mirror of
https://github.com/cloudnative-pg/plugin-barman-cloud.git
synced 2026-01-11 13:23:09 +01:00
294942bb79
Rework the e2e test to expect a working connection to a cluster when they start. Developers can create their own clusters and run the tests. Removed the code used to start kind clusters within the e2e tests. Reworked the Taskfile to define two environments where the tests can run: 1. An ephemeral one running within Dagger, using the k3s module, to be used by the CI. 2. A persistent one created with Kind, requiring the kind binary, to be used for development and debugging when the ephemeral cluster is not enough. Signed-off-by: Francesco Canovai <francesco.canovai@enterprisedb.com> Signed-off-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com> Co-authored-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
438 lines
17 KiB
YAML
438 lines
17 KiB
YAML
version: 3
|
|
|
|
# We have multiple parallel tasks that run for a long time. Prefix their output with the task name so we can understand
|
|
# what task is writing.
|
|
output: prefixed
|
|
|
|
# Variables that are shared across tasks.
|
|
vars:
|
|
# renovate: datasource=docker depName=kindest/node versioning=semver
|
|
E2E_KUBERNETES_VERSION: v1.32.0
|
|
E2E_CLUSTER_NAME: barman-cloud-plugin-e2e-{{.E2E_KUBERNETES_VERSION}}
|
|
REGISTRY_NETWORK: barman-cloud-plugin
|
|
REGISTRY_NAME: registry.barman-cloud-plugin
|
|
REGISTRY_PORT: 5000
|
|
DAGGER_ENGINE_CONTAINER_NAME: e2e-dagger-engine
|
|
|
|
tasks:
|
|
lint:
|
|
desc: Run golangci-lint
|
|
env:
|
|
# renovate: datasource=git-refs depName=golangci-lint lookupName=https://github.com/sagikazarmark/daggerverse currentValue=main
|
|
DAGGER_GOLANGCI_LINT_SHA: c1be27189ce47d28f84014b715f78e47db9fbadc
|
|
cmds:
|
|
- >
|
|
GITHUB_REF= dagger -s call -m github.com/sagikazarmark/daggerverse/golangci-lint@${DAGGER_GOLANGCI_LINT_SHA}
|
|
with-linter-cache --cache golangci-lint
|
|
with-build-cache --cache go-build
|
|
with-module-cache --cache go-mod
|
|
run --source . --config .golangci.yml stdout
|
|
sources:
|
|
- ./**/*.go
|
|
|
|
spellcheck:
|
|
desc: Run spellcheck
|
|
env:
|
|
# renovate: datasource=git-refs depName=spellcheck lookupName=https://github.com/cloudnative-pg/daggerverse currentValue=main
|
|
DAGGER_SPELLCHECK_SHA: b8e24f5ad3e7da6dce9f6f9edd93baf165f3106a
|
|
cmds:
|
|
- >
|
|
GITHUB_REF= dagger -s call -m github.com/cloudnative-pg/daggerverse/spellcheck@${DAGGER_SPELLCHECK_SHA}
|
|
spellcheck --source . with-exec --use-entrypoint --args="" stdout
|
|
sources:
|
|
- ./**/*.md
|
|
- .spellcheck.yaml
|
|
- .wordlist.txt
|
|
|
|
commitlint:
|
|
desc: Check for conventional commits
|
|
env:
|
|
# renovate: datasource=git-refs depName=commitlint lookupName=https://github.com/cloudnative-pg/daggerverse currentValue=main
|
|
DAGGER_COMMITLINT_SHA: b8e24f5ad3e7da6dce9f6f9edd93baf165f3106a
|
|
cmds:
|
|
- >
|
|
GITHUB_REF= dagger -s call -m github.com/cloudnative-pg/daggerverse/commitlint@${DAGGER_COMMITLINT_SHA}
|
|
lint --source . --args "--from=origin/main" stdout
|
|
