diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..93912e9 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,20 @@ +# SPDX-License-Identifier: Apache-2.0 +# Copyright 2024 Intel Corporation + +version: 2 +updates: + + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" + + - package-ecosystem: "docker" + directory: "build/" + schedule: + interval: "weekly" + + - package-ecosystem: "gomod" + directory: "/" + schedule: + interval: "weekly" diff --git a/.github/workflows/build-test.yml b/.github/workflows/build-test.yml new file mode 100644 index 0000000..bb2fec5 --- /dev/null +++ b/.github/workflows/build-test.yml @@ -0,0 +1,31 @@ +# SPDX-License-Identifier: Apache-2.0 +# Copyright 2024 Intel Corporation + +name: Build and test workflow +on: + pull_request: + branches: + - master + push: + branches: + - master + +jobs: + build: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-go@v5 + with: + go-version-file: 'go.mod' + - name: build + run: make build + test: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-go@v5 + with: + go-version-file: 'go.mod' + - name: Unit tests + run: make test diff --git a/.github/workflows/code-scan.yml b/.github/workflows/code-scan.yml new file mode 100644 index 0000000..4ae9ae7 --- /dev/null +++ b/.github/workflows/code-scan.yml @@ -0,0 +1,43 @@ +# SPDX-License-Identifier: Apache-2.0 +# Copyright 2024 Intel Corporation + +name: Code scan workflow + +on: + pull_request: + branches: + - master + push: + branches: + - master + +jobs: + version-check: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: check version + run: make check-version + lint: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-go@v5 + with: + go-version-file: 'go.mod' + - name: golang-lint + run: make lint + license: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: check license + run: make license + fossa-check: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: FOSSA scan + uses: fossa-contrib/fossa-action@v3 + with: + fossa-api-key: 6d304c09a3ec097ba4517724e4a4d17d diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..d3bf822 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,133 @@ +# SPDX-License-Identifier: Apache-2.0 +# Copyright 2024 Intel Corporation +# Copyright 2024 Kyunghee University +name: Publish image and tag/release code + +on: + push: + branches: + - master + +jobs: + version-check: + if: (github.repository_owner == 'onosproject') + runs-on: ubuntu-latest + outputs: + valid_version: ${{ steps.version-check-step.outputs.valid_version }} + dev_version: ${{ steps.dev-version-check-step.outputs.dev_version }} + target_version: ${{ steps.get-target-version-step.outputs.target_version }} + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: check version + id: version-check-step + run: | + make check-version; if [[ $? == 0 ]]; then echo "valid_version=true" >> $GITHUB_OUTPUT; else echo "valid_version=false" >> $GITHUB_OUTPUT; fi + cat $GITHUB_OUTPUT + + - name: check dev version + id: dev-version-check-step + run: | + f_dev=$(./build/bin/version_check.sh is_dev) + if [[ $f_dev == "true" ]]; then echo "dev_version=true" >> $GITHUB_OUTPUT; else echo "dev_version=false" >> $GITHUB_OUTPUT; fi + cat $GITHUB_OUTPUT + + - name: get target version + id: get-target-version-step + run: | + echo "target_version=$(cat VERSION)" >> $GITHUB_OUTPUT + cat $GITHUB_OUTPUT + + tag_versions: + runs-on: ubuntu-latest + needs: version-check + if: (github.repository_owner == 'onosproject') && (needs.version-check.outputs.valid_version == 'true') && (needs.version-check.outputs.dev_version == 'false') + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: create release using REST API + run: | + curl -L \ + -X POST \ + -H "Accept: application/vnd.github+json" \ + -H "Authorization: Bearer ${{ secrets.GH_ONOS_PAT }}" \ + -H "X-GitHub-Api-Version: 2022-11-28" \ + https://api.github.com/repos/${{ github.repository }}/releases \ + -d '{ + "tag_name": "v${{ needs.version-check.outputs.target_version }}", + "target_commitish": "${{ github.event.repository.default_branch }}", + "name": "v${{ needs.version-check.outputs.target_version }}", + "draft": false, + "prerelease": false, + "generate_release_notes": true + }' + + publish-images: + runs-on: ubuntu-latest + needs: version-check + if: (github.repository_owner == 'onosproject') && (needs.version-check.outputs.valid_version == 'true') + env: + REGISTRY: docker.io + DOCKER_REPOSITORY: onosproject/ + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - uses: actions/setup-go@v5 + with: + go-version-file: 'go.mod' + - uses: docker/login-action@v3.1.0 + with: + registry: ${{ env.REGISTRY }} + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} + DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} + - name: Build and push Docker image with tag latest + env: + DOCKER_TAG: latest + run: | + ONOS_OPERATOR_VERSION=${{ env.DOCKER_TAG }} make docker-build + ONOS_OPERATOR_VERSION=${{ env.DOCKER_TAG }} make docker-push + - name: Build and push Docker image with tag + if: needs.version-check.outputs.dev_version == 'false' + env: + DOCKER_TAG: v${{ needs.version-check.outputs.target_version }} + run: | + ONOS_OPERATOR_VERSION=${{ env.DOCKER_TAG }} make docker-build + ONOS_OPERATOR_VERSION=${{ env.DOCKER_TAG }} make docker-push + + bump-up-version: + runs-on: ubuntu-latest + needs: version-check + if: (github.repository_owner == 'onosproject') && (needs.version-check.outputs.valid_version == 'true') && (needs.version-check.outputs.dev_version == 'false') + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: increment version + run: | + IFS='.' read -r major minor patch <<< ${{ needs.version-check.outputs.target_version }} + patch_update=$((patch+1)) + NEW_VERSION="$major.$minor.$patch_update-dev" + echo $NEW_VERSION > VERSION + echo "Updated version: $NEW_VERSION" + + - name: Create Pull Request + uses: peter-evans/create-pull-request@v6 + with: + token: ${{ secrets.GH_ONOS_PAT }} + commit-message: Update version + committer: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> + author: ${{ github.actor }} <${{ github.actor_id }}+${{ github.actor }}@users.noreply.github.com> + signoff: true + branch: version-update + delete-branch: true + title: Update version + body: | + Update VERSION file + add-paths: | + VERSION \ No newline at end of file diff --git a/.gitignore b/.gitignore index f088205..c8fa4ae 100644 --- a/.gitignore +++ b/.gitignore @@ -30,3 +30,4 @@ _output *-output.out build/build-tools +venv \ No newline at end of file diff --git a/Makefile b/Makefile index 2ba226a..23e1f6a 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,6 @@ -# SPDX-FileCopyrightText: 2022 2020-present Open Networking Foundation -# # SPDX-License-Identifier: Apache-2.0 +# Copyright 2019 Open Networking Foundation +# Copyright 2024 Intel Corporation export CGO_ENABLED=1 export GO111MODULE=on @@ -10,55 +10,67 @@ export GO111MODULE=on ONOS_OPERATOR_VERSION ?= latest KIND_CLUSTER_NAME ?= kind -build: # @HELP build the Go binaries and run all validations (default) -build: - go build -o build/_output/admission-init ./cmd/admission-init - go build -o build/_output/topo-operator ./cmd/topo-operator - go build -o build/_output/app-operator ./cmd/app-operator +GOLANG_CI_VERSION := v1.52.2 -build-tools:=$(shell if [ ! -d "./build/build-tools" ]; then cd build && git clone https://github.com/onosproject/build-tools.git; fi) -include ./build/build-tools/make/onf-common.mk +all: build docker-build -version_check: # @HELP verify that release versions are correct - ./build/bin/check-versions +build: # @HELP build the Go binaries and run all validations (default) + GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -o build/_output/admission-init ./cmd/admission-init + GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -o build/_output/topo-operator ./cmd/topo-operator + GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -o build/_output/app-operator ./cmd/app-operator test: # @HELP run the unit tests and source code validation -test: build deps license linters version_check +test: build lint license go test github.com/onosproject/onos-operator/pkg/... go test github.com/onosproject/onos-operator/cmd/... -jenkins-test: # @HELP run the unit tests and source code validation producing a junit style report for Jenkins -jenkins-test: deps license linters version_check - TEST_PACKAGES=github.com/onosproject/onos-operator/pkg/... ./build/build-tools/build/jenkins/make-unit - -images: # @HELP build Docker images - GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -o build/admission-init/_output/bin/admission-init ./cmd/admission-init +docker-build-admission-init: # @HELP build admission-init Docker image docker build . -f build/admission-init/Dockerfile -t onosproject/config-operator-init:${ONOS_OPERATOR_VERSION} - GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -o build/topo-operator/_output/bin/topo-operator ./cmd/topo-operator - docker build . -f build/topo-operator/Dockerfile -t onosproject/topo-operator:${ONOS_OPERATOR_VERSION} - GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -o build/app-operator/_output/bin/app-operator ./cmd/app-operator - docker build . -f build/app-operator/Dockerfile -t onosproject/app-operator:${ONOS_OPERATOR_VERSION} - -kind: # @HELP build Docker images and add them to the currently configured kind cluster -kind: images - @if [ "`kind get clusters | grep ${KIND_CLUSTER_NAME}`" = '' ]; then echo "no kind cluster found" && exit 1; fi - kind load docker-image --name ${KIND_CLUSTER_NAME} onosproject/config-operator-init:${ONOS_OPERATOR_VERSION} - kind load docker-image --name ${KIND_CLUSTER_NAME} onosproject/topo-operator:${ONOS_OPERATOR_VERSION} - kind load docker-image --name ${KIND_CLUSTER_NAME} onosproject/app-operator:${ONOS_OPERATOR_VERSION} -all: build images +docker-build-topo-operator: # @HELP build topo-operator Docker image + docker build . -f build/topo-operator/Dockerfile -t onosproject/topo-operator:${ONOS_OPERATOR_VERSION} -publish: # @HELP publish version on github and dockerhub - ./build/build-tools/publish-version ${VERSION} onosproject/config-operator-init onosproject/topo-operator onosproject/app-operator +docker-build-app-operator: # @HELP build app-operator Docker image + docker build . -f build/app-operator/Dockerfile -t onosproject/app-operator:${ONOS_OPERATOR_VERSION} -jenkins-publish: # @HELP Jenkins calls this to publish artifacts - ./build/bin/push-images - ./build/build-tools/release-merge-commit +docker-build: # @HELP build all Docker images +docker-build: build docker-build-admission-init docker-build-topo-operator docker-build-app-operator -push: # @HELP push latest versions of the images to docker hub +docker-push-admission-init: # @HELP push admission-init Docker image docker push onosproject/config-operator-init:${ONOS_OPERATOR_VERSION} + +docker-push-topo-operator: # @HELP push topo-operator Docker image docker push onosproject/topo-operator:${ONOS_OPERATOR_VERSION} + +docker-push-app-operator: # @HELP push app-operator Docker image docker push onosproject/app-operator:${ONOS_OPERATOR_VERSION} -clean:: # @HELP remove all the build artifacts + +docker-push: # @HELP push docker images +docker-push: docker-push-admission-init docker-push-topo-operator docker-push-app-operator + +lint: # @HELP examines Go source code and reports coding problems + golangci-lint --version | grep $(GOLANG_CI_VERSION) || curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b `go env GOPATH`/bin $(GOLANG_CI_VERSION) + golangci-lint run --timeout 15m + +license: # @HELP run license checks + rm -rf venv + python3 -m venv venv + . ./venv/bin/activate;\ + python3 -m pip install --upgrade pip;\ + python3 -m pip install reuse;\ + reuse lint + +check-version: # @HELP check version is duplicated + ./build/bin/version_check.sh all + +clean: # @HELP remove all the build artifacts rm -rf ./build/_output ./vendor ./cmd/dummy/dummy build/admission-init/_output build/topo-operator/_output build/app-operator/_output + +help: + @grep -E '^.*: *# *@HELP' $(MAKEFILE_LIST) \ + | sort \ + | awk ' \ + BEGIN {FS = ": *# *@HELP"}; \ + {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}; \ + ' diff --git a/build/admission-init/Dockerfile b/build/admission-init/Dockerfile index 204cd7e..1f1e763 100644 --- a/build/admission-init/Dockerfile +++ b/build/admission-init/Dockerfile @@ -8,6 +8,6 @@ RUN apk upgrade --update --no-cache USER nobody -ADD build/admission-init/_output/bin/admission-init /usr/local/bin/admission-init +ADD build/_output/admission-init /usr/local/bin/admission-init ENTRYPOINT ["admission-init"] diff --git a/build/app-operator/Dockerfile b/build/app-operator/Dockerfile index 1298a1d..554538a 100644 --- a/build/app-operator/Dockerfile +++ b/build/app-operator/Dockerfile @@ -8,6 +8,6 @@ RUN apk upgrade --update --no-cache USER nobody -ADD build/app-operator/_output/bin/app-operator /usr/local/bin/app-operator +ADD build/_output/app-operator /usr/local/bin/app-operator ENTRYPOINT ["app-operator"] diff --git a/build/bin/check-versions b/build/bin/check-versions deleted file mode 100755 index eeee5a7..0000000 --- a/build/bin/check-versions +++ /dev/null @@ -1,31 +0,0 @@ -#!