diff --git a/.drone.yaml b/.drone.yaml index b12beb91..47bb5047 100644 --- a/.drone.yaml +++ b/.drone.yaml @@ -26,76 +26,6 @@ steps: - name: buildx path: /root/.docker/buildx - - name: build-pull-request - image: autonomy/build-container:latest - pull: always - environment: - DOCKER_CLI_EXPERIMENTAL: enabled - commands: - - make - when: - event: - include: - - pull_request - volumes: - - name: outer-docker-socket - path: /var/run - - name: ssh - path: /root/.ssh - - name: buildx - path: /root/.docker/buildx - depends_on: - - setup-ci - - - name: build-nonfree-pull-request - image: autonomy/build-container:latest - pull: always - environment: - DOCKER_CLI_EXPERIMENTAL: enabled - commands: - - make nonfree - when: - event: - include: - - pull_request - volumes: - - name: outer-docker-socket - path: /var/run - - name: ssh - path: /root/.ssh - - name: buildx - path: /root/.docker/buildx - depends_on: - - build-pull-request - - - name: build-and-publish - image: autonomy/build-container:latest - pull: always - environment: - GHCR_USERNAME: - from_secret: ghcr_username - GHCR_PASSWORD: - from_secret: ghcr_token - commands: - - docker login ghcr.io --username "$${GHCR_USERNAME}" --password "$${GHCR_PASSWORD}" - - make PUSH=true - - make nonfree PUSH=true - - make extensions PUSH=true - when: - event: - exclude: - - pull_request - - promote - volumes: - - name: outer-docker-socket - path: /var/run - - name: ssh - path: /root/.ssh - - name: buildx - path: /root/.docker/buildx - depends_on: - - setup-ci - - name: e2e-talos image: autonomy/build-container:latest pull: always @@ -127,50 +57,6 @@ steps: depends_on: - setup-ci - - name: release-notes - image: autonomy/build-container:latest - pull: always - commands: - - make release-notes - volumes: - - name: docker-socket - path: /var/run - - name: ssh - path: /root/.ssh - - name: buildx - path: /root/.docker/buildx - when: - event: - - tag - depends_on: - - build-and-publish - - - name: release - image: plugins/github-release - pull: always - settings: - api_key: - from_secret: github_token - checksum: - - sha256 - - sha512 - draft: true - files: - - _out/RELEASE_NOTES.md - note: _out/RELEASE_NOTES.md - volumes: - - name: docker-socket - path: /var/run - - name: ssh - path: /root/.ssh - - name: buildx - path: /root/.docker/buildx - when: - event: - - tag - depends_on: - - release-notes - services: - name: docker image: docker:20.10-dind diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml new file mode 100644 index 00000000..bac74a67 --- /dev/null +++ b/.github/workflows/ci.yaml @@ -0,0 +1,81 @@ +name: default +concurrency: + group: ${{ github.head_ref || github.run_id }} + cancel-in-progress: true +on: + push: + branches: + - main + - release-* + tags: + - v* + pull_request: + branches: + - main + - release-* +jobs: + default: + if: (!startsWith(github.head_ref, 'renovate/') && !startsWith(github.head_ref, 'dependabot/')) + permissions: + packages: write + runs-on: + - self-hosted + - pkgs + outputs: + labels: ${{ steps.workflow-run-info.outputs.pullRequestLabels }} + services: + buildkitd: + image: moby/buildkit:buildx-stable-1 + ports: + - 1234:1234 + options: --privileged + volumes: + - /var/lib/buildkit/${{ github.repository }}:/var/lib/buildkit + - /usr/etc/buildkit/buildkitd.toml:/etc/buildkit/buildkitd.toml + steps: + - name: checkout + uses: actions/checkout@v3 + - name: Unshallow + run: | + git fetch --prune --unshallow + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + with: + driver: remote + endpoint: tcp://localhost:1234 + append: | + - endpoint: tcp://buildkit-arm64.ci.svc.cluster.local:1234 + platforms: linux/arm64 + - name: build + run: | + make + - name: build nonfree + run: | + make nonfree + - name: Login to registry + if: github.event_name != 'pull_request' + uses: docker/login-action@v2 + with: + password: ${{ secrets.GITHUB_TOKEN }} + registry: ghcr.io + username: ${{ github.repository_owner }} + - name: Push to registry + if: github.event_name != 'pull_request' + run: | + make PUSH=true + make nonfree PUSH=true + - name: release-notes + if: startsWith(github.ref, 'refs/tags/') + run: | + make release-notes + - name: Release + if: startsWith(github.ref, 'refs/tags/') + uses: crazy-max/ghaction-github-release@v2 + with: + body_path: _out/RELEASE_NOTES.md + draft: "true" + - name: Retrieve workflow info + id: workflow-run-info + uses: potiuk/get-workflow-origin@v1_5 + with: + token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/cron.yaml b/.github/workflows/cron.yaml new file mode 100644 index 00000000..66aefcd7 --- /dev/null +++ b/.github/workflows/cron.yaml @@ -0,0 +1,38 @@ +name: weekly +concurrency: + group: ${{ github.head_ref || github.run_id }} + cancel-in-progress: true +on: + schedule: + - cron: '30 1 * * 1' +jobs: + reproducibility: + runs-on: + - self-hosted + - pkgs + services: + buildkitd: + image: moby/buildkit:buildx-stable-1 + ports: + - 1234:1234 + options: --privileged + volumes: + - /var/lib/buildkit/${{ github.repository }}:/var/lib/buildkit + - /usr/etc/buildkit/buildkitd.toml:/etc/buildkit/buildkitd.toml + steps: + - name: checkout + uses: actions/checkout@v3 + - name: Unshallow + run: | + git fetch --prune --unshallow + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + with: + driver: remote + endpoint: tcp://localhost:1234 + append: | + - endpoint: tcp://buildkit-arm64.ci.svc.cluster.local:1234 + platforms: linux/arm64 + - name: reproducibility + run: | + make reproducibility-test diff --git a/.github/workflows/slack-notify.yaml b/.github/workflows/slack-notify.yaml new file mode 100644 index 00000000..6d3ca1ec --- /dev/null +++ b/.github/workflows/slack-notify.yaml @@ -0,0 +1,86 @@ +name: slack-notify +"on": + workflow_run: + workflows: + - default + types: + - completed +jobs: + slack-notify: + runs-on: + - self-hosted + if: ${{ github.event.workflow_run.conclusion != 'skipped' }} + steps: + - name: Retrieve Workflow Run Info + id: retrieve-workflow-run-info + uses: potiuk/get-workflow-origin@v1_5 + with: + sourceRunId: ${{ github.event.workflow_run.id }} + token: ${{ secrets.GITHUB_TOKEN }} + - name: Slack Notify + uses: slackapi/slack-github-action@v1 + with: + channel-id: proj-talos-maintainers + payload: | + { + "attachments": [ + { + "color": "${{ github.event.workflow_run.conclusion == 'success' && '#2EB886' || github.event.workflow_run.conclusion == 'failure' && '#A30002' || '#FFCC00' }}", + "fallback": "test", + "blocks": [ + { + "type": "section", + "fields": [ + { + "type": "mrkdwn", + "text": "${{ github.event.workflow_run.event == 'pull_request' && format('*Pull Request:* {0} (`{1}`)\n<{2}/pull/{3}|{4}>', github.repository, github.ref_name, github.event.repository.html_url, steps.retrieve-workflow-run-info.outputs.pullRequestNumber, github.event.workflow_run.display_title) || format('*Build:* {0}#{1} (`{2}`)', github.repository, github.sha, github.ref_name) }}" + }, + { + "type": "mrkdwn", + "text": "*Status:*\n`${{ github.event.workflow_run.conclusion }}`" + } + ] + }, + { + "type": "section", + "fields": [ + { + "type": "mrkdwn", + "text": "*Author:*\n`${{ github.actor }}`" + }, + { + "type": "mrkdwn", + "text": "*Event:*\n`${{ github.event.workflow_run.event }}`" + } + ] + }, + { + "type": "divider" + }, + { + "type": "actions", + "elements": [ + { + "type": "button", + "text": { + "type": "plain_text", + "text": "Logs" + }, + "url": "${{ github.event.workflow_run.html_url }}" + }, + { + "type": "button", + "text": { + "type": "plain_text", + "text": "Commit" + }, + "url": "${{ github.event.repository.html_url }}/commit/${{ github.sha }}" + } + ] + } + ] + } + ] + } + env: + SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }} diff --git a/Makefile b/Makefile index 1dcf062a..5880413b 100644 --- a/Makefile +++ b/Makefile @@ -77,7 +77,6 @@ NONFREE_TARGETS = \ all: $(TARGETS) ## Builds all known pkgs. -.PHONY: nonfree nonfree: $(NONFREE_TARGETS) ## Builds all known non-free pkgs. .PHONY: extensions diff --git a/storage/zfs/zfs-tools/pkg.yaml b/storage/zfs/zfs-tools/pkg.yaml index e2f73c9b..21f4bbf0 100644 --- a/storage/zfs/zfs-tools/pkg.yaml +++ b/storage/zfs/zfs-tools/pkg.yaml @@ -11,8 +11,8 @@ steps: - sources: - url: https://github.com/openzfs/zfs/releases/download/zfs-{{ .ZFS_DRIVER_VERSION }}/zfs-{{ .ZFS_DRIVER_VERSION }}.tar.gz destination: zfs.tar.gz - sha256: 64daa26aed3e12c931f6f4413d7527c4ebdb8da35416b356152b5f9fdd4c6e6d - sha512: f48493a21883e441cda705fb085353bed033f1620a1d0f93069c345c76cf2c0759a2e6f7a80c47c9398e9878abfe1d90d931fe5ceaf2588770a71491a434631e + sha256: 06b24cbb3cbc1554e2edf2fcd71d1f8bec4febf4412aeac17070877c44302abd + sha512: d06fce8faa22b0cab2c69befa3842476703433fa90530d1fdf168716afd2039e97b124aa8ef581bed3bc19604fa2faa0bc1e29f6d028e3ef0085f0e34e05230a env: ARCH: {{ if eq .ARCH "aarch64"}}arm64{{ else if eq .ARCH "x86_64" }}x86_64{{ else }}unsupported{{ end }} prepare: