|
environment:
|
|
CGO_ENABLED: 0
|
|
image: golang:1.22.4-alpine
|
|
name: compile-build-cmd
|
|
- depends_on:
|
|
- compile-build-cmd
|
|
image: us.gcr.io/kubernetes-dev/package-publish:latest
|
|
name: publish-linux-packages-deb
|
|
privileged: true
|
|
settings:
|
|
access_key_id:
|
|
from_secret: packages_access_key_id
|
|
deb_distribution: auto
|
|
gpg_passphrase:
|
|
from_secret: packages_gpg_passphrase
|
|
gpg_private_key:
|
|
from_secret: packages_gpg_private_key
|
|
gpg_public_key:
|
|
from_secret: packages_gpg_public_key
|
|
package_path: gs://grafana-prerelease/artifacts/downloads/*${DRONE_TAG}/oss/**.deb
|
|
secret_access_key:
|
|
from_secret: packages_secret_access_key
|
|
service_account_json:
|
|
from_secret: packages_service_account
|
|
target_bucket: grafana-packages
|
|
- depends_on:
|
|
- compile-build-cmd
|
|
image: us.gcr.io/kubernetes-dev/package-publish:latest
|
|
name: publish-linux-packages-rpm
|
|
privileged: true
|
|
settings:
|
|
access_key_id:
|
|
from_secret: packages_access_key_id
|
|
deb_distribution: auto
|
|
gpg_passphrase:
|
|
from_secret: packages_gpg_passphrase
|
|
gpg_private_key:
|
|
from_secret: packages_gpg_private_key
|
|
gpg_public_key:
|
|
from_secret: packages_gpg_public_key
|
|
package_path: gs://grafana-prerelease/artifacts/downloads/*${DRONE_TAG}/oss/**.rpm
|
|
secret_access_key:
|
|
from_secret: packages_secret_access_key
|
|
service_account_json:
|
|
from_secret: packages_service_account
|
|
target_bucket: grafana-packages
|
|
- commands:
|
|
- ./bin/build publish grafana-com --edition oss ${DRONE_TAG}
|
|
depends_on:
|
|
- publish-linux-packages-deb
|
|
- publish-linux-packages-rpm
|
|
environment:
|
|
GCP_KEY:
|
|
from_secret: gcp_grafanauploads_base64
|
|
GRAFANA_COM_API_KEY:
|
|
from_secret: grafana_api_key
|
|
image: grafana/grafana-ci-deploy:1.3.3
|
|
name: publish-grafanacom
|
|
trigger:
|
|
event:
|
|
- promote
|
|
target:
|
|
- public
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on:
|
|
- main-test-backend
|
|
- main-test-frontend
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: rgm-main-prerelease
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- export GRAFANA_DIR=$$(pwd)
|
|
- cd /src && ./scripts/drone_build_main.sh
|
|
environment:
|
|
_EXPERIMENTAL_DAGGER_CLOUD_TOKEN:
|
|
from_secret: dagger_token
|
|
ALPINE_BASE: alpine:3.19.1
|
|
CDN_DESTINATION:
|
|
from_secret: rgm_cdn_destination
|
|
DESTINATION:
|
|
from_secret: destination
|
|
DOCKER_PASSWORD:
|
|
from_secret: docker_password
|
|
DOCKER_USERNAME:
|
|
from_secret: docker_username
|
|
DOWNLOADS_DESTINATION:
|
|
from_secret: rgm_downloads_destination
|
|
GCOM_API_KEY:
|
|
from_secret: grafana_api_key
|
|
GCP_KEY_BASE64:
|
|
from_secret: gcp_key_base64
|
|
GITHUB_TOKEN:
|
|
from_secret: github_token
|
|
GO_VERSION: 1.22.4
|
|
GPG_PASSPHRASE:
|
|
from_secret: packages_gpg_passphrase
|
|
GPG_PRIVATE_KEY:
|
|
from_secret: packages_gpg_private_key
|
|
GPG_PUBLIC_KEY:
|
|
from_secret: packages_gpg_public_key
|
|
NPM_TOKEN:
|
|
from_secret: npm_token
|
|
STORYBOOK_DESTINATION:
|
|
from_secret: rgm_storybook_destination
|
|
UBUNTU_BASE: ubuntu:22.04
|
|
image: grafana/grafana-build:main
|
|
name: rgm-build
|
|
pull: always
|
|
volumes:
|
|
- name: docker
|
|
path: /var/run/docker.sock
|
|
trigger:
|
|
branch: main
|
|
event:
|
|
- push
|
|
paths:
|
|
exclude:
|
|
- '*.md'
|
|
- docs/**
|
|
- packages/**/*.md
|
|
- latest.json
|
|
repo:
|
|
- grafana/grafana
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on: []
|
|
environment:
|
|
EDITION: oss
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: release-whatsnew-checker
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd
|
|
depends_on: []
|
|
environment:
|
|
CGO_ENABLED: 0
|
|
image: golang:1.22.4-alpine
|
|
name: compile-build-cmd
|
|
- commands:
|
|
- ./bin/build whatsnew-checker
|
|
depends_on:
|
|
- compile-build-cmd
|
|
image: golang:1.22.4-alpine
|
|
name: whats-new-checker
|
|
trigger:
|
|
event:
|
|
exclude:
|
|
- promote
|
|
ref:
|
|
exclude:
|
|
- refs/tags/*-cloud*
|
|
include:
|
|
- refs/tags/v*
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on: []
|
|
environment:
|
|
EDITION: oss
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: release-test-frontend
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- echo $DRONE_RUNNER_NAME
|
|
image: alpine:3.19.1
|
|
name: identify-runner
|
|
- commands:
|
|
- yarn install --immutable || yarn install --immutable
|
|
depends_on: []
|
|
image: node:20.9.0-alpine
|
|
name: yarn-install
|
|
- commands:
|
|
- apk add --update git bash
|
|
- yarn betterer ci
|
|
depends_on:
|
|
- yarn-install
|
|
image: node:20.9.0-alpine
|
|
name: betterer-frontend
|
|
- commands:
|
|
- yarn run ci:test-frontend
|
|
depends_on:
|
|
- yarn-install
|
|
environment:
|
|
TEST_MAX_WORKERS: 50%
|
|
image: node:20.9.0-alpine
|
|
name: test-frontend
|
|
trigger:
|
|
event:
|
|
exclude:
|
|
- promote
|
|
ref:
|
|
exclude:
|
|
- refs/tags/*-cloud*
|
|
include:
|
|
- refs/tags/v*
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on: []
|
|
environment:
|
|
EDITION: oss
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: release-test-backend
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- echo $DRONE_RUNNER_NAME
|
|
image: alpine:3.19.1
|
|
name: identify-runner
|
|
- commands:
|
|
- '# It is required that code generated from Thema/CUE be committed and in sync
|
|
with its inputs.'
|
|
- '# The following command will fail if running code generators produces any diff
|
|
in output.'
|
|
- apk add --update make
|
|
- CODEGEN_VERIFY=1 make gen-cue
|
|
depends_on: []
|
|
image: golang:1.22.4-alpine
|
|
name: verify-gen-cue
|
|
- commands:
|
|
- '# It is required that generated jsonnet is committed and in sync with its inputs.'
|
|
- '# The following command will fail if running code generators produces any diff
|
|
in output.'