/usr/bin/env bash - -# Copyright 2018-present Open Networking Foundation -# SPDX-FileCopyrightText: 2022 2020-present Open Networking Foundation -# -# SPDX-License-Identifier: Apache-2.0 - -set -e -u -o pipefail - -# Read in the published version -export VERSION=$(< ./VERSION) - -# if this is a development version, no check is necessary -if [[ "$VERSION" =~ .*-dev ]] -then - exit 0 -fi - -# make sure that the release version matches the tags in the deployment -echo "SEMVER version $VERSION - checking image tags" -found=0 -found=$(grep image: ./deploy/onos-operator.yaml | grep "$VERSION"\$ | wc -l) || true -if (( found == 3 )) -then - exit 0 -else - echo "*** Release version $VERSION is incompatible with image tags:" - grep image: ./deploy/onos-operator.yaml --line-buffered | grep -v "$VERSION"\$ - exit 1 -fi - diff --git a/build/bin/push-images b/build/bin/push-images deleted file mode 100755 index f42400e..0000000 --- a/build/bin/push-images +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash - -# SPDX-FileCopyrightText: 2022 2020-present Open Networking Foundation -# -# SPDX-License-Identifier: Apache-2.0 - -echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USER" --password-stdin -make images -make push diff --git a/build/bin/version_check.sh b/build/bin/version_check.sh new file mode 100755 index 0000000..feabddb --- /dev/null +++ b/build/bin/version_check.sh @@ -0,0 +1,93 @@ +#!/bin/bash +# SPDX-License-Identifier: Apache-2.0 +# Copyright 2024 Intel Corporation + +set +x + +# input should be all, is_valid_format, is_dev, and is_unique +INPUT=$1 + +function is_valid_format() { + # check if version format is matched to SemVer + VER_REGEX='^(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)$' + if [[ ! $(cat VERSION | tr -d '\n' | sed s/-dev//) =~ $VER_REGEX ]] + then + return 1 + fi + return 0 +} + +function is_dev_version() { + # check if version has '-dev' + # if there is, no need to check version + if [[ $(cat VERSION | tr -d '\n' | tail -c 4) =~ "-dev" ]] + then + return 0 + fi + return 1 +} + +function is_unique_version() { + # check if the version is already tagged in GitHub repository + for t in $(git tag | cat) + do + if [[ $t == $(echo v$(cat VERSION | tr -d '\n')) ]] + then + return 1 + fi + done + return 0 +} + +case $INPUT in + all) + is_valid_format + f_valid=$? + if [[ $f_valid == 1 ]] + then + echo "ERROR: Version $(cat VERSION) is not in SemVer format" + exit 2 + fi + + is_dev_version + f_dev=$? + if [[ $f_dev == 0 ]] + then + echo "This is dev version" + exit 0 + fi + + is_unique_version + f_unique=$? + if [[ $f_unique == 1 ]] + then + echo "ERROR: duplicated tag $(cat VERSION)" + exit 2 + fi + ;; + + is_valid_format) + is_valid_format + ;; + + is_dev) + is_dev_version + f_dev=$? + if [[ $f_dev == 0 ]] + then + echo "true" + exit 0 + fi + echo "false" + ;; + + is_unique) + is_unique_version + ;; + + *) + echo -n "unknown input" + exit 2 + ;; + +esac diff --git a/build/topo-operator/Dockerfile b/build/topo-operator/Dockerfile index c967a46..ed5d760 100644 --- a/build/topo-operator/Dockerfile +++ b/build/topo-operator/Dockerfile @@ -8,6 +8,6 @@ RUN apk upgrade --update --no-cache USER nobody -ADD build/topo-operator/_output/bin/topo-operator /usr/local/bin/topo-operator +ADD build/_output/topo-operator /usr/local/bin/topo-operator ENTRYPOINT ["topo-operator"] diff --git a/pkg/controller/app/sidecar/injector.go b/pkg/controller/app/sidecar/injector.go index 3f456bb..4bd9107 100644 --- a/pkg/controller/app/sidecar/injector.go +++ b/pkg/controller/app/sidecar/injector.go @@ -80,7 +80,7 @@ func (i *ProxyInjector) InjectDecoder(decoder *admission.Decoder) error { } // Handle : -func (i *ProxyInjector) Handle(ctx context.Context, request admission.Request) admission.Response { +func (i *ProxyInjector) Handle(_ context.Context, request admission.Request) admission.Response { podNamespacedName := types.NamespacedName{ Namespace: request.Namespace, Name: request.Name, diff --git a/pkg/controller/topo/manager.go b/pkg/controller/topo/manager.go index 53d5086..a129db6 100644 --- a/pkg/controller/topo/manager.go +++ b/pkg/controller/topo/manager.go @@ -37,11 +37,8 @@ func AddControllers(ctx context.Context, mgr manager.Manager) error { return err } - if err := mgr.GetFieldIndexer().IndexField(ctx, &v1beta1.Relation{}, "spec.kind.name", func(rawObj client.Object) []string { + return mgr.GetFieldIndexer().IndexField(ctx, &v1beta1.Relation{}, "spec.kind.name", func(rawObj client.Object) []string { relation := rawObj.(*v1beta1.Relation) return []string{relation.Spec.Kind.Name} - }); err != nil { - return err - } - return nil + }) }