Skip to content

Commit

Permalink
chore(ci): migrate some CI from Jenkins to github actions (#9795) (#9813
Browse files Browse the repository at this point in the history 
)

* chore(ci): migrate some CI from Jenkins to github actions (#9795)

* chore(Make): add the convenience make tasks

* chore(gha): migrate test package and unofficial packaging from Jenkins to GHA

* chore(dev): can the rockspec be renamed so we don't overwrite unofficial tagged version?

* chore(ci): revert the rockspec rename

* fix(ci): we don't need to docker login for CE test packaging

* chore(ci): we need to keep building alpine unofficial in Jenkins

(cherry picked from commit b1a1f07)

* fix(submodule): removing a submodule I believe was accidentally committed
  • Loading branch information
@hutchic
hutchic authored Nov 24, 2022
1 parent 2219403 commit 161f2d8
Show file tree
Hide file tree
Showing 4 changed files with 235 additions and 38 deletions.
126 changes: 126 additions & 0 deletions .github/workflows/package.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,126 @@
name: Package & Smoke Test

on: # yamllint disable-line rule:truthy
pull_request:
push:
branches:
- master
- next/*
- release/*

env:
DOCKER_REPOSITORY: kong/kong-build-tools

jobs:
package-and-test:
if: github.event_name == 'pull_request'
name: Build & Smoke Test Packages
runs-on: ubuntu-22.04

steps:
- name: Swap git with https
run: git config --global url."https://github".insteadOf git://github

- name: Setup some environment variables
run: |
echo "KONG_SOURCE_LOCATION=$GITHUB_WORKSPACE/kong-src" >> $GITHUB_ENV
echo "KONG_BUILD_TOOLS_LOCATION=$GITHUB_WORKSPACE/kong-build-tools" >> $GITHUB_ENV
- name: Checkout Kong source code
uses: actions/checkout@v3
with:
path: ${{ env.KONG_SOURCE_LOCATION }}
submodules: recursive
token: ${{ secrets.GHA_KONG_BOT_READ_TOKEN }}

- name: Setup kong-build-tools
run: |
pushd ${{ env.KONG_SOURCE_LOCATION }}
make setup-kong-build-tools
- name: Setup package naming environment variables
run: |
grep -v '^#' ${{ env.KONG_SOURCE_LOCATION}}/.requirements >> $GITHUB_ENV
- name: Package & Test
env:
GITHUB_TOKEN: ${{ secrets.GHA_KONG_BOT_READ_TOKEN }}
run: |
pushd ${{ env.KONG_SOURCE_LOCATION }}
make package/test/deb
package-test-and-unofficial-release:
if: github.event_name == 'push'
name: Build & Smoke & Unofficial Release Packages
runs-on: ubuntu-22.04
strategy:
matrix:
package_type: [deb, rpm, apk]

steps:
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.GHA_DOCKERHUB_PUSH_USER }}
password: ${{ secrets.GHA_KONG_ORG_DOCKERHUB_PUSH_TOKEN }}

- name: Swap git with https
run: git config --global url."https://github".insteadOf git://github

- name: Setup directory environment variables
run: |
echo "KONG_SOURCE_LOCATION=$GITHUB_WORKSPACE/kong-src" >> $GITHUB_ENV
echo "KONG_BUILD_TOOLS_LOCATION=$GITHUB_WORKSPACE/kong-build-tools" >> $GITHUB_ENV
- name: Checkout Kong source code
uses: actions/checkout@v3
with:
path: ${{ env.KONG_SOURCE_LOCATION }}
submodules: recursive
token: ${{ secrets.GHA_KONG_BOT_READ_TOKEN }}

- name: Setup kong-build-tools
run: |
pushd ${{ env.KONG_SOURCE_LOCATION }}
make setup-kong-build-tools
- name: Setup package naming environment variables
run: |
grep -v '^#' ${{ env.KONG_SOURCE_LOCATION}}/.requirements >> $GITHUB_ENV
echo "DOCKER_RELEASE_REPOSITORY=kong/kong" >> $GITHUB_ENV
echo "KONG_TEST_CONTAINER_TAG=$GITHUB_REF_NAME-${{ matrix.package_type }}" >> $GITHUB_ENV
if [[ ${{matrix.package_type }} == "apk" ]]; then
echo "ADDITIONAL_TAG_LIST=$GITHUB_REF_NAME-alpine" >> $GITHUB_ENV
fi
if [[ ${{matrix.package_type }} == "deb" ]]; then
echo "ADDITIONAL_TAG_LIST=$GITHUB_REF_NAME-debian $GITHUB_REF_NAME $GITHUB_SHA" >> $GITHUB_ENV
fi
- name: Package & Test
env:
GITHUB_TOKEN: ${{ secrets.GHA_KONG_BOT_READ_TOKEN }}
run: |
pushd ${{ env.KONG_SOURCE_LOCATION }}
make package/test/${{ matrix.package_type }}
- name: Push Docker Image
env:
SKIP_TESTS: true
run: |
pushd ${{ env.KONG_SOURCE_LOCATION }}
make release/docker/${{ matrix.package_type }}
- name: Store the package artifacts
uses: actions/upload-artifact@v3
with:
name: ${{ matrix.package_type }}
path: ${{ env.KONG_BUILD_TOOLS_LOCATION }}/output/*

