diff --git a/.drone/drone.jsonnet b/.drone/drone.jsonnet index 9351f2f693c06..9d0589fe22a8e 100644 --- a/.drone/drone.jsonnet +++ b/.drone/drone.jsonnet @@ -177,16 +177,6 @@ local promtail_win() = pipeline('promtail-windows') { local querytee() = pipeline('querytee-amd64') + arch_image('amd64', 'main') { steps+: [ - // dry run for everything that is not tag or main - docker('amd64', 'querytee') { - depends_on: ['image-tag'], - when: onPRs, - settings+: { - dry_run: true, - repo: 'grafana/loki-query-tee', - }, - }, - ] + [ // publish for tag or main docker('amd64', 'querytee') { depends_on: ['image-tag'], @@ -196,21 +186,10 @@ local querytee() = pipeline('querytee-amd64') + arch_image('amd64', 'main') { }, }, ], - depends_on: ['check'], }; local fluentbit(arch) = pipeline('fluent-bit-' + arch) + arch_image(arch) { steps+: [ - // dry run for everything that is not tag or main - clients_docker(arch, 'fluent-bit') { - depends_on: ['image-tag'], - when: onPRs, - settings+: { - dry_run: true, - repo: 'grafana/fluent-bit-plugin-loki', - }, - }, - ] + [ // publish for tag or main clients_docker(arch, 'fluent-bit') { depends_on: ['image-tag'], @@ -220,21 +199,10 @@ local fluentbit(arch) = pipeline('fluent-bit-' + arch) + arch_image(arch) { }, }, ], - depends_on: ['check'], }; local fluentd() = pipeline('fluentd-amd64') + arch_image('amd64', 'main') { steps+: [ - // dry run for everything that is not tag or main - clients_docker('amd64', 'fluentd') { - depends_on: ['image-tag'], - when: onPRs, - settings+: { - dry_run: true, - repo: 'grafana/fluent-plugin-loki', - }, - }, - ] + [ // publish for tag or main clients_docker('amd64', 'fluentd') { depends_on: ['image-tag'], @@ -244,21 +212,10 @@ local fluentd() = pipeline('fluentd-amd64') + arch_image('amd64', 'main') { }, }, ], - depends_on: ['check'], }; local logstash() = pipeline('logstash-amd64') + arch_image('amd64', 'main') { steps+: [ - // dry run for everything that is not tag or main - clients_docker('amd64', 'logstash') { - depends_on: ['image-tag'], - when: onPRs, - settings+: { - dry_run: true, - repo: 'grafana/logstash-output-loki', - }, - }, - ] + [ // publish for tag or main clients_docker('amd64', 'logstash') { depends_on: ['image-tag'], @@ -268,20 +225,10 @@ local logstash() = pipeline('logstash-amd64') + arch_image('amd64', 'main') { }, }, ], - depends_on: ['check'], }; local promtail(arch) = pipeline('promtail-' + arch) + arch_image(arch) { steps+: [ - // dry run for everything that is not tag or main - clients_docker(arch, 'promtail') { - depends_on: ['image-tag'], - when: onPRs, - settings+: { - dry_run: true, - }, - }, - ] + [ // publish for tag or main clients_docker(arch, 'promtail') { depends_on: ['image-tag'], @@ -289,7 +236,6 @@ local promtail(arch) = pipeline('promtail-' + arch) + arch_image(arch) { settings+: {}, }, ], - depends_on: ['check'], }; local lambda_promtail(arch) = pipeline('lambda-promtail-' + arch) + arch_image(arch) { @@ -297,15 +243,6 @@ local lambda_promtail(arch) = pipeline('lambda-promtail-' + arch) + arch_image(a steps+: [ skipStep, - // dry run for everything that is not tag or main - lambda_promtail_ecr('lambda-promtail') { - depends_on: ['image-tag', skipStep.name], - when: onPRs, - settings+: { - dry_run: true, - }, - }, - ] + [ // publish for tag or main lambda_promtail_ecr('lambda-promtail') { depends_on: ['image-tag'], @@ -313,20 +250,10 @@ local lambda_promtail(arch) = pipeline('lambda-promtail-' + arch) + arch_image(a settings+: {}, }, ], - depends_on: ['check'], }; local lokioperator(arch) = pipeline('lokioperator-' + arch) + arch_image(arch) { steps+: [ - // dry run for everything that is not tag or main - docker_operator(arch, 'loki-operator') { - depends_on: ['image-tag'], - when: onPRs, - settings+: { - dry_run: true, - }, - }, - ] + [ // publish for tag or main docker_operator(arch, 'loki-operator') { depends_on: ['image-tag'], @@ -336,21 +263,10 @@ local lokioperator(arch) = pipeline('lokioperator-' + arch) + arch_image(arch) { settings+: {}, }, ], - depends_on: ['check'], }; local logql_analyzer() = pipeline('logql-analyzer') + arch_image('amd64') { steps+: [ - // dry run for everything that is not tag or main - docker('amd64', 'logql-analyzer') { - depends_on: ['image-tag'], - when: onPRs, - settings+: { - dry_run: true, - repo: 'grafana/logql-analyzer', - }, - }, - ] + [ // publish for tag or main docker('amd64', 'logql-analyzer') { depends_on: ['image-tag'], @@ -360,21 +276,10 @@ local logql_analyzer() = pipeline('logql-analyzer') + arch_image('amd64') { }, }, ], - depends_on: ['check'], }; local multiarch_image(arch) = pipeline('docker-' + arch) + arch_image(arch) { steps+: [ - // dry run for everything that is not tag or main - docker(arch, app) { - depends_on: ['image-tag'], - when: onPRs, - settings+: { - dry_run: true, - }, - } - for app in apps - ] + [ // publish for tag or main docker(arch, app) { depends_on: ['image-tag'], @@ -383,7 +288,6 @@ local multiarch_image(arch) = pipeline('docker-' + arch) + arch_image(arch) { } for app in apps ], - depends_on: ['check'], }; local manifest(apps) = pipeline('manifest') { @@ -508,21 +412,6 @@ local build_image_tag = '0.33.0'; arch: arch, }, steps: [ - { - name: 'test', - image: 'plugins/docker', - when: onPRs + onPath('loki-build-image/**'), - environment: { - DOCKER_BUILDKIT: 1, - }, - settings: { - repo: 'grafana/loki-build-image', - context: 'loki-build-image', - dockerfile: 'loki-build-image/Dockerfile', - tags: [build_image_tag + '-' + arch], - dry_run: true, - }, - }, { name: 'push', image: 'plugins/docker', @@ -571,16 +460,6 @@ local build_image_tag = '0.33.0'; path: 'loki', }, steps: [ - { - name: 'test-image', - image: 'plugins/docker', - when: onPRs + onPath('production/helm/loki/src/helm-test/**'), - settings: { - repo: 'grafana/loki-helm-test', - dockerfile: 'production/helm/loki/src/helm-test/Dockerfile', - dry_run: true, - }, - }, { name: 'push-image', image: 'plugins/docker', @@ -595,47 +474,6 @@ local build_image_tag = '0.33.0'; }, ], }, - pipeline('check') { - workspace: { - base: '/src', - path: 'loki', - }, - steps: [ - make('check-drone-drift', container=false) { depends_on: ['clone'] }, - make('check-generated-files', container=false) { depends_on: ['clone'] }, - run('clone-target-branch', commands=[ - 'cd ..', - 'echo "cloning "$DRONE_TARGET_BRANCH ', - 'git clone -b $DRONE_TARGET_BRANCH $CI_REPO_REMOTE loki-target-branch', - 'cd -', - ]) { depends_on: ['clone'], when: onPRs }, - make('test', container=false) { depends_on: ['clone-target-branch', 'check-generated-files'] }, - make('lint', container=false) { depends_on: ['check-generated-files'] }, - make('check-mod', container=false) { depends_on: ['test', 'lint'] }, - { - name: 'shellcheck', - image: 'koalaman/shellcheck-alpine:stable', - commands: ['apk add make bash && make lint-scripts'], - }, - make('loki', container=false) { depends_on: ['check-generated-files'] }, - make('check-doc', container=false) { depends_on: ['loki'] }, - make('check-format', container=false, args=[ - 'GIT_TARGET_BRANCH="$DRONE_TARGET_BRANCH"', - ]) { depends_on: ['loki'], when: onPRs }, - make('validate-example-configs', container=false) { depends_on: ['loki'] }, - make('validate-dev-cluster-config', container=false) { depends_on: ['validate-example-configs'] }, - make('check-example-config-doc', container=false) { depends_on: ['clone'] }, - { - name: 'build-docs-website', - image: 'grafana/docs-base:e6ef023f8b8', - commands: [ - 'mkdir -p /hugo/content/docs/loki/latest', - 'cp -r docs/sources/* /hugo/content/docs/loki/latest/', - 'cd /hugo && make prod', - ], - }, - ], - }, pipeline('mixins') { workspace: { base: '/src', @@ -771,7 +609,7 @@ local build_image_tag = '0.33.0'; depends_on: ['manifest'], image_pull_secrets: [pull_secret.name], trigger: { - // wee need to run it only on Loki tags that starts with `v`. + // we need to run it only on Loki tags that starts with `v`. ref: ['refs/tags/v*'], }, steps: [ @@ -818,109 +656,6 @@ local build_image_tag = '0.33.0'; }, promtail_win(), logql_analyzer(), - pipeline('release') { - trigger+: { - event: ['pull_request', 'tag'], - }, - depends_on+: ['check'], - image_pull_secrets: [pull_secret.name], - volumes+: [ - { - name: 'cgroup', - host: { - path: '/sys/fs/cgroup', - }, - }, - { - name: 'docker', - host: { - path: '/var/run/docker.sock', - }, - }, - ], - // Launch docker images with systemd - services: [ - { - name: 'systemd-debian', - image: 'jrei/systemd-debian:12', - volumes: [ - { - name: 'cgroup', - path: '/sys/fs/cgroup', - }, - ], - privileged: true, - }, - { - name: 'systemd-centos', - image: 'jrei/systemd-centos:8', - volumes: [ - { - name: 'cgroup', - path: '/sys/fs/cgroup', - }, - ], - privileged: true, - }, - ], - // Package and test the packages - steps: [ - skipMissingSecretPipelineStep(gpg_private_key.name), // Needs GPG keys to run - { - name: 'fetch-tags', - image: 'alpine', - commands: [ - 'apk add --no-cache bash git', - 'git fetch origin --tags', - ], - }, - run('write-key', - commands=['printf "%s" "$NFPM_SIGNING_KEY" > $NFPM_SIGNING_KEY_FILE'], - env={ - NFPM_SIGNING_KEY: { from_secret: gpg_private_key.name }, - NFPM_SIGNING_KEY_FILE: '/drone/src/private-key.key', - }), - run('test packaging', - commands=[ - 'make BUILD_IN_CONTAINER=false packages', - ], - env={ - NFPM_PASSPHRASE: { from_secret: gpg_passphrase.name }, - NFPM_SIGNING_KEY_FILE: '/drone/src/private-key.key', - }), - { - name: 'test deb package', - image: 'docker', - commands: ['./tools/packaging/verify-deb-install.sh'], - volumes: [ - { - name: 'docker', - path: '/var/run/docker.sock', - }, - ], - privileged: true, - }, - { - name: 'test rpm package', - image: 'docker', - commands: ['./tools/packaging/verify-rpm-install.sh'], - volumes: [ - { - name: 'docker', - path: '/var/run/docker.sock', - }, - ], - privileged: true, - }, - run('publish', - commands=['make BUILD_IN_CONTAINER=false publish'], - env={ - GITHUB_TOKEN: { from_secret: github_secret.name }, - NFPM_PASSPHRASE: { from_secret: gpg_passphrase.name }, - NFPM_SIGNING_KEY_FILE: '/drone/src/private-key.key', - }) { when: { event: ['tag'] } }, - ], - }, pipeline('docker-driver') { trigger+: onTagOrMain, steps: [ diff --git a/.drone/drone.yml b/.drone/drone.yml index c33a66998e71c..ccac7a2c6ce51 100644 --- a/.drone/drone.yml +++ b/.drone/drone.yml @@ -5,22 +5,6 @@ platform: arch: amd64 os: linux steps: -- environment: - DOCKER_BUILDKIT: 1 - image: plugins/docker - name: test - settings: - context: loki-build-image - dockerfile: loki-build-image/Dockerfile - dry_run: true - repo: grafana/loki-build-image - tags: - - 0.33.0-amd64 - when: - event: - - pull_request - paths: - - loki-build-image/** - environment: DOCKER_BUILDKIT: 1 image: plugins/docker @@ -58,22 +42,6 @@ platform: arch: arm64 os: linux steps: -- environment: - DOCKER_BUILDKIT: 1 - image: plugins/docker - name: test - settings: - context: loki-build-image - dockerfile: loki-build-image/Dockerfile - dry_run: true - repo: grafana/loki-build-image - tags: - - 0.33.0-arm64 - when: - event: - - pull_request - paths: - - loki-build-image/** - environment: DOCKER_BUILDKIT: 1 image: plugins/docker @@ -137,17 +105,6 @@ trigger: kind: pipeline name: helm-test-image steps: -- image: plugins/docker - name: test-image - settings: - dockerfile: production/helm/loki/src/helm-test/Dockerfile - dry_run: true - repo: grafana/loki-helm-test - when: - event: - - pull_request - paths: - - production/helm/loki/src/helm-test/** - image: plugins/docker name: push-image settings: @@ -175,124 +132,6 @@ workspace: path: loki --- kind: pipeline -name: check -steps: -- commands: - - make BUILD_IN_CONTAINER=false check-drone-drift - depends_on: - - clone - environment: {} - image: grafana/loki-build-image:0.33.0 - name: check-drone-drift -- commands: - - make BUILD_IN_CONTAINER=false check-generated-files - depends_on: - - clone - environment: {} - image: grafana/loki-build-image:0.33.0 - name: check-generated-files -- commands: - - cd .. - - 'echo "cloning "$DRONE_TARGET_BRANCH ' - - git clone -b $DRONE_TARGET_BRANCH $CI_REPO_REMOTE loki-target-branch - - cd - - depends_on: - - clone - environment: {} - image: grafana/loki-build-image:0.33.0 - name: clone-target-branch - when: - event: - - pull_request -- commands: - - make BUILD_IN_CONTAINER=false test - depends_on: - - clone-target-branch - - check-generated-files - environment: {} - image: grafana/loki-build-image:0.33.0 - name: test -- commands: - - make BUILD_IN_CONTAINER=false lint - depends_on: - - check-generated-files - environment: {} - image: grafana/loki-build-image:0.33.0 - name: lint -- commands: - - make BUILD_IN_CONTAINER=false check-mod - depends_on: - - test - - lint - environment: {} - image: grafana/loki-build-image:0.33.0 - name: check-mod -- commands: - - apk add make bash && make lint-scripts - image: koalaman/shellcheck-alpine:stable - name: shellcheck -- commands: - - make BUILD_IN_CONTAINER=false loki - depends_on: - - check-generated-files - environment: {} - image: grafana/loki-build-image:0.33.0 - name: loki -- commands: - - make BUILD_IN_CONTAINER=false check-doc - depends_on: - - loki - environment: {} - image: grafana/loki-build-image:0.33.0 - name: check-doc -- commands: - - make BUILD_IN_CONTAINER=false check-format GIT_TARGET_BRANCH="$DRONE_TARGET_BRANCH" - depends_on: - - loki - environment: {} - image: grafana/loki-build-image:0.33.0 - name: check-format - when: - event: - - pull_request -- commands: - - make BUILD_IN_CONTAINER=false validate-example-configs - depends_on: - - loki - environment: {} - image: grafana/loki-build-image:0.33.0 - name: validate-example-configs -- commands: - - make BUILD_IN_CONTAINER=false validate-dev-cluster-config - depends_on: - - validate-example-configs - environment: {} - image: grafana/loki-build-image:0.33.0 - name: validate-dev-cluster-config -- commands: - - make BUILD_IN_CONTAINER=false check-example-config-doc - depends_on: - - clone - environment: {} - image: grafana/loki-build-image:0.33.0 - name: check-example-config-doc -- commands: - - mkdir -p /hugo/content/docs/loki/latest - - cp -r docs/sources/* /hugo/content/docs/loki/latest/ - - cd /hugo && make prod - image: grafana/docs-base:e6ef023f8b8 - name: build-docs-website -trigger: - ref: - - refs/heads/main - - refs/heads/k??? - - refs/tags/v* - - refs/pull/*/head -workspace: - base: /src - path: loki ---- -kind: pipeline name: mixins steps: - commands: @@ -344,8 +183,6 @@ workspace: base: /src path: loki --- -depends_on: -- check kind: pipeline name: docker-amd64 platform: @@ -358,66 +195,6 @@ steps: - echo $(./tools/image-tag)-amd64 > .tags image: alpine name: image-tag -- depends_on: - - image-tag - image: plugins/docker - name: build-loki-image - settings: - dockerfile: cmd/loki/Dockerfile - dry_run: true - password: - from_secret: docker_password - repo: grafana/loki - username: - from_secret: docker_username - when: - event: - - pull_request -- depends_on: - - image-tag - image: plugins/docker - name: build-loki-canary-image - settings: - dockerfile: cmd/loki-canary/Dockerfile - dry_run: true - password: - from_secret: docker_password - repo: grafana/loki-canary - username: - from_secret: docker_username - when: - event: - - pull_request -- depends_on: - - image-tag - image: plugins/docker - name: build-loki-canary-boringcrypto-image - settings: - dockerfile: cmd/loki-canary-boringcrypto/Dockerfile - dry_run: true - password: - from_secret: docker_password - repo: grafana/loki-canary-boringcrypto - username: - from_secret: docker_username - when: - event: - - pull_request -- depends_on: - - image-tag - image: plugins/docker - name: build-logcli-image - settings: - dockerfile: cmd/logcli/Dockerfile - dry_run: true - password: - from_secret: docker_password - repo: grafana/logcli - username: - from_secret: docker_username - when: - event: - - pull_request - depends_on: - image-tag image: plugins/docker @@ -489,8 +266,6 @@ trigger: - refs/tags/v* - refs/pull/*/head --- -depends_on: -- check kind: pipeline name: docker-arm64 platform: @@ -503,66 +278,6 @@ steps: - echo $(./tools/image-tag)-arm64 > .tags image: alpine name: image-tag -- depends_on: - - image-tag - image: plugins/docker - name: build-loki-image - settings: - dockerfile: cmd/loki/Dockerfile - dry_run: true - password: - from_secret: docker_password - repo: grafana/loki - username: - from_secret: docker_username - when: - event: - - pull_request -- depends_on: - - image-tag - image: plugins/docker - name: build-loki-canary-image - settings: - dockerfile: cmd/loki-canary/Dockerfile - dry_run: true - password: - from_secret: docker_password - repo: grafana/loki-canary - username: - from_secret: docker_username - when: - event: - - pull_request -- depends_on: - - image-tag - image: plugins/docker - name: build-loki-canary-boringcrypto-image - settings: - dockerfile: cmd/loki-canary-boringcrypto/Dockerfile - dry_run: true - password: - from_secret: docker_password - repo: grafana/loki-canary-boringcrypto - username: - from_secret: docker_username - when: - event: - - pull_request -- depends_on: - - image-tag - image: plugins/docker - name: build-logcli-image - settings: - dockerfile: cmd/logcli/Dockerfile - dry_run: true - password: - from_secret: docker_password - repo: grafana/logcli - username: - from_secret: docker_username - when: - event: - - pull_request - depends_on: - image-tag image: plugins/docker @@ -634,8 +349,6 @@ trigger: - refs/tags/v* - refs/pull/*/head --- -depends_on: -- check kind: pipeline name: docker-arm platform: @@ -648,66 +361,6 @@ steps: - echo $(./tools/image-tag)-arm > .tags image: alpine name: image-tag -- depends_on: - - image-tag - image: plugins/docker:linux-arm - name: build-loki-image - settings: - dockerfile: cmd/loki/Dockerfile - dry_run: true - password: - from_secret: docker_password - repo: grafana/loki - username: - from_secret: docker_username - when: - event: - - pull_request -- depends_on: - - image-tag - image: plugins/docker:linux-arm - name: build-loki-canary-image - settings: - dockerfile: cmd/loki-canary/Dockerfile - dry_run: true - password: - from_secret: docker_password - repo: grafana/loki-canary - username: - from_secret: docker_username - when: - event: - - pull_request -- depends_on: - - image-tag - image: plugins/docker:linux-arm - name: build-loki-canary-boringcrypto-image - settings: - dockerfile: cmd/loki-canary-boringcrypto/Dockerfile - dry_run: true - password: - from_secret: docker_password - repo: grafana/loki-canary-boringcrypto - username: - from_secret: docker_username - when: - event: - - pull_request -- depends_on: - - image-tag - image: plugins/docker:linux-arm - name: build-logcli-image - settings: - dockerfile: cmd/logcli/Dockerfile - dry_run: true - password: - from_secret: docker_password - repo: grafana/logcli - username: - from_secret: docker_username - when: - event: - - pull_request - depends_on: - image-tag image: plugins/docker:linux-arm @@ -779,8 +432,6 @@ trigger: - refs/tags/v* - refs/pull/*/head --- -depends_on: -- check kind: pipeline name: promtail-amd64 platform: @@ -793,21 +444,6 @@ steps: - echo $(./tools/image-tag)-amd64 > .tags image: alpine name: image-tag -- depends_on: - - image-tag - image: plugins/docker - name: build-promtail-image - settings: - dockerfile: clients/cmd/promtail/Dockerfile - dry_run: true - password: - from_secret: docker_password - repo: grafana/promtail - username: - from_secret: docker_username - when: - event: - - pull_request - depends_on: - image-tag image: plugins/docker @@ -831,35 +467,18 @@ trigger: - refs/tags/v* - refs/pull/*/head --- -depends_on: -- check kind: pipeline name: promtail-arm64 platform: arch: arm64 os: linux steps: -- commands: - - apk add --no-cache bash git - - git fetch origin --tags - - echo $(./tools/image-tag)-arm64 > .tags - image: alpine - name: image-tag -- depends_on: - - image-tag - image: plugins/docker - name: build-promtail-image - settings: - dockerfile: clients/cmd/promtail/Dockerfile - dry_run: true - password: - from_secret: docker_password - repo: grafana/promtail - username: - from_secret: docker_username - when: - event: - - pull_request +- commands: + - apk add --no-cache bash git + - git fetch origin --tags + - echo $(./tools/image-tag)-arm64 > .tags + image: alpine + name: image-tag - depends_on: - image-tag image: plugins/docker @@ -883,8 +502,6 @@ trigger: - refs/tags/v* - refs/pull/*/head --- -depends_on: -- check kind: pipeline name: promtail-arm platform: @@ -897,21 +514,6 @@ steps: - echo $(./tools/image-tag)-arm > .tags image: alpine name: image-tag -- depends_on: - - image-tag - image: plugins/docker:linux-arm - name: build-promtail-image - settings: - dockerfile: clients/cmd/promtail/Dockerfile.arm32 - dry_run: true - password: - from_secret: docker_password - repo: grafana/promtail - username: - from_secret: docker_username - when: - event: - - pull_request - depends_on: - image-tag image: plugins/docker:linux-arm @@ -935,8 +537,6 @@ trigger: - refs/tags/v* - refs/pull/*/head --- -depends_on: -- check kind: pipeline name: lokioperator-amd64 platform: @@ -949,22 +549,6 @@ steps: - echo $(./tools/image-tag)-amd64 > .tags image: alpine name: image-tag -- depends_on: - - image-tag - image: plugins/docker - name: build-loki-operator-image - settings: - context: operator - dockerfile: operator/Dockerfile - dry_run: true - password: - from_secret: docker_password - repo: grafana/loki-operator - username: - from_secret: docker_username - when: - event: - - pull_request - depends_on: - image-tag image: plugins/docker @@ -991,8 +575,6 @@ trigger: - refs/tags/operator/v* - refs/pull/*/head --- -depends_on: -- check kind: pipeline name: lokioperator-arm64 platform: @@ -1005,22 +587,6 @@ steps: - echo $(./tools/image-tag)-arm64 > .tags image: alpine name: image-tag -- depends_on: - - image-tag - image: plugins/docker - name: build-loki-operator-image - settings: - context: operator - dockerfile: operator/Dockerfile - dry_run: true - password: - from_secret: docker_password - repo: grafana/loki-operator - username: - from_secret: docker_username - when: - event: - - pull_request - depends_on: - image-tag image: plugins/docker @@ -1047,8 +613,6 @@ trigger: - refs/tags/operator/v* - refs/pull/*/head --- -depends_on: -- check kind: pipeline name: lokioperator-arm platform: @@ -1061,22 +625,6 @@ steps: - echo $(./tools/image-tag)-arm > .tags image: alpine name: image-tag -- depends_on: - - image-tag - image: plugins/docker:linux-arm - name: build-loki-operator-image - settings: - context: operator - dockerfile: operator/Dockerfile - dry_run: true - password: - from_secret: docker_password - repo: grafana/loki-operator - username: - from_secret: docker_username - when: - event: - - pull_request - depends_on: - image-tag image: plugins/docker:linux-arm @@ -1103,8 +651,6 @@ trigger: - refs/tags/operator/v* - refs/pull/*/head --- -depends_on: -- check kind: pipeline name: fluent-bit-amd64 platform: @@ -1117,21 +663,6 @@ steps: - echo $(./tools/image-tag)-amd64 > .tags image: alpine name: image-tag -- depends_on: - - image-tag - image: plugins/docker - name: build-fluent-bit-image - settings: - dockerfile: clients/cmd/fluent-bit/Dockerfile - dry_run: true - password: - from_secret: docker_password - repo: grafana/fluent-bit-plugin-loki - username: - from_secret: docker_username - when: - event: - - pull_request - depends_on: - image-tag image: plugins/docker @@ -1155,8 +686,6 @@ trigger: - refs/tags/v* - refs/pull/*/head --- -depends_on: -- check kind: pipeline name: fluent-bit-arm64 platform: @@ -1169,21 +698,6 @@ steps: - echo $(./tools/image-tag)-arm64 > .tags image: alpine name: image-tag -- depends_on: - - image-tag - image: plugins/docker - name: build-fluent-bit-image - settings: - dockerfile: clients/cmd/fluent-bit/Dockerfile - dry_run: true - password: - from_secret: docker_password - repo: grafana/fluent-bit-plugin-loki - username: - from_secret: docker_username - when: - event: - - pull_request - depends_on: - image-tag image: plugins/docker @@ -1207,8 +721,6 @@ trigger: - refs/tags/v* - refs/pull/*/head --- -depends_on: -- check kind: pipeline name: fluent-bit-arm platform: @@ -1221,21 +733,6 @@ steps: - echo $(./tools/image-tag)-arm > .tags image: alpine name: image-tag -- depends_on: - - image-tag - image: plugins/docker:linux-arm - name: build-fluent-bit-image - settings: - dockerfile: clients/cmd/fluent-bit/Dockerfile - dry_run: true - password: - from_secret: docker_password - repo: grafana/fluent-bit-plugin-loki - username: - from_secret: docker_username - when: - event: - - pull_request - depends_on: - image-tag image: plugins/docker:linux-arm @@ -1259,8 +756,6 @@ trigger: - refs/tags/v* - refs/pull/*/head --- -depends_on: -- check kind: pipeline name: fluentd-amd64 platform: @@ -1274,21 +769,6 @@ steps: - echo ",main" >> .tags image: alpine name: image-tag -- depends_on: - - image-tag - image: plugins/docker - name: build-fluentd-image - settings: - dockerfile: clients/cmd/fluentd/Dockerfile - dry_run: true - password: - from_secret: docker_password - repo: grafana/fluent-plugin-loki - username: - from_secret: docker_username - when: - event: - - pull_request - depends_on: - image-tag image: plugins/docker @@ -1312,8 +792,6 @@ trigger: - refs/tags/v* - refs/pull/*/head --- -depends_on: -- check kind: pipeline name: logstash-amd64 platform: @@ -1327,21 +805,6 @@ steps: - echo ",main" >> .tags image: alpine name: image-tag -- depends_on: - - image-tag - image: plugins/docker - name: build-logstash-image - settings: - dockerfile: clients/cmd/logstash/Dockerfile - dry_run: true - password: - from_secret: docker_password - repo: grafana/logstash-output-loki - username: - from_secret: docker_username - when: - event: - - pull_request - depends_on: - image-tag image: plugins/docker @@ -1365,8 +828,6 @@ trigger: - refs/tags/v* - refs/pull/*/head --- -depends_on: -- check kind: pipeline name: querytee-amd64 platform: @@ -1380,21 +841,6 @@ steps: - echo ",main" >> .tags image: alpine name: image-tag -- depends_on: - - image-tag - image: plugins/docker - name: build-querytee-image - settings: - dockerfile: cmd/querytee/Dockerfile - dry_run: true - password: - from_secret: docker_password - repo: grafana/loki-query-tee - username: - from_secret: docker_username - when: - event: - - pull_request - depends_on: - image-tag image: plugins/docker @@ -1645,8 +1091,6 @@ trigger: - refs/tags/v* - refs/pull/*/head --- -depends_on: -- check kind: pipeline name: logql-analyzer platform: @@ -1659,21 +1103,6 @@ steps: - echo $(./tools/image-tag)-amd64 > .tags image: alpine name: image-tag -- depends_on: - - image-tag - image: plugins/docker - name: build-logql-analyzer-image - settings: - dockerfile: cmd/logql-analyzer/Dockerfile - dry_run: true - password: - from_secret: docker_password - repo: grafana/logql-analyzer - username: - from_secret: docker_username - when: - event: - - pull_request - depends_on: - image-tag image: plugins/docker @@ -1697,103 +1126,6 @@ trigger: - refs/tags/v* - refs/pull/*/head --- -depends_on: -- check -image_pull_secrets: -- dockerconfigjson -kind: pipeline -name: release -services: -- image: jrei/systemd-debian:12 - name: systemd-debian - privileged: true - volumes: - - name: cgroup - path: /sys/fs/cgroup -- image: jrei/systemd-centos:8 - name: systemd-centos - privileged: true - volumes: - - name: cgroup - path: /sys/fs/cgroup -steps: -- commands: - - if [ "$${#TEST_SECRET}" -eq 0 ]; then - - ' echo "Missing a secret to run this pipeline. This branch needs to be re-pushed - as a branch in main grafana/loki repository in order to run." && exit 78' - - fi - environment: - TEST_SECRET: - from_secret: gpg_private_key - image: alpine - name: skip pipeline if missing secret -- commands: - - apk add --no-cache bash git - - git fetch origin --tags - image: alpine - name: fetch-tags -- commands: - - printf "%s" "$NFPM_SIGNING_KEY" > $NFPM_SIGNING_KEY_FILE - environment: - NFPM_SIGNING_KEY: - from_secret: gpg_private_key - NFPM_SIGNING_KEY_FILE: /drone/src/private-key.key - image: grafana/loki-build-image:0.33.0 - name: write-key -- commands: - - make BUILD_IN_CONTAINER=false packages - environment: - NFPM_PASSPHRASE: - from_secret: gpg_passphrase - NFPM_SIGNING_KEY_FILE: /drone/src/private-key.key - image: grafana/loki-build-image:0.33.0 - name: test packaging -- commands: - - ./tools/packaging/verify-deb-install.sh - image: docker - name: test deb package - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock -- commands: - - ./tools/packaging/verify-rpm-install.sh - image: docker - name: test rpm package - privileged: true - volumes: - - name: docker - path: /var/run/docker.sock -- commands: - - make BUILD_IN_CONTAINER=false publish - environment: - GITHUB_TOKEN: - from_secret: github_token - NFPM_PASSPHRASE: - from_secret: gpg_passphrase - NFPM_SIGNING_KEY_FILE: /drone/src/private-key.key - image: grafana/loki-build-image:0.33.0 - name: publish - when: - event: - - tag -trigger: - event: - - pull_request - - tag - ref: - - refs/heads/main - - refs/heads/k??? - - refs/tags/v* - - refs/pull/*/head -volumes: -- host: - path: /sys/fs/cgroup - name: cgroup -- host: - path: /var/run/docker.sock - name: docker ---- kind: pipeline name: docker-driver steps: @@ -1827,8 +1159,6 @@ volumes: path: /var/run/docker.sock name: docker --- -depends_on: -- check kind: pipeline name: lambda-promtail-amd64 platform: @@ -1851,25 +1181,6 @@ steps: from_secret: ecr_key image: alpine name: skip pipeline if missing secret -- depends_on: - - image-tag - - skip pipeline if missing secret - image: cstyan/ecr - name: build-lambda-promtail-image - privileged: true - settings: - access_key: - from_secret: ecr_key - dockerfile: tools/lambda-promtail/Dockerfile - dry_run: true - region: us-east-1 - registry: public.ecr.aws/grafana - repo: public.ecr.aws/grafana/lambda-promtail - secret_key: - from_secret: ecr_secret_key - when: - event: - - pull_request - depends_on: - image-tag image: cstyan/ecr @@ -1896,8 +1207,6 @@ trigger: - refs/tags/v* - refs/pull/*/head --- -depends_on: -- check kind: pipeline name: lambda-promtail-arm64 platform: @@ -1920,25 +1229,6 @@ steps: from_secret: ecr_key image: alpine name: skip pipeline if missing secret -- depends_on: - - image-tag - - skip pipeline if missing secret - image: cstyan/ecr - name: build-lambda-promtail-image - privileged: true - settings: - access_key: - from_secret: ecr_key - dockerfile: tools/lambda-promtail/Dockerfile - dry_run: true - region: us-east-1 - registry: public.ecr.aws/grafana - repo: public.ecr.aws/grafana/lambda-promtail - secret_key: - from_secret: ecr_secret_key - when: - event: - - pull_request - depends_on: - image-tag image: cstyan/ecr @@ -2072,6 +1362,6 @@ kind: secret name: gpg_private_key --- kind: signature -hmac: 51861919f0ba5370a152bdb9267828c742f2042819fb01388c6d23bf44e3cbb7 +hmac: 32b44aecaad0258ed9494225595e1016a56bea960bcd0b15b2db3449bed957e0 ... diff --git a/.github/jsonnetfile.json b/.github/jsonnetfile.json new file mode 100644 index 0000000000000..cd4469eb6e501 --- /dev/null +++ b/.github/jsonnetfile.json @@ -0,0 +1,15 @@ +{ + "version": 1, + "dependencies": [ + { + "source": { + "git": { + "remote": "https://github.com/grafana/loki-release.git", + "subdir": "workflows" + } + }, + "version": "release-1.10.x" + } + ], + "legacyImports": true +} diff --git a/.github/jsonnetfile.lock.json b/.github/jsonnetfile.lock.json new file mode 100644 index 0000000000000..ee1f7b9596b4b --- /dev/null +++ b/.github/jsonnetfile.lock.json @@ -0,0 +1,16 @@ +{ + "version": 1, + "dependencies": [ + { + "source": { + "git": { + "remote": "https://github.com/grafana/loki-release.git", + "subdir": "workflows" + } + }, + "version": "c005223f58b83f288b655dde5bcfeff7490c7aa5", + "sum": "5K+r6Bsb8JMR1ytQjSObjvHFpH7SJBi5D4ysSwvC4/g=" + } + ], + "legacyImports": false +} diff --git a/.github/release-workflows.jsonnet b/.github/release-workflows.jsonnet new file mode 100644 index 0000000000000..ae1f868fa651e --- /dev/null +++ b/.github/release-workflows.jsonnet @@ -0,0 +1,58 @@ +local lokiRelease = import 'workflows/main.jsonnet'; +local build = lokiRelease.build; +{ + 'patch-release-pr.yml': std.manifestYamlDoc( + lokiRelease.releasePRWorkflow( + imageJobs={ + loki: build.image('loki', 'cmd/loki'), + fluentd: build.image('fluentd', 'clients/cmd/fluentd', platform=['linux/amd64']), + 'fluent-bit': build.image('fluent-bit', 'clients/cmd/fluent-bit', platform=['linux/amd64']), + logstash: build.image('logstash', 'clients/cmd/logstash', platform=['linux/amd64']), + logcli: build.image('logcli', 'cmd/logcli'), + 'loki-canary': build.image('loki-canary', 'cmd/loki-canary'), + 'loki-canary-boringcrypto': build.image('loki-canary-boringcrypto', 'cmd/loki-canary-boringcrypto'), + 'loki-operator': build.image('loki-operator', 'operator', context='release/operator', platform=['linux/amd64']), + promtail: build.image('promtail', 'clients/cmd/promtail'), + querytee: build.image('querytee', 'cmd/querytee', platform=['linux/amd64']), + }, + branches=['release-[0-9]+.[0-9]+.x'], + checkTemplate='grafana/loki-release/.github/workflows/check.yml@release-1.10.x', + imagePrefix='grafana', + releaseRepo='grafana/loki', + skipArm=false, + skipValidation=false, + versioningStrategy='always-bump-patch', + ), false, false + ), + 'minor-release-pr.yml': std.manifestYamlDoc( + lokiRelease.releasePRWorkflow( + imageJobs={ + loki: build.image('loki', 'cmd/loki'), + fluentd: build.image('fluentd', 'clients/cmd/fluentd', platform=['linux/amd64']), + 'fluent-bit': build.image('fluent-bit', 'clients/cmd/fluent-bit', platform=['linux/amd64']), + logstash: build.image('logstash', 'clients/cmd/logstash', platform=['linux/amd64']), + logcli: build.image('logcli', 'cmd/logcli'), + 'loki-canary': build.image('loki-canary', 'cmd/loki-canary'), + 'loki-canary-boringcrypto': build.image('loki-canary-boringcrypto', 'cmd/loki-canary-boringcrypto'), + 'loki-operator': build.image('loki-operator', 'operator', context='release/operator', platform=['linux/amd64']), + promtail: build.image('promtail', 'clients/cmd/promtail'), + querytee: build.image('querytee', 'cmd/querytee', platform=['linux/amd64']), + }, + branches=['k[0-9]+'], + checkTemplate='grafana/loki-release/.github/workflows/check.yml@release-1.10.x', + imagePrefix='grafana', + releaseRepo='grafana/loki', + skipArm=false, + skipValidation=false, + versioningStrategy='always-bump-minor', + ), false, false + ), + 'release.yml': std.manifestYamlDoc( + lokiRelease.releaseWorkflow( + branches=['release-[0-9]+.[0-9]+.x', 'k[0-9]+'], + getDockerCredsFromVault=true, + imagePrefix='grafana', + releaseRepo='grafana/loki', + ), false, false + ), +} diff --git a/.github/vendor/github.com/grafana/loki-release/workflows/build.libsonnet b/.github/vendor/github.com/grafana/loki-release/workflows/build.libsonnet new file mode 100644 index 0000000000000..cdd6b82463e4b --- /dev/null +++ b/.github/vendor/github.com/grafana/loki-release/workflows/build.libsonnet @@ -0,0 +1,154 @@ +local common = import 'common.libsonnet'; +local job = common.job; +local step = common.step; +local releaseStep = common.releaseStep; +local releaseLibStep = common.releaseLibStep; + +{ + image: function( + name, + path, + context='release', + platform=[ + 'linux/amd64', + 'linux/arm64', + 'linux/arm', + ] + ) + job.new() + + job.withStrategy({ + 'fail-fast': true, + matrix: { + platform: platform, + }, + }) + + job.withSteps([ + common.fetchReleaseLib, + common.fetchReleaseRepo, + common.setupNode, + common.googleAuth, + + step.new('Set up QEMU', 'docker/setup-qemu-action@v3'), + step.new('set up docker buildx', 'docker/setup-buildx-action@v3'), + + releaseStep('parse image platform') + + step.withId('platform') + + step.withRun(||| + mkdir -p images + + platform="$(echo "${{ matrix.platform}}" | sed "s/\(.*\)\/\(.*\)/\1-\2/")" + echo "platform=${platform}" >> $GITHUB_OUTPUT + echo "platform_short=$(echo ${{ matrix.platform }} | cut -d / -f 2)" >> $GITHUB_OUTPUT + |||), + + step.new('Build and export', 'docker/build-push-action@v5') + + step.withTimeoutMinutes(25) + + step.withIf('${{ fromJSON(needs.version.outputs.pr_created) }}') + + step.with({ + context: context, + file: 'release/%s/Dockerfile' % path, + platforms: '${{ matrix.platform }}', + tags: '${{ env.IMAGE_PREFIX }}/%s:${{ needs.version.outputs.version }}-${{ steps.platform.outputs.platform_short }}' % [name], + outputs: 'type=docker,dest=release/images/%s-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar' % name, + }), + step.new('upload artifacts', 'google-github-actions/upload-cloud-storage@v2') + + step.withIf('${{ fromJSON(needs.version.outputs.pr_created) }}') + + step.with({ + path: 'release/images/%s-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar' % name, + destination: 'loki-build-artifacts/${{ github.sha }}/images', //TODO: make bucket configurable + process_gcloudignore: false, + }), + ]), + + version: + job.new() + + job.withSteps([ + common.fetchReleaseLib, + common.fetchReleaseRepo, + common.setupNode, + common.extractBranchName, + releaseLibStep('get release version') + + step.withId('version') + + step.withRun(||| + npm install + npm exec -- release-please release-pr \ + --consider-all-branches \ + --dry-run \ + --dry-run-output release.json \ + --release-type simple \ + --repo-url="${{ env.RELEASE_REPO }}" \ + --target-branch "${{ steps.extract_branch.outputs.branch }}" \ + --token="${{ secrets.GH_TOKEN }}" \ + --versioning-strategy "${{ env.VERSIONING_STRATEGY }}" + + if [[ `jq length release.json` -gt 1 ]]; then + echo 'release-please would create more than 1 PR, so cannot determine correct version' + echo "pr_created=false" >> $GITHUB_OUTPUT + exit 1 + fi + + if [[ `jq length release.json` -eq 0 ]]; then + echo "pr_created=false" >> $GITHUB_OUTPUT + else + version="$(npm run --silent get-version)" + echo "Parsed version: ${version}" + echo "version=${version}" >> $GITHUB_OUTPUT + echo "pr_created=true" >> $GITHUB_OUTPUT + fi + |||), + ]) + + job.withOutputs({ + version: '${{ steps.version.outputs.version }}', + pr_created: '${{ steps.version.outputs.pr_created }}', + }), + + dist: function(buildImage, skipArm=true) + job.new() + + job.withSteps([ + common.fetchReleaseRepo, + common.googleAuth, + step.new('get nfpm signing keys', 'grafana/shared-workflows/actions/get-vault-secrets@main') + + step.withId('get-secrets') + + step.with({ + common_secrets: ||| + NFPM_SIGNING_KEY=packages-gpg:private-key + NFPM_PASSPHRASE=packages-gpg:passphrase + |||, + }), + + releaseStep('build artifacts') + + step.withEnv({ + BUILD_IN_CONTAINER: false, + DRONE_TAG: '${{ needs.version.outputs.version }}', + IMAGE_TAG: '${{ needs.version.outputs.version }}', + NFPM_SIGNING_KEY_FILE: 'nfpm-private-key.key', + SKIP_ARM: skipArm, + }) + //TODO: the workdir here is loki specific + + step.withRun(||| + cat < $NFPM_SIGNING_KEY_FILE + make dist packages + EOF + ||| % buildImage), + + step.new('upload build artifacts', 'google-github-actions/upload-cloud-storage@v2') + + step.with({ + path: 'release/dist', + destination: 'loki-build-artifacts/${{ github.sha }}', //TODO: make bucket configurable + process_gcloudignore: false, + }), + ]), +} diff --git a/.github/vendor/github.com/grafana/loki-release/workflows/common.libsonnet b/.github/vendor/github.com/grafana/loki-release/workflows/common.libsonnet new file mode 100644 index 0000000000000..e3346f2bd5e4e --- /dev/null +++ b/.github/vendor/github.com/grafana/loki-release/workflows/common.libsonnet @@ -0,0 +1,124 @@ +{ + step: { + new: function(name, uses=null) { + name: name, + } + if uses != null then { + uses: uses, + } else {}, + with: function(with) { + with+: with, + }, + withRun: function(run) { + run: run, + }, + withId: function(id) { + id: id, + }, + withWorkingDirectory: function(workingDirectory) { + 