|
|
- apk add --update make
|
|
- CODEGEN_VERIFY=1 make gen-jsonnet
|
|
depends_on: []
|
|
image: golang:1.22.4-alpine
|
|
name: verify-gen-jsonnet
|
|
- commands:
|
|
- apk add --update make
|
|
- make gen-go
|
|
depends_on:
|
|
- verify-gen-cue
|
|
image: golang:1.22.4-alpine
|
|
name: wire-install
|
|
- commands:
|
|
- apk add --update build-base shared-mime-info shared-mime-info-lang
|
|
- go list -f '{{.Dir}}/...' -m | xargs go test -tags requires_buildifer -short -covermode=atomic
|
|
-timeout=5m
|
|
depends_on:
|
|
- wire-install
|
|
image: golang:1.22.4-alpine
|
|
name: test-backend
|
|
- commands:
|
|
- apk add --update build-base
|
|
- go test -count=1 -covermode=atomic -timeout=5m -run '^TestIntegration' $(find
|
|
./pkg -type f -name '*_test.go' -exec grep -l '^func TestIntegration' '{}' '+'
|
|
| grep -o '\(.*\)/' | sort -u)
|
|
depends_on:
|
|
- wire-install
|
|
image: golang:1.22.4-alpine
|
|
name: test-backend-integration
|
|
trigger:
|
|
event:
|
|
exclude:
|
|
- promote
|
|
ref:
|
|
exclude:
|
|
- refs/tags/*-cloud*
|
|
include:
|
|
- refs/tags/v*
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on:
|
|
- release-test-backend
|
|
- release-test-frontend
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: rgm-tag-prerelease
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- export GRAFANA_DIR=$$(pwd)
|
|
- cd /src && ./scripts/drone_build_tag_grafana.sh
|
|
environment:
|
|
_EXPERIMENTAL_DAGGER_CLOUD_TOKEN:
|
|
from_secret: dagger_token
|
|
ALPINE_BASE: alpine:3.19.1
|
|
CDN_DESTINATION:
|
|
from_secret: rgm_cdn_destination
|
|
DESTINATION:
|
|
from_secret: destination
|
|
DOCKER_PASSWORD:
|
|
from_secret: docker_password
|
|
DOCKER_USERNAME:
|
|
from_secret: docker_username
|
|
DOWNLOADS_DESTINATION:
|
|
from_secret: rgm_downloads_destination
|
|
GCOM_API_KEY:
|
|
from_secret: grafana_api_key
|
|
GCP_KEY_BASE64:
|
|
from_secret: gcp_key_base64
|
|
GITHUB_TOKEN:
|
|
from_secret: github_token
|
|
GO_VERSION: 1.22.4
|
|
GPG_PASSPHRASE:
|
|
from_secret: packages_gpg_passphrase
|
|
GPG_PRIVATE_KEY:
|
|
from_secret: packages_gpg_private_key
|
|
GPG_PUBLIC_KEY:
|
|
from_secret: packages_gpg_public_key
|
|
NPM_TOKEN:
|
|
from_secret: npm_token
|
|
STORYBOOK_DESTINATION:
|
|
from_secret: rgm_storybook_destination
|
|
UBUNTU_BASE: ubuntu:22.04
|
|
image: grafana/grafana-build:main
|
|
name: rgm-build
|
|
pull: always
|
|
volumes:
|
|
- name: docker
|
|
path: /var/run/docker.sock
|
|
trigger:
|
|
event:
|
|
exclude:
|
|
- promote
|
|
ref:
|
|
exclude:
|
|
- refs/tags/*-cloud*
|
|
include:
|
|
- refs/tags/v*
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on:
|
|
- rgm-tag-prerelease
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: rgm-tag-prerelease-windows
|
|
platform:
|
|
arch: amd64
|
|
os: windows
|
|
version: "1809"
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- echo $env:DRONE_RUNNER_NAME
|
|
image: mcr.microsoft.com/windows:1809
|
|
name: identify-runner
|
|
- commands:
|
|
- $$ProgressPreference = "SilentlyContinue"
|
|
- Invoke-WebRequest https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v3.0.50/windows/grabpl.exe
|
|
-OutFile grabpl.exe
|
|
image: grafana/ci-wix:0.1.1
|
|
name: windows-init
|
|
- commands:
|
|
- $$gcpKey = $$env:GCP_KEY
|
|
- '[System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($$gcpKey))
|
|
> gcpkey.json'
|
|
- dos2unix gcpkey.json
|
|
- gcloud auth activate-service-account --key-file=gcpkey.json
|
|
- rm gcpkey.json
|
|
- cp C:\App\nssm-2.24.zip .
|
|
- .\grabpl.exe windows-installer --target gs://grafana-prerelease/artifacts/downloads/${DRONE_TAG}/oss/release/grafana-${DRONE_TAG:1}.windows-amd64.zip
|
|
--edition oss ${DRONE_TAG}
|
|
- $$fname = ((Get-Childitem grafana*.msi -name) -split "`n")[0]
|
|
- gsutil cp $$fname gs://grafana-prerelease/artifacts/downloads/${DRONE_TAG}/oss/release/
|
|
- gsutil cp "$$fname.sha256" gs://grafana-prerelease/artifacts/downloads/${DRONE_TAG}/oss/release/
|
|
depends_on:
|
|
- windows-init
|
|
environment:
|
|
GCP_KEY:
|
|
from_secret: gcp_grafanauploads_base64
|
|
GITHUB_TOKEN:
|
|
from_secret: github_token
|
|
PRERELEASE_BUCKET:
|
|
from_secret: prerelease_bucket
|
|
image: grafana/ci-wix:0.1.1
|
|
name: build-windows-installer
|
|
trigger:
|
|
event:
|
|
exclude:
|
|
- promote
|
|
ref:
|
|
exclude:
|
|
- refs/tags/*-cloud*
|
|
include:
|
|
- refs/tags/v*
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: //./pipe/docker_engine/
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on:
|
|
- rgm-tag-prerelease
|
|
- rgm-tag-prerelease-windows
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: rgm-tag-verify-prerelease-assets
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- apt-get update && apt-get install -yq gettext
|
|
- printenv GCP_KEY | base64 -d > /tmp/key.json
|
|
- gcloud auth activate-service-account --key-file=/tmp/key.json
|
|
- ./scripts/list-release-artifacts.sh ${DRONE_TAG} | xargs -n1 gsutil stat >> /tmp/stat.log
|
|
- '! cat /tmp/stat.log | grep "No URLs matched"'
|
|
depends_on:
|
|
- clone
|
|
environment:
|
|
BUCKET: grafana-prerelease
|
|
GCP_KEY:
|
|
from_secret: gcp_key_base64
|
|
image: google/cloud-sdk:431.0.0
|
|
name: gsutil-stat
|
|
trigger:
|
|
event:
|
|
exclude:
|
|
- promote
|
|
ref:
|
|
exclude:
|
|
- refs/tags/*-cloud*
|
|
include:
|
|
- refs/tags/v*
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on:
|
|
- release-test-backend
|
|
- release-test-frontend
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: rgm-version-branch-prerelease
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- export GRAFANA_DIR=$$(pwd)
|
|
- cd /src && ./scripts/drone_build_tag_grafana.sh
|
|
environment:
|
|
_EXPERIMENTAL_DAGGER_CLOUD_TOKEN:
|
|
from_secret: dagger_token
|
|
ALPINE_BASE: alpine:3.19.1
|
|
CDN_DESTINATION:
|
|
from_secret: rgm_cdn_destination
|
|
DESTINATION:
|
|
from_secret: destination
|
|
DOCKER_PASSWORD:
|
|
from_secret: docker_password
|
|
DOCKER_USERNAME:
|
|
from_secret: docker_username
|
|
DOWNLOADS_DESTINATION:
|
|
from_secret: rgm_downloads_destination
|
|
GCOM_API_KEY:
|
|
from_secret: grafana_api_key
|
|
GCP_KEY_BASE64:
|
|
from_secret: gcp_key_base64
|
|
GITHUB_TOKEN:
|
|
from_secret: github_token
|
|
GO_VERSION: 1.22.4
|
|
GPG_PASSPHRASE:
|
|
from_secret: packages_gpg_passphrase
|
|
GPG_PRIVATE_KEY:
|
|
from_secret: packages_gpg_private_key
|
|
GPG_PUBLIC_KEY:
|
|
from_secret: packages_gpg_public_key
|
|
NPM_TOKEN:
|
|
from_secret: npm_token
|
|
STORYBOOK_DESTINATION:
|
|
from_secret: rgm_storybook_destination
|
|
UBUNTU_BASE: ubuntu:22.04
|
|
image: grafana/grafana-build:main
|
|
name: rgm-build
|
|
pull: always
|
|
volumes:
|
|
- name: docker
|
|
path: /var/run/docker.sock
|
|
trigger:
|
|
ref:
|
|
- refs/heads/v[0-9]*
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on:
|
|
- rgm-version-branch-prerelease
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: rgm-prerelease-verify-prerelease-assets
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- apt-get update && apt-get install -yq gettext
|
|
- printenv GCP_KEY | base64 -d > /tmp/key.json
|
|
- gcloud auth activate-service-account --key-file=/tmp/key.json
|
|
- ./scripts/list-release-artifacts.sh ${DRONE_TAG} | xargs -n1 gsutil stat >> /tmp/stat.log
|
|
- '! cat /tmp/stat.log | grep "No URLs matched"'
|
|
depends_on:
|
|
- clone
|
|
environment:
|
|
BUCKET: grafana-prerelease
|
|
GCP_KEY:
|
|
from_secret: gcp_key_base64
|
|
image: google/cloud-sdk:431.0.0
|
|
name: gsutil-stat
|
|
trigger:
|
|
ref:
|
|
- refs/heads/v[0-9]*
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on: []
|
|
environment:
|
|
EDITION: oss
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: nightly-test-frontend
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- echo $DRONE_RUNNER_NAME
|
|
image: alpine:3.19.1
|
|
name: identify-runner
|
|
- commands:
|
|
- yarn install --immutable || yarn install --immutable
|
|
depends_on: []
|
|
image: node:20.9.0-alpine
|
|
name: yarn-install
|
|
- commands:
|
|
- apk add --update git bash
|
|
- yarn betterer ci
|
|
depends_on:
|
|
- yarn-install
|
|
image: node:20.9.0-alpine
|
|
name: betterer-frontend
|
|
- commands:
|
|
- yarn run ci:test-frontend
|
|
depends_on:
|
|
- yarn-install
|
|
environment:
|
|
TEST_MAX_WORKERS: 50%
|
|
image: node:20.9.0-alpine
|
|
name: test-frontend
|
|
trigger:
|
|
cron:
|
|
include:
|
|
- nightly-release
|
|
event:
|
|
include:
|
|
- cron
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on: []
|
|
environment:
|
|
EDITION: oss
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: nightly-test-backend
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- echo $DRONE_RUNNER_NAME
|
|
image: alpine:3.19.1
|
|
name: identify-runner
|
|
- commands:
|
|
- '# It is required that code generated from Thema/CUE be committed and in sync
|
|
with its inputs.'
