chore: add validation workflows

rancher · Jul 19, 2023 · 538d381 · 538d381
1 parent 7d10788
commit 538d381
Show file tree

Hide file tree

Showing 13 changed files with 273 additions and 6 deletions.
diff --git a/.drone.yml b/.drone.yml
@@ -35,6 +35,7 @@ steps:
   when:
     ref:
       - refs/head/master
+      - refs/head/rancher/v2.6
       - refs/tags/*
     event:
       - tag
@@ -107,6 +108,7 @@ steps:
   when:
     ref:
       - refs/head/master
+      - refs/head/rancher/v2.6
       - refs/tags/*
     event:
       - tag

diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml
@@ -0,0 +1,26 @@
+# Please see the documentation for all configuration options:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+version: 2
+updates:
+# GitHub Actions
+- package-ecosystem: "github-actions"
+  directory: "/"
+  schedule:
+    interval: "weekly"
+  commit-message:
+    prefix: ":seedling:"
+# Go
+- package-ecosystem: "gomod"
+  directory: "/"
+  schedule:
+    interval: "weekly"
+  ignore:
+    # Ignore controller-runtime as its upgraded manually.
+    - dependency-name: "sigs.k8s.io/controller-runtime"
+    # Ignore k8s and its transitives modules as they are upgraded manually
+    # together with controller-runtime.
+    - dependency-name: "k8s.io/*"
+    # Ignore wrangler
+    - dependency-name: "github.com/rancher/wrangler"
+  commit-message:
+    prefix: ":seedling:"
diff --git a/.github/workflows/apidiff.yaml b/.github/workflows/apidiff.yaml
@@ -0,0 +1,14 @@
+name: Go API Diff
+on: 
+  pull_request:
+jobs:
+  go-apidiff:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+      with:
+        fetch-depth: 0
+    - uses: actions/setup-go@v4
+      with:
+        go-version: 1.19
+    - uses: joelanford/go-apidiff@main
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
@@ -0,0 +1,26 @@
+name: Build
+on:
+  pull_request:
+  push:
+    branches:
+      - master
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+      - name: Install Go
+        uses: actions/setup-go@v4
+        with:
+          go-version: 1.19.x
+      - uses: actions/[email protected]
+        with:
+          path: |
+            ~/go/pkg/mod
+            ~/.cache/go-build
+          key: ${{ runner.os }}-build-go-${{ hashFiles('**/go.sum') }}
+          restore-keys: |
+            ${{ runner.os }}-build-go-${{ hashFiles('**/go.sum') }}
+      - name: Build GKE operator binary
+        run: make operator
diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml
@@ -0,0 +1,22 @@
+name: Lint
+on:
+  pull_request:
+  push:
+    branches:
+      - master
+    tags:
+      - 'v*'
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+      - name: Install Go
+        uses: actions/setup-go@v4
+        with:
+          go-version: 1.19.x
+      - name: Analysis
+        uses: golangci/golangci-lint-action@v3
+        with:
+          args: -v
diff --git a/.github/workflows/nightly-publish.yaml b/.github/workflows/nightly-publish.yaml
@@ -0,0 +1,31 @@
+name: Nightly
+on:
+  schedule:
+    - cron: '0 1 * * *'
+jobs:
+  nightly:
+    env:
+        REPO: ttl.sh/gke-operator-nightly
+        TAG: 1d
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+        with:
+            fetch-depth: 0
+      - name: Build binary
+        run: make build
+      - name: Set current date as env variable
+        run: echo "NOW=$(date +'%Y%m%d')" >> $GITHUB_ENV
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/[email protected]
+      - name: Build and push image
+        uses: docker/[email protected]
+        with:
+          context: .
+          tags: ${{ env.REPO}}-${{ env.NOW }}:${{ env.TAG }}
+          push: true
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          file: package/Dockerfile
diff --git a/.github/workflows/scan.yaml b/.github/workflows/scan.yaml
@@ -0,0 +1,37 @@
+name: Scan
+on:
+  pull_request:
+  push:
+    branches:
+      - master
+    tags:
+      - "v*"
+jobs:
+  scan:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+      - name: Build binary
+        run: make build
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/[email protected]
+      - name: Build image
+        uses: docker/[email protected]
+        with:
+          context: .
+          tags: ghcr.io/rancher/gke-operator:${{ github.sha }}
+          load: true
+          push: false
+          file: package/Dockerfile
+      - name: Run Trivy vulnerability scanner
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: "ghcr.io/rancher/gke-operator:${{ github.sha }}"
+          format: "table"
+          exit-code: "1"
+          ignore-unfixed: true
+          severity: "CRITICAL,HIGH"
diff --git a/.github/workflows/verify.yaml b/.github/workflows/verify.yaml
@@ -0,0 +1,26 @@
+name: Verify
+on:
+  pull_request:
+  push:
+    branches:
+      - master
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+    - name: Install Go
+      uses: actions/setup-go@v4
+      with:
+        go-version: 1.19.x
+    - uses: actions/[email protected]
+      with:
+        path: |
+          ~/go/pkg/mod
+          ~/.cache/go-build
+        key: ${{ runner.os }}-test-go-${{ hashFiles('**/go.sum') }}
+        restore-keys: |
+          ${{ runner.os }}-test-go-${{ hashFiles('**/go.sum') }}
+    - name: Run make verify
+      run: |
+        make verify
diff --git a/Makefile b/Makefile
@@ -1,16 +1,66 @@
 TARGETS := $(shell ls scripts)
 
