Skip to content

zerotier removal - Best to use a multi-cluster vpn such as kilo #3428

zerotier removal - Best to use a multi-cluster vpn such as kilo

zerotier removal - Best to use a multi-cluster vpn such as kilo #3428

Workflow file for this run

name: CI
on:
push:
# Trigger CI on all branch pushes but...
branches:
- "**"
# don't double trigger on new tag push when creating release. Should only
# trigger once for the release.
tags-ignore:
- "*.*.*"
pull_request:
release:
types: [created]
jobs:
check-lint-and-format:
runs-on: ubuntu-latest
defaults:
run:
working-directory: ./mkchain
steps:
- uses: actions/checkout@v2
- name: Set up Python 3.9
uses: actions/setup-python@v1
with:
python-version: 3.9
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install black isort==5.7.0 autoflake
- name: Remove unused imports
run: |
# one run to output unused imports, another run for exit code
autoflake . -r --remove-all-unused-imports
autoflake . -r --remove-all-unused-imports -c
- name: Sort imports
run: isort . --check --diff
- name: black
run: black . --check
# We don't have mkchain tests yet
# test:
# runs-on: ${{ matrix.os }}
# needs: check-lint-and-format
# defaults:
# run:
# working-directory: ./mkchain
# strategy:
# fail-fast: false
# matrix:
# python-version: [3.7, 3.8, 3.9]
# os: [ubuntu-latest, macos-latest, windows-latest]
# steps:
# - uses: actions/checkout@v2
# - name: Set up Python ${{ matrix.python-version }}
# uses: actions/setup-python@v1
# with:
# python-version: ${{ matrix.python-version }}
# - name: Install dependencies
# run: |
# python -m pip install --upgrade pip
# pip install pyyaml kubernetes
# pip install pytest
# - name: Build Python package
# run: pip install .
# - name: pytest
# run: pytest tests
publish_mkchain:
needs: check-lint-and-format
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
# after we test that the module works on all systems we only need to build one since this is a pure python module
matrix:
python-version: [3.8]
os: [ubuntu-latest]
steps:
- uses: actions/checkout@v2
- uses: actions/setup-python@v1
with:
python-version: ${{ matrix.python-version }}
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install pyyaml
pip install wheel
- name: Build Python package
run: python setup.py bdist_wheel
working-directory: mkchain
- name: Install wheels
run: pip install dist/*.whl
working-directory: mkchain
- name: Release
uses: softprops/action-gh-release@v1
if: startsWith(github.ref, 'refs/tags/')
with:
files: "**/mkchain/dist/*.whl"
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Publish package to PyPI
if: github.event_name == 'release' && github.event.action == 'created'
uses: pypa/gh-action-pypi-publish@release/v1
with:
user: __token__
password: ${{ secrets.PYPI_TOKEN }}
packages_dir: mkchain/dist/
list_containers_to_publish:
# based on
# https://stackoverflow.com/a/62953566/207209
runs-on: ubuntu-latest
needs: check-lint-and-format
outputs:
matrix: ${{ steps.gen-containers-matrix.outputs.matrix }}
steps:
- uses: actions/checkout@v2
- id: gen-containers-matrix
run: |
container_list=$(jq -c -n --arg cont "$(find -name 'Dockerfile' -printf '%h\n' | sort -u | sed 's/.\///')" '{ container: $cont | split("\n")}')
echo "Dynamically generated container list based on subdirectories of the repo with a dockerfile in it. The following list will be passed to next build step:"
echo $container_list
echo "::set-output name=matrix::$container_list"
publish-to-ghcr:
runs-on: ubuntu-latest
needs: list_containers_to_publish
strategy:
matrix: ${{fromJson(needs.list_containers_to_publish.outputs.matrix)}}
steps:
- name: Checkout
uses: actions/checkout@v2
with:
fetch-depth: 1
submodules: "true"
# We configure docker image caching for faster builds. See:
# https://evilmartians.com/chronicles/build-images-on-github-actions-with-docker-layer-caching
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@master
with:
install: true
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Login to registry
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin
- name: Cache Docker layers
uses: actions/cache@v2
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-multi-buildx-${{ matrix.container }}-${{ github.sha }}
restore-keys: |
${{ runner.os }}-multi-buildx-${{ matrix.container }}
- name: Docker meta
id: meta
uses: docker/metadata-action@v3
with:
images: ghcr.io/${{ github.repository_owner }}/tezos-k8s-${{ matrix.container }}
tags: |
type=ref,event=branch
type=ref,event=pr
type=match,pattern=([0-9]+\.[0-9]+\.[0-9]+),group=1
- name: Push ${{ matrix.container }} container to GHCR
uses: docker/build-push-action@v4
with:
push: true
provenance: false
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
file: ${{ matrix.container }}/Dockerfile
context: ${{ matrix.container}}/.
platforms: linux/amd64,linux/arm64
# Cache settings
builder: ${{ steps.buildx.outputs.name }}
cache-from: type=local,src=/tmp/.buildx-cache
# Note the mode=max here
# More: https://github.com/moby/buildkit#--export-cache-options
# And: https://github.com/docker/buildx#--cache-tonametypetypekeyvalue
cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-new
# Temp fix
# https://github.com/docker/build-push-action/issues/252
# https://github.com/moby/buildkit/issues/1896
- name: Move cache
run: |
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
lint_helm_charts:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Set up Helm
uses: azure/setup-helm@v1
with:
version: v3.8.1
- name: Lint Helm Charts
run: helm lint charts/*
test-helm-charts:
runs-on: ubuntu-latest
needs: lint_helm_charts
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Set up Helm
uses: azure/setup-helm@v1
with:
version: v3.8.1
- name: Run Helm Template Tests
run: ./bin/test-charts
publish_helm_charts:
runs-on: ubuntu-latest
needs: [test-helm-charts, lint_helm_charts, publish-to-ghcr]
if: github.event_name == 'release' && github.event.action == 'created'
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Install yq
run: |
sudo wget -q https://github.com/mikefarah/yq/releases/download/v4.2.0/yq_linux_amd64 -O /usr/bin/yq
sudo chmod +x /usr/bin/yq
- name: Get Release Version
id: get_release_version
run: echo "::set-output name=RELEASE_VERSION::${GITHUB_REF/refs\/tags\//}"
- name: Set Helm Chart and Image Versions
run: |
set -x
RELEASE_VERSION=${{ steps.get_release_version.outputs.RELEASE_VERSION }}
for chart in charts/*; do
[[ ! -d "$chart" ]] && continue
echo $chart
# Update Chart.yaml with release version
yq e ".version = \"$RELEASE_VERSION\"" -i "$chart/Chart.yaml"
# Get oxheadalpha/tezos-k8s images specified in values.yaml
tq_images=$(yq e '(.tezos_k8s_images[]) | path | .[-1]' "$chart/values.yaml")
# Update the release version of each of tezos-k8s images
for image in $tq_images; do
image_name=$(yq e ".tezos_k8s_images.$image" $chart/values.yaml | sed -E "s/ghcr.io\/oxheadalpha\/tezos-k8s-(.*):.*/\1/")
yq e ".tezos_k8s_images.$image = \"ghcr.io/oxheadalpha/tezos-k8s-$image_name:$RELEASE_VERSION\"" -i $chart/values.yaml
done
done
- name: Publish Helm charts
uses: stefanprodan/helm-gh-pages@master
with:
linting: off # We already linted in a job before
token: ${{ secrets.CI_GITHUB_TOKEN }}
branch: main
owner: ${{ github.repository_owner }}
repository: tezos-helm-charts