|
|
- '# The following command will fail if running code generators produces any diff
|
|
in output.'
|
|
- apk add --update make
|
|
- CODEGEN_VERIFY=1 make gen-cue
|
|
depends_on: []
|
|
image: golang:1.22.4-alpine
|
|
name: verify-gen-cue
|
|
- commands:
|
|
- '# It is required that generated jsonnet is committed and in sync with its inputs.'
|
|
- '# The following command will fail if running code generators produces any diff
|
|
in output.'
|
|
- apk add --update make
|
|
- CODEGEN_VERIFY=1 make gen-jsonnet
|
|
depends_on: []
|
|
image: golang:1.22.4-alpine
|
|
name: verify-gen-jsonnet
|
|
- commands:
|
|
- apk add --update make
|
|
- make gen-go
|
|
depends_on:
|
|
- verify-gen-cue
|
|
image: golang:1.22.4-alpine
|
|
name: wire-install
|
|
- commands:
|
|
- apk add --update build-base shared-mime-info shared-mime-info-lang
|
|
- go list -f '{{.Dir}}/...' -m | xargs go test -tags requires_buildifer -short -covermode=atomic
|
|
-timeout=5m
|
|
depends_on:
|
|
- wire-install
|
|
image: golang:1.22.4-alpine
|
|
name: test-backend
|
|
- commands:
|
|
- apk add --update build-base
|
|
- go test -count=1 -covermode=atomic -timeout=5m -run '^TestIntegration' $(find
|
|
./pkg -type f -name '*_test.go' -exec grep -l '^func TestIntegration' '{}' '+'
|
|
| grep -o '\(.*\)/' | sort -u)
|
|
depends_on:
|
|
- wire-install
|
|
image: golang:1.22.4-alpine
|
|
name: test-backend-integration
|
|
trigger:
|
|
cron:
|
|
include:
|
|
- nightly-release
|
|
event:
|
|
include:
|
|
- cron
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on:
|
|
- nightly-test-backend
|
|
- nightly-test-frontend
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: rgm-nightly-build
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- export GRAFANA_DIR=$$(pwd)
|
|
- cd /src && ./scripts/drone_build_nightly_grafana.sh
|
|
environment:
|
|
_EXPERIMENTAL_DAGGER_CLOUD_TOKEN:
|
|
from_secret: dagger_token
|
|
ALPINE_BASE: alpine:3.19.1
|
|
CDN_DESTINATION:
|
|
from_secret: rgm_cdn_destination
|
|
DESTINATION:
|
|
from_secret: destination
|
|
DOCKER_PASSWORD:
|
|
from_secret: docker_password
|
|
DOCKER_USERNAME:
|
|
from_secret: docker_username
|
|
DOWNLOADS_DESTINATION:
|
|
from_secret: rgm_downloads_destination
|
|
GCOM_API_KEY:
|
|
from_secret: grafana_api_key
|
|
GCP_KEY_BASE64:
|
|
from_secret: gcp_key_base64
|
|
GITHUB_TOKEN:
|
|
from_secret: github_token
|
|
GO_VERSION: 1.22.4
|
|
GPG_PASSPHRASE:
|
|
from_secret: packages_gpg_passphrase
|
|
GPG_PRIVATE_KEY:
|
|
from_secret: packages_gpg_private_key
|
|
GPG_PUBLIC_KEY:
|
|
from_secret: packages_gpg_public_key
|
|
NPM_TOKEN:
|
|
from_secret: npm_token
|
|
STORYBOOK_DESTINATION:
|
|
from_secret: rgm_storybook_destination
|
|
UBUNTU_BASE: ubuntu:22.04
|
|
image: grafana/grafana-build:main
|
|
name: rgm-build
|
|
pull: always
|
|
volumes:
|
|
- name: docker
|
|
path: /var/run/docker.sock
|
|
- commands:
|
|
- mkdir -p $${DESTINATION}/$${DRONE_BUILD_EVENT}
|
|
- printenv GCP_KEY_BASE64 | base64 -d > /tmp/key.json
|
|
- gcloud auth activate-service-account --key-file=/tmp/key.json
|
|
- gcloud storage cp -r $${DRONE_WORKSPACE}/dist/* $${DESTINATION}/$${DRONE_BUILD_EVENT}
|
|
depends_on:
|
|
- rgm-build
|
|
environment:
|
|
_EXPERIMENTAL_DAGGER_CLOUD_TOKEN:
|
|
from_secret: dagger_token
|
|
CDN_DESTINATION:
|
|
from_secret: rgm_cdn_destination
|
|
DESTINATION:
|
|
from_secret: destination
|
|
DOCKER_PASSWORD:
|
|
from_secret: docker_password
|
|
DOCKER_USERNAME:
|
|
from_secret: docker_username
|
|
DOWNLOADS_DESTINATION:
|
|
from_secret: rgm_downloads_destination
|
|
GCOM_API_KEY:
|
|
from_secret: grafana_api_key
|
|
GCP_KEY_BASE64:
|
|
from_secret: gcp_key_base64
|
|
GITHUB_TOKEN:
|
|
from_secret: github_token
|
|
GPG_PASSPHRASE:
|
|
from_secret: packages_gpg_passphrase
|
|
GPG_PRIVATE_KEY:
|
|
from_secret: packages_gpg_private_key
|
|
GPG_PUBLIC_KEY:
|
|
from_secret: packages_gpg_public_key
|
|
NPM_TOKEN:
|
|
from_secret: npm_token
|
|
STORYBOOK_DESTINATION:
|
|
from_secret: rgm_storybook_destination
|
|
image: google/cloud-sdk:alpine
|
|
name: rgm-copy
|
|
trigger:
|
|
cron:
|
|
include:
|
|
- nightly-release
|
|
event:
|
|
include:
|
|
- cron
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on:
|
|
- rgm-nightly-build
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: rgm-nightly-publish
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- mkdir -p $${DRONE_WORKSPACE}/dist
|
|
- printenv GCP_KEY_BASE64 | base64 -d > /tmp/key.json
|
|
- gcloud auth activate-service-account --key-file=/tmp/key.json
|
|
- gcloud storage cp -r $${DESTINATION}/$${DRONE_BUILD_EVENT}/*_$${DRONE_BUILD_NUMBER}_*
|
|
$${DRONE_WORKSPACE}/dist
|
|
environment:
|
|
_EXPERIMENTAL_DAGGER_CLOUD_TOKEN:
|
|
from_secret: dagger_token
|
|
CDN_DESTINATION:
|
|
from_secret: rgm_cdn_destination
|
|
DESTINATION:
|
|
from_secret: destination
|
|
DOCKER_PASSWORD:
|
|
from_secret: docker_password
|
|
DOCKER_USERNAME:
|
|
from_secret: docker_username
|
|
DOWNLOADS_DESTINATION:
|
|
from_secret: rgm_downloads_destination
|
|
GCOM_API_KEY:
|
|
from_secret: grafana_api_key
|
|
GCP_KEY_BASE64:
|
|
from_secret: gcp_key_base64
|
|
GITHUB_TOKEN:
|
|
from_secret: github_token
|
|
GPG_PASSPHRASE:
|
|
from_secret: packages_gpg_passphrase
|
|
GPG_PRIVATE_KEY:
|
|
from_secret: packages_gpg_private_key
|
|
GPG_PUBLIC_KEY:
|
|
from_secret: packages_gpg_public_key
|
|
NPM_TOKEN:
|
|
from_secret: npm_token
|
|
STORYBOOK_DESTINATION:
|
|
from_secret: rgm_storybook_destination
|
|
image: google/cloud-sdk:alpine
|
|
name: rgm-copy
|
|
- commands:
|
|
- export GRAFANA_DIR=$$(pwd)
|
|
- cd /src && ./scripts/drone_publish_nightly_grafana.sh
|
|
depends_on:
|
|
- rgm-copy
|
|
environment:
|
|
_EXPERIMENTAL_DAGGER_CLOUD_TOKEN:
|
|
from_secret: dagger_token
|
|
ALPINE_BASE: alpine:3.19.1
|
|
CDN_DESTINATION:
|
|
from_secret: rgm_cdn_destination
|
|
DESTINATION:
|
|
from_secret: destination
|
|
DOCKER_PASSWORD:
|
|
from_secret: docker_password
|
|
DOCKER_USERNAME:
|
|
from_secret: docker_username
|
|
DOWNLOADS_DESTINATION:
|
|
from_secret: rgm_downloads_destination
|
|
GCOM_API_KEY:
|
|
from_secret: grafana_api_key
|
|
GCP_KEY_BASE64:
|
|
from_secret: gcp_key_base64
|
|
GITHUB_TOKEN:
|
|
from_secret: github_token
|
|
GO_VERSION: 1.22.4
|
|
GPG_PASSPHRASE:
|
|
from_secret: packages_gpg_passphrase
|
|
GPG_PRIVATE_KEY:
|
|
from_secret: packages_gpg_private_key
|
|
GPG_PUBLIC_KEY:
|
|
from_secret: packages_gpg_public_key
|
|
NPM_TOKEN:
|
|
from_secret: npm_token
|
|
STORYBOOK_DESTINATION:
|
|
from_secret: rgm_storybook_destination
|
|
UBUNTU_BASE: ubuntu:22.04
|
|
image: grafana/grafana-build:main
|
|
name: rgm-publish
|
|
pull: always
|
|
volumes:
|
|
- name: docker
|
|
path: /var/run/docker.sock
|
|
- depends_on:
|
|
- rgm-publish
|
|
image: us.gcr.io/kubernetes-dev/package-publish:latest
|
|
name: publish-deb
|
|
privileged: true
|
|
settings:
|
|
access_key_id:
|
|
from_secret: packages_access_key_id
|
|
gpg_passphrase:
|
|
from_secret: packages_gpg_passphrase
|
|
gpg_private_key:
|
|
from_secret: packages_gpg_private_key
|
|
gpg_public_key:
|
|
from_secret: packages_gpg_public_key
|
|
package_path: file:///drone/src/dist/*.deb
|
|
secret_access_key:
|
|
from_secret: packages_secret_access_key
|
|
service_account_json:
|
|
from_secret: packages_service_account
|
|
target_bucket: grafana-packages
|
|
- depends_on:
|
|
- rgm-publish
|
|
image: us.gcr.io/kubernetes-dev/package-publish:latest
|
|
name: publish-rpm
|
|
privileged: true
|
|
settings:
|
|
access_key_id:
|
|
from_secret: packages_access_key_id
|
|
gpg_passphrase:
|
|
from_secret: packages_gpg_passphrase
|
|
gpg_private_key:
|
|
from_secret: packages_gpg_private_key
|
|
gpg_public_key:
|
|
from_secret: packages_gpg_public_key
|
|
package_path: file:///drone/src/dist/*.rpm
|
|
secret_access_key:
|
|
from_secret: packages_secret_access_key
|
|
service_account_json:
|
|
from_secret: packages_service_account
|
|
target_bucket: grafana-packages
|
|
trigger:
|
|
cron:
|
|
include:
|
|
- nightly-release
|
|
event:
|
|
include:
|
|
- cron
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on: []
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: rgm-promotion
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- 'dagger run --silent /src/grafana-build artifacts -a $${ARTIFACTS} --grafana-ref=$${GRAFANA_REF}
|
|
--enterprise-ref=$${ENTERPRISE_REF} --grafana-repo=$${GRAFANA_REPO} --version=$${VERSION} '
|
|
- --go-version=1.22.4
|
|
environment:
|
|
_EXPERIMENTAL_DAGGER_CLOUD_TOKEN:
|
|
from_secret: dagger_token
|
|
ALPINE_BASE: alpine:3.19.1
|
|
CDN_DESTINATION:
|
|
from_secret: rgm_cdn_destination
|
|
DESTINATION:
|
|
from_secret: destination
|
|
DOCKER_PASSWORD:
|
|
from_secret: docker_password
|
|
DOCKER_USERNAME:
|
|
from_secret: docker_username
|
|
DOWNLOADS_DESTINATION:
|
|
from_secret: rgm_downloads_destination
|
|
GCOM_API_KEY:
|
|
from_secret: grafana_api_key
|
|
GCP_KEY_BASE64:
|
|
from_secret: gcp_key_base64
|
|
GITHUB_TOKEN:
|
|
from_secret: github_token
|
|
GO_VERSION: 1.22.4
|
|
GPG_PASSPHRASE:
|
|
from_secret: packages_gpg_passphrase
|
|
GPG_PRIVATE_KEY:
|
|
from_secret: packages_gpg_private_key
|
|
GPG_PUBLIC_KEY:
|
|
from_secret: packages_gpg_public_key
|
|
NPM_TOKEN:
|
|
from_secret: npm_token
|
|
STORYBOOK_DESTINATION:
|
|
from_secret: rgm_storybook_destination
|
|
UBUNTU_BASE: ubuntu:22.04
|
|
image: grafana/grafana-build:main
|
|
name: rgm-build
|
|
pull: always
|
|
volumes:
|
|
- name: docker
|
|
path: /var/run/docker.sock
|
|
- commands:
|
|
- printenv GCP_KEY_BASE64 | base64 -d > /tmp/key.json
|
|
- gcloud auth activate-service-account --key-file=/tmp/key.json
|
|
- gcloud storage cp -r dist/* $${UPLOAD_TO}
|
|
environment:
|
|
_EXPERIMENTAL_DAGGER_CLOUD_TOKEN:
|
|
from_secret: dagger_token
|
|
CDN_DESTINATION:
|
|
from_secret: rgm_cdn_destination
|
|
DESTINATION:
|
|
from_secret: destination
|
|
DOCKER_PASSWORD:
|
|
from_secret: docker_password
|
|
DOCKER_USERNAME:
|
|
from_secret: docker_username
|
|
DOWNLOADS_DESTINATION:
|
|
from_secret: rgm_downloads_destination
|
|
GCOM_API_KEY:
|
|
from_secret: grafana_api_key
|
|
GCP_KEY_BASE64:
|
|
from_secret: gcp_key_base64
|
|
GITHUB_TOKEN:
|
|
from_secret: github_token
|
|
GPG_PASSPHRASE:
|
|
from_secret: packages_gpg_passphrase
|
|
GPG_PRIVATE_KEY:
|
|
from_secret: packages_gpg_private_key
|
|
GPG_PUBLIC_KEY:
|
|
from_secret: packages_gpg_public_key
|
|
NPM_TOKEN:
|
|
from_secret: npm_token
|
|
STORYBOOK_DESTINATION:
|
|
from_secret: rgm_storybook_destination
|
|
image: google/cloud-sdk:alpine
|
|
name: rgm-copy
|
|
trigger:
|
|
event:
|
|
- promote
|
|
target: upload-packages
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
---
|
|
clone:
|
|
disable: true
|
|
depends_on: []
|
|
environment:
|
|
EDITION: oss
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: testing-test-backend-windows
|
|
platform:
|
|
arch: amd64
|
|
os: windows
|
|
version: "1809"
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- git clone "https://$$env:GITHUB_TOKEN@github.com/$$env:DRONE_REPO.git" .
