Skip to content

Commit

Permalink
Merge branch 'main' into update-go-on-2.9
Browse files Browse the repository at this point in the history
  • Loading branch information
ying-jeanne authored Oct 12, 2023
2 parents ac564c1 + a73c50c commit 3d9486a
Show file tree
Hide file tree
Showing 4,145 changed files with 330,618 additions and 147,615 deletions.
The diff you're trying to view is too large. We only load the first 3000 changed files.
25 changes: 0 additions & 25 deletions .github/dependabot.yml

This file was deleted.

26 changes: 26 additions & 0 deletions .github/workflows/allowlist.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
[
{
"name": "sigs.k8s.io/kustomize/kyaml",
"reason": "the library is only used for CI not in production"
},
{
"name": "github.com/xlab/treeprint",
"reason": "the library is only used in tests"
},
{
"name": "github.com/aws/aws-sdk-go",
"reason": "the library is quite stable"
},
{
"name": "github.com/stretchr/testify",
"reason": "the library is only used in tests"
},
{
"name": "github.com/hashicorp/golang-lru/v2",
"reason": "stable library, getting bugfixes"
},
{
"name": "github.com/google/uuid",
"reason": "stable library, getting bugfixes"
}
]
2 changes: 1 addition & 1 deletion .github/workflows/backport.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout Actions
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
repository: "grafana/grafana-github-actions"
path: ./actions
Expand Down
40 changes: 34 additions & 6 deletions .github/workflows/compare-helm-with-jsonnet.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,32 +10,60 @@ concurrency:
cancel-in-progress: true

jobs:
prepare:
runs-on: ubuntu-latest
steps:
- name: Check out repository
uses: actions/checkout@v4
- name: Get build image from Makefile
id: build_image_step
run: echo "build_image=$(make print-build-image)" >> "$GITHUB_OUTPUT"
outputs:
build_image: ${{ steps.build_image_step.outputs.build_image }}

goversion:
runs-on: ubuntu-latest
needs: prepare
container:
image: ${{ needs.prepare.outputs.build_image }}
steps:
- uses: actions/checkout@v4
- name: Run Git Config
run: git config --global --add safe.directory '*'
- name: Get Go Version
id: go-version
run: |
echo "version=$(make BUILD_IN_CONTAINER=false print-go-version)" >> "$GITHUB_OUTPUT"
outputs:
version: ${{ steps.go-version.outputs.version }}

compare-manifests:
runs-on: ubuntu-latest
needs: goversion
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
- uses: actions/setup-go@v4
with:
go-version: '1.20.5'
- uses: helm/kind-action@v1.2.0
go-version: ${{ needs.goversion.outputs.version }}
- uses: helm/kind-action@v1.8.0
- name: Download yq
uses: dsaltares/fetch-gh-release-asset@d9376dacd30fd38f49238586cd2e9295a8307f4c
uses: dsaltares/fetch-gh-release-asset@1.1.1
with:
repo: 'mikefarah/yq'
version: 'tags/v4.30.6'
file: 'yq_linux_amd64'
target: 'bin/yq'
token: ${{ secrets.GITHUB_TOKEN }}
- name: Download tk
uses: dsaltares/fetch-gh-release-asset@d9376dacd30fd38f49238586cd2e9295a8307f4c
uses: dsaltares/fetch-gh-release-asset@1.1.1
with:
repo: 'grafana/tanka'
version: 'tags/v0.22.1'
file: 'tk-linux-amd64'
target: 'bin/tk'
token: ${{ secrets.GITHUB_TOKEN }}
- name: Download jb
uses: dsaltares/fetch-gh-release-asset@d9376dacd30fd38f49238586cd2e9295a8307f4c
uses: dsaltares/fetch-gh-release-asset@1.1.1
with:
repo: 'jsonnet-bundler/jsonnet-bundler'
version: 'tags/v0.5.1'
Expand Down
83 changes: 83 additions & 0 deletions .github/workflows/dependabot_reviewer.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,83 @@
# Auto-merge as documented in official Github docs
# https://docs.github.com/en/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions

name: Auto-review Dependabot PRs
on: pull_request_target

permissions:
pull-requests: write
contents: write

jobs:
dependabot-reviewer:
runs-on: ubuntu-latest

if: ${{ github.event.pull_request.user.login == 'dependabot[bot]' }}

steps:
- name: Checkout Repository
uses: actions/checkout@v4

- name: Dependabot metadata
id: metadata
uses: dependabot/[email protected]
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"

