From a8460df8a3913529953bd27806f09455d5e89ebf Mon Sep 17 00:00:00 2001 From: Danny Gershman Date: Tue, 21 May 2024 15:22:51 -0500 Subject: [PATCH 01/12] adding flavored packages --- .github/actions/build-image/action.yaml | 4 ++-- .github/workflows/pull-request.yaml | 4 ++++ .github/workflows/release.yaml | 4 ++-- Makefile | 18 +++++++++++++----- zarf.yaml => zarf/full/zarf.yaml | 2 +- zarf/minimal/zarf.yaml | 10 ++++++++++ 6 files changed, 32 insertions(+), 10 deletions(-) rename zarf.yaml => zarf/full/zarf.yaml (97%) create mode 100644 zarf/minimal/zarf.yaml diff --git a/.github/actions/build-image/action.yaml b/.github/actions/build-image/action.yaml index 895a5d2..4bd18d0 100644 --- a/.github/actions/build-image/action.yaml +++ b/.github/actions/build-image/action.yaml @@ -1,10 +1,10 @@ name: build-image -description: "Build image" +description: "Build ${{ matrix.flavor }} image" runs: using: composite steps: - run: | set +o history && echo ${REGISTRY1_PASSWORD} | zarf tools registry login registry1.dso.mil --username ${REGISTRY1_USERNAME} --password-stdin || set -o history - make build + make build-${{ matrix.flavor }} shell: bash diff --git a/.github/workflows/pull-request.yaml b/.github/workflows/pull-request.yaml index c7fa41c..480a852 100644 --- a/.github/workflows/pull-request.yaml +++ b/.github/workflows/pull-request.yaml @@ -15,6 +15,10 @@ jobs: build: runs-on: ubuntu-latest + strategy: + matrix: + flavor: [full, minimal] + permissions: contents: read packages: write diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 3866ac5..200828f 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -41,9 +41,9 @@ jobs: REGISTRY1_USERNAME: ${{ secrets.REGISTRY1_USERNAME }} REGISTRY1_PASSWORD: ${{ secrets.REGISTRY1_PASSWORD }} - - name: "Sign and Publish the image" + - name: "Sign and Publish the ${{ matrix.flavor }} image" run: | - zarf package publish build/zarf-init-amd64-v${ZARF_VERSION}.tar.zst oci://ghcr.io/radiusmethod/zarf-init-bigbang-k3s-ha --signing-key awskms:///alias/zarf-init-bigbang + zarf package publish build/zarf-init-${{ matrix.flavor }}-amd64-v${ZARF_VERSION}.tar.zst oci://ghcr.io/radiusmethod/zarf-init-bigbang-k3s-ha/${{ matrix.flavor }} --signing-key awskms:///alias/zarf-init-bigbang env: AWS_REGION: ${{ secrets.AWS_REGION }} AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID_GOV }} diff --git a/Makefile b/Makefile index e0afaf7..223fe5e 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,3 @@ -.PHONY: build - ARCH:=amd64 # renovate: depName=defenseunicorns/zarf ZARF_VERSION:="0.33.2" @@ -9,10 +7,12 @@ GITEA_VERSION:="1.21.11" REGISTRY_VERSION:="2.8.3" ZARF_DIR:="zarf" -BUILD_DIR:="build" +BUILD_DIR:="../../build" KMS_ALIAS:="zarf-init-bigbang" -build: +.PHONY: build-full +build-full: + cd zarf/full && \ zarf package create -o $(BUILD_DIR) -a $(ARCH) --confirm . \ --set REGISTRY_IMAGE_DOMAIN="registry1.dso.mil/" \ --set REGISTRY_IMAGE="ironbank/opensource/docker/registry-v2" \ @@ -22,7 +22,15 @@ build: --set AGENT_IMAGE_TAG=v$(ZARF_VERSION) \ --set INJECTOR_VERSION="2023-08-02" \ --set INJECTOR_AMD64_SHASUM="91de0768855ee2606a4f85a92bb480ff3a14ca205fd8d05eb397c18e15aa0247" \ - --set GITEA_IMAGE=registry1.dso.mil/ironbank/opensource/go-gitea/gitea:v$(GITEA_VERSION) + --set GITEA_IMAGE=registry1.dso.mil/ironbank/opensource/go-gitea/gitea:v$(GITEA_VERSION) && \ + mv $(BUILD_DIR)/zarf-init-amd64-v$(ZARF_VERSION).tar.zst $(BUILD_DIR)/zarf-init-full-amd64-v$(ZARF_VERSION).tar.zst + +.PHONY: build-minimal +build-minimal: + cd zarf/minimal && \ + zarf package create -o $(BUILD_DIR) -a $(ARCH) --confirm . && \ + mv $(BUILD_DIR)/zarf-init-amd64-v$(ZARF_VERSION).tar.zst $(BUILD_DIR)/zarf-init-minimal-amd64-v$(ZARF_VERSION).tar.zst +.PHONY: generate-key-pair generate-key-pair: cosign generate-key-pair --kms awskms:///alias/$(KMS_ALIAS) diff --git a/zarf.yaml b/zarf/full/zarf.yaml similarity index 97% rename from zarf.yaml rename to zarf/full/zarf.yaml index dca6786..2d5298d 100644 --- a/zarf.yaml +++ b/zarf/full/zarf.yaml @@ -6,7 +6,7 @@ metadata: components: - name: k3s import: - path: k3s + path: ../../k3s - name: zarf-injector required: true diff --git a/zarf/minimal/zarf.yaml b/zarf/minimal/zarf.yaml new file mode 100644 index 0000000..9c3a4f0 --- /dev/null +++ b/zarf/minimal/zarf.yaml @@ -0,0 +1,10 @@ +kind: ZarfInitConfig +metadata: + name: init + description: Minimal package with k3s only + +components: + - name: k3s + required: true + import: + path: ../../k3s From ad2c37396a6b9aad1297b6432b7dd30bf364cf5d Mon Sep 17 00:00:00 2001 From: Danny Gershman Date: Tue, 21 May 2024 15:24:19 -0500 Subject: [PATCH 02/12] run linting in the correct path --- .github/actions/tests/action.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/actions/tests/action.yaml b/.github/actions/tests/action.yaml index 6c00c02..9fb04ae 100644 --- a/.github/actions/tests/action.yaml +++ b/.github/actions/tests/action.yaml @@ -1,9 +1,9 @@ name: install-tools -description: "Run Tests" +description: "Run Tests for ${{ matrix.flavor }}" runs: using: composite steps: - run: | - zarf dev lint + cd zarf/${{ matrix.flavor }} && zarf dev lint shell: bash From 0f5b49795c1e81f8b357e8d442e97e0dfb8beb85 Mon Sep 17 00:00:00 2001 From: Danny Gershman Date: Tue, 21 May 2024 15:31:31 -0500 Subject: [PATCH 03/12] passing things arond --- .github/actions/build-image/action.yaml | 10 ++++++++-- .github/actions/tests/action.yaml | 10 ++++++++-- .github/workflows/pull-request.yaml | 4 ++++ .github/workflows/release.yaml | 2 ++ 4 files changed, 22 insertions(+), 4 deletions(-) diff --git a/.github/actions/build-image/action.yaml b/.github/actions/build-image/action.yaml index 4bd18d0..b201a0a 100644 --- a/.github/actions/build-image/action.yaml +++ b/.github/actions/build-image/action.yaml @@ -1,10 +1,16 @@ name: build-image -description: "Build ${{ matrix.flavor }} image" +description: "Build ${{ inputs.flavor }} image" + +inputs: + flavor: + description: "The flavor of the zarf package" + required: true + default: full runs: using: composite steps: - run: | set +o history && echo ${REGISTRY1_PASSWORD} | zarf tools registry login registry1.dso.mil --username ${REGISTRY1_USERNAME} --password-stdin || set -o history - make build-${{ matrix.flavor }} + make build-${{ inputs.flavor }} shell: bash diff --git a/.github/actions/tests/action.yaml b/.github/actions/tests/action.yaml index 9fb04ae..99c5740 100644 --- a/.github/actions/tests/action.yaml +++ b/.github/actions/tests/action.yaml @@ -1,9 +1,15 @@ name: install-tools -description: "Run Tests for ${{ matrix.flavor }}" +description: "Run Tests for ${{ inputs.flavor }}" + +inputs: + flavor: + description: "The flavor of the zarf package" + required: true + default: full runs: using: composite steps: - run: | - cd zarf/${{ matrix.flavor }} && zarf dev lint + cd zarf/${{ inputs.flavor }} && zarf dev lint shell: bash diff --git a/.github/workflows/pull-request.yaml b/.github/workflows/pull-request.yaml index 480a852..ecf6bfc 100644 --- a/.github/workflows/pull-request.yaml +++ b/.github/workflows/pull-request.yaml @@ -34,9 +34,13 @@ jobs: - name: Lint uses: ./.github/actions/tests + with: + flavor: ${{ matrix.flavor }} - name: Build image uses: ./.github/actions/build-image env: REGISTRY1_USERNAME: ${{ secrets.REGISTRY1_USERNAME }} REGISTRY1_PASSWORD: ${{ secrets.REGISTRY1_PASSWORD }} + with: + flavor: ${{ matrix.flavor }} diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 200828f..64b7253 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -40,6 +40,8 @@ jobs: env: REGISTRY1_USERNAME: ${{ secrets.REGISTRY1_USERNAME }} REGISTRY1_PASSWORD: ${{ secrets.REGISTRY1_PASSWORD }} + with: + flavor: ${{ matrix.flavor }} - name: "Sign and Publish the ${{ matrix.flavor }} image" run: | From 0743d2fcfafe33fd099822044dfd353e19d69227 Mon Sep 17 00:00:00 2001 From: Danny Gershman Date: Tue, 21 May 2024 15:43:24 -0500 Subject: [PATCH 04/12] trying somethign else --- .github/actions/tests/action.yaml | 4 ++-- .github/workflows/pull-request.yaml | 2 +- .github/workflows/release.yaml | 4 ++++ 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.github/actions/tests/action.yaml b/.github/actions/tests/action.yaml index 99c5740..ee63cb1 100644 --- a/.github/actions/tests/action.yaml +++ b/.github/actions/tests/action.yaml @@ -1,5 +1,5 @@ name: install-tools -description: "Run Tests for ${{ inputs.flavor }}" +description: "Run Tests" inputs: flavor: @@ -11,5 +11,5 @@ runs: using: composite steps: - run: | - cd zarf/${{ inputs.flavor }} && zarf dev lint + cd zarf/${{ github.event.inputs.flavor }} && zarf dev lint shell: bash diff --git a/.github/workflows/pull-request.yaml b/.github/workflows/pull-request.yaml index ecf6bfc..f4b9b87 100644 --- a/.github/workflows/pull-request.yaml +++ b/.github/workflows/pull-request.yaml @@ -17,7 +17,7 @@ jobs: strategy: matrix: - flavor: [full, minimal] + flavor: [ full, minimal ] permissions: contents: read diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 64b7253..70bb51e 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -15,6 +15,10 @@ jobs: build: runs-on: ubuntu-latest + strategy: + matrix: + flavor: [ full, minimal ] + permissions: contents: read packages: write From 199675f2200d2137e22c6242aa336ded2302bb91 Mon Sep 17 00:00:00 2001 From: Danny Gershman Date: Tue, 21 May 2024 15:44:42 -0500 Subject: [PATCH 05/12] remove --- .github/actions/tests/action.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/tests/action.yaml b/.github/actions/tests/action.yaml index ee63cb1..5426abb 100644 --- a/.github/actions/tests/action.yaml +++ b/.github/actions/tests/action.yaml @@ -11,5 +11,5 @@ runs: using: composite steps: - run: | - cd zarf/${{ github.event.inputs.flavor }} && zarf dev lint + cd zarf/${{ inputs.flavor }} && zarf dev lint shell: bash From 0c7079f04bb51d0fabcc78b230118965acdf3f7b Mon Sep 17 00:00:00 2001 From: Danny Gershman Date: Tue, 21 May 2024 15:47:09 -0500 Subject: [PATCH 06/12] try --- .github/actions/tests/action.