From d54c3e98ebe49282eba179fb38f1a2956a3e37e0 Mon Sep 17 00:00:00 2001 From: Daniel Genis Date: Wed, 11 Dec 2024 17:03:09 +0100 Subject: [PATCH] chore: update jsonnet --- .github/jsonnet/GIT_VERSION | 2 +- .github/jsonnet/databases.jsonnet | 6 --- .github/jsonnet/deployment.jsonnet | 2 +- .github/jsonnet/misc.jsonnet | 87 +++++++++++++++++++++++++++--- .github/jsonnet/pnpm.jsonnet | 4 +- .github/workflows/misc.yml | 51 +++++++++++++++++- .github/workflows/pr.yml | 51 +++++++++++++++++- .github/workflows/publish-prod.yml | 51 +++++++++++++++++- 8 files changed, 231 insertions(+), 23 deletions(-) diff --git a/.github/jsonnet/GIT_VERSION b/.github/jsonnet/GIT_VERSION index f4acc731..fa23250d 100644 --- a/.github/jsonnet/GIT_VERSION +++ b/.github/jsonnet/GIT_VERSION @@ -1 +1 @@ -84ec8f29f0c97ca93ebcb74c1e338d3cb6c03302 +4e950af19b855ed027f1d5b6df12bd3acfdd0a6c diff --git a/.github/jsonnet/databases.jsonnet b/.github/jsonnet/databases.jsonnet index c048cbf6..1fc81178 100644 --- a/.github/jsonnet/databases.jsonnet +++ b/.github/jsonnet/databases.jsonnet @@ -23,12 +23,6 @@ local images = import 'images.jsonnet'; region: 'europe-west4', project: 'unicorn-985', }, - 'eu-w4-responses-production': { - type: 'mysql', - server: 'eu-w4-responses-production', - region: 'europe-west4', - project: 'unicorn-985', - }, 'gynzy-test': { type: 'mysql', server: 'gynzy-test', diff --git a/.github/jsonnet/deployment.jsonnet b/.github/jsonnet/deployment.jsonnet index e15b0127..8307171b 100644 --- a/.github/jsonnet/deployment.jsonnet +++ b/.github/jsonnet/deployment.jsonnet @@ -124,7 +124,7 @@ local notifications = import 'notifications.jsonnet'; if branch.notifyOnDeploy then [ notifications.sendSlackMessage( - message='Deploy to ' + std.join(' and ', branch.deployments) + ' of started!\nTitle: ${{ github.event.pull_request.title }}\nBranch: ${{ github.head_ref }}', + message='Deploy to ' + std.join(' and ', branch.deployments) + ' of started!\nTitle: ${{ github.event.pull_request.title }}\nBranch: ${{ github.head_ref }}', ifClause=ifClause, ), ] diff --git a/.github/jsonnet/misc.jsonnet b/.github/jsonnet/misc.jsonnet index 4bc87d6d..385cbb7a 100644 --- a/.github/jsonnet/misc.jsonnet +++ b/.github/jsonnet/misc.jsonnet @@ -2,11 +2,79 @@ local base = import 'base.jsonnet'; local images = import 'images.jsonnet'; { - checkout(ifClause=null, fullClone=false, ref=null):: + checkout(ifClause=null, fullClone=false, ref=null, preferSshClone=true):: + local with = (if fullClone then { 'fetch-depth': 0 } else {}) + (if ref != null then { ref: ref } else {}); + local sshSteps = (if (preferSshClone) then + base.step( + 'check for ssh/git binaries', + ||| + if command -v git; + then + echo "gitBinaryExists=true" >> $GITHUB_OUTPUT; + echo "Git binary exists"; + else + echo "Attempt to install git binary"; + if command -v apk; then + echo "apk exists"; + apk add git && echo "gitBinaryExists=true" >> $GITHUB_OUTPUT; + elif command -v apt; then + echo "apt exists"; + apt update && apt install -y git && echo "gitBinaryExists=true" >> $GITHUB_OUTPUT; + else + echo "No package manager found, unable to install git cli binary"; + echo "gitBinaryExists=false" >> $GITHUB_OUTPUT; + fi; + fi; + + if command -v ssh; + then + echo "sshBinaryExists=true" >> $GITHUB_OUTPUT; + echo "SSH binary exists"; + exit 0; + else + echo "Attempt to install ssh binary"; + if command -v apk; then + echo "apk exists"; + apk add openssh-client && echo "sshBinaryExists=true" >> $GITHUB_OUTPUT && exit 0; + elif command -v apt; then + echo "apt exists"; + apt update && apt install -y openssh-client && echo "sshBinaryExists=true" >> $GITHUB_OUTPUT && exit 0; + else + echo "No package manager found, unable to install ssh cli binary"; + echo "sshBinaryExists=false" >> $GITHUB_OUTPUT; + fi; + fi; + echo "sshBinaryExists=false" >> $GITHUB_OUTPUT; + |||, + id='check-binaries', + ) else []); + + // strip the ${{ }} from the IfClause so we can inject and add our own if clause + local localIfClause = (if ifClause == null then null else std.strReplace(std.strReplace(ifClause, '${{ ', ''), ' }}', '')); + + if (preferSshClone) then + sshSteps + + base.action( + 'Check out repository code via ssh', + 'actions/checkout@v4', + with=with + (if preferSshClone then { 'ssh-key': '${{ secrets.VIRKO_GITHUB_SSH_KEY }}' } else {}), + ifClause='${{ ' + (if ifClause == null then '' else '( ' + localIfClause + ' ) && ') + " ( steps.check-binaries.outputs.sshBinaryExists == 'true' && steps.check-binaries.outputs.gitBinaryExists == 'true' ) }}", + ) + + base.action( + 'Check out repository code via https', + 'actions/checkout@v4', + with=with, + ifClause='${{ ' + (if ifClause == null then '' else '( ' + localIfClause + ' ) && ') + " ( steps.check-binaries.outputs.sshBinaryExists == 'false' || steps.check-binaries.outputs.gitBinaryExists == 'false' ) }}", + ) + + base.step('git safe directory', "command -v git && git config --global --add safe.directory '*' || true") + else + self.checkoutWithoutSshMagic(ifClause, fullClone, ref), + + checkoutWithoutSshMagic(ifClause=null, fullClone=false, ref=null):: local with = (if fullClone then { 'fetch-depth': 0 } else {}) + (if ref != null then { ref: ref } else {}); base.action( 'Check out repository code', - 'actions/checkout@v3', + 'actions/checkout@v4', with=with, ifClause=ifClause ) + @@ -200,9 +268,14 @@ local images = import 'images.jsonnet'; function(app) std.flatMap( function(env) if std.isObject(app[env]) then - std.map(function(linkName) '[' + app.name + ' ' + env + ' ' + linkName + ' preview](' + app[env][linkName] + ')', std.objectFields(app[env])) + std.map( + function(linkName) + '[' + std.strReplace(std.strReplace(app.name + ' ' + env + ' ' + linkName, '(', ''), ')', '') + ' preview]' + + '(' + app[env][linkName] + ')', + std.objectFields(app[env]) + ) else - ['[' + app.name + ' ' + env + ' preview](' + app[env] + ')'], + ['[' + std.strReplace(std.strReplace(app.name + ' ' + env, '(', ''), ')', '') + ' preview](' + app[env] + ')'], app.linkToLinear, ), @@ -374,12 +447,12 @@ local images = import 'images.jsonnet'; NODESELECTOR_TYPE: cluster.jobNodeSelectorType, } + environment, ), - + // Auto approve PRs made by specific users. Usefull for renovate PRs. // // Parameters: // users: a list of users to auto approve PRs for. Defaults to gynzy-virko. - autoApprovePRs(users = ['gynzy-virko']):: + autoApprovePRs(users=['gynzy-virko']):: base.pipeline( 'auto-approve-prs', [ @@ -392,7 +465,7 @@ local images = import 'images.jsonnet'; ), ], useCredentials=false, - ifClause='${{ ' + std.join(' || ', std.map(function(user) 'github.actor == \'' + user + '\'', users)) + ' }}', + ifClause='${{ ' + std.join(' || ', std.map(function(user) "github.actor == '" + user + "'", users)) + ' }}', ), ], permissions={ diff --git a/.github/jsonnet/pnpm.jsonnet b/.github/jsonnet/pnpm.jsonnet index a7009fe7..8d8bc06b 100644 --- a/.github/jsonnet/pnpm.jsonnet +++ b/.github/jsonnet/pnpm.jsonnet @@ -1,12 +1,12 @@ local base = import 'base.jsonnet'; { - install(args=[], with={}):: + install(args=[], with={}, version='9.5.0'):: base.action( 'Install application code', 'pnpm/action-setup@v4', with={ - version: '9.5.0', + version: version, run_install: ||| - args: %(args)s ||| % { args: args }, diff --git a/.github/workflows/misc.yml b/.github/workflows/misc.yml index 705738d3..a9cf3476 100644 --- a/.github/workflows/misc.yml +++ b/.github/workflows/misc.yml @@ -7,8 +7,55 @@ "image": "eu.gcr.io/unicorn-985/docker-images_jsonnet:v1" "runs-on": "ubuntu-latest" "steps": - - "name": "Check out repository code" - "uses": "actions/checkout@v3" + - "id": "check-binaries" + "name": "check for ssh/git binaries" + "run": | + if command -v git; + then + echo "gitBinaryExists=true" >> $GITHUB_OUTPUT; + echo "Git binary exists"; + else + echo "Attempt to install git binary"; + if command -v apk; then + echo "apk exists"; + apk add git && echo "gitBinaryExists=true" >> $GITHUB_OUTPUT; + elif command -v apt; then + echo "apt exists"; + apt update && apt install -y git && echo "gitBinaryExists=true" >> $GITHUB_OUTPUT; + else + echo "No package manager found, unable to install git cli binary"; + echo "gitBinaryExists=false" >> $GITHUB_OUTPUT; + fi; + fi; + + if command -v ssh; + then + echo "sshBinaryExists=true" >> $GITHUB_OUTPUT; + echo "SSH binary exists"; + exit 0; + else + echo "Attempt to install ssh binary"; + if command -v apk; then + echo "apk exists"; + apk add openssh-client && echo "sshBinaryExists=true" >> $GITHUB_OUTPUT && exit 0; + elif command -v apt; then + echo "apt exists"; + apt update && apt install -y openssh-client && echo "sshBinaryExists=true" >> $GITHUB_OUTPUT && exit 0; + else + echo "No package manager found, unable to install ssh cli binary"; + echo "sshBinaryExists=false" >> $GITHUB_OUTPUT; + fi; + fi; + echo "sshBinaryExists=false" >> $GITHUB_OUTPUT; + - "if": "${{ ( steps.check-binaries.outputs.sshBinaryExists == 'true' && steps.check-binaries.outputs.gitBinaryExists == 'true' ) }}" + "name": "Check out repository code via ssh" + "uses": "actions/checkout@v4" + "with": + "ref": "${{ github.event.pull_request.head.sha }}" + "ssh-key": "${{ secrets.VIRKO_GITHUB_SSH_KEY }}" + - "if": "${{ ( steps.check-binaries.outputs.sshBinaryExists == 'false' || steps.check-binaries.outputs.gitBinaryExists == 'false' ) }}" + "name": "Check out repository code via https" + "uses": "actions/checkout@v4" "with": "ref": "${{ github.event.pull_request.head.sha }}" - "name": "git safe directory" diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index ca0d3324..fe61408e 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -8,8 +8,55 @@ "pull-requests": "read" "runs-on": "ubuntu-latest" "steps": - - "name": "Check out repository code" - "uses": "actions/checkout@v3" + - "id": "check-binaries" + "name": "check for ssh/git binaries" + "run": | + if command -v git; + then + echo "gitBinaryExists=true" >> $GITHUB_OUTPUT; + echo "Git binary exists"; + else + echo "Attempt to install git binary"; + if command -v apk; then + echo "apk exists"; + apk add git && echo "gitBinaryExists=true" >> $GITHUB_OUTPUT; + elif command -v apt; then + echo "apt exists"; + apt update && apt install -y git && echo "gitBinaryExists=true" >> $GITHUB_OUTPUT; + else + echo "No package manager found, unable to install git cli binary"; + echo "gitBinaryExists=false" >> $GITHUB_OUTPUT; + fi; + fi; + + if