diff --git a/.github/workflows/build-and-release.yml b/.github/workflows/build-and-release.yml new file mode 100644 index 0000000..852711a --- /dev/null +++ b/.github/workflows/build-and-release.yml @@ -0,0 +1,65 @@ +name: Meshery-App-Mesh Build and Releaser +on: + push: + branches: + - 'master' + tags: + - 'v*' + +jobs: + build: + name: Build check + runs-on: ubuntu-latest + # needs: [lint, error_check, static_check, vet, sec_check, tests] + steps: + - name: Check out code + uses: actions/checkout@master + with: + fetch-depth: 1 + - name: Setup Go + uses: actions/setup-go@v1 + with: + go-version: ${{ secrets.GO_VERSION }} + - run: GOPROXY=direct GOSUMDB=off GO111MODULE=on go build . + docker: + name: Docker build and push + runs-on: ubuntu-latest + steps: + - name: Check out code + uses: actions/checkout@master + with: + fetch-depth: 1 + - name: Docker login + uses: azure/docker-login@v1 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + - name: Docker edge build & tag + if: startsWith(github.ref, 'refs/tags/') != true && success() + run: | + DOCKER_BUILDKIT=1 docker build --no-cache -t ${{ secrets.IMAGE_NAME }}:edge-latest --build-arg TOKEN=${{ secrets.GLOBAL_TOKEN }} --build-arg GIT_COMMITSHA=${GITHUB_SHA::7} --build-arg VERSION="edge-latest" . + docker tag ${{ secrets.IMAGE_NAME }}:edge-latest ${{ secrets.IMAGE_NAME }}:edge-${GITHUB_SHA::7} + - name: Docker edge push + if: startsWith(github.ref, 'refs/tags/') != true && success() + run: | + docker push ${{ secrets.IMAGE_NAME }}:edge-latest + docker push ${{ secrets.IMAGE_NAME }}:edge-${GITHUB_SHA::7} + - name: Docker stable build & tag + if: github.event_name != 'pull_request' && startsWith(github.ref, 'refs/tags/') && success() + run: | + DOCKER_BUILDKIT=1 docker build --no-cache -t ${{ secrets.IMAGE_NAME }}:stable-latest --build-arg GIT_COMMITSHA=${GITHUB_SHA::7} --build-arg VERSION=${GITHUB_REF/refs\/tags\//} . + docker tag ${{ secrets.IMAGE_NAME }}:stable-latest ${{ secrets.IMAGE_NAME }}:stable-${GITHUB_REF/refs\/tags\//} + docker tag ${{ secrets.IMAGE_NAME }}:stable-latest ${{ secrets.IMAGE_NAME }}:stable-${GITHUB_SHA::7} + - name: Docker stable push + if: github.event_name != 'pull_request' && startsWith(github.ref, 'refs/tags/') && success() + run: | + docker push ${{ secrets.IMAGE_NAME }}:stable-latest + docker push ${{ secrets.IMAGE_NAME }}:stable-${GITHUB_REF/refs\/tags\//} + docker push ${{ secrets.IMAGE_NAME }}:stable-${GITHUB_SHA::7} + - name: Docker Hub Description + if: github.event_name != 'pull_request' && startsWith(github.ref, 'refs/tags/') && success() + uses: peter-evans/dockerhub-description@v2.0.0 + env: + DOCKERHUB_USERNAME: ${{ secrets.DOCKER_USERNAME }} + DOCKERHUB_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} + DOCKERHUB_REPOSITORY: ${{ secrets.IMAGE_NAME }} \ No newline at end of file diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ee5333e..912ef6d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -2,125 +2,101 @@ name: Meshery-app-mesh on: push: branches: - - '*' + - "*" tags: - - 'v*' + - "v*" pull_request: branches: - master - jobs: lint: name: Check & Review code runs-on: ubuntu-latest steps: - - name: Check out code - uses: actions/checkout@master - with: - fetch-depth: 1 - - name: Setup Go - uses: actions/setup-go@v1 - with: - go-version: ${{ secrets.GO_VERSION }} - - run: GOPROXY=direct GOSUMDB=off go get -u golang.org/x/lint/golint; go list ./... | grep -v /vendor/ | xargs -L1 /home/runner/go/bin/golint -set_exit_status -# error_check: -# name: Error check -# runs-on: ubuntu-latest -# steps: -# - name: Check out code -# uses: actions/checkout@master -# with: -# fetch-depth: 1 -# - name: Setup Go -# uses: actions/setup-go@v1 -# with: -# go-version: ${{ secrets.GO_VERSION }} -# - run: GOPROXY=direct GOSUMDB=off GO111MODULE=on go get -u github.com/kisielk/errcheck; /home/runner/go/bin/errcheck ./... -# static_check: -# name: Static check -# runs-on: ubuntu-latest -# steps: -# - name: Check out code -# uses: actions/checkout@master -# with: -# fetch-depth: 1 -# - name: Setup Go -# uses: actions/setup-go@v1 -# with: -# go-version: ${{ secrets.GO_VERSION }} -# - run: GOPROXY=direct GOSUMDB=off GO111MODULE=on go get -u honnef.co/go/tools/cmd/staticcheck; /home/runner/go/bin/staticcheck -checks all ./... # https://staticcheck.io/docs/checks -# vet: -# name: Vet -# runs-on: ubuntu-latest -# steps: -# - name: Check out code -# uses: actions/checkout@master -# with: -# fetch-depth: 1 -# - name: Setup Go -# uses: actions/setup-go@v1 -# with: -# go-version: ${{ secrets.GO_VERSION }} -# - run: GOPROXY=direct GOSUMDB=off GO111MODULE=on go vet ./... -# sec_check: -# name: Security check -# runs-on: ubuntu-latest -# steps: -# - name: Check out code -# uses: actions/checkout@master -# with: -# fetch-depth: 1 -# - name: Setup Go -# uses: actions/setup-go@v1 -# with: -# go-version: ${{ secrets.GO_VERSION }} -# - run: GOPROXY=direct GOSUMDB=off GO111MODULE=on go get github.com/securego/gosec/cmd/gosec; /home/runner/go/bin/gosec ./... # https://github.com/securego/gosec -# tests: -# # needs: [lint, error_check, static_check, vet, sec_check] -# name: Tests -# runs-on: ubuntu-latest -# steps: -# - name: Check out code -# uses: actions/checkout@master -# with: -# fetch-depth: 1 -# - name: Setup Go -# uses: actions/setup-go@v1 -# with: -# go-version: ${{ secrets.GO_VERSION }} -# - run: GOPROXY=direct GOSUMDB=off GO111MODULE=on go test ./... -docker: - name: Docker build and push + - name: Check out code + uses: actions/checkout@master + with: + fetch-depth: 1 + - name: Setup Go + uses: actions/setup-go@v1 + with: + go-version: ${{ secrets.GO_VERSION }} + - run: GOPROXY=direct GOSUMDB=off go get -u golang.org/x/lint/golint; go list ./app-mesh/... | grep -v /vendor/ | xargs -L1 /home/runner/go/bin/golint -set_exit_status + error_check: + name: Error check runs-on: ubuntu-latest - # needs: [build, build_release] steps: - - name: Check out code - if: github.event_name != 'pull_request' && startsWith(github.ref, 'refs/tags/') && success() - uses: actions/checkout@master - with: + - name: Check out code + uses: actions/checkout@master + with: + fetch-depth: 1 + - name: Setup Go + uses: actions/setup-go@v1 + with: + go-version: ${{ secrets.GO_VERSION }} + - run: GOPROXY=direct GOSUMDB=off GO111MODULE=on go get -u github.com/kisielk/errcheck; /home/runner/go/bin/errcheck -tags draft ./... + static_check: + name: Static check + runs-on: ubuntu-latest + steps: + - name: Check out code + uses: actions/checkout@master + with: + fetch-depth: 1 + - name: Setup Go + uses: actions/setup-go@v1 + with: + go-version: ${{ secrets.GO_VERSION }} + - run: GOPROXY=direct GOSUMDB=off GO111MODULE=on go get -u honnef.co/go/tools/cmd/staticcheck; /home/runner/go/bin/staticcheck -tags draft -checks all ./app-mesh/... # https://staticcheck.io/docs/checks + vet: + name: Vet + runs-on: ubuntu-latest + steps: + - name: Check out code + uses: actions/checkout@master + with: + fetch-depth: 1 + - name: Setup Go + uses: actions/setup-go@v1 + with: + go-version: ${{ secrets.GO_VERSION }} + - run: GOPROXY=direct GOSUMDB=off GO111MODULE=on go vet -tags draft ./... + sec_check: + name: Security check + runs-on: ubuntu-latest + env: + GO111MODULE: on + steps: + - name: Check out code + uses: actions/checkout@v2 + with: + fetch-depth: 1 + - name: Run Gosec Security Scanner + uses: securego/gosec@master + with: + args: ./... -exclude=G301,G304,G107,G101,G110 + tests: + # needs: [lint, error_check, static_check, vet, sec_check] + name: Tests + env: + ACTIONS_ALLOW_UNSECURE_COMMANDS: true + runs-on: ubuntu-latest + steps: + - name: Check out code + uses: actions/checkout@master + with: fetch-depth: 1 - - name: Docker login - if: github.event_name != 'pull_request' && startsWith(github.ref, 'refs/tags/') && success() - uses: azure/container-actions/docker-login@master - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - - name: Docker build & tag - if: github.event_name != 'pull_request' && startsWith(github.ref, 'refs/tags/') && success() - run: | - DOCKER_BUILDKIT=1 docker build --no-cache -t ${{ secrets.IMAGE_NAME }}:stable-latest . - docker tag ${{ secrets.IMAGE_NAME }}:stable-latest ${{ secrets.IMAGE_NAME }}:stable-${GITHUB_REF/refs\/tags\//} - docker tag ${{ secrets.IMAGE_NAME }}:stable-latest ${{ secrets.IMAGE_NAME }}:stable-${GITHUB_SHA::7} - - name: Docker push - if: github.event_name != 'pull_request' && startsWith(github.ref, 'refs/tags/') && success() - run: | - docker push ${{ secrets.IMAGE_NAME }}:stable-latest - docker push ${{ secrets.IMAGE_NAME }}:stable-${GITHUB_REF/refs\/tags\//} - docker push ${{ secrets.IMAGE_NAME }}:stable-${GITHUB_SHA::7} - - name: Docker Hub Description - if: github.event_name != 'pull_request' && startsWith(github.ref, 'refs/tags/') && success() - uses: peter-evans/dockerhub-description@v2.0.0 - env: - DOCKERHUB_USERNAME: ${{ secrets.DOCKER_USERNAME }} - DOCKERHUB_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - DOCKERHUB_REPOSITORY: ${{ secrets.IMAGE_NAME }} + - name: Setup Go + uses: actions/setup-go@v1 + with: + go-version: ${{ secrets.GO_VERSION }} + - name: Create cluster using KinD + uses: engineerd/setup-kind@v0.3.0 + with: + version: "v0.7.0" + - run: | + export CURRENTCONTEXT="$(kubectl config current-context)" + echo "current-context:" ${CURRENTCONTEXT} + export KUBECONFIG="${HOME}/.kube/config" + echo "environment-kubeconfig:" ${KUBECONFIG} + GOPROXY=direct GOSUMDB=off GO111MODULE=on go test ./... \ No newline at end of file diff --git a/.github/workflows/error-ref-publisher.yml b/.github/workflows/error-ref-publisher.yml new file mode 100644 index 0000000..a342639 --- /dev/null +++ b/.github/workflows/error-ref-publisher.yml @@ -0,0 +1,63 @@ +name: Meshkit Error Codes Utility Runner +on: + push: + branches: + - 'master' + paths: + - '**.go' + +jobs: + Update-error-codes: + name: Error codes utility + if: github.repository == 'meshery/meshery-app-mesh' + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + # token here with write access to meshery-app-mesh repo + with: + token: ${{ secrets.GH_ACCESS_TOKEN }} + ref: 'master' + + - name: Setup Go + uses: actions/setup-go@v1 + with: + go-version: ${{ secrets.GO_VERSION }} + + - name: Run utility + run: | + go get github.com/layer5io/meshkit/cmd/errorutil + go run github.com/layer5io/meshkit/cmd/errorutil -d . update --skip-dirs meshery -i ./helpers -o ./helpers + # to update errorutil* files in meshery-app-mesh repo + - name: Commit changes + uses: stefanzweifel/git-auto-commit-action@v4 + with: + commit_user_name: l5io + commit_user_email: ci@layer5.io + commit_author: ${{ github.actor }} <${{ github.actor }}@users.noreply.github.com> + commit_options: '--signoff' + commit_message: 'run error codes utility' + file_pattern: helpers/ **/error.go + + # to push changes to meshery docs + - name: Checkout meshery + uses: actions/checkout@v2 + with: + repository: 'meshery/meshery' + # token with write access to meshery repository + token: ${{ secrets.GH_ACCESS_TOKEN }} + path: 'meshery' + ref: 'master' + + - name: Update docs + run: | + echo '{ "errors_export": "" }' | jq --slurpfile export ./helpers/errorutil_errors_export.json '.errors_export = $export[0]' > ./meshery/docs/_data/errorref/app-mesh_errors_export.json + - name: Commit changes + uses: stefanzweifel/git-auto-commit-action@v4 + with: + repository: ./meshery + commit_user_name: l5io + commit_user_email: ci@layer5.io + commit_author: ${{ github.actor }} <${{ github.actor }}@users.noreply.github.com> + commit_options: '--signoff' + commit_message: '[Docs] Error Code Reference: Updated codes for App-Mesh adapter' + file_pattern: docs/ \ No newline at end of file diff --git a/.github/workflows/release-drafter.yml b/.github/workflows/release-drafter.yml new file mode 100644 index 0000000..7862070 --- /dev/null +++ b/.github/workflows/release-drafter.yml @@ -0,0 +1,19 @@ +name: Release Drafter + +on: + push: + # our release branch + branches: + - master + +jobs: + update_release_draft: + runs-on: ubuntu-latest + steps: + # Drafts your next Release notes as Pull Requests are merged into "master" + - uses: release-drafter/release-drafter@v5 + with: + config-name: release-drafter.yml + disable-autolabeler: true + env: + GITHUB_TOKEN: ${{ secrets.RELEASEDRAFTER_PAT }} \ No newline at end of file