|
|
- git checkout -f $$env:DRONE_COMMIT
|
|
environment:
|
|
GITHUB_TOKEN:
|
|
from_secret: github_token
|
|
image: grafana/ci-wix:0.1.1
|
|
name: clone
|
|
- commands: []
|
|
depends_on:
|
|
- clone
|
|
image: golang:1.22.4-windowsservercore-1809
|
|
name: windows-init
|
|
- commands:
|
|
- go install github.com/google/wire/cmd/wire@v0.5.0
|
|
- wire gen -tags oss ./pkg/server
|
|
depends_on:
|
|
- windows-init
|
|
image: golang:1.22.4-windowsservercore-1809
|
|
name: wire-install
|
|
- commands:
|
|
- go test -tags requires_buildifer -short -covermode=atomic -timeout=5m ./pkg/...
|
|
depends_on:
|
|
- wire-install
|
|
image: golang:1.22.4-windowsservercore-1809
|
|
name: test-backend
|
|
trigger:
|
|
event:
|
|
- promote
|
|
target:
|
|
- test-windows
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: //./pipe/docker_engine/
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
depends_on: []
|
|
environment:
|
|
EDITION: oss
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: integration-tests
|
|
node:
|
|
type: no-parallel
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
services:
|
|
- environment:
|
|
PGDATA: /var/lib/postgresql/data/pgdata
|
|
POSTGRES_DB: grafanatest
|
|
POSTGRES_PASSWORD: grafanatest
|
|
POSTGRES_USER: grafanatest
|
|
image: postgres:12.3-alpine
|
|
name: postgres
|
|
volumes:
|
|
- name: postgres
|
|
path: /var/lib/postgresql/data/pgdata
|
|
- commands:
|
|
- docker-entrypoint.sh mysqld --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci
|
|
environment:
|
|
MYSQL_DATABASE: grafana_tests
|
|
MYSQL_PASSWORD: password
|
|
MYSQL_ROOT_PASSWORD: rootpass
|
|
MYSQL_USER: grafana
|
|
image: mysql:5.7.39
|
|
name: mysql57
|
|
volumes:
|
|
- name: mysql57
|
|
path: /var/lib/mysql
|
|
- commands:
|
|
- docker-entrypoint.sh mysqld --default-authentication-plugin=mysql_native_password
|
|
environment:
|
|
MYSQL_DATABASE: grafana_tests
|
|
MYSQL_PASSWORD: password
|
|
MYSQL_ROOT_PASSWORD: rootpass
|
|
MYSQL_USER: grafana
|
|
image: mysql:8.0.32
|
|
name: mysql80
|
|
volumes:
|
|
- name: mysql80
|
|
path: /var/lib/mysql
|
|
- commands:
|
|
- /bin/mimir -target=backend -alertmanager.grafana-alertmanager-compatibility-enabled
|
|
environment: {}
|
|
image: us.gcr.io/kubernetes-dev/mimir:santihernandezc-validate_grafana_am_config-1e903e462-WIP
|
|
name: mimir_backend
|
|
- environment: {}
|
|
image: redis:6.2.11-alpine
|
|
name: redis
|
|
- environment: {}
|
|
image: memcached:1.6.9-alpine
|
|
name: memcached
|
|
steps:
|
|
- commands:
|
|
- mkdir -p bin
|
|
- curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v3.0.50/grabpl
|
|
- chmod +x bin/grabpl
|
|
image: byrnedo/alpine-curl:0.1.8
|
|
name: grabpl
|
|
- commands:
|
|
- echo $DRONE_RUNNER_NAME
|
|
image: alpine:3.19.1
|
|
name: identify-runner
|
|
- commands:
|
|
- '# It is required that code generated from Thema/CUE be committed and in sync
|
|
with its inputs.'
|
|
- '# The following command will fail if running code generators produces any diff
|
|
in output.'
|
|
- apk add --update make
|
|
- CODEGEN_VERIFY=1 make gen-cue
|
|
depends_on: []
|
|
image: golang:1.22.4-alpine
|
|
name: verify-gen-cue
|
|
- commands:
|
|
- '# It is required that generated jsonnet is committed and in sync with its inputs.'
|
|
- '# The following command will fail if running code generators produces any diff
|
|
in output.'
|
|
- apk add --update make
|
|
- CODEGEN_VERIFY=1 make gen-jsonnet
|
|
depends_on: []
|
|
image: golang:1.22.4-alpine
|
|
name: verify-gen-jsonnet
|
|
- commands:
|
|
- apk add --update make
|
|
- make gen-go
|
|
depends_on:
|
|
- verify-gen-cue
|
|
image: golang:1.22.4-alpine
|
|
name: wire-install
|
|
- commands:
|
|
- dockerize -wait tcp://postgres:5432 -timeout 120s
|
|
image: jwilder/dockerize:0.6.1
|
|
name: wait-for-postgres
|
|
- commands:
|
|
- apk add --update build-base
|
|
- apk add --update postgresql-client
|
|
- psql -p 5432 -h postgres -U grafanatest -d grafanatest -f devenv/docker/blocks/postgres_tests/setup.sql
|
|
- go clean -testcache
|
|
- go test -p=1 -count=1 -covermode=atomic -timeout=5m -run '^TestIntegration' $(find
|
|
./pkg -type f -name '*_test.go' -exec grep -l '^func TestIntegration' '{}' '+'
|
|
| grep -o '\(.*\)/' | sort -u)
|
|
depends_on:
|
|
- wire-install
|
|
- wait-for-postgres
|
|
environment:
|
|
GRAFANA_TEST_DB: postgres
|
|
PGPASSWORD: grafanatest
|
|
POSTGRES_HOST: postgres
|
|
image: golang:1.22.4-alpine
|
|
name: postgres-integration-tests
|
|
- commands:
|
|
- dockerize -wait tcp://mysql57:3306 -timeout 120s
|
|
image: jwilder/dockerize:0.6.1
|
|
name: wait-for-mysql-5.7
|
|
- commands:
|
|
- apk add --update build-base
|
|
- apk add --update mysql-client
|
|
- cat devenv/docker/blocks/mysql_tests/setup.sql | mysql -h mysql57 -P 3306 -u root
|
|
-prootpass
|
|
- go clean -testcache
|
|
- go test -p=1 -count=1 -covermode=atomic -timeout=5m -run '^TestIntegration' $(find
|
|
./pkg -type f -name '*_test.go' -exec grep -l '^func TestIntegration' '{}' '+'
|
|
| grep -o '\(.*\)/' | sort -u)
|
|
depends_on:
|
|
- wire-install
|
|
- wait-for-mysql-5.7
|
|
environment:
|
|
GRAFANA_TEST_DB: mysql
|
|
MYSQL_HOST: mysql57
|
|
image: golang:1.22.4-alpine
|
|
name: mysql-5.7-integration-tests
|
|
- commands:
|
|
- dockerize -wait tcp://mysql80:3306 -timeout 120s
|
|
image: jwilder/dockerize:0.6.1
|
|
name: wait-for-mysql-8.0
|
|
- commands:
|
|
- apk add --update build-base
|
|
- apk add --update mysql-client
|
|
- cat devenv/docker/blocks/mysql_tests/setup.sql | mysql -h mysql80 -P 3306 -u root
|
|
-prootpass
|
|
- go clean -testcache
|
|
- go test -p=1 -count=1 -covermode=atomic -timeout=5m -run '^TestIntegration' $(find
|
|
./pkg -type f -name '*_test.go' -exec grep -l '^func TestIntegration' '{}' '+'
|
|
| grep -o '\(.*\)/' | sort -u)
|
|
depends_on:
|
|
- wire-install
|
|
- wait-for-mysql-8.0
|
|
environment:
|
|
GRAFANA_TEST_DB: mysql
|
|
MYSQL_HOST: mysql80
|
|
image: golang:1.22.4-alpine
|
|
name: mysql-8.0-integration-tests
|
|
- commands:
|
|
- dockerize -wait tcp://redis:6379 -timeout 120s
|
|
image: jwilder/dockerize:0.6.1
|
|
name: wait-for-redis
|
|
- commands:
|
|
- apk add --update build-base
|
|
- go clean -testcache
|
|
- go list -f '{{.Dir}}/...' -m | xargs go test -run IntegrationRedis -covermode=atomic
|
|
-timeout=2m
|
|
depends_on:
|
|
- wire-install
|
|
- wait-for-redis
|
|
environment:
|
|
REDIS_URL: redis://redis:6379/0
|
|
image: golang:1.22.4-alpine
|
|
name: redis-integration-tests
|
|
- commands:
|
|
- dockerize -wait tcp://memcached:11211 -timeout 120s
|
|
image: jwilder/dockerize:0.6.1
|
|
name: wait-for-memcached
|
|
- commands:
|
|
- apk add --update build-base
|
|
- go clean -testcache
|
|
- go list -f '{{.Dir}}/...' -m | xargs go test -run IntegrationMemcached -covermode=atomic
|
|
-timeout=2m
|
|
depends_on:
|
|
- wire-install
|
|
- wait-for-memcached
|
|
environment:
|
|
MEMCACHED_HOSTS: memcached:11211
|
|
image: golang:1.22.4-alpine
|
|
name: memcached-integration-tests
|
|
- commands:
|
|
- dockerize -wait tcp://mimir_backend:8080 -timeout 120s
|
|
image: jwilder/dockerize:0.6.1
|
|
name: wait-for-remote-alertmanager
|
|
- commands:
|
|
- apk add --update build-base
|
|
- go clean -testcache
|
|
- go test -run TestIntegrationRemoteAlertmanager -covermode=atomic -timeout=2m ./pkg/services/ngalert/...
|
|
depends_on:
|
|
- wire-install
|
|
- wait-for-remote-alertmanager
|
|
environment:
|
|
AM_TENANT_ID: test
|
|
AM_URL: http://mimir_backend:8080
|
|
image: golang:1.22.4-alpine
|
|
name: remote-alertmanager-integration-tests
|
|
trigger:
|
|
event:
|
|
- promote
|
|
target: integration-tests
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
- name: postgres
|
|
temp:
|
|
medium: memory
|
|
- name: mysql57
|
|
temp:
|
|
medium: memory
|
|
- name: mysql80
|
|
temp:
|
|
medium: memory
|
|
---
|
|
clone:
|
|
disable: true
|
|
depends_on: []
|
|
image_pull_secrets:
|
|
- gcr
|
|
- gar
|
|
kind: pipeline
|
|
name: publish-ci-windows-test-image
|
|
platform:
|
|
arch: amd64
|
|
os: windows
|
|
version: "1809"
|
|
services: []
|
|
steps:
|
|
- commands:
|
|
- git clone "https://$$env:GITHUB_TOKEN@github.com/grafana/grafana-ci-sandbox.git"
|
|
.
|
|
- git checkout -f $$env:DRONE_COMMIT
|
|
environment:
|
|
GITHUB_TOKEN:
|
|
from_secret: github_token
|
|
image: grafana/ci-wix:0.1.1
|
|
name: clone
|
|
- commands:
|
|
- cd scripts\build\ci-windows-test
|
|
- docker login -u $$env:DOCKER_USERNAME -p $$env:DOCKER_PASSWORD
|
|
- docker build -t grafana/grafana-ci-windows-test:$$env:TAG .
|
|
- docker push grafana/grafana-ci-windows-test:$$env:TAG
|
|
environment:
|
|
DOCKER_PASSWORD:
|
|
from_secret: docker_password
|
|
DOCKER_USERNAME:
|
|
from_secret: docker_username
|
|
image: docker:windowsservercore-1809
|
|
name: build-and-publish
|
|
volumes:
|
|
- name: docker
|
|
path: //./pipe/docker_engine/
|
|
trigger:
|
|
event:
|
|
- promote
|
|
target:
|
|
- ci-windows-test-image
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: //./pipe/docker_engine/
|
|
name: docker
|
|
---
|
|
clone:
|
|
retries: 3
|
|
kind: pipeline
|
|
name: scan-grafana/grafana:latest-image
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
steps:
|
|
- commands:
|
|
- echo $${GCR_CREDENTIALS} | docker login -u _json_key --password-stdin https://us.gcr.io
|
|
environment:
|
|
GCR_CREDENTIALS:
|
|
from_secret: gcr_credentials
|
|
image: docker:dind
|
|
name: authenticate-gcr
|
|
volumes:
|
|
- name: docker
|
|
path: /var/run/docker.sock
|
|
- name: config
|
|
path: /root/.docker/
|
|
- commands:
|
|
- trivy image --exit-code 0 --severity UNKNOWN,LOW,MEDIUM grafana/grafana:latest
|
|
depends_on:
|
|
- authenticate-gcr
|
|
image: aquasec/trivy:0.21.0
|
|
name: scan-unknown-low-medium-vulnerabilities
|
|
volumes:
|
|
- name: docker
|
|
path: /var/run/docker.sock
|
|
- name: config
|
|
path: /root/.docker/
|
|
- commands:
|
|
- trivy image --exit-code 1 --severity HIGH,CRITICAL grafana/grafana:latest
|
|
depends_on:
|
|
- authenticate-gcr
|
|
environment:
|
|
GOOGLE_APPLICATION_CREDENTIALS:
|
|
from_secret: gcr_credentials_json
|
|
image: aquasec/trivy:0.21.0
|
|
name: scan-high-critical-vulnerabilities
|
|
volumes:
|
|
- name: docker
|
|
path: /var/run/docker.sock
|
|
- name: config
|
|
path: /root/.docker/
|
|
- image: plugins/slack
|
|
name: slack-notify-failure
|
|
settings:
|
|
channel: grafana-backend-ops
|
|
template: 'Nightly docker image scan job for grafana/grafana:latest failed: {{build.link}}'
|
|
webhook:
|
|
from_secret: slack_webhook_backend
|
|
when:
|
|
status: failure
|
|
trigger:
|
|
cron: nightly
|
|
event: cron
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
- name: config
|
|
temp: {}
|
|
---
|
|
clone:
|
|
retries: 3
|
|
kind: pipeline
|
|
name: scan-grafana/grafana:main-image
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
steps:
|
|
- commands:
|
|
- echo $${GCR_CREDENTIALS} | docker login -u _json_key --password-stdin https://us.gcr.io
|
|
environment:
|
|
GCR_CREDENTIALS:
|
|
from_secret: gcr_credentials
|
|
image: docker:dind
|
|
name: authenticate-gcr
|
|
volumes:
|
|
- name: docker
|
|
path: /var/run/docker.sock
|
|
- name: config
|
|
path: /root/.docker/
|
|
- commands:
|
|
- trivy image --exit-code 0 --severity UNKNOWN,LOW,MEDIUM grafana/grafana:main
|
|
depends_on:
|
|
- authenticate-gcr
|
|
image: aquasec/trivy:0.21.0
|
|
name: scan-unknown-low-medium-vulnerabilities
|
|
volumes:
|
|
- name: docker
|
|
path: /var/run/docker.sock
|
|
- name: config
|
|
path: /root/.docker/
|
|
- commands:
|
|
- trivy image --exit-code 1 --severity HIGH,CRITICAL grafana/grafana:main
|
|
depends_on:
|
|
- authenticate-gcr
|
|
environment:
|
|
GOOGLE_APPLICATION_CREDENTIALS:
|
|
from_secret: gcr_credentials_json
|
|
image: aquasec/trivy:0.21.0
|
|
name: scan-high-critical-vulnerabilities
|
|
volumes:
|
|
- name: docker
|
|
path: /var/run/docker.sock
|
|
- name: config
|
|
path: /root/.docker/
|
|
- image: plugins/slack
|
|
name: slack-notify-failure
|
|
settings:
|
|
channel: grafana-backend-ops
|
|
template: 'Nightly docker image scan job for grafana/grafana:main failed: {{build.link}}'
|
|
webhook:
|
|
from_secret: slack_webhook_backend
|
|
when:
|
|
status: failure
|
|
trigger:
|
|
cron: nightly
|
|
event: cron
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
- name: config
|
|
temp: {}
|
|
---
|
|
clone:
|
|
retries: 3
|
|
kind: pipeline
|
|
name: scan-grafana/grafana:latest-ubuntu-image
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
steps:
|
|
- commands:
|
|
- echo $${GCR_CREDENTIALS} | docker login -u _json_key --password-stdin https://us.gcr.io
|
|
environment:
|
|
GCR_CREDENTIALS:
|
|
from_secret: gcr_credentials
|
|
image: docker:dind
|
|
name: authenticate-gcr
|
|
volumes:
|
|
- name: docker
|
|
path: /var/run/docker.sock
|
|
- name: config
|
|
path: /root/.docker/
|
|
- commands:
|
|
- trivy image --exit-code 0 --severity UNKNOWN,LOW,MEDIUM grafana/grafana:latest-ubuntu
|
|
depends_on:
|
|
- authenticate-gcr
|
|
image: aquasec/trivy:0.21.0
|
|
name: scan-unknown-low-medium-vulnerabilities
|
|
volumes:
|
|
- name: docker
|
|
path: /var/run/docker.sock
|
|
- name: config
|
|
path: /root/.docker/
|
|
- commands:
|
|
- trivy image --exit-code 1 --severity HIGH,CRITICAL grafana/grafana:latest-ubuntu
|
|
depends_on:
|
|
- authenticate-gcr
|
|
environment:
|
|
GOOGLE_APPLICATION_CREDENTIALS:
|
|
from_secret: gcr_credentials_json
|
|
image: aquasec/trivy:0.21.0
|
|
name: scan-high-critical-vulnerabilities
|
|
volumes:
|
|
- name: docker
|
|
path: /var/run/docker.sock
|
|
- name: config