|
|
uncommitted:
|
|
desc: Check for uncommitted changes
|
|
deps:
|
|
- manifest-main
|
|
env:
|
|
# renovate: datasource=git-refs depName=uncommitted lookupName=https://github.com/cloudnative-pg/daggerverse currentValue=main
|
|
DAGGER_UNCOMMITTED_SHA: b8e24f5ad3e7da6dce9f6f9edd93baf165f3106a
|
|
cmds:
|
|
- GITHUB_REF= dagger -s call -m github.com/cloudnative-pg/daggerverse/uncommitted@${DAGGER_UNCOMMITTED_SHA} check-uncommitted --source . stdout
|
|
sources:
|
|
- ./**
|
|
|
|
go-test:
|
|
desc: Run go test
|
|
env:
|
|
# renovate: datasource=docker depName=golang versioning=semver
|
|
GOLANG_IMAGE_VERSION: 1.23.4
|
|
# renovate: datasource=git-refs depname=kubernetes packageName=https://github.com/kubernetes/kubernetes versioning=semver
|
|
K8S_VERSION: 1.31.0
|
|
# renovate: datasource=git-refs depName=controller-runtime packageName=https://github.com/kubernetes-sigs/controller-runtime versioning=semver
|
|
SETUP_ENVTEST_VERSION: 0.19.3
|
|
cmds:
|
|
- >
|
|
GITHUB_REF= dagger -s call -m ./dagger/gotest
|
|
--go-version ${GOLANG_IMAGE_VERSION}
|
|
--kube-version ${K8S_VERSION}
|
|
--setup-envtest-version ${SETUP_ENVTEST_VERSION}
|
|
unit-test --src .
|
|
sources:
|
|
- ./**/*.go
|
|
|
|
generate-certs:
|
|
desc: Generate certificates for the local registry
|
|
run: once
|
|
cmds:
|
|
- >
|
|
mkdir -p certs &&
|
|
pushd certs &&
|
|
openssl genrsa -out ca-key.pem 4096 &&
|
|
openssl req -new -x509 -days 365 -key ca-key.pem -sha256 -out ca.pem \
|
|
-subj "/O=CloudNativePG/OU=Barman Cloud Plugin Testing" &&
|
|
openssl genrsa -out server-key.pem 4096 &&
|
|
openssl req -subj "/CN={{ .REGISTRY_NAME }}" -sha256 -new -key server-key.pem -out server.csr &&
|
|
echo subjectAltName = DNS:{{ .REGISTRY_NAME }},IP:127.0.0.1 >> extfile.cnf &&
|
|
echo extendedKeyUsage = serverAuth >> extfile.cnf &&
|
|
openssl x509 -req -days 365 -sha256 -in server.csr -CA ca.pem -CAkey ca-key.pem \
|
|
-CAcreateserial -out server-cert.pem -extfile extfile.cnf &&
|
|
popd
|
|
status:
|
|
- test -f certs/ca-key.pem
|
|
- test -f certs/ca.pem
|
|
- test -f certs/server-key.pem
|
|
- test -f certs/server.csr
|
|
- test -f certs/server-cert.pem
|
|
|
|
start-build-network:
|
|
desc: Create a docker network for image building used by the dagger engine and the registry
|
|
run: once
|
|
cmds:
|
|
- docker network create {{ .REGISTRY_NETWORK}}
|
|
status:
|
|
- docker network inspect {{ .REGISTRY_NETWORK }}
|
|
|
|
start-registry:
|
|
desc: Start a container registry
|
|
run: once
|
|
deps:
|
|
- generate-certs
|
|
- start-build-network
|
|
env:
|
|
# TODO: renovate
|
|
REGISTRY_VERSION: 2
|
|
cmds:
|
|
- >
|
|
docker run -d --name {{ .REGISTRY_NAME }}
|
|
-p {{ .REGISTRY_PORT }}:5000
|
|
--network {{ .REGISTRY_NETWORK }}
|
|
-v $(pwd)/certs:/certs
|
|
-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/server-cert.pem -e REGISTRY_HTTP_TLS_KEY=/certs/server-key.pem
|
|
registry:${REGISTRY_VERSION}
|
|
status:
|
|
- \[ "$(docker inspect -f {{`'{{.State.Running}}'`}} "{{ .REGISTRY_NAME }}" 2> /dev/null )" == 'true' \]
