upstream/k3s
1
0
Fork 0
mirror of https://github.com/k3s-io/k3s.git synced 2025-12-18 23:06:14 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Remove remaining references to drone

Browse source 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
This commit is contained in:
Brad Davidson 2025-11-21 20:26:26 +00:00 committed by Brad Davidson
parent 1262649fda
commit 96ed4393c1
9 changed files with 13 additions and 556 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

439
.drone.yml
View file

@ -1,439 +0,0 @@
---
kind: pipeline
name: amd64
platform:
os: linux
arch: amd64
trigger:
event:
exclude:
- cron
- pull_request
clone:
retries: 3
steps:
- name: build
image: rancher/dapper:v0.6.0
secrets: [ AWS_SECRET_ACCESS_KEY-k3s-ci-uploader, AWS_ACCESS_KEY_ID-k3s-ci-uploader, unprivileged_github_token ]
environment:
GITHUB_TOKEN:
from_secret: unprivileged_github_token
AWS_SECRET_ACCESS_KEY:
from_secret: AWS_SECRET_ACCESS_KEY-k3s-ci-uploader
AWS_ACCESS_KEY_ID:
from_secret: AWS_ACCESS_KEY_ID-k3s-ci-uploader
commands:
- dapper ci
- echo "${DRONE_TAG}-amd64" | sed -e 's/+/-/g' >.tags
volumes:
- name: docker
path: /var/run/docker.sock
- name: fossa
image: rancher/drone-fossa:latest
failure: ignore
settings:
api_key:
from_secret: FOSSA_API_KEY
when:
instance:
- drone-publish.k3s.io
ref:
include:
- "refs/heads/main"
- "refs/heads/release-*"
event:
- push
- tag
- name: test
image: rancher/dapper:v0.6.0
secrets: [ AWS_SECRET_ACCESS_KEY-k3s-ci-uploader, AWS_ACCESS_KEY_ID-k3s-ci-uploader ]
environment:
ENABLE_REGISTRY: 'true'
AWS_SECRET_ACCESS_KEY:
from_secret: AWS_SECRET_ACCESS_KEY-k3s-ci-uploader
AWS_ACCESS_KEY_ID:
from_secret: AWS_ACCESS_KEY_ID-k3s-ci-uploader
commands:
- docker build --target test-k3s -t k3s:test-${DRONE_STAGE_ARCH}-${DRONE_COMMIT} -f Dockerfile.test .
- >
docker run -i -e REPO -e TAG -e DRONE_TAG -e DRONE_BUILD_EVENT -e IMAGE_NAME -e AWS_SECRET_ACCESS_KEY -e AWS_ACCESS_KEY_ID -e SONOBUOY_VERSION -e ENABLE_REGISTRY
-v /var/run/docker.sock:/var/run/docker.sock --privileged --network host -v /tmp:/tmp k3s:test-${DRONE_STAGE_ARCH}-${DRONE_COMMIT}
volumes:
- name: docker
path: /var/run/docker.sock
when:
instance:
- drone-publish.k3s.io
ref:
- refs/tags/*
event:
- tag
volumes:
- name: docker
host:
path: /var/run/docker.sock
---
kind: pipeline
name: conformance
platform:
os: linux
arch: amd64
trigger:
event:
- cron
cron:
- nightly
steps:
- name: build
image: rancher/dapper:v0.6.0
commands:
- dapper ci
- echo "${DRONE_TAG}-amd64" | sed -e 's/+/-/g' >.tags
volumes:
- name: docker
path: /var/run/docker.sock
- name: test
image: rancher/dapper:v0.6.0
environment:
ENABLE_REGISTRY: 'true'
commands:
