diff --git a/.drone.yml b/.drone.yml index 92d43f5ad7..1f68a5c857 100644 --- a/.drone.yml +++ b/.drone.yml @@ -7,6 +7,22 @@ platform: arch: amd64 steps: +- name: skipfiles + image: plugins/git + commands: + - export NAME=$(test $DRONE_BUILD_EVENT = pull_request && echo remotes/origin/${DRONE_COMMIT_BRANCH:-master} || echo ${DRONE_COMMIT_SHA}~) + - export DIFF=$(git --no-pager diff --name-only $NAME | grep -v -f .droneignore); + - if [ -z "$DIFF" ]; then + echo "All files in PR are on ignore list"; + exit 78; + else + echo "Some files in PR are not ignored, $DIFF"; + fi; + when: + event: + - push + - pull_request + - name: build image: rancher/dapper:v0.5.0 secrets: [ AWS_SECRET_ACCESS_KEY-k3s-ci-uploader, AWS_ACCESS_KEY_ID-k3s-ci-uploader, unprivileged_github_token ] @@ -179,6 +195,22 @@ platform: arch: arm64 steps: +- name: skipfiles + image: plugins/git + commands: + - export NAME=$(test $DRONE_BUILD_EVENT = pull_request && echo remotes/origin/${DRONE_COMMIT_BRANCH:-master} || echo ${DRONE_COMMIT_SHA}~) + - export DIFF=$(git --no-pager diff --name-only $NAME | grep -v -f .droneignore); + - if [ -z "$DIFF" ]; then + echo "All files in PR are on ignore list"; + exit 78; + else + echo "Some files in PR are not ignored, $DIFF"; + fi; + when: + event: + - push + - pull_request + - name: build image: rancher/dapper:v0.5.0 secrets: [ AWS_SECRET_ACCESS_KEY-k3s-ci-uploader, AWS_ACCESS_KEY_ID-k3s-ci-uploader ] @@ -265,6 +297,22 @@ platform: arch: arm steps: +- name: skipfiles + image: plugins/git + commands: + - export NAME=$(test $DRONE_BUILD_EVENT = pull_request && echo remotes/origin/${DRONE_COMMIT_BRANCH:-master} || echo ${DRONE_COMMIT_SHA}~) + - export DIFF=$(git --no-pager diff --name-only $NAME | grep -v -f .droneignore); + - if [ -z "$DIFF" ]; then + echo "All files in PR are on ignore list"; + exit 78; + else + echo "Some files in PR are not ignored, $DIFF"; + fi; + when: + event: + - push + - pull_request + - name: build image: rancher/dapper:v0.5.0 secrets: [ AWS_SECRET_ACCESS_KEY-k3s-ci-uploader, AWS_ACCESS_KEY_ID-k3s-ci-uploader ] @@ -365,6 +413,22 @@ steps: - git fetch origin $DRONE_COMMIT_REF - git checkout $DRONE_COMMIT -b origin/$DRONE_TARGET_BRANCH +- name: skipfiles + image: alpine/git:v2.30.2-s390x + commands: + - export NAME=$(test $DRONE_BUILD_EVENT = pull_request && echo remotes/origin/${DRONE_COMMIT_BRANCH:-master} || echo ${DRONE_COMMIT_SHA}~) + - export DIFF=$(git --no-pager diff --name-only $NAME | grep -v -f .droneignore); + - if [ -z "$DIFF" ]; then + echo "All files in PR are on ignore list"; + exit 78; + else + echo "Some files in PR are not ignored, $DIFF"; + fi; + when: + event: + - push + - pull_request + - name: build image: rancher/dapper:v0.5.8 secrets: [ AWS_SECRET_ACCESS_KEY-k3s-ci-uploader, AWS_ACCESS_KEY_ID-k3s-ci-uploader ] @@ -455,19 +519,36 @@ platform: arch: amd64 steps: - - name: validate_go_mods - image: rancher/dapper:v0.5.0 - commands: - - docker build --target test-mods -t k3s:mod -f Dockerfile.test . - - docker run -i k3s:mod +- name: skipfiles + image: plugins/git + commands: + - export NAME=$(test $DRONE_BUILD_EVENT = pull_request && echo remotes/origin/${DRONE_COMMIT_BRANCH:-master} || echo ${DRONE_COMMIT_SHA}~) + - export DIFF=$(git --no-pager diff --name-only $NAME | grep -v -f .droneignore); + - if [ -z "$DIFF" ]; then + echo "All files in PR are on ignore list"; + exit 78; + else + echo "Some files in PR are not ignored, $DIFF"; + fi; + when: + event: + - push + - pull_request - volumes: - - name: docker - path: /var/run/docker.sock -volumes: +- name: validate_go_mods + image: rancher/dapper:v0.5.0 + commands: + - docker build --target test-mods -t k3s:mod -f Dockerfile.test . + - docker run -i k3s:mod + + volumes: - name: docker - host: - path: /var/run/docker.sock + path: /var/run/docker.sock + +volumes: +- name: docker + host: + path: /var/run/docker.sock --- kind: pipeline @@ -478,6 +559,22 @@ platform: arch: amd64 steps: +- name: skipfiles + image: plugins/git + commands: + - export NAME=$(test $DRONE_BUILD_EVENT = pull_request && echo remotes/origin/${DRONE_COMMIT_BRANCH:-master} || echo ${DRONE_COMMIT_SHA}~) + - export DIFF=$(git --no-pager diff --name-only $NAME | grep -v -f .droneignore); + - if [ -z "$DIFF" ]; then + echo "All files in PR are on ignore list"; + exit 78; + else + echo "Some files in PR are not ignored, $DIFF"; + fi; + when: + event: + - push + - pull_request + - name: manifest image: plugins/docker environment: @@ -518,6 +615,22 @@ platform: arch: amd64 steps: +- name: skipfiles + image: plugins/git + commands: + - export NAME=$(test $DRONE_BUILD_EVENT = pull_request && echo remotes/origin/${DRONE_COMMIT_BRANCH:-master} || echo ${DRONE_COMMIT_SHA}~) + - export DIFF=$(git --no-pager diff --name-only $NAME | grep -v -f .droneignore); + - if [ -z "$DIFF" ]; then + echo "All files in PR are on ignore list"; + exit 78; + else + echo "Some files in PR are not ignored, $DIFF"; + fi; + when: + event: + - push + - pull_request + - name: dispatch image: curlimages/curl:7.74.0 user: root diff --git a/.droneignore b/.droneignore new file mode 100644 index 0000000000..06b886fc7b --- /dev/null +++ b/.droneignore @@ -0,0 +1,9 @@ +^.*\.md$ +^install\.sh$ +^\.droneignore$ +^\.github/*$ +^MAINTAINERS$ +^CODEOWNERS$ +^LICENSE$ +^DCO$ +^channel\.yaml$ diff --git a/README.md b/README.md index 475f971e6e..7fa2e63582 100644 --- a/README.md +++ b/README.md @@ -160,4 +160,5 @@ Please check out our [contributing guide](CONTRIBUTING.md) if you're interested Security -------- -Security issues in K3s can be reported by sending an email to [security@k3s.io](mailto:security@k3s.io). Please do not file issues about security issues. +Security issues in K3s can be reported by sending an email to [security@k3s.io](mailto:security@k3s.io). +Please do not file issues about security issues.