mirror of
https://github.com/grafana/grafana.git
synced 2024-11-28 03:34:15 -06:00
4386604751
* build: make sign rpm packages not depend on checking out private key * build: move commands from circleci config into verify signed packages script * build: split update and publish of deb and rpm into two scripts * use files argument for sign and verify packages * validate files argument for sign and verify packages * update test publish of deb/rpm readme
973 lines
31 KiB
YAML
973 lines
31 KiB
YAML
aliases:
|
|
# Workflow filters
|
|
- &filter-only-release
|
|
branches:
|
|
ignore: /.*/
|
|
tags:
|
|
only: /^v[0-9]+(\.[0-9]+){2}(-.+|[^-.]*)$/
|
|
- &filter-not-release-or-master
|
|
tags:
|
|
ignore: /^v[0-9]+(\.[0-9]+){2}(-.+|[^-.]*)$/
|
|
branches:
|
|
ignore: master
|
|
- &filter-only-master
|
|
branches:
|
|
only: master
|
|
|
|
version: 2
|
|
|
|
jobs:
|
|
mysql-integration-test:
|
|
docker:
|
|
- image: circleci/golang:1.12.9
|
|
- image: circleci/mysql:5.6-ram
|
|
environment:
|
|
MYSQL_ROOT_PASSWORD: rootpass
|
|
MYSQL_DATABASE: grafana_tests
|
|
MYSQL_USER: grafana
|
|
MYSQL_PASSWORD: password
|
|
working_directory: /go/src/github.com/grafana/grafana
|
|
steps:
|
|
- checkout
|
|
- run: sudo apt update
|
|
- run: sudo apt install -y default-mysql-client
|
|
- run: dockerize -wait tcp://127.0.0.1:3306 -timeout 120s
|
|
- run: cat devenv/docker/blocks/mysql_tests/setup.sql | mysql -h 127.0.0.1 -P 3306 -u root -prootpass
|
|
- run:
|
|
name: mysql integration tests
|
|
command: './scripts/circle-test-mysql.sh'
|
|
|
|
postgres-integration-test:
|
|
docker:
|
|
- image: circleci/golang:1.12.9
|
|
- image: circleci/postgres:9.3-ram
|
|
environment:
|
|
POSTGRES_USER: grafanatest
|
|
POSTGRES_PASSWORD: grafanatest
|
|
POSTGRES_DB: grafanatest
|
|
working_directory: /go/src/github.com/grafana/grafana
|
|
steps:
|
|
- checkout
|
|
- run: sudo apt update
|
|
- run: sudo apt install -y postgresql-client
|
|
- run: dockerize -wait tcp://127.0.0.1:5432 -timeout 120s
|
|
- run: 'PGPASSWORD=grafanatest psql -p 5432 -h 127.0.0.1 -U grafanatest -d grafanatest -f devenv/docker/blocks/postgres_tests/setup.sql'
|
|
- run:
|
|
name: postgres integration tests
|
|
command: './scripts/circle-test-postgres.sh'
|
|
|
|
cache-server-test:
|
|
docker:
|
|
- image: circleci/golang:1.12.9
|
|
- image: circleci/redis:4-alpine
|
|
- image: memcached
|
|
working_directory: /go/src/github.com/grafana/grafana
|
|
steps:
|
|
- checkout
|
|
- run: dockerize -wait tcp://127.0.0.1:11211 -timeout 120s
|
|
- run: dockerize -wait tcp://127.0.0.1:6379 -timeout 120s
|
|
- run:
|
|
name: cache server tests
|
|
command: './scripts/circle-test-cache-servers.sh'
|
|
|
|
end-to-end-test:
|
|
docker:
|
|
- image: circleci/node:10-browsers
|
|
- image: grafana/grafana-dev:master-$CIRCLE_SHA1
|
|
steps:
|
|
- run: dockerize -wait tcp://127.0.0.1:3000 -timeout 120s
|
|
- checkout
|
|
- restore_cache:
|
|
key: dependency-cache-{{ checksum "yarn.lock" }}
|
|
- run:
|
|
name: yarn install
|
|
command: 'yarn install --pure-lockfile --no-progress'
|
|
no_output_timeout: 5m
|
|
- save_cache:
|
|
key: dependency-cache-{{ checksum "yarn.lock" }}
|
|
paths:
|
|
- node_modules
|
|
- run:
|
|
name: run end-to-end tests
|
|
command: 'env BASE_URL=http://127.0.0.1:3000 yarn e2e-tests'
|
|
no_output_timeout: 5m
|
|
- store_artifacts:
|
|
path: public/e2e-test/screenShots/theTruth
|
|
destination: expected-screenshots
|
|
- store_artifacts:
|
|
path: public/e2e-test/screenShots/theOutput
|
|
destination: output-screenshots
|
|
|
|
end-to-end-test-release:
|
|
docker:
|
|
- image: circleci/node:10-browsers
|
|