- docker build --target test-k3s -t k3s:test-${DRONE_STAGE_ARCH}-${DRONE_COMMIT} -f Dockerfile.test .
- >
docker run -i -e REPO -e TAG -e DRONE_TAG -e DRONE_BUILD_EVENT -e IMAGE_NAME -e SONOBUOY_VERSION -e ENABLE_REGISTRY
-v /var/run/docker.sock:/var/run/docker.sock --privileged --network host -v /tmp:/tmp k3s:test-${DRONE_STAGE_ARCH}-${DRONE_COMMIT}
volumes:
- name: docker
path: /var/run/docker.sock
volumes:
- name: docker
host:
path: /var/run/docker.sock
---
kind: pipeline
name: arm64
platform:
os: linux
arch: arm64
trigger:
event:
exclude:
- cron
- pull_request
clone:
retries: 3
steps:
- name: build
image: rancher/dapper:v0.6.0
secrets: [ AWS_SECRET_ACCESS_KEY-k3s-ci-uploader, AWS_ACCESS_KEY_ID-k3s-ci-uploader ]
environment:
AWS_SECRET_ACCESS_KEY:
from_secret: AWS_SECRET_ACCESS_KEY-k3s-ci-uploader
AWS_ACCESS_KEY_ID:
from_secret: AWS_ACCESS_KEY_ID-k3s-ci-uploader
commands:
- dapper ci
- echo "${DRONE_TAG}-arm64" | sed -e 's/+/-/g' >.tags
volumes:
- name: docker
path: /var/run/docker.sock
- name: test
image: rancher/dapper:v0.6.0
secrets: [ AWS_SECRET_ACCESS_KEY-k3s-ci-uploader, AWS_ACCESS_KEY_ID-k3s-ci-uploader ]
environment:
ENABLE_REGISTRY: 'true'
AWS_SECRET_ACCESS_KEY:
from_secret: AWS_SECRET_ACCESS_KEY-k3s-ci-uploader
AWS_ACCESS_KEY_ID:
from_secret: AWS_ACCESS_KEY_ID-k3s-ci-uploader
commands:
- docker build --target test-k3s -t k3s:test-${DRONE_STAGE_ARCH}-${DRONE_COMMIT} -f Dockerfile.test .
- >
docker run -i -e REPO -e TAG -e DRONE_TAG -e DRONE_BUILD_EVENT -e IMAGE_NAME -e AWS_SECRET_ACCESS_KEY -e AWS_ACCESS_KEY_ID -e SONOBUOY_VERSION -e ENABLE_REGISTRY
-v /var/run/docker.sock:/var/run/docker.sock --privileged --network host -v /tmp:/tmp k3s:test-${DRONE_STAGE_ARCH}-${DRONE_COMMIT}
volumes:
- name: docker
path: /var/run/docker.sock
when:
instance:
- drone-publish.k3s.io
ref:
- refs/tags/*
event:
- tag
volumes:
- name: docker
host:
path: /var/run/docker.sock
---
kind: pipeline
name: arm
platform:
os: linux
arch: arm
trigger:
event:
exclude:
- cron
clone:
retries: 3
steps:
- name: skipfiles
image: plugins/git
commands:
- export NAME=$(test $DRONE_BUILD_EVENT = pull_request && echo remotes/origin/${DRONE_COMMIT_BRANCH:-main} || echo ${DRONE_COMMIT_SHA}~)
- export DIFF=$(git --no-pager diff --name-only $NAME | grep -v -f .droneignore);
- if [ -z "$DIFF" ]; then
echo "All files in PR are on ignore list";
exit 78;
else
echo "Some files in PR are not ignored, $DIFF";
fi;
when:
event:
- pull_request
- name: build
# Keeping Dapper at v0.5.0 for armv7, as newer versions fails with
# Bad system call on this architecture. xref:
#
# https://github.com/k3s-io/k3s/pull/8959#discussion_r1439736566
# https://drone-pr.k3s.io/k3s-io/k3s/7922/3/3
image: rancher/dapper:v0.5.0
