-
Notifications
You must be signed in to change notification settings - Fork 3.6k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: build binaries and Docker images in CI
For releases we need to have Docker images and binary images available for the user to actually run influxdb3. These CI changes will build the binaries on a release tag and the Docker image as well, test, sign, and publish them and make them available for download. Co-Authored-By: Brandon Pfeifer <bpfeifer@influxdata.com>
- Loading branch information
Showing
20 changed files
with
845 additions
and
75 deletions.
There are no files selected for viewing
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,51 @@ | ||
|
||
version: | ||
release: | ||
match: '^v[0-9]+.[0-9]+.[0-9]+' | ||
value: '{{env.CIRCLE_TAG[1:]}}' | ||
default: | ||
value: '3.x-{{env.CIRCLE_SHA1[:8]}}' | ||
|
||
sources: | ||
- binary: /tmp/workspace/artifacts/influxdb3-edge_x86_64-unknown-linux-musl.tar.gz | ||
target: artifacts/ | ||
arch: amd64 | ||
plat: linux | ||
|
||
- binary: /tmp/workspace/artifacts/influxdb3-edge_aarch64-unknown-linux-musl.tar.gz | ||
target: artifacts/ | ||
arch: arm64 | ||
plat: linux | ||
|
||
- binary: /tmp/workspace/artifacts/influxdb3-edge_aarch64-apple-darwin.tar.gz | ||
target: artifacts/ | ||
arch: amd64 | ||
plat: darwin | ||
|
||
- binary: /tmp/workspace/artifacts/influxdb3-edge_x86_64-pc-windows-gnu.tar.gz | ||
target: artifacts/ | ||
arch: amd64 | ||
plat: windows | ||
|
||
packages: | ||
- name: influxdb3 | ||
description: Monolithic time-series database. | ||
license: MIT/Apache-2.0 | ||
binaries: | ||
- influxdb3 | ||
- influxdb3.exe | ||
extras: | ||
- source: LICENSE-APACHE | ||
target: usr/share/influxdb3/LICENSE-APACHE | ||
|
||
- source: LICENSE-MIT | ||
target: usr/share/influxdb3/LICENSE-MIT | ||
|
||
- source: README.md | ||
target: usr/share/influxdb3/README.md | ||
#perm_overrides: | ||
deb_recommends: | ||
- influxdb3-cli | ||
#conflicts: | ||
#depends: | ||
source: .circleci/packages/influxdb3 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
#!/bin/bash | ||
|
||
BIN_DIR=/usr/bin | ||
DATA_DIR=/var/lib/influxdb3 | ||
LOG_DIR=/var/log/influxdb3 | ||
|
||
# Distribution-specific logic | ||
if [[ -f /etc/debian_version ]]; then | ||
# Ownership for RH-based platforms is set in build.py via the `rmp-attr` option. | ||
# We perform ownership change only for Debian-based systems. | ||
# Moving these lines out of this if statement would make `rmp -V` fail after installation. | ||
chown -R -L influxdb:influxdb $LOG_DIR | ||
chown -R -L influxdb:influxdb $DATA_DIR | ||
chmod 755 $LOG_DIR | ||
chmod 755 $DATA_DIR | ||
fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
#!/bin/bash | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
#!/bin/bash | ||
|
||
DATA_DIR=/var/lib/influxdb3 | ||
USER=influxdb3 | ||
GROUP=influxdb3 | ||
LOG_DIR=/var/log/influxdb3 | ||
|
||
if ! id influxdb3 &>/dev/null; then | ||
useradd --system -U -M influxdb3 -s /bin/false -d $DATA_DIR | ||
fi | ||
|
||
# check if DATA_DIR exists | ||
if [ ! -d "$DATA_DIR" ]; then | ||
mkdir -p $DATA_DIR | ||
chown $USER:$GROUP $DATA_DIR | ||
fi | ||
|
||
# check if LOG_DIR exists | ||
if [ ! -d "$LOG_DIR" ]; then | ||
mkdir -p $LOG_DIR | ||
chown $USER:$GROUP $DATA_DIR | ||
fi |
Empty file.
