github/kube-explorer
1
0
Fork 0
mirror of https://github.com/cnrancher/kube-explorer.git synced 2025-08-11 11:21:38 +00:00
Code Issues Projects Releases Wiki Activity

feat(ci): Improve drone pipeline configuration

Browse Source 
- Separate push and tag pipeline
- Use buildx to build and push multi-arch image
This commit is contained in:
Yuxing Deng 2023-11-15 15:47:19 +08:00
parent 989d087b99
commit 29d91d06b7
7 changed files with 138 additions and 314 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

408
.drone.yml
View File

@ -1,309 +1,163 @@
--- type: docker
kind: pipeline kind: pipeline
name: default-amd64 name: push
platform: platform:
os: linux os: linux
arch: amd64 arch: amd64
steps: trigger:
- name: build event:
pull: default exclude:
image: rancher/dapper:v0.5.8 - promote
commands: include:
- dapper ci - push
privileged: true - pull_request
volumes:
- name: docker
path: /var/run/docker.sock
when:
ref:
include:
- "refs/heads/main"
- "refs/heads/v*"
event:
- push
- pull_request
- name: release
pull: default
image: rancher/dapper:v0.5.8
commands:
- dapper ci
privileged: true
environment:
CROSS: 1
volumes:
- name: docker
path: /var/run/docker.sock
when:
event:
- tag
- name: stage-binaries-head
image: rancher/dapper:v0.5.8
commands:
- "cp -r ./bin/kube-explorer ./package/"
when:
ref:
include:
- "refs/heads/main"
- "refs/heads/v*"
event:
- push
- name: stage-binaries
image: rancher/dapper:v0.5.8
commands:
- "cp -r ./bin/kube-explorer-linux-amd64 ./package/kube-explorer"
when:
event:
- tag
- name: github_binary_release
pull: default
image: plugins/github-release
settings:
api_key:
from_secret: github_token
checksum:
- sha256
files:
- "bin/*"
title: "${DRONE_TAG}"
overwrite: true
when:
event:
- tag
- name: docker-publish-head
pull: default
image: plugins/docker
settings:
dockerfile: package/Dockerfile
context: package/
password:
from_secret: docker_password
repo: cnrancher/kube-explorer
tag: head-linux-amd64
username:
from_secret: docker_username
when:
ref:
include:
- "refs/heads/main"
- "refs/heads/v*"
event:
- push
- name: image-scan-head
image: aquasec/trivy
commands:
- trivy image --no-progress --ignore-unfixed --severity HIGH,CRITICAL --scanners vuln --exit-code 1 cnrancher/kube-explorer:head-linux-amd64
volumes:
- name: docker
path: /var/run/docker.sock
when:
ref:
include:
- "refs/heads/main"
- "refs/heads/v*"
event:
- push
- name: docker-publish
pull: default
image: plugins/docker
settings:
dockerfile: package/Dockerfile
context: package/
password:
from_secret: docker_password
repo: cnrancher/kube-explorer
tag: ${DRONE_TAG}-linux-amd64
username:
from_secret: docker_username
when:
event:
- tag
volumes: volumes:
- name: docker - name: docker
host: host:
path: /var/run/docker.sock path: /var/run/docker.sock
node: node:
instance: agent-amd64 instance: agent-amd64
trigger:
ref:
include:
- "refs/heads/main"
- "refs/heads/v*"
- "refs/tags/*"
event:
exclude:
- promote
---
kind: pipeline
name: default-arm64
platform:
os: linux
arch: arm64
steps: steps:
- name: build - name: build
pull: default image: rancher/dapper:v0.6.0
image: rancher/dapper:v0.5.8 commands:
commands: - dapper ci
- dapper ci privileged: true
privileged: true volumes:
volumes: - name: docker
- name: docker path: /var/run/docker.sock
path: /var/run/docker.sock
when:
ref:
include:
- "refs/heads/main"
- "refs/heads/v*"
- "refs/tags/*"
event:
- push
- tag
- name: stage-binaries - name: image-scan-head
image: rancher/dapper:v0.5.8 image: aquasec/trivy
commands: commands:
- "cp -r ./bin/* ./package/" - trivy image --no-progress --ignore-unfixed --severity HIGH,CRITICAL --scanners vuln --exit-code 1 cnrancher/kube-explorer:${DRONE_COMMIT:0:7}
when: volumes:
ref: - name: docker
include: path: /var/run/docker.sock
- "refs/heads/main" when:
- "refs/heads/v*" event:
- "refs/tags/*" - push
event: ref:
- push include:
- tag - "refs/heads/main"
- "refs/heads/v*"
- name: docker-publish-head - name: install-buildx-support
pull: default image: tonistiigi/binfmt
image: plugins/docker privileged: true
settings: entrypoint:
build_args: - /usr/bin/binfmt
- ARCH=arm64 command:
dockerfile: package/Dockerfile - --install
context: package/ - all
password: when:
from_secret: docker_password event:
repo: cnrancher/kube-explorer - push
tag: head-linux-arm64 ref:
username: include:
from_secret: docker_username - "refs/heads/main"
when: - "refs/heads/v*"
ref:
include:
- "refs/heads/main"
- "refs/heads/v*"
event:
- push
- name: docker-publish - name: docker-publish
pull: default image: thegeeklab/drone-docker-buildx
image: plugins/docker privileged: true
settings: settings:
build_args: platforms: linux/amd64,linux/arm64/v8
- ARCH=arm64 dockerfile: package/Dockerfile
dockerfile: package/Dockerfile repo: cnrancher/kube-explorer
context: package/ tag: latest
password: username:
from_secret: docker_password from_secret: docker_username
repo: cnrancher/kube-explorer password:
tag: ${DRONE_TAG}-linux-arm64 from_secret: docker_password
username: volumes:
from_secret: docker_username - name: docker
when: path: /var/run/docker.sock
event: when:
- tag event:
- push
volumes: ref:
- name: docker include:
host: - "refs/heads/main"
path: /var/run/docker.sock - "refs/heads/v*"
trigger:
ref:
include:
- "refs/heads/main"
- "refs/heads/v*"
- "refs/tags/*"
event:
exclude:
- promote
node:
instance: agent-arm64
--- ---
type: docker
kind: pipeline kind: pipeline
name: manifest name: tag
platform: platform:
os: linux os: linux
arch: amd64 arch: amd64
steps: trigger:
- name: push-manifest-head event:
image: plugins/manifest exclude:
settings: - promote
ignore_missing: true include:
username: - tag
from_secret: docker_username ref:
password: include:
from_secret: docker_password - "refs/tags/*"
spec: manifest-head.tmpl
when:
ref:
include:
- "refs/heads/main"
- "refs/heads/v*"
event:
- push
- name: push-manifest
image: plugins/manifest
settings:
ignore_missing: true
username:
from_secret: docker_username
password:
from_secret: docker_password
spec: manifest.tmpl
when:
event:
- tag
volumes: volumes:
- name: docker - name: docker
host: host:
path: /var/run/docker.sock path: /var/run/docker.sock
node: node:
instance: agent-amd64 instance: agent-amd64
trigger: steps:
ref: - name: release
include: image: rancher/dapper:v0.6.0
- "refs/heads/main" commands:
- "refs/heads/v*" - dapper ci
- "refs/tags/*" privileged: true
event: environment:
exclude: CROSS: 1
- promote volumes:
- name: docker
path: /var/run/docker.sock
depends_on: - name: install-buildx-support
- default-amd64 image: tonistiigi/binfmt
- default-arm64 privileged: true
entrypoint:
- /usr/bin/binfmt
command:
- --install
- all
... - name: docker-publish
image: thegeeklab/drone-docker-buildx
privileged: true
settings:
platforms: linux/amd64,linux/arm64/v8
dockerfile: package/Dockerfile
repo: cnrancher/kube-explorer
tag: ${DRONE_TAG}
username:
from_secret: docker_username
password:
from_secret: docker_password
volumes:
- name: docker
path: /var/run/docker.sock
- name: github_binary_release
image: plugins/github-release
settings:
api_key:
from_secret: github_token
checksum:
- sha256
files:
- "bin/*"
title: "${DRONE_TAG}"
overwrite: true

