-
Notifications
You must be signed in to change notification settings - Fork 25
Expand file tree
/
Copy pathTaskfile.yml
More file actions
425 lines (401 loc) · 15.7 KB
/
Taskfile.yml
File metadata and controls
425 lines (401 loc) · 15.7 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
version: '3'
# if a task is referenced multiple times, only run it once
run: once
# configure bash to recursively expand **
shopt: [globstar]
vars:
SRC_DIR:
sh: 'realpath {{default "." .SRC_DIR}}'
BUILD_ROOT:
sh: 'realpath {{default ".build" .BUILD_ROOT}}'
TIMESTAMP: # Timestamp used for any build artifacts.
# MacOS' man page isn't helpful. https://man7.org/linux/man-pages/man1/date.1.html
# Roughly ISO 8601
sh: date -u '+%Y-%m-%dT%T:%SZ'
COMMIT: # The commit to bake into any build artifacts.
sh: git rev-parse HEAD
# Version stamps for baking into build artifacts and use as tags.
# `git describe --dirty` can generate 1 of 4 outputs:
# 1. v0.0.0 - HEAD is tagged as v0.0.0 and no changes are in the index.
# 2. v0.0.0-dirty - HEAD is tagged as v0.0.0 and there are changes in the index.
# 3. v0.0.0-<N>-g<commit> - HEAD is at <commit> which is N commits away from v0.0.0; no changes in index.
# 4. v0.0.0-<N>-g<commit>-dirty - HEAD is at <commit> which is N commits away from v0.0.0; changes in index.
# `--tags` is required to match tags with `/`'s in them which we have due to go modules' tagging conventions.
# `--match` is used to target tags that apply to a specific module.
# `--always` is a fallback to print out the commit if no tag is found.
# `sed` is used to trim off the qualifying parts of the tag so we just get the "version".
OPERATOR_VERSION:
sh: '{{.SRC_DIR}}/ci/scripts/version.sh operator'
CONSOLE_CHART_VERSION:
# NB: CONSOLE_CHART_VERSION is currently only used for the console chart's nightly releases.
sh: '{{.SRC_DIR}}/ci/scripts/version.sh charts/console'
includes:
build: taskfiles/build.yml
charts: taskfiles/charts.yml
ci: taskfiles/ci.yml
dev: taskfiles/dev.yml
k8s: taskfiles/k8s.yml
tasks:
lint:
desc: "Lint all go code and helm charts"
vars:
_PKG:
sh: go work edit -json | jq -j '.Use.[].DiskPath + "/... "'
PKG: '{{ .PKG | default ._PKG }}'
cmds:
- golangci-lint run --timeout 28m {{.PKG}} {{.CLI_ARGS}}
- task: charts:download-dependencies
vars: { CHART: redpanda/chart }
- helm lint --strict ./charts/console/chart ./charts/connectors ./charts/redpanda/chart ./operator/chart/
- actionlint
lint-fix:
desc: "equivalent to task lint -- --fix"
cmds:
- task: lint
vars:
CLI_ARGS: "--fix"
mod:tidy:
desc: "Runs go mod tidy on all go modules in this repo"
# This isn't the most accurate check as any new imports in go files may
# require go mod tidy to get re-run. Builds will fail and CI will always
# re-run this task, so some false negatives are acceptable.
sources:
- ./**/go.mod
- ./**/go.sum
vars:
MOD:
sh: go work edit -json | jq -r '.Use.[].DiskPath'
cmds:
# go.works make things a bit funky. We have to sync twice to avoid
# accidentally upgrading deps everywhere which can be quite disruptive.
#
# The first sync will ensure that any newly added transient deps get pulled
# in at the same version as our other modules, if applicable.
# If we have Mod A and B and a 3rd party dep X such that:
# A -> B -> X
# if A imports X:
# `go mod tidy` will pull in the most recent version of X.
# `go work sync` will pull in the version that B is using.
- go work sync
- for:
var: MOD
cmd: go mod tidy -C {{.ITEM}}
# The second go work sync, is the more standard go work sync. Any newly
# added deps will get added to the go.work.sum file.
- go work sync
fmt:
desc: "gofumpt all go code"
cmds:
- gofumpt -w ./
generate:
desc: "[re]generate all generated files"
cmds:
- task: mod:tidy
# update-licenses may update licenses/boilerplate.go.txt which is used
# for _some_ of k8s:generate. For simplicity, we just run update-licenses
# twice.
- task: dev:update-licenses
- task: generate:applyconfig-copy
- task: k8s:generate
- task: dev:update-licenses
- task: charts:generate
- task: generate:third-party-licenses-list
- task: generate:changelog
- task: generate:buildkite-pipelines
- buf generate
- task: lint-fix
- nix fmt . # Ensure flake.nix has been formatted.