- name: Check allowlist
id: check-allowlist
if: steps.metadata.outputs.update-type == 'version-update:semver-patch' || steps.metadata.outputs.update-type == 'version-update:semver-minor'
run: |
cfg_path=".github/workflows/allowlist.json"
IFS=', ' read -r -a libsUpdated <<< "${{ steps.metadata.outputs.dependency-names }}"
# Loop through the array to make sure all updated libraries are in the allowlist
all_in_allowlist="true"
reason_array=()
# If any element is not in the allowlist, set the flag to false
for lib in "${libsUpdated[@]}"; do
exists=$(jq --arg lib "$lib" 'any(.[]; .name == $lib)' $cfg_path)
if [[ "$exists" != "true" ]]; then
all_in_allowlist="false"
break
else
reason_array+=("$(jq -r --arg lib "$lib" '.[] | select(.name == $lib) | .reason' $cfg_path)")
fi
done
if [[ "$all_in_allowlist" == "true" ]]; then
reasons=$(IFS=','; echo "${reason_array[*]}")
echo "reasons=$reasons" >> $GITHUB_OUTPUT
echo "allInAllowlist=true" >> $GITHUB_OUTPUT
else
echo "allInAllowlist=false" >> $GITHUB_OUTPUT
fi
- name: Approve and auto-merge
if: steps.check-allowlist.conclusion == 'success' && steps.check-allowlist.outputs.allInAllowlist == 'true'
run: |
gh pr merge --auto --squash "$PR_URL"
gh pr review $PR_URL \
--approve -b "**I'm approving** this pull request because it includes a patch or minor \
update to dependencies that are already in the allowlist.
The reason this library is in the allowlist is that ${{ steps.check-allowlist.outputs.reasons}}"
env:
PR_URL: ${{github.event.pull_request.html_url}}
GITHUB_TOKEN: ${{secrets.GH_BOT_ACCESS_TOKEN}}

- name: Manual review is required
if: steps.check-allowlist.conclusion != 'success' || steps.check-allowlist.outputs.allInAllowlist == 'false'
run: |
gh pr comment $PR_URL --body "**This library is not auto-approved**
Unfortunately, this library is a major version update or it is not included in our allowlist, which means it cannot be auto-approved. \
If you believe it should be considered for auto-approval, please open a pull request to add \
it to the allowlist configuration.
To add this library to the allowlist, please modify the [allowlist.json](https://github.com/grafana/mimir/tree/main/.github/workflows/allowlist.json) file and \
include the necessary details for review."
env:
PR_URL: ${{github.event.pull_request.html_url}}
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
74 changes: 74 additions & 0 deletions .github/workflows/generate-docs-helm-tests-renovate-pr.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,74 @@
name: Regenerate docs and helm tests

# configure trigger by pull request
on:
pull_request:
types: [opened, synchronize]
paths:
- 'operations/helm/**'

concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number }}
cancel-in-progress: true

jobs:
prepare:
if: github.event.pull_request.user.login == 'renovate[bot]'
runs-on: ubuntu-latest
steps:
- name: Check out repository
uses: actions/checkout@v4
- name: Get build image from Makefile
id: build_image_step
run: echo "build_image=$(make print-build-image)" >> "$GITHUB_OUTPUT"
outputs:
build_image: ${{ steps.build_image_step.outputs.build_image }}

lint_and_update:
runs-on: ubuntu-latest
needs:
- prepare
container:
image: ${{ needs.prepare.outputs.build_image }}
steps:
- name: Checkout Repository
uses: actions/checkout@v4
with:
token: ${{ secrets.GH_BOT_ACCESS_TOKEN }}