|
|
|
|
|
|
# Start a dagger engine that mounts the CA certificate for the local registry.
|
|
start-dagger-engine-for-local-builds:
|
|
desc: Start a dagger engine mounting the CA
|
|
run: once
|
|
deps:
|
|
- generate-certs
|
|
- start-build-network
|
|
vars:
|
|
# renovate: datasource=github-tags depName=dagger/dagger versioning=semver
|
|
DAGGER_VERSION: 0.15.1
|
|
DAGGER_ENGINE_IMAGE: registry.dagger.io/engine:v{{ .DAGGER_VERSION }}
|
|
cmds:
|
|
- >
|
|
docker run -d -v /var/lib/dagger --name "{{ .DAGGER_ENGINE_CONTAINER_NAME }}"
|
|
--network={{ .REGISTRY_NETWORK }}
|
|
-v $(pwd)/certs/ca.pem:/usr/local/share/ca-certificates/ca.crt
|
|
--privileged {{ .DAGGER_ENGINE_IMAGE }}
|
|
status:
|
|
- \[ "$(docker inspect -f {{`'{{.State.Running}}'`}} "{{ .DAGGER_ENGINE_CONTAINER_NAME }}" 2> /dev/null )" == 'true' \]
|
|
|
|
# We build an image and push it to a local registry.
|
|
# The name is always `plugin-barman-cloud:testing`.
|
|
build-plugin-image:
|
|
desc: Build the operator container image for the plugin
|
|
deps:
|
|
- start-registry
|
|
- start-dagger-engine-for-local-builds
|
|
env:
|
|
# renovate: datasource=git-refs depName=docker lookupName=https://github.com/purpleclay/daggerverse currentValue=main
|
|
DAGGER_DOCKER_SHA: 1379b455587e74072cee73db1b78e11af4215d53
|
|
_EXPERIMENTAL_DAGGER_RUNNER_HOST: docker-container://{{ .DAGGER_ENGINE_CONTAINER_NAME }}
|
|
cmds:
|
|
- >
|
|
GITHUB_REF= dagger -s call -m github.com/purpleclay/daggerverse/docker@${DAGGER_DOCKER_SHA}
|
|
build --dir . --file containers/Dockerfile.plugin --platform linux/amd64
|
|
publish --ref {{ .REGISTRY_NAME }}:{{ .REGISTRY_PORT }}/plugin-barman-cloud --tags testing
|
|
|
|
# We build an image and push it to a local registry.
|
|
# The name is always `sidecar-barman-cloud:testing`.
|
|
build-sidecar-image:
|
|
desc: Build the sidecar container image for the plugin
|
|
deps:
|
|
- start-registry
|
|
- start-dagger-engine-for-local-builds
|
|
env:
|
|
# renovate: datasource=git-refs depName=docker lookupName=https://github.com/purpleclay/daggerverse currentValue=main
|
|
DAGGER_DOCKER_SHA: 1379b455587e74072cee73db1b78e11af4215d53
|
|
_EXPERIMENTAL_DAGGER_RUNNER_HOST: docker-container://{{ .DAGGER_ENGINE_CONTAINER_NAME }}
|
|
cmds:
|
|
- >
|
|
GITHUB_REF= dagger -s call -m github.com/purpleclay/daggerverse/docker@${DAGGER_DOCKER_SHA}
|
|
build --dir . --file containers/Dockerfile.sidecar --platform linux/amd64
|
|
publish --ref {{ .REGISTRY_NAME }}:{{ .REGISTRY_PORT }}/sidecar-barman-cloud --tags testing
|
|
|
|
build-images:
|
|
desc: Build the container images for the plugin
|
|
deps:
|
|
- build-plugin-image
|
|
- build-sidecar-image
|
|
|
|
# Install kind if not at the expected version.
|
|
install-kind:
|
|
desc: Install kind
|
|
run: once
|
|
vars:
|
|
# renovate: datasource=git-refs depName=kind lookupName=https://github.com/kubernetes-sigs/kind versioning=semver
|
|
KIND_VERSION: v0.26.0
|
|
cmds:
|
|
- go install sigs.k8s.io/kind@{{.KIND_VERSION}}
|
|
- kind version | grep -q {{.KIND_VERSION}}
|
|
status:
|
|
- kind version | grep -q {{.KIND_VERSION}}
|
|
|
|
start-kind-cluster:
|
|
desc: Start a kind cluster
|
|
deps:
|
|
- install-kind
|
|
- start-build-network
|
|
run: once
|
|
cmds:
|
|
- >
|
|
kind create cluster --name {{ .E2E_CLUSTER_NAME }}
|
|
--image kindest/node:{{ .E2E_KUBERNETES_VERSION }}
|
|
--config hack/kind-config.yaml
|
|
--wait 5m
|
|
- >
|
|
for node in $(kind get nodes --name {{ .E2E_CLUSTER_NAME }} ); do
|
|
docker network connect {{ .REGISTRY_NETWORK }} $node;
|
|
docker exec $node sh -c "update-ca-certificates";
|
|
done
|
|
status:
