diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index f3af49d37d..6e2ce23c48 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -47,7 +47,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 id: filter @@ -74,17 +74,17 @@ jobs: runs-on: ubuntu-latest needs: changes if: | - (needs.changes.outputs.go == 'true') || ${{ github.event.workflow_dispatch.run_e2e == 'true' }} + (needs.changes.outputs.go == 'true') steps: - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - name: Get go version run: echo "GOLANG_VERSION=$(cat GOLANG_VERSION)" >> $GITHUB_ENV - name: Set up Go id: go - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 + uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 with: go-version: ${{ env.GOLANG_VERSION }} check-latest: true @@ -99,13 +99,13 @@ jobs: outputs: golangversion: ${{ steps.golangversion.outputs.version }} if: | - (needs.changes.outputs.go == 'true') || (needs.changes.outputs.charts == 'true') || (needs.changes.outputs.baseimage == 'true') || ${{ github.event.workflow_dispatch.run_e2e == 'true' }} + (needs.changes.outputs.go == 'true') || (needs.changes.outputs.charts == 'true') || (needs.changes.outputs.baseimage == 'true') env: PLATFORMS: linux/amd64 steps: - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - name: Get go version id: golangversion @@ -114,17 +114,17 @@ jobs: - name: Set up Go id: go - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 + uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 with: go-version: ${{ steps.golangversion.outputs.version }} check-latest: true - name: Set up QEMU - uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0 + uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 - name: Set up Docker Buildx id: buildx - uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1 + uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 with: version: latest @@ -163,7 +163,7 @@ jobs: | gzip > docker.tar.gz - name: cache - uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 + uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 with: name: docker.tar.gz path: docker.tar.gz @@ -175,18 +175,18 @@ jobs: needs: - changes if: | - (needs.changes.outputs.charts == 'true') || (needs.changes.outputs.baseimage == 'true') || ${{ github.event.workflow_dispatch.run_e2e == 'true' }} + (needs.changes.outputs.charts == 'true') || (needs.changes.outputs.baseimage == 'true') steps: - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 with: fetch-depth: 0 - name: Set up Helm - uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0 + uses: azure/setup-helm@b7246b12e77f7134dc2d460a3d5bad15bbe29390 # v4.1.0 - - uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1 + - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 with: python-version: '3.x' @@ -231,24 +231,24 @@ jobs: - build - helm-lint if: | - (needs.changes.outputs.charts == 'true') || (needs.changes.outputs.baseimage == 'true') || ${{ github.event.workflow_dispatch.run_e2e == 'true' }} + (needs.changes.outputs.charts == 'true') || (needs.changes.outputs.baseimage == 'true') strategy: matrix: - k8s: [v1.26.15, v1.27.13, v1.28.9, v1.29.4, v1.30.0] + k8s: [v1.26.14, v1.27.11, v1.28.7, v1.29.2] steps: - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - name: Setup Go - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 + uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 with: go-version: ${{ needs.build.outputs.golangversion }} check-latest: true - name: cache - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 + uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4 with: name: docker.tar.gz @@ -283,10 +283,10 @@ jobs: - changes - build if: | - (needs.changes.outputs.go == 'true') || (needs.changes.outputs.baseimage == 'true') || ${{ github.event.workflow_dispatch.run_e2e == 'true' }} + (needs.changes.outputs.go == 'true') || (needs.changes.outputs.baseimage == 'true') strategy: matrix: - k8s: [v1.26.15, v1.27.13, v1.28.9, v1.29.4, v1.30.0] + k8s: [v1.26.14, v1.27.11, v1.28.7, v1.29.2] uses: ./.github/workflows/zz-tmpl-k8s-e2e.yaml with: k8s-version: ${{ matrix.k8s }} @@ -297,10 +297,10 @@ jobs: - changes - build if: | - (needs.changes.outputs.go == 'true') || (needs.changes.outputs.baseimage == 'true') || ${{ github.event.workflow_dispatch.run_e2e == 'true' }} + (needs.changes.outputs.go == 'true') || (needs.changes.outputs.baseimage == 'true') strategy: matrix: - k8s: [v1.26.15, v1.27.13, v1.28.9, v1.29.4, v1.30.0] + k8s: [v1.26.14, v1.27.11, v1.28.7, v1.29.2] uses: ./.github/workflows/zz-tmpl-k8s-e2e.yaml with: k8s-version: ${{ matrix.k8s }} @@ -312,11 +312,44 @@ jobs: - changes - build if: | - (needs.changes.outputs.go == 'true') || (needs.changes.outputs.baseimage == 'true') || ${{ github.event.workflow_dispatch.run_e2e == 'true' }} + (needs.changes.outputs.go == 'true') || (needs.changes.outputs.baseimage == 'true') strategy: matrix: - k8s: [v1.26.15, v1.27.13, v1.28.9, v1.29.4, v1.30.0] + k8s: [v1.26.14, v1.27.11, v1.28.7, v1.29.2] uses: ./.github/workflows/zz-tmpl-k8s-e2e.yaml with: k8s-version: ${{ matrix.k8s }} variation: "CHROOT" + + rancher-validate: + runs-on: ubuntu-latest + env: + PLATFORMS: linux/amd64 + container: + image: rancher/dapper:v0.5.3 + env: + GIT_IN_DAPPER: true + steps: + - name: Checkout + uses: actions/checkout@v2 + + - name: validate + run: | + dapper validate + + rancher-build: + needs: rancher-validate + runs-on: ubuntu-latest + env: + PLATFORMS: linux/amd64 + container: + image: rancher/dapper:v0.5.3 + env: + GIT_IN_DAPPER: true + steps: + - name: Checkout + uses: actions/checkout@v2 + + - name: build + run: | + dapper build diff --git a/.github/workflows/depreview.yaml b/.github/workflows/depreview.yaml deleted file mode 100644 index 913b995bd1..0000000000 --- a/.github/workflows/depreview.yaml +++ /dev/null @@ -1,14 +0,0 @@ -name: 'Dependency Review' -on: [pull_request] - -permissions: - contents: read - -jobs: - dependency-review: - runs-on: ubuntu-latest - steps: - - name: 'Checkout Repository' - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - name: 'Dependency Review' - uses: actions/dependency-review-action@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c # v4.3.4 diff --git a/.github/workflows/docs.yaml b/.github/workflows/docs.yaml deleted file mode 100644 index c1434c7b72..0000000000 --- a/.github/workflows/docs.yaml +++ /dev/null @@ -1,55 +0,0 @@ -name: Documentation - -on: - push: - branches: - - main - -permissions: - contents: read - -jobs: - - changes: - permissions: - contents: read # for dorny/paths-filter to fetch a list of changed files - pull-requests: read # for dorny/paths-filter to read pull requests - runs-on: ubuntu-latest - if: | - (github.repository == 'kubernetes/ingress-nginx') - outputs: - docs: ${{ steps.filter.outputs.docs }} - charts: ${{ steps.filter.outputs.charts }} - - steps: - - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 - id: filter - with: - token: ${{ secrets.GITHUB_TOKEN }} - filters: | - docs: - - 'docs/**/*' - - docs: - name: Update - runs-on: ubuntu-latest - needs: - - changes - if: | - (github.repository == 'kubernetes/ingress-nginx') && - (needs.changes.outputs.docs == 'true') - - permissions: - contents: write # needed to write releases - - steps: - - name: Checkout master - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - - name: Deploy - uses: ./.github/actions/mkdocs - env: - PERSONAL_TOKEN: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml deleted file mode 100644 index dca8f07dbb..0000000000 --- a/.github/workflows/golangci-lint.yml +++ /dev/null @@ -1,33 +0,0 @@ -name: golangci-lint - -on: - pull_request: - paths: - - '**/*.go' - - '.github/workflows/golangci-lint.yml' - -permissions: - contents: read - -jobs: - golangci: - name: lint - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - - name: Get go version - run: echo "GOLANG_VERSION=$(cat GOLANG_VERSION)" >> $GITHUB_ENV - - - name: Set up Go - id: go - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 - with: - go-version: ${{ env.GOLANG_VERSION }} - check-latest: true - - - name: golangci-lint - uses: golangci/golangci-lint-action@aaa42aa0628b4ae2578232a66b541047968fac86 # v6.1.0 - with: - version: v1.56 diff --git a/.github/workflows/helm.yaml b/.github/workflows/helm.yaml deleted file mode 100644 index f7a68af1aa..0000000000 --- a/.github/workflows/helm.yaml +++ /dev/null @@ -1,88 +0,0 @@ -name: Helm - -on: - push: - branches: - - main - - release-* - - workflow_dispatch: - -permissions: - contents: read - -jobs: - - changes: - runs-on: ubuntu-latest - - permissions: - contents: read # for dorny/paths-filter to fetch a list of changed files - - if: github.repository == 'kubernetes/ingress-nginx' - - outputs: - docs: ${{ steps.filter.outputs.docs }} - charts: ${{ steps.filter.outputs.charts }} - - steps: - - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - - name: Run Artifact Hub lint - run: | - wget https://github.com/artifacthub/hub/releases/download/v1.5.0/ah_1.5.0_linux_amd64.tar.gz - echo 'ad0e44c6ea058ab6b85dbf582e88bad9fdbc64ded0d1dd4edbac65133e5c87da *ah_1.5.0_linux_amd64.tar.gz' | shasum -c - tar -xzvf ah_1.5.0_linux_amd64.tar.gz ah - ./ah lint -p charts/ingress-nginx || exit 1 - rm -f ./ah ./ah_1.5.0_linux_amd64.tar.gz - - - name: Set up chart-testing - uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1 - - - name: Run chart-testing (lint) - run: ct lint --target-branch ${{ github.ref_name }} --config ./.ct.yaml - - - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 - id: filter - with: - token: ${{ secrets.GITHUB_TOKEN }} - filters: | - charts: - - 'charts/ingress-nginx/Chart.yaml' - - 'charts/ingress-nginx/values.yaml' - - chart: - name: Release Chart - runs-on: ubuntu-latest - - permissions: - contents: write # needed to write releases - - needs: - - changes - - if: ${{ needs.changes.outputs.charts == 'true' }} - - steps: - - name: Checkout master - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - with: - # Fetch entire history. Required for chart-releaser; see https://github.com/helm/chart-releaser-action/issues/13#issuecomment-602063896 - fetch-depth: 0 - ref: ${{ github.ref_name }} - - - name: Setup - shell: bash - run: | - git config --global user.name "$GITHUB_ACTOR" - git config --global user.email "$GITHUB_ACTOR@users.noreply.github.com" - - - name: Helm Chart Releaser - uses: helm/chart-releaser-action@a917fd15b20e8b64b94d9158ad54cd6345335584 # v1.6.0 - env: - CR_SKIP_EXISTING: true - CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" - CR_RELEASE_NAME_TEMPLATE: "helm-chart-{{ .Version }}" - with: - charts_dir: charts diff --git a/.github/workflows/images.yaml b/.github/workflows/images.yaml index fe83f1dd33..ea23c31856 100644 --- a/.github/workflows/images.yaml +++ b/.github/workflows/images.yaml @@ -41,7 +41,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 id: filter with: @@ -141,17 +141,17 @@ jobs: (needs.changes.outputs.kube-webhook-certgen == 'true') strategy: matrix: - k8s: [v1.26.15, v1.27.13, v1.28.9, v1.29.4, v1.30.0] + k8s: [v1.26.14, v1.27.11, v1.28.7, v1.29.2, v1.30.0] steps: - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - name: Get go version run: echo "GOLANG_VERSION=$(cat GOLANG_VERSION)" >> $GITHUB_ENV - name: Set up Go id: go - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 + uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 with: go-version: ${{ env.GOLANG_VERSION }} check-latest: true @@ -178,7 +178,7 @@ jobs: nginx: ['1.25.3', '1.21.6'] steps: - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - name: image build run: | cd images/opentelemetry && make NGINX_VERSION=${{ matrix.nginx }} build @@ -195,17 +195,17 @@ jobs: PLATFORMS: linux/amd64,linux/arm,linux/arm64,linux/s390x steps: - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - name: Set up QEMU - uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0 + uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 - name: Set up Docker Buildx id: buildx - uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1 + uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 with: version: latest platforms: ${{ env.PLATFORMS }} - name: Login to GitHub Container Registry - uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 + uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3.1.0 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} diff --git a/.github/workflows/junit-reports.yaml b/.github/workflows/junit-reports.yaml deleted file mode 100644 index 947b90c257..0000000000 --- a/.github/workflows/junit-reports.yaml +++ /dev/null @@ -1,18 +0,0 @@ -name: 'E2E Test Report' - -on: - workflow_run: - workflows: ['CI'] # runs after CI workflow - types: - - completed -jobs: - report: - runs-on: ubuntu-latest - steps: - - uses: dorny/test-reporter@31a54ee7ebcacc03a09ea97a7e5465a47b84aea5 # v1.9.1 - with: - artifact: /e2e-test-reports-(.*)/ - name: JEST Tests $1 # Name of the check run which will be created - path: 'report*.xml' # Path to test results (inside artifact .zip) - reporter: jest-junit # Format of test results - fail-on-empty: 'true' diff --git a/.github/workflows/perftest.yaml b/.github/workflows/perftest.yaml deleted file mode 100644 index 2e1e01a3ee..0000000000 --- a/.github/workflows/perftest.yaml +++ /dev/null @@ -1,72 +0,0 @@ -name: Performance Test - -on: - workflow_dispatch: - inputs: - logLevel: - description: 'Log level' - required: true - default: 'warning' - tags: - description: 'K6 Load Test' - -permissions: - contents: read - -jobs: - k6_test_run: - runs-on: ubuntu-latest - - steps: - - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - - name: Install K6 - run: | - wget https://github.com/grafana/k6/releases/download/v0.38.2/k6-v0.38.2-linux-amd64.tar.gz - echo '7c9e5a26aaa2c638c042f6dfda7416161b8d2e0d4cb930721a38083b8be109ab *k6-v0.38.2-linux-amd64.tar.gz' | shasum -c - tar -xvf k6-v0.38.2-linux-amd64.tar.gz k6-v0.38.2-linux-amd64/k6 - mv k6-v0.38.2-linux-amd64/k6 . - ./k6 - - - name: Make dev-env - run: | - mkdir $HOME/.kube - make dev-env - podName=`kubectl -n ingress-nginx get po | grep -i controller | awk '{print $1}'` - if [[ -z ${podName} ]] ; then - sleep 5 - fi - kubectl wait pod -n ingress-nginx --for condition=Ready $podName - kubectl get all -A - - - name: Deploy workload - run: | - kubectl create deploy k6 --image kennethreitz/httpbin --port 80 && \ - kubectl expose deploy k6 --port 80 && \ - kubectl create ing k6 --class nginx \ - --rule test.ingress-nginx-controller.ga/*=k6:80 - podName=`kubectl get po | grep -i k6 | awk '{print $1}'` - if [[ -z ${podName} ]] ; then - sleep 5 - fi - kubectl wait pod --for condition=Ready $podName - kubectl get all,secrets,ing - - - name: Tune OS - run : | - sudo sysctl -A 2>/dev/null | egrep -i "local_port_range|tw_reuse|tcp_timestamps" - sudo sh -c "ulimit" - sudo sysctl -w net.ipv4.ip_local_port_range="1024 65535" - sudo sysctl -w net.ipv4.tcp_tw_reuse=1 - sudo sysctl -w net.ipv4.tcp_timestamps=1 - sudo sh -c "ulimit " - - - name: Run smoke test - run: | - vmstat -at 5 | tee vmstat_report & - #./k6 login cloud -t $K6_TOKEN - #./k6 run -o cloud ./smoketest.js - ./k6 run test/k6/smoketest.js - pkill vmstat - cat vmstat_report diff --git a/.github/workflows/plugin.yaml b/.github/workflows/plugin.yaml deleted file mode 100644 index 63b8c19bf6..0000000000 --- a/.github/workflows/plugin.yaml +++ /dev/null @@ -1,50 +0,0 @@ -name: kubectl plugin - -on: - release: - types: [published] - -permissions: - contents: write # for goreleaser/goreleaser-action - -jobs: - release-plugin: - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - with: - fetch-depth: 0 - - - name: Get go version - run: echo "GOLANG_VERSION=$(cat GOLANG_VERSION)" >> $GITHUB_ENV - - - name: Set up Go - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 - with: - go-version: ${{ env.GOLANG_VERSION }} - check-latest: true - - - name: Run GoReleaser Snapshot - if: ${{ ! startsWith(github.ref, 'refs/tags/') }} - uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200 # v6.0.0 - with: - version: latest - args: release --snapshot --clean - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - - name: Run GoReleaser - if: ${{ startsWith(github.ref, 'refs/tags/') }} - uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200 # v6.0.0 - with: - version: latest - args: release --clean - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - - name: Update new version in krew-index - if: ${{ startsWith(github.ref, 'refs/tags/') }} - uses: rajatjindal/krew-release-bot@df3eb197549e3568be8b4767eec31c5e8e8e6ad8 # v0.0.46 - with: - krew_template_file: cmd/plugin/krew.yaml diff --git a/.github/workflows/project.yml b/.github/workflows/project.yml deleted file mode 100644 index 9babf234e1..0000000000 --- a/.github/workflows/project.yml +++ /dev/null @@ -1,19 +0,0 @@ -name: Adds all issues - -on: - issues: - types: - - opened - -jobs: - add-to-project: - name: Add issue to project - runs-on: ubuntu-latest - permissions: - repository-projects: write - issues: write - steps: - - uses: actions/add-to-project@244f685bbc3b7adfa8466e08b698b5577571133e # v1.0.2 - with: - project-url: https://github.com/orgs/kubernetes/projects/104 - github-token: ${{ secrets.PROJECT_WRITER }} diff --git a/.github/workflows/push-and-pull-request.yaml b/.github/workflows/push-and-pull-request.yaml new file mode 100644 index 0000000000..d743155e96 --- /dev/null +++ b/.github/workflows/push-and-pull-request.yaml @@ -0,0 +1,41 @@ +name: CI on Push and Pull Request +on: + pull_request: + branches: + - '*' + push: + branches: + - '*' + +jobs: + validate: + runs-on: ubuntu-latest + container: + image: rancher/dapper:v0.6.0 + permissions: + contents: read + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: validate + run: dapper validate + + + build: + runs-on: ubuntu-latest + container: + image: rancher/dapper:v0.6.0 + permissions: + contents: read + steps: + - name: Fix the not-a-git-repository issue + run: | + apk -U add git + git config --global --add safe.directory "$GITHUB_WORKSPACE" + + - name: Checkout code + uses: actions/checkout@v4 + + - name: build + run: dapper build diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml new file mode 100644 index 0000000000..a5c4cd3c62 --- /dev/null +++ b/.github/workflows/release.yaml @@ -0,0 +1,25 @@ +name: CI on Releasing Tag +on: + push: + tags: + - '*' + +jobs: + ci: + runs-on: ubuntu-latest + container: + image: rancher/dapper:v0.6.0 + permissions: + contents: read + id-token: write # needed for the Vault authentication + steps: + - name: Add git + run: | + apk add --no-cache git + + - name: Checkout + uses: actions/checkout@v2 + + - name: tag + run: | + dapper ci diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml deleted file mode 100644 index a6b64d4083..0000000000 --- a/.github/workflows/scorecards.yml +++ /dev/null @@ -1,64 +0,0 @@ -name: Scorecards supply-chain security - -on: - # Only the default branch is supported. - branch_protection_rule: - schedule: - - cron: '20 11 * * 5' - push: - branches: - - "main" - -# Declare default permissions as read only. -permissions: read-all - -jobs: - analysis: - name: Scorecards analysis - runs-on: ubuntu-latest - permissions: - # Needed to upload the results to code-scanning dashboard. - security-events: write - # Used to receive a badge. (Upcoming feature) - id-token: write - # Needs for private repositories. - contents: read - actions: read - - steps: - - name: "Checkout code" - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - with: - persist-credentials: false - - - name: "Run analysis" - uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0 - with: - results_file: results.sarif - results_format: sarif - # (Optional) Read-only PAT token. Uncomment the `repo_token` line below if: - # - you want to enable the Branch-Protection check on a *public* repository, or - # - you are installing Scorecards on a *private* repository - # To create the PAT, follow the steps in https://github.com/ossf/scorecard-action#authentication-with-pat. - # repo_token: ${{ secrets.SCORECARD_READ_TOKEN }} - - # Publish the results for public repositories to enable scorecard badges. For more details, see - # https://github.com/ossf/scorecard-action#publishing-results. - # For private repositories, `publish_results` will automatically be set to `false`, regardless - # of the value entered here. - publish_results: true - - # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF - # format to the repository Actions tab. - - name: "Upload artifact" - uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 - with: - name: SARIF file - path: results.sarif - retention-days: 5 - - # Upload the results to GitHub's code scanning dashboard. - - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@eb055d739abdc2e8de2e5f4ba1a8b246daa779aa # v3.26.0 - with: - sarif_file: results.sarif diff --git a/.github/workflows/stale.yaml b/.github/workflows/stale.yaml deleted file mode 100644 index a7c2452951..0000000000 --- a/.github/workflows/stale.yaml +++ /dev/null @@ -1,24 +0,0 @@ -name: 'Stale Issues and PRs' - -on: - schedule: - - cron: '30 1 * * *' - -jobs: - stale: - runs-on: ubuntu-latest - - permissions: - issues: write - pull-requests: write - - steps: - - uses: actions/stale@28ca1036281a5e5922ead5184a1bbf96e5fc984e # v9.0.0 - with: - stale-issue-message: "This is stale, but we won't close it automatically, just bare in mind the maintainers may be busy with other tasks and will reach your issue ASAP. If you have any question or request to prioritize this, please reach `#ingress-nginx-dev` on Kubernetes Slack." - stale-pr-message: "This is stale, but we won't close it automatically, just bare in mind the maintainers may be busy with other tasks and will reach your issue ASAP. If you have any question or request to prioritize this, please reach `#ingress-nginx-dev` on Kubernetes Slack." - stale-issue-label: lifecycle/frozen - stale-pr-label: lifecycle/frozen - days-before-issue-stale: 30 - days-before-pr-stale: 45 - days-before-close: -1 # dont not close issues/prs diff --git a/.github/workflows/vulnerability-scans.yaml b/.github/workflows/vulnerability-scans.yaml deleted file mode 100644 index cc3240931d..0000000000 --- a/.github/workflows/vulnerability-scans.yaml +++ /dev/null @@ -1,92 +0,0 @@ -# This workflow uses actions that are not certified by GitHub. -# They are provided by a third-party and are governed by -# separate terms of service, privacy policy, and support -# documentation. - -name: Vulnerability Scan - -on: - workflow_dispatch: - release: - schedule: - - cron: '00 9 * * 1' - -permissions: - contents: read - security-events: write - -jobs: - version: - runs-on: ubuntu-latest - outputs: - versions: ${{ steps.version.outputs.TAGS }} - steps: - - name: Checkout code - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - with: - fetch-depth: 0 - - - name: Latest Tag - id: version - shell: bash - run: | - readarray -t TAGS_ARRAY <<<"$(git tag --list 'controller-v*.*.*' --sort=-version:refname | grep -v 'beta\|alpha')" - FULL_TAGS=(${TAGS_ARRAY[0]} ${TAGS_ARRAY[1]} ${TAGS_ARRAY[2]}) - SHORT_TAGS=() - for i in ${FULL_TAGS[@]} - do - echo "tag: $i" - short=$(echo "$i" | cut -d - -f 2) - SHORT_TAGS+=($short) - done - echo "${SHORT_TAGS[0]},${SHORT_TAGS[1]},${SHORT_TAGS[2]}" - TAGS_JSON="[\"${SHORT_TAGS[0]}\",\"${SHORT_TAGS[1]}\",\"${SHORT_TAGS[2]}\"]" - echo "${TAGS_JSON}" - echo "TAGS=${TAGS_JSON}" >> $GITHUB_OUTPUT - - scan: - runs-on: ubuntu-latest - needs: version - strategy: - matrix: - versions: ${{ fromJSON(needs.version.outputs.versions) }} - steps: - - name: Checkout code - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - - shell: bash - id: test - run: echo "Scanning registry.k8s.io/ingress-nginx/controller@${{ matrix.versions }}" - - - name: Scan image with AquaSec/Trivy - id: scan - uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # v0.24.0 - with: - image-ref: registry.k8s.io/ingress-nginx/controller:${{ matrix.versions }} - format: 'sarif' - output: trivy-results-${{ matrix.versions }}.sarif - exit-code: 0 - vuln-type: 'os,library' - severity: 'CRITICAL,HIGH,MEDIUM,LOW,UNKNOWN' - - - name: Output Sarif File - shell: bash - run: cat ${{ github.workspace }}/trivy-results-${{ matrix.versions }}.sarif - - # This