|
|
path: /root/.docker/
|
|
- image: plugins/slack
|
|
name: slack-notify-failure
|
|
settings:
|
|
channel: grafana-backend-ops
|
|
template: 'Nightly docker image scan job for grafana/grafana:latest-ubuntu failed:
|
|
{{build.link}}'
|
|
webhook:
|
|
from_secret: slack_webhook_backend
|
|
when:
|
|
status: failure
|
|
trigger:
|
|
cron: nightly
|
|
event: cron
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
- name: config
|
|
temp: {}
|
|
---
|
|
clone:
|
|
retries: 3
|
|
kind: pipeline
|
|
name: scan-grafana/grafana:main-ubuntu-image
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
steps:
|
|
- commands:
|
|
- echo $${GCR_CREDENTIALS} | docker login -u _json_key --password-stdin https://us.gcr.io
|
|
environment:
|
|
GCR_CREDENTIALS:
|
|
from_secret: gcr_credentials
|
|
image: docker:dind
|
|
name: authenticate-gcr
|
|
volumes:
|
|
- name: docker
|
|
path: /var/run/docker.sock
|
|
- name: config
|
|
path: /root/.docker/
|
|
- commands:
|
|
- trivy image --exit-code 0 --severity UNKNOWN,LOW,MEDIUM grafana/grafana:main-ubuntu
|
|
depends_on:
|
|
- authenticate-gcr
|
|
image: aquasec/trivy:0.21.0
|
|
name: scan-unknown-low-medium-vulnerabilities
|
|
volumes:
|
|
- name: docker
|
|
path: /var/run/docker.sock
|
|
- name: config
|
|
path: /root/.docker/
|
|
- commands:
|
|
- trivy image --exit-code 1 --severity HIGH,CRITICAL grafana/grafana:main-ubuntu
|
|
depends_on:
|
|
- authenticate-gcr
|
|
environment:
|
|
GOOGLE_APPLICATION_CREDENTIALS:
|
|
from_secret: gcr_credentials_json
|
|
image: aquasec/trivy:0.21.0
|
|
name: scan-high-critical-vulnerabilities
|
|
volumes:
|
|
- name: docker
|
|
path: /var/run/docker.sock
|
|
- name: config
|
|
path: /root/.docker/
|
|
- image: plugins/slack
|
|
name: slack-notify-failure
|
|
settings:
|
|
channel: grafana-backend-ops
|
|
template: 'Nightly docker image scan job for grafana/grafana:main-ubuntu failed:
|
|
{{build.link}}'
|
|
webhook:
|
|
from_secret: slack_webhook_backend
|
|
when:
|
|
status: failure
|
|
trigger:
|
|
cron: nightly
|
|
event: cron
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
- name: config
|
|
temp: {}
|
|
---
|
|
clone:
|
|
retries: 3
|
|
kind: pipeline
|
|
name: scan-build-test-and-publish-docker-images
|
|
platform:
|
|
arch: amd64
|
|
os: linux
|
|
steps:
|
|
- commands:
|
|
- echo $${GCR_CREDENTIALS} | docker login -u _json_key --password-stdin https://us.gcr.io
|
|
environment:
|
|
GCR_CREDENTIALS:
|
|
from_secret: gcr_credentials
|
|
image: docker:dind
|
|
name: authenticate-gcr
|
|
volumes:
|
|
- name: docker
|
|
path: /var/run/docker.sock
|
|
- name: config
|
|
path: /root/.docker/
|
|
- commands:
|
|
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM alpine/git:2.40.1
|
|
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM golang:1.22.4-alpine
|
|
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM node:20.9.0-alpine
|
|
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM node:20-bookworm
|
|
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM google/cloud-sdk:431.0.0
|
|
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM grafana/grafana-ci-deploy:1.3.3
|
|
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM alpine:3.19.1
|
|
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM ubuntu:22.04
|
|
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM byrnedo/alpine-curl:0.1.8
|
|
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM plugins/slack
|
|
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM python:3.8
|
|
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM postgres:12.3-alpine
|
|
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM us.gcr.io/kubernetes-dev/mimir:santihernandezc-validate_grafana_am_config-1e903e462-WIP
|
|
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM mysql:5.7.39
|
|
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM mysql:8.0.32
|
|
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM redis:6.2.11-alpine
|
|
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM memcached:1.6.9-alpine
|
|
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM us.gcr.io/kubernetes-dev/package-publish:latest
|
|
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM osixia/openldap:1.4.0
|
|
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM grafana/drone-downstream
|
|
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM grafana/docker-puppeteer:1.1.0
|
|
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM grafana/docs-base:latest
|
|
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM cypress/included:13.10.0
|
|
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM jwilder/dockerize:0.6.1
|
|
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM koalaman/shellcheck:stable
|
|
depends_on:
|
|
- authenticate-gcr
|
|
image: aquasec/trivy:0.21.0
|
|
name: scan-unknown-low-medium-vulnerabilities
|
|
volumes:
|
|
- name: docker
|
|
path: /var/run/docker.sock
|
|
- name: config
|
|
path: /root/.docker/
|
|
- commands:
|
|
- trivy --exit-code 1 --severity HIGH,CRITICAL alpine/git:2.40.1
|
|
- trivy --exit-code 1 --severity HIGH,CRITICAL golang:1.22.4-alpine
|
|
- trivy --exit-code 1 --severity HIGH,CRITICAL node:20.9.0-alpine
|
|
- trivy --exit-code 1 --severity HIGH,CRITICAL node:20-bookworm
|
|
- trivy --exit-code 1 --severity HIGH,CRITICAL google/cloud-sdk:431.0.0
|
|
- trivy --exit-code 1 --severity HIGH,CRITICAL grafana/grafana-ci-deploy:1.3.3
|
|
- trivy --exit-code 1 --severity HIGH,CRITICAL alpine:3.19.1
|
|
- trivy --exit-code 1 --severity HIGH,CRITICAL ubuntu:22.04
|
|
- trivy --exit-code 1 --severity HIGH,CRITICAL byrnedo/alpine-curl:0.1.8
|
|
- trivy --exit-code 1 --severity HIGH,CRITICAL plugins/slack
|
|
- trivy --exit-code 1 --severity HIGH,CRITICAL python:3.8
|
|
- trivy --exit-code 1 --severity HIGH,CRITICAL postgres:12.3-alpine
|
|
- trivy --exit-code 1 --severity HIGH,CRITICAL us.gcr.io/kubernetes-dev/mimir:santihernandezc-validate_grafana_am_config-1e903e462-WIP
|
|
- trivy --exit-code 1 --severity HIGH,CRITICAL mysql:5.7.39
|
|
- trivy --exit-code 1 --severity HIGH,CRITICAL mysql:8.0.32
|
|
- trivy --exit-code 1 --severity HIGH,CRITICAL redis:6.2.11-alpine
|
|
- trivy --exit-code 1 --severity HIGH,CRITICAL memcached:1.6.9-alpine