'working-directory': workingDirectory, + }, + withIf: function(_if) { + 'if': _if, + }, + withEnv: function(env) { + env: env, + }, + withSecrets: function(env) { + secrets: env, + }, + withTimeoutMinutes: function(timeout) { + 'timeout-minutes': timeout, + }, + }, + job: { + new: function(runsOn='ubuntu-latest') { + 'runs-on': runsOn, + }, + with: function(with) { + with+: with, + }, + withUses: function(uses) { + uses: uses, + }, + withSteps: function(steps) { + steps: steps, + }, + withStrategy: function(strategy) { + strategy: strategy, + }, + withNeeds: function(needs) { + needs: needs, + }, + withIf: function(_if) { + 'if': _if, + }, + withOutputs: function(outputs) { + outputs: outputs, + }, + withContainer: function(container) { + container: container, + }, + withEnv: function(env) { + env: env, + }, + withSecrets: function(env) { + secrets: env, + }, + }, + + releaseStep: function(name, uses=null) $.step.new(name, uses) + + $.step.withWorkingDirectory('release'), + + releaseLibStep: function(name, uses=null) $.step.new(name, uses) + + $.step.withWorkingDirectory('lib'), + + checkout: + $.step.new('checkout', 'actions/checkout@v4'), + + fetchReleaseRepo: + $.step.new('pull code to release', 'actions/checkout@v4') + + $.step.with({ + repository: '${{ env.RELEASE_REPO }}', + path: 'release', + }), + fetchReleaseLib: + $.step.new('pull release library code', 'actions/checkout@v4') + + $.step.with({ + repository: 'grafana/loki-release', + path: 'lib', + }), + + setupNode: $.step.new('setup node', 'actions/setup-node@v4') + + $.step.with({ + 'node-version': 20, + }), + + makeTarget: function(target) 'make %s' % target, + + alwaysGreen: { + steps: [ + $.step.new('always green') + + $.step.withRun('echo "always green"'), + ], + }, + + googleAuth: $.step.new('auth gcs', 'google-github-actions/auth@v2') + + $.step.with({ + credentials_json: '${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}', + }), + setupGoogleCloudSdk: $.step.new('Set up Cloud SDK', 'google-github-actions/setup-gcloud@v2') + + $.step.with({ + version: '>= 452.0.0', + }), + + extractBranchName: $.releaseStep('extract branch name') + + $.step.withId('extract_branch') + + $.step.withRun(||| + echo "branch=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" >> $GITHUB_OUTPUT + |||), + + fixDubiousOwnership: $.step.new('fix git dubious ownership') + + $.step.withRun(||| + git config --global --add safe.directory "$GITHUB_WORKSPACE" + |||), +} diff --git a/.github/vendor/github.com/grafana/loki-release/workflows/main.jsonnet b/.github/vendor/github.com/grafana/loki-release/workflows/main.jsonnet new file mode 100644 index 0000000000000..0a033b81221ff --- /dev/null +++ b/.github/vendor/github.com/grafana/loki-release/workflows/main.jsonnet @@ -0,0 +1,111 @@ +{ + common: import 'common.libsonnet', + job: $.common.job, + step: $.common.step, + build: import 'build.libsonnet', + release: import 'release.libsonnet', + validate: import 'validate.libsonnet', + releasePRWorkflow: function( + branches=['release-[0-9]+.[0-9]+.x', 'k[0-9]+'], + buildImage='grafana/loki-build-image:0.33.0', + checkTemplate='./.github/workflows/check.yml', + dockerUsername='grafana', + imageJobs={}, + imagePrefix='grafana', + releaseRepo='grafana/loki-release', + skipArm=true, + skipValidation=false, + versioningStrategy='always-bump-patch', + ) { + name: 'create release PR', + on: { + push: { + branches: branches, + }, + }, + permissions: { + contents: 'write', + 'pull-requests': 'write', + 'id-token': 'write', + }, + concurrency: { + group: 'create-release-pr-${{ github.sha }}', + }, + env: { + RELEASE_REPO: releaseRepo, + DOCKER_USERNAME: dockerUsername, + IMAGE_PREFIX: imagePrefix, + SKIP_VALIDATION: skipValidation, + VERSIONING_STRATEGY: versioningStrategy, + }, + local validationSteps = ['check'], + jobs: { + check: {} + $.job.withUses(checkTemplate) + + $.job.with({ + skip_validation: skipValidation, + }), + version: $.build.version + $.common.job.withNeeds(validationSteps), + dist: $.build.dist(buildImage, skipArm) + $.common.job.withNeeds(['version']), + } + std.mapWithKey(function(name, job) job + $.common.job.withNeeds(['version']), imageJobs) + { + local buildImageSteps = ['dist'] + std.objectFields(imageJobs), + 'create-release-pr': $.release.createReleasePR + $.common.job.withNeeds(buildImageSteps), + }, + }, + releaseWorkflow: function( + releaseRepo='grafana/loki-release', + dockerUsername='grafana', + imagePrefix='grafana', + branches=['release-[0-9].[0-9].x', 'k[0-9]*'], + getDockerCredsFromVault=false + ) { + name: 'create release', + on: { + push: { + branches: branches, + }, + }, + permissions: { + contents: 'write', + 'pull-requests': 'write', + 'id-token': 'write', + }, + concurrency: { + group: 'create-release-${{ github.sha }}', + }, + env: { + RELEASE_REPO: releaseRepo, + IMAGE_PREFIX: imagePrefix, + }, + jobs: { + shouldRelease: $.release.shouldRelease, + createRelease: $.release.createRelease, + publishImages: $.release.publishImages(getDockerCredsFromVault, dockerUsername), + }, + }, + check: function( + buildImage='grafana/loki-build-image:0.33.0', + ) { + name: 'check', + on: { + workflow_call: { + inputs: { + skip_validation: { + default: false, + description: 'skip validation steps', + required: false, + type: 'boolean', + }, + }, + }, + }, + permissions: { + contents: 'write', + 'pull-requests': 'write', + 'id-token': 'write', + }, + concurrency: { + group: 'check-${{ github.sha }}', + }, + jobs: $.validate(buildImage), + }, +} diff --git a/.github/vendor/github.com/grafana/loki-release/workflows/release.libsonnet b/.github/vendor/github.com/grafana/loki-release/workflows/release.libsonnet new file mode 100644 index 0000000000000..6bf2daa8f0334 --- /dev/null +++ b/.github/vendor/github.com/grafana/loki-release/workflows/release.libsonnet @@ -0,0 +1,144 @@ +local common = import 'common.libsonnet'; +local job = common.job; +local step = common.step; +local releaseStep = common.releaseStep; +local releaseLibStep = common.releaseLibStep; + +// DO NOT MODIFY THIS FOOTER TEMPLATE +// This template is matched by the should-release action to detect the correct +// sha to release and pull aritfacts from. If you need to change this, make sure +// to change it in both places. +//TODO: make bucket configurable +local pullRequestFooter = 'Merging this PR will release the [artifacts](https://console.cloud.google.com/storage/browser/loki-build-artifacts/${SHA}) of ${SHA}'; + +{ + createReleasePR: + job.new() + + job.withSteps([ + common.fetchReleaseRepo, + common.fetchReleaseLib, + common.setupNode, + common.extractBranchName, + + releaseLibStep('release please') + + step.withId('release') + + step.withEnv({ + SHA: '${{ github.sha }}', + }) + //TODO make bucket configurable + //TODO make a type/release in the backport action + //TODO backport action should not bring over autorelease: pending label + + step.withRun(||| + npm install + echo "Pull request footer: %s" + npm exec -- release-please release-pr \ + --consider-all-branches \ + --label "backport main,autorelease: pending,type/docs" \ + --pull-request-footer "%s" \ + --release-type simple \ + --repo-url "${{ env.RELEASE_REPO }}" \ + --target-branch "${{ steps.extract_branch.outputs.branch }}" \ + --token "${{ secrets.GH_TOKEN }}" \ + --versioning-strategy "${{ env.VERSIONING_STRATEGY }}" \ + --separate-pull-requests false \ + --debug + ||| % [pullRequestFooter, pullRequestFooter]), + ]), + + shouldRelease: job.new() + + job.withSteps([ + common.fetchReleaseRepo, + common.fetchReleaseLib, + common.extractBranchName, + + step.new('should a release be created?', './lib/actions/should-release') + + step.withId('should_release') + + step.with({ + baseBranch: '${{ steps.extract_branch.outputs.branch }}', + }), + ]) + + job.withOutputs({ + shouldRelease: '${{ steps.should_release.outputs.shouldRelease }}', + sha: '${{ steps.should_release.outputs.sha }}', + name: '${{ steps.should_release.outputs.name }}', + branch: '${{ steps.extract_branch.outputs.branch }}', + + }), + createRelease: job.new() + + job.withNeeds(['shouldRelease']) + + job.withIf('${{ fromJSON(needs.shouldRelease.outputs.shouldRelease) }}') + + job.withSteps([ + common.fetchReleaseRepo, + common.fetchReleaseLib, + common.setupNode, + common.googleAuth, + common.setupGoogleCloudSdk, + + // exits with code 1 if the url does not match + // meaning there are no artifacts for that sha + // we need to handle this if we're going to run this pipeline on every merge to main + releaseStep('download binaries') + + step.withRun(||| + echo "downloading binaries to $(pwd)/dist" + gsutil cp -r gs://loki-build-artifacts/${{ needs.shouldRelease.outputs.sha }}/dist . + |||), + + releaseLibStep('create release') + + step.withId('release') + + step.withRun(||| + npm install + npm exec -- release-please github-release \ + --draft \ + --release-type simple \ + --repo-url="${{ env.RELEASE_REPO }}" \ + --target-branch "${{ needs.shouldRelease.outputs.branch }}" \ + --token="${{ secrets.GH_TOKEN }}" + |||), + + releaseStep('upload artifacts') + + step.withId('upload') + + step.withEnv({ + GH_TOKEN: '${{ secrets.GH_TOKEN }}', + }) + + step.withRun(||| + gh release upload ${{ needs.shouldRelease.outputs.name }} dist/* + gh release edit ${{ needs.shouldRelease.outputs.name }} --draft=false + |||), + ]) + + job.withOutputs({ + sha: '${{ needs.shouldRelease.outputs.sha }}', + }), + + publishImages: function(getDockerCredsFromVault=false, dockerUsername='grafanabot') + job.new() + + job.withNeeds(['createRelease']) + + job.withSteps( + [ + common.fetchReleaseLib, + common.googleAuth, + common.setupGoogleCloudSdk, + step.new('Set up QEMU', 'docker/setup-qemu-action@v3'), + step.new('set up docker buildx', 'docker/setup-buildx-action@v3'), + ] + (if getDockerCredsFromVault then [ + step.new('Login to DockerHub (from vault)', 'grafana/shared-workflows/actions/dockerhub-login@main'), + ] else [ + step.new('Login to DockerHub (from secrets)', 'docker/login-action@v3') + + step.with({ + username: dockerUsername, + password: '${{ secrets.DOCKER_PASSWORD }}', + }), + ]) + + [ + step.new('download images') + + step.withRun(||| + echo "downloading images to $(pwd)/images" + gsutil cp -r gs://loki-build-artifacts/${{ needs.createRelease.outputs.sha }}/images . + |||), + step.new('publish docker images', './lib/actions/push-images') + + step.with({ + imageDir: 'images', + imagePrefix: '${{ env.IMAGE_PREFIX }}', + }), + ] + ), +} diff --git a/.github/vendor/github.com/grafana/loki-release/workflows/validate.libsonnet b/.github/vendor/github.com/grafana/loki-release/workflows/validate.libsonnet new file mode 100644 index 0000000000000..477e077d85547 --- /dev/null +++ b/.github/vendor/github.com/grafana/loki-release/workflows/validate.libsonnet @@ -0,0 +1,114 @@ +local common = import 'common.libsonnet'; +local job = common.job; +local step = common.step; +local releaseStep = common.releaseStep; + +local setupValidationDeps = function(job) job { + steps: [ + common.checkout, + common.fetchReleaseLib, + common.fixDubiousOwnership, + step.new('install tar') + + step.withIf('${{ !fromJSON(env.SKIP_VALIDATION) }}') + + step.withRun(||| + apt update + apt install -qy tar xz-utils + |||), + step.new('install shellcheck', './lib/actions/install-binary') + + step.withIf('${{ !fromJSON(env.SKIP_VALIDATION) }}') + + step.with({ + binary: 'shellcheck', + version: '0.9.0', + download_url: 'https://github.com/koalaman/shellcheck/releases/download/v${version}/shellcheck-v${version}.linux.x86_64.tar.xz', + tarball_binary_path: '*/${binary}', + smoke_test: '${binary} --version', + tar_args: 'xvf', + }), + step.new('install jsonnetfmt', './lib/actions/install-binary') + + step.withIf('${{ !fromJSON(env.SKIP_VALIDATION) }}') + + step.with({ + binary: 'jsonnetfmt', + version: '0.18.0', + download_url: 'https://github.com/google/go-jsonnet/releases/download/v${version}/go-jsonnet_${version}_Linux_x86_64.tar.gz', + tarball_binary_path: '${binary}', + smoke_test: '${binary} --version', + }), + ] + job.steps, +}; + +local validationJob = function(buildImage) job.new() + + job.withContainer({ + image: buildImage, + }) + + job.withEnv({ + BUILD_IN_CONTAINER: false, + SKIP_VALIDATION: '${{ inputs.skip_validation }}', + }); + + +function(buildImage) { + local validationMakeStep = function(name, target) + step.new(name) + + step.withIf('${{ !fromJSON(env.SKIP_VALIDATION) }}') + + step.withRun(common.makeTarget(target)), + + test: setupValidationDeps( + validationJob(buildImage) + + job.withSteps([ + validationMakeStep('test', 'test'), + ]) + ), + + lint: setupValidationDeps( + validationJob(buildImage) + + job.withSteps([ + validationMakeStep('lint', 'lint'), + validationMakeStep('lint jsonnet', 'lint-jsonnet'), + validationMakeStep('lint scripts', 'lint-scripts'), + validationMakeStep('format', 'check-format'), + ]) + { + steps+: [ + step.new('golangci-lint', 'golangci/golangci-lint-action@08e2f20817b15149a52b5b3ebe7de50aff2ba8c5') + + step.withIf('${{ !fromJSON(env.SKIP_VALIDATION) }}') + + step.with({ + version: 'v1.55.1', + 'only-new-issues': true, + }), + ], + } + ), + + check: setupValidationDeps( + validationJob(buildImage) + + job.withSteps([ + validationMakeStep('check generated files', 