From e7d697c545f89844c0df1d07234eabb9451b29dd Mon Sep 17 00:00:00 2001 From: Amber Brown Date: Wed, 21 Jun 2023 14:21:01 +1000 Subject: [PATCH 1/3] move prettierrc up one level --- portal/v2/.prettierrc.yaml => .prettierrc.yaml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename portal/v2/.prettierrc.yaml => .prettierrc.yaml (100%) diff --git a/portal/v2/.prettierrc.yaml b/.prettierrc.yaml similarity index 100% rename from portal/v2/.prettierrc.yaml rename to .prettierrc.yaml From 3b4190a603303f8732098abe710786734980c419 Mon Sep 17 00:00:00 2001 From: Amber Brown Date: Wed, 21 Jun 2023 14:30:41 +1000 Subject: [PATCH 2/3] add a prettierignore --- .prettierignore | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 .prettierignore diff --git a/.prettierignore b/.prettierignore new file mode 100644 index 00000000000..5c22a39cfa7 --- /dev/null +++ b/.prettierignore @@ -0,0 +1,10 @@ +*aro.openshift.io*.yaml +/pkg/**/staticresources/ +/pkg/deploy/assets/ +/pkg/operator/controllers/muo/test_files/ +/pkg/portal/assets/ +/pkg/portal/cluster/testdocs/ +/pkg/util/dynamichelper/discovery/ +/portal/v2/node_modules/ +/swagger/ +/vendor/ From 33d1d08b439960e54d5c98cc0efabb8d926d5cba Mon Sep 17 00:00:00 2001 From: Amber Brown Date: Wed, 21 Jun 2023 14:33:44 +1000 Subject: [PATCH 3/3] update files --- .golangci.yml | 37 +-- .pipelines/ci.yml | 202 ++++++------- .pipelines/clean-subscription.yml | 40 +-- .pipelines/deploy-dev-env.yml | 36 +-- .pipelines/e2e.yml | 270 +++++++++--------- .../onebranch/pipeline.buildrp.official.yml | 66 ++--- .../pipeline.buildrp.pullrequest.yml | 64 ++--- .../templates/template-buildrp-buildaro.yml | 72 ++--- .../template-buildrp-builddocker.yml | 24 +- .../template-generate-ev2-manifests.yml | 48 ++-- .../templates/template-az-cli-login.yml | 14 +- .../templates/template-az-cli-logout.yml | 12 +- .pipelines/templates/template-checkout.yml | 10 +- .../templates/template-clean-subscription.yml | 54 ++-- .pipelines/templates/template-codeql.yml | 62 ++-- .../templates/template-deploy-shared-env.yml | 44 +-- .../templates/template-push-images-to-acr.yml | 20 +- 17 files changed, 538 insertions(+), 537 deletions(-) diff --git a/.golangci.yml b/.golangci.yml index f6af2fb45ca..b70546168fc 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -14,30 +14,31 @@ run: issues: exclude-rules: - - linters: - - staticcheck - text: "SA1019: codec.BasicHandle is deprecated" - # This is set to false to disregard the default EXC0011 exclusion - # which shadows all the ST* checks. Refer https://github.com/golangci/golangci-lint/issues/2281 - - path: "pkg/client/(.+)\\.go" - linters: - - importas - - path: "(.+/)?zz_generated_(.+)\\.go" - linters: - - importas - - path: "pkg/operator/(clientset|mocks)/(.+)\\.go" - linters: - - importas - - path: "pkg/util/mocks/(.+)\\.go" - linters: - - importas + - linters: + - staticcheck + text: "SA1019: codec.BasicHandle is deprecated" + # This is set to false to disregard the default EXC0011 exclusion + # which shadows all the ST* checks. Refer https://github.com/golangci/golangci-lint/issues/2281 + - path: "pkg/client/(.+)\\.go" + linters: + - importas + - path: "(.+/)?zz_generated_(.+)\\.go" + linters: + - importas + - path: "pkg/operator/(clientset|mocks)/(.+)\\.go" + linters: + - importas + - path: "pkg/util/mocks/(.+)\\.go" + linters: + - importas exclude-use-default: false linters-settings: stylecheck: # added additional checks for comments in Go. # Refer https://staticcheck.io/docs/options#checks for details - checks: ["all", "-ST1000", "-ST1003", "-ST1016", "-ST1020", "-ST1021", "-ST1022"] + checks: + ["all", "-ST1000", "-ST1003", "-ST1016", "-ST1020", "-ST1021", "-ST1022"] dot-import-whitelist: - github.com/onsi/ginkgo/v2 - github.com/onsi/gomega diff --git a/.pipelines/ci.yml b/.pipelines/ci.yml index 8357f9047ae..a66a137a3dd 100644 --- a/.pipelines/ci.yml +++ b/.pipelines/ci.yml @@ -15,132 +15,132 @@ trigger: branches: include: - - master + - master paths: exclude: - - docs/* + - docs/* tags: include: - - v2* + - v2* pr: branches: include: - - master + - master paths: exclude: - - docs/* + - docs/* resources: containers: - - container: golang - image: registry.access.redhat.com/ubi8/go-toolset:1.18 - options: --user=0 - - container: python - image: registry.access.redhat.com/ubi8/python-39:latest - options: --user=0 + - container: golang + image: registry.access.redhat.com/ubi8/go-toolset:1.18 + options: --user=0 + - container: python + image: registry.access.redhat.com/ubi8/python-39:latest + options: --user=0 variables: -- template: vars.yml + - template: vars.yml jobs: -- job: Golang_CodeQL - pool: - name: 1es-aro-ci-pool - variables: - HOME: $(Agent.BuildDirectory) - steps: - - template: ./templates/template-checkout.yml - - template: ./templates/template-codeql.yml - parameters: - language: go - target: golang - github_token: $(github_codeql_upload_token) - timeoutInMinutes: 120 + - job: Golang_CodeQL + pool: + name: 1es-aro-ci-pool + variables: + HOME: $(Agent.BuildDirectory) + steps: + - template: ./templates/template-checkout.yml + - template: ./templates/template-codeql.yml + parameters: + language: go + target: golang + github_token: $(github_codeql_upload_token) + timeoutInMinutes: 120 -- job: Python_Unit_Tests - pool: - name: 1es-aro-ci-pool - variables: - HOME: $(Agent.BuildDirectory) - steps: - - template: ./templates/template-checkout.yml - - script: | - set -xe - make test-python - [[ -z "$(git status -s)" ]] - displayName: ๐ŸงชRun Python Unit Tests - target: python + - job: Python_Unit_Tests + pool: + name: 1es-aro-ci-pool + variables: + HOME: $(Agent.BuildDirectory) + steps: + - template: ./templates/template-checkout.yml + - script: | + set -xe + make test-python + [[ -z "$(git status -s)" ]] + displayName: ๐ŸงชRun Python Unit Tests + target: python -- job: Golang_Unit_Tests - pool: - name: 1es-aro-ci-pool - variables: - GOCACHE: /tmp/gocache - steps: - - template: ./templates/template-checkout.yml + - job: Golang_Unit_Tests + pool: + name: 1es-aro-ci-pool + variables: + GOCACHE: /tmp/gocache + steps: + - template: ./templates/template-checkout.yml - - script: | - set -xe - go version - go env - displayName: Print Go version & env - target: golang + - script: | + set -xe + go version + go env + displayName: Print Go version & env + target: golang - - script: | - set -xe - make generate - [[ -z "$(git status -s)" ]] - displayName: โš™๏ธ Run Golang code generate - target: golang + - script: | + set -xe + make generate + [[ -z "$(git status -s)" ]] + displayName: โš™๏ธ Run Golang code generate + target: golang - - script: | - set -xe - make build-all - [[ -z "$(git status -s)" ]] - displayName: ๐Ÿ•ต๏ธ Build Golang code - target: golang + - script: | + set -xe + make build-all + [[ -z "$(git status -s)" ]] + displayName: ๐Ÿ•ต๏ธ Build Golang code + target: golang - - script: | - set -xe - make unit-test-go - displayName: ๐Ÿงช Run Golang unit tests - target: golang + - script: | + set -xe + make unit-test-go + displayName: ๐Ÿงช Run Golang unit tests + target: golang - - script: | - set -xe - make validate-fips - displayName: ๐Ÿ•ต๏ธ Validate FIPS - target: golang + - script: | + set -xe + make validate-fips + displayName: ๐Ÿ•ต๏ธ Validate FIPS + target: golang - - task: PublishTestResults@2 - displayName: ๐Ÿ“Š Publish tests results - inputs: - testResultsFiles: $(System.DefaultWorkingDirectory)/**/report.xml - condition: succeededOrFailed() + - task: PublishTestResults@2 + displayName: ๐Ÿ“Š Publish tests results + inputs: + testResultsFiles: $(System.DefaultWorkingDirectory)/**/report.xml + condition: succeededOrFailed() - - script: | - set -xe - go run github.com/axw/gocov/gocov@v1.1.0 convert cover.out | go run github.com/AlekSi/gocov-xml@v1.1.0 > coverage.xml - displayName: โš™๏ธ Process Reports - condition: succeededOrFailed() - target: golang + - script: | + set -xe + go run github.com/axw/gocov/gocov@v1.1.0 convert cover.out | go run github.com/AlekSi/gocov-xml@v1.1.0 > coverage.xml + displayName: โš™๏ธ Process Reports + condition: succeededOrFailed() + target: golang - - task: PublishCodeCoverageResults@1 - displayName: ๐Ÿ“ˆ Publish code coverage - inputs: - codeCoverageTool: Cobertura - summaryFileLocation: $(System.DefaultWorkingDirectory)/**/coverage.xml - failIfCoverageEmpty: false - condition: succeededOrFailed() - target: golang + - task: PublishCodeCoverageResults@1 + displayName: ๐Ÿ“ˆ Publish code coverage + inputs: + codeCoverageTool: Cobertura + summaryFileLocation: $(System.DefaultWorkingDirectory)/**/coverage.xml + failIfCoverageEmpty: false + condition: succeededOrFailed() + target: golang -- job: Lint_Admin_Portal - pool: - name: 1es-aro-ci-pool - steps: - - template: ./templates/template-checkout.yml - - script: | - set -xe - make lint-admin-portal - displayName: ๐Ÿงน Lint Admin Portal + - job: Lint_Admin_Portal + pool: + name: 1es-aro-ci-pool + steps: + - template: ./templates/template-checkout.yml + - script: | + set -xe + make lint-admin-portal + displayName: ๐Ÿงน Lint Admin Portal diff --git a/.pipelines/clean-subscription.yml b/.pipelines/clean-subscription.yml index ddbebf2471c..aadc509bcb5 100644 --- a/.pipelines/clean-subscription.yml +++ b/.pipelines/clean-subscription.yml @@ -2,31 +2,31 @@ trigger: none pr: none parameters: -- name: dryRun - type: boolean - default: false + - name: dryRun + type: boolean + default: false resources: containers: - - container: golang - image: registry.access.redhat.com/ubi8/go-toolset:1.18 - options: --user=0 + - container: golang + image: registry.access.redhat.com/ubi8/go-toolset:1.18 + options: --user=0 variables: -- template: vars.yml + - template: vars.yml jobs: -- job: Clean_subscription - pool: - name: 1es-aro-ci-pool + - job: Clean_subscription + pool: + name: 1es-aro-ci-pool - steps: - - template: ./templates/template-checkout.yml - - template: ./templates/template-clean-subscription.yml - parameters: - dryRun: ${{ parameters.dryRun }} - subscriptionCredentialsJSON: $(aro-v4-e2e-devops-spn) - subscriptionId: $(subscriptionId) - purgeCreatedTag: $(purgeCreatedTag) - resourceGroupDeletePrefixes: $(resourceGroupDeletePrefixes) - purgeTTL: $(purgeTTL) + steps: + - template: ./templates/template-checkout.yml + - template: ./templates/template-clean-subscription.yml + parameters: + dryRun: ${{ parameters.dryRun }} + subscriptionCredentialsJSON: $(aro-v4-e2e-devops-spn) + subscriptionId: $(subscriptionId) + purgeCreatedTag: $(purgeCreatedTag) + resourceGroupDeletePrefixes: $(resourceGroupDeletePrefixes) + purgeTTL: $(purgeTTL) diff --git a/.pipelines/deploy-dev-env.yml b/.pipelines/deploy-dev-env.yml index 7200c57ba86..8a04f409134 100644 --- a/.pipelines/deploy-dev-env.yml +++ b/.pipelines/deploy-dev-env.yml @@ -3,24 +3,24 @@ trigger: none pr: none variables: -- template: vars.yml + - template: vars.yml jobs: -- job: Deploy_new_shared_env - pool: - name: 1es-aro-ci-pool + - job: Deploy_new_shared_env + pool: + name: 1es-aro-ci-pool - steps: - - template: ./templates/template-checkout.yml - - template: ./templates/template-az-cli-login.yml - parameters: - azureDevOpsJSONSPN: $(aro-v4-e2e-devops-spn) - - script: | - export SECRET_SA_ACCOUNT_NAME=$(SECRET_SA_ACCOUNT_NAME) - make secrets - displayName: ๐Ÿ”‘ Downloading certificates and secrets from storage account - - template: ./templates/template-deploy-shared-env.yml - parameters: - subscriptionID: $(AZURE_SUBSCRIPTION_ID) - azureDevOpsJSONSPN: $(aro-v4-e2e-devops-spn) - - template: ./templates/template-az-cli-logout.yml + steps: + - template: ./templates/template-checkout.yml + - template: ./templates/template-az-cli-login.yml + parameters: + azureDevOpsJSONSPN: $(aro-v4-e2e-devops-spn) + - script: | + export SECRET_SA_ACCOUNT_NAME=$(SECRET_SA_ACCOUNT_NAME) + make secrets + displayName: ๐Ÿ”‘ Downloading certificates and secrets from storage account + - template: ./templates/template-deploy-shared-env.yml + parameters: + subscriptionID: $(AZURE_SUBSCRIPTION_ID) + azureDevOpsJSONSPN: $(aro-v4-e2e-devops-spn) + - template: ./templates/template-az-cli-logout.yml diff --git a/.pipelines/e2e.yml b/.pipelines/e2e.yml index 1c306a21440..598a67fe787 100644 --- a/.pipelines/e2e.yml +++ b/.pipelines/e2e.yml @@ -3,145 +3,145 @@ pr: none resources: pipelines: - - pipeline: e2e - source: CI - trigger: true + - pipeline: e2e + source: CI + trigger: true containers: - - container: container - image: registry.access.redhat.com/ubi8/toolbox:8.8 - options: --user=0 --privileged -v /dev/shm:/dev/shm --device /dev/net/tun --name vpn + - container: container + image: registry.access.redhat.com/ubi8/toolbox:8.8 + options: --user=0 --privileged -v /dev/shm:/dev/shm --device /dev/net/tun --name vpn # Azure DevOps Pipeline running e2e tests variables: -- template: vars.yml + - template: vars.yml # Run the test suite and collect must-gather jobs: -- job: E2E - timeoutInMinutes: 180 - variables: - ARO_PODMAN_SOCKET: "tcp://localhost:8888" - ARO_SELENIUM_HOSTNAME: "localhost" - pool: - name: 1es-aro-ci-pool - steps: - - template: ./templates/template-checkout.yml - - - script: | - set -xe - sudo rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm - sudo dnf install -y openvpn make podman jq - displayName: Setup (Container) - target: container - - - template: ./templates/template-az-cli-login.yml - parameters: - azureDevOpsJSONSPN: $(aro-v4-e2e-devops-spn) - - template: ./templates/template-push-images-to-acr.yml - parameters: - rpImageACR: $(RP_IMAGE_ACR) - - script: | - make extract-aro-docker - displayName: Extract ARO binaries from build - - - script: | - az account set -s $AZURE_SUBSCRIPTION_ID - SECRET_SA_ACCOUNT_NAME=e2earosecrets make secrets - . secrets/env - - export CI=true - . ./hack/e2e/run-rp-and-e2e.sh - deploy_e2e_db - displayName: Setup (Azure) - - - script: | - export CI=true - . secrets/env - . ./hack/e2e/run-rp-and-e2e.sh - - run_vpn - - run_podman - validate_podman_running - - run_portal - validate_portal_running - - run_selenium - validate_selenium_running - - run_rp - validate_rp_running - - register_sub - - make test-e2e -o e2e.test - displayName: Execute Tests - target: container - - - script: | - export CI=true - . ./hack/e2e/run-rp-and-e2e.sh - set -x - - # retrieve the kubeconfig - hack/get-admin-kubeconfig.sh /subscriptions/$AZURE_SUBSCRIPTION_ID/resourceGroups/$CLUSTER/providers/Microsoft.RedHatOpenShift/openShiftClusters/$CLUSTER >admin.kubeconfig - displayName: Get admin kubeconfig for must-gather - condition: failed() - # must-gather collection must be run inside the container so it can access the VPN - - script: | - export CI=true - . ./hack/e2e/run-rp-and-e2e.sh - - export KUBECONFIG=admin.kubeconfig - - # retrieve the oc cli - wget -nv https://mirror.openshift.com/pub/openshift-v4/x86_64/clients/ocp/$(OpenShiftCLIVersion)/openshift-client-linux-$(OpenShiftCLIVersion).tar.gz - tar xf openshift-client-linux-$(OpenShiftCLIVersion).tar.gz - ./oc adm must-gather - tar cf must-gather.tar.gz must-gather.local.* - displayName: Collect must-gather - target: container - condition: failed() - - publish: must-gather.tar.gz - artifact: must-gather - displayName: Append must-gather to Pipeline - condition: failed() - - - script: | - export CI=true - . ./hack/e2e/run-rp-and-e2e.sh - - delete_e2e_cluster - kill_rp - kill_selenium - kill_podman - kill_vpn - displayName: Cleanup - condition: always() - target: container - - script: | - export CI=true - . ./hack/e2e/run-rp-and-e2e.sh - clean_e2e_db - displayName: Cleanup (Azure) - condition: always() - - template: ./templates/template-az-cli-logout.yml - - - task: PublishTestResults@2 - displayName: ๐Ÿ“Š Publish tests results - inputs: - testResultsFiles: $(System.DefaultWorkingDirectory)/**/e2e-report.xml - condition: succeededOrFailed() - - - task: CopyFiles@2 - condition: succeededOrFailed() - inputs: - contents: $(Build.SourcesDirectory)/*.png - targetFolder: $(Build.ArtifactStagingDirectory) - - - task: PublishBuildArtifacts@1 - condition: succeededOrFailed() - inputs: - pathToPublish: $(Build.ArtifactStagingDirectory) - artifactName: Screenshots + - job: E2E + timeoutInMinutes: 180 + variables: + ARO_PODMAN_SOCKET: "tcp://localhost:8888" + ARO_SELENIUM_HOSTNAME: "localhost" + pool: + name: 1es-aro-ci-pool + steps: + - template: ./templates/template-checkout.yml + + - script: | + set -xe + sudo rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm + sudo dnf install -y openvpn make podman jq + displayName: Setup (Container) + target: container + + - template: ./templates/template-az-cli-login.yml + parameters: + azureDevOpsJSONSPN: $(aro-v4-e2e-devops-spn) + - template: ./templates/template-push-images-to-acr.yml + parameters: + rpImageACR: $(RP_IMAGE_ACR) + - script: | + make extract-aro-docker + displayName: Extract ARO binaries from build + + - script: | + az account set -s $AZURE_SUBSCRIPTION_ID + SECRET_SA_ACCOUNT_NAME=e2earosecrets make secrets + . secrets/env + + export CI=true + . ./hack/e2e/run-rp-and-e2e.sh + deploy_e2e_db + displayName: Setup (Azure) + + - script: | + export CI=true + . secrets/env + . ./hack/e2e/run-rp-and-e2e.sh + + run_vpn + + run_podman + validate_podman_running + + run_portal + validate_portal_running + + run_selenium + validate_selenium_running + + run_rp + validate_rp_running + + register_sub + + make test-e2e -o e2e.test + displayName: Execute Tests + target: container + + - script: | + export CI=true + . ./hack/e2e/run-rp-and-e2e.sh + set -x + + # retrieve the kubeconfig + hack/get-admin-kubeconfig.sh /subscriptions/$AZURE_SUBSCRIPTION_ID/resourceGroups/$CLUSTER/providers/Microsoft.RedHatOpenShift/openShiftClusters/$CLUSTER >admin.kubeconfig + displayName: Get admin kubeconfig for must-gather + condition: failed() + # must-gather collection must be run inside the container so it can access the VPN + - script: | + export CI=true + . ./hack/e2e/run-rp-and-e2e.sh + + export KUBECONFIG=admin.kubeconfig + + # retrieve the oc cli + wget -nv https://mirror.openshift.com/pub/openshift-v4/x86_64/clients/ocp/$(OpenShiftCLIVersion)/openshift-client-linux-$(OpenShiftCLIVersion).tar.gz + tar xf openshift-client-linux-$(OpenShiftCLIVersion).tar.gz + ./oc adm must-gather + tar cf must-gather.tar.gz must-gather.local.* + displayName: Collect must-gather + target: container + condition: failed() + - publish: must-gather.tar.gz + artifact: must-gather + displayName: Append must-gather to Pipeline + condition: failed() + + - script: | + export CI=true + . ./hack/e2e/run-rp-and-e2e.sh + + delete_e2e_cluster + kill_rp + kill_selenium + kill_podman + kill_vpn + displayName: Cleanup + condition: always() + target: container + - script: | + export CI=true + . ./hack/e2e/run-rp-and-e2e.sh + clean_e2e_db + displayName: Cleanup (Azure) + condition: always() + - template: ./templates/template-az-cli-logout.yml + + - task: PublishTestResults@2 + displayName: ๐Ÿ“Š Publish tests results + inputs: + testResultsFiles: $(System.DefaultWorkingDirectory)/**/e2e-report.xml + condition: succeededOrFailed() + + - task: CopyFiles@2 + condition: succeededOrFailed() + inputs: + contents: $(Build.SourcesDirectory)/*.png + targetFolder: $(Build.ArtifactStagingDirectory) + + - task: PublishBuildArtifacts@1 + condition: succeededOrFailed() + inputs: + pathToPublish: $(Build.ArtifactStagingDirectory) + artifactName: Screenshots diff --git a/.pipelines/onebranch/pipeline.buildrp.official.yml b/.pipelines/onebranch/pipeline.buildrp.official.yml index ec78fdc2875..dbea6399890 100644 --- a/.pipelines/onebranch/pipeline.buildrp.official.yml +++ b/.pipelines/onebranch/pipeline.buildrp.official.yml @@ -19,16 +19,16 @@ variables: resources: repositories: - - repository: templates - type: git - name: OneBranch.Pipelines/GovernedTemplates - ref: refs/heads/main - - repository: rhado - type: git - name: ARO.Pipelines - - repository: rpconfig - type: git - name: RP-Config + - repository: templates + type: git + name: OneBranch.Pipelines/GovernedTemplates + ref: refs/heads/main + - repository: rhado + type: git + name: ARO.Pipelines + - repository: rpconfig + type: git + name: RP-Config extends: template: v2/OneBranch.Official.CrossPlat.yml@templates # https://aka.ms/obpipelines/templates @@ -50,31 +50,31 @@ extends: longpaths: true stages: - - stage: Build_ARO - jobs: - - job: Build_ARO - pool: - type: linux + - stage: Build_ARO + jobs: + - job: Build_ARO + pool: + type: linux - variables: # More settings at https://aka.ms/obpipelines/yaml/jobs - is_official_release: true - ob_outputDirectory: $(Build.SourcesDirectory)/out # this directory is uploaded to pipeline artifacts, reddog and cloudvault. More info at https://aka.ms/obpipelines/artifacts + variables: # More settings at https://aka.ms/obpipelines/yaml/jobs + is_official_release: true + ob_outputDirectory: $(Build.SourcesDirectory)/out # this directory is uploaded to pipeline artifacts, reddog and cloudvault. More info at https://aka.ms/obpipelines/artifacts - steps: - - template: .pipelines/onebranch/templates/template-buildrp-buildaro.yml@self + steps: + - template: .pipelines/onebranch/templates/template-buildrp-buildaro.yml@self - - stage: Build_Docker_Image - dependsOn: Build_ARO - jobs: - - job: Build_Docker_Image - pool: - type: docker - os: linux + - stage: Build_Docker_Image + dependsOn: Build_ARO + jobs: + - job: Build_Docker_Image + pool: + type: docker + os: linux - variables: - is_official_release: true - ob_git_checkout: true - release_tag: $[stageDependencies.Build_ARO.Build_ARO.outputs['buildaro.releasetag']] + variables: + is_official_release: true + ob_git_checkout: true + release_tag: $[stageDependencies.Build_ARO.Build_ARO.outputs['buildaro.releasetag']] - steps: - - template: .pipelines/onebranch/templates/template-buildrp-builddocker.yml@self + steps: + - template: .pipelines/onebranch/templates/template-buildrp-builddocker.yml@self diff --git a/.pipelines/onebranch/pipeline.buildrp.pullrequest.yml b/.pipelines/onebranch/pipeline.buildrp.pullrequest.yml index fb68d4c9a16..fd1153075c9 100644 --- a/.pipelines/onebranch/pipeline.buildrp.pullrequest.yml +++ b/.pipelines/onebranch/pipeline.buildrp.pullrequest.yml @@ -12,23 +12,23 @@ trigger: none pr: none variables: - Cdp_Definition_Build_Count: $[counter('', 0)] # needed for onebranch.pipeline.version task https://aka.ms/obpipelines/versioning + Cdp_Definition_Build_Count: $[counter('', 0)] # needed for onebranch.pipeline.version task https://aka.ms/obpipelines/versioning ONEBRANCH_AME_ACR_LOGIN: cdpxb8e9ef87cd634085ab141c637806568c00.azurecr.io LinuxContainerImage: $(ONEBRANCH_AME_ACR_LOGIN)/b8e9ef87-cd63-4085-ab14-1c637806568c/official/ubi8/go-toolset:1.18.4 # Docker image which is used to build the project https://aka.ms/obpipelines/containers Debian_Frontend: noninteractive resources: repositories: - - repository: templates - type: git - name: OneBranch.Pipelines/GovernedTemplates - ref: refs/heads/main - - repository: rhado - type: git - name: ARO.Pipelines - - repository: rpconfig - type: git - name: RP-Config + - repository: templates + type: git + name: OneBranch.Pipelines/GovernedTemplates + ref: refs/heads/main + - repository: rhado + type: git + name: ARO.Pipelines + - repository: rpconfig + type: git + name: RP-Config extends: template: v2/OneBranch.NonOfficial.CrossPlat.yml@templates # https://aka.ms/obpipelines/templates @@ -50,29 +50,29 @@ extends: longpaths: true stages: - - stage: Build_ARO - jobs: - - job: Build_ARO - pool: - type: linux + - stage: Build_ARO + jobs: + - job: Build_ARO + pool: + type: linux - variables: # More settings at https://aka.ms/obpipelines/yaml/jobs - ob_outputDirectory: $(Build.SourcesDirectory)/out # this directory is uploaded to pipeline artifacts, reddog and cloudvault. More info at https://aka.ms/obpipelines/artifacts + variables: # More settings at https://aka.ms/obpipelines/yaml/jobs + ob_outputDirectory: $(Build.SourcesDirectory)/out # this directory is uploaded to pipeline artifacts, reddog and cloudvault. More info at https://aka.ms/obpipelines/artifacts - steps: - - template: .pipelines/onebranch/templates/template-buildrp-buildaro.yml@self + steps: + - template: .pipelines/onebranch/templates/template-buildrp-buildaro.yml@self - - stage: Build_Docker_Image - dependsOn: Build_ARO - jobs: - - job: Build_Docker_Image - pool: - type: docker - os: linux + - stage: Build_Docker_Image + dependsOn: Build_ARO + jobs: + - job: Build_Docker_Image + pool: + type: docker + os: linux - variables: - ob_git_checkout: true - release_tag: $[stageDependencies.Build_ARO.Build_ARO.outputs['buildaro.releasetag']] + variables: + ob_git_checkout: true + release_tag: $[stageDependencies.Build_ARO.Build_ARO.outputs['buildaro.releasetag']] - steps: - - template: .pipelines/onebranch/templates/template-buildrp-builddocker.yml@self + steps: + - template: .pipelines/onebranch/templates/template-buildrp-builddocker.yml@self diff --git a/.pipelines/onebranch/templates/template-buildrp-buildaro.yml b/.pipelines/onebranch/templates/template-buildrp-buildaro.yml index b2704824c81..fc6bf1069b1 100644 --- a/.pipelines/onebranch/templates/template-buildrp-buildaro.yml +++ b/.pipelines/onebranch/templates/template-buildrp-buildaro.yml @@ -1,39 +1,39 @@ steps: -- task: Bash@3 - displayName: โš™๏ธ Make ARO - inputs: - targetType: inline - script: | - export GOPATH=$(Agent.TempDirectory) - export TAG=$(git describe --exact-match 2>/dev/null) - export COMMIT=$(git rev-parse --short=7 HEAD)$([[ $(git status --porcelain) = "" ]] || echo -dirty) - if [ -z "$TAG" ]; - then - if [ "$is_official_release" = "true" ] + - task: Bash@3 + displayName: โš™๏ธ Make ARO + inputs: + targetType: inline + script: | + export