generate:buildkite-pipelines:
deps:
- build:gen
cmds:
- gen pipeline testsuite > .buildkite/testsuite.yml
generate:applyconfig-copy:
deps:
- build:gen
cmds:
- gen applyconfig-copy --header "licenses/boilerplate.go.txt" --package "v1alpha2" --out "./operator/api/redpanda/v1alpha2/zz_generated.applyconfigcopy.go" --test "./operator/api/redpanda/v1alpha2/zz_generated.applyconfigcopy_test.go" --struct "PodSpecApplyConfiguration" k8s.io/client-go/applyconfigurations/core/v1
generate:third-party-licenses-list:
dir: operator
method: checksum
generates:
- ../licenses/third_party.md
sources:
- ./go.mod
- ./go.sum
cmds:
# Our own packages should not be reported as third party license
# The example.com/example depedency is ignored as it's part of the
# gotohelm test suite (visit ./pkg/gotohelm/testdata/src/example/go.mod)
# Starting at Go 1.26.1, go std libraries no longer work with go-licenses report
# so we have to explicitly enumerate them in the --ignore.
# Also, there are additional libraries that we have to ignore, since go-licenses fails
# saying that given library "contains non-Go code that can't be inspected for further dependencies".
# For more information, see https://github.com/google/go-licenses/issues/128
- |
go-licenses report --template ../licenses/third_party.md.tpl \
--ignore buf.build/gen/go/redpandadata \
--ignore buf.build/gen/go/bufbuild \
--ignore buf.build/gen/go/grpc-ecosystem \
--ignore example.com/example \
--ignore github.com/redpanda-data/common-go \
--ignore github.com/redpanda-data/console/backend \
--ignore github.com/redpanda-data/redpanda \
--ignore github.com/redpanda-data/redpanda-operator \
--ignore archive \
--ignore bufio \
--ignore bytes \
--ignore cmp \
--ignore compress \
--ignore container \
--ignore context \
--ignore crypto \
--ignore database \
--ignore debug \
--ignore embed \
--ignore encoding \
--ignore errors \
--ignore expvar \
--ignore flag \
--ignore fmt \
--ignore go/ast \
--ignore go/build \
--ignore go/constant \
--ignore go/doc \
--ignore go/format \
--ignore go/importer \
--ignore go/internal/scannerhooks \
--ignore go/parser \
--ignore go/printer \
--ignore go/scanner \
--ignore go/token \
--ignore go/types \
--ignore go/version \
--ignore hash \
--ignore html \
--ignore image \
--ignore index \
--ignore internal \
--ignore io \
--ignore iter \
--ignore log \
--ignore maps \
--ignore math \
--ignore mime \
--ignore net \
--ignore os \
--ignore path \
--ignore plugin \
--ignore reflect \
--ignore regexp \
--ignore runtime \
--ignore slices \
--ignore sort \
--ignore strconv \
--ignore strings \
--ignore sync \
--ignore syscall \
--ignore testing \
--ignore text \
--ignore time \
--ignore unicode \
--ignore unique \
--ignore unsafe \
--ignore vendor \
--ignore weak \
--ignore github.com/modern-go/reflect2 \
--ignore golang.org/x/sys/unix \
--ignore golang.org/x/crypto/chacha20poly1305 \
--ignore golang.org/x/crypto/internal/poly1305 \
--ignore golang.org/x/sys/cpu \
--ignore github.com/cespare/xxhash/v2 \
--ignore github.com/klauspost/compress/s2 \
--ignore github.com/klauspost/compress/zstd \
--ignore github.com/klauspost/compress/huff0 \
--ignore github.com/klauspost/compress/internal/cpuinfo \
--ignore github.com/klauspost/compress/zstd/internal/xxhash \
--ignore github.com/pierrec/lz4/v4/internal/lz4block \
--ignore golang.org/x/crypto/salsa20/salsa \
./... > ../licenses/third_party.md
generate:changelog:
generates:
- charts/*/CHANGELOG.md
- operator/CHANGELOG.md
sources:
- ./.changes/**/*.md
- ./.changes/**/*.yaml
cmds:
- changie merge # Ensure CHANGELOG.mds are up to date.