'check-generated-files'), + validationMakeStep('check mod', 'check-mod'), + validationMakeStep('check docs', 'check-doc'), + validationMakeStep('validate example configs', 'validate-example-configs'), + validationMakeStep('validate dev cluster config', 'validate-dev-cluster-config'), + validationMakeStep('check example config docs', 'check-example-config-doc'), + validationMakeStep('check helm reference doc', 'documentation-helm-reference-check'), + validationMakeStep('check drone drift', 'check-drone-drift'), + ]) + { + steps+: [ + step.new('build docs website') + + step.withIf('${{ !fromJSON(env.SKIP_VALIDATION) }}') + + step.withRun(||| + cat <> $GITHUB_OUTPUT + working-directory: "release" + - env: + SHA: "${{ github.sha }}" + id: "release" + name: "release please" + run: | + npm install + echo "Pull request footer: Merging this PR will release the [artifacts](https://console.cloud.google.com/storage/browser/loki-build-artifacts/${SHA}) of ${SHA}" + npm exec -- release-please release-pr \ + --consider-all-branches \ + --label "backport main,autorelease: pending,type/docs" \ + --pull-request-footer "Merging this PR will release the [artifacts](https://console.cloud.google.com/storage/browser/loki-build-artifacts/${SHA}) of ${SHA}" \ + --release-type simple \ + --repo-url "${{ env.RELEASE_REPO }}" \ + --target-branch "${{ steps.extract_branch.outputs.branch }}" \ + --token "${{ secrets.GH_TOKEN }}" \ + --versioning-strategy "${{ env.VERSIONING_STRATEGY }}" \ + --separate-pull-requests false \ + --debug + working-directory: "lib" + dist: + needs: + - "version" + runs-on: "ubuntu-latest" + steps: + - name: "pull code to release" + uses: "actions/checkout@v4" + with: + path: "release" + repository: "${{ env.RELEASE_REPO }}" + - name: "auth gcs" + uses: "google-github-actions/auth@v2" + with: + credentials_json: "${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}" + - id: "get-secrets" + name: "get nfpm signing keys" + uses: "grafana/shared-workflows/actions/get-vault-secrets@main" + with: + common_secrets: | + NFPM_SIGNING_KEY=packages-gpg:private-key + NFPM_PASSPHRASE=packages-gpg:passphrase + - env: + BUILD_IN_CONTAINER: false + DRONE_TAG: "${{ needs.version.outputs.version }}" + IMAGE_TAG: "${{ needs.version.outputs.version }}" + NFPM_SIGNING_KEY_FILE: "nfpm-private-key.key" + SKIP_ARM: false + name: "build artifacts" + run: | + cat < $NFPM_SIGNING_KEY_FILE + make dist packages + EOF + working-directory: "release" + - name: "upload build artifacts" + uses: "google-github-actions/upload-cloud-storage@v2" + with: + destination: "loki-build-artifacts/${{ github.sha }}" + path: "release/dist" + process_gcloudignore: false + fluent-bit: + needs: + - "version" + runs-on: "ubuntu-latest" + steps: + - name: "pull release library code" + uses: "actions/checkout@v4" + with: + path: "lib" + repository: "grafana/loki-release" + - name: "pull code to release" + uses: "actions/checkout@v4" + with: + path: "release" + repository: "${{ env.RELEASE_REPO }}" + - name: "setup node" + uses: "actions/setup-node@v4" + with: + node-version: 20 + - name: "auth gcs" + uses: "google-github-actions/auth@v2" + with: + credentials_json: "${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}" + - name: "Set up QEMU" + uses: "docker/setup-qemu-action@v3" + - name: "set up docker buildx" + uses: "docker/setup-buildx-action@v3" + - id: "platform" + name: "parse image platform" + run: | + mkdir -p images + + platform="$(echo "${{ matrix.platform}}" | sed "s/\(.*\)\/\(.*\)/\1-\2/")" + echo "platform=${platform}" >> $GITHUB_OUTPUT + echo "platform_short=$(echo ${{ matrix.platform }} | cut -d / -f 2)" >> $GITHUB_OUTPUT + working-directory: "release" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "Build and export" + timeout-minutes: 25 + uses: "docker/build-push-action@v5" + with: + context: "release" + file: "release/clients/cmd/fluent-bit/Dockerfile" + outputs: "type=docker,dest=release/images/fluent-bit-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + platforms: "${{ matrix.platform }}" + tags: "${{ env.IMAGE_PREFIX }}/fluent-bit:${{ needs.version.outputs.version }}-${{ steps.platform.outputs.platform_short }}" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "upload artifacts" + uses: "google-github-actions/upload-cloud-storage@v2" + with: + destination: "loki-build-artifacts/${{ github.sha }}/images" + path: "release/images/fluent-bit-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + process_gcloudignore: false + strategy: + fail-fast: true + matrix: + platform: + - "linux/amd64" + fluentd: + needs: + - "version" + runs-on: "ubuntu-latest" + steps: + - name: "pull release library code" + uses: "actions/checkout@v4" + with: + path: "lib" + repository: "grafana/loki-release" + - name: "pull code to release" + uses: "actions/checkout@v4" + with: + path: "release" + repository: "${{ env.RELEASE_REPO }}" + - name: "setup node" + uses: "actions/setup-node@v4" + with: + node-version: 20 + - name: "auth gcs" + uses: "google-github-actions/auth@v2" + with: + credentials_json: "${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}" + - name: "Set up QEMU" + uses: "docker/setup-qemu-action@v3" + - name: "set up docker buildx" + uses: "docker/setup-buildx-action@v3" + - id: "platform" + name: "parse image platform" + run: | + mkdir -p images + + platform="$(echo "${{ matrix.platform}}" | sed "s/\(.*\)\/\(.*\)/\1-\2/")" + echo "platform=${platform}" >> $GITHUB_OUTPUT + echo "platform_short=$(echo ${{ matrix.platform }} | cut -d / -f 2)" >> $GITHUB_OUTPUT + working-directory: "release" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "Build and export" + timeout-minutes: 25 + uses: "docker/build-push-action@v5" + with: + context: "release" + file: "release/clients/cmd/fluentd/Dockerfile" + outputs: "type=docker,dest=release/images/fluentd-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + platforms: "${{ matrix.platform }}" + tags: "${{ env.IMAGE_PREFIX }}/fluentd:${{ needs.version.outputs.version }}-${{ steps.platform.outputs.platform_short }}" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "upload artifacts" + uses: "google-github-actions/upload-cloud-storage@v2" + with: + destination: "loki-build-artifacts/${{ github.sha }}/images" + path: "release/images/fluentd-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + process_gcloudignore: false + strategy: + fail-fast: true + matrix: + platform: + - "linux/amd64" + logcli: + needs: + - "version" + runs-on: "ubuntu-latest" + steps: + - name: "pull release library code" + uses: "actions/checkout@v4" + with: + path: "lib" + repository: "grafana/loki-release" + - name: "pull code to release" + uses: "actions/checkout@v4" + with: + path: "release" + repository: "${{ env.RELEASE_REPO }}" + - name: "setup node" + uses: "actions/setup-node@v4" + with: + node-version: 20 + - name: "auth gcs" + uses: "google-github-actions/auth@v2" + with: + credentials_json: "${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}" + - name: "Set up QEMU" + uses: "docker/setup-qemu-action@v3" + - name: "set up docker buildx" + uses: "docker/setup-buildx-action@v3" + - id: "platform" + name: "parse image platform" + run: | + mkdir -p images + + platform="$(echo "${{ matrix.platform}}" | sed "s/\(.*\)\/\(.*\)/\1-\2/")" + echo "platform=${platform}" >> $GITHUB_OUTPUT + echo "platform_short=$(echo ${{ matrix.platform }} | cut -d / -f 2)" >> $GITHUB_OUTPUT + working-directory: "release" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "Build and export" + timeout-minutes: 25 + uses: "docker/build-push-action@v5" + with: + context: "release" + file: "release/cmd/logcli/Dockerfile" + outputs: "type=docker,dest=release/images/logcli-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + platforms: "${{ matrix.platform }}" + tags: "${{ env.IMAGE_PREFIX }}/logcli:${{ needs.version.outputs.version }}-${{ steps.platform.outputs.platform_short }}" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "upload artifacts" + uses: "google-github-actions/upload-cloud-storage@v2" + with: + destination: "loki-build-artifacts/${{ github.sha }}/images" + path: "release/images/logcli-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + process_gcloudignore: false + strategy: + fail-fast: true + matrix: + platform: + - "linux/amd64" + - "linux/arm64" + - "linux/arm" + logstash: + needs: + - "version" + runs-on: "ubuntu-latest" + steps: + - name: "pull release library code" + uses: "actions/checkout@v4" + with: + path: "lib" + repository: "grafana/loki-release" + - name: "pull code to release" + uses: "actions/checkout@v4" + with: + path: "release" + repository: "${{ env.RELEASE_REPO }}" + - name: "setup node" + uses: "actions/setup-node@v4" + with: + node-version: 20 + - name: "auth gcs" + uses: "google-github-actions/auth@v2" + with: + credentials_json: "${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}" + - name: "Set up QEMU" + uses: "docker/setup-qemu-action@v3" + - name: "set up docker buildx" + uses: "docker/setup-buildx-action@v3" + - id: "platform" + name: "parse image platform" + run: | + mkdir -p images + + platform="$(echo "${{ matrix.platform}}" | sed "s/\(.*\)\/\(.*\)/\1-\2/")" + echo "platform=${platform}" >> $GITHUB_OUTPUT + echo "platform_short=$(echo ${{ matrix.platform }} | cut -d / -f 2)" >> $GITHUB_OUTPUT + working-directory: "release" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "Build and export" + timeout-minutes: 25 + uses: "docker/build-push-action@v5" + with: + context: "release" + file: "release/clients/cmd/logstash/Dockerfile" + outputs: "type=docker,dest=release/images/logstash-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + platforms: "${{ matrix.platform }}" + tags: "${{ env.IMAGE_PREFIX }}/logstash:${{ needs.version.outputs.version }}-${{ steps.platform.outputs.platform_short }}" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "upload artifacts" + uses: "google-github-actions/upload-cloud-storage@v2" + with: + destination: "loki-build-artifacts/${{ github.sha }}/images" + path: "release/images/logstash-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + process_gcloudignore: false + strategy: + fail-fast: true + matrix: + platform: + - "linux/amd64" + loki: + needs: + - "version" + runs-on: "ubuntu-latest" + steps: + - name: "pull release library code" + uses: "actions/checkout@v4" + with: + path: "lib" + repository: "grafana/loki-release" + - name: "pull code to release" + uses: "actions/checkout@v4" + with: + path: "release" + repository: "${{ env.RELEASE_REPO }}" + - name: "setup node" + uses: "actions/setup-node@v4" + with: + node-version: 20 + - name: "auth gcs" + uses: "google-github-actions/auth@v2" + with: + credentials_json: "${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}" + - name: "Set up QEMU" + uses: "docker/setup-qemu-action@v3" + - name: "set up docker buildx" + uses: "docker/setup-buildx-action@v3" + - id: "platform" + name: "parse image platform" + run: | + mkdir -p images + + platform="$(echo "${{ matrix.platform}}" | sed "s/\(.*\)\/\(.*\)/\1-\2/")" + echo "platform=${platform}" >> $GITHUB_OUTPUT + echo "platform_short=$(echo ${{ matrix.platform }} | cut -d / -f 2)" >> $GITHUB_OUTPUT + working-directory: "release" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "Build and export" + timeout-minutes: 25 + uses: "docker/build-push-action@v5" + with: + context: "release" + file: "release/cmd/loki/Dockerfile" + outputs: "type=docker,dest=release/images/loki-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + platforms: "${{ matrix.platform }}" + tags: "${{ env.IMAGE_PREFIX }}/loki:${{ needs.version.outputs.version }}-${{ steps.platform.outputs.platform_short }}" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "upload artifacts" + uses: "google-github-actions/upload-cloud-storage@v2" + with: + destination: "loki-build-artifacts/${{ github.sha }}/images" + path: "release/images/loki-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + process_gcloudignore: false + strategy: + fail-fast: true + matrix: + platform: + - "linux/amd64" + - "linux/arm64" + - "linux/arm" + loki-canary: + needs: + - "version" + runs-on: "ubuntu-latest" + steps: + - name: "pull release library code" + uses: "actions/checkout@v4" + with: + path: "lib" + repository: "grafana/loki-release" + - name: "pull code to release" + uses: "actions/checkout@v4" + with: + path: "release" + repository: "${{ env.RELEASE_REPO }}" + - name: "setup node" + uses: "actions/setup-node@v4" + with: + node-version: 20 + - name: "auth gcs" + uses: "google-github-actions/auth@v2" + with: + credentials_json: "${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}" + - name: "Set up QEMU" + uses: "docker/setup-qemu-action@v3" + - name: "set up docker buildx" + uses: "docker/setup-buildx-action@v3" + - id: "platform" + name: "parse image platform" + run: | + mkdir -p images + + platform="$(echo "${{ matrix.platform}}" | sed "s/\(.*\)\/\(.