|
|
- kind get clusters | grep -q {{ .E2E_CLUSTER_NAME }}
|
|
|
|
# TODO: see if it is possible to daggerize this. It will have to manage docker to make kind work.
|
|
# TODO: add a task to clean up the kind cluster for new test runs.
|
|
# Run the e2e tests. This task will start a kind cluster, deploy the plugin, and run the tests.
|
|
# Running the e2e tests requires:
|
|
# * The registry to have a valid TLS certificate.
|
|
# * The registry to be in the same network of the dagger-engine.
|
|
# * The dagger-engine to mount the CA.
|
|
# * The kind cluster to mount the CA.
|
|
e2e-external-kind:
|
|
desc: Run e2e tests in a local kind cluster
|
|
deps:
|
|
- build-images
|
|
- start-kind-cluster
|
|
vars:
|
|
# renovate: datasource=docker depName=golang versioning=semver
|
|
GOLANG_IMAGE_VERSION: 1.23.4
|
|
KUBECONFIG_PATH:
|
|
sh: mktemp -t kubeconfig-XXXXX
|
|
env:
|
|
_EXPERIMENTAL_DAGGER_RUNNER_HOST: docker-container://{{ .DAGGER_ENGINE_CONTAINER_NAME }}
|
|
cmds:
|
|
- kind get kubeconfig --internal --name {{ .E2E_CLUSTER_NAME }} > {{ .KUBECONFIG_PATH }}
|
|
- >
|
|
GITHUB_REF= dagger call -m dagger/e2e/ run
|
|
--source .
|
|
--kubeconfig {{.KUBECONFIG_PATH}}
|
|
--go-version {{ .GOLANG_IMAGE_VERSION }}
|
|
|
|
e2e-ephemeral:
|
|
desc: Run e2e tests in an ephemeral k3s cluster
|
|
deps:
|
|
- build-images
|
|
vars:
|
|
# renovate: datasource=docker depName=golang versioning=semver
|
|
GOLANG_IMAGE_VERSION: 1.23.4
|
|
env:
|
|
_EXPERIMENTAL_DAGGER_RUNNER_HOST: docker-container://{{ .DAGGER_ENGINE_CONTAINER_NAME }}
|
|
cmds:
|
|
- >
|
|
GITHUB_REF= dagger call -m dagger/e2e/ run-ephemeral
|
|
--source .
|
|
--ca certs/ca.pem
|
|
--registry {{.REGISTRY_NAME}}:{{.REGISTRY_PORT}}
|
|
--go-version {{ .GOLANG_IMAGE_VERSION }}
|
|
|
|
ci:
|
|
desc: Run the CI pipeline
|
|
deps:
|
|
- spellcheck
|
|
- commitlint
|
|
- uncommitted
|
|
- lint
|
|
- go-test
|
|
- e2e-ephemeral
|
|
|
|
publish:
|
|
desc: Build and publish a container image for the plugin
|
|
requires:
|
|
# We expect this to run in a GitHub workflow, so we put a few GitHub-specific vars here
|
|
# to prevent running this task locally by accident.
|
|
vars:
|
|
- CI
|
|
- GITHUB_REPOSITORY
|
|
- GITHUB_REF
|
|
- GITHUB_REF_NAME
|
|
- REGISTRY_USER
|
|
- REGISTRY_PASSWORD
|
|
vars:
|
|
PLUGIN_IMAGE_NAME: ghcr.io/{{.GITHUB_REPOSITORY}}{{if not (hasPrefix "refs/tags/v" .GITHUB_REF)}}-testing{{end}}
|
|
SIDECAR_IMAGE_NAME: ghcr.io/{{.GITHUB_REPOSITORY}}-sidecar{{if not (hasPrefix "refs/tags/v" .GITHUB_REF)}}-testing{{end}}
