diff --git a/.circleci/config.yml b/.circleci/config.yml index 648eab27c..3ddb53189 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -1,33 +1,3 @@ - version: 2.1 - -setup: true - -orbs: - path-filtering: circleci/path-filtering@0.0.3 - -jobs: - validate: - docker: - - image: quay.io/giantswarm/architect - steps: - - checkout - - run: - name: Validate releases - command: CGO_ENABLED=0 go test ./... - -workflows: - workflow: - jobs: - - validate - - path-filtering/filter: - name: filter - mapping: | - aws/.* push-aws true - azure/.* push-azure true - kvm/.* push-kvm true - capa/.* push-capa true - base-revision: master - config-path: .circleci/provider_config.yml - requires: - - validate +jobs: {} +workflows: {} diff --git a/.circleci/provider_config.yml b/.circleci/provider_config.yml deleted file mode 100644 index 97e640d4f..000000000 --- a/.circleci/provider_config.yml +++ /dev/null @@ -1,169 +0,0 @@ - -version: 2.1 - -orbs: - architect: giantswarm/architect@4.13.0 - -parameters: - push-aws: - type: boolean - default: false - push-azure: - type: boolean - default: false - push-kvm: - type: boolean - default: false - push-capa: - type: boolean - default: false - -jobs: - render: - docker: - - image: quay.io/giantswarm/architect - parameters: - provider: - type: string - steps: - - checkout - - run: - name: Install kustomize - command: | - CGO_ENABLED=0 go install sigs.k8s.io/kustomize/kustomize/v3 - - run: - name: Install releaseNotesURLTransformer kustomize plugin - command: | - CGO_ENABLED=0 go install github.com/giantswarm/kustomize-plugin-releasenotesurlannotationtransformer@v0.2.0 - mkdir -p "$PLUGIN_PATH" - cp /go/bin/kustomize-plugin-releasenotesurlannotationtransformer "$PLUGIN_PATH/releaseNotesURLAnnotationTransformer" - environment: - PLUGIN_PATH: "./kustomize/plugin/giantswarm.io/v1/releasenotesurlannotationtransformer" - - run: - name: Kustomize helm chart - command: | - export XDG_CONFIG_HOME=$(pwd) - mkdir -p helm/releases-<>/templates - kustomize build --enable_alpha_plugins ./<> > helm/releases-<>/templates/releases.yaml - - persist_to_workspace: - root: . - paths: - - helm - -workflows: - aws: - when: << pipeline.parameters.push-aws >> - jobs: - - render: - name: render-aws - provider: aws - - architect/push-to-app-catalog: - context: architect - name: push-releases-aws-to-releases-catalog - app_catalog: releases-catalog - app_catalog_test: releases-test-catalog - attach_workspace: true - chart: releases-aws - explicit_allow_chart_name_mismatch: true - on_tag: false - requires: - - render-aws - - architect/push-to-app-collection: - context: architect - name: push-releases-to-aws-app-collection - app_catalog: releases - app_name: releases-aws - app_collection_repo: aws-app-collection - requires: - - push-releases-aws-to-releases-catalog - filters: - # Trigger the job on merge to master. - branches: - only: master - azure: - when: << pipeline.parameters.push-azure >> - jobs: - - render: - name: render-azure - provider: azure - - architect/push-to-app-catalog: - context: architect - name: push-releases-azure-to-releases-catalog - app_catalog: releases-catalog - app_catalog_test: releases-test-catalog - attach_workspace: true - chart: releases-azure - explicit_allow_chart_name_mismatch: true - on_tag: false - requires: - - render-azure - - architect/push-to-app-collection: - context: architect - name: push-releases-to-azure-app-collection - app_catalog: releases - app_name: releases-azure - app_collection_repo: capz-app-collection - requires: - - push-releases-azure-to-releases-catalog - filters: - # Trigger the job on merge to master. - branches: - only: master - kvm: - when: << pipeline.parameters.push-kvm >> - jobs: - - render: - name: render-kvm - provider: kvm - - architect/push-to-app-catalog: - context: architect - name: push-releases-kvm-to-releases-catalog - app_catalog: releases-catalog - app_catalog_test: releases-test-catalog - attach_workspace: true - chart: releases-kvm - explicit_allow_chart_name_mismatch: true - on_tag: false - requires: - - render-kvm - - architect/push-to-app-collection: - context: architect - name: push-releases-to-kvm-app-collection - app_catalog: releases - app_name: releases-kvm - app_collection_repo: kvm-app-collection - requires: - - push-releases-kvm-to-releases-catalog - filters: - # Trigger the job on merge to master. - branches: - only: master - capa: - when: << pipeline.parameters.push-capa >> - jobs: - - render: - name: render-capa - provider: capa - - architect/push-to-app-catalog: - context: architect - name: push-releases-capa-to-releases-catalog - app_catalog: releases-catalog - app_catalog_test: releases-test-catalog - attach_workspace: true - chart: releases-capa - explicit_allow_chart_name_mismatch: true - on_tag: false - requires: - - render-capa - - architect/push-to-app-collection: - context: architect - name: push-releases-to-capa-app-collection - app_catalog: releases - app_name: releases-capa - app_collection_repo: capa-app-collection - requires: - - push-releases-capa-to-releases-catalog - filters: - # Trigger the job on merge to master. - branches: - only: master diff --git a/.github/workflows/create-release.yaml b/.github/workflows/create-release.yaml deleted file mode 100644 index 03a660a03..000000000 --- a/.github/workflows/create-release.yaml +++ /dev/null @@ -1,78 +0,0 @@ -name: Create GitHub release - -on: - pull_request: - types: [closed] - -jobs: - create_release: - if: github.event.pull_request.merged == true - runs-on: ubuntu-latest - steps: - - name: Checkout code - uses: actions/checkout@v2 - with: - fetch-depth: '0' - fetch-tags: 'true' - - name: Set up git identity - run: | - git config --local user.email "dev@giantswarm.io" - git config --local user.name "taylorbot" - - name: Create new release tag - run: | - git fetch --tags - for provider_dir in capa/v* azure/v*; do - provider="" - if [[ $provider_dir == capa/* ]]; then - provider="aws" - elif [[ $provider_dir == azure/* ]]; then - provider="azure" - fi - if [[ ! -f $provider_dir/release.yaml || -z $provider ]]; then - echo "Skipping file or unknown provider $provider_dir" - continue - fi - release_version="$(basename $provider_dir)" - echo "Found $provider release $release_version." - tag_name="$provider/$release_version" - if [ $(git tag -l "$tag_name") ]; then - echo "Found existing tag $tag_name for release version $release_version, new tag is not needed." - else - echo "Tag $tag_name for release version $release_version not found, will create it." - tag_message="Workload cluster release $release_version for $provider" - git tag -a "$tag_name" -m "$tag_message" - git push origin "$tag_name" - fi - done - - name: Create new GitHub release - env: - GITHUB_TOKEN: "${{ secrets.TAYLORBOT_GITHUB_ACTION }}" - run: | - for provider_dir in capa/v* azure/v*; do - provider="" - if [[ $provider_dir == capa/* ]]; then - provider="aws" - elif [[ $provider_dir == azure/* ]]; then - provider="azure" - fi - if [[ ! -f $provider_dir/release.yaml || -z $provider ]]; then - echo "Skipping file or unknown provider $provider_dir" - continue - fi - release_version="$(basename $provider_dir)" - tag_name="$provider/$release_version" - github_release=$(gh release --repo giantswarm/releases view "$tag_name" --json "id,name,tagName,assets,isDraft,isPrerelease,url" 2>&1 || true) - current_commit="$(git rev-parse HEAD)" - release_title="Workload cluster release $release_version for $provider" - release_note="This release has been created automatically by GitHub action. CI will be updated to have better release notes here." - if [ "$github_release" = "release not found" ]; then - echo "Didn't find a GitHub release for release version $release_version and tag $tag_name. Creating a new release." - if [[ $release_version == *-* ]]; then - gh release create --repo giantswarm/releases --target "$current_commit" --title "$release_title" --notes "$release_note" "$tag_name" "$provider_dir/release.yaml" --prerelease - else - gh release create --repo giantswarm/releases --target "$current_commit" --title "$release_title" --notes "$release_note" "$tag_name" "$provider_dir/release.yaml" - fi - else - echo "Found existing GitHub release for release version $release_version and tag $tag_name." - fi - done diff --git a/.github/workflows/renovate-release-json.yaml b/.github/workflows/renovate-release-json.yaml deleted file mode 100644 index fe50ddc3e..000000000 --- a/.github/workflows/renovate-release-json.yaml +++ /dev/null @@ -1,63 +0,0 @@ -name: Fetch Releases and Generate JSON - -on: - push: - branches: - - main - workflow_dispatch: - -jobs: - generate-json: - runs-on: ubuntu-latest - steps: - - name: Checkout repository - uses: actions/checkout@v3 - - - name: "Setup Go Env" - uses: "actions/setup-go@v4" - with: - cache: true - go-version: "1.19.2" - - - name: Generate JSON File - run: | - go run renovate.go - - - name: "Ensure Private Key" - env: - BOT_SSH_KEY: '${{ secrets.BOT_SSH_KEY }}' - run: | - echo "$BOT_SSH_KEY" > /tmp/id_ed25519 - - - name: "Setup SSH Agent" - env: - SSH_AUTH_SOCK: "/tmp/ssh_agent.sock" - run: | - mkdir -p ~/.ssh - ssh-keyscan github.com >> ~/.ssh/known_hosts - ssh-agent -a ${SSH_AUTH_SOCK} > /dev/null - chmod 0600 /tmp/id_ed25519 - ssh-add /tmp/id_ed25519 - - - name: "Setup Git Config" - run: | - git config user.name "${GITHUB_ACTOR}" - git config user.email "${GITHUB_ACTOR}@users.noreply.github.com" - git remote set-url origin git@github.com:${GITHUB_REPOSITORY}.git - - - name: "Commit And Push" - env: - SSH_AUTH_SOCK: "/tmp/ssh_agent.sock" - run: | - if [[ $(git status --porcelain) ]]; then - git add */*.json - git commit -m "Update releases.json" - git push - fi - - - name: "Cleanup Build Container" - env: - SSH_AUTH_SOCK: "/tmp/ssh_agent.sock" - run: | - ssh-add -D - rm -Rf * diff --git a/.github/workflows/test-sdk.yaml b/.github/workflows/test-sdk.yaml deleted file mode 100644 index ebb94d0a0..000000000 --- a/.github/workflows/test-sdk.yaml +++ /dev/null @@ -1,29 +0,0 @@ -name: Run Tests - -on: - pull_request: - types: [opened, synchronize, reopened] - paths: - - 'sdk/**' - - push: - branches: - - master - paths: - - 'sdk/**' - -jobs: - test: - runs-on: ubuntu-latest - - steps: - - name: Checkout repository - uses: actions/checkout@v3 - - - name: Set up Go - uses: actions/setup-go@v4 - - - name: Run tests - run: | - cd sdk - make test diff --git a/.github/workflows/zz_generated.add-team-labels.yaml b/.github/workflows/zz_generated.add-team-labels.yaml deleted file mode 100644 index 02e464288..000000000 --- a/.github/workflows/zz_generated.add-team-labels.yaml +++ /dev/null @@ -1,53 +0,0 @@ -name: Add appropriate labels to issue - -on: - issues: - types: [assigned] - -jobs: - build_user_list: - name: Get yaml config of GS users - runs-on: ubuntu-latest - steps: - - name: Get user-mapping - run: | - mkdir -p artifacts - wget --header "Authorization: token ${{ secrets.ISSUE_AUTOMATION }}" \ - -O artifacts/users.yaml \ - https://raw.githubusercontent.com/giantswarm/github/main/tools/issue-automation/user-mapping.yaml - - name: Upload Artifact - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 - with: - name: users - path: artifacts/users.yaml - retention-days: 1 - - add_label: - name: Add team label when assigned - runs-on: ubuntu-latest - needs: build_user_list - steps: - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 - id: download-users - with: - name: users - - name: Find team label based on user names - run: | - event_assignee=$(cat $GITHUB_EVENT_PATH | jq -r .assignee.login | tr '[:upper:]' '[:lower:]') - echo "Issue assigned to: ${event_assignee}" - - TEAMS=$(cat ${{steps.download-users.outputs.download-path}}/users.yaml | tr '[:upper:]' '[:lower:]' | yq ".