*\)/\1-\2/")" + echo "platform=${platform}" >> $GITHUB_OUTPUT + echo "platform_short=$(echo ${{ matrix.platform }} | cut -d / -f 2)" >> $GITHUB_OUTPUT + working-directory: "release" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "Build and export" + timeout-minutes: 25 + uses: "docker/build-push-action@v5" + with: + context: "release" + file: "release/cmd/loki-canary/Dockerfile" + outputs: "type=docker,dest=release/images/loki-canary-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + platforms: "${{ matrix.platform }}" + tags: "${{ env.IMAGE_PREFIX }}/loki-canary:${{ needs.version.outputs.version }}-${{ steps.platform.outputs.platform_short }}" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "upload artifacts" + uses: "google-github-actions/upload-cloud-storage@v2" + with: + destination: "loki-build-artifacts/${{ github.sha }}/images" + path: "release/images/loki-canary-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + process_gcloudignore: false + strategy: + fail-fast: true + matrix: + platform: + - "linux/amd64" + - "linux/arm64" + - "linux/arm" + loki-canary-boringcrypto: + needs: + - "version" + runs-on: "ubuntu-latest" + steps: + - name: "pull release library code" + uses: "actions/checkout@v4" + with: + path: "lib" + repository: "grafana/loki-release" + - name: "pull code to release" + uses: "actions/checkout@v4" + with: + path: "release" + repository: "${{ env.RELEASE_REPO }}" + - name: "setup node" + uses: "actions/setup-node@v4" + with: + node-version: 20 + - name: "auth gcs" + uses: "google-github-actions/auth@v2" + with: + credentials_json: "${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}" + - name: "Set up QEMU" + uses: "docker/setup-qemu-action@v3" + - name: "set up docker buildx" + uses: "docker/setup-buildx-action@v3" + - id: "platform" + name: "parse image platform" + run: | + mkdir -p images + + platform="$(echo "${{ matrix.platform}}" | sed "s/\(.*\)\/\(.*\)/\1-\2/")" + echo "platform=${platform}" >> $GITHUB_OUTPUT + echo "platform_short=$(echo ${{ matrix.platform }} | cut -d / -f 2)" >> $GITHUB_OUTPUT + working-directory: "release" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "Build and export" + timeout-minutes: 25 + uses: "docker/build-push-action@v5" + with: + context: "release" + file: "release/cmd/loki-canary-boringcrypto/Dockerfile" + outputs: "type=docker,dest=release/images/loki-canary-boringcrypto-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + platforms: "${{ matrix.platform }}" + tags: "${{ env.IMAGE_PREFIX }}/loki-canary-boringcrypto:${{ needs.version.outputs.version }}-${{ steps.platform.outputs.platform_short }}" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "upload artifacts" + uses: "google-github-actions/upload-cloud-storage@v2" + with: + destination: "loki-build-artifacts/${{ github.sha }}/images" + path: "release/images/loki-canary-boringcrypto-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + process_gcloudignore: false + strategy: + fail-fast: true + matrix: + platform: + - "linux/amd64" + - "linux/arm64" + - "linux/arm" + loki-operator: + needs: + - "version" + runs-on: "ubuntu-latest" + steps: + - name: "pull release library code" + uses: "actions/checkout@v4" + with: + path: "lib" + repository: "grafana/loki-release" + - name: "pull code to release" + uses: "actions/checkout@v4" + with: + path: "release" + repository: "${{ env.RELEASE_REPO }}" + - name: "setup node" + uses: "actions/setup-node@v4" + with: + node-version: 20 + - name: "auth gcs" + uses: "google-github-actions/auth@v2" + with: + credentials_json: "${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}" + - name: "Set up QEMU" + uses: "docker/setup-qemu-action@v3" + - name: "set up docker buildx" + uses: "docker/setup-buildx-action@v3" + - id: "platform" + name: "parse image platform" + run: | + mkdir -p images + + platform="$(echo "${{ matrix.platform}}" | sed "s/\(.*\)\/\(.*\)/\1-\2/")" + echo "platform=${platform}" >> $GITHUB_OUTPUT + echo "platform_short=$(echo ${{ matrix.platform }} | cut -d / -f 2)" >> $GITHUB_OUTPUT + working-directory: "release" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "Build and export" + timeout-minutes: 25 + uses: "docker/build-push-action@v5" + with: + context: "release/operator" + file: "release/operator/Dockerfile" + outputs: "type=docker,dest=release/images/loki-operator-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + platforms: "${{ matrix.platform }}" + tags: "${{ env.IMAGE_PREFIX }}/loki-operator:${{ needs.version.outputs.version }}-${{ steps.platform.outputs.platform_short }}" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "upload artifacts" + uses: "google-github-actions/upload-cloud-storage@v2" + with: + destination: "loki-build-artifacts/${{ github.sha }}/images" + path: "release/images/loki-operator-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + process_gcloudignore: false + strategy: + fail-fast: true + matrix: + platform: + - "linux/amd64" + promtail: + needs: + - "version" + runs-on: "ubuntu-latest" + steps: + - name: "pull release library code" + uses: "actions/checkout@v4" + with: + path: "lib" + repository: "grafana/loki-release" + - name: "pull code to release" + uses: "actions/checkout@v4" + with: + path: "release" + repository: "${{ env.RELEASE_REPO }}" + - name: "setup node" + uses: "actions/setup-node@v4" + with: + node-version: 20 + - name: "auth gcs" + uses: "google-github-actions/auth@v2" + with: + credentials_json: "${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}" + - name: "Set up QEMU" + uses: "docker/setup-qemu-action@v3" + - name: "set up docker buildx" + uses: "docker/setup-buildx-action@v3" + - id: "platform" + name: "parse image platform" + run: | + mkdir -p images + + platform="$(echo "${{ matrix.platform}}" | sed "s/\(.*\)\/\(.*\)/\1-\2/")" + echo "platform=${platform}" >> $GITHUB_OUTPUT + echo "platform_short=$(echo ${{ matrix.platform }} | cut -d / -f 2)" >> $GITHUB_OUTPUT + working-directory: "release" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "Build and export" + timeout-minutes: 25 + uses: "docker/build-push-action@v5" + with: + context: "release" + file: "release/clients/cmd/promtail/Dockerfile" + outputs: "type=docker,dest=release/images/promtail-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + platforms: "${{ matrix.platform }}" + tags: "${{ env.IMAGE_PREFIX }}/promtail:${{ needs.version.outputs.version }}-${{ steps.platform.outputs.platform_short }}" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "upload artifacts" + uses: "google-github-actions/upload-cloud-storage@v2" + with: + destination: "loki-build-artifacts/${{ github.sha }}/images" + path: "release/images/promtail-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + process_gcloudignore: false + strategy: + fail-fast: true + matrix: + platform: + - "linux/amd64" + - "linux/arm64" + - "linux/arm" + querytee: + needs: + - "version" + runs-on: "ubuntu-latest" + steps: + - name: "pull release library code" + uses: "actions/checkout@v4" + with: + path: "lib" + repository: "grafana/loki-release" + - name: "pull code to release" + uses: "actions/checkout@v4" + with: + path: "release" + repository: "${{ env.RELEASE_REPO }}" + - name: "setup node" + uses: "actions/setup-node@v4" + with: + node-version: 20 + - name: "auth gcs" + uses: "google-github-actions/auth@v2" + with: + credentials_json: "${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}" + - name: "Set up QEMU" + uses: "docker/setup-qemu-action@v3" + - name: "set up docker buildx" + uses: "docker/setup-buildx-action@v3" + - id: "platform" + name: "parse image platform" + run: | + mkdir -p images + + platform="$(echo "${{ matrix.platform}}" | sed "s/\(.*\)\/\(.*\)/\1-\2/")" + echo "platform=${platform}" >> $GITHUB_OUTPUT + echo "platform_short=$(echo ${{ matrix.platform }} | cut -d / -f 2)" >> $GITHUB_OUTPUT + working-directory: "release" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "Build and export" + timeout-minutes: 25 + uses: "docker/build-push-action@v5" + with: + context: "release" + file: "release/cmd/querytee/Dockerfile" + outputs: "type=docker,dest=release/images/querytee-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + platforms: "${{ matrix.platform }}" + tags: "${{ env.IMAGE_PREFIX }}/querytee:${{ needs.version.outputs.version }}-${{ steps.platform.outputs.platform_short }}" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "upload artifacts" + uses: "google-github-actions/upload-cloud-storage@v2" + with: + destination: "loki-build-artifacts/${{ github.sha }}/images" + path: "release/images/querytee-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + process_gcloudignore: false + strategy: + fail-fast: true + matrix: + platform: + - "linux/amd64" + version: + needs: + - "check" + outputs: + pr_created: "${{ steps.version.outputs.pr_created }}" + version: "${{ steps.version.outputs.version }}" + runs-on: "ubuntu-latest" + steps: + - name: "pull release library code" + uses: "actions/checkout@v4" + with: + path: "lib" + repository: "grafana/loki-release" + - name: "pull code to release" + uses: "actions/checkout@v4" + with: + path: "release" + repository: "${{ env.RELEASE_REPO }}" + - name: "setup node" + uses: "actions/setup-node@v4" + with: + node-version: 20 + - id: "extract_branch" + name: "extract branch name" + run: | + echo "branch=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" >> $GITHUB_OUTPUT + working-directory: "release" + - id: "version" + name: "get release version" + run: | + npm install + npm exec -- release-please release-pr \ + --consider-all-branches \ + --dry-run \ + --dry-run-output release.json \ + --release-type simple \ + --repo-url="${{ env.RELEASE_REPO }}" \ + --target-branch "${{ steps.extract_branch.outputs.branch }}" \ + --token="${{ secrets.GH_TOKEN }}" \ + --versioning-strategy "${{ env.VERSIONING_STRATEGY }}" + + if [[ `jq length release.json` -gt 1 ]]; then + echo 'release-please would create more than 1 PR, so cannot determine correct version' + echo "pr_created=false" >> $GITHUB_OUTPUT + exit 1 + fi + + if [[ `jq length release.json` -eq 0 ]]; then + echo "pr_created=false" >> $GITHUB_OUTPUT + else + version="$(npm run --silent get-version)" + echo "Parsed version: ${version}" + echo "version=${version}" >> $GITHUB_OUTPUT + echo "pr_created=true" >> $GITHUB_OUTPUT + fi + working-directory: "lib" +name: "create release PR" +"on": + push: + branches: + - "k[0-9]+" +permissions: + contents: "write" + id-token: "write" + pull-requests: "write" diff --git a/.github/workflows/patch-release-pr.yml b/.github/workflows/patch-release-pr.yml index 001b00d93b663..411fff87d4105 100644 --- a/.github/workflows/patch-release-pr.yml +++ b/.github/workflows/patch-release-pr.yml @@ -1,21 +1,773 @@ ---- -name: 'create release PR for patch releases' -on: - push: - branches: - - 'release-[0-9].[0-9].x' - workflow_dispatch: {} -permissions: - contents: 'write' - issues: 'write' - pull-requests: 'write' +concurrency: + group: "create-release-pr-${{ github.sha }}" +env: + DOCKER_USERNAME: "grafana" + IMAGE_PREFIX: "grafana" + RELEASE_REPO: "grafana/loki" + SKIP_VALIDATION: false + VERSIONING_STRATEGY: "always-bump-patch" jobs: - create-release-pr: - uses: github/loki-release/.github/workflows/release-pr.yml@main + check: + uses: "grafana/loki-release/.github/workflows/check.yml@release-1.10.x" with: - release_repo: grafana/loki skip_validation: false - versioning_strategy: always-bump-patch - secrets: - GCS_SERVICE_ACCOUNT_KEY: '${{ secrets.BACKEND_ENTERPRISE_DRONE }}' - GH_TOKEN: '${{ secrets.GITHUB_TOKEN }}' + create-release-pr: + needs: + - "dist" + - "fluent-bit" + - "fluentd" + - "logcli" + - "logstash" + - "loki" + - "loki-canary" + - "loki-canary-boringcrypto" + - "loki-operator" + - "promtail" + - "querytee" + runs-on: "ubuntu-latest" + steps: + - name: "pull code to release" + uses: "actions/checkout@v4" + with: + path: "release" + repository: "${{ env.RELEASE_REPO }}" + - name: "pull release library code" + uses: "actions/checkout@v4" + with: + path: "lib" + repository: "grafana/loki-release" + - name: "setup node" + uses: "actions/setup-node@v4" + with: + node-version: 20 + - id: "extract_branch" + name: "extract branch name" + run: | + echo "branch=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" >> $GITHUB_OUTPUT + working-directory: "release" + - env: + SHA: "${{ github.sha }}" + id: "release" + name: "release please" + run: | + npm install + echo "Pull request footer: Merging this PR will release the [artifacts](https://console.cloud.google.com/storage/browser/loki-build-artifacts/${SHA}) of ${SHA}" + npm exec -- release-please release-pr \ + --consider-all-branches \ + --label "backport main,autorelease: pending,type/docs" \ + --pull-request-footer "Merging this PR will release the [artifacts](https://console.cloud.google.com/storage/browser/loki-build-artifacts/${SHA}) of ${SHA}" \ + --release-type simple \ + --repo-url "${{ env.RELEASE_REPO }}" \ + --target-branch "${{ steps.extract_branch.outputs.branch }}" \ + --token "${{ secrets.GH_TOKEN }}" \ + --versioning-strategy "${{ env.VERSIONING_STRATEGY }}" \ + --separate-pull-requests false \ + --debug + working-directory: "lib" + dist: + needs: + - "version" + runs-on: "ubuntu-latest" + steps: + - name: "pull code to release" + uses: "actions/checkout@v4" + with: + path: "release" + repository: "${{ env.RELEASE_REPO }}" + - name: "auth gcs" + uses: "google-github-actions/auth@v2" + with: + credentials_json: "${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}" + - id: "get-secrets" + name: "get nfpm signing keys" + uses: "grafana/shared-workflows/actions/get-vault-secrets@main" + with: + common_secrets: | + NFPM_SIGNING_KEY=packages-gpg:private-key + NFPM_PASSPHRASE=packages-gpg:passphrase + - env: + BUILD_IN_CONTAINER: false + DRONE_TAG: "${{ needs.version.outputs.version }}" + IMAGE_TAG: "${{ needs.version.outputs.version }}" + NFPM_SIGNING_KEY_FILE: "nfpm-private-key.key" + SKIP_ARM: false + name: "build artifacts" + run: | + cat < $NFPM_SIGNING_KEY_FILE + make dist packages + EOF + working-directory: "release" + - name: "upload build artifacts" + uses: "google-github-actions/upload-cloud-storage@v2" + with: + destination: "loki-build-artifacts/${{ github.sha }}" + path: "release/dist" + process_gcloudignore: false + fluent-bit: + needs: + - "version" + runs-on: "ubuntu-latest" + steps: + - name: "pull release library code" + uses: "actions/checkout@v4" + with: + path: "lib" + repository: "grafana/loki-release" + - name: "pull code to release" + uses: "actions/checkout@v4" + with: + path: "release" + repository: "${{ env.RELEASE_REPO }}" + - name: "setup node" + uses: "actions/setup-node@v4" + with: + node-version: 20 + - name: "auth gcs" + uses: "google-github-actions/auth@v2" + with: + credentials_json: "${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}" + - name: "Set up QEMU" + uses: "docker/setup-qemu-action@v3" + - name: "set up docker buildx" + uses: "docker/setup-buildx-action@v3" + - id: "platform" + name: "parse image platform" + run: | + mkdir -p images + + platform="$(echo "${{ matrix.platform}}" | sed "s/\(.