secrets: [ AWS_SECRET_ACCESS_KEY-k3s-ci-uploader, AWS_ACCESS_KEY_ID-k3s-ci-uploader ]
environment:
AWS_SECRET_ACCESS_KEY:
from_secret: AWS_SECRET_ACCESS_KEY-k3s-ci-uploader
AWS_ACCESS_KEY_ID:
from_secret: AWS_ACCESS_KEY_ID-k3s-ci-uploader
commands:
- dapper ci
- echo "${DRONE_TAG}-arm" | sed -e 's/+/-/g' >.tags
volumes:
- name: docker
path: /var/run/docker.sock
- name: test
# Refer to comment for arm/build.
image: rancher/dapper:v0.5.0
secrets: [ AWS_SECRET_ACCESS_KEY-k3s-ci-uploader, AWS_ACCESS_KEY_ID-k3s-ci-uploader ]
environment:
ENABLE_REGISTRY: 'true'
AWS_SECRET_ACCESS_KEY:
from_secret: AWS_SECRET_ACCESS_KEY-k3s-ci-uploader
AWS_ACCESS_KEY_ID:
from_secret: AWS_ACCESS_KEY_ID-k3s-ci-uploader
commands:
- docker build --target test-k3s -t k3s:test-${DRONE_STAGE_ARCH}-${DRONE_COMMIT} -f Dockerfile.test .
- >
docker run -i -e REPO -e TAG -e DRONE_TAG -e DRONE_BUILD_EVENT -e IMAGE_NAME -e AWS_SECRET_ACCESS_KEY -e AWS_ACCESS_KEY_ID -e SONOBUOY_VERSION -e ENABLE_REGISTRY
-v /var/run/docker.sock:/var/run/docker.sock --privileged --network host -v /tmp:/tmp k3s:test-${DRONE_STAGE_ARCH}-${DRONE_COMMIT}
volumes:
- name: docker
path: /var/run/docker.sock
volumes:
- name: docker
host:
path: /var/run/docker.sock
---
kind: pipeline
name: e2e
type: docker
platform:
os: linux
arch: amd64
clone:
retries: 3
steps:
- name: skipfiles
image: plugins/git
commands:
- export NAME=$(test $DRONE_BUILD_EVENT = pull_request && echo remotes/origin/${DRONE_COMMIT_BRANCH:-main} || echo ${DRONE_COMMIT_SHA}~)
- export DIFF=$(git --no-pager diff --name-only $NAME | grep -v -f .droneignore);
- if [ -z "$DIFF" ]; then
echo "All files in PR are on ignore list";
exit 78;
else
echo "Some files in PR are not ignored, $DIFF";
fi;
when:
event:
- push
- pull_request
- name: build-e2e-image
image: docker:25.0.5
commands:
- DOCKER_BUILDKIT=1 docker build --target test-e2e -t test-e2e -f Dockerfile.test .
- apk add make git bash
- GOCOVER=1 make local-binary
- cp dist/artifacts/* /tmp/artifacts/
volumes:
- name: cache
path: /tmp/artifacts
- name: docker
path: /var/run/docker.sock
- name: test-e2e-validatecluster
depends_on:
- build-e2e-image
image: test-e2e
pull: never
resources:
cpu: 6000
memory: 10Gi
environment:
E2E_REGISTRY: 'true'
E2E_GOCOVER: 'true'
commands:
- mkdir -p dist/artifacts
- cp /tmp/artifacts/* dist/artifacts/
# Cleanup VMs that are older than 2h. Happens if a previous test panics or is canceled
- tests/e2e/scripts/cleanup_vms.sh
- tests/e2e/scripts/drone_registries.sh
- |
cd tests/e2e/validatecluster
../scripts/cleanup_vms.sh 'validatecluster_([0-9]+)_(server|agent)'
go test -v -timeout=45m ./validatecluster_test.go -ci -local
