Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Simplify and tidy Makefile #656

Merged
merged 1 commit into from
Dec 23, 2022
Merged

Simplify and tidy Makefile #656

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 0 additions & 1 deletion .github/mergify.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,6 @@ queue_rules:
- check-success=DCO
- check-success~=docker-images.*tink-server
- check-success~=docker-images.*tink-worker

pull_request_rules:
- name: Automatic merge on approval
conditions:
Expand Down
14 changes: 7 additions & 7 deletions .github/settings.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,10 +25,10 @@ collaborators:
- username: tobert
permission: triage

# Note: `permission` is only valid on organization-owned repositories.
# The permission to grant the collaborator. Can be one of:
# * `pull` - can pull, but not push to or administer this repository.
# * `push` - can pull and push, but not administer this repository.
# * `admin` - can pull, push and administer this repository.
# * `maintain` - Recommended for project managers who need to manage the repository without access to sensitive or destructive actions.
# * `triage` - Recommended for contributors who need to proactively manage issues and pull requests without write access.
# Note: `permission` is only valid on organization-owned repositories.
# The permission to grant the collaborator. Can be one of:
# * `pull` - can pull, but not push to or administer this repository.
# * `push` - can pull and push, but not administer this repository.
# * `admin` - can pull, push and administer this repository.
# * `maintain` - Recommended for project managers who need to manage the repository without access to sensitive or destructive actions.
# * `triage` - Recommended for contributors who need to proactively manage issues and pull requests without write access.
82 changes: 24 additions & 58 deletions .github/workflows/ci.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,157 +8,123 @@ on:
pull_request:
env:
CGO_ENABLED: 0

jobs:
verify:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2

- name: Install Go
uses: actions/setup-go@v2
with:
go-version: "1.18.5"

- name: make verify
run: make verify
test:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2

- name: Install Go
uses: actions/setup-go@v2
with:
go-version: "1.18.5"

- name: Install nix
uses: cachix/install-nix-action@v16
with:
nix_path: nixpkgs=channel:nixos-unstable

- name: Fetch Nix Packages
run: nix-shell --run 'true'

- name: Generate
run: nix-shell --run 'make generate'

- name: e2etest
run: make e2etest-setup

- name: go test
run: make test

- name: upload codecov
run: bash <(curl -s https://codecov.io/bash)
ci-checks:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2

- name: Install nix
uses: cachix/install-nix-action@v16
with:
nix_path: nixpkgs=channel:nixos-unstable

- name: Fetch Nix Packages
run: nix-shell --run 'true'

- run: PATH=$PWD/bin/:$PATH ./ci-checks.sh
# We preemptively build the binaries for efficiency instead of waiting on unit tests to pass
# hence this doesn't depend on anything.
crosscompile:
runs-on: ubuntu-latest
needs:
- ci-checks
- test
- verify
strategy:
matrix:
platform: [amd64, arm64]
steps:
- name: Checkout code
uses: actions/checkout@v2

- name: Install Go
uses: actions/setup-go@v2
with:
go-version: "1.18.5"

- run: make crosscompile -j$(nproc)

- name: Upload tink-server binaries
uses: actions/upload-artifact@v2
with:
name: tink-server
path: cmd/tink-server/tink-server-*

- name: Upload tink-worker binaries
uses: actions/upload-artifact@v2
with:
name: tink-worker
path: cmd/tink-worker/tink-worker-*

- name: Upload virtual-worker binaries
uses: actions/upload-artifact@v2
with:
name: virtual-worker
path: cmd/virtual-worker/virtual-worker-*

- name: Upload tink-controller binaries
- name: Build linux/${{ matrix.platform }}
run: |
make build -j$(nproc) GOOS=linux GOARCH=${{ matrix.platform }}
- name: Upload binaries
uses: actions/upload-artifact@v2
with:
name: tink-controller
path: cmd/tink-controller/tink-controller-*
name: binaries
path: bin/*
docker-images:
runs-on: ubuntu-latest
needs:
- verify
- test
- ci-checks
- crosscompile
strategy:
matrix:
include:
- repository: quay.io/tinkerbell/tink
binary: tink-server

- repository: quay.io/tinkerbell/tink-worker
binary: tink-worker

- repository: quay.io/tinkerbell/tink-controller
binary: tink-controller
steps:
- name: Docker Image Tag for Sha
id: docker-image-tag
run: |
echo ::set-output name=tags::${{ matrix.repository }}:latest,${{ matrix.repository }}:sha-${GITHUB_SHA::8}

- name: Checkout code
uses: actions/checkout@v2

- name: Login to quay.io
uses: docker/login-action@v1
if: ${{ startsWith(github.ref, 'refs/heads/main') }}
with:
registry: quay.io
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_PASSWORD }}

- name: Set up QEMU
uses: docker/setup-qemu-action@v1

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1

- name: Download ${{ matrix.binary }} artifacts
- name: Download binaries
uses: actions/download-artifact@v2
with:
name: ${{ matrix.binary}}
path: cmd/${{ matrix.binary }}

name: binaries
path: ./bin
- run: |
ls -l .
ls -l bin/
file bin/
- name: Fix Permissions
run: chmod +x cmd/${{ matrix.binary }}/${{ matrix.binary }}*

run: chmod +x bin/*
- name: ${{ matrix.repository }}
uses: docker/build-push-action@v2
with:
context: cmd/${{ matrix.binary }}/
context: .
file: cmd/${{ matrix.binary }}/Dockerfile
cache-from: type=registry,ref=${{ matrix.repository }}:latest
push: ${{ startsWith(github.ref, 'refs/heads/main') }}
tags: ${{ steps.docker-image-tag.outputs.tags }}
Expand Down
6 changes: 0 additions & 6 deletions .github/workflows/tags.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,18 +22,15 @@ jobs:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
OWNER: ${{ github.repository_owner }}
REPO: ${{ github.event.repository.name }}

