diff --git a/.lighthouse/pipeline-rust-build.yaml b/.lighthouse/pipeline-rust-build.yaml new file mode 100644 index 0000000..b182481 --- /dev/null +++ b/.lighthouse/pipeline-rust-build.yaml @@ -0,0 +1,260 @@ +apiVersion: tekton.dev/v1beta1 +kind: PipelineRun +metadata: + name: rust-build +spec: + pipelineSpec: + params: + - name: image-name + description: The name for the built image + type: string + - name: path-to-image-context + description: The path to the build context + type: string + - name: path-to-dockerfile + description: The path to the Dockerfile + type: string + - name: command + type: array + description: Command to run. + default: [] + tasks: + - name: report-pending + taskRef: + name: gitea-set-status + runAfter: + - fetch-repository + params: + - name: CONTEXT + value: "$(params.JOB_NAME)" + - name: REPO_FULL_NAME + value: "$(params.REPO_OWNER)/$(params.REPO_NAME)" + - name: GITEA_HOST_URL + value: code.fizz.buzz + - name: SHA + value: "$(tasks.fetch-repository.results.commit)" + - name: DESCRIPTION + value: "Build $(params.JOB_NAME) has started" + - name: STATE + value: pending + - name: TARGET_URL + value: "https://tekton.fizz.buzz/#/namespaces/$(context.pipelineRun.namespace)/pipelineruns/$(context.pipelineRun.name)" + - name: fetch-repository + taskRef: + name: git-clone + workspaces: + - name: output + workspace: git-source + params: + - name: url + value: $(params.REPO_URL) + - name: revision + value: $(params.PULL_BASE_SHA) + - name: deleteExisting + value: "true" + - name: build-image + taskRef: + name: kaniko + params: + - name: IMAGE + value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" + - name: CONTEXT + value: $(params.path-to-image-context) + - name: DOCKERFILE + value: $(params.path-to-dockerfile) + - name: BUILDER_IMAGE + value: "gcr.io/kaniko-project/executor:v1.12.1" + - name: EXTRA_ARGS + value: + - --cache=true + - --cache-copy-layers + - --cache-repo=harbor.fizz.buzz/kanikocache/cache + - --use-new-run # Should result in a speed-up + - --reproducible # To remove timestamps so layer caching works. + - --snapshot-mode=redo + - --skip-unused-stages=true + - --registry-mirror=dockerhub.dockerhub.svc.cluster.local + workspaces: + - name: source + workspace: git-source + - name: dockerconfig + workspace: docker-credentials + runAfter: + - fetch-repository + - name: run-image-none + taskRef: + name: run-docker-image + workspaces: + - name: source + workspace: git-source + - name: cargo-cache + workspace: cargo-cache + runAfter: + - build-image + params: + - name: command + value: ["$(params.command[*])"] + - name: args + value: ["--no-default-features"] + - name: docker-image + value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" + - name: run-image-tracing + taskRef: + name: run-docker-image + workspaces: + - name: source + workspace: git-source + - name: cargo-cache + workspace: cargo-cache + runAfter: + - run-image-none + params: + - name: command + value: ["$(params.command[*])"] + - name: args + value: ["--no-default-features", "--features", "tracing"] + - name: docker-image + value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" + - name: run-image-compare + taskRef: + name: run-docker-image + workspaces: + - name: source + workspace: git-source + - name: cargo-cache + workspace: cargo-cache + runAfter: + - run-image-tracing + params: + - name: command + value: ["$(params.command[*])"] + - name: args + value: ["--no-default-features", "--features", "compare"] + - name: docker-image + value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" + - name: run-image-default + taskRef: + name: run-docker-image + workspaces: + - name: source + workspace: git-source + - name: cargo-cache + workspace: cargo-cache + runAfter: + - run-image-compare + params: + - name: command + value: ["$(params.command[*])"] + - name: args + value: [] + - name: docker-image + value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" + - name: run-image-all + taskRef: + name: run-docker-image + workspaces: + - name: source + workspace: git-source + - name: cargo-cache + workspace: cargo-cache + runAfter: + - run-image-default + params: + - name: command + value: ["$(params.command[*])"] + - name: args + value: ["--no-default-features", "--features", "tracing,compare"] + - name: docker-image + value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" + finally: + - name: report-success + when: + - input: "$(tasks.status)" + operator: in + values: ["Succeeded", "Completed"] + taskRef: + name: gitea-set-status + params: + - name: CONTEXT + value: "$(params.JOB_NAME)" + - name: REPO_FULL_NAME + value: "$(params.REPO_OWNER)/$(params.REPO_NAME)" + - name: GITEA_HOST_URL + value: code.fizz.buzz + - name: SHA + value: "$(tasks.fetch-repository.results.commit)" + - name: DESCRIPTION + value: "Build $(params.JOB_NAME) has succeeded" + - name: STATE + value: success + - name: TARGET_URL + value: "https://tekton.fizz.buzz/#/namespaces/$(context.pipelineRun.namespace)/pipelineruns/$(context.pipelineRun.name)" + - name: report-failure + when: + - input: "$(tasks.status)" + operator: in + values: ["Failed"] + taskRef: + name: gitea-set-status + params: + - name: CONTEXT + value: "$(params.JOB_NAME)" + - name: REPO_FULL_NAME + value: "$(params.REPO_OWNER)/$(params.REPO_NAME)" + - name: GITEA_HOST_URL + value: code.fizz.buzz + - name: SHA + value: "$(tasks.fetch-repository.results.commit)" + - name: DESCRIPTION + value: "Build $(params.JOB_NAME) has failed" + - name: STATE + value: failure + - name: TARGET_URL + value: "https://tekton.fizz.buzz/#/namespaces/$(context.pipelineRun.namespace)/pipelineruns/$(context.pipelineRun.name)" + - name: cargo-cache-autoclean + taskRef: + name: run-docker-image + workspaces: + - name: source + workspace: git-source + - name: cargo-cache + workspace: cargo-cache + params: + - name: command + value: [cargo, cache, --autoclean] + - name: args + value: [] + - name: docker-image + value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" + workspaces: + - name: git-source + - name: docker-credentials + - name: cargo-cache + workspaces: + - name: git-source + volumeClaimTemplate: + spec: + storageClassName: "nfs-client" + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi + subPath: rust-source + - name: cargo-cache + persistentVolumeClaim: + claimName: organic-cargo-cache-build + - name: docker-credentials + secret: + secretName: harbor-plain + serviceAccountName: build-bot + timeout: 240h0m0s + params: + - name: image-name + value: "harbor.fizz.buzz/private/organic-build" + - name: path-to-image-context + value: docker/organic_build/ + - name: path-to-dockerfile + value: docker/organic_build/Dockerfile + - name: command + value: [cargo, build] diff --git a/.lighthouse/triggers.yaml b/.lighthouse/triggers.yaml index 497d78d..8ddddee 100644 --- a/.lighthouse/triggers.yaml +++ b/.lighthouse/triggers.yaml @@ -16,3 +16,10 @@ spec: skip_branches: # We already run on every commit, so running when the semver tags get pushed is causing needless double-processing. - "^v[0-9]+\\.[0-9]+\\.[0-9]+$" + - name: rust-build + source: "pipeline-rust-build.yaml" + # Override https-based url from lighthouse events. + clone_uri: "git@code.fizz.buzz:talexander/organic.git" + skip_branches: + # We already run on every commit, so running when the semver tags get pushed is causing needless double-processing. + - "^v[0-9]+\\.[0-9]+\\.[0-9]+$" diff --git a/docker/organic_build/Dockerfile b/docker/organic_build/Dockerfile new file mode 100644 index 0000000..72de61c --- /dev/null +++ b/docker/organic_build/Dockerfile @@ -0,0 +1,4 @@ +FROM rustlang/rust:nightly-alpine3.17 + +RUN apk add --no-cache musl-dev +RUN cargo install --locked --no-default-features --features ci-autoclean cargo-cache diff --git a/docker/organic_build/Makefile b/docker/organic_build/Makefile new file mode 100644 index 0000000..001c941 --- /dev/null +++ b/docker/organic_build/Makefile @@ -0,0 +1,35 @@ +IMAGE_NAME:=organic-build +# REMOTE_REPO:=harbor.fizz.buzz/private + +.PHONY: all +all: build push + +.PHONY: build +build: + docker build -t $(IMAGE_NAME) -f Dockerfile ../ + +.PHONY: push +push: +ifdef REMOTE_REPO + docker tag $(IMAGE_NAME) $(REMOTE_REPO)/$(IMAGE_NAME) + docker push $(REMOTE_REPO)/$(IMAGE_NAME) +else + @echo "REMOTE_REPO not defined, not pushing to a remote repo." +endif + +.PHONY: clean +clean: + docker rmi $(IMAGE_NAME) +ifdef REMOTE_REPO + docker rmi $(REMOTE_REPO)/$(IMAGE_NAME) +else + @echo "REMOTE_REPO not defined, not removing from remote repo." +endif + +.PHONY: run +run: + docker run --rm -i -t $(IMAGE_NAME) + +.PHONY: shell +shell: + docker run --rm -i -t --entrypoint /bin/bash $(IMAGE_NAME)