cp ./coverage.out /tmp/artifacts/validate-coverage.out
volumes:
- name: libvirt
path: /var/run/libvirt/
- name: docker
path: /var/run/docker.sock
- name: cache
path: /tmp/artifacts
- name: test-e2e-splitserver
depends_on:
- build-e2e-image
image: test-e2e
pull: never
resources:
cpu: 6000
memory: 10Gi
environment:
E2E_REGISTRY: 'true'
E2E_GOCOVER: 'true'
commands:
- mkdir -p dist/artifacts
- cp /tmp/artifacts/* dist/artifacts/
- tests/e2e/scripts/drone_registries.sh
- |
cd tests/e2e/splitserver
../scripts/cleanup_vms.sh 'splitserver_([0-9]+)'
# Stagger the launch of this test with the validatecluster test
# to prevent conflicts over libvirt network interfaces
sleep 15
go test -v -timeout=30m ./splitserver_test.go -ci -local
cp ./coverage.out /tmp/artifacts/split-coverage.out
volumes:
- name: libvirt
path: /var/run/libvirt/
- name: docker
path: /var/run/docker.sock
- name: cache
path: /tmp/artifacts
- name: test-e2e-upgradecluster
depends_on:
- build-e2e-image
image: test-e2e
pull: never
resources:
cpu: 6000
memory: 10Gi
environment:
E2E_REGISTRY: 'true'
E2E_GOCOVER: 'true'
commands:
- mkdir -p dist/artifacts
- cp /tmp/artifacts/* dist/artifacts/
- tests/e2e/scripts/drone_registries.sh
- |
if [ "$DRONE_BUILD_EVENT" = "pull_request" ]; then
cd tests/e2e/upgradecluster
# Convert release-1.XX branch to v1.XX channel
if [ "$DRONE_BRANCH" = "main" ]; then
UPGRADE_CHANNEL="latest"
else
UPGRADE_CHANNEL=$(echo $DRONE_BRANCH | sed 's/release-/v/')
# Check if the UPGRADE_CHANNEL exists, in the case of new minor releases it won't
if ! curl --silent --fail https://update.k3s.io/v1-release/channels/$UPGRADE_CHANNEL; then
UPGRADE_CHANNEL="latest"
fi
fi
../scripts/cleanup_vms.sh 'upgradecluster_([0-9]+)_(server|agent)'
# Stagger the launch of this test with the splitserver test
# to prevent conflicts over libvirt network interfaces
sleep 30
E2E_RELEASE_CHANNEL=$UPGRADE_CHANNEL go test -v -timeout=45m ./upgradecluster_test.go -ci -local -ginkgo.v
cp ./coverage.out /tmp/artifacts/upgrade-coverage.out
fi
volumes:
- name: libvirt
path: /var/run/libvirt/
- name: docker
path: /var/run/docker.sock
- name: cache
path: /tmp/artifacts
- name: upload to codecov
depends_on:
- test-e2e-validatecluster
- test-e2e-splitserver
- test-e2e-upgradecluster
image: robertstettner/drone-codecov
settings:
token:
from_secret: codecov_token
files:
- /tmp/artifacts/validate-coverage.out
- /tmp/artifacts/split-coverage.out
- /tmp/artifacts/upgrade-coverage.out
flags:
- e2etests
when:
event:
- push
volumes:
- name: cache
path: /tmp/artifacts
volumes:
- name: docker
host:
path: /var/run/docker.sock
- name: libvirt
host:
path: /var/run/libvirt/
- name: cache
temp: {}