- image: grafana/grafana-dev:$CIRCLE_TAG
|
|
steps:
|
|
- run: dockerize -wait tcp://127.0.0.1:3000 -timeout 120s
|
|
- checkout
|
|
- restore_cache:
|
|
key: dependency-cache-{{ checksum "yarn.lock" }}
|
|
- run:
|
|
name: yarn install
|
|
command: 'yarn install --pure-lockfile --no-progress'
|
|
no_output_timeout: 5m
|
|
- save_cache:
|
|
key: dependency-cache-{{ checksum "yarn.lock" }}
|
|
paths:
|
|
- node_modules
|
|
- run:
|
|
name: run end-to-end tests
|
|
command: 'env BASE_URL=http://127.0.0.1:3000 yarn e2e-tests'
|
|
no_output_timeout: 5m
|
|
- store_artifacts:
|
|
path: public/e2e-test/screenShots/theTruth
|
|
destination: expected-screenshots
|
|
- store_artifacts:
|
|
path: public/e2e-test/screenShots/theOutput
|
|
destination: output-screenshots
|
|
|
|
codespell:
|
|
docker:
|
|
- image: circleci/python
|
|
steps:
|
|
- checkout
|
|
- run:
|
|
name: install codespell
|
|
command: 'sudo pip install codespell'
|
|
- run:
|
|
# Important: all words have to be in lowercase, and separated by "\n".
|
|
name: exclude known exceptions
|
|
command: 'echo -e "unknwon\nreferer\nerrorstring" > words_to_ignore.txt'
|
|
- run:
|
|
name: check documentation spelling errors
|
|
command: 'codespell -I ./words_to_ignore.txt docs/'
|
|
|
|
lint-go:
|
|
docker:
|
|
- image: circleci/golang:1.12.9
|
|
environment:
|
|
# we need CGO because of go-sqlite3
|
|
CGO_ENABLED: 1
|
|
working_directory: /go/src/github.com/grafana/grafana
|
|
steps:
|
|
- checkout
|
|
- run:
|
|
name: Lint Go
|
|
command: 'make lint-go'
|
|
|
|
shellcheck:
|
|
machine: true
|
|
working_directory: ~/go/src/github.com/grafana/grafana
|
|
steps:
|
|
- checkout
|
|
- run:
|
|
name: ShellCheck
|
|
command: 'make shellcheck'
|
|
|
|
test-frontend:
|
|
docker:
|
|
- image: circleci/node:10
|
|
steps:
|
|
- checkout
|
|
- restore_cache:
|
|
key: dependency-cache-{{ checksum "yarn.lock" }}
|
|
- run:
|
|
name: yarn install
|
|
command: 'yarn install --frozen-lockfile --no-progress'
|
|
no_output_timeout: 15m
|
|
- save_cache:
|
|
key: dependency-cache-{{ checksum "yarn.lock" }}
|
|
paths:
|
|
- node_modules
|
|
- run:
|
|
name: frontend tests
|
|
command: './scripts/circle-test-frontend.sh'
|
|
|
|
test-backend:
|
|
docker:
|
|
- image: circleci/golang:1.12.9
|
|
working_directory: /go/src/github.com/grafana/grafana
|
|
steps:
|
|
- checkout
|
|
- run:
|
|
name: build backend and run go tests
|
|
command: './scripts/circle-test-backend.sh'
|
|
|
|
build-all:
|
|
docker:
|
|
- image: grafana/build-container:1.2.8
|
|
working_directory: /go/src/github.com/grafana/grafana
|
|
steps:
|
|
- checkout
|
|
- run:
|
|
name: prepare build tools
|
|
command: '/tmp/bootstrap.sh'
|
|
- restore_cache:
|
|
key: phantomjs-binaries-{{ checksum "scripts/build/download-phantomjs.sh" }}
|
|
- run:
|
|
name: download phantomjs binaries
|
|
command: './scripts/build/download-phantomjs.sh'
|
|
- save_cache:
|
|
key: phantomjs-binaries-{{ checksum "scripts/build/download-phantomjs.sh" }}
|
|
paths:
|
|
- /tmp/phantomjs
|
|
- run:
|
|
name: build and package grafana
|
|
command: './scripts/build/build-all.sh'
|
|
- run:
|
|
name: Prepare GPG private key
|
|
command: './scripts/build/prepare_signing_key.sh'
|
|
- run:
|
|
name: sign packages
|
|
command: './scripts/build/sign_packages.sh dist/*.rpm'
|
|
- run:
|
|
name: verify signed packages
|
|
command: './scripts/build/verify_signed_packages.sh dist/*.rpm'
|
|
- run:
|
|
name: sha-sum packages
|
|
command: 'go run build.go sha-dist'
|
|
- run:
|
|
name: Test and build Grafana.com release publisher
|
|
command: 'cd scripts/build/release_publisher && go test . && go build -o release_publisher .'