+ROOT_DIR:=$(shell dirname $(realpath $(firstword $(MAKEFILE_LIST))))
+BIN_DIR := $(abspath $(ROOT_DIR)/bin)
+GO_INSTALL = ./scripts/go_install.sh
+
+MOCKGEN_VER := v1.6.0
+MOCKGEN_BIN := mockgen
+MOCKGEN := $(BIN_DIR)/$(MOCKGEN_BIN)-$(MOCKGEN_VER)
+MOCKGEN_PKG := github.com/golang/mock/mockgen
+
+GO_APIDIFF_VER := v0.6.0
+GO_APIDIFF_BIN := go-apidiff
+GO_APIDIFF := $(BIN_DIR)/$(GO_APIDIFF_BIN)-$(GO_APIDIFF_VER)
+GO_APIDIFF_PKG := github.com/joelanford/go-apidiff
+
+
+$(MOCKGEN):
+	GOBIN=$(BIN_DIR) $(GO_INSTALL) $(MOCKGEN_PKG) $(MOCKGEN_BIN) $(MOCKGEN_VER)
+
+$(GO_APIDIFF):
+	GOBIN=$(BIN_DIR) $(GO_INSTALL) $(GO_APIDIFF_PKG) $(GO_APIDIFF_BIN) $(GO_APIDIFF_VER)
+
 .dapper:
 	@echo Downloading dapper
 	@curl -sL https://releases.rancher.com/dapper/latest/dapper-`uname -s`-`uname -m` > .dapper.tmp
 	@@chmod +x .dapper.tmp
 	@./.dapper.tmp -v
 	@mv .dapper.tmp .dapper
 
+.PHONY: $(TARGETS)
 $(TARGETS): .dapper
 	./.dapper $@
 
-clean:
-	rm -rf build bin dist
+.PHONY: generate-go
+generate-go: $(MOCKGEN)
+	go generate ./pkg/gke/...
 
-.PHONY: $(TARGETS)
+.PHONY: generate-crd
+generate-crd: $(MOCKGEN)
+	go generate main.go
+
+.PHONY: generate
+generate:
+	$(MAKE) generate-go
+	$(MAKE) generate-crd
+
+.PHONY: operator
+operator:
+	go build -o bin/gke-operator main.go
+
+ALL_VERIFY_CHECKS = generate
+
+.PHONY: verify
+verify: $(addprefix verify-,$(ALL_VERIFY_CHECKS))
+
+.PHONY: verify-generate
+verify-generate: generate
+	@if !(git diff --quiet HEAD); then \
+		git diff; \
+		echo "generated files are out of date, run make generate"; exit 1; \
+	fi
+
+.PHONY: clean
+clean:
+	rm -rf build bin dist
diff --git a/go.mod b/go.mod
@@ -6,7 +6,7 @@ replace k8s.io/client-go => k8s.io/client-go v0.25.4
 