command -v ssh; + then + echo "sshBinaryExists=true" >> $GITHUB_OUTPUT; + echo "SSH binary exists"; + exit 0; + else + echo "Attempt to install ssh binary"; + if command -v apk; then + echo "apk exists"; + apk add openssh-client && echo "sshBinaryExists=true" >> $GITHUB_OUTPUT && exit 0; + elif command -v apt; then + echo "apt exists"; + apt update && apt install -y openssh-client && echo "sshBinaryExists=true" >> $GITHUB_OUTPUT && exit 0; + else + echo "No package manager found, unable to install ssh cli binary"; + echo "sshBinaryExists=false" >> $GITHUB_OUTPUT; + fi; + fi; + echo "sshBinaryExists=false" >> $GITHUB_OUTPUT; + - "if": "${{ ( steps.check-binaries.outputs.sshBinaryExists == 'true' && steps.check-binaries.outputs.gitBinaryExists == 'true' ) }}" + "name": "Check out repository code via ssh" + "uses": "actions/checkout@v4" + "with": + "ref": "${{ github.event.pull_request.head.sha }}" + "ssh-key": "${{ secrets.VIRKO_GITHUB_SSH_KEY }}" + - "if": "${{ ( steps.check-binaries.outputs.sshBinaryExists == 'false' || steps.check-binaries.outputs.gitBinaryExists == 'false' ) }}" + "name": "Check out repository code via https" + "uses": "actions/checkout@v4" "with": "ref": "${{ github.event.pull_request.head.sha }}" - "name": "git safe directory" diff --git a/.github/workflows/publish-prod.yml b/.github/workflows/publish-prod.yml index 3fb431f2..012a5e37 100644 --- a/.github/workflows/publish-prod.yml +++ b/.github/workflows/publish-prod.yml @@ -8,8 +8,55 @@ "pull-requests": "read" "runs-on": "ubuntu-latest" "steps": - - "name": "Check out repository code" - "uses": "actions/checkout@v3" + - "id": "check-binaries" + "name": "check for ssh/git binaries" + "run": | + if command -v git; + then + echo "gitBinaryExists=true" >> $GITHUB_OUTPUT; + echo "Git binary exists"; + else + echo "Attempt to install git binary"; + if command -v apk; then + echo "apk exists"; + apk add git && echo "gitBinaryExists=true" >> $GITHUB_OUTPUT; + elif command -v apt; then + echo "apt exists"; + apt update && apt install -y git && echo "gitBinaryExists=true" >> $GITHUB_OUTPUT; + else + echo "No package manager found, unable to install git cli binary"; + echo "gitBinaryExists=false" >> $GITHUB_OUTPUT; + fi; + fi; + + if command -v ssh; + then + echo "sshBinaryExists=true" >> $GITHUB_OUTPUT; + echo "SSH binary exists"; + exit 0; + else + echo "Attempt to install ssh binary"; + if command -v apk; then + echo "apk exists"; + apk add openssh-client && echo "sshBinaryExists=true" >> $GITHUB_OUTPUT && exit 0; + elif command -v apt; then + echo "apt exists"; + apt update && apt install -y openssh-client && echo "sshBinaryExists=true" >> $GITHUB_OUTPUT && exit 0; + else + echo "No package manager found, unable to install ssh cli binary"; + echo "sshBinaryExists=false" >> $GITHUB_OUTPUT; + fi; + fi; + echo "sshBinaryExists=false" >> $GITHUB_OUTPUT; + - "if": "${{ ( steps.check-binaries.outputs.sshBinaryExists == 'true' && steps.check-binaries.outputs.gitBinaryExists == 'true' ) }}" + "name": "Check out repository code via ssh" + "uses": "actions/checkout@v4" + "with": + "ref": "${{ github.sha }}" + "ssh-key": "${{ secrets.VIRKO_GITHUB_SSH_KEY }}" + - "if": "${{ ( steps.check-binaries.outputs.sshBinaryExists == 'false' || steps.check-binaries.outputs.gitBinaryExists == 'false' ) }}" + "name": "Check out repository code via https" + "uses": "actions/checkout@v4" "with": "ref": "${{ github.sha }}" - "name": "git safe directory"