-
Notifications
You must be signed in to change notification settings - Fork 8.3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'main' into 7557-cloud-security-cloudformation-params-po…
…int-to-non-existing-agent-artifact-in-serverless
- Loading branch information
Showing
185 changed files
with
3,961 additions
and
1,833 deletions.
There are no files selected for viewing
58 changes: 58 additions & 0 deletions
58
.buildkite/pipelines/es_serverless/verify_es_serverless_image.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,58 @@ | ||
# https://buildkite.com/elastic/kibana-elasticsearch-serverless-verify-and-promote/ | ||
agents: | ||
queue: kibana-default | ||
|
||
steps: | ||
- label: "Annotate runtime parameters" | ||
command: | | ||
buildkite-agent annotate --context es-serverless-image --style info "ES Serverless image: $ES_SERVERLESS_IMAGE" | ||
buildkite-agent annotate --context kibana-commit --style info "Kibana build hash: $BUILDKITE_BRANCH / $BUILDKITE_COMMIT" | ||
- group: "(:kibana: x :elastic:) Trigger Kibana Serverless suite" | ||
if: "build.env('SKIP_VERIFICATION') != '1' && build.env('SKIP_VERIFICATION') != 'true'" | ||
steps: | ||
- label: "Pre-Build" | ||
command: .buildkite/scripts/lifecycle/pre_build.sh | ||
key: pre-build | ||
timeout_in_minutes: 10 | ||
agents: | ||
queue: kibana-default | ||
|
||
- label: "Build Kibana Distribution and Plugins" | ||
command: .buildkite/scripts/steps/build_kibana.sh | ||
agents: | ||
queue: n2-16-spot | ||
key: build | ||
depends_on: pre-build | ||
if: "build.env('KIBANA_BUILD_ID') == null || build.env('KIBANA_BUILD_ID') == ''" | ||
timeout_in_minutes: 60 | ||
retry: | ||
automatic: | ||
- exit_status: '-1' | ||
limit: 3 | ||
|
||
- label: "Pick Test Group Run Order" | ||
command: .buildkite/scripts/steps/test/pick_test_group_run_order.sh | ||
agents: | ||
queue: kibana-default | ||
env: | ||
FTR_CONFIGS_SCRIPT: 'TEST_ES_SERVERLESS_IMAGE=$ES_SERVERLESS_IMAGE .buildkite/scripts/steps/test/ftr_configs.sh' | ||
FTR_CONFIG_PATTERNS: '**/test_serverless/**' | ||
LIMIT_CONFIG_TYPE: 'functional' | ||
retry: | ||
automatic: | ||
- exit_status: '*' | ||
limit: 1 | ||
|
||
- wait: ~ | ||
|
||
- label: ":arrow_up::elastic::arrow_up: Promote docker image" | ||
command: .buildkite/scripts/steps/es_serverless/promote_es_serverless_image.sh $ES_SERVERLESS_IMAGE | ||
|
||
- wait: ~ | ||
|
||
- label: 'Post-Build' | ||
command: .buildkite/scripts/lifecycle/post_build.sh | ||
timeout_in_minutes: 10 | ||
agents: | ||
queue: kibana-default |
75 changes: 75 additions & 0 deletions
75
.buildkite/scripts/steps/es_serverless/promote_es_serverless_image.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,75 @@ | ||
#!/bin/bash | ||
|
||
set -euo pipefail | ||
|
||
source .buildkite/scripts/common/util.sh | ||
|
||
BASE_ES_SERVERLESS_REPO=docker.elastic.co/elasticsearch-ci/elasticsearch-serverless | ||
TARGET_IMAGE=docker.elastic.co/kibana-ci/elasticsearch-serverless:latest-verified | ||
|
||
ES_SERVERLESS_BUCKET=kibana-ci-es-serverless-images | ||
MANIFEST_FILE_NAME=latest-verified.json | ||