|
|
- persist_to_workspace:
|
|
root: .
|
|
paths:
|
|
- dist/*
|
|
- scripts/*.sh
|
|
- scripts/build/release_publisher/release_publisher
|
|
- scripts/build/publish.sh
|
|
|
|
build:
|
|
docker:
|
|
- image: grafana/build-container:1.2.8
|
|
working_directory: /go/src/github.com/grafana/grafana
|
|
steps:
|
|
- checkout
|
|
- run:
|
|
name: prepare build tools
|
|
command: '/tmp/bootstrap.sh'
|
|
- run:
|
|
name: build and package grafana
|
|
command: './scripts/build/build.sh'
|
|
- run:
|
|
name: Prepare GPG private key
|
|
command: './scripts/build/prepare_signing_key.sh'
|
|
- run:
|
|
name: sign packages
|
|
command: './scripts/build/sign_packages.sh dist/*.rpm'
|
|
- run:
|
|
name: sha-sum packages
|
|
command: 'go run build.go sha-dist'
|
|
- run:
|
|
name: Test Grafana.com release publisher
|
|
command: 'cd scripts/build/release_publisher && go test .'
|
|
- persist_to_workspace:
|
|
root: .
|
|
paths:
|
|
- dist/*
|
|
|
|
build-fast-backend:
|
|
docker:
|
|
- image: grafana/build-container:1.2.8
|
|
working_directory: /go/src/github.com/grafana/grafana
|
|
steps:
|
|
- checkout
|
|
- run:
|
|
name: prepare build tools
|
|
command: '/tmp/bootstrap.sh'
|
|
- run:
|
|
name: build grafana backend
|
|
command: './scripts/build/build.sh --fast --backend-only'
|
|
- persist_to_workspace:
|
|
root: .
|
|
paths:
|
|
- bin/*
|
|
|
|
build-fast-frontend:
|
|
docker:
|
|
- image: grafana/build-container:1.2.8
|
|
working_directory: /go/src/github.com/grafana/grafana
|
|
steps:
|
|
- checkout
|
|
- run:
|
|
name: prepare build tools
|
|
command: '/tmp/bootstrap.sh'
|
|
- restore_cache:
|
|
key: frontend-dependency-cache-{{ checksum "yarn.lock" }}
|
|
- run:
|
|
name: build grafana frontend
|
|
command: './scripts/build/build.sh --fast --frontend-only'
|
|
- save_cache:
|
|
key: frontend-dependency-cache-{{ checksum "yarn.lock" }}
|
|
paths:
|
|
- node_modules
|
|
- persist_to_workspace:
|
|
root: .
|
|
paths:
|
|
- public/build/*
|
|
- tools/phantomjs/*
|
|
|
|
build-fast-package:
|
|
docker:
|
|
- image: grafana/build-container:1.2.8
|
|
working_directory: /go/src/github.com/grafana/grafana
|
|
steps:
|
|
- checkout
|
|
- attach_workspace:
|
|
at: .
|
|
- restore_cache:
|
|
key: frontend-dependency-cache-{{ checksum "yarn.lock" }}
|
|
- run:
|
|
name: prepare build tools
|
|
command: '/tmp/bootstrap.sh'
|
|
- run:
|
|
name: package grafana
|
|
command: './scripts/build/build.sh --fast --package-only'
|
|
- run:
|
|
name: sha-sum packages
|
|
command: 'go run build.go sha-dist'
|
|
- run:
|
|
name: Test Grafana.com release publisher
|
|
command: 'cd scripts/build/release_publisher && go test .'
|
|
- persist_to_workspace:
|
|
root: /go/src/github.com/grafana/grafana
|
|
paths:
|
|
- dist/*
|
|
|
|
build-fast-save:
|
|
docker:
|
|
- image: grafana/build-container:1.2.8
|
|
working_directory: /go/src/github.com/grafana/grafana
|
|
steps:
|
|
- checkout
|
|
- attach_workspace:
|
|
at: .
|
|
- restore_cache:
|
|
key: dependency-cache-{{ checksum "yarn.lock" }}
|
|
- run:
|
|
name: debug cache
|
|
command: 'ls -al /go/src/github.com/grafana/grafana/node_modules'
|
|
- run:
|
|
name: prepare build tools
|
|
command: '/tmp/bootstrap.sh'
|
|
- run:
|
|
name: build grafana backend
|
|
command: './scripts/build/build.sh --fast --backend-only'
|
|
- run:
|
|
name: build grafana frontend
|
|
command: './scripts/build/build.sh --fast --frontend-only'
|
|
- save_cache:
|
|
key: dependency-cache-{{ checksum "yarn.lock" }}
|
|
paths:
|
|
- /go/src/github.com/grafana/grafana/node_modules
|
|
- run:
|
|
name: package grafana
|
|
command: './scripts/build/build.sh --fast --package-only'
|
|
- run:
|
|
name: Prepare GPG private key
|
|
command: './scripts/build/prepare_signing_key.sh'
|
|
- run:
|
|
name: sign packages
|
|
command: './scripts/build/sign_packages.sh dist/*.rpm'
|
|
- run:
|
|
name: sha-sum packages
|
|
command: 'go run build.go sha-dist'
|
|
- run:
|
|
name: Test Grafana.com release publisher
|
|
command: 'cd scripts/build/release_publisher && go test .'
|
|
- persist_to_workspace:
|
|
root: .
|
|
paths:
|
|
- dist/*
|
|
|
|
grafana-docker-master:
|
|
machine:
|
|
image: circleci/classic:201808-01
|
|
steps:
|
|
- checkout
|
|
- attach_workspace:
|
|
at: .
|
|
- run: docker info
|
|
- run: docker run --privileged linuxkit/binfmt:v0.6
|
|
- run: cp dist/grafana-latest.linux-*.tar.gz packaging/docker
|
|
- run: cd packaging/docker && ./build-deploy.sh "master-${CIRCLE_SHA1}"
|
|
- run: rm packaging/docker/grafana-latest.linux-*.tar.gz
|
|
- run: cp enterprise-dist/grafana-enterprise-*.linux-amd64.tar.gz packaging/docker/grafana-latest.linux-x64.tar.gz
|
|
- run: cd packaging/docker && ./build-enterprise.sh "master"
|
|
|
|
|
|
grafana-docker-pr:
|
|
machine:
|
|
image: circleci/classic:201808-01
|
|
steps:
|
|
- checkout
|
|
- attach_workspace:
|
|
at: .
|
|
- run: docker info
|
|
- run: docker run --privileged linuxkit/binfmt:v0.6
|
|
- run: cp dist/grafana-latest.linux-*.tar.gz packaging/docker
|
|
- run: cd packaging/docker && ./build.sh --fast "${CIRCLE_SHA1}"
|
|
|
|
grafana-docker-release:
|
|
machine:
|
|
image: circleci/classic:201808-01
|
|
steps:
|
|
- checkout
|
|
- attach_workspace:
|
|
at: .
|
|
- run: docker info
|
|
- run: docker run --privileged linuxkit/binfmt:v0.6
|
|
- run: cp dist/grafana-latest.linux-*.tar.gz packaging/docker
|
|
- run: cd packaging/docker && ./build-deploy.sh "${CIRCLE_TAG}"
|
|
- run: rm packaging/docker/grafana-latest.linux-*.tar.gz
|
|
- run: cp enterprise-dist/grafana-enterprise-*.linux-amd64.tar.gz packaging/docker/grafana-latest.linux-x64.tar.gz
|
|
- run: cd packaging/docker && ./build-enterprise.sh "${CIRCLE_TAG}"
|
|
|
|
build-enterprise:
|
|
docker:
|
|
- image: grafana/build-container:1.2.8
|
|
working_directory: /go/src/github.com/grafana/grafana
|
|
steps:
|
|
- checkout
|
|
- run:
|
|
name: prepare build tools
|
|
command: '/tmp/bootstrap.sh'
|
|
- run:
|
|
name: checkout enterprise
|
|
command: './scripts/build/prepare-enterprise.sh'
|
|
- run:
|
|
name: test enterprise
|
|
command: 'go test ./pkg/extensions/...'
|
|
- run:
|
|
name: build and package enterprise
|
|
command: './scripts/build/build.sh -enterprise'
|
|
- run:
|
|
name: Prepare GPG private key
|
|
command: './scripts/build/prepare_signing_key.sh'
|
|
- run:
|
|
name: sign packages
|
|
command: './scripts/build/sign_packages.sh dist/*.rpm'
|
|
- run:
|
|
name: sha-sum packages
|
|
command: 'go run build.go sha-dist'
|
|
- run:
|
|
name: move enterprise packages into their own folder
|
|
command: 'mv dist enterprise-dist'
|
|
- persist_to_workspace:
|
|
root: .