 require (
 	github.com/rancher/lasso v0.0.0-20221221222919-b7ec3b315a41
-	github.com/rancher/wrangler v1.0.1-0.20230208234005-a59a11cc3ef5
+	github.com/rancher/wrangler v1.0.1
 	github.com/rancher/wrangler-api v0.6.1-0.20200427172631-a7c2f09b783e
 	github.com/sirupsen/logrus v1.9.3
 	golang.org/x/oauth2 v0.9.0

diff --git a/go.sum b/go.sum
@@ -542,8 +542,8 @@ github.com/rancher/lasso v0.0.0-20200427171700-e0509f89f319/go.mod h1:6Dw19z1lDI
 github.com/rancher/lasso v0.0.0-20221221222919-b7ec3b315a41 h1:aLrR2YsP7Q9mlclzPOK/5PhyEGn7JIK2Fz0uCaeXEks=
 github.com/rancher/lasso v0.0.0-20221221222919-b7ec3b315a41/go.mod h1:dEfC9eFQigj95lv/JQ8K5e7+qQCacWs1aIA6nLxKzT8=
 github.com/rancher/wrangler v0.6.2-0.20200427172034-da9b142ae061/go.mod h1:n5Du/gGD7WoiqnEo0SHnPirDIp1V9Zu+6guc8lXS2dk=
-github.com/rancher/wrangler v1.0.1-0.20230208234005-a59a11cc3ef5 h1:NrOPBlG0zswdgpAe6Db1rrzNpP2tpJytUiZ25LJHo+k=
-github.com/rancher/wrangler v1.0.1-0.20230208234005-a59a11cc3ef5/go.mod h1:045DEilEDtD9RJLQcChKbI2hAa26MOQ78VJ2yaKihXs=
+github.com/rancher/wrangler v1.0.1 h1:toavOGC1+eaZufcOJD6UyIf+aGM4rlJjPqm511Ls4sI=
+github.com/rancher/wrangler v1.0.1/go.mod h1:Blhan9LdaIJjC9w+xGteSrHHEiIFIdPEHEMrtx82dPk=
 github.com/rancher/wrangler-api v0.6.1-0.20200427172631-a7c2f09b783e h1:UJpGtw6IKs0dHPTF+6Wd12lskeCZZAejl8/ie/fc1+0=
 github.com/rancher/wrangler-api v0.6.1-0.20200427172631-a7c2f09b783e/go.mod h1:2lcWR98q8HU3U4mVETnXc8quNG0uXxrt8vKd6cAa/30=
 github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg=

diff --git a/pkg/apis/gke.cattle.io/v1/zz_generated_deepcopy.go b/pkg/apis/gke.cattle.io/v1/zz_generated_deepcopy.go
diff --git a/scripts/go_install.sh b/scripts/go_install.sh
@@ -0,0 +1,32 @@
+#!/usr/bin/env bash
+
+set -o errexit
+set -o nounset
+set -o pipefail
+
+if [ -z "${1}" ]; then
+  echo "must provide module as first parameter"
+  exit 1
+fi
+
+if [ -z "${2}" ]; then
+  echo "must provide binary name as second parameter"
+  exit 1
+fi
+
+if [ -z "${3}" ]; then
+  echo "must provide version as third parameter"
+  exit 1
+fi
+
+if [ -z "${GOBIN}" ]; then
+  echo "GOBIN is not set. Must set GOBIN to install the bin in a specified directory."
+  exit 1
+fi
+
+rm "${GOBIN}/${2}"* 2> /dev/null || true
+
+# install the golang module specified as the first argument
+go install -tags tools "${1}@${3}"
+mv "${GOBIN}/${2}" "${GOBIN}/${2}-${3}"
+ln -sf "${GOBIN}/${2}-${3}" "${GOBIN}/${2}"