|
||
SOURCE_IMAGE_OR_TAG=$1 | ||
if [[ $SOURCE_IMAGE_OR_TAG =~ :[a-zA-Z_-]+$ ]]; then | ||
# $SOURCE_IMAGE_OR_TAG was a full image | ||
SOURCE_IMAGE=$SOURCE_IMAGE_OR_TAG | ||
else | ||
# $SOURCE_IMAGE_OR_TAG was an image tag | ||
SOURCE_IMAGE="$BASE_ES_SERVERLESS_REPO:$SOURCE_IMAGE_OR_TAG" | ||
fi | ||
|
||
echo "--- Promoting ${SOURCE_IMAGE_OR_TAG} to ':latest-verified'" | ||
|
||
echo "Re-tagging $SOURCE_IMAGE -> $TARGET_IMAGE" | ||
|
||
echo "$KIBANA_DOCKER_PASSWORD" | docker login -u "$KIBANA_DOCKER_USERNAME" --password-stdin docker.elastic.co | ||
docker pull "$SOURCE_IMAGE" | ||
docker tag "$SOURCE_IMAGE" "$TARGET_IMAGE" | ||
docker push "$TARGET_IMAGE" | ||
|
||
ORIG_IMG_DATA=$(docker inspect "$SOURCE_IMAGE") | ||
ELASTIC_COMMIT_HASH=$(echo $ORIG_IMG_DATA | jq -r '.[].Config.Labels["org.opencontainers.image.revision"]') | ||
|
||
docker logout docker.elastic.co | ||
|
||
echo "Image push to $TARGET_IMAGE successful." | ||
echo "Promotion successful! Henceforth, thou shall be named Sir $TARGET_IMAGE" | ||
|
||
MANIFEST_UPLOAD_PATH="Skipped" | ||
if [[ "$UPLOAD_MANIFEST" =~ ^(1|true)$ && "$SOURCE_IMAGE_OR_TAG" =~ ^git-[0-9a-fA-F]{12}$ ]]; then | ||
echo "--- Uploading latest-verified manifest to GCS" | ||
cat << EOT >> $MANIFEST_FILE_NAME | ||
{ | ||
"build_url": "$BUILDKITE_BUILD_URL", | ||
"kibana_commit": "$BUILDKITE_COMMIT", | ||
"kibana_branch": "$BUILDKITE_BRANCH", | ||
"elasticsearch_serverless_tag": "$SOURCE_IMAGE_OR_TAG", | ||
"elasticsearch_serverless_image_url: "$SOURCE_IMAGE", | ||
"elasticsearch_serverless_commit": "TODO: this currently can't be decided", | ||
"elasticsearch_commit": "$ELASTIC_COMMIT_HASH", | ||
"created_at": "`date`", | ||
"timestamp": "`FORCE_COLOR=0 node -p 'Date.now()'`" | ||
} | ||
EOT | ||
|
||
gsutil -h "Cache-Control:no-cache, max-age=0, no-transform" \ | ||
cp $MANIFEST_FILE_NAME "gs://$ES_SERVERLESS_BUCKET/$MANIFEST_FILE_NAME" | ||
gsutil acl ch -u AllUsers:R "gs://$ES_SERVERLESS_BUCKET/$MANIFEST_FILE_NAME" | ||
MANIFEST_UPLOAD_PATH="<a href=\"https://storage.googleapis.com/$ES_SERVERLESS_BUCKET/$MANIFEST_FILE_NAME\">$MANIFEST_FILE_NAME</a>" | ||
|
||
elif [[ "$UPLOAD_MANIFEST" =~ ^(1|true)$ ]]; then | ||
echo "--- Skipping upload of latest-verified manifest to GCS, ES Serverless build tag is not pointing to a hash" | ||
elif [[ "$SOURCE_IMAGE_OR_TAG" =~ ^git-[0-9a-fA-F]{12}$ ]]; then | ||
echo "--- Skipping upload of latest-verified manifest to GCS, flag was not provided" | ||
fi | ||
|
||
echo "--- Annotating build with info" | ||
cat << EOT | buildkite-agent annotate --style "success" | ||
<h2>Promotion successful!</h2> | ||
<br/>New image: $TARGET_IMAGE | ||
<br/>Source image: $SOURCE_IMAGE | ||
<br/>Kibana commit: <a href="https://github.com/elastic/kibana/commit/$BUILDKITE_COMMIT">$BUILDKITE_COMMIT</a> | ||
<br/>Elasticsearch commit: <a href="https://github.com/elastic/elasticsearch/commit/$ELASTIC_COMMIT_HASH">$ELASTIC_COMMIT_HASH</a> | ||
<br/>Manifest file: $MANIFEST_UPLOAD_PATH | ||
EOT |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.