From eef40ed4174b9da14453105335a0f97fe400bcac Mon Sep 17 00:00:00 2001 From: Ming Xiao Date: Mon, 4 Nov 2024 12:19:53 -0800 Subject: [PATCH] Update pipeline to use GCS buckets Do not create candidate releases anymore, simply create a final release. Use shared task to create final release, remove promote-candidate task [TPCF-27407] Signed-off-by: Nitin Ravindran --- ci/pipeline.yml | 96 ++++++++++++---------------------- ci/tasks/promote-candidate.sh | 45 ---------------- ci/tasks/promote-candidate.yml | 18 ------- config/final.yml | 2 +- 4 files changed, 34 insertions(+), 127 deletions(-) delete mode 100755 ci/tasks/promote-candidate.sh delete mode 100644 ci/tasks/promote-candidate.yml diff --git a/ci/pipeline.yml b/ci/pipeline.yml index 12e6f1db..d204370a 100644 --- a/ci/pipeline.yml +++ b/ci/pipeline.yml @@ -23,7 +23,7 @@ jobs: params: { PIPELINE_FILENAME: "pipeline.yml" } input_mapping: { pipeline-repo: bosh-openstack-cpi-release } -- name: build-candidate +- name: run-specs serial: true build_log_retention: builds: *build_logs_to_retain @@ -33,25 +33,9 @@ jobs: - get: bosh-openstack-cpi-release timeout: *timeouts-long trigger: true - - get: version-semver - timeout: *timeouts-long - params: - bump: patch - - put: version-semver - timeout: *timeouts-long - params: - file: version-semver/number - task: run-unit-specs file: bosh-openstack-cpi-release/ci/tasks/run-unit-specs.yml image: openstack-cpi-release-docker-image - - task: build - timeout: *timeouts-long - file: bosh-openstack-cpi-release/ci/tasks/build-candidate.yml - image: openstack-cpi-release-docker-image - - put: bosh-cpi-dev-artifacts - timeout: *timeouts-long - params: - file: candidate/*.tgz - name: lifecycle serial: true @@ -60,13 +44,10 @@ jobs: builds: *build_logs_to_retain plan: - in_parallel: - - get: bosh-cpi-dev-artifacts - passed: [ build-candidate ] - timeout: *timeouts-long - trigger: true - get: bosh-openstack-cpi-release - passed: [ build-candidate ] + passed: [ run-specs ] timeout: *timeouts-long + trigger: true - get: openstack-lifecycle-stemcell resource: openstack-ubuntu-jammy-stemcell timeout: *timeouts-long @@ -140,9 +121,7 @@ jobs: builds: *build_logs_to_retain plan: - in_parallel: - - { trigger: true, passed: [ build-candidate ], get: bosh-cpi-dev-artifacts, timeout: *timeouts-long } - - { trigger: false, passed: [ build-candidate ], get: version-semver, timeout: *timeouts-long } - - { trigger: false, passed: [ build-candidate ], get: bosh-openstack-cpi-release, timeout: *timeouts-long } + - { trigger: true, passed: [ run-specs ], get: bosh-openstack-cpi-release, timeout: *timeouts-long } - { trigger: false, get: bosh-release, timeout: *timeouts-long } - { trigger: true, get: stemcell-director, resource: openstack-ubuntu-jammy-stemcell, timeout: *timeouts-long } - { trigger: false, get: stemcell, resource: openstack-ubuntu-jammy-stemcell, timeout: *timeouts-long } @@ -239,18 +218,26 @@ jobs: builds: *build_logs_to_retain plan: - in_parallel: - - { trigger: false, passed: [ lifecycle, bats-ubuntu-manual ], get: bosh-cpi-dev-artifacts, timeout: *timeouts-long } + - { trigger: false, get: bosh-shared-ci, timeout: *timeouts-long } - { trigger: false, passed: [ lifecycle, bats-ubuntu-manual ], get: bosh-openstack-cpi-release, timeout: *timeouts-long } - { trigger: false, get: release-version-semver, params: { bump: major }, timeout: *timeouts-long } - task: promote tags: [ "nimbus" ] timeout: *timeouts-long - file: bosh-openstack-cpi-release/ci/tasks/promote-candidate.yml + file: bosh-shared-ci/tasks/release/create-final-release.yml + input_mapping: + release_repo: bosh-openstack-cpi-release + version: release-version-semver params: - aws_access_key_id: ((bosh-openstack-cpi-blobs_assume_aws_access_key.username)) - aws_secret_access_key: ((bosh-openstack-cpi-blobs_assume_aws_access_key.password)) - aws_assume_role_arn: ((bosh-openstack-cpi-blobs_assume_aws_access_key.role_arn)) + GIT_USER_NAME: CI Bot + GIT_USER_EMAIL: bots@cloudfoundry.org + PRIVATE_YML: | + blobstore: + provider: gcs + options: + credentials_source: static + json_key: '((cloud-foundry-gcp-credentials))' - put: release-version-semver timeout: *timeouts-long @@ -258,7 +245,10 @@ jobs: - put: bosh-openstack-cpi-release timeout: *timeouts-long - params: { repository: promote/repo, rebase: true, tag: promote/integer_version, tag_prefix: "v" } + params: + repository: release_repo + rebase: true + tag: release_metadata/tag-name - name: bump-deps plan: @@ -310,11 +300,10 @@ jobs: PACKAGES: [ golang-1-linux ] PRIVATE_YML: | blobstore: - provider: s3 + provider: gcs options: - access_key_id: ((bosh-openstack-cpi-blobs_assume_aws_access_key.username)) - secret_access_key: ((bosh-openstack-cpi-blobs_assume_aws_access_key.password)) - assume_role_arn: ((bosh-openstack-cpi-blobs_assume_aws_access_key.role_arn)) + credentials_source: static + json_key: '((cloud-foundry-gcp-credentials))' - task: bump-ruby-package image: bosh-ecosystem-concourse-image file: ruby-release/ci/tasks/shared/bump-ruby-package.yml @@ -329,11 +318,10 @@ jobs: PACKAGE_PREFIX: "openstack" PRIVATE_YML: | blobstore: - provider: s3 + provider: gcs options: - access_key_id: ((bosh-openstack-cpi-blobs_assume_aws_access_key.username)) - secret_access_key: ((bosh-openstack-cpi-blobs_assume_aws_access_key.password)) - assume_role_arn: ((bosh-openstack-cpi-blobs_assume_aws_access_key.role_arn)) + credentials_source: static + json_key: '((cloud-foundry-gcp-credentials))' RUBY_VERSION_PATH: src/bosh_openstack_cpi/.ruby-version - task: run-unit-specs file: bosh-openstack-cpi-release/ci/tasks/run-unit-specs.yml @@ -365,6 +353,12 @@ resource_types: password: ((docker.password)) resources: +- name: bosh-shared-ci + type: git + source: + uri: git@github.com:cloudfoundry/bosh-shared-ci.git + private_key: ((github_deploy_key_bosh-shared-ci.private_key)) + - name: terraform-cpi type: terraform tags: [ "nimbus" ] @@ -378,19 +372,6 @@ resources: secret_key: ((bosh-openstack-cpi-ci_assume_aws_access_key.password)) role_arn: ((bosh-openstack-cpi-ci_assume_aws_access_key.role_arn)) - -- name: bosh-cpi-dev-artifacts - type: s3 - tags: [ "nimbus" ] - source: - regexp: bosh-openstack-cpi-([0-9.]+)\.tgz - bucket: bosh-openstack-cpi-ci # OpenStack CPI account - region_name: us-east-1 - access_key_id: ((bosh-openstack-cpi-ci_assume_aws_access_key.username)) - secret_access_key: ((bosh-openstack-cpi-ci_assume_aws_access_key.password)) - aws_role_arn: ((bosh-openstack-cpi-ci_assume_aws_access_key.role_arn)) - - - name: lifecycle-log type: s3 tags: [ "nimbus" ] @@ -410,17 +391,6 @@ resources: branch: master private_key: ((github_deploy_key_bosh-openstack-cpi-release.private_key)) -- name: version-semver - type: semver - tags: [ "nimbus" ] - source: - key: current-version - bucket: bosh-openstack-cpi-ci - access_key_id: ((bosh-openstack-cpi-ci_assume_aws_access_key.username)) - secret_access_key: ((bosh-openstack-cpi-ci_assume_aws_access_key.password)) - assume_role_arn: ((bosh-openstack-cpi-ci_assume_aws_access_key.role_arn)) - region_name: us-east-1 - - name: release-version-semver type: semver tags: [ "nimbus" ] diff --git a/ci/tasks/promote-candidate.sh b/ci/tasks/promote-candidate.sh deleted file mode 100755 index e28da2bc..00000000 --- a/ci/tasks/promote-candidate.sh +++ /dev/null @@ -1,45 +0,0 @@ -#!/usr/bin/env bash - -set -e -x - -source bosh-openstack-cpi-release/ci/tasks/utils.sh - -: ${aws_access_key_id:?} -: ${aws_secret_access_key:?} - -# Creates an integer version number from the semantic version format -# May be changed when we decide to fully use semantic versions for releases -integer_version=`cut -d "." -f1 release-version-semver/number` -echo $integer_version > promote/integer_version - -cp -r bosh-openstack-cpi-release promote/repo - -cd promote/repo - -set +x -echo "creating config/private.yml with blobstore secrets" -cat > config/private.yml << EOF ---- -blobstore: - provider: s3 - options: - access_key_id: $aws_access_key_id - secret_access_key: $aws_secret_access_key - assume_role_arn: $aws_assume_role_arn -EOF -set -x - -echo "using bosh CLI version..." -bosh-go --version - -echo "finalizing CPI release..." -bosh-go finalize-release --version $integer_version ../../bosh-cpi-dev-artifacts/*.tgz - -rm config/private.yml - -git diff | cat -git add . - -git config --global user.email cf-bosh-eng@pivotal.io -git config --global user.name CI -git commit -m "New final release v$integer_version" diff --git a/ci/tasks/promote-candidate.yml b/ci/tasks/promote-candidate.yml deleted file mode 100644 index 937f6db7..00000000 --- a/ci/tasks/promote-candidate.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- -platform: linux -image_resource: - type: docker-image - source: - repository: boshcpi/openstack-cpi-release -inputs: - - name: bosh-openstack-cpi-release - - name: bosh-cpi-dev-artifacts - - name: release-version-semver -outputs: - - name: promote -run: - path: bosh-openstack-cpi-release/ci/tasks/promote-candidate.sh -params: - aws_access_key_id: replace-me - aws_secret_access_key: replace-me - aws_assume_role_arn: replace-me diff --git a/config/final.yml b/config/final.yml index 407d9895..b43afe65 100644 --- a/config/final.yml +++ b/config/final.yml @@ -1,6 +1,6 @@ --- final_name: bosh-openstack-cpi blobstore: - provider: s3 + provider: gcs options: bucket_name: bosh-openstack-cpi-blobs