*\)\/\(.*\)/\1-\2/")" + echo "platform=${platform}" >> $GITHUB_OUTPUT + echo "platform_short=$(echo ${{ matrix.platform }} | cut -d / -f 2)" >> $GITHUB_OUTPUT + working-directory: "release" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "Build and export" + timeout-minutes: 25 + uses: "docker/build-push-action@v5" + with: + context: "release" + file: "release/clients/cmd/fluent-bit/Dockerfile" + outputs: "type=docker,dest=release/images/fluent-bit-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + platforms: "${{ matrix.platform }}" + tags: "${{ env.IMAGE_PREFIX }}/fluent-bit:${{ needs.version.outputs.version }}-${{ steps.platform.outputs.platform_short }}" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "upload artifacts" + uses: "google-github-actions/upload-cloud-storage@v2" + with: + destination: "loki-build-artifacts/${{ github.sha }}/images" + path: "release/images/fluent-bit-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + process_gcloudignore: false + strategy: + fail-fast: true + matrix: + platform: + - "linux/amd64" + fluentd: + needs: + - "version" + runs-on: "ubuntu-latest" + steps: + - name: "pull release library code" + uses: "actions/checkout@v4" + with: + path: "lib" + repository: "grafana/loki-release" + - name: "pull code to release" + uses: "actions/checkout@v4" + with: + path: "release" + repository: "${{ env.RELEASE_REPO }}" + - name: "setup node" + uses: "actions/setup-node@v4" + with: + node-version: 20 + - name: "auth gcs" + uses: "google-github-actions/auth@v2" + with: + credentials_json: "${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}" + - name: "Set up QEMU" + uses: "docker/setup-qemu-action@v3" + - name: "set up docker buildx" + uses: "docker/setup-buildx-action@v3" + - id: "platform" + name: "parse image platform" + run: | + mkdir -p images + + platform="$(echo "${{ matrix.platform}}" | sed "s/\(.*\)\/\(.*\)/\1-\2/")" + echo "platform=${platform}" >> $GITHUB_OUTPUT + echo "platform_short=$(echo ${{ matrix.platform }} | cut -d / -f 2)" >> $GITHUB_OUTPUT + working-directory: "release" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "Build and export" + timeout-minutes: 25 + uses: "docker/build-push-action@v5" + with: + context: "release" + file: "release/clients/cmd/fluentd/Dockerfile" + outputs: "type=docker,dest=release/images/fluentd-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + platforms: "${{ matrix.platform }}" + tags: "${{ env.IMAGE_PREFIX }}/fluentd:${{ needs.version.outputs.version }}-${{ steps.platform.outputs.platform_short }}" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "upload artifacts" + uses: "google-github-actions/upload-cloud-storage@v2" + with: + destination: "loki-build-artifacts/${{ github.sha }}/images" + path: "release/images/fluentd-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + process_gcloudignore: false + strategy: + fail-fast: true + matrix: + platform: + - "linux/amd64" + logcli: + needs: + - "version" + runs-on: "ubuntu-latest" + steps: + - name: "pull release library code" + uses: "actions/checkout@v4" + with: + path: "lib" + repository: "grafana/loki-release" + - name: "pull code to release" + uses: "actions/checkout@v4" + with: + path: "release" + repository: "${{ env.RELEASE_REPO }}" + - name: "setup node" + uses: "actions/setup-node@v4" + with: + node-version: 20 + - name: "auth gcs" + uses: "google-github-actions/auth@v2" + with: + credentials_json: "${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}" + - name: "Set up QEMU" + uses: "docker/setup-qemu-action@v3" + - name: "set up docker buildx" + uses: "docker/setup-buildx-action@v3" + - id: "platform" + name: "parse image platform" + run: | + mkdir -p images + + platform="$(echo "${{ matrix.platform}}" | sed "s/\(.*\)\/\(.*\)/\1-\2/")" + echo "platform=${platform}" >> $GITHUB_OUTPUT + echo "platform_short=$(echo ${{ matrix.platform }} | cut -d / -f 2)" >> $GITHUB_OUTPUT + working-directory: "release" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "Build and export" + timeout-minutes: 25 + uses: "docker/build-push-action@v5" + with: + context: "release" + file: "release/cmd/logcli/Dockerfile" + outputs: "type=docker,dest=release/images/logcli-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + platforms: "${{ matrix.platform }}" + tags: "${{ env.IMAGE_PREFIX }}/logcli:${{ needs.version.outputs.version }}-${{ steps.platform.outputs.platform_short }}" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "upload artifacts" + uses: "google-github-actions/upload-cloud-storage@v2" + with: + destination: "loki-build-artifacts/${{ github.sha }}/images" + path: "release/images/logcli-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + process_gcloudignore: false + strategy: + fail-fast: true + matrix: + platform: + - "linux/amd64" + - "linux/arm64" + - "linux/arm" + logstash: + needs: + - "version" + runs-on: "ubuntu-latest" + steps: + - name: "pull release library code" + uses: "actions/checkout@v4" + with: + path: "lib" + repository: "grafana/loki-release" + - name: "pull code to release" + uses: "actions/checkout@v4" + with: + path: "release" + repository: "${{ env.RELEASE_REPO }}" + - name: "setup node" + uses: "actions/setup-node@v4" + with: + node-version: 20 + - name: "auth gcs" + uses: "google-github-actions/auth@v2" + with: + credentials_json: "${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}" + - name: "Set up QEMU" + uses: "docker/setup-qemu-action@v3" + - name: "set up docker buildx" + uses: "docker/setup-buildx-action@v3" + - id: "platform" + name: "parse image platform" + run: | + mkdir -p images + + platform="$(echo "${{ matrix.platform}}" | sed "s/\(.*\)\/\(.*\)/\1-\2/")" + echo "platform=${platform}" >> $GITHUB_OUTPUT + echo "platform_short=$(echo ${{ matrix.platform }} | cut -d / -f 2)" >> $GITHUB_OUTPUT + working-directory: "release" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "Build and export" + timeout-minutes: 25 + uses: "docker/build-push-action@v5" + with: + context: "release" + file: "release/clients/cmd/logstash/Dockerfile" + outputs: "type=docker,dest=release/images/logstash-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + platforms: "${{ matrix.platform }}" + tags: "${{ env.IMAGE_PREFIX }}/logstash:${{ needs.version.outputs.version }}-${{ steps.platform.outputs.platform_short }}" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "upload artifacts" + uses: "google-github-actions/upload-cloud-storage@v2" + with: + destination: "loki-build-artifacts/${{ github.sha }}/images" + path: "release/images/logstash-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + process_gcloudignore: false + strategy: + fail-fast: true + matrix: + platform: + - "linux/amd64" + loki: + needs: + - "version" + runs-on: "ubuntu-latest" + steps: + - name: "pull release library code" + uses: "actions/checkout@v4" + with: + path: "lib" + repository: "grafana/loki-release" + - name: "pull code to release" + uses: "actions/checkout@v4" + with: + path: "release" + repository: "${{ env.RELEASE_REPO }}" + - name: "setup node" + uses: "actions/setup-node@v4" + with: + node-version: 20 + - name: "auth gcs" + uses: "google-github-actions/auth@v2" + with: + credentials_json: "${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}" + - name: "Set up QEMU" + uses: "docker/setup-qemu-action@v3" + - name: "set up docker buildx" + uses: "docker/setup-buildx-action@v3" + - id: "platform" + name: "parse image platform" + run: | + mkdir -p images + + platform="$(echo "${{ matrix.platform}}" | sed "s/\(.*\)\/\(.*\)/\1-\2/")" + echo "platform=${platform}" >> $GITHUB_OUTPUT + echo "platform_short=$(echo ${{ matrix.platform }} | cut -d / -f 2)" >> $GITHUB_OUTPUT + working-directory: "release" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "Build and export" + timeout-minutes: 25 + uses: "docker/build-push-action@v5" + with: + context: "release" + file: "release/cmd/loki/Dockerfile" + outputs: "type=docker,dest=release/images/loki-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + platforms: "${{ matrix.platform }}" + tags: "${{ env.IMAGE_PREFIX }}/loki:${{ needs.version.outputs.version }}-${{ steps.platform.outputs.platform_short }}" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "upload artifacts" + uses: "google-github-actions/upload-cloud-storage@v2" + with: + destination: "loki-build-artifacts/${{ github.sha }}/images" + path: "release/images/loki-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + process_gcloudignore: false + strategy: + fail-fast: true + matrix: + platform: + - "linux/amd64" + - "linux/arm64" + - "linux/arm" + loki-canary: + needs: + - "version" + runs-on: "ubuntu-latest" + steps: + - name: "pull release library code" + uses: "actions/checkout@v4" + with: + path: "lib" + repository: "grafana/loki-release" + - name: "pull code to release" + uses: "actions/checkout@v4" + with: + path: "release" + repository: "${{ env.RELEASE_REPO }}" + - name: "setup node" + uses: "actions/setup-node@v4" + with: + node-version: 20 + - name: "auth gcs" + uses: "google-github-actions/auth@v2" + with: + credentials_json: "${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}" + - name: "Set up QEMU" + uses: "docker/setup-qemu-action@v3" + - name: "set up docker buildx" + uses: "docker/setup-buildx-action@v3" + - id: "platform" + name: "parse image platform" + run: | + mkdir -p images + + platform="$(echo "${{ matrix.platform}}" | sed "s/\(.*\)\/\(.*\)/\1-\2/")" + echo "platform=${platform}" >> $GITHUB_OUTPUT + echo "platform_short=$(echo ${{ matrix.platform }} | cut -d / -f 2)" >> $GITHUB_OUTPUT + working-directory: "release" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "Build and export" + timeout-minutes: 25 + uses: "docker/build-push-action@v5" + with: + context: "release" + file: "release/cmd/loki-canary/Dockerfile" + outputs: "type=docker,dest=release/images/loki-canary-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + platforms: "${{ matrix.platform }}" + tags: "${{ env.IMAGE_PREFIX }}/loki-canary:${{ needs.version.outputs.version }}-${{ steps.platform.outputs.platform_short }}" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "upload artifacts" + uses: "google-github-actions/upload-cloud-storage@v2" + with: + destination: "loki-build-artifacts/${{ github.sha }}/images" + path: "release/images/loki-canary-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + process_gcloudignore: false + strategy: + fail-fast: true + matrix: + platform: + - "linux/amd64" + - "linux/arm64" + - "linux/arm" + loki-canary-boringcrypto: + needs: + - "version" + runs-on: "ubuntu-latest" + steps: + - name: "pull release library code" + uses: "actions/checkout@v4" + with: + path: "lib" + repository: "grafana/loki-release" + - name: "pull code to release" + uses: "actions/checkout@v4" + with: + path: "release" + repository: "${{ env.RELEASE_REPO }}" + - name: "setup node" + uses: "actions/setup-node@v4" + with: + node-version: 20 + - name: "auth gcs" + uses: "google-github-actions/auth@v2" + with: + credentials_json: "${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}" + - name: "Set up QEMU" + uses: "docker/setup-qemu-action@v3" + - name: "set up docker buildx" + uses: "docker/setup-buildx-action@v3" + - id: "platform" + name: "parse image platform" + run: | + mkdir -p images + + platform="$(echo "${{ matrix.platform}}" | sed "s/\(.*\)\/\(.