From 65c4dbb0eb074064a3b3c9eb15bada2a760be7ea Mon Sep 17 00:00:00 2001 From: Michael Barz Date: Thu, 6 Jul 2023 11:24:57 +0200 Subject: [PATCH 1/3] use public s3 secrets --- .drone.star | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/.drone.star b/.drone.star index 47e1c74d2b8..322e4bbc7a8 100644 --- a/.drone.star +++ b/.drone.star @@ -200,7 +200,7 @@ pipelineVolumeGo = \ # minio mc environment variables MINIO_MC_ENV = { "CACHE_BUCKET": { - "from_secret": "cache_public_s3_bucket", + "from_secret": "cache_s3_bucket", }, "MC_HOST": { "from_secret": "cache_s3_endpoint", @@ -415,10 +415,10 @@ def checkGoBinCache(): "image": OC_UBUNTU, "environment": { "CACHE_ENDPOINT": { - "from_secret": "cache_public_s3_server", + "from_secret": "cache_s3_server", }, "CACHE_BUCKET": { - "from_secret": "cache_public_s3_bucket", + "from_secret": "cache_s3_bucket", }, }, "commands": [ @@ -518,7 +518,7 @@ def testOcisModule(ctx, module): "image": PLUGINS_S3, "settings": { "endpoint": { - "from_secret": "cache_s3_endpoint", + "from_secret": "cache_s3_server", }, "bucket": "cache", "source": "cache/**/*", @@ -1264,10 +1264,10 @@ def buildTracingComment(): ], "environment": { "CACHE_ENDPOINT": { - "from_secret": "cache_public_s3_server", + "from_secret": "cache_s3_server", }, "CACHE_BUCKET": { - "from_secret": "cache_public_s3_bucket", + "from_secret": "cache_s3_bucket", }, }, "when": { @@ -2443,7 +2443,7 @@ def genericCache(name, action, mounts, cache_path): "image": PLUGINS_S3_CACHE, "settings": { "endpoint": { - "from_secret": "cache_s3_endpoint", + "from_secret": "cache_s3_server", }, "rebuild": rebuild, "restore": restore, @@ -2482,7 +2482,7 @@ def genericCachePurge(flush_path): "from_secret": "cache_s3_secret_key", }, "endpoint": { - "from_secret": "cache_s3_endpoint", + "from_secret": "cache_s3_server", }, "flush": True, "flush_age": 1, @@ -2785,10 +2785,10 @@ def checkForWebCache(name): "image": OC_UBUNTU, "environment": { "CACHE_ENDPOINT": { - "from_secret": "cache_public_s3_server", + "from_secret": "cache_s3_server", }, "CACHE_BUCKET": { - "from_secret": "cache_public_s3_bucket", + "from_secret": "cache_s3_bucket", }, }, "commands": [ From de0ba069dc56a332dbc820cff7591cd70b6620d1 Mon Sep 17 00:00:00 2001 From: Michael Barz Date: Thu, 6 Jul 2023 15:33:31 +0200 Subject: [PATCH 2/3] use new s3 upload secrets --- .drone.star | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.drone.star b/.drone.star index 322e4bbc7a8..b33c48ae45e 100644 --- a/.drone.star +++ b/.drone.star @@ -1493,16 +1493,16 @@ def binaryRelease(ctx, name): settings = { "endpoint": { - "from_secret": "s3_endpoint", + "from_secret": "upload_s3_endpoint", }, "access_key": { - "from_secret": "aws_access_key_id", + "from_secret": "upload_s3_access_key", }, "secret_key": { - "from_secret": "aws_secret_access_key", + "from_secret": "upload_s3_secret_key", }, "bucket": { - "from_secret": "s3_bucket", + "from_secret": "upload_s3_bucket", }, "path_style": True, "strip_prefix": "ocis/dist/release/", From a115d3fb05588031dcc462368f45e9b08b52c5e4 Mon Sep 17 00:00:00 2001 From: amrita Date: Mon, 10 Jul 2023 12:22:22 +0545 Subject: [PATCH 3/3] Update CI --- .drone.star | 77 +++++++---------------------------------------------- 1 file changed, 10 insertions(+), 67 deletions(-) diff --git a/.drone.star b/.drone.star index b33c48ae45e..8950c7fec38 100644 --- a/.drone.star +++ b/.drone.star @@ -4,14 +4,12 @@ # images ALPINE_GIT = "alpine/git:latest" CHKO_DOCKER_PUSHRM = "chko/docker-pushrm:1" -DRONE_CLI = "drone/cli:alpine" INBUCKET_INBUCKET = "inbucket/inbucket" MINIO_MC = "minio/mc:RELEASE.2021-10-07T04-19-58Z" OC_CI_ALPINE = "owncloudci/alpine:latest" OC_CI_BAZEL_BUILDIFIER = "owncloudci/bazel-buildifier:latest" OC_CI_CLAMAVD = "owncloudci/clamavd" OC_CI_DRONE_ANSIBLE = "owncloudci/drone-ansible:latest" -OC_CI_DRONE_CANCEL_PREVIOUS_BUILDS = "owncloudci/drone-cancel-previous-builds" OC_CI_DRONE_SKIP_PIPELINE = "owncloudci/drone-skip-pipeline" OC_CI_GOLANG = "owncloudci/golang:1.20" OC_CI_NODEJS = "owncloudci/nodejs:%s" @@ -169,7 +167,7 @@ config = { }, "rocketchat": { "channel": "ocis-internal", - "from_secret": "private_rocketchat", + "from_secret": "rocketchat_chat_webhook", }, "binaryReleases": { "os": ["linux", "darwin"], @@ -203,7 +201,7 @@ MINIO_MC_ENV = { "from_secret": "cache_s3_bucket", }, "MC_HOST": { - "from_secret": "cache_s3_endpoint", + "from_secret": "cache_s3_server", }, "AWS_ACCESS_KEY_ID": { "from_secret": "cache_s3_access_key", @@ -254,7 +252,6 @@ def main(ctx): pipelines = [] test_pipelines = \ - cancelPreviousBuilds() + \ codestyle(ctx) + \ buildWebCache(ctx) + \ getGoBinForTesting(ctx) + \ @@ -340,30 +337,6 @@ def testOcisModules(ctx): return pipelines + [scan_result_upload] -def cancelPreviousBuilds(): - return [{ - "kind": "pipeline", - "type": "docker", - "name": "cancel-previous-builds", - "clone": { - "disable": True, - }, - "steps": [{ - "name": "cancel-previous-builds", - "image": OC_CI_DRONE_CANCEL_PREVIOUS_BUILDS, - "settings": { - "DRONE_TOKEN": { - "from_secret": "drone_token", - }, - }, - }], - "trigger": { - "ref": [ - "refs/pull/**", - ], - }, - }] - def testPipelines(ctx): pipelines = [] @@ -625,14 +598,11 @@ def uploadScanResults(ctx): { "name": "sync-from-cache", "image": MINIO_MC, - "environment": { - "MC_HOST_cachebucket": { - "from_secret": "cache_s3_connection_url", - }, - }, + "environment": MINIO_MC_ENV, "commands": [ "mkdir -p cache", - "mc mirror cachebucket/cache/%s/%s/cache cache/" % (ctx.repo.slug, ctx.build.commit + "-${DRONE_BUILD_NUMBER}"), + "mc alias set cachebucket $MC_HOST $AWS_ACCESS_KEY_ID $AWS_SECRET_ACCESS_KEY", + "mc mirror cachebucket/$CACHE_BUCKET/%s/%s/cache cache/" % (ctx.repo.slug, ctx.build.commit + "-${DRONE_BUILD_NUMBER}"), ], }, { @@ -652,13 +622,10 @@ def uploadScanResults(ctx): { "name": "purge-cache", "image": MINIO_MC, - "environment": { - "MC_HOST_cachebucket": { - "from_secret": "cache_s3_connection_url", - }, - }, + "environment": MINIO_MC_ENV, "commands": [ - "mc rm --recursive --force cachebucket/cache/%s/%s/cache" % (ctx.repo.slug, ctx.build.commit + "-${DRONE_BUILD_NUMBER}"), + "mc alias set cachebucket $MC_HOST $AWS_ACCESS_KEY_ID $AWS_SECRET_ACCESS_KEY", + "mc rm --recursive --force cachebucket/$CACHE_BUCKET/%s/%s/cache" % (ctx.repo.slug, ctx.build.commit + "-${DRONE_BUILD_NUMBER}"), ], }, ], @@ -1222,10 +1189,10 @@ def uploadTracingResult(ctx): "pull": "if-not-exists", "settings": { "bucket": { - "from_secret": "cache_public_s3_bucket", + "from_secret": "cache_s3_bucket", }, "endpoint": { - "from_secret": "cache_public_s3_server", + "from_secret": "cache_s3_server", }, "path_style": True, "source": "webTestRunner/reports/e2e/playwright/tracing/**/*", @@ -1344,30 +1311,6 @@ def failEarly(ctx, early_fail): ], }, }, - { - "name": "stop-build", - "image": DRONE_CLI, - # # https://github.com/drone/runner-go/blob/0bd0f8fc31c489817572060d17c6e24aaa487470/pipeline/runtime/const.go#L95-L102 - # "failure": "fail-fast", - # would be an alternative, but is currently broken - "environment": { - "DRONE_SERVER": "https://drone.owncloud.com", - "DRONE_TOKEN": { - "from_secret": "drone_token", - }, - }, - "commands": [ - "drone build stop owncloud/ocis ${DRONE_BUILD_NUMBER}", - ], - "when": { - "status": [ - "failure", - ], - "event": [ - "pull_request", - ], - }, - }, ] return []