name: Release on: push: tags: - "*" env: GH_ANNOTATION: true DOCKER_BUILDKIT: 1 jobs: docker_build: runs-on: ubuntu-18.04 strategy: matrix: target: [proxy, controller, web, cni-plugin, debug, cli-bin, grafana] name: Docker build (${{ matrix.target }}) steps: - name: Checkout code # actions/checkout@v2 uses: actions/checkout@722adc6 - name: Set environment variables from scripts run: | . bin/_tag.sh echo "TAG=$(CI_FORCE_CLEAN=1 bin/root-tag)" >> $GITHUB_ENV . bin/_docker.sh echo "DOCKER_REGISTRY=$DOCKER_REGISTRY" >> $GITHUB_ENV echo "DOCKER_BUILDKIT_CACHE=${{ runner.temp }}/.buildx-cache" >> $GITHUB_ENV - name: Cache docker layers # actions/cache@v2.0.0 uses: actions/cache@b820478 with: path: ${{ env.DOCKER_BUILDKIT_CACHE }} key: ${{ runner.os }}-buildx-${{ matrix.target }}-${{ env.TAG }} restore-keys: ${{ runner.os }}-buildx-${{ matrix.target }}- - name: Set up Docker Buildx # crazy-max/ghaction-docker-buildx@v3.2.0 uses: crazy-max/ghaction-docker-buildx@552c9de - name: Build & Push Multi Arch Images env: DOCKER_TRACE: 1 DOCKER_MULTIARCH: 1 DOCKER_PUSH: 1 run: | echo "${{ secrets.DOCKER_GHCR_PAT }}" | docker login ghcr.io -u "${{ secrets.DOCKER_GHCR_USERNAME }}" --password-stdin bin/docker-build-${{ matrix.target }} - name: Prune docker layers cache # changes generate new images while the existing ones don't get removed # so we manually do that to avoid bloating the cache run: bin/docker-cache-prune - name: Create artifact with CLI # windows_static_cli_tests below needs this because it can't create linux containers # inside windows if: matrix.target == 'cli-bin' env: ARCHIVES: /home/runner/archives run: | bin/docker-pull-binaries $TAG mkdir -p $ARCHIVES cp -r $PWD/target/release/linkerd2-cli-$TAG-windows.exe $ARCHIVES/linkerd-windows.exe # `with.path` values do not support environment variables yet, so an # absolute path is used here. # # https://github.com/actions/upload-artifact/issues/8 - name: Upload artifact if: matrix.target == 'cli-bin' # actions/upload-artifact@v1 uses: actions/upload-artifact@3446296 with: name: image-archives path: /home/runner/archives # todo: Keep in sync with `kind_integration.yml` windows_static_cli_tests: name: Static CLI tests (windows) runs-on: windows-latest needs: [docker_build] steps: - name: Checkout code # actions/checkout@v2 uses: actions/checkout@722adc6 - name: Try to load cached Go modules # actions/cache@v1.1.2 uses: actions/cache@70655ec with: path: ~/go/pkg/mod key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} restore-keys: ${{ runner.os }}-go- - name: Download image archives # actions/download-artifact@v1 uses: actions/download-artifact@18f0f59 with: name: image-archives - name: Run CLI Integration tests run: go test --failfast --mod=readonly ".\test\cli" --linkerd=$PWD\image-archives\linkerd-windows.exe --cli-tests -v kind_integration_tests: strategy: matrix: integration_test: - cluster-domain - deep - external-issuer - helm-deep - helm-upgrade - uninstall - upgrade-edge - upgrade-stable - cni-calico-deep needs: [docker_build] name: Integration tests (${{ matrix.integration_test }}) runs-on: ubuntu-18.04 steps: - name: Checkout code # actions/checkout@v2 uses: actions/checkout@722adc6 - name: Try to load cached Go modules # actions/cache@v1.1.2 uses: actions/cache@70655ec with: path: ~/go/pkg/mod key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} restore-keys: | ${{ runner.os }}-go- - name: Set environment variables from scripts run: | TAG="$(CI_FORCE_CLEAN=1 bin/root-tag)" CMD="$PWD/target/release/linkerd2-cli-$TAG-linux-amd64" echo "CMD=$CMD" >> $GITHUB_ENV echo "TAG=$TAG" >> $GITHUB_ENV - name: Run integration tests run: | bin/docker-pull-binaries $TAG # Validate the CLI version matches the current build tag. [[ "$TAG" == "$($CMD version --short --client)" ]] bin/tests --images skip --name ${{ matrix.integration_test }} "$CMD" arm64_integration_tests: name: ARM64 integration tests runs-on: ubuntu-18.04 needs: [docker_build] steps: - name: Checkout code if: startsWith(github.ref, 'refs/tags/stable') # actions/checkout@v2 uses: actions/checkout@722adc6 - name: Try to load cached Go modules if: startsWith(github.ref, 'refs/tags/stable') # actions/cache@v1.1.2 uses: actions/cache@70655ec with: path: ~/go/pkg/mod key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} restore-keys: | ${{ runner.os }}-go- - name: Install linkerd CLI if: startsWith(github.ref, 'refs/tags/stable') run: | TAG="$(CI_FORCE_CLEAN=1 bin/root-tag)" CMD="$PWD/target/release/linkerd2-cli-$TAG-linux-amd64" bin/docker-pull-binaries $TAG $CMD version --client # validate CLI version matches the repo [[ "$TAG" == "$($CMD version --short --client)" ]] echo "Installed Linkerd CLI version: $TAG" echo "CMD=$CMD" >> $GITHUB_ENV - name: Set KUBECONFIG environment variables if: startsWith(github.ref, 'refs/tags/stable') run: | mkdir -p $HOME/.kube echo "${{ secrets.ARM64_KUBECONFIG }}" > $HOME/.kube/config echo "KUBECONFIG=$HOME/.kube/config" >> $GITHUB_ENV kubectl cluster-info - name: Run integration tests if: startsWith(github.ref, 'refs/tags/stable') env: RUN_ARM_TEST: 1 run: bin/tests --images skip --skip-cluster-create "$CMD" - name: CNI tests if: startsWith(github.ref, 'refs/tags/stable') run: | export TAG="$($CMD version --client --short)" go test -cover -race -v -mod=readonly ./cni-plugin/test -integration-tests - name: Test cleanup if: ${{ always() }} # will fail if other steps didn't run, so ignore error run: bin/test-cleanup || true choco_pack: # only runs for stable tags. The conditionals are at each step level instead of the job level # otherwise the jobs below that depend on this one won't run name: Pack Chocolatey release needs: [kind_integration_tests, arm64_integration_tests] runs-on: windows-2019 steps: - name: Checkout code if: startsWith(github.ref, 'refs/tags/stable') # actions/checkout@v2 uses: actions/checkout@722adc6 - name: Chocolatey - update nuspec if: startsWith(github.ref, 'refs/tags/stable') run: | $LINKERD_VERSION=$env:GITHUB_REF.Substring(17) (Get-Content bin\win\linkerd.nuspec).replace('LINKERD_VERSION', $LINKERD_VERSION) | Set-Content bin\win\linkerd.nuspec - name: Chocolatey - pack if: startsWith(github.ref, 'refs/tags/stable') # crazy-max/ghaction-chocolatey@v1.2.2 uses: crazy-max/ghaction-chocolatey@55c9188 with: args: pack bin/win/linkerd.nuspec - name: Chocolatey - upload package if: startsWith(github.ref, 'refs/tags/stable') # actions/upload-artifact@v2.01 uses: actions/upload-artifact@97b7dac with: name: choco path: ./linkerd.*.nupkg gh_release: name: Create GH release if: startsWith(github.ref, 'refs/tags/stable') || startsWith(github.ref, 'refs/tags/edge') runs-on: ubuntu-18.04 needs: [choco_pack] steps: - name: Checkout code # actions/checkout@v2 uses: actions/checkout@722adc6 - name: Set environment variables from scripts run: | . bin/_tag.sh . bin/_release.sh echo "TAG=$(CI_FORCE_CLEAN=1 bin/root-tag)" >> $GITHUB_ENV extract_release_notes NOTES.md - name: Download choco package if: startsWith(github.ref, 'refs/tags/stable') # actions/download-artifact@v1 uses: actions/download-artifact@18f0f59 with: name: choco - name: Pull CLI binaries env: DOCKER_MULTIARCH: 1 run : | bin/docker-pull-binaries $TAG VERSION=${TAG#"stable-"} mv choco/linkerd.*.nupkg target/release/linkerd2-cli-stable-$VERSION.nupkg || true - name: Create release id: create_release # softprops/action-gh-release@v1 uses: softprops/action-gh-release@91409e7 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: draft: false prerelease: false body_path: NOTES.md files: | ./target/release/linkerd2-cli-*-darwin ./target/release/linkerd2-cli-*-darwin.sha256 ./target/release/linkerd2-cli-*-linux-* ./target/release/linkerd2-cli-*-linux-*.sha256 ./target/release/linkerd2-cli-*-windows.exe ./target/release/linkerd2-cli-*-windows.exe.sha256 ./target/release/linkerd2-cli-*.nupkg website_publish: name: Linkerd website publish if: startsWith(github.ref, 'refs/tags/stable') || startsWith(github.ref, 'refs/tags/edge') runs-on: ubuntu-18.04 needs: [gh_release] steps: - name: Create linkerd/website repository dispatch event # peter-evans/repository-dispatch@v1 uses: peter-evans/repository-dispatch@0ae1c4b with: token: ${{ secrets.RELEASE_TOKEN }} repository: linkerd/website event-type: release website_publish_check: name: Linkerd website publish check if: startsWith(github.ref, 'refs/tags/stable') || startsWith(github.ref, 'refs/tags/edge') runs-on: ubuntu-18.04 needs: [website_publish] steps: - name: Checkout code # actions/checkout@v2 uses: actions/checkout@722adc6 - name: Set environment variables from scripts run: | . bin/_tag.sh echo "TAG=$(CI_FORCE_CLEAN=1 bin/root-tag)" >> $GITHUB_ENV - name: Set install target for stable if: startsWith(github.ref, 'refs/tags/stable') run: echo "INSTALL=install" >> $GITHUB_ENV - name: Set install target for edge if: startsWith(github.ref, 'refs/tags/edge') run: echo "INSTALL=install-edge" >> $GITHUB_ENV - name: Check published version run: | until RES=$(curl -sL https://run.linkerd.io/$INSTALL | grep "LINKERD2_VERSION=\${LINKERD2_VERSION:-$TAG}") \ || (( count++ >= 10 )) do sleep 30 done if [[ -z $RES ]]; then echo "::error::The version '$TAG' was NOT found published in the website" exit 1 fi chart_deploy: name: Helm chart deploy runs-on: ubuntu-18.04 needs: [gh_release] steps: - name: Checkout code # actions/checkout@v2 uses: actions/checkout@722adc6 - name: Configure gsutils # linkerd/linkerd2-action-gcloud@v1.0.1 uses: linkerd/linkerd2-action-gcloud@308c4df with: cloud_sdk_service_account_key: ${{ secrets.LINKERD_SITE_TOKEN }} gcp_project: ${{ secrets.LINKERD_SITE_PROJECT }} gcp_zone: ${{ secrets.LINKERD_SITE_ZONE }} - name: Edge Helm chart creation and upload if: startsWith(github.ref, 'refs/tags/edge') run: | mkdir -p target/helm gsutil cp gs://helm.linkerd.io/edge/index.yaml target/helm/index-pre.yaml bin/helm-build package gsutil rsync target/helm gs://helm.linkerd.io/edge - name: Stable Helm chart creation and upload if: startsWith(github.ref, 'refs/tags/stable') run: | mkdir -p target/helm gsutil cp gs://helm.linkerd.io/stable/index.yaml target/helm/index-pre.yaml bin/helm-build package gsutil rsync target/helm gs://helm.linkerd.io/stable