step checks out a copy of your repository. - - name: Upload SARIF file - uses: github/codeql-action/upload-sarif@eb055d739abdc2e8de2e5f4ba1a8b246daa779aa # v3.26.0 - with: - token: ${{ github.token }} - # Path to SARIF file relative to the root of the repository - sarif_file: ${{ github.workspace }}/trivy-results-${{ matrix.versions }}.sarif - - - name: Vulz Count - shell: bash - run: | - TRIVY_COUNT=$(cat ${{ github.workspace }}/trivy-results-${{ matrix.versions }}.sarif | jq '.runs[0].results | length') - echo "TRIVY_COUNT: $TRIVY_COUNT" - echo "Image Vulnerability scan output" >> $GITHUB_STEP_SUMMARY - echo "Image ID: registry.k8s.io/ingress-nginx/controller@${{ matrix.versions }}" >> $GITHUB_STEP_SUMMARY - echo "" >> $GITHUB_STEP_SUMMARY - echo "Trivy Count: $TRIVY_COUNT" >> $GITHUB_STEP_SUMMARY diff --git a/.github/workflows/zz-tmpl-images.yaml b/.github/workflows/zz-tmpl-images.yaml deleted file mode 100644 index 4594a1de46..0000000000 --- a/.github/workflows/zz-tmpl-images.yaml +++ /dev/null @@ -1,81 +0,0 @@ -#### THIS IS A TEMPLATE #### -# This workflow is created to be a template for every time an e2e teest is required, - -on: - workflow_call: - inputs: - name: - required: true - type: string - platforms-test: - type: string - default: linux/amd64 - platforms-publish: - type: string - default: linux/amd64 - -env: - PLATFORMS: ${{ inputs.platforms-test }} - -permissions: - contents: write - packages: write - -jobs: - changestag: - permissions: - contents: read # for dorny/paths-filter to fetch a list of changed files - runs-on: ubuntu-latest - outputs: - tag: ${{ steps.filter.outputs.tag }} - - steps: - - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 - id: filter - with: - token: ${{ secrets.GITHUB_TOKEN }} - filters: | - tag: - - 'images/**/TAG' - - image-build: - name: Build - runs-on: ubuntu-latest - permissions: - contents: read - - steps: - - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - - name: Build - run: | - cd images/ && make NAME=${{ inputs.name }} build - - image-push: - name: Push - needs: changestag - if: | - (github.event_name == 'push' && github.ref == 'refs/heads/main' && github.repository == 'kubernetes/ingress-nginx' && needs.changestag.outputs.tag == 'true') - runs-on: ubuntu-latest - permissions: - contents: write - packages: write - env: - PLATFORMS: ${{ inputs.platforms-publish }} - steps: - - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - - name: Login to GitHub Container Registry - uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - - name: Push - run: | - cd images/ && make REGISTRY=ingressnginx NAME=${{ inputs.name }} push - diff --git a/.github/workflows/zz-tmpl-k8s-e2e.yaml b/.github/workflows/zz-tmpl-k8s-e2e.yaml deleted file mode 100644 index adf1dc0e89..0000000000 --- a/.github/workflows/zz-tmpl-k8s-e2e.yaml +++ /dev/null @@ -1,58 +0,0 @@ -#### THIS IS A TEMPLATE #### -# This workflow is created to be a template for every time an e2e teest is required, - -on: - workflow_call: - inputs: - k8s-version: - required: true - type: string - variation: - type: string - -permissions: - contents: read - -jobs: - kubernetes: - name: Kubernetes ${{ inputs.variation }} - runs-on: ubuntu-latest - - steps: - - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - - name: cache - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 - with: - name: docker.tar.gz - - - name: Create Kubernetes ${{ inputs.k8s-version }} cluster - id: kind - run: | - kind create cluster --image=kindest/node:${{ inputs.k8s-version }} --config test/e2e/kind.yaml - - - name: Load images from cache - run: | - echo "loading docker images..." - gzip -dc docker.tar.gz | docker load - - - name: Run e2e tests ${{ inputs.variation }} - env: - KIND_CLUSTER_NAME: kind - SKIP_CLUSTER_CREATION: true - SKIP_INGRESS_IMAGE_CREATION: true - SKIP_E2E_IMAGE_CREATION: true - ENABLE_VALIDATIONS: ${{ inputs.variation == 'VALIDATIONS' }} - IS_CHROOT: ${{ inputs.variation == 'CHROOT' }} - run: | - kind get kubeconfig > $HOME/.kube/kind-config-kind - make kind-e2e-test - - - name: Upload e2e junit-reports ${{ inputs.variation }} - uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 - if: success() || failure() - with: - name: e2e-test-reports-${{ inputs.k8s-version }}${{ inputs.variation }} - path: 'test/junitreports/report*.xml' - diff --git a/.gitignore b/.gitignore index 73108f6274..16c4188ddf 100644 --- a/.gitignore +++ b/.gitignore @@ -61,4 +61,7 @@ cmd/plugin/release/*.tar.gz cmd/plugin/release/LICENSE tmp/ test/junitreports/ -tests/__snapshot__ + +# rancher ci +.dapper +/dist/ diff --git a/Dockerfile.dapper b/Dockerfile.dapper new file mode 100644 index 0000000000..056656beb5 --- /dev/null +++ b/Dockerfile.dapper @@ -0,0 +1,45 @@ +FROM docker:19.03.9 +ARG DAPPER_HOST_ARCH +ARG STEP=ci +ENV ARCH=${DAPPER_HOST_ARCH} +RUN mkdir -p /.docker/cli-plugins +RUN apk update && apk upgrade && apk add bash && ln -sf /bin/bash /bin/sh # use bash for subsequent variable expansion +ENV DOCKER_BUILDX_URL_arm=https://github.com/docker/buildx/releases/download/v0.5.1/buildx-v0.5.1.linux-arm-v7 \ + DOCKER_BUILDX_URL_arm64=https://github.com/docker/buildx/releases/download/v0.5.1/buildx-v0.5.1.linux-arm64 \ + DOCKER_BUILDX_URL_amd64=https://github.com/docker/buildx/releases/download/v0.5.1/buildx-v0.5.1.linux-amd64 \ + DOCKER_BUILDX_URL=DOCKER_BUILDX_URL_${ARCH} +RUN wget -O - ${!DOCKER_BUILDX_URL} > /.docker/cli-plugins/docker-buildx && chmod +x /.docker/cli-plugins/docker-buildx + +FROM ubuntu:18.04 +ARG DAPPER_HOST_ARCH +ARG DOCKER_USER +ARG DOCKER_PASS +ENV HOST_ARCH=${DAPPER_HOST_ARCH} \ + ARCH=${DAPPER_HOST_ARCH} \ + DOCKER_USER=${DOCKER_USER} \ + DOCKER_PASS=${DOCKER_PASS} +RUN apt-get update && \ + apt-get install -y gcc ca-certificates git wget curl vim less file zip make && \ + rm -f /bin/sh && ln -s /bin/bash /bin/sh +ENV GOLANG_ARCH_amd64=amd64 GOLANG_ARCH_arm=armv6l GOLANG_ARCH_arm64=arm64 GOLANG_ARCH=GOLANG_ARCH_${ARCH} \ + GOPATH=/go PATH=/go/bin:/usr/local/go/bin:${PATH} SHELL=/bin/bash +RUN wget -O - https://golang.org/dl/go1.21.5.linux-${!GOLANG_ARCH}.tar.gz | tar -xzf - -C /usr/local && \ + curl -sL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | sh -s v1.41.0 +COPY --from=0 /usr/local/bin/docker /usr/bin/docker +RUN mkdir -p /.docker/cli-plugins +COPY --from=0 /.docker/cli-plugins/docker-buildx /.docker/cli-plugins/docker-buildx +ENV DOCKER_CLI_EXPERIMENTAL=enabled \ + DOCKER_CONFIG=/.docker +RUN docker buildx install +ENV DAPPER_SOURCE /go/src/k8s.io/ingress-nginx/ +ENV DAPPER_OUTPUT ./bin ./dist +ENV DAPPER_DOCKER_SOCKET true +ENV DAPPER_ENV CROSS TAG DOCKER_PASSWORD DOCKER_USERNAME +ENV DAPPER_RUN_ARGS="--net host" +ENV TRASH_CACHE ${DAPPER_SOURCE}/.trash-cache +ENV HOME ${DAPPER_SOURCE} +ENV GIT_IN_DAPPER true +RUN mkdir -p /etc/nginx/geoip +WORKDIR ${DAPPER_SOURCE} +ENTRYPOINT ["./scripts/entry"] +CMD [${STEP}] diff --git a/Makefile b/Makefile index a99e1540c7..eac4f1cd1a 100644 --- a/Makefile +++ b/Makefile @@ -242,8 +242,9 @@ BUILDX_PLATFORMS ?= linux/amd64,linux/arm,linux/arm64 .PHONY: release # Build a multi-arch docker image release: ensure-buildx clean - echo "Building binaries..." - $(foreach PLATFORM,$(PLATFORMS), echo -n "$(PLATFORM)..."; ARCH=$(PLATFORM) make build;) +# Rancher CI: the build has been done in the build step in the scripts/ci +# echo "Building binaries..." +# $(foreach PLATFORM,$(PLATFORMS), echo -n "$(PLATFORM)..."; ARCH=$(PLATFORM) make build;) echo "Building and pushing ingress-nginx image...$(BUILDX_PLATFORMS)" @@ -258,22 +259,5 @@ release: ensure-buildx clean --build-arg VERSION="$(TAG)" \ --build-arg COMMIT_SHA="$(COMMIT_SHA)" \ --build-arg BUILD_ID="$(BUILD_ID)" \ - -t $(REGISTRY)/controller:$(TAG) rootfs - - docker buildx build \ - --no-cache \ - $(MAC_DOCKER_FLAGS) \ - --push \ - --pull \ - --progress plain \ - --platform $(BUILDX_PLATFORMS) \ - --build-arg BASE_IMAGE="$(BASE_IMAGE)" \ - --build-arg VERSION="$(TAG)" \ - --build-arg COMMIT_SHA="$(COMMIT_SHA)" \ - --build-arg BUILD_ID="$(BUILD_ID)" \ - -t $(REGISTRY)/controller-chroot:$(TAG) rootfs -f rootfs/Dockerfile-chroot + -t $(REGISTRY)/nginx-ingress-controller:$(TAG) rootfs -.PHONY: build-docs -build-docs: - pip install -r docs/requirements.txt - mkdocs build --config-file mkdocs.yml diff --git a/Makefile_rancher b/Makefile_rancher new file mode 100644 index 0000000000..d7d72a16d5 --- /dev/null +++ b/Makefile_rancher @@ -0,0 +1,23 @@ +TARGETS := $(shell ls scripts) + +.dapper: + @echo Downloading dapper + @curl -sL https://releases.rancher.com/dapper/latest/dapper-`uname -s`-`uname -m` > .dapper.tmp + @@chmod +x .dapper.tmp + @./.dapper.tmp -v + @mv .dapper.tmp .dapper + +$(TARGETS): .dapper + ./.dapper $@ + +trash: .dapper + ./.dapper -m bind trash + +trash-keep: .dapper + ./.dapper -m bind trash -k + +deps: trash + +.DEFAULT_GOAL := ci + +.PHONY: $(TARGETS) diff --git a/build/run-in-docker.sh b/build/run-in-docker.sh index fcbf8f6cdc..ba5ea6f6a5 100755 --- a/build/run-in-docker.sh +++ b/build/run-in-docker.sh @@ -84,6 +84,7 @@ if [[ "$DOCKER_IN_DOCKER_ENABLED" == "true" ]]; then #go env go install -mod=mod github.com/onsi/ginkgo/v2/ginkgo@v2.20.0 find / -type f -name ginkgo 2>/dev/null + PATH=$PATH:$GOPATH/bin/linux_arm64 which ginkgo /bin/bash -c "${FLAGS}" else diff --git a/hack/init-buildx.sh b/hack/init-buildx.sh index 1a47bf145e..b53c407025 100755 --- a/hack/init-buildx.sh +++ b/hack/init-buildx.sh @@ -51,6 +51,15 @@ if ! grep -q "^Driver: docker$" <<<"${current_builder}" && \ exit 0 fi +# Ensure qemu is in binfmt_misc +# Docker desktop already has these in versions recent enough to have buildx +# We only need to do this setup on linux hosts +if [ "$(uname)" == 'Linux' ]; then + # NOTE: this is pinned to a digest for a reason! + # https://github.com/docker/buildx/issues/542#issuecomment-778835576 + docker run --rm --privileged tonistiigi/binfmt --uninstall qemu-aarch64 && docker run --rm --privileged tonistiigi/binfmt --install arm64 + docker run --rm --privileged tonistiigi/binfmt +fi # Ensure we use a builder that can leverage it (the default on linux will not) docker buildx rm ingress-nginx || true diff --git a/internal/k8s/main.go b/internal/k8s/main.go index 5e93e560d6..e4d6c0b6b5 100644 --- a/internal/k8s/main.go +++ b/internal/k8s/main.go @@ -32,6 +32,11 @@ import ( "k8s.io/client-go/tools/cache" ) +const ( + internalAddressAnnotation = "rke.cattle.io/internal-ip" + externalAddressAnnotation = "rke.cattle.io/external-ip" +) + // ParseNameNS parses a string searching a namespace and name func ParseNameNS(input string) (ns, name string, err error) { nsName := strings.Split(input, "/") @@ -64,6 +69,15 @@ func GetNodeIPOrName(kubeClient clientset.Interface, name string, useInternalIP return defaultOrInternalIP } + if node.Annotations != nil { + if annotatedIP := node.Annotations[externalAddressAnnotation]; annotatedIP != "" { + return annotatedIP + } + if annotatedIP := node.Annotations[internalAddressAnnotation]; annotatedIP != "" { + return annotatedIP + } + } + for _, address := range node.Status.Addresses { if address.Type == apiv1.NodeExternalIP { if address.Address != "" { diff --git a/scripts/build b/scripts/build new file mode 100755 index 0000000000..546bfd3929 --- /dev/null +++ b/scripts/build @@ -0,0 +1,17 @@ +#!/bin/bash +set -e + +source $(dirname $0)/version + +cd $(dirname $0)/.. + +PKG="k8s.io/ingress-nginx" + +rm -rf bin/* +mkdir -p bin + +declare -a arches=("arm64" "amd64") +for arch in "${arches[@]}" +do + ARCH=$arch DOCKER_IN_DOCKER_ENABLED=true USER=0 make build +done diff --git a/scripts/ci b/scripts/ci new file mode 100755 index 0000000000..b35955a738 --- /dev/null +++ b/scripts/ci @@ -0,0 +1,9 @@ +#!/bin/bash +set -e + +cd $(dirname $0) + +./validate +./build +./test +./package diff --git a/scripts/entry b/scripts/entry new file mode 100755 index 0000000000..78fb567905 --- /dev/null +++ b/scripts/entry @@ -0,0 +1,11 @@ +#!/bin/bash +set -e + +mkdir -p bin dist +if [ -e ./scripts/$1 ]; then + ./scripts/"$@" +else + exec "$@" +fi + +chown -R $DAPPER_UID:$DAPPER_GID . diff --git a/scripts/package b/scripts/package new file mode 100755 index 0000000000..0dbc972b07 --- /dev/null +++ b/scripts/package @@ -0,0 +1,12 @@ +#!/bin/bash +set -e + +REPO=${REPO:-rancher} + +source $(dirname $0)/version +cd $(dirname $0)/.. + +# manifest push happens as part of make release, so login is required inside the dapper container +echo "$DOCKER_PASS" | docker login -u $DOCKER_USER --password-stdin + +REGISTRY=${REPO} PLATFORMS="arm64 amd64" TAG=${TAG} DOCKER_IN_DOCKER_ENABLED=true USER=0 make release \ No newline at end of file diff --git a/scripts/release b/scripts/release new file mode 100755 index 0000000000..7af0df35fc --- /dev/null +++ b/scripts/release @@ -0,0 +1,3 @@ +#!/bin/bash + +exec $(dirname $0)/ci diff --git a/scripts/test b/scripts/test new file mode 100755 index 0000000000..6363fc3282 --- /dev/null +++ b/scripts/test @@ -0,0 +1,15 @@ +#!/bin/bash +set -e + +cd $(dirname $0)/.. + +echo Running tests + +FIND_COMMAND="find" +if [ "$(go env GOHOSTOS)" = "darwin" ]; then + FIND_COMMAND="find ." +fi + +PACKAGES="$($FIND_COMMAND -name '*.go' | xargs -I{} dirname {} | sort -u | grep -Ev '(^\.$|.git|.trash-cache|vendor|bin|docs|test|controller/store|images|examples|hack)')" + +go test -v -p 1 -tags "cgo" -cover ${PACKAGES} diff --git a/scripts/validate b/scripts/validate new file mode 100755 index 0000000000..8b1f64ba62 --- /dev/null +++ b/scripts/validate @@ -0,0 +1,14 @@ +#!/bin/bash +set -e + +cd $(dirname $0)/.. + +echo Running validation + +PACKAGES="$(go list ./... | grep -v /vendor/)" + +echo Running: go vet +go vet -mod=readonly ${PACKAGES} + +echo Running: go fmt +test -z "$(go fmt -mod=readonly ${PACKAGES} | tee /dev/stderr)" diff --git a/scripts/version b/scripts/version new file mode 100755 index 0000000000..d04d7e66ec --- /dev/null +++ b/scripts/version @@ -0,0 +1,31 @@ +#!/bin/bash + +if [ "$GIT_IN_DAPPER" = true ]; then + git config --global user.email "rancher-ci@rancher.com" + git config --global user.name "rancher-ci" +fi + +if [ -n "$(git status --porcelain --untracked-files=no)" ]; then + DIRTY="-dirty" +fi + +# fetch tag information +git fetch + +GIT_COMMIT=${GIT_COMMIT:-$(git rev-parse --short HEAD)} +GIT_TAG=$(git tag -l --contains HEAD | head -n 1) +REPO_INFO=$(git config --get remote.origin.url) + +if [[ -z "$DIRTY" && -n "$GIT_TAG" ]]; then + VERSION=$GIT_TAG +else + VERSION="${GIT_COMMIT}${DIRTY}" +fi + +if [ -z "$ARCH" ]; then + ARCH=amd64 +fi + +TAG=${TAG:-$VERSION} + +PKG="k8s.io/ingress-nginx"