GOPATH=$(Agent.TempDirectory) + export TAG=$(git describe --exact-match 2>/dev/null) + export COMMIT=$(git rev-parse --short=7 HEAD)$([[ $(git status --porcelain) = "" ]] || echo -dirty) + if [ -z "$TAG" ]; then - git describe --exact-match - echo "Ensure there is an annotated tag (git tag -a) for git commit ${COMMIT}" - exit 1 + if [ "$is_official_release" = "true" ] + then + git describe --exact-match + echo "Ensure there is an annotated tag (git tag -a) for git commit ${COMMIT}" + exit 1 + fi + export VERSION=${COMMIT} + else + export VERSION=${TAG} fi - export VERSION=${COMMIT} - else - export VERSION=${TAG} - fi - echo "Version: ${VERSION}" - echo "##vso[task.setvariable variable=releasetag;isOutput=true]${VERSION}" - mkdir -p $(Agent.TempDirectory)/src/github.com/Azure/ - cp -rd $(Build.SourcesDirectory) $(Agent.TempDirectory)/src/github.com/Azure/ARO-RP - cd $(Agent.TempDirectory)/src/github.com/Azure/ARO-RP - make aro - mkdir -p $(ob_outputDirectory) - cp aro $(ob_outputDirectory)/aro - workingDirectory: $(Build.SourcesDirectory) - name: buildaro -- task: Bash@3 - displayName: ๐Ÿ•ต๏ธ Validate FIPS - inputs: - targetType: inline - script: | - export GOPATH=$(Agent.TempDirectory) - make validate-fips - workingDirectory: $(Agent.TempDirectory)/src/github.com/Azure/ARO-RP + echo "Version: ${VERSION}" + echo "##vso[task.setvariable variable=releasetag;isOutput=true]${VERSION}" + mkdir -p $(Agent.TempDirectory)/src/github.com/Azure/ + cp -rd $(Build.SourcesDirectory) $(Agent.TempDirectory)/src/github.com/Azure/ARO-RP + cd $(Agent.TempDirectory)/src/github.com/Azure/ARO-RP + make aro + mkdir -p $(ob_outputDirectory) + cp aro $(ob_outputDirectory)/aro + workingDirectory: $(Build.SourcesDirectory) + name: buildaro + - task: Bash@3 + displayName: ๐Ÿ•ต๏ธ Validate FIPS + inputs: + targetType: inline + script: | + export GOPATH=$(Agent.TempDirectory) + make validate-fips + workingDirectory: $(Agent.TempDirectory)/src/github.com/Azure/ARO-RP diff --git a/.pipelines/onebranch/templates/template-buildrp-builddocker.yml b/.pipelines/onebranch/templates/template-buildrp-builddocker.yml index e7f7b444d94..2e740e417d7 100644 --- a/.pipelines/onebranch/templates/template-buildrp-builddocker.yml +++ b/.pipelines/onebranch/templates/template-buildrp-builddocker.yml @@ -1,13 +1,13 @@ steps: -- task: onebranch.pipeline.imagebuildinfo@1 - displayName: Build Multi Stage Dockerfile - inputs: - repositoryName: aro-rp - dockerFileRelPath: ./Dockerfile.aro-multistage - dockerFileContextPath: ./ - registry: cdpxb8e9ef87cd634085ab141c637806568c00.azurecr.io - arguments: --build-arg REGISTRY=registry.access.redhat.com --build-arg IS_OFFICIAL_RELEASE=$(is_official_release) - saveImageToPath: aro-rp.tar - buildkit: 1 - enable_network: true - build_tag: $(release_tag) + - task: onebranch.pipeline.imagebuildinfo@1 + displayName: Build Multi Stage Dockerfile + inputs: + repositoryName: aro-rp + dockerFileRelPath: ./Dockerfile.aro-multistage + dockerFileContextPath: ./ + registry: cdpxb8e9ef87cd634085ab141c637806568c00.azurecr.io + arguments: --build-arg REGISTRY=registry.access.redhat.com --build-arg IS_OFFICIAL_RELEASE=$(is_official_release) + saveImageToPath: aro-rp.tar + buildkit: 1 + enable_network: true + build_tag: $(release_tag) diff --git a/.pipelines/onebranch/templates/template-generate-ev2-manifests.yml b/.pipelines/onebranch/templates/template-generate-ev2-manifests.yml index 4e86e7c90dc..02c6bce32b6 100644 --- a/.pipelines/onebranch/templates/template-generate-ev2-manifests.yml +++ b/.pipelines/onebranch/templates/template-generate-ev2-manifests.yml @@ -1,27 +1,27 @@ parameters: -- name: generationType - type: string - default: deployment - values: - - bootstrapper - - geneva - - geneva-bootstrapper - - kusto + - name: generationType + type: string + default: deployment + values: + - bootstrapper + - geneva + - geneva-bootstrapper + - kusto steps: -- checkout: rhado -- checkout: rpconfig -- task: Bash@3 - inputs: - targetType: inline - script: | - cd $(Build.SourcesDirectory)/ARO.Pipelines/ev2/generator/ - go run . ${{ parameters.generationType }} - env: - RP_CONFIG_PATH: $(Build.SourcesDirectory)/RP-Config/deploy - displayName: โš™๏ธ Generate Ev2 Deployment Manifests -- task: Bash@3 - displayName: โš™๏ธ Copy to