*\)/\1-\2/")" + echo "platform=${platform}" >> $GITHUB_OUTPUT + echo "platform_short=$(echo ${{ matrix.platform }} | cut -d / -f 2)" >> $GITHUB_OUTPUT + working-directory: "release" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "Build and export" + timeout-minutes: 25 + uses: "docker/build-push-action@v5" + with: + context: "release" + file: "release/cmd/loki-canary-boringcrypto/Dockerfile" + outputs: "type=docker,dest=release/images/loki-canary-boringcrypto-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + platforms: "${{ matrix.platform }}" + tags: "${{ env.IMAGE_PREFIX }}/loki-canary-boringcrypto:${{ needs.version.outputs.version }}-${{ steps.platform.outputs.platform_short }}" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "upload artifacts" + uses: "google-github-actions/upload-cloud-storage@v2" + with: + destination: "loki-build-artifacts/${{ github.sha }}/images" + path: "release/images/loki-canary-boringcrypto-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + process_gcloudignore: false + strategy: + fail-fast: true + matrix: + platform: + - "linux/amd64" + - "linux/arm64" + - "linux/arm" + loki-operator: + needs: + - "version" + runs-on: "ubuntu-latest" + steps: + - name: "pull release library code" + uses: "actions/checkout@v4" + with: + path: "lib" + repository: "grafana/loki-release" + - name: "pull code to release" + uses: "actions/checkout@v4" + with: + path: "release" + repository: "${{ env.RELEASE_REPO }}" + - name: "setup node" + uses: "actions/setup-node@v4" + with: + node-version: 20 + - name: "auth gcs" + uses: "google-github-actions/auth@v2" + with: + credentials_json: "${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}" + - name: "Set up QEMU" + uses: "docker/setup-qemu-action@v3" + - name: "set up docker buildx" + uses: "docker/setup-buildx-action@v3" + - id: "platform" + name: "parse image platform" + run: | + mkdir -p images + + platform="$(echo "${{ matrix.platform}}" | sed "s/\(.*\)\/\(.*\)/\1-\2/")" + echo "platform=${platform}" >> $GITHUB_OUTPUT + echo "platform_short=$(echo ${{ matrix.platform }} | cut -d / -f 2)" >> $GITHUB_OUTPUT + working-directory: "release" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "Build and export" + timeout-minutes: 25 + uses: "docker/build-push-action@v5" + with: + context: "release/operator" + file: "release/operator/Dockerfile" + outputs: "type=docker,dest=release/images/loki-operator-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + platforms: "${{ matrix.platform }}" + tags: "${{ env.IMAGE_PREFIX }}/loki-operator:${{ needs.version.outputs.version }}-${{ steps.platform.outputs.platform_short }}" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "upload artifacts" + uses: "google-github-actions/upload-cloud-storage@v2" + with: + destination: "loki-build-artifacts/${{ github.sha }}/images" + path: "release/images/loki-operator-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + process_gcloudignore: false + strategy: + fail-fast: true + matrix: + platform: + - "linux/amd64" + promtail: + needs: + - "version" + runs-on: "ubuntu-latest" + steps: + - name: "pull release library code" + uses: "actions/checkout@v4" + with: + path: "lib" + repository: "grafana/loki-release" + - name: "pull code to release" + uses: "actions/checkout@v4" + with: + path: "release" + repository: "${{ env.RELEASE_REPO }}" + - name: "setup node" + uses: "actions/setup-node@v4" + with: + node-version: 20 + - name: "auth gcs" + uses: "google-github-actions/auth@v2" + with: + credentials_json: "${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}" + - name: "Set up QEMU" + uses: "docker/setup-qemu-action@v3" + - name: "set up docker buildx" + uses: "docker/setup-buildx-action@v3" + - id: "platform" + name: "parse image platform" + run: | + mkdir -p images + + platform="$(echo "${{ matrix.platform}}" | sed "s/\(.*\)\/\(.*\)/\1-\2/")" + echo "platform=${platform}" >> $GITHUB_OUTPUT + echo "platform_short=$(echo ${{ matrix.platform }} | cut -d / -f 2)" >> $GITHUB_OUTPUT + working-directory: "release" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "Build and export" + timeout-minutes: 25 + uses: "docker/build-push-action@v5" + with: + context: "release" + file: "release/clients/cmd/promtail/Dockerfile" + outputs: "type=docker,dest=release/images/promtail-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + platforms: "${{ matrix.platform }}" + tags: "${{ env.IMAGE_PREFIX }}/promtail:${{ needs.version.outputs.version }}-${{ steps.platform.outputs.platform_short }}" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "upload artifacts" + uses: "google-github-actions/upload-cloud-storage@v2" + with: + destination: "loki-build-artifacts/${{ github.sha }}/images" + path: "release/images/promtail-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + process_gcloudignore: false + strategy: + fail-fast: true + matrix: + platform: + - "linux/amd64" + - "linux/arm64" + - "linux/arm" + querytee: + needs: + - "version" + runs-on: "ubuntu-latest" + steps: + - name: "pull release library code" + uses: "actions/checkout@v4" + with: + path: "lib" + repository: "grafana/loki-release" + - name: "pull code to release" + uses: "actions/checkout@v4" + with: + path: "release" + repository: "${{ env.RELEASE_REPO }}" + - name: "setup node" + uses: "actions/setup-node@v4" + with: + node-version: 20 + - name: "auth gcs" + uses: "google-github-actions/auth@v2" + with: + credentials_json: "${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}" + - name: "Set up QEMU" + uses: "docker/setup-qemu-action@v3" + - name: "set up docker buildx" + uses: "docker/setup-buildx-action@v3" + - id: "platform" + name: "parse image platform" + run: | + mkdir -p images + + platform="$(echo "${{ matrix.platform}}" | sed "s/\(.*\)\/\(.*\)/\1-\2/")" + echo "platform=${platform}" >> $GITHUB_OUTPUT + echo "platform_short=$(echo ${{ matrix.platform }} | cut -d / -f 2)" >> $GITHUB_OUTPUT + working-directory: "release" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "Build and export" + timeout-minutes: 25 + uses: "docker/build-push-action@v5" + with: + context: "release" + file: "release/cmd/querytee/Dockerfile" + outputs: "type=docker,dest=release/images/querytee-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + platforms: "${{ matrix.platform }}" + tags: "${{ env.IMAGE_PREFIX }}/querytee:${{ needs.version.outputs.version }}-${{ steps.platform.outputs.platform_short }}" + - if: "${{ fromJSON(needs.version.outputs.pr_created) }}" + name: "upload artifacts" + uses: "google-github-actions/upload-cloud-storage@v2" + with: + destination: "loki-build-artifacts/${{ github.sha }}/images" + path: "release/images/querytee-${{ needs.version.outputs.version}}-${{ steps.platform.outputs.platform }}.tar" + process_gcloudignore: false + strategy: + fail-fast: true + matrix: + platform: + - "linux/amd64" + version: + needs: + - "check" + outputs: + pr_created: "${{ steps.version.outputs.pr_created }}" + version: "${{ steps.version.outputs.version }}" + runs-on: "ubuntu-latest" + steps: + - name: "pull release library code" + uses: "actions/checkout@v4" + with: + path: "lib" + repository: "grafana/loki-release" + - name: "pull code to release" + uses: "actions/checkout@v4" + with: + path: "release" + repository: "${{ env.RELEASE_REPO }}" + - name: "setup node" + uses: "actions/setup-node@v4" + with: + node-version: 20 + - id: "extract_branch" + name: "extract branch name" + run: | + echo "branch=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" >> $GITHUB_OUTPUT + working-directory: "release" + - id: "version" + name: "get release version" + run: | + npm install + npm exec -- release-please release-pr \ + --consider-all-branches \ + --dry-run \ + --dry-run-output release.json \ + --release-type simple \ + --repo-url="${{ env.RELEASE_REPO }}" \ + --target-branch "${{ steps.extract_branch.outputs.branch }}" \ + --token="${{ secrets.GH_TOKEN }}" \ + --versioning-strategy "${{ env.VERSIONING_STRATEGY }}" + + if [[ `jq length release.json` -gt 1 ]]; then + echo 'release-please would create more than 1 PR, so cannot determine correct version' + echo "pr_created=false" >> $GITHUB_OUTPUT + exit 1 + fi + + if [[ `jq length release.json` -eq 0 ]]; then + echo "pr_created=false" >> $GITHUB_OUTPUT + else + version="$(npm run --silent get-version)" + echo "Parsed version: ${version}" + echo "version=${version}" >> $GITHUB_OUTPUT + echo "pr_created=true" >> $GITHUB_OUTPUT + fi + working-directory: "lib" +name: "create release PR" +"on": + push: + branches: + - "release-[0-9]+.[0-9]+.x" +permissions: + contents: "write" + id-token: "write" + pull-requests: "write" diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index cacdacf773a82..64970d1bd7192 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,19 +1,131 @@ ---- -name: 'create release' -on: +concurrency: + group: "create-release-${{ github.sha }}" +env: + IMAGE_PREFIX: "grafana" + RELEASE_REPO: "grafana/loki" +jobs: + createRelease: + if: "${{ fromJSON(needs.shouldRelease.outputs.shouldRelease) }}" + needs: + - "shouldRelease" + outputs: + sha: "${{ needs.shouldRelease.outputs.sha }}" + runs-on: "ubuntu-latest" + steps: + - name: "pull code to release" + uses: "actions/checkout@v4" + with: + path: "release" + repository: "${{ env.RELEASE_REPO }}" + - name: "pull release library code" + uses: "actions/checkout@v4" + with: + path: "lib" + repository: "grafana/loki-release" + - name: "setup node" + uses: "actions/setup-node@v4" + with: + node-version: 20 + - name: "auth gcs" + uses: "google-github-actions/auth@v2" + with: + credentials_json: "${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}" + - name: "Set up Cloud SDK" + uses: "google-github-actions/setup-gcloud@v2" + with: + version: ">= 452.0.0" + - name: "download binaries" + run: | + echo "downloading binaries to $(pwd)/dist" + gsutil cp -r gs://loki-build-artifacts/${{ needs.shouldRelease.outputs.sha }}/dist . + working-directory: "release" + - id: "release" + name: "create release" + run: | + npm install + npm exec -- release-please github-release \ + --draft \ + --release-type simple \ + --repo-url="${{ env.RELEASE_REPO }}" \ + --target-branch "${{ needs.shouldRelease.outputs.branch }}" \ + --token="${{ secrets.GH_TOKEN }}" + working-directory: "lib" + - env: + GH_TOKEN: "${{ secrets.GH_TOKEN }}" + id: "upload" + name: "upload artifacts" + run: | + gh release upload ${{ needs.shouldRelease.outputs.name }} dist/* + gh release edit ${{ needs.shouldRelease.outputs.name }} --draft=false + working-directory: "release" + publishImages: + needs: + - "createRelease" + runs-on: "ubuntu-latest" + steps: + - name: "pull release library code" + uses: "actions/checkout@v4" + with: + path: "lib" + repository: "grafana/loki-release" + - name: "auth gcs" + uses: "google-github-actions/auth@v2" + with: + credentials_json: "${{ secrets.GCS_SERVICE_ACCOUNT_KEY }}" + - name: "Set up Cloud SDK" + uses: "google-github-actions/setup-gcloud@v2" + with: + version: ">= 452.0.0" + - name: "Set up QEMU" + uses: "docker/setup-qemu-action@v3" + - name: "set up docker buildx" + uses: "docker/setup-buildx-action@v3" + - name: "Login to DockerHub (from vault)" + uses: "grafana/shared-workflows/actions/dockerhub-login@main" + - name: "download images" + run: | + echo "downloading images to $(pwd)/images" + gsutil cp -r gs://loki-build-artifacts/${{ needs.createRelease.outputs.sha }}/images . + - name: "publish docker images" + uses: "./lib/actions/push-images" + with: + imageDir: "images" + imagePrefix: "${{ env.IMAGE_PREFIX }}" + shouldRelease: + outputs: + branch: "${{ steps.extract_branch.outputs.branch }}" + name: "${{ steps.should_release.outputs.name }}" + sha: "${{ steps.should_release.outputs.sha }}" + shouldRelease: "${{ steps.should_release.outputs.shouldRelease }}" + runs-on: "ubuntu-latest" + steps: + - name: "pull code to release" + uses: "actions/checkout@v4" + with: + path: "release" + repository: "${{ env.RELEASE_REPO }}" + - name: "pull release library code" + uses: "actions/checkout@v4" + with: + path: "lib" + repository: "grafana/loki-release" + - id: "extract_branch" + name: "extract branch name" + run: | + echo "branch=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" >> $GITHUB_OUTPUT + working-directory: "release" + - id: "should_release" + name: "should a release be created?" + uses: "./lib/actions/should-release" + with: + baseBranch: "${{ steps.extract_branch.outputs.branch }}" +name: "create release" +"on": push: branches: - - 'release-[0-9].[0-9].x' - - 'k[0-9]*' - workflow_dispatch: {} + - "release-[0-9]+.[0-9]+.x" + - "k[0-9]+" permissions: - contents: write - pull-requests: write -jobs: - release: - uses: github/loki-release/.github/workflows/release.yml@main - with: - release_repo: grafana/loki - secrets: - GCS_SERVICE_ACCOUNT_KEY: '${{ secrets.BACKEND_ENTERPRISE_DRONE }}' - GH_TOKEN: '${{ secrets.GH_TOKEN }}' + contents: "write" + id-token: "write" + pull-requests: "write" diff --git a/.release-please-manifest.json b/.release-please-manifest.json index 0e134950eab83..928eee2e123e3 100644 --- a/.release-please-manifest.json +++ b/.release-please-manifest.json @@ -1,6 +1,3 @@ { - "cmd/loki": "2.9.4", - "cmd/loki-canary": "2.9.4", - "cmd/logcli": "2.9.4", - "clients/cmd/promtail": "2.9.4" + ".": "2.9.4" } diff --git a/Makefile b/Makefile index 2acf8b4285047..aaa64d755e030 100644 --- a/Makefile +++ b/Makefile @@ -863,3 +863,7 @@ snyk: loki-image build-image .PHONY: scan-vulnerabilities scan-vulnerabilities: trivy snyk + +.PHONY: release-workflows +release-workflows: + jsonnet -SJ .github/vendor -m .github/workflows .github/release-workflows.jsonnet