${event_assignee}.teams" -o csv | tr ',' ' ') - - echo "LABEL<> $GITHUB_ENV - for team in ${TEAMS}; do - echo "Team: ${team} | Label: team/${team}" - echo "team/${team}" >> $GITHUB_ENV - done - echo "EOF" >> $GITHUB_ENV - - name: Apply label to issue - if: ${{ env.LABEL != '' && env.LABEL != 'null' && env.LABEL != null }} - uses: actions-ecosystem/action-add-labels@bd52874380e3909a1ac983768df6976535ece7f8 # v1.1.3 - with: - github_token: ${{ secrets.ISSUE_AUTOMATION }} - labels: | - ${{ env.LABEL }} diff --git a/.github/workflows/zz_generated.add-to-project-board.yaml b/.github/workflows/zz_generated.add-to-project-board.yaml deleted file mode 100644 index cd99027b4..000000000 --- a/.github/workflows/zz_generated.add-to-project-board.yaml +++ /dev/null @@ -1,89 +0,0 @@ -name: Add Issue to Project when assigned - -on: - issues: - types: - - assigned - - labeled - -jobs: - build_user_list: - name: Get yaml config of GS users - runs-on: ubuntu-latest - steps: - - name: Get user-mapping - run: | - mkdir -p artifacts - wget --header "Authorization: token ${{ secrets.ISSUE_AUTOMATION }}" \ - -O artifacts/users.yaml \ - https://raw.githubusercontent.com/giantswarm/github/main/tools/issue-automation/user-mapping.yaml - - name: Upload Artifact - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 - with: - name: users - path: artifacts/users.yaml - retention-days: 1 - - name: Get label-mapping - run: | - mkdir -p artifacts - wget --header "Authorization: token ${{ secrets.ISSUE_AUTOMATION }}" \ - -O artifacts/labels.yaml \ - https://raw.githubusercontent.com/giantswarm/github/main/tools/issue-automation/label-mapping.yaml - - name: Upload Artifact - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 - with: - name: labels - path: artifacts/labels.yaml - retention-days: 1 - - add_to_personal_board: - name: Add issue to personal board - runs-on: ubuntu-latest - needs: build_user_list - if: github.event.action == 'assigned' - steps: - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 - id: download-users - with: - name: users - - name: Find personal board based on user names - run: | - event_assignee=$(cat $GITHUB_EVENT_PATH | jq -r .assignee.login | tr '[:upper:]' '[:lower:]') - echo "Issue assigned to: ${event_assignee}" - - BOARD=($(cat ${{steps.download-users.outputs.download-path}}/users.yaml | tr '[:upper:]' '[:lower:]' | yq ".${event_assignee}.personalboard")) - echo "Personal board URL: ${BOARD}" - - echo "BOARD=${BOARD}" >> $GITHUB_ENV - - name: Add issue to personal board - if: ${{ env.BOARD != 'null' && env.BOARD != '' && env.BOARD != null }} - uses: actions/add-to-project@9bfe908f2eaa7ba10340b31e314148fcfe6a2458 # v1.0.1 - with: - project-url: ${{ env.BOARD }} - github-token: ${{ secrets.ISSUE_AUTOMATION }} - - add_to_team_board: - name: Add issue to team board - runs-on: ubuntu-latest - needs: build_user_list - if: github.event.action == 'labeled' - steps: - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 - id: download-labels - with: - name: labels - - name: Find team board based on label - run: | - event_label=$(cat $GITHUB_EVENT_PATH | jq -r .label.name | tr '[:upper:]' '[:lower:]') - echo "Issue labelled with: ${event_label}" - - BOARD=($(cat ${{steps.download-labels.outputs.download-path}}/labels.yaml | tr '[:upper:]' '[:lower:]' | yq ".[\"${event_label}\"].projectboard")) - echo "Team board URL: ${BOARD}" - - echo "BOARD=${BOARD}" >> $GITHUB_ENV - - name: Add issue to team board - if: ${{ env.BOARD != 'null' && env.BOARD != '' && env.BOARD != null }} - uses: actions/add-to-project@9bfe908f2eaa7ba10340b31e314148fcfe6a2458 # v1.0.1 - with: - project-url: ${{ env.BOARD }} - github-token: ${{ secrets.ISSUE_AUTOMATION }} diff --git a/.github/workflows/zz_generated.gitleaks.yaml b/.github/workflows/zz_generated.gitleaks.yaml deleted file mode 100644 index d7c61396e..000000000 --- a/.github/workflows/zz_generated.gitleaks.yaml +++ /dev/null @@ -1,17 +0,0 @@ -# DO NOT EDIT. Generated with: -# -# devctl gen workflows -# -name: gitleaks - -on: [push,pull_request] - -jobs: - gitleaks: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - with: - fetch-depth: '0' - - name: gitleaks-action - uses: zricethezav/gitleaks-action@v1.2.0