12
manifest-head.tmpl
View File

@ -1,12 +0,0 @@
image: cnrancher/kube-explorer:latest
manifests:
-
image: cnrancher/kube-explorer:head-linux-amd64
platform:
architecture: amd64
os: linux
-
image: cnrancher/kube-explorer:head-linux-arm64
platform:
architecture: arm64
os: linux

12
manifest.tmpl
View File

@ -1,12 +0,0 @@
image: cnrancher/kube-explorer:{{build.tag}}
manifests:
-
image: cnrancher/kube-explorer:{{build.tag}}-linux-amd64
platform:
architecture: amd64
os: linux
-
image: cnrancher/kube-explorer:{{build.tag}}-linux-arm64
platform:
architecture: arm64
os: linux

7
package/Dockerfile
View File

@ -1,4 +1,7 @@
FROM registry.suse.com/bci/bci-minimal:15.5 FROM registry.suse.com/bci/bci-minimal:15.5
ARG TARGETARCH
COPY kube-explorer entrypoint.sh /usr/bin/ ARG TARGETOS
ENV ARCH=${TARGETARCH:-"amd64"} OS=${TARGETOS:-"linux"}
COPY package/entrypoint.sh /usr/bin/
COPY bin/kube-explorer-${OS}-${ARCH} /usr/bin/kube-explorer
ENTRYPOINT ["entrypoint.sh"] ENTRYPOINT ["entrypoint.sh"]

2
scripts/build
View File

@ -46,7 +46,7 @@ else
CGO_ENABLED=0 go build -tags embed \ CGO_ENABLED=0 go build -tags embed \
-ldflags \ -ldflags \
"$LD_INJECT_VALUES $LINKFLAGS" \ "$LD_INJECT_VALUES $LINKFLAGS" \
-o bin/kube-explorer -o "bin/kube-explorer-$(uname | tr '[:upper:]' '[:lower:]')-${ARCH}"
fi fi
mkdir -p $DAPPER_SOURCE/bin mkdir -p $DAPPER_SOURCE/bin

10
scripts/package
View File

@ -5,14 +5,6 @@ source $(dirname $0)/version
pushd $DAPPER_SOURCE pushd $DAPPER_SOURCE
if [ -f bin/kube-explorer-linux-${ARCH} ]; then docker build -f package/Dockerfile -t cnrancher/kube-explorer:$VERSION .
# For cross mode
cp bin/kube-explorer-linux-${ARCH} package/kube-explorer
else
# For common mode
cp bin/kube-explorer package/
fi
cd package
docker build -f Dockerfile -t cnrancher/kube-explorer:$VERSION .
popd popd

1
scripts/steve

@ -1 +0,0 @@
Subproject commit 26e14afc0b652b0363fc38e05ef28aa99d26694c