|
|
paths:
|
|
- enterprise-dist/*
|
|
|
|
build-all-enterprise:
|
|
docker:
|
|
- image: grafana/build-container:1.2.8
|
|
working_directory: /go/src/github.com/grafana/grafana
|
|
steps:
|
|
- checkout
|
|
- run:
|
|
name: prepare build tools
|
|
command: '/tmp/bootstrap.sh'
|
|
- run:
|
|
name: checkout enterprise
|
|
command: './scripts/build/prepare-enterprise.sh'
|
|
- restore_cache:
|
|
key: phantomjs-binaries-{{ checksum "scripts/build/download-phantomjs.sh" }}
|
|
- run:
|
|
name: download phantomjs binaries
|
|
command: './scripts/build/download-phantomjs.sh'
|
|
- save_cache:
|
|
key: phantomjs-binaries-{{ checksum "scripts/build/download-phantomjs.sh" }}
|
|
paths:
|
|
- /tmp/phantomjs
|
|
- run:
|
|
name: test enterprise
|
|
command: 'go test ./pkg/extensions/...'
|
|
- run:
|
|
name: build and package grafana
|
|
command: './scripts/build/build-all.sh -enterprise'
|
|
- run:
|
|
name: Prepare GPG private key
|
|
command: './scripts/build/prepare_signing_key.sh'
|
|
- run:
|
|
name: sign packages
|
|
command: './scripts/build/sign_packages.sh dist/*.rpm'
|
|
- run:
|
|
name: verify signed packages
|
|
command: './scripts/build/verify_signed_packages.sh dist/*.rpm'
|
|
- run:
|
|
name: sha-sum packages
|
|
command: 'go run build.go sha-dist'
|
|
- run:
|
|
name: move enterprise packages into their own folder
|
|
command: 'mv dist enterprise-dist'
|
|
- persist_to_workspace:
|
|
root: .
|
|
paths:
|
|
- enterprise-dist/*
|
|
|
|
deploy-enterprise-master:
|
|
docker:
|
|
- image: grafana/grafana-ci-deploy:1.2.2
|
|
steps:
|
|
- attach_workspace:
|
|
at: .
|
|
- run:
|
|
name: gcp credentials
|
|
command: 'echo ${GCP_GRAFANA_UPLOAD_KEY} > /tmp/gcpkey.json'
|
|
- run:
|
|
name: sign in to gcp
|
|
command: '/opt/google-cloud-sdk/bin/gcloud auth activate-service-account --key-file=/tmp/gcpkey.json'
|
|
- run:
|
|
name: deploy to gcp
|
|
command: '/opt/google-cloud-sdk/bin/gsutil cp ./enterprise-dist/* gs://$GCP_BUCKET_NAME/enterprise/master'
|
|
- run:
|
|
name: Deploy to grafana.com
|
|
command: |
|
|
cd enterprise-dist
|
|
../scripts/build/release_publisher/release_publisher -apikey ${GRAFANA_COM_API_KEY} -enterprise -version "v$(cat grafana.version)" --nightly
|
|
|
|
|
|
deploy-enterprise-release:
|
|
docker:
|
|
- image: grafana/grafana-ci-deploy:1.2.2
|
|
steps:
|
|
- checkout
|
|
- attach_workspace:
|
|
at: .
|
|
- run:
|
|
name: gcp credentials
|
|
command: 'echo ${GCP_GRAFANA_UPLOAD_KEY} > /tmp/gcpkey.json'
|
|
- run:
|
|
name: sign in to gcp
|
|
command: '/opt/google-cloud-sdk/bin/gcloud auth activate-service-account --key-file=/tmp/gcpkey.json'
|
|
- run:
|
|
name: deploy to gcp
|
|
command: '/opt/google-cloud-sdk/bin/gsutil cp ./enterprise-dist/* gs://$GCP_BUCKET_NAME/enterprise/release'
|
|
- run:
|
|
name: Deploy to Grafana.com
|
|
command: './scripts/build/publish.sh --enterprise'
|
|
- run:
|
|
name: Prepare GPG private key
|
|
command: './scripts/build/prepare_signing_key.sh'
|
|
- run:
|
|
name: Load GPG private key
|
|
command: './scripts/build/update_repo/load-signing-key.sh'
|
|
- run:
|
|
name: Update Debian repository
|
|
command: './scripts/build/update_repo/update-deb.sh "enterprise" "$GPG_KEY_PASSWORD" "$CIRCLE_TAG" "enterprise-dist"'
|
|
- run:
|
|
name: Publish Debian repository
|
|
command: './scripts/build/update_repo/publish-deb.sh "enterprise"'
|
|
- run:
|
|
name: Update RPM repository
|
|
command: './scripts/build/update_repo/update-rpm.sh "enterprise" "$GPG_KEY_PASSWORD" "$CIRCLE_TAG" "enterprise-dist"'
|
|
- run:
|
|
name: Publish RPM repository
|
|
command: './scripts/build/update_repo/publish-rpm.sh "enterprise" "$CIRCLE_TAG"'
|
|
|
|
|
|
deploy-master:
|
|
docker:
|
|
- image: grafana/grafana-ci-deploy:1.2.2
|
|
steps:
|
|
- attach_workspace:
|
|
at: .