- name: Docker manager metadata
id: meta
uses: docker/metadata-action@v3
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
flavor: latest=false
tags: type=ref,event=tag

- name: Set the from image tag
run: echo "FROM_TAG=sha-${GITHUB_SHA::8}" >> $GITHUB_ENV

# This is for tink server. quay.io/tinkerbell/tink
- name: Copy the image using skopeo
run: skopeo copy --all --dest-creds="${DST_REG_USER}":"${DST_REG_PASS}" docker://"${SRC_IMAGE}" docker://"${DST_IMAGE}"
Expand All @@ -42,23 +39,20 @@ jobs:
DST_IMAGE: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }}
DST_REG_USER: ${{ secrets.QUAY_USERNAME }}
DST_REG_PASS: ${{ secrets.QUAY_PASSWORD }}

- name: Copy the tink-controller image using skopeo
run: skopeo copy --all --dest-creds="${DST_REG_USER}":"${DST_REG_PASS}" docker://"${SRC_IMAGE}" docker://"${DST_IMAGE}"
env:
SRC_IMAGE: ${{ env.REGISTRY }}/tinkerbell/tink-controller:${{ env.FROM_TAG }}
DST_IMAGE: ${{ env.REGISTRY }}/tinkerbell/tink-controller:${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }}
DST_REG_USER: ${{ secrets.QUAY_USERNAME }}
DST_REG_PASS: ${{ secrets.QUAY_PASSWORD }}

- name: Copy the tink-worker image using skopeo
run: skopeo copy --all --dest-creds="${DST_REG_USER}":"${DST_REG_PASS}" docker://"${SRC_IMAGE}" docker://"${DST_IMAGE}"
env:
SRC_IMAGE: ${{ env.REGISTRY }}/tinkerbell/tink-worker:${{ env.FROM_TAG }}
DST_IMAGE: ${{ env.REGISTRY }}/tinkerbell/tink-worker:${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }}
DST_REG_USER: ${{ secrets.QUAY_USERNAME }}
DST_REG_PASS: ${{ secrets.QUAY_PASSWORD }}

- name: Create Release
id: create_release
uses: actions/create-release@v1
Expand Down
57 changes: 17 additions & 40 deletions .golangci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,52 +1,42 @@
run:
# The default runtime timeout is 1m, which doesn't work well on Github Actions.
timeout: 4m

# NOTE: This file is populated by the lint-install tool. Local adjustments may be overwritten.
linters-settings:
cyclop:
# NOTE: This is a very high transitional threshold
max-complexity: 37
package-average: 34.0
skip-tests: true

gocognit:
# NOTE: This is a very high transitional threshold
min-complexity: 98

dupl:
threshold: 200

goconst:
min-len: 4
min-occurrences: 5
ignore-tests: true

gosec:
excludes:
- G107 # Potential HTTP request made with variable url
- G204 # Subprocess launched with function call as argument or cmd arguments
- G404 # Use of weak random number generator (math/rand instead of crypto/rand

errorlint:
# these are still common in Go: for instance, exit errors.
asserts: false
# Forcing %w in error wrapping forces authors to make errors part of their package APIs. The decision to make
# an error part of a package API should be a concious decision by the author.
# Also see Hyrums Law.
errorf: false

exhaustive:
default-signifies-exhaustive: true

nestif:
min-complexity: 8

nolintlint:
require-explanation: true
allow-unused: false
require-specific: true

revive:
ignore-generated-header: true
severity: warning
Expand Down Expand Up @@ -90,16 +80,12 @@ linters-settings:
- name: var-naming
- name: unconditional-recursion
- name: waitgroup-by-value

staticcheck:
go: "1.18"

unused:
go: "1.18"

output:
sort-results: true

linters:
disable-all: true
enable:
Expand Down Expand Up @@ -156,25 +142,23 @@ linters:
- varcheck
- wastedassign
- whitespace

# Disabled linters, due to being misaligned with Go practices
# - exhaustivestruct
# - gochecknoglobals
# - gochecknoinits
# - goconst
# - godox
# - goerr113
# - gomnd
# - lll
# - nlreturn
# - testpackage
# - wsl
# Disabled linters, due to not being relevant to our code base:
# - maligned
# - prealloc "For most programs usage of prealloc will be a premature optimization."
# Disabled linters due to bad error messages or bugs
# - tagliatelle

# Disabled linters, due to being misaligned with Go practices
# - exhaustivestruct
# - gochecknoglobals
# - gochecknoinits
# - goconst
# - godox
# - goerr113
# - gomnd
# - lll
# - nlreturn
# - testpackage
# - wsl
# Disabled linters, due to not being relevant to our code base:
# - maligned
# - prealloc "For most programs usage of prealloc will be a premature optimization."
# Disabled linters due to bad error messages or bugs
# - tagliatelle
issues:
# Excluding configuration per-path, per-linter, per-text and per-source
exclude-rules:
Expand All @@ -186,30 +170,23 @@ issues:
- gocyclo
- gosec
- noctx

- path: .*cmd.*
linters:
- noctx

# local to tink: kubebuilder needs the stdlib invalid `inline` json struct tag
- path: pkg/apis/.*
text: "struct-tag"

- path: main\.go
linters:
- noctx

- path: .*cmd.*
text: "deep-exit"

- path: main\.go
text: "deep-exit"

# This check is of questionable value
- linters:
- tparallel
text: "call t.Parallel on the top level as well as its subtests"

# Don't hide lint issues just because there are many of them
max-same-issues: 0
max-issues-per-linter: 0
Loading