- name: Comment on commit
continue-on-error: true
uses: peter-evans/commit-comment@v2
with:
token: ${{ secrets.GHA_COMMENT_TOKEN }}
body: |
Docker image avaialble ${{ env.DOCKER_RELEASE_REPOSITORY }}:${{ env.KONG_TEST_CONTAINER_TAG }}
Artifacts availabe https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
93 changes: 57 additions & 36 deletions Jenkinsfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,55 +2,57 @@ pipeline {
agent none
options {
retry(1)
timeout(time: 2, unit: 'HOURS')
timeout(time: 3, unit: 'HOURS')
}
environment {
UPDATE_CACHE = "true"
DOCKER_CREDENTIALS = credentials('dockerhub')
DOCKER_USERNAME = "${env.DOCKER_CREDENTIALS_USR}"
DOCKER_PASSWORD = "${env.DOCKER_CREDENTIALS_PSW}"
KONG_PACKAGE_NAME = "kong"
DOCKER_CLI_EXPERIMENTAL = "enabled"
PULP_HOST_PROD = "https://api.download.konghq.com"
// PULP_PROD and PULP_STAGE are used to do releases
PULP_HOST_PROD = "https://api.pulp.konnect-prod.konghq.com"
PULP_PROD = credentials('PULP')
PULP_HOST_STAGE = "https://api.download-dev.konghq.com"
PULP_HOST_STAGE = "https://api.pulp.konnect-stage.konghq.com"
PULP_STAGE = credentials('PULP_STAGE')
GITHUB_TOKEN = credentials('github_bot_access_token')
DEBUG = 0
}
stages {
stage('Release Per Commit') {
stage('Release -- Release Branch Release to Unofficial Asset Stores') {
when {
beforeAgent true
anyOf {
branch 'master';
branch 'release/*';
}
}
agent {
node {
label 'bionic'
parallel {
stage('Alpine') {
agent {
node {
label 'bionic'
}
}
environment {
KONG_SOURCE_LOCATION = "${env.WORKSPACE}"
KONG_BUILD_TOOLS_LOCATION = "${env.WORKSPACE}/../kong-build-tools"
AWS_ACCESS_KEY = "instanceprofile"
PACKAGE_TYPE = "apk"
GITHUB_SSH_KEY = credentials('github_bot_ssh_key')
}
options {
retry(2)
timeout(time: 2, unit: 'HOURS')
}
steps {
sh 'echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin || true'
sh 'make setup-kong-build-tools'
sh 'make RESTY_IMAGE_BASE=alpine RESTY_IMAGE_TAG=3 KONG_TEST_CONTAINER_TAG="${GIT_BRANCH##*/}-alpine" DOCKER_MACHINE_ARM64_NAME="kong-"`cat /proc/sys/kernel/random/uuid` release-docker-images'
}
}
}
environment {
KONG_PACKAGE_NAME = "kong"
KONG_SOURCE_LOCATION = "${env.WORKSPACE}"
KONG_BUILD_TOOLS_LOCATION = "${env.WORKSPACE}/../kong-build-tools"
AWS_ACCESS_KEY = "instanceprofile"
CACHE = "false"
UPDATE_CACHE = "true"
RELEASE_DOCKER_ONLY="true"
PACKAGE_TYPE="apk"
RESTY_IMAGE_BASE="alpine"
RESTY_IMAGE_TAG="latest"
}
steps {
sh 'echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin || true'
sh 'make setup-kong-build-tools'
sh 'KONG_VERSION=`git rev-parse --short HEAD` DOCKER_MACHINE_ARM64_NAME="jenkins-kong-"`cat /proc/sys/kernel/random/uuid` make release'
}
}
stage('Release') {
stage('Release -- Tag Release to Official Asset Stores') {
when {
beforeAgent true
allOf {
Expand All @@ -73,14 +75,19 @@ pipeline {
PRIVATE_KEY_PASSPHRASE = credentials('kong.private.gpg-key.asc.password')
GITHUB_SSH_KEY = credentials('github_bot_ssh_key')
}
options {
retry(2)
timeout(time: 2, unit: 'HOURS')
}
steps {
sh 'echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin || true'
sh 'make setup-kong-build-tools'
sh 'cp $PRIVATE_KEY_FILE ../kong-build-tools/kong.private.gpg-key.asc'
sh 'make RESTY_IMAGE_BASE=amazonlinux RESTY_IMAGE_TAG=2 release'
sh 'make RESTY_IMAGE_BASE=amazonlinux RESTY_IMAGE_TAG=2022 release'
sh 'make RESTY_IMAGE_BASE=centos RESTY_IMAGE_TAG=7 release'
sh 'make RESTY_IMAGE_BASE=rhel RESTY_IMAGE_TAG=7 release'
sh 'make RESTY_IMAGE_BASE=rhel RESTY_IMAGE_TAG=8 RELEASE_DOCKER=true release'
sh 'make RESTY_IMAGE_BASE=rhel RESTY_IMAGE_TAG=7.9 release'
sh 'make RESTY_IMAGE_BASE=rhel RESTY_IMAGE_TAG=8.6 RELEASE_DOCKER=true release'
}
}
stage('DEB') {
Expand All @@ -95,13 +102,18 @@ pipeline {
PACKAGE_TYPE = "deb"
GITHUB_SSH_KEY = credentials('github_bot_ssh_key')
}
options {
retry(2)
timeout(time: 2, unit: 'HOURS')
}
steps {
sh 'echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin || true'
sh 'make setup-kong-build-tools'
sh 'make RESTY_IMAGE_BASE=debian RESTY_IMAGE_TAG=10 release'
sh 'make RESTY_IMAGE_BASE=debian RESTY_IMAGE_TAG=11 RELEASE_DOCKER=true release'
sh 'make RESTY_IMAGE_BASE=ubuntu RESTY_IMAGE_TAG=18.04 AWS_ACCESS_KEY=instanceprofile CACHE=false DOCKER_MACHINE_ARM64_NAME="jenkins-kong-"`cat /proc/sys/kernel/random/uuid` release'
sh 'make RESTY_IMAGE_BASE=ubuntu RESTY_IMAGE_TAG=18.04 release'
sh 'make RESTY_IMAGE_BASE=ubuntu RESTY_IMAGE_TAG=20.04 RELEASE_DOCKER=true release'
sh 'make RESTY_IMAGE_BASE=ubuntu RESTY_IMAGE_TAG=22.04 RELEASE_DOCKER=true release'
}
}
stage('SRC & Alpine') {
Expand All @@ -117,16 +129,20 @@ pipeline {
GITHUB_SSH_KEY = credentials('github_bot_ssh_key')
AWS_ACCESS_KEY = "instanceprofile"
}
options {
retry(2)
timeout(time: 2, unit: 'HOURS')
}
steps {
sh 'echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin || true'
sh 'make setup-kong-build-tools'
sh 'make RESTY_IMAGE_BASE=src RESTY_IMAGE_TAG=src PACKAGE_TYPE=src release'
sh 'make RESTY_IMAGE_BASE=alpine RESTY_IMAGE_TAG=3.10 PACKAGE_TYPE=apk DOCKER_MACHINE_ARM64_NAME="kong-"`cat /proc/sys/kernel/random/uuid` RELEASE_DOCKER=true release'
sh 'make RESTY_IMAGE_BASE=alpine RESTY_IMAGE_TAG=3 PACKAGE_TYPE=apk DOCKER_MACHINE_ARM64_NAME="kong-"`cat /proc/sys/kernel/random/uuid` RELEASE_DOCKER=true release'
}
}
}
}
stage('Post Packaging Steps') {
stage('Post Release Steps') {
when {
beforeAgent true
allOf {
Expand All @@ -143,13 +159,14 @@ pipeline {
}
}
environment {
GITHUB_TOKEN = credentials('github_bot_access_token')
GITHUB_SSH_KEY = credentials('github_bot_ssh_key')
SLACK_WEBHOOK = credentials('core_team_slack_webhook')
GITHUB_USER = "mashapedeployment"
}
steps {
sh './scripts/setup-ci.sh'
sh 'echo "y" | ./scripts/make-patch-release $TAG_NAME update_docker'
sh 'echo "y" | ./scripts/make-release $TAG_NAME update_docker'
}
post {
failure {
Expand All @@ -171,13 +188,14 @@ pipeline {
}
}
environment {
GITHUB_TOKEN = credentials('github_bot_access_token')
GITHUB_SSH_KEY = credentials('github_bot_ssh_key')
SLACK_WEBHOOK = credentials('core_team_slack_webhook')
GITHUB_USER = "mashapedeployment"
}
steps {
sh './scripts/setup-ci.sh'
sh 'echo "y" | ./scripts/make-patch-release $TAG_NAME homebrew'
sh 'echo "y" | ./scripts/make-release $TAG_NAME homebrew'
}
post {
failure {
Expand All @@ -199,13 +217,14 @@ pipeline {
}
}
environment {
GITHUB_TOKEN = credentials('github_bot_access_token')
GITHUB_SSH_KEY = credentials('github_bot_ssh_key')
SLACK_WEBHOOK = credentials('core_team_slack_webhook')
GITHUB_USER = "mashapedeployment"
}
steps {
sh './scripts/setup-ci.sh'
sh 'echo "y" | ./scripts/make-patch-release $TAG_NAME vagrant'
sh 'echo "y" | ./scripts/make-release $TAG_NAME vagrant'
}
post {
failure {
Expand All @@ -227,13 +246,14 @@ pipeline {
}
}
environment {
GITHUB_TOKEN = credentials('github_bot_access_token')
GITHUB_SSH_KEY = credentials('github_bot_ssh_key')
SLACK_WEBHOOK = credentials('core_team_slack_webhook')
GITHUB_USER = "mashapedeployment"
}
steps {
sh './scripts/setup-ci.sh'
sh 'echo "y" | ./scripts/make-patch-release $TAG_NAME pongo'
sh 'echo "y" | ./scripts/make-release $TAG_NAME pongo'
}
post {
always {
Expand All @@ -247,3 +267,4 @@ pipeline {
}
}
}

Loading

0 comments on commit 161f2d8

Please sign in to comment.