--- kind: pipeline name: amd64 platform: os: linux arch: amd64 trigger: event: exclude: - cron steps: - name: skipfiles image: plugins/git commands: - export NAME=$(test $DRONE_BUILD_EVENT = pull_request && echo remotes/origin/${DRONE_COMMIT_BRANCH:-master} || echo ${DRONE_COMMIT_SHA}~) - export DIFF=$(git --no-pager diff --name-only $NAME | grep -v -f .droneignore); - if [ -z "$DIFF" ]; then echo "All files in PR are on ignore list"; exit 78; else echo "Some files in PR are not ignored, $DIFF"; fi; when: event: - pull_request - name: build image: rancher/dapper:v0.5.0 secrets: [ AWS_SECRET_ACCESS_KEY-k3s-ci-uploader, AWS_ACCESS_KEY_ID-k3s-ci-uploader, unprivileged_github_token ] environment: GITHUB_TOKEN: from_secret: unprivileged_github_token AWS_SECRET_ACCESS_KEY: from_secret: AWS_SECRET_ACCESS_KEY-k3s-ci-uploader AWS_ACCESS_KEY_ID: from_secret: AWS_ACCESS_KEY_ID-k3s-ci-uploader commands: - dapper ci - echo "${DRONE_TAG}-amd64" | sed -e 's/+/-/g' >.tags volumes: - name: docker path: /var/run/docker.sock - name: validate-cross-compilation image: rancher/dapper:v0.5.0 commands: - dapper validate-cross-compilation volumes: - name: docker path: /var/run/docker.sock - name: fossa image: rancher/drone-fossa:latest failure: ignore settings: api_key: from_secret: FOSSA_API_KEY when: instance: - drone-publish.k3s.io ref: include: - "refs/heads/master" - "refs/heads/release-*" event: - push - tag - name: github_binary_release image: ibuildthecloud/github-release:v0.0.1 settings: api_key: from_secret: github_token prerelease: true checksum: - sha256 checksum_file: CHECKSUMsum-amd64.txt checksum_flatten: true files: - "dist/artifacts/*" when: instance: - drone-publish.k3s.io ref: - refs/head/master - refs/tags/* event: - tag - name: docker-publish image: plugins/docker settings: dockerfile: package/Dockerfile password: from_secret: docker_password repo: "rancher/k3s" username: from_secret: docker_username when: instance: - drone-publish.k3s.io ref: - refs/head/master - refs/tags/* event: - tag - name: test image: rancher/dapper:v0.5.0 secrets: [ AWS_SECRET_ACCESS_KEY-k3s-ci-uploader, AWS_ACCESS_KEY_ID-k3s-ci-uploader ] environment: ENABLE_REGISTRY: 'true' AWS_SECRET_ACCESS_KEY: from_secret: AWS_SECRET_ACCESS_KEY-k3s-ci-uploader AWS_ACCESS_KEY_ID: from_secret: AWS_ACCESS_KEY_ID-k3s-ci-uploader commands: - docker build --target test-k3s -t k3s:test-${DRONE_STAGE_ARCH}-${DRONE_COMMIT} -f Dockerfile.test . - > docker run -i -e REPO -e TAG -e DRONE_TAG -e DRONE_BUILD_EVENT -e IMAGE_NAME -e AWS_SECRET_ACCESS_KEY -e AWS_ACCESS_KEY_ID -e SONOBUOY_VERSION -e ENABLE_REGISTRY -v /var/run/docker.sock:/var/run/docker.sock --privileged --network host -v /tmp:/tmp k3s:test-${DRONE_STAGE_ARCH}-${DRONE_COMMIT} volumes: - name: docker path: /var/run/docker.sock - name: github_e2e_logs_release image: ibuildthecloud/github-release:v0.0.1 settings: api_key: from_secret: github_token prerelease: true files: - "dist/artifacts/e2e-*.log" when: instance: - drone-publish.k3s.io ref: - refs/head/master - refs/tags/* event: - tag volumes: - name: docker host: path: /var/run/docker.sock --- kind: pipeline name: conformance platform: os: linux arch: amd64 trigger: event: - cron cron: - nightly steps: - name: build image: rancher/dapper:v0.5.0 commands: - dapper ci - echo "${DRONE_TAG}-amd64" | sed -e 's/+/-/g' >.tags volumes: - name: docker path: /var/run/docker.sock - name: test image: rancher/dapper:v0.5.0 environment: ENABLE_REGISTRY: 'true' commands: - docker build --target test-k3s -t k3s:test-${DRONE_STAGE_ARCH}-${DRONE_COMMIT} -f Dockerfile.test . - > docker run -i -e REPO -e TAG -e DRONE_TAG -e DRONE_BUILD_EVENT -e IMAGE_NAME -e SONOBUOY_VERSION -e ENABLE_REGISTRY -v /var/run/docker.sock:/var/run/docker.sock --privileged --network host -v /tmp:/tmp k3s:test-${DRONE_STAGE_ARCH}-${DRONE_COMMIT} volumes: - name: docker path: /var/run/docker.sock volumes: - name: docker host: path: /var/run/docker.sock --- kind: pipeline name: arm64 platform: os: linux arch: arm64 trigger: event: exclude: - cron steps: - name: skipfiles image: plugins/git commands: - export NAME=$(test $DRONE_BUILD_EVENT = pull_request && echo remotes/origin/${DRONE_COMMIT_BRANCH:-master} || echo ${DRONE_COMMIT_SHA}~) - export DIFF=$(git --no-pager diff --name-only $NAME | grep -v -f .droneignore); - if [ -z "$DIFF" ]; then echo "All files in PR are on ignore list"; exit 78; else echo "Some files in PR are not ignored, $DIFF"; fi; when: event: - pull_request - name: build image: rancher/dapper:v0.5.0 secrets: [ AWS_SECRET_ACCESS_KEY-k3s-ci-uploader, AWS_ACCESS_KEY_ID-k3s-ci-uploader ] environment: AWS_SECRET_ACCESS_KEY: from_secret: AWS_SECRET_ACCESS_KEY-k3s-ci-uploader AWS_ACCESS_KEY_ID: from_secret: AWS_ACCESS_KEY_ID-k3s-ci-uploader commands: - dapper ci - echo "${DRONE_TAG}-arm64" | sed -e 's/+/-/g' >.tags volumes: - name: docker path: /var/run/docker.sock - name: github_binary_release image: ibuildthecloud/github-release:v0.0.1 settings: api_key: from_secret: github_token prerelease: true checksum: - sha256 checksum_file: CHECKSUMsum-arm64.txt checksum_flatten: true files: - "dist/artifacts/*" when: instance: - drone-publish.k3s.io ref: - refs/head/master - refs/tags/* event: - tag - name: docker-publish image: plugins/docker settings: dockerfile: package/Dockerfile password: from_secret: docker_password repo: "rancher/k3s" username: from_secret: docker_username when: instance: - drone-publish.k3s.io ref: - refs/head/master - refs/tags/* event: - tag - name: test image: rancher/dapper:v0.5.0 secrets: [ AWS_SECRET_ACCESS_KEY-k3s-ci-uploader, AWS_ACCESS_KEY_ID-k3s-ci-uploader ] environment: ENABLE_REGISTRY: 'true' AWS_SECRET_ACCESS_KEY: from_secret: AWS_SECRET_ACCESS_KEY-k3s-ci-uploader AWS_ACCESS_KEY_ID: from_secret: AWS_ACCESS_KEY_ID-k3s-ci-uploader commands: - docker build --target test-k3s -t k3s:test-${DRONE_STAGE_ARCH}-${DRONE_COMMIT} -f Dockerfile.test . - > docker run -i -e REPO -e TAG -e DRONE_TAG -e DRONE_BUILD_EVENT -e IMAGE_NAME -e AWS_SECRET_ACCESS_KEY -e AWS_ACCESS_KEY_ID -e SONOBUOY_VERSION -e ENABLE_REGISTRY -v /var/run/docker.sock:/var/run/docker.sock --privileged --network host -v /tmp:/tmp k3s:test-${DRONE_STAGE_ARCH}-${DRONE_COMMIT} volumes: - name: docker path: /var/run/docker.sock volumes: - name: docker host: path: /var/run/docker.sock --- kind: pipeline name: arm platform: os: linux arch: arm trigger: event: exclude: - cron steps: - name: skipfiles image: plugins/git commands: - export NAME=$(test $DRONE_BUILD_EVENT = pull_request && echo remotes/origin/${DRONE_COMMIT_BRANCH:-master} || echo ${DRONE_COMMIT_SHA}~) - export DIFF=$(git --no-pager diff --name-only $NAME | grep -v -f .droneignore); - if [ -z "$DIFF" ]; then echo "All files in PR are on ignore list"; exit 78; else echo "Some files in PR are not ignored, $DIFF"; fi; when: event: - pull_request - name: build image: rancher/dapper:v0.5.0 secrets: [ AWS_SECRET_ACCESS_KEY-k3s-ci-uploader, AWS_ACCESS_KEY_ID-k3s-ci-uploader ] environment: AWS_SECRET_ACCESS_KEY: from_secret: AWS_SECRET_ACCESS_KEY-k3s-ci-uploader AWS_ACCESS_KEY_ID: from_secret: AWS_ACCESS_KEY_ID-k3s-ci-uploader commands: - dapper ci - echo "${DRONE_TAG}-arm" | sed -e 's/+/-/g' >.tags volumes: - name: docker path: /var/run/docker.sock - name: github_binary_release image: ibuildthecloud/github-release:v0.0.1 settings: api_key: from_secret: github_token prerelease: true checksum: - sha256 checksum_file: CHECKSUMsum-arm.txt checksum_flatten: true files: - "dist/artifacts/*" when: instance: - drone-publish.k3s.io ref: - refs/head/master - refs/tags/* event: - tag - name: docker-publish image: plugins/docker:linux-arm settings: dockerfile: package/Dockerfile password: from_secret: docker_password repo: "rancher/k3s" username: from_secret: docker_username when: instance: - drone-publish.k3s.io ref: - refs/head/master - refs/tags/* event: - tag - name: test image: rancher/dapper:v0.5.0 secrets: [ AWS_SECRET_ACCESS_KEY-k3s-ci-uploader, AWS_ACCESS_KEY_ID-k3s-ci-uploader ] environment: ENABLE_REGISTRY: 'true' AWS_SECRET_ACCESS_KEY: from_secret: AWS_SECRET_ACCESS_KEY-k3s-ci-uploader AWS_ACCESS_KEY_ID: from_secret: AWS_ACCESS_KEY_ID-k3s-ci-uploader commands: - docker build --target test-k3s -t k3s:test-${DRONE_STAGE_ARCH}-${DRONE_COMMIT} -f Dockerfile.test . - > docker run -i -e REPO -e TAG -e DRONE_TAG -e DRONE_BUILD_EVENT -e IMAGE_NAME -e AWS_SECRET_ACCESS_KEY -e AWS_ACCESS_KEY_ID -e SONOBUOY_VERSION -e ENABLE_REGISTRY -v /var/run/docker.sock:/var/run/docker.sock --privileged --network host -v /tmp:/tmp k3s:test-${DRONE_STAGE_ARCH}-${DRONE_COMMIT} volumes: - name: docker path: /var/run/docker.sock volumes: - name: docker host: path: /var/run/docker.sock --- kind: pipeline name: s390x platform: os: linux arch: amd64 # Hack needed for s390x: https://gist.github.com/colstrom/c2f359f72658aaabb44150ac20b16d7c#gistcomment-3858388 node: arch: s390x trigger: event: exclude: - cron clone: disable: true steps: - name: clone image: alpine/git:v2.30.2-s390x commands: - git clone $DRONE_GIT_HTTP_URL . - git fetch origin $DRONE_COMMIT_REF - git checkout $DRONE_COMMIT -b origin/$DRONE_TARGET_BRANCH - name: skipfiles image: alpine/git:v2.30.2-s390x commands: - export NAME=$(test $DRONE_BUILD_EVENT = pull_request && echo remotes/origin/${DRONE_COMMIT_BRANCH:-master} || echo ${DRONE_COMMIT_SHA}~) - export DIFF=$(git --no-pager diff --name-only $NAME | grep -v -f .droneignore); - if [ -z "$DIFF" ]; then echo "All files in PR are on ignore list"; exit 78; else echo "Some files in PR are not ignored, $DIFF"; fi; when: event: - pull_request - name: build image: rancher/dapper:v0.5.8 secrets: [ AWS_SECRET_ACCESS_KEY-k3s-ci-uploader, AWS_ACCESS_KEY_ID-k3s-ci-uploader ] environment: AWS_SECRET_ACCESS_KEY: from_secret: AWS_SECRET_ACCESS_KEY-k3s-ci-uploader AWS_ACCESS_KEY_ID: from_secret: AWS_ACCESS_KEY_ID-k3s-ci-uploader commands: - dapper ci - echo "${DRONE_TAG}-s390x" | sed -e 's/+/-/g' >.tags volumes: - name: docker path: /var/run/docker.sock - name: github_binary_release image: rancher/drone-images:github-release-s390x settings: api_key: from_secret: github_token prerelease: true checksum: - sha256 checksum_file: CHECKSUMsum-s390x.txt checksum_flatten: true files: - "dist/artifacts/*" when: instance: - drone-publish.k3s.io ref: - refs/head/master - refs/tags/* event: - tag - name: docker-publish image: rancher/drone-images:docker-s390x volumes: - name: docker path: /var/run/docker.sock settings: dockerfile: package/Dockerfile password: from_secret: docker_password repo: "rancher/k3s" username: from_secret: docker_username when: instance: - drone-publish.k3s.io ref: - refs/head/master - refs/tags/* event: - tag - name: test image: rancher/dapper:v0.5.8 secrets: [ AWS_SECRET_ACCESS_KEY-k3s-ci-uploader, AWS_ACCESS_KEY_ID-k3s-ci-uploader ] environment: ENABLE_REGISTRY: 'true' AWS_SECRET_ACCESS_KEY: from_secret: AWS_SECRET_ACCESS_KEY-k3s-ci-uploader AWS_ACCESS_KEY_ID: from_secret: AWS_ACCESS_KEY_ID-k3s-ci-uploader commands: # we hardcode s390x as the arch because DRONE_STAGE_ARCH is set to amd64 - docker build --target test-k3s -t k3s:test-s390x-${DRONE_COMMIT} -f Dockerfile.test . - > docker run -i -e REPO -e TAG -e DRONE_TAG -e DRONE_BUILD_EVENT -e IMAGE_NAME -e AWS_SECRET_ACCESS_KEY -e AWS_ACCESS_KEY_ID -e SONOBUOY_VERSION -e ENABLE_REGISTRY -v /var/run/docker.sock:/var/run/docker.sock --privileged --network host -v /tmp:/tmp k3s:test-s390x-${DRONE_COMMIT} volumes: - name: docker path: /var/run/docker.sock volumes: - name: docker host: path: /var/run/docker.sock --- kind: pipeline name: validate_go_mods platform: os: linux arch: amd64 trigger: event: exclude: - cron steps: - name: skipfiles image: plugins/git commands: - export NAME=$(test $DRONE_BUILD_EVENT = pull_request && echo remotes/origin/${DRONE_COMMIT_BRANCH:-master} || echo ${DRONE_COMMIT_SHA}~) - export DIFF=$(git --no-pager diff --name-only $NAME | grep -v -f .droneignore); - if [ -z "$DIFF" ]; then echo "All files in PR are on ignore list"; exit 78; else echo "Some files in PR are not ignored, $DIFF"; fi; when: event: - push - pull_request - name: validate_go_mods image: rancher/dapper:v0.5.0 commands: - docker build --target test-mods -t k3s:mod -f Dockerfile.test . - docker run -i k3s:mod volumes: - name: docker path: /var/run/docker.sock volumes: - name: docker host: path: /var/run/docker.sock --- kind: pipeline name: manifest platform: os: linux arch: amd64 steps: - name: skipfiles image: plugins/git commands: - export NAME=$(test $DRONE_BUILD_EVENT = pull_request && echo remotes/origin/${DRONE_COMMIT_BRANCH:-master} || echo ${DRONE_COMMIT_SHA}~) - export DIFF=$(git --no-pager diff --name-only $NAME | grep -v -f .droneignore); - if [ -z "$DIFF" ]; then echo "All files in PR are on ignore list"; exit 78; else echo "Some files in PR are not ignored, $DIFF"; fi; when: event: - push - pull_request - name: manifest image: plugins/docker environment: DOCKER_USERNAME: from_secret: docker_username DOCKER_PASSWORD: from_secret: docker_password settings: dry_run: true dockerfile: Dockerfile.manifest repo: "rancher/k3s-manifest" build_args_from_env: - DOCKER_USERNAME - DOCKER_PASSWORD - DRONE_TAG trigger: instance: - drone-publish.k3s.io ref: - refs/head/master - refs/tags/* event: include: - tag exclude: - cron depends_on: - amd64 - arm64 - s390x - arm --- kind: pipeline name: dispatch platform: os: linux arch: amd64 steps: - name: skipfiles image: plugins/git commands: - export NAME=$(test $DRONE_BUILD_EVENT = pull_request && echo remotes/origin/${DRONE_COMMIT_BRANCH:-master} || echo ${DRONE_COMMIT_SHA}~) - export DIFF=$(git --no-pager diff --name-only $NAME | grep -v -f .droneignore); - if [ -z "$DIFF" ]; then echo "All files in PR are on ignore list"; exit 78; else echo "Some files in PR are not ignored, $DIFF"; fi; when: event: - push - pull_request - name: dispatch image: curlimages/curl:7.74.0 user: root environment: PAT_USERNAME: from_secret: pat_username PAT_TOKEN: from_secret: github_token commands: - apk -U --no-cache add bash - scripts/dispatch trigger: instance: - drone-publish.k3s.io ref: - refs/head/master - refs/tags/* event: - tag depends_on: - manifest --- kind: pipeline name: e2e type: docker platform: os: linux arch: amd64 steps: - name: skipfiles image: plugins/git commands: - export NAME=$(test $DRONE_BUILD_EVENT = pull_request && echo remotes/origin/${DRONE_COMMIT_BRANCH:-master} || echo ${DRONE_COMMIT_SHA}~) - export DIFF=$(git --no-pager diff --name-only $NAME | grep -v -f .droneignore); - if [ -z "$DIFF" ]; then echo "All files in PR are on ignore list"; exit 78; else echo "Some files in PR are not ignored, $DIFF"; fi; when: event: - push - pull_request - name: build-e2e-image image: rancher/dapper:v0.5.0 commands: - DOCKER_BUILDKIT=1 docker build --target test-e2e -t test-e2e -f Dockerfile.test . - SKIP_VALIDATE=true SKIP_AIRGAP=true dapper ci - cp dist/artifacts/* /tmp/artifacts/ volumes: - name: cache path: /tmp/artifacts - name: docker path: /var/run/docker.sock - name: test-e2e image: test-e2e pull: never resources: cpu: 6000 memory: 10Gi environment: E2E_REGISTRY: 'true' commands: - mkdir -p dist/artifacts - cp /tmp/artifacts/* dist/artifacts/ - docker stop registry && docker rm registry # Cleanup any VMs running, happens if a previous test panics - | VMS=$(virsh list --name | grep '_server-\|_agent-' || true) if [ -n "$VMS" ]; then for vm in $VMS do virsh destroy $vm virsh undefine $vm --remove-all-storage done fi - docker run -d -p 5000:5000 -e REGISTRY_PROXY_REMOTEURL=https://registry-1.docker.io --name registry registry:2 - cd tests/e2e/validatecluster - vagrant destroy -f - go test -v -timeout=45m ./validatecluster_test.go -ci -local - cd ../secretsencryption - vagrant destroy -f - go test -v -timeout=30m ./secretsencryption_test.go -ci -local - cd ../upgradecluster - E2E_RELEASE_CHANNEL="latest" go test -v -timeout=45m ./upgradecluster_test.go -ci -local - docker stop registry && docker rm registry volumes: - name: libvirt path: /var/run/libvirt/ - name: docker path: /var/run/docker.sock - name: cache path: /tmp/artifacts volumes: - name: docker host: path: /var/run/docker.sock - name: libvirt host: path: /var/run/libvirt/ - name: cache temp: {}