|
|
# remove /merge suffix from the branch name. This is a workaround for the GitHub workflow on PRs,
|
|
# where the branch name is suffixed with /merge. Prepend pr- to the branch name on PRs.
|
|
IMAGE_VERSION: '{{regexReplaceAll "(\\d+)/merge" .GITHUB_REF_NAME "pr-${1}"}}'
|
|
env:
|
|
# renovate: datasource=git-refs depName=docker lookupName=https://github.com/purpleclay/daggerverse currentValue=main
|
|
DAGGER_DOCKER_SHA: 1379b455587e74072cee73db1b78e11af4215d53
|
|
cmds:
|
|
- >
|
|
dagger call -m github.com/purpleclay/daggerverse/docker@${DAGGER_DOCKER_SHA}
|
|
--registry ghcr.io --username $REGISTRY_USER --password env:REGISTRY_PASSWORD
|
|
build --dir . --file containers/Dockerfile.plugin --platform linux/amd64 --platform linux/arm64
|
|
publish --ref {{.PLUGIN_IMAGE_NAME}} --tags {{.IMAGE_VERSION}}
|
|
- >
|
|
dagger call -m github.com/purpleclay/daggerverse/docker@${DAGGER_DOCKER_SHA}
|
|
--registry ghcr.io --username $REGISTRY_USER --password env:REGISTRY_PASSWORD
|
|
build --dir . --file containers/Dockerfile.sidecar --platform linux/amd64 --platform linux/arm64
|
|
publish --ref {{.SIDECAR_IMAGE_NAME}} --tags {{.IMAGE_VERSION}}
|
|
|
|
|
|
controller-gen:
|
|
desc: Run controller-gen
|
|
env:
|
|
# renovate: datasource=git-refs depName=controller-gen lookupName=https://github.com/cloudnative-pg/daggerverse currentValue=main
|
|
DAGGER_CONTROLLER_GEN_SHA: b8e24f5ad3e7da6dce9f6f9edd93baf165f3106a
|
|
cmds:
|
|
- >
|
|
GITHUB_REF= dagger -s call -m github.com/cloudnative-pg/daggerverse/controller-gen@${DAGGER_CONTROLLER_GEN_SHA}
|
|
controller-gen --source . --args object:headerFile=hack/boilerplate.go.txt --args paths=./api/...
|
|
file --path api/v1/zz_generated.deepcopy.go export --path api/v1/zz_generated.deepcopy.go
|
|
- >
|
|
GITHUB_REF= dagger -s call -m github.com/cloudnative-pg/daggerverse/controller-gen@${DAGGER_CONTROLLER_GEN_SHA}
|
|
controller-gen --source . --args rbac:roleName=plugin-barman-cloud --args crd --args webhook --args paths=./api/...
|
|
--args output:crd:artifacts:config=config/crd/bases directory --path config/crd/bases export --path config/crd/bases
|
|
sources:
|
|
- ./api/**/*.go
|
|
generates:
|
|
- ./api/v1/zz_generated.deepcopy.go
|
|
|
|
manifest-main:
|
|
deps:
|
|
- controller-gen
|
|
desc: Generate the manifest for the main branch
|
|
vars:
|
|
GITHUB_REPOSITORY: cloudnative-pg/plugin-barman-cloud
|
|
GITHUB_REF: main
|
|
GITHUB_REF_NAME: main
|
|
cmds:
|
|
- task: manifest-internal
|
|
vars:
|
|
GITHUB_REPOSITORY: '{{.GITHUB_REPOSITORY}}'
|
|
GITHUB_REF: '{{.GITHUB_REF}}'
|
|
GITHUB_REF_NAME: '{{.GITHUB_REF_NAME}}'
|
|
|
|
manifest:
|
|
desc: Generate the manifest to be uploaded to the release or as a workflow artifact
|
|
deps:
|
|
- controller-gen
|
|
requires:
