forked from cloudfoundry/persi-ci
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmapfs.yml
218 lines (197 loc) · 5.5 KB
/
mapfs.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
---
#! This pipeline is set automatically, any uncommitted changes will be lost.
#!
#! To set the pipeline manually, run:
#! fly -t cryo-runway set-pipeline -p mapfs -c mapfs.yml
#!
#! ************************************
#! Secrets we need to run this pipeline
#! ************************************
cerberus_secrets:
#! used to manage pull requests
- &github_access_token ((github.access_token))
#! GitHub SSH key is used to gain write access to the repository
- &github_ssh_key ((github.ssh_key))
#! GitHub email and username are used to sign the commits and PRs for go module auto bumps. Added 2024-02-12
- &github_user ((github.user))
- &github_email ((github.email))
#! gcr_viewer_key was needed on 2024-03-24 for getting concourse container images from our GCR instance. Generated by using personal creds to log into the mapbu-cryogenics google cloud project.
- &gcr_viewer_key ((gcr.viewer_key))
#! **************
#! End of secrets
#! **************
groups:
- name: test
jobs:
- unit-test
- fs-test
- security-scan
- merge-pr
- name: update
jobs:
- bump-go-module
resource_types:
- name: pull-request
type: registry-image
source:
repository: us-west2-docker.pkg.dev/mapbu-cryogenics/concourse-resources/pr-queue-resource
username: _json_key
password: *gcr_viewer_key
resources:
- name: mapfs
type: pull-request
icon: source-pull
source:
repository: cloudfoundry/mapfs
base_branch: master
disable_forks: true
access_token: *github_access_token
- name: mapfs-read
type: git
icon: github
source:
uri: https://github.com/cloudfoundry/mapfs
branch: master
- name: mapfs-write
type: git
icon: git
source:
uri: [email protected]:cloudfoundry/mapfs.git
private_key: *github_ssh_key
commit_filter:
exclude:
- ;resource comment; This resource is used exclusively for pushing new changes
- name: cryogenics-concourse-tasks
type: git
icon: github
source:
uri: [email protected]:pivotal/cryogenics-concourse-tasks.git
private_key: *github_ssh_key
branch: main
- name: image-cryogenics-essentials
icon: docker
type: registry-image
source:
repository: us-west2-docker.pkg.dev/mapbu-cryogenics/essentials/cryo-essentials
username: _json_key
password: *gcr_viewer_key
tag: latest
- name: cfpersi-nfs-integration-tests
icon: docker
type: registry-image
source:
repository: us-west2-docker.pkg.dev/mapbu-cryogenics/dockerhub-proxy-cache/cfpersi/nfs-integration-tests
username: _json_key
password: *gcr_viewer_key
tag: latest
- name: cfpersi-mapfs-tests
icon: docker
type: registry-image
source:
repository: us-west2-docker.pkg.dev/mapbu-cryogenics/dockerhub-proxy-cache/cfpersi/mapfs-tests
username: _json_key
password: *gcr_viewer_key
tag: latest
- name: fstest
type: git
source:
uri: https://github.com/zfsonlinux/fstest.git
branch: master
- name: persi-ci
type: git
source:
uri: https://github.com/cloudfoundry/persi-ci.git
branch: master
- name: once-a-week
type: time
icon: clock-outline
source:
days: [ Monday ]
jobs:
- name: unit-test
public: true
plan:
- get: mapfs
trigger: true
- get: cfpersi-nfs-integration-tests
- task: build
image: cfpersi-nfs-integration-tests
file: mapfs/scripts/ci/run_unit.build.yml
privileged: true
- name: fs-test
public: true
plan:
- get: mapfs
trigger: true
- get: fstest
- get: cfpersi-mapfs-tests
- task: build
image: cfpersi-mapfs-tests
file: mapfs/scripts/ci/run_fstest.build.yml
privileged: true
- name: security-scan
plan:
- in_parallel:
- get: persi-ci
- get: image-cryogenics-essentials
- get: mapfs
trigger: true
- task: build
image: image-cryogenics-essentials
file: persi-ci/scripts/ci/security-scan.build.yml
params:
PATHS: "./"
input_mapping:
release-dir: mapfs
- name: merge-pr
plan:
- get: mapfs
trigger: true
passed:
- unit-test
- fs-test
- security-scan
- put: mapfs
params:
merge: true
repository: mapfs
- name: bump-go-module
plan:
- in_parallel:
- get: source-repo
resource: mapfs-read
- get: cryogenics-concourse-tasks
- get: image-cryogenics-essentials
- get: once-a-week
trigger: true
- task: bump-go-module
image: image-cryogenics-essentials
file: cryogenics-concourse-tasks/deps-automation/bump-go-module/task.yml
params:
GIT_USERNAME: *github_user
GIT_EMAIL: *github_email
ROOT_DIRECTORIES: .
- try:
load_var: go-module-update-branch
file: destination-repo/.update-branch-name
on_success:
do:
- put: mapfs-write
params:
repository: destination-repo
branch: &go-module-branch ((.:go-module-update-branch))
- task: create-go-module-bump-pull-request
image: image-cryogenics-essentials
file: cryogenics-concourse-tasks/github-automation/create-pr/task.yml
params:
BASE: master
BRANCH: *go-module-branch
LABELS: dependencies
TITLE: Bump go module ((.:go-module-update-branch))
MESSAGE: |
This is an automatically generated Pull Request from the Cryogenics CI Bot.
I have detected a new version of a go module and automatically bumped
it to benefit from the latest changes.
If this does not look right, please reach out to the mapbu-cryogenics team.
input_mapping:
source-repo: mapfs-write