|
|
- trivy --exit-code 1 --severity HIGH,CRITICAL us.gcr.io/kubernetes-dev/package-publish:latest
|
|
- trivy --exit-code 1 --severity HIGH,CRITICAL osixia/openldap:1.4.0
|
|
- trivy --exit-code 1 --severity HIGH,CRITICAL grafana/drone-downstream
|
|
- trivy --exit-code 1 --severity HIGH,CRITICAL grafana/docker-puppeteer:1.1.0
|
|
- trivy --exit-code 1 --severity HIGH,CRITICAL grafana/docs-base:latest
|
|
- trivy --exit-code 1 --severity HIGH,CRITICAL cypress/included:13.10.0
|
|
- trivy --exit-code 1 --severity HIGH,CRITICAL jwilder/dockerize:0.6.1
|
|
- trivy --exit-code 1 --severity HIGH,CRITICAL koalaman/shellcheck:stable
|
|
depends_on:
|
|
- authenticate-gcr
|
|
environment:
|
|
GOOGLE_APPLICATION_CREDENTIALS:
|
|
from_secret: gcr_credentials_json
|
|
image: aquasec/trivy:0.21.0
|
|
name: scan-high-critical-vulnerabilities
|
|
volumes:
|
|
- name: docker
|
|
path: /var/run/docker.sock
|
|
- name: config
|
|
path: /root/.docker/
|
|
- image: plugins/slack
|
|
name: slack-notify-failure
|
|
settings:
|
|
channel: grafana-backend-ops
|
|
template: 'Nightly docker image scan job for build-images failed: {{build.link}}'
|
|
webhook:
|
|
from_secret: slack_webhook_backend
|
|
when:
|
|
status: failure
|
|
trigger:
|
|
cron: nightly
|
|
event: cron
|
|
type: docker
|
|
volumes:
|
|
- host:
|
|
path: /var/run/docker.sock
|
|
name: docker
|
|
- name: config
|
|
temp: {}
|
|
---
|
|
get:
|
|
name: credentials.json
|
|
path: infra/data/ci/grafana-release-eng/grafanauploads
|
|
kind: secret
|
|
name: gcp_grafanauploads
|
|
---
|
|
get:
|
|
name: credentials_base64
|
|
path: infra/data/ci/grafana-release-eng/grafanauploads
|
|
kind: secret
|
|
name: gcp_grafanauploads_base64
|
|
---
|
|
get:
|
|
name: api_key
|
|
path: infra/data/ci/grafana-release-eng/grafanacom
|
|
kind: secret
|
|
name: grafana_api_key
|
|
---
|
|
get:
|
|
name: .dockerconfigjson
|
|
path: secret/data/common/gcr
|
|
kind: secret
|
|
name: gcr
|
|
---
|
|
get:
|
|
name: .dockerconfigjson
|
|
path: secret/data/common/gar
|
|
kind: secret
|
|
name: gar
|
|
---
|
|
get:
|
|
name: pat
|
|
path: infra/data/ci/github/grafanabot
|
|
kind: secret
|
|
name: github_token
|
|
---
|
|
get:
|
|
name: machine-user-token
|
|
path: infra/data/ci/drone
|
|
kind: secret
|
|
name: drone_token
|
|
---
|
|
get:
|
|
name: bucket
|
|
path: infra/data/ci/grafana/prerelease
|
|
kind: secret
|
|
name: prerelease_bucket
|
|
---
|
|
get:
|
|
name: username
|
|
path: infra/data/ci/grafanaci-docker-hub
|
|
kind: secret
|
|
name: docker_username
|
|
---
|
|
get:
|
|
name: password
|
|
path: infra/data/ci/grafanaci-docker-hub
|
|
kind: secret
|
|
name: docker_password
|
|
---
|
|
get:
|
|
name: credentials.json
|
|
path: infra/data/ci/grafana/releng/artifacts-uploader-service-account
|
|
kind: secret
|
|
name: gcp_upload_artifacts_key
|
|
---
|
|
get:
|
|
name: credentials.json
|
|
path: infra/data/ci/grafana/assets-downloader-build-container-service-account
|
|
kind: secret
|
|
name: gcp_download_build_container_assets_key
|
|
---
|
|
get:
|
|
name: application_id
|
|
path: infra/data/ci/datasources/cpp-azure-resourcemanager-credentials
|
|
kind: secret
|
|
name: azure_sp_app_id
|
|
---
|
|
get:
|
|
name: application_secret
|
|
path: infra/data/ci/datasources/cpp-azure-resourcemanager-credentials
|
|
kind: secret
|
|
name: azure_sp_app_pw
|
|
---
|
|
get:
|
|
name: tenant_id
|
|
path: infra/data/ci/datasources/cpp-azure-resourcemanager-credentials
|
|
kind: secret
|
|
name: azure_tenant
|
|
---
|
|
get:
|
|
name: token
|
|
path: infra/data/ci/grafana-release-eng/npm
|
|
kind: secret
|
|
name: npm_token
|
|
---
|
|
get:
|
|
name: public-key-b64
|
|
path: infra/data/ci/packages-publish/gpg
|
|
kind: secret
|
|
name: packages_gpg_public_key
|
|
---
|
|
get:
|
|
name: private-key-b64
|
|
path: infra/data/ci/packages-publish/gpg
|
|
kind: secret
|
|
name: packages_gpg_private_key
|
|
---
|
|
get:
|
|
name: passphrase
|
|
path: infra/data/ci/packages-publish/gpg
|
|
kind: secret
|
|
name: packages_gpg_passphrase
|
|
---
|
|
get:
|
|
name: credentials.json
|
|
path: infra/data/ci/packages-publish/service-account
|
|
kind: secret
|
|
name: packages_service_account
|
|
---
|
|
get:
|
|
name: AccessID
|
|
path: infra/data/ci/packages-publish/bucket-credentials
|
|
kind: secret
|
|
name: packages_access_key_id
|
|
---
|
|
get:
|
|
name: Secret
|
|
path: infra/data/ci/packages-publish/bucket-credentials
|
|
kind: secret
|
|
name: packages_secret_access_key
|
|
---
|
|
get:
|
|
name: static_asset_editions
|
|
path: infra/data/ci/grafana-release-eng/artifact-publishing
|
|
kind: secret
|
|
name: static_asset_editions
|
|
---
|
|
get:
|
|
name: gcp_service_account_prod_base64
|
|
path: infra/data/ci/grafana-release-eng/rgm
|
|
kind: secret
|
|
name: gcp_key_base64
|
|
---
|
|
get:
|
|
name: destination_prod
|
|
path: infra/data/ci/grafana-release-eng/rgm
|
|
kind: secret
|
|
name: destination
|
|
---
|
|
get:
|
|
name: storybook_destination
|
|
path: infra/data/ci/grafana-release-eng/rgm
|
|
kind: secret
|
|
name: rgm_storybook_destination
|
|
---
|
|
get:
|
|
name: cdn_destination
|
|
path: infra/data/ci/grafana-release-eng/rgm
|
|
kind: secret
|
|
name: rgm_cdn_destination
|
|
---
|
|
get:
|
|
name: downloads_destination
|
|
path: infra/data/ci/grafana-release-eng/rgm
|
|
kind: secret
|
|
name: rgm_downloads_destination
|
|
---
|
|
get:
|
|
name: dagger_token
|
|
path: infra/data/ci/grafana-release-eng/rgm
|
|
kind: secret
|
|
name: dagger_token
|
|
---
|
|
get:
|
|
name: app-id
|
|
path: infra/data/ci/grafana-release-eng/grafana-delivery-bot
|
|
kind: secret
|
|
name: delivery-bot-app-id
|
|
---
|
|
get:
|
|
name: app-installation-id
|
|
path: infra/data/ci/grafana-release-eng/grafana-delivery-bot
|
|
kind: secret
|
|
name: delivery-bot-app-installation-id
|
|
---
|
|
get:
|
|
name: app-private-key
|
|
path: infra/data/ci/grafana-release-eng/grafana-delivery-bot
|
|
kind: secret
|
|
name: delivery-bot-app-private-key
|
|
---
|
|
get:
|
|
name: service-account
|
|
path: secret/data/common/gcr
|
|
kind: secret
|
|
name: gcr_credentials
|
|
---
|
|
kind: signature
|
|
hmac: 043028c50d984e1ea98a294c6746df1388cb0b7d7976f82f3dd0004fc493bafc
|
|
|
|
...
|