|
|
- run:
|
|
name: Trigger Windows build
|
|
command: './scripts/trigger_windows_build.sh ${APPVEYOR_TOKEN} ${CIRCLE_SHA1} master'
|
|
- run:
|
|
name: gcp credentials
|
|
command: 'echo ${GCP_GRAFANA_UPLOAD_KEY} > /tmp/gcpkey.json'
|
|
- run:
|
|
name: sign in to gcp
|
|
command: '/opt/google-cloud-sdk/bin/gcloud auth activate-service-account --key-file=/tmp/gcpkey.json'
|
|
- run:
|
|
name: deploy to gcp
|
|
command: '/opt/google-cloud-sdk/bin/gsutil cp ./dist/* gs://$GCP_BUCKET_NAME/oss/master'
|
|
- run:
|
|
name: Publish to Grafana.com
|
|
command: |
|
|
rm dist/*latest* || true
|
|
cd dist && ../scripts/build/release_publisher/release_publisher -apikey ${GRAFANA_COM_API_KEY} -version "v$(cat grafana.version)" --nightly
|
|
|
|
deploy-release:
|
|
docker:
|
|
- image: grafana/grafana-ci-deploy:1.2.2
|
|
steps:
|
|
- checkout
|
|
- attach_workspace:
|
|
at: .
|
|
- run:
|
|
name: gcp credentials
|
|
command: 'echo ${GCP_GRAFANA_UPLOAD_KEY} > /tmp/gcpkey.json'
|
|
- run:
|
|
name: sign in to gcp
|
|
command: '/opt/google-cloud-sdk/bin/gcloud auth activate-service-account --key-file=/tmp/gcpkey.json'
|
|
- run:
|
|
name: deploy to gcp
|
|
command: '/opt/google-cloud-sdk/bin/gsutil cp ./dist/* gs://$GCP_BUCKET_NAME/oss/release'
|
|
- run:
|
|
name: Deploy to Grafana.com
|
|
command: './scripts/build/publish.sh'
|
|
- run:
|
|
name: Prepare GPG private key
|
|
command: './scripts/build/prepare_signing_key.sh'
|
|
- run:
|
|
name: Load GPG private key
|
|
command: './scripts/build/update_repo/load-signing-key.sh'
|
|
- run:
|
|
name: Update Debian repository
|
|
command: './scripts/build/update_repo/update-deb.sh "oss" "$GPG_KEY_PASSWORD" "$CIRCLE_TAG" "dist"'
|
|
- run:
|
|
name: Publish Debian repository
|
|
command: './scripts/build/update_repo/publish-deb.sh "oss"'
|
|
- run:
|
|
name: Update RPM repository
|
|
command: './scripts/build/update_repo/update-rpm.sh "oss" "$GPG_KEY_PASSWORD" "$CIRCLE_TAG" "dist"'
|
|
- run:
|
|
name: Publish RPM repository
|
|
command: './scripts/build/update_repo/publish-rpm.sh "oss" "$CIRCLE_TAG"'
|
|
|
|
build-oss-msi:
|
|
docker:
|
|
- image: grafana/wix-toolset-ci:v3
|
|
steps:
|
|
- checkout
|
|
- attach_workspace:
|
|
at: .
|
|
- run:
|
|
name: Build OSS MSI
|
|
command: './scripts/build/ci-msi-build/ci-msi-build-oss.sh'
|
|
- persist_to_workspace:
|
|
root: .
|
|
paths:
|
|
- dist/grafana-*.msi
|
|
- dist/grafana-*.msi.sha256
|
|
|
|
store-build-artifacts:
|
|
docker:
|
|
- image: circleci/node:10
|
|
steps:
|
|
- attach_workspace:
|
|
at: .