8
.droneignore
View file

@ -1,8 +0,0 @@
^.*\.md$
^\.droneignore$
^\.github\/.*$
^MAINTAINERS$
^CODEOWNERS$
^LICENSE$
^DCO$
^channel\.yaml$

2
.github/workflows/release.yml vendored
View file

@ -165,7 +165,7 @@ jobs:
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args: |
DRONE_TAG=${{ github.ref_name }}
TAG=${{ github.ref_name }}
upload-release-airgap:
name: Build Airgap Pkg (${{ matrix.arch }})

4
package/Dockerfile
View file

@ -16,12 +16,12 @@ RUN SOURCE_TAR_ZST="/data-linux-${TARGETARCH}.tar.zst" && \
cp /etc/ssl/certs/ca-certificates.crt /image/etc/ssl/certs/ca-certificates.crt
FROM scratch AS collect
ARG DRONE_TAG="dev"
ARG TAG="dev"
COPY --from=base /image /
COPY --from=base /usr/share/zoneinfo /usr/share/zoneinfo
RUN mkdir -p /etc && \
echo 'hosts: files dns' > /etc/nsswitch.conf && \
echo "PRETTY_NAME=\"K3s ${DRONE_TAG}\"" > /etc/os-release && \
echo "PRETTY_NAME=\"K3s ${TAG}\"" > /etc/os-release && \
chmod 1777 /tmp
FROM scratch

6
scripts/git_version.sh
View file

@ -1,8 +1,8 @@
#!/bin/bash
GIT_TAG=$DRONE_TAG
GIT_TAG=$TAG
TREE_STATE=clean
COMMIT=$DRONE_COMMIT
COMMIT=$GITHUB_SHA
if [ -d .git ]; then
if [ -z "$GIT_TAG" ]; then
@ -22,4 +22,4 @@ fi
export GIT_TAG
export TREE_STATE
export COMMIT
export DIRTY
export DIRTY

10
scripts/manifest
View file

@ -1,7 +1,7 @@
#!/bin/bash
if [ -z "${DRONE_TAG}" ]; then
echo "DRONE_TAG not defined" >&2
if [ -z "${TAG}" ]; then
echo "TAG not defined" >&2
exit 1
fi
@ -10,7 +10,7 @@ set -e -x
REPO="rancher/k3s"
# docker can not contain '+' in the tag, so transform '+' to '-'
DOCKER_TAG=$(echo "${DRONE_TAG}" | sed -e 's/+/-/g')
DOCKER_TAG=$(echo "${TAG}" | sed -e 's/+/-/g')
# export variables for drone-manifest
export PLUGIN_TEMPLATE="${REPO}:${DOCKER_TAG}-ARCH"
@ -20,7 +20,7 @@ export PLUGIN_PLATFORMS="linux/amd64,linux/arm64,linux/arm"
PLUGIN_TARGET="${REPO}:${DOCKER_TAG}" drone-manifest
# do not tag in docker as latest if the github tag contains a '-'
if echo "${DRONE_TAG}" | grep -q '-'; then
if echo "${TAG}" | grep -q '-'; then
exit 0
fi
@ -34,7 +34,7 @@ version_ge() {
}
# do not tag in docker as latest if we are not greater than or equal to the latest github tag
if ! version_ge "${DRONE_TAG}" "${VERSION_K3S}"; then
if ! version_ge "${TAG}" "${VERSION_K3S}"; then
exit 0
fi

2
scripts/package-image
View file

@ -14,6 +14,6 @@ REPO=${REPO:-rancher}
IMAGE_NAME=${IMAGE_NAME:-k3s}
IMAGE=${REPO}/${IMAGE_NAME}:${TAG}
docker build --build-arg DRONE_TAG=${VERSION_TAG} -t ${IMAGE} -f package/Dockerfile .
docker build --build-arg TAG=${VERSION_TAG} -t ${IMAGE} -f package/Dockerfile .
./scripts/image_scan.sh ${IMAGE}
echo Built ${IMAGE}