Empty file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
#!/bin/bash | ||
set -o errexit \ | ||
-o nounset \ | ||
-o pipefail | ||
|
||
path="$(dirname "$(realpath "${BASH_SOURCE[0]}")")" | ||
|
||
"${path}/validate" deb "${1}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,97 @@ | ||
#!/bin/bash | ||
set -o errexit \ | ||
-o nounset \ | ||
-o pipefail | ||
|
||
# $1 -> architecture | ||
# $2 -> package path | ||
case ${1} in | ||
x86_64) arch=x86_64 ;; | ||
aarch64) arch=arm64 ;; | ||
esac | ||
|
||
package="$(realpath "${2}")" | ||
|
||
path="$(dirname "$(realpath "${BASH_SOURCE[0]}")")" | ||
|
||
terraform_init() { | ||
pushd "${path}/tf" &>/dev/null | ||
|
||
# Unfortunately, CircleCI doesn't offer any RPM based machine images. | ||
# This is required to test the functionality of the systemd services. | ||
# (systemd doesn't run within docker containers). This will spawn a | ||
# Amazon Linux instance in AWS. | ||
terraform init | ||
terraform apply \ | ||
-auto-approve \ | ||
-var "architecture=${1}" \ | ||
-var "package_path=${2}" \ | ||
-var "identifier=${CIRCLE_JOB}" | ||
|
||
popd &>/dev/null | ||
} | ||
|
||
terraform_free() { | ||
pushd "${path}/tf" &>/dev/null | ||
|
||
terraform destroy \ | ||
-auto-approve \ | ||
-var "architecture=${1}" \ | ||
-var "package_path=${2}" \ | ||
-var "identifier=${CIRCLE_JOB}" | ||
|
||
popd &>/dev/null | ||
} | ||
|
||
terraform_ip() { | ||
pushd "${path}/tf" &>/dev/null | ||
|
||
terraform output -raw node_ssh | ||
|
||
popd &>/dev/null | ||
} | ||
|
||
|
||
# This ensures that the associated resources within AWS are released | ||
# upon exit or when encountering an error. This is setup before the | ||
# call to "terraform apply" so even partially initialized resources | ||
# are released. | ||
# shellcheck disable=SC2064 | ||
trap "terraform_free \"${arch}\" \"${package}\"" \ | ||
SIGINT \ | ||
SIGTERM \ | ||
ERR \ | ||
EXIT | ||
|
||
function terraform_setup() | ||
{ | ||
# TODO(bnpfeife): remove this once the executor is updated. | ||
# | ||
# Unfortunately, terraform provided by the CircleCI executor is *terribly* | ||
# out of date. Most Linux distributions are disabling "ssh-rsa" public key | ||
# algorithms which this uses to remote into the ec2 instance . This | ||
# installs the latest version of terraform. | ||
# | ||
# Addendum: the "terraform_version" CircleCI option is broken! | ||
sudo tee /etc/apt/sources.list.d/hashicorp.list <<EOF >/dev/null || true | ||
deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main | ||
EOF | ||
|
||
curl -fL https://apt.releases.hashicorp.com/gpg | gpg --dearmor | \ | ||
sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg >/dev/null | ||
|
||
export DEBIAN_FRONTEND=noninteractive | ||
sudo -E apt-get update | ||
sudo -E apt-get install --yes terraform | ||
} | ||
|
||
terraform_setup | ||
|
||
terraform_init "${arch}" "${package}" | ||
|
||
printf 'Setup complete! Testing %s... (this takes several minutes!)' "${1}" | ||
|
||
# Since terraform *just* created this instance, the host key is not | ||
# known. Therefore, we'll disable StrictHostKeyChecking so ssh does | ||
# not wait for user input. | ||
ssh -o 'StrictHostKeyChecking=no' "ec2-user@$(terraform_ip)" 'sudo ./validate rpm ./influxdb3.rpm' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,114 @@ | ||
terraform { | ||
required_providers { | ||
aws = { | ||
source = "hashicorp/aws" | ||
version = "~> 2.70" | ||
} | ||
} | ||
} | ||
|
||
variable "architecture" { | ||
type = string | ||
} | ||
|
||
variable "identifier" { | ||
type = string | ||
} | ||
|
||
variable "package_path" { | ||
type = string | ||
} | ||
|
||
provider "aws" { | ||
region = "us-east-1" | ||
} | ||
|
||
data "aws_ami" "test_ami" { | ||
most_recent = true | ||
|
||
filter { | ||
name = "name" | ||
values = ["al20*-ami-20*"] | ||
} | ||
filter { | ||
name = "virtualization-type" | ||
values = ["hvm"] | ||
} | ||
filter { | ||
name = "architecture" | ||
values = [var.architecture] | ||
} | ||
|
||
owners = ["137112412989"] | ||
} | ||
|
||
resource "aws_security_group" "influxdb_test_package_sg" { | ||
ingress { | ||
description = "Allow ssh connection" | ||
from_port = 22 | ||
to_port = 22 | ||
protocol = "tcp" | ||
cidr_blocks = ["0.0.0.0/0"] | ||
} | ||
|
||
egress { | ||
description = "Allow all outgoing" | ||
from_port = 0 | ||
to_port = 0 | ||
protocol = "all" | ||
cidr_blocks = ["0.0.0.0/0"] | ||
} | ||
} | ||
|
||
resource "aws_instance" "test_instance" { | ||
count = 1 | ||
ami = data.aws_ami.test_ami.id | ||
instance_type = var.architecture == "x86_64" ? "t2.micro" : "c6g.medium" | ||
key_name = "circleci-oss-test" | ||
vpc_security_group_ids = [aws_security_group.influxdb_test_package_sg.id] | ||
|
||
tags = { | ||
Name = format("circleci_%s_test_%s", var.identifier, var.architecture) | ||
} | ||
|
||
provisioner "file" { | ||
source = var.package_path | ||
destination = "/home/ec2-user/influxdb3.rpm" | ||
|
||
connection { | ||
type = "ssh" | ||
user = "ec2-user" | ||
host = self.public_dns | ||
agent = true | ||
} | ||
} | ||
|
||
provisioner "file" { | ||
source = "../validate" | ||
destination = "/home/ec2-user/validate" | ||
|
||
connection { | ||
type = "ssh" | ||
user = "ec2-user" | ||
host = self.public_dns | ||
agent = true | ||
} | ||
} | ||
|
||
provisioner "remote-exec" { | ||
inline = [ | ||
"chmod +x /home/ec2-user/validate", | ||
] | ||
|
||
connection { | ||
type = "ssh" | ||
user = "ec2-user" | ||
host = self.public_dns | ||
agent = true | ||
} | ||
} | ||
} | ||
|
||
output "node_ssh" { | ||
value = aws_instance.test_instance.0.public_dns | ||
} |
Oops, something went wrong.