From 27ceadceb837697c39bdb845b3b18ad9f834a096 Mon Sep 17 00:00:00 2001 From: Tao Song Date: Tue, 7 Mar 2023 14:40:09 +0800 Subject: [PATCH] add github workflow (#7) * add github workflow Signed-off-by: songtao98 * add ci approvers Signed-off-by: songtao98 --------- Signed-off-by: songtao98 --- .github/ISSUE_TEMPLATE/bug-report.md | 29 +++++++ .github/ISSUE_TEMPLATE/proposal.md | 17 ++++ .github/ISSUE_TEMPLATE/question.md | 25 ++++++ .github/OWNERS | 6 ++ .github/dependabot.yml | 20 +++++ .github/pull_request_template.md | 22 +++++ .github/workflows/ci.yaml | 121 +++++++++++++++++++++++++++ .github/workflows/codeql.yml | 46 ++++++++++ .github/workflows/license.yml | 29 +++++++ .github/workflows/release.yml | 86 +++++++++++++++++++ .license/README.md | 19 +++++ .license/dependency_decisions.yml | 43 ++++++++++ OWNERS_ALIASES | 9 ++ 13 files changed, 472 insertions(+) create mode 100644 .github/ISSUE_TEMPLATE/bug-report.md create mode 100644 .github/ISSUE_TEMPLATE/proposal.md create mode 100644 .github/ISSUE_TEMPLATE/question.md create mode 100644 .github/OWNERS create mode 100644 .github/dependabot.yml create mode 100644 .github/pull_request_template.md create mode 100644 .github/workflows/ci.yaml create mode 100644 .github/workflows/codeql.yml create mode 100644 .github/workflows/license.yml create mode 100644 .github/workflows/release.yml create mode 100644 .license/README.md create mode 100644 .license/dependency_decisions.yml create mode 100644 OWNERS_ALIASES diff --git a/.github/ISSUE_TEMPLATE/bug-report.md b/.github/ISSUE_TEMPLATE/bug-report.md new file mode 100644 index 0000000..84c0cd2 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug-report.md @@ -0,0 +1,29 @@ +--- +name: Bug Report +about: Create a report to help us improve +title: "[BUG]" +labels: kind/bug + +--- + + + +**What happened**: + +**What you expected to happen**: + +**How to reproduce it (as minimally and precisely as possible)**: + +**Anything else we need to know?**: + +**Environment**: +- App version: +- Kubernetes version (use `kubectl version`): +- Install details (e.g. helm install args): +- Node environment (for koordlet/runtime-proxy issue): + - Containerd/Docker version: + - OS version: + - Kernal version: + - Cgroup driver: cgroupfs/systemd +- Others: + diff --git a/.github/ISSUE_TEMPLATE/proposal.md b/.github/ISSUE_TEMPLATE/proposal.md new file mode 100644 index 0000000..368fd72 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/proposal.md @@ -0,0 +1,17 @@ +--- +name: Proposal +about: Suggest an idea for this project +title: "[proposal]" +labels: kind/proposal + +--- + + + +**What is your proposal**: + + +**Why is this needed**: + + +**Is there a suggested solution, if so, please add it**: diff --git a/.github/ISSUE_TEMPLATE/question.md b/.github/ISSUE_TEMPLATE/question.md new file mode 100644 index 0000000..cfc290c --- /dev/null +++ b/.github/ISSUE_TEMPLATE/question.md @@ -0,0 +1,25 @@ +--- +name: Question +about: Support request or question relating to Koordetector +title: "[question]" +labels: kind/question + +--- + + + +**What happened:** + +**What you expected to happen:** + +**Environment:** + + + +- Koordetector version: - v0.0.1 +- Kubernetes version (use kubectl version): v1.22.5 +- docker/containerd version: containerd 1.5.0 +- OS (e.g: cat /etc/os-release): Ubuntu 20.04.4 LTS +- Kernel (e.g. uname -a): Linux 5.10.112-11.al8.x86_64 #1 SMP Tue May 24 16:05:50 CST 2022 x86_64 x86_64 x86_64 GNU/Linux + +**Anything else we need to know:** diff --git a/.github/OWNERS b/.github/OWNERS new file mode 100644 index 0000000..c0878c3 --- /dev/null +++ b/.github/OWNERS @@ -0,0 +1,6 @@ +# See the OWNERS docs at https://go.k8s.io/owners + +approvers: + - ci-approvers +reviewers: + - ci-approvers diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..9fc3b07 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,20 @@ +version: 2 +updates: + - package-ecosystem: "gomod" + directory: "/" + schedule: + interval: "daily" + labels: + - "dependencies" + commit-message: + prefix: "feat" + include: "scope" + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "daily" + labels: + - "dependencies" + commit-message: + prefix: "chore" + include: "scope" diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md new file mode 100644 index 0000000..4514c60 --- /dev/null +++ b/.github/pull_request_template.md @@ -0,0 +1,22 @@ +### Ⅰ. Describe what this PR does + + + +### Ⅱ. Does this pull request fix one issue? + + + +### Ⅲ. Describe how to verify it + +### Ⅳ. Special notes for reviews + +### V. Checklist + +- [ ] I have written necessary docs and comments +- [ ] I have added necessary unit tests and integration tests +- [ ] All checks passed in `make test` diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml new file mode 100644 index 0000000..e095e83 --- /dev/null +++ b/.github/workflows/ci.yaml @@ -0,0 +1,121 @@ +name: CI + +on: + push: + branches: + - main + - release-* + pull_request: {} + workflow_dispatch: {} + +jobs: + golangci-lint: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: actions/setup-go@v3 + with: + go-version-file: go.mod + - uses: golangci/golangci-lint-action@v3 + with: + args: --verbose + version: v1.47.3 + + unit-tests: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: actions/setup-go@v3 + with: + go-version-file: go.mod + - uses: actions/cache@v3 + with: + path: | + ~/.cache/go-build + ~/go/pkg/mod + key: ${{ runner.os }}-ut-${{ hashFiles('**/go.sum') }} + restore-keys: | + ${{ runner.os }}-ut- + - name: Check Go modules + run: | + go mod tidy && git add go.* && + git diff --cached --exit-code || (echo 'Please run "go mod tidy" to sync Go modules' && exit 1); + - name: Check manifests + run: | + make manifests && git add config && + git diff --cached --exit-code || (echo 'Please run "make manifests" to generate manifests' && exit 1); + - name: Check auto-generated codes + run: | + make generate && git add pkg apis && + git diff --cached --exit-code || (echo 'Please run "make generate" to generate Go codes' && exit 1); + - name: Verify gofmt + run: | + make fmt && git add apis pkg cmd && + git diff --cached --exit-code || (echo 'Please run "make fmt" to verify gofmt' && exit 1); + - name: Verify govet + run: | + make vet && git add apis pkg cmd && + git diff --cached --exit-code || (echo 'Please run "make vet" to verify govet' && exit 1); + - name: Run Go build + run: make build + - name: Run Go test + run: make fast-test + - name: Upload coverage to Codecov + uses: codecov/codecov-action@v3 + with: + flags: unittests + file: cover.out + fail_ci_if_error: true + verbose: true + + build-and-push: + needs: [golangci-lint, unit-tests] + if: github.ref == 'refs/heads/main' + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + target: [interference-manager] + env: + GITHUB_REG: ghcr.io + ALIYUN_BJ_REG: registry.cn-beijing.aliyuncs.com + ALIYUN_HZ_REG: registry.cn-hangzhou.aliyuncs.com + steps: + - uses: docker/setup-buildx-action@v2 + - name: Login to GHCR + uses: docker/login-action@v2 + with: + registry: ${{ env.GITHUB_REG }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Login to AliyunCS_BJ + uses: docker/login-action@v2 + with: + registry: ${{ env.ALIYUN_BJ_REG }} + username: ${{ secrets.ALIYUN_USERNAME }} + password: ${{ secrets.ALIYUN_PWD }} + - name: Login to AliyunCS_HZ + uses: docker/login-action@v2 + with: + registry: ${{ env.ALIYUN_HZ_REG }} + username: ${{ secrets.ALIYUN_USERNAME }} + password: ${{ secrets.ALIYUN_PWD }} + - name: Build and push + uses: docker/build-push-action@v4 + with: + platforms: linux/amd64 + push: true + pull: true + file: docker/${{ matrix.target }}.dockerfile + labels: | + org.opencontainers.image.title=${{ matrix.target }} + org.opencontainers.image.source=${{ github.server_url }}/${{ github.repository }} + org.opencontainers.image.revision=${{ github.sha }} + org.opencontainers.image.created=${{ github.event.repository.updated_at}} + org.opencontainers.image.licenses=Apache-2.0 + tags: | + ${{ env.GITHUB_REG }}/${{ github.repository_owner }}/${{ matrix.target }}:latest + ${{ env.ALIYUN_BJ_REG }}/${{ github.repository_owner }}/${{ matrix.target }}:latest + ${{ env.ALIYUN_HZ_REG }}/${{ github.repository_owner }}/${{ matrix.target }}:latest + cache-from: type=gha,scope=build-${{ matrix.target }} + cache-to: type=gha,mode=max,scope=build-${{ matrix.target }} diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 0000000..1c7b104 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,46 @@ +name: "CodeQL" + +on: + push: + branches: ["main"] + pull_request: + branches: ["main"] + paths-ignore: + - '**/*.md' + - 'apis/**' + - 'pkg/client/**' + schedule: + - cron: '30 16 * * 0' + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + strategy: + fail-fast: false + matrix: + language: ['go'] + steps: + - name: Checkout repository + uses: actions/checkout@v3 + - name: Setup local cache + uses: actions/cache@v3 + with: + path: | + ~/.cache/go-build + ~/go/pkg/mod + key: ${{ runner.os }}-codeql-${{ hashFiles('**/go.sum') }} + restore-keys: | + ${{ runner.os }}-codeql- + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: ${{ matrix.language }} + - name: Autobuild + uses: github/codeql-action/autobuild@v2 + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 diff --git a/.github/workflows/license.yml b/.github/workflows/license.yml new file mode 100644 index 0000000..d523826 --- /dev/null +++ b/.github/workflows/license.yml @@ -0,0 +1,29 @@ +name: License + +on: + push: + branches: + - main + - release-* + pull_request: {} + workflow_dispatch: {} + +jobs: + license-check: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: ruby/setup-ruby@v1 + with: + ruby-version: 2.6 + - name: Check license + run: | + gem install license_finder + license_finder --decisions_file .license/dependency_decisions.yml + - uses: actions/setup-go@v3 + with: + go-version: 1.17 + - name: Check license header + run: | + make lint-license && git add apis pkg cmd || exit 1 + git diff --cached --exit-code || (echo 'Please run "make lint-license" to verify license header' && exit 1); diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..3a33d65 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,86 @@ +name: Release + +on: + push: + tags: + - 'v*' + +permissions: + contents: write + packages: write + +jobs: + build-and-push: + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + target: [ interference-manager ] + env: + GITHUB_REG: ghcr.io + ALIYUN_BJ_REG: registry.cn-beijing.aliyuncs.com + ALIYUN_HZ_REG: registry.cn-hangzhou.aliyuncs.com + steps: + - uses: docker/setup-buildx-action@v2 + - name: Login to GHCR + uses: docker/login-action@v2 + with: + registry: ${{ env.GITHUB_REG }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Login to AliyunCS_BJ + uses: docker/login-action@v2 + with: + registry: ${{ env.ALIYUN_BJ_REG }} + username: ${{ secrets.ALIYUN_USERNAME }} + password: ${{ secrets.ALIYUN_PWD }} + - name: Login to AliyunCS_HZ + uses: docker/login-action@v2 + with: + registry: ${{ env.ALIYUN_HZ_REG }} + username: ${{ secrets.ALIYUN_USERNAME }} + password: ${{ secrets.ALIYUN_PWD }} + - name: Build and push + uses: docker/build-push-action@v4 + with: + platforms: linux/amd64 + push: true + pull: true + file: docker/${{ matrix.target }}.dockerfile + labels: | + org.opencontainers.image.title=${{ matrix.target }} + org.opencontainers.image.source=${{ github.server_url }}/${{ github.repository }} + org.opencontainers.image.revision=${{ github.sha }} + org.opencontainers.image.created=${{ github.event.repository.updated_at}} + org.opencontainers.image.licenses=Apache-2.0 + tags: | + ${{ env.GITHUB_REG }}/${{ github.repository_owner }}/${{ matrix.target }}:${{ github.ref_name }} + ${{ env.ALIYUN_BJ_REG }}/${{ github.repository_owner }}/${{ matrix.target }}:${{ github.ref_name }} + ${{ env.ALIYUN_HZ_REG }}/${{ github.repository_owner }}/${{ matrix.target }}:${{ github.ref_name }} + cache-from: type=gha,scope=build-${{ matrix.target }} + cache-to: type=gha,mode=max,scope=build-${{ matrix.target }} + goreleaser: + runs-on: ubuntu-latest + env: + GITHUB_REG: ghcr.io + ALIYUN_BJ_REG: registry.cn-beijing.aliyuncs.com + ALIYUN_HZ_REG: registry.cn-hangzhou.aliyuncs.com + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + fetch-depth: 0 + - name: Fetch all tags + run: git fetch --force --tags + - name: Set up Go + uses: actions/setup-go@v3 + with: + go-version-file: go.mod + - name: Run GoReleaser + uses: goreleaser/goreleaser-action@v4 + with: + distribution: goreleaser + version: latest + args: release --rm-dist + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.license/README.md b/.license/README.md new file mode 100644 index 0000000..f386fc2 --- /dev/null +++ b/.license/README.md @@ -0,0 +1,19 @@ +# License Checker + +Our license checker CI rely on [LicenseFinder](https://github.com/pivotal/LicenseFinder). + +## How to add a new license + +LicenseFinder is a ruby project, so make sure you have ruby installed. + +### Install the tool + +```shell +gem install license_finder +``` + +### Add a license + +```shell +license_finder permitted_licenses add MIT --decisions_file .license/dependency_decisions.yml +``` diff --git a/.license/dependency_decisions.yml b/.license/dependency_decisions.yml new file mode 100644 index 0000000..f721d44 --- /dev/null +++ b/.license/dependency_decisions.yml @@ -0,0 +1,43 @@ +--- +- - :permit + - MIT + - :who: + :why: + :versions: [] + :when: 2021-03-12 07:35:34.645031000 Z +- - :permit + - Apache 2.0 + - :who: + :why: + :versions: [] + :when: 2021-03-12 07:19:18.243194000 Z +- - :permit + - New BSD + - :who: + :why: + :versions: [] + :when: 2021-03-12 07:19:28.540675000 Z +- - :permit + - Simplified BSD + - :who: + :why: + :versions: [] + :when: 2021-03-12 07:20:01.774212000 Z +- - :permit + - Mozilla Public License 2.0 + - :who: + :why: + :versions: [] + :when: 2021-03-12 07:21:05.194536000 Z +- - :permit + - unknown + - :who: + :why: + :versions: [] + :when: 2021-03-12 07:21:43.379269000 Z +- - :permit + - ISC + - :who: + :why: + :versions: [] + :when: 2021-03-12 07:22:07.265966000 Z diff --git a/OWNERS_ALIASES b/OWNERS_ALIASES new file mode 100644 index 0000000..881805f --- /dev/null +++ b/OWNERS_ALIASES @@ -0,0 +1,9 @@ +# See the OWNERS_ALIASES docs at https://go.k8s.io/owners + +aliases: + + ci-approvers: + - hormes + - FillZpp + - zwzhang0107 +