build:
cmds:
- task: build:operator
build:image:
aliases:
- build:images
cmds:
- task: build:operator-image
vars:
CLI_ARGS: '--load {{.CLI_ARGS}}'
build:charts:
desc: "Run helm dep build for all charts"
cmds:
- helm dep build ./charts/redpanda/chart
test:unit:
desc: "Run all unit tests (~5m)"
vars:
GO_TEST_RUNNER: '{{default "go test" .GO_TEST_RUNNER}}'
_PKG:
sh: go work edit -json | jq -j '.Use.[].DiskPath + "/... "'
PKG: '{{ .PKG | default ._PKG }}'
# When using gotestsum with --packages, packages must be a single
# quoted arg and -- separates gotestsum flags from go test args.
_USE_PACKAGES: '{{if contains "--packages" .GO_TEST_RUNNER}}true{{end}}'
cmds:
- |
{{- if ._USE_PACKAGES}}
{{.GO_TEST_RUNNER}} "{{.PKG}}" -- {{.CLI_ARGS}}
{{- else}}
{{.GO_TEST_RUNNER}} {{.PKG}} {{.CLI_ARGS}}
{{- end}}
test:integration:
desc: "Run all integration tests (~90m)"
deps:
# The operator image is required to test the configurator and sidecar.
# In integration tests, the operator itself will be run from the go test process.
- task: build:image
vars:
CLI_ARGS: '' # Don't forward CLI args to build:image
- task: build:charts
- task: test:pull-images
vars:
RUN: '{{ default `"^TestIntegration"` .RUN }}'
cmds:
- task: test:unit
vars:
GO_TEST_RUNNER:
ref: .GO_TEST_RUNNER
CLI_ARGS: '{{.CLI_ARGS}} -run {{.RUN}} -timeout 60m -tags integration'
test:multicluster:
desc: "Run all multicluster tests (~60m)"
deps:
- task: build:image
vars:
CLI_ARGS: '' # Don't forward CLI args to build:image
- task: test:pull-images
vars:
RUN: '{{ default `"^TestMulticluster"` .RUN }}'
GO_TEST_RUNNER: '{{default "go test" .GO_TEST_RUNNER}}'
cmds:
- task: test:unit
vars:
GO_TEST_RUNNER:
ref: .GO_TEST_RUNNER
CLI_ARGS: '{{.CLI_ARGS}} -run {{.RUN}} -timeout 60m -tags multicluster'
test:acceptance:
desc: "Run all acceptance tests (~90m)"
deps:
- task: test:pull-images
- task: build:image
vars:
CLI_ARGS: '' # Don't forward CLI args to build:image
- task: build:charts
vars:
RUN: '{{ default `"^TestAcceptance"` .RUN }}'
GO_TEST_RUNNER: '{{default "go test" .GO_TEST_RUNNER}}'
cmds:
- task: test:unit
vars:
GO_TEST_RUNNER:
ref: .GO_TEST_RUNNER
# Minor speed up only building the acceptance package, which (surprise
# surprise) is the only package with acceptance tests.
PKG: ./acceptance/
CLI_ARGS: '{{.CLI_ARGS}} -run {{.RUN}} -timeout 85m -tags acceptance'
test:acceptance-multicluster:
desc: "Run multicluster acceptance tests (~60m)"
deps:
- task: test:pull-images
- task: build:image
vars:
CLI_ARGS: '' # Don't forward CLI args to build:image
- task: build:charts
vars:
RUN: '{{ default `"^TestAcceptance"` .RUN }}'
GO_TEST_RUNNER: '{{default "go test" .GO_TEST_RUNNER}}'
cmds:
- task: test:unit
vars:
GO_TEST_RUNNER: 'HARPOON_GROUPS=multicluster {{.GO_TEST_RUNNER}}'
PKG: ./acceptance/
CLI_ARGS: '{{.CLI_ARGS}} -run {{.RUN}} -timeout 60m -tags acceptance'
test:pull-images:
vars:
DEFAULT_TEST_CERTMANAGER_VERSION: v1.14.2
DEFAULT_SECOND_TEST_CERTMANAGER_VERSION: v1.17.2
DEFAULT_TEST_REDPANDA_REPO: redpandadata/redpanda-unstable
DEFAULT_TEST_REDPANDA_VERSION: v26.1.1-rc5
DEFAULT_TEST_UPGRADE_REDPANDA_REPO: redpandadata/redpanda
DEFAULT_TEST_UPGRADE_REDPANDA_VERSION: v24.3.11
DEFAULT_TEST_UPGRADE_OPERATOR_VERSION: v2.3.9-24.3.11
DEFAULT_TEST_VCLUSTER_VERSION: 0.31.2
DEFAULT_TEST_KUBE_VERSION: v1.32.13
DEFAULT_TEST_COREDNS_VERSION: 1.11.1
TEST_CERTMANAGER_VERSION: '{{ .TEST_CERTMANAGER_VERSION | default .DEFAULT_TEST_CERTMANAGER_VERSION }}'
SECOND_TEST_CERTMANAGER_VERSION: '{{ .SECOND_TEST_CERTMANAGER_VERSION | default .DEFAULT_SECOND_TEST_CERTMANAGER_VERSION }}'
TEST_REDPANDA_REPO: '{{ .TEST_REDPANDA_REPO | default .DEFAULT_TEST_REDPANDA_REPO }}'
TEST_REDPANDA_VERSION: '{{ .TEST_REDPANDA_VERSION | default .DEFAULT_TEST_REDPANDA_VERSION }}'
TEST_UPGRADE_REDPANDA_REPO: '{{ .TEST_UPGRADE_REDPANDA_REPO | default .DEFAULT_TEST_UPGRADE_REDPANDA_REPO }}'
TEST_UPGRADE_REDPANDA_VERSION: '{{ .TEST_UPGRADE_REDPANDA_VERSION | default .DEFAULT_TEST_UPGRADE_REDPANDA_VERSION }}'
TEST_UPGRADE_OPERATOR_VERSION: '{{ .TEST_UPGRADE_OPERATOR_VERSION | default .DEFAULT_TEST_UPGRADE_OPERATOR_VERSION }}'
TEST_VCLUSTER_VERSION: '{{ .TEST_VCLUSTER_VERSION | default .DEFAULT_TEST_VCLUSTER_VERSION }}'
TEST_KUBE_VERSION: '{{ .TEST_KUBE_VERSION | default .DEFAULT_TEST_KUBE_VERSION }}'
TEST_COREDNS_VERSION: '{{ .TEST_COREDNS_VERSION | default .DEFAULT_TEST_COREDNS_VERSION }}'
IMAGES:
# k3d infrastructure images — pre-pulling avoids slow pulls during cluster creation.
- rancher/k3s:v1.32.13-k3s1
- ghcr.io/k3d-io/k3d-tools:5.8.3
- ghcr.io/k3d-io/k3d-proxy:5.8.3
- quay.io/jetstack/cert-manager-controller:{{.TEST_CERTMANAGER_VERSION}}
- quay.io/jetstack/cert-manager-cainjector:{{.TEST_CERTMANAGER_VERSION}}
- quay.io/jetstack/cert-manager-startupapicheck:{{.TEST_CERTMANAGER_VERSION}}
- quay.io/jetstack/cert-manager-webhook:{{.TEST_CERTMANAGER_VERSION}}
- quay.io/jetstack/cert-manager-controller:{{.SECOND_TEST_CERTMANAGER_VERSION}}
- quay.io/jetstack/cert-manager-cainjector:{{.SECOND_TEST_CERTMANAGER_VERSION}}
- quay.io/jetstack/cert-manager-webhook:{{.SECOND_TEST_CERTMANAGER_VERSION}}
- '{{.TEST_REDPANDA_REPO}}:{{.TEST_REDPANDA_VERSION}}'
- '{{.DEFAULT_TEST_UPGRADE_REDPANDA_REPO}}:{{.TEST_UPGRADE_REDPANDA_VERSION}}'
- redpandadata/redpanda-operator:v25.1.3
- redpandadata/redpanda-operator:v25.2.2
- redpandadata/redpanda-operator:v25.3.1
- redpandadata/redpanda-operator:{{.TEST_UPGRADE_OPERATOR_VERSION}}
- ghcr.io/loft-sh/vcluster-pro:{{.TEST_VCLUSTER_VERSION}}
- registry.k8s.io/kube-controller-manager:{{.TEST_KUBE_VERSION}}
- registry.k8s.io/kube-apiserver:{{.TEST_KUBE_VERSION}}
- coredns/coredns:{{.TEST_COREDNS_VERSION}}
- redpandadata/redpanda-unstable:v24.3.1-rc4
- redpandadata/redpanda-unstable:v24.3.1-rc8
- redpandadata/redpanda-unstable:v25.2.1-rc7
- redpandadata/redpanda-unstable:v25.3.1-rc2
- redpandadata/redpanda-unstable:v25.3.1-rc4
- redpandadata/redpanda-unstable:v26.1.1-rc5
- redpandadata/redpanda-nightly:v0.0.0-20260330git0d4187b
- redpandadata/redpanda-operator-nightly:v0.0.0-20250129gita89e202
- redpandadata/redpanda:v23.2.8
- redpandadata/redpanda:v24.2.9
- redpandadata/redpanda:v25.1.1
- redpandadata/redpanda:v25.2.1
- redpandadata/redpanda:v25.2.11
- redpandadata/redpanda:v26.1.1
cmds:
- |
pids=""
{{range .IMAGES}}
(docker inspect "{{.}}" > /dev/null 2>&1 || docker pull -q "{{.}}") &
pids="$pids $!"
{{end}}
for pid in $pids; do wait "$pid" || true; done
pending-prs:
desc: "Get all pending PRs for watched branches"
silent: true
cmds:
- ./.github/workflows/scripts/pending-prs terminal redpanda-data/redpanda-operator