|
|
# We expect this to run in a GitHub workflow, so we put a few GitHub-specific vars here
|
|
# to prevent running this task locally by accident.
|
|
vars:
|
|
- CI
|
|
- GITHUB_REPOSITORY
|
|
- GITHUB_REF
|
|
- GITHUB_REF_NAME
|
|
cmds:
|
|
- task: manifest-internal
|
|
vars:
|
|
GITHUB_REPOSITORY: '{{.GITHUB_REPOSITORY}}'
|
|
GITHUB_REF: '{{.GITHUB_REF}}'
|
|
GITHUB_REF_NAME: '{{.GITHUB_REF_NAME}}'
|
|
|
|
manifest-internal:
|
|
desc: Update the image in the Kustomization
|
|
label: manifest-internal-{{.GITHUB_REF_NAME}}
|
|
internal: true
|
|
requires:
|
|
vars:
|
|
- GITHUB_REPOSITORY
|
|
- GITHUB_REF
|
|
- GITHUB_REF_NAME
|
|
vars:
|
|
PLUGIN_IMAGE_NAME: ghcr.io/{{.GITHUB_REPOSITORY}}{{if not (hasPrefix "refs/tags/v" .GITHUB_REF)}}-testing{{end}}
|
|
SIDECAR_IMAGE_NAME: ghcr.io/{{.GITHUB_REPOSITORY}}-sidecar{{if not (hasPrefix "refs/tags/v" .GITHUB_REF)}}-testing{{end}}
|
|
# remove /merge suffix from the branch name. This is a workaround for the GitHub workflow on PRs,
|
|
# where the branch name is suffixed with /merge. Prepend pr- to the branch name on PRs.
|
|
IMAGE_VERSION: '{{regexReplaceAll "(\\d+)/merge" .GITHUB_REF_NAME "pr-${1}"}}'
|
|
env:
|
|
# renovate: datasource=git-refs depName=kustomize lookupName=https://github.com/sagikazarmark/daggerverse currentValue=main
|
|
DAGGER_KUSTOMIZE_SHA: c1be27189ce47d28f84014b715f78e47db9fbadc
|
|
cmds:
|
|
- >
|
|
dagger -s call -m https://github.com/sagikazarmark/daggerverse/kustomize@${DAGGER_KUSTOMIZE_SHA}
|
|
edit --source . --dir kubernetes
|
|
set image --image plugin-barman-cloud={{.PLUGIN_IMAGE_NAME}}:{{.IMAGE_VERSION}}
|
|
set secret --secret plugin-barman-cloud --from-literal SIDECAR_IMAGE={{.SIDECAR_IMAGE_NAME}}:{{.IMAGE_VERSION}}
|
|
directory directory --path kubernetes export --path manifest-build
|
|
- >
|
|
dagger -s call -m github.com/sagikazarmark/daggerverse/kustomize@${DAGGER_KUSTOMIZE_SHA}
|
|
build --source . --dir manifest-build export --path manifest.yaml
|
|
sources:
|
|
- ./config/**/*.yaml
|
|
- ./kubernetes/**/*.yaml
|
|
generates:
|
|
- ./manifest.yaml
|
|
|
|
upload-manifest-to-release:
|
|
desc: Upload the manifest to the release
|
|
requires:
|
|
# We expect this to run in a GitHub workflow, so we put a few GitHub-specific vars here
|
|
# to prevent running this task locally by accident.
|
|
vars:
|
|
- CI
|
|
- GITHUB_REPOSITORY
|
|
- GITHUB_REF
|
|
- GITHUB_REF_NAME
|
|
- GITHUB_TOKEN
|
|
env:
|
|
# renovate: datasource=git-refs depName=gh lookupName=https://github.com/sagikazarmark/daggerverse
|
|
DAGGER_GH_SHA: c1be27189ce47d28f84014b715f78e47db9fbadc
|
|
preconditions:
|
|
- sh: "[[ {{.GITHUB_REF}} =~ 'refs/tags/v.*' ]]"
|
|
msg: not a tag, failing
|
|
cmds:
|
|
- >
|
|
dagger -s call -m github.com/sagikazarmark/daggerverse/gh@${DAGGER_GH_SHA}
|
|
with-source --source .
|
|
run --repo {{.GITHUB_REPOSITORY}} --token env:GITHUB_TOKEN
|
|
--cmd "release upload {{.GITHUB_REF_NAME}} manifest.yaml"
|
|
|
|
clean:
|
|
desc: Remove autogenerated artifacts
|
|
cmds:
|
|
- rm -rf .task/
|