32
scripts/test
View file

@ -24,7 +24,7 @@ export VERSION_K8S # used by the sonobuoy tests subprocess
# ---
# Only run PR tests on arm arch, we use GitHub Actions for amd64 and arm64
# Run all tests on tag events, as we want test failures to block the release
if [ "$ARCH" == 'arm' ] || [ "$DRONE_BUILD_EVENT" = 'tag' ]; then
if [ "$ARCH" == 'arm' ]; then
go test ./tests/docker/basics/basics_test.go -k3sImage="$K3S_IMAGE" -ci
echo "Did go test basics $?"
@ -57,36 +57,6 @@ fi
# ---
if [ "$DRONE_BUILD_EVENT" = 'tag' ]; then
E2E_OUTPUT=$artifacts test-run-sonobuoy serial
echo "Did test-run-sonobuoy serial $?"
E2E_OUTPUT=$artifacts test-run-sonobuoy parallel
echo "Did test-run-sonobuoy parallel $?"
early-exit 'Skipping remaining tests on tag.'
fi
# ---
if [ "$DRONE_BUILD_EVENT" = 'cron' ]; then
LABEL="SERIAL SQLITE" run-go-test ./tests/docker/conformance/conformance_test.go -k3sImage="$K3S_IMAGE" -db sqlite -serial -ginkgo.v -ci
LABEL="SERIAL ETCD" run-go-test ./tests/docker/conformance/conformance_test.go -k3sImage="$K3S_IMAGE" -db etcd -serial -ginkgo.v -ci
LABEL="SERIAL MYSQL" run-go-test ./tests/docker/conformance/conformance_test.go -k3sImage="$K3S_IMAGE" -db mysql -serial -ginkgo.v -ci
LABEL="SERIAL POSTGRES" run-go-test ./tests/docker/conformance/conformance_test.go -k3sImage="$K3S_IMAGE" -db postgres -serial -ginkgo.v -ci
# Wait until all serial tests have finished
delay=15
(
set +x
while [ $(count-running-tests) -ge 1 ]; do
sleep $delay
done
)
LABEL="PARALLEL SQLITE" run-go-test ./tests/docker/conformance/conformance_test.go -k3sImage="$K3S_IMAGE" -db sqlite -ginkgo.v -ci
LABEL="PARALLEL ETCD" run-go-test ./tests/docker/conformance/conformance_test.go -k3sImage="$K3S_IMAGE" -db etcd -ginkgo.v -ci
LABEL="PARALLEL MYSQL" run-go-test ./tests/docker/conformance/conformance_test.go -k3sImage="$K3S_IMAGE" -db mysql -ginkgo.v -ci
LABEL="PARALLEL POSTGRES" run-go-test ./tests/docker/conformance/conformance_test.go -k3sImage="$K3S_IMAGE" -db postgres -ginkgo.v -ci
fi
# Wait until all tests have finished
delay=15
(

66
tests/e2e/scripts/drone_registries.sh
View file

@ -1,66 +0,0 @@
#!/bin/bash
# Script to set up Docker registry proxies for various public registries
# Creates proxy registries for:
# - registry-1.docker.io
# - registry.k8s.io
# - gcr.io
# - quay.io
# - ghcr.io
#
# Not persistent - containers will not survive host reboot
declare -A registries
declare -A registry_ports
registries=(
["dockerhub"]="registry-1.docker.io"
["k8s_io"]="registry.k8s.io"
["gcr_io"]="gcr.io"
["quay_io"]="quay.io"
["ghcr_io"]="ghcr.io"
)
registry_ports=(
["dockerhub"]=15000
["k8s_io"]=15001
["gcr_io"]=15002
["quay_io"]=15003
["ghcr_io"]=15004
)
# is_registry_running checsk if a registry is already exists
is_registry_running() {
local name=$1
docker ps --format '{{.Names}}' | grep -q "^${name}$"
return $?
}
create_registry_proxy() {
local name=$1
local upstream=$2
local port=$3
echo "Setting up registry proxy for ${upstream} on port ${port}"
docker run -d \
--name "${name}" \
-e "REGISTRY_PROXY_REMOTEURL=https://${upstream}" \
-e "REGISTRY_HTTP_SECRET=shared-secret" \
-e "REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY=/var/lib/registry/$name" \
-p "${port}:5000" \
registry:2
echo "Registry proxy for ${upstream} started on port ${port}"
}
# Set up each registry proxy
for name in "${!registries[@]}"; do
upstream=${registries[$name]}
port=${registry_ports[$name]}
if is_registry_running "registry_${name}"; then
echo "Registry proxy for ${upstream} already running"
else
create_registry_proxy "registry_${name}" "${upstream}" "${port}"
fi
done