|
|
- store_artifacts:
|
|
path: ./dist
|
|
|
|
trigger-docs-update:
|
|
docker:
|
|
- image: circleci/python:3.6.8
|
|
steps:
|
|
- checkout
|
|
- run:
|
|
name: Trigger Docs update
|
|
command: |
|
|
if git diff --name-only HEAD^ | grep -q "^docs"; then
|
|
echo "Build URL:"
|
|
curl -s -u "$DOCS_CIRCLE_TOKEN:" \
|
|
-d build_parameters[CIRCLE_JOB]=pull-submodule-changes \
|
|
https://circleci.com/api/v1.1/project/github/grafana/docs.grafana.com/tree/master \
|
|
| jq .build_url
|
|
else
|
|
echo "-- no changes to docs files --"
|
|
fi
|
|
|
|
build-grafana-packages:
|
|
docker:
|
|
- image: circleci/node:10
|
|
steps:
|
|
- checkout
|
|
- run:
|
|
name: Boostrap lerna
|
|
command: 'npx lerna bootstrap'
|
|
- run:
|
|
name: Build packages
|
|
command: yarn packages:build
|
|
|
|
|
|
release-next-packages:
|
|
docker:
|
|
- image: circleci/node:10
|
|
steps:
|
|
- checkout
|
|
- run:
|
|
name: Boostrap lerna
|
|
command: 'npx lerna bootstrap'
|
|
- run:
|
|
name: npm - Prepare auth token
|
|
command: 'echo //registry.npmjs.org/:_authToken=$NPM_TOKEN >> ~/.npmrc'
|
|
- run:
|
|
name: Release next packages
|
|
command: './scripts/circle-release-next-packages.sh'
|
|
|
|
release-packages:
|
|
docker:
|
|
- image: circleci/node:10
|
|
steps:
|
|
- checkout
|
|
- run:
|
|
name: Boostrap lerna
|
|
command: 'npx lerna bootstrap'
|
|
- run:
|
|
name: npm - Prepare auth token
|
|
command: 'echo //registry.npmjs.org/:_authToken=$NPM_TOKEN >> ~/.npmrc'
|
|
- run:
|
|
name: Release packages
|
|
command: ./scripts/build/release-packages.sh "${CIRCLE_TAG}"
|
|
|
|
scan-docker-master:
|
|
docker:
|
|
- image: circleci/buildpack-deps:stretch
|
|
steps:
|
|
- setup_remote_docker
|
|
- restore_cache:
|
|
key: vulnerability-db
|
|
- run:
|
|
name: Install trivy
|
|
command: |
|
|
VERSION=$(
|
|
curl --silent "https://api.github.com/repos/aquasecurity/trivy/releases/latest" | \
|
|
grep '"tag_name":' | \
|
|
sed -E 's/.*"v([^"]+)".*/\1/'
|
|
)
|
|
|
|
wget https://github.com/aquasecurity/trivy/releases/download/v${VERSION}/trivy_${VERSION}_Linux-64bit.tar.gz
|
|
tar zxvf trivy_${VERSION}_Linux-64bit.tar.gz
|
|
sudo mv trivy /usr/local/bin
|
|
- run:
|
|
name: Scan the latest grafana master image with trivy
|
|
command: trivy --exit-code 1 --quiet --auto-refresh --clear-cache grafana/grafana:master
|
|
- save_cache:
|
|
key: vulnerability-db
|
|
paths:
|
|
- $HOME/.cache/trivy
|
|
|
|
workflows:
|
|
version: 2
|
|
build-master:
|
|
jobs:
|
|
- build-all:
|
|
filters: *filter-only-master
|
|
- build-all-enterprise:
|
|
filters: *filter-only-master
|
|
- codespell:
|
|
filters: *filter-only-master
|
|
- lint-go:
|
|
filters: *filter-only-master
|
|
- shellcheck:
|
|
filters: *filter-only-master
|
|
- test-frontend:
|
|
filters: *filter-only-master
|
|
- test-backend:
|
|
filters: *filter-only-master
|
|
- mysql-integration-test:
|
|
filters: *filter-only-master
|
|
- postgres-integration-test:
|
|
filters: *filter-only-master
|
|
- deploy-master:
|
|
requires:
|
|
- build-all
|
|
- test-backend
|
|
- test-frontend
|
|
- codespell
|
|
- lint-go
|
|
- shellcheck
|
|
- mysql-integration-test
|
|
- postgres-integration-test
|
|
- build-oss-msi
|
|
filters: *filter-only-master
|
|
- grafana-docker-master:
|
|
requires:
|
|
- build-all
|
|
- build-all-enterprise
|
|
- test-backend
|
|
- test-frontend
|
|
- codespell
|
|
- lint-go
|
|
- shellcheck
|
|
- mysql-integration-test
|
|
- postgres-integration-test
|
|
filters: *filter-only-master
|
|
- deploy-enterprise-master:
|
|
requires:
|
|
- build-all
|
|
- test-backend
|
|
- test-frontend
|
|
- codespell
|
|
- lint-go
|
|
- shellcheck
|
|
- mysql-integration-test
|
|
- postgres-integration-test
|
|
- build-all-enterprise
|
|
filters: *filter-only-master
|
|
- build-oss-msi:
|
|
requires:
|
|
- build-all
|
|
- test-backend
|
|
- test-frontend
|
|
- codespell
|
|
- lint-go
|
|
- shellcheck
|
|
- mysql-integration-test
|
|
- postgres-integration-test