- name: Run Git Config
run: |
git config --global --add safe.directory '*'
git config --global user.email "${{ github.event.pull_request.user.login }}@users.noreply.github.com"
git config --global user.name "${{ github.event.pull_request.user.login }}"
- name: Install the gh cli
uses: ksivamuthu/actions-setup-gh-cli@v2

- name: Checkout Pull Request Branch
run: gh pr checkout ${{ github.event.pull_request.number }}
env:
GITHUB_TOKEN: ${{ secrets.GH_BOT_ACCESS_TOKEN }}

- name: Run make targets
id: update
run: |
make BUILD_IN_CONTAINER=false doc build-helm-tests
- name: Check Updates
id: check_updates
run: |
if ./tools/find-diff-or-untracked.sh operations/helm/; then
echo "diff=0" >> "$GITHUB_OUTPUT" # Script success, no change
else
echo "diff=1" >> "$GITHUB_OUTPUT" # Script failed, changes exist
fi
- name: Update PR
id: update_pr
if: steps.check_updates.outputs.diff != '0'
run: |
echo "Add commit for regenerating helm tests and docs"
git add operations/helm/
git commit -m "Update build with regenerated helm tests and docs"
git push
6 changes: 4 additions & 2 deletions .github/workflows/helm-ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,12 +14,14 @@ jobs:
ct_configfile: operations/helm/ct.yaml
ct_check_version_increment: false
helm_version: v3.8.2
kind_kubectl_version: v1.20.8
kind_node_image: kindest/node:v1.20.15

prepare:
runs-on: ubuntu-latest
steps:
- name: Check out repository
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Get build image from Makefile
id: build_image_step
run: echo "build_image=$(make print-build-image)" >> "$GITHUB_OUTPUT"
Expand All @@ -34,7 +36,7 @@ jobs:
image: ${{ needs.prepare.outputs.build_image }}
steps:
- name: Check out repository
uses: actions/checkout@v3
uses: actions/checkout@v4

- name: Run Git Config
run: git config --global --add safe.directory '*'
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/helm-weekly-release-pr.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,15 +10,15 @@ jobs:
weekly-release-pr:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: imjasonh/setup-crane@v0.1
- uses: actions/checkout@v4
- uses: imjasonh/setup-crane@v0.3

- name: Update/regenerate files
id: update
run: bash .github/workflows/scripts/helm-weekly-release.sh

- name: Create Pull Request
uses: peter-evans/create-pull-request@v4
uses: peter-evans/create-pull-request@v5
with:
token: ${{ secrets.GH_BOT_ACCESS_TOKEN }}
title: Release mimir-distributed Helm chart ${{ steps.update.outputs.new_chart_version }}
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/issue_and_pr_commands.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout Actions
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
repository: "grafana/grafana-github-actions"
path: ./actions
Expand Down
16 changes: 2 additions & 14 deletions .github/workflows/publish-technical-documentation-next.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,26 +10,14 @@ on:
workflow_dispatch:
jobs:
test:
runs-on: "ubuntu-latest"
steps:
- name: "Check out code"
uses: "actions/checkout@v3"
- name: "Build website"
run: |
docker run \
-v ${PWD}/docs/sources/mimir:/hugo/content/docs/mimir/latest \
-v ${PWD}/docs/sources/helm-charts/mimir-distributed:/hugo/content/docs/helm-charts/mimir-distributed/latest \
-e HUGO_REFLINKSERRORLEVEL=ERROR \
--rm \
grafana/docs-base:latest \
/bin/bash -c 'make hugo'
uses: ./.github/workflows/test-docs.yml

sync:
runs-on: "ubuntu-latest"
needs: "test"
steps:
- name: "Check out code"
uses: "actions/checkout@v3"
uses: "actions/checkout@v4"

- name: "Clone website-sync Action"
# WEBSITE_SYNC_TOKEN is a fine-grained GitHub Personal Access Token that expires.
Expand Down
Loading

0 comments on commit 3d9486a

Please sign in to comment.