ob_outputDirectory - inputs: - targetType: filePath - filePath: .pipelines/onebranch/scripts/${{ parameters.generationType }}.sh + - checkout: rhado + - checkout: rpconfig + - task: Bash@3 + inputs: + targetType: inline + script: | + cd $(Build.SourcesDirectory)/ARO.Pipelines/ev2/generator/ + go run . ${{ parameters.generationType }} + env: + RP_CONFIG_PATH: $(Build.SourcesDirectory)/RP-Config/deploy + displayName: โš™๏ธ Generate Ev2 Deployment Manifests + - task: Bash@3 + displayName: โš™๏ธ Copy to ob_outputDirectory + inputs: + targetType: filePath + filePath: .pipelines/onebranch/scripts/${{ parameters.generationType }}.sh diff --git a/.pipelines/templates/template-az-cli-login.yml b/.pipelines/templates/template-az-cli-login.yml index cdaea5b6b06..14c7ea043fd 100644 --- a/.pipelines/templates/template-az-cli-login.yml +++ b/.pipelines/templates/template-az-cli-login.yml @@ -1,13 +1,13 @@ # if you include this template, also include template-az-cli-logout.yml to # remove the credentials from the CI VM. parameters: - azureDevOpsJSONSPN: '' + azureDevOpsJSONSPN: "" steps: -- script: | - set -e + - script: | + set -e - trap 'rm -f devops-spn.json' EXIT - base64 -d >devops-spn.json <<<${{ parameters.azureDevOpsJSONSPN }} + trap 'rm -f devops-spn.json' EXIT + base64 -d >devops-spn.json <<<${{ parameters.azureDevOpsJSONSPN }} - az login --service-principal -u "$(jq -r .clientId /dev/null - displayName: ๐Ÿ— AZ Login + az login --service-principal -u "$(jq -r .clientId /dev/null + displayName: ๐Ÿ— AZ Login diff --git a/.pipelines/templates/template-az-cli-logout.yml b/.pipelines/templates/template-az-cli-logout.yml index 0d2ad6b80ab..5b66db8057d 100644 --- a/.pipelines/templates/template-az-cli-logout.yml +++ b/.pipelines/templates/template-az-cli-logout.yml @@ -1,7 +1,7 @@ steps: -- script: | - set -e - az logout - rm -rf ~/.azure - displayName: ๐Ÿ— AZ Logout - condition: always() + - script: | + set -e + az logout + rm -rf ~/.azure + displayName: ๐Ÿ— AZ Logout + condition: always() diff --git a/.pipelines/templates/template-checkout.yml b/.pipelines/templates/template-checkout.yml index fe5e050b07f..d1869581ccb 100644 --- a/.pipelines/templates/template-checkout.yml +++ b/.pipelines/templates/template-checkout.yml @@ -1,6 +1,6 @@ steps: -- checkout: self - path: go/src/github.com/Azure/ARO-RP - fetchDepth: 1 - fetchTags: false - displayName: โš™๏ธ Check-out + - checkout: self + path: go/src/github.com/Azure/ARO-RP + fetchDepth: 1 + fetchTags: false + displayName: โš™๏ธ Check-out diff --git a/.pipelines/templates/template-clean-subscription.yml b/.pipelines/templates/template-clean-subscription.yml index 97ce1bd9010..75b67e552f0 100644 --- a/.pipelines/templates/template-clean-subscription.yml +++ b/.pipelines/templates/template-clean-subscription.yml @@ -1,35 +1,35 @@ parameters: - dryRun: '' - purgeTTL: '' - purgeCreatedTag: '' - resourceGroupDeletePrefixes: '' - subscriptionCredentialsJSON: '' - subscriptionId: '' + dryRun: "" + purgeTTL: "" + purgeCreatedTag: "" + resourceGroupDeletePrefixes: "" + subscriptionCredentialsJSON: "" + subscriptionId: "" steps: -- script: | - set -e - export GOCACHE=/tmp + - script: | + set -e + export GOCACHE=/tmp - go build ./hack/clean - go build ./hack/jq - displayName: Build tools - target: golang -- script: | - set -e + go build ./hack/clean + go build ./hack/jq + displayName: Build tools + target: golang + - script: | + set -e - trap 'rm -f spn.json' EXIT - base64 -d >spn.json <<<${{ parameters.subscriptionCredentialsJSON }} - export AZURE_CLIENT_ID=$(./jq -r .clientId spn.json <<<${{ parameters.subscriptionCredentialsJSON }} + export AZURE_CLIENT_ID=$(./jq -r .clientId devops-spn.json <<<${{ parameters.azureDevOpsJSONSPN }} + . secrets/env + . ./hack/devtools/deploy-shared-env.sh + trap 'rm -f devops-spn.json' EXIT + base64 -d >devops-spn.json <<<${{ parameters.azureDevOpsJSONSPN }} - az account set -s ${{ parameters.subscriptionID }} + az account set -s ${{ parameters.subscriptionID }} - create_infra_rg - deploy_rp_dev_predeploy - validate_arm_template_state "rp-development-predeploy" - deploy_rp_dev - validate_arm_template_state "rp-development" - deploy_env_dev_ci - validate_arm_template_state "env-development" - az keyvault set-policy --spn $(jq -r .clientId