|
|
filters: *filter-only-master
|
|
- end-to-end-test:
|
|
requires:
|
|
- grafana-docker-master
|
|
filters: *filter-only-master
|
|
- trigger-docs-update:
|
|
requires:
|
|
- end-to-end-test
|
|
filters: *filter-only-master
|
|
- release-next-packages:
|
|
requires:
|
|
- build-all
|
|
- test-frontend
|
|
filters: *filter-only-master
|
|
|
|
release:
|
|
jobs:
|
|
- build-all:
|
|
filters: *filter-only-release
|
|
- build-all-enterprise:
|
|
filters: *filter-only-release
|
|
- codespell:
|
|
filters: *filter-only-release
|
|
- lint-go:
|
|
filters: *filter-only-release
|
|
- shellcheck:
|
|
filters: *filter-only-release
|
|
- test-frontend:
|
|
filters: *filter-only-release
|
|
- test-backend:
|
|
filters: *filter-only-release
|
|
- mysql-integration-test:
|
|
filters: *filter-only-release
|
|
- postgres-integration-test:
|
|
filters: *filter-only-release
|
|
- deploy-release:
|
|
requires:
|
|
- build-all
|
|
- test-backend
|
|
- test-frontend
|
|
- codespell
|
|
- lint-go
|
|
- shellcheck
|
|
- mysql-integration-test
|
|
- postgres-integration-test
|
|
- build-oss-msi
|
|
filters: *filter-only-release
|
|
- deploy-enterprise-release:
|
|
requires:
|
|
- build-all
|
|
- build-all-enterprise
|
|
- test-backend
|
|
- test-frontend
|
|
- codespell
|
|
- lint-go
|
|
- shellcheck
|
|
- mysql-integration-test
|
|
- postgres-integration-test
|
|
filters: *filter-only-release
|
|
- grafana-docker-release:
|
|
requires:
|
|
- build-all
|
|
- build-all-enterprise
|
|
- test-backend
|
|
- test-frontend
|
|
- codespell
|
|
- lint-go
|
|
- shellcheck
|
|
- mysql-integration-test
|
|
- postgres-integration-test
|
|
filters: *filter-only-release
|
|
- release-packages:
|
|
requires:
|
|
- build-all
|
|
- test-backend
|
|
- test-frontend
|
|
- codespell
|
|
- lint-go
|
|
- shellcheck
|
|
- mysql-integration-test
|
|
- postgres-integration-test
|
|
- build-oss-msi
|
|
filters: *filter-only-release
|
|
- build-oss-msi:
|
|
requires:
|
|
- build-all
|
|
- test-backend
|
|
- test-frontend
|
|
- codespell
|
|
- lint-go
|
|
- shellcheck
|
|
- mysql-integration-test
|
|
- postgres-integration-test
|
|
filters: *filter-only-release
|
|
- end-to-end-test-release:
|
|
requires:
|
|
- grafana-docker-release
|
|
filters: *filter-only-release
|
|
|
|
build-branches-and-prs:
|
|
jobs:
|
|
- build-fast-backend:
|
|
filters: *filter-not-release-or-master
|
|
- build-fast-frontend:
|
|
filters: *filter-not-release-or-master
|
|
- build-grafana-packages:
|
|
filters: *filter-not-release-or-master
|
|
- build-fast-package:
|
|
filters: *filter-not-release-or-master
|
|
requires:
|
|
- build-fast-backend
|
|
- build-fast-frontend
|
|
- codespell:
|
|
filters: *filter-not-release-or-master
|
|
- lint-go:
|
|
filters: *filter-not-release-or-master
|
|
- lint-go:
|
|
filters: *filter-not-release-or-master
|
|
- shellcheck:
|
|
filters: *filter-not-release-or-master
|
|
- test-frontend:
|
|
filters: *filter-not-release-or-master
|
|
- test-backend:
|
|
filters: *filter-not-release-or-master
|
|
- mysql-integration-test:
|
|
filters: *filter-not-release-or-master
|
|
- postgres-integration-test:
|
|
filters: *filter-not-release-or-master
|
|
- cache-server-test:
|
|
filters: *filter-not-release-or-master
|
|
- grafana-docker-pr:
|
|
requires:
|
|
- build-fast-package
|
|
- test-backend
|
|
- test-frontend
|
|
- codespell
|
|
- lint-go
|
|
- shellcheck
|
|
- mysql-integration-test
|
|
- postgres-integration-test
|
|
- cache-server-test
|
|
filters: *filter-not-release-or-master
|
|
- store-build-artifacts:
|
|
requires:
|
|
- build-fast-package
|
|
- test-backend
|
|
- test-frontend
|
|
- codespell
|
|
- lint-go
|
|
- shellcheck
|
|
- mysql-integration-test
|
|
- postgres-integration-test
|
|
- cache-server-test
|
|
filters: *filter-not-release-or-master
|
|
nightly:
|
|
triggers:
|
|
- schedule:
|
|
cron: "0 0 * * *"
|
|
filters: *filter-only-master
|
|
jobs:
|
|
- scan-docker-master
|