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/tests/action.yaml b/.github/actions/tests/action.yaml index 5426abb..ee63cb1 100644 --- a/.github/actions/tests/action.yaml +++ b/.github/actions/tests/action.yaml @@ -11,5 +11,5 @@ runs: using: composite steps: - run: | - cd zarf/${{ inputs.flavor }} && zarf dev lint + cd zarf/${{ github.event.inputs.flavor }} && zarf dev lint shell: bash From a55592d38aa91dae61618fa00fea3e820d0ac786 Mon Sep 17 00:00:00 2001 From: Danny Gershman Date: Tue, 21 May 2024 15:50:21 -0500 Subject: [PATCH 07/12] using env vars --- .github/actions/build-image/action.yaml | 10 ++-------- .github/actions/tests/action.yaml | 8 +------- 2 files changed, 3 insertions(+), 15 deletions(-) diff --git a/.github/actions/build-image/action.yaml b/.github/actions/build-image/action.yaml index b201a0a..ccb6f79 100644 --- a/.github/actions/build-image/action.yaml +++ b/.github/actions/build-image/action.yaml @@ -1,16 +1,10 @@ name: build-image -description: "Build ${{ inputs.flavor }} image" - -inputs: - flavor: - description: "The flavor of the zarf package" - required: true - default: full +description: "Build image" runs: using: composite steps: - run: | set +o history && echo ${REGISTRY1_PASSWORD} | zarf tools registry login registry1.dso.mil --username ${REGISTRY1_USERNAME} --password-stdin || set -o history - make build-${{ inputs.flavor }} + make build-${INPUT_FLAVOR} shell: bash diff --git a/.github/actions/tests/action.yaml b/.github/actions/tests/action.yaml index ee63cb1..33ec2b5 100644 --- a/.github/actions/tests/action.yaml +++ b/.github/actions/tests/action.yaml @@ -1,15 +1,9 @@ name: install-tools description: "Run Tests" -inputs: - flavor: - description: "The flavor of the zarf package" - required: true - default: full - runs: using: composite steps: - run: | - cd zarf/${{ github.event.inputs.flavor }} && zarf dev lint + cd zarf/${INPUT_FLAVOR} && zarf dev lint shell: bash From 701ff0542b8b0190ca2d4029833c5b2af202585d Mon Sep 17 00:00:00 2001 From: Danny Gershman Date: Tue, 21 May 2024 15:52:46 -0500 Subject: [PATCH 08/12] adding back input --- .github/actions/build-image/action.yaml | 6 ++++++ .github/actions/tests/action.yaml | 6 ++++++ 2 files changed, 12 insertions(+) diff --git a/.github/actions/build-image/action.yaml b/.github/actions/build-image/action.yaml index ccb6f79..1bc0104 100644 --- a/.github/actions/build-image/action.yaml +++ b/.github/actions/build-image/action.yaml @@ -1,6 +1,12 @@ name: build-image description: "Build image" +inputs: + flavor: + description: "The flavor of the zarf package" + required: true + default: full + runs: using: composite steps: diff --git a/.github/actions/tests/action.yaml b/.github/actions/tests/action.yaml index 33ec2b5..efb078e 100644 --- a/.github/actions/tests/action.yaml +++ b/.github/actions/tests/action.yaml @@ -1,6 +1,12 @@ name: install-tools description: "Run Tests" +inputs: + flavor: + description: "The flavor of the zarf package" + required: true + default: full + runs: using: composite steps: From 487003491bf349e6a0aef6dfdf8cd5daf030ee25 Mon Sep 17 00:00:00 2001 From: Danny Gershman Date: Tue, 21 May 2024 15:56:56 -0500 Subject: [PATCH 09/12] echoing flavor --- .github/actions/tests/action.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/actions/tests/action.yaml b/.github/actions/tests/action.yaml index efb078e..c705f14 100644 --- a/.github/actions/tests/action.yaml +++ b/.github/actions/tests/action.yaml @@ -11,5 +11,6 @@ runs: using: composite steps: - run: | + echo $INPUT_FLAVOR cd zarf/${INPUT_FLAVOR} && zarf dev lint shell: bash From a56c30bc4f69423468511796e9a2e8ce6e9c4585 Mon Sep 17 00:00:00 2001 From: Danny Gershman Date: Tue, 21 May 2024 16:06:23 -0500 Subject: [PATCH 10/12] using inputs again --- .github/actions/tests/action.yaml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/actions/tests/action.yaml b/.github/actions/tests/action.yaml index c705f14..dcf0ff7 100644 --- a/.github/actions/tests/action.yaml +++ b/.github/actions/tests/action.yaml @@ -5,12 +5,10 @@ inputs: flavor: description: "The flavor of the zarf package" required: true - default: full runs: using: composite steps: - run: | - echo $INPUT_FLAVOR - cd zarf/${INPUT_FLAVOR} && zarf dev lint + cd zarf/${{ inputs.flavor }} && zarf dev lint shell: bash From 9adea6c795d1b7693446293264ee768145db236a Mon Sep 17 00:00:00 2001 From: Danny Gershman Date: Tue, 21 May 2024 16:08:09 -0500 Subject: [PATCH 11/12] bp --- .github/actions/build-image/action.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/actions/build-image/action.yaml b/.github/actions/build-image/action.yaml index 1bc0104..5e7eb68 100644 --- a/.github/actions/build-image/action.yaml +++ b/.github/actions/build-image/action.yaml @@ -5,12 +5,11 @@ inputs: flavor: description: "The flavor of the zarf package" required: true - default: full runs: using: composite steps: - run: | set +o history && echo ${REGISTRY1_PASSWORD} | zarf tools registry login registry1.dso.mil --username ${REGISTRY1_USERNAME} --password-stdin || set -o history - make build-${INPUT_FLAVOR} + make build-${{ inputs.flavor }} shell: bash From a6c5e8f4eafb5bcba56fb7de596639bc73fc679f Mon Sep 17 00:00:00 2001 From: Danny Gershman Date: Tue, 21 May 2024 16:22:42 -0500 Subject: [PATCH 12/12] make specific images now --- .github/workflows/release.yaml | 2 +- zarf/full/zarf.yaml | 2 +- zarf/minimal/zarf.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 70bb51e..22b759d 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -49,7 +49,7 @@ jobs: - name: "Sign and Publish the ${{ matrix.flavor }} image" run: | - zarf package publish build/zarf-init-${{ matrix.flavor }}-amd64-v${ZARF_VERSION}.tar.zst oci://ghcr.io/radiusmethod/zarf-init-bigbang-k3s-ha/${{ matrix.flavor }} --signing-key awskms:///alias/zarf-init-bigbang + zarf package publish build/zarf-init-${{ matrix.flavor }}-amd64-v${ZARF_VERSION}.tar.zst oci://ghcr.io/radiusmethod/zarf-init-bigbang-k3s-ha --signing-key awskms:///alias/zarf-init-bigbang env: AWS_REGION: ${{ secrets.AWS_REGION }} AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID_GOV }} diff --git a/zarf/full/zarf.yaml b/zarf/full/zarf.yaml index 2d5298d..8b7240d 100644 --- a/zarf/full/zarf.yaml +++ b/zarf/full/zarf.yaml @@ -1,6 +1,6 @@ kind: ZarfInitConfig metadata: - name: init + name: full description: Used to establish a new Zarf cluster components: diff --git a/zarf/minimal/zarf.yaml b/zarf/minimal/zarf.yaml index 9c3a4f0..c67c13b 100644 --- a/zarf/minimal/zarf.yaml +++ b/zarf/minimal/zarf.yaml @@ -1,6 +1,6 @@ kind: ZarfInitConfig metadata: - name: init + name: minimal description: Minimal package with k3s only components: