Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: build binaries and Docker images in CI #24751

Merged
merged 14 commits into from
May 3, 2024
Merged
Show file tree
Hide file tree
Changes from 12 commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
433 changes: 371 additions & 62 deletions .circleci/config.yml

Large diffs are not rendered by default.

47 changes: 47 additions & 0 deletions .circleci/packages/config.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
version:
- match: '^v[0-9]+.[0-9]+.[0-9]+(-[0-9]+.(alpha|beta|rc).[0-9]+(.[0-9]+)?)?$'
value: '{{env.CIRCLE_TAG[1:]}}'
- match: '.*'
value: '3.0.0+snapshot-{{env.CIRCLE_SHA1[:8]}}'
jdstrand marked this conversation as resolved.
Show resolved Hide resolved

sources:
- binary: /tmp/workspace/artifacts/influxdb3-edge_x86_64-unknown-linux-musl.tar.gz
target: artifacts/
arch: amd64
plat: linux

- binary: /tmp/workspace/artifacts/influxdb3-edge_aarch64-unknown-linux-musl.tar.gz
target: artifacts/
arch: arm64
plat: linux

- binary: /tmp/workspace/artifacts/influxdb3-edge_aarch64-apple-darwin.tar.gz
target: artifacts/
arch: amd64
plat: darwin

- binary: /tmp/workspace/artifacts/influxdb3-edge_x86_64-pc-windows-gnu.tar.gz
target: artifacts/
arch: amd64
plat: windows

packages:
- name: influxdb3
description: Monolithic time-series database.
license: MIT/Apache-2.0
vendor: InfluxData
homepage: https://influxdata.com
maintainer:
name: support
email: support@influxdata.com
binaries:
- influxdb3
- influxdb3.exe
extras:
- source: LICENSE-APACHE
target: usr/share/influxdb3/LICENSE-APACHE
- source: LICENSE-MIT
target: usr/share/influxdb3/LICENSE-MIT
- source: README.md
target: usr/share/influxdb3/README.md
source: .circleci/packages/influxdb3
1 change: 1 addition & 0 deletions .circleci/packages/influxdb3/control/post-install
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
#!/bin/bash
22 changes: 22 additions & 0 deletions .circleci/packages/influxdb3/control/pre-install
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
#!/bin/bash

USER=influxdb3
GROUP=influxdb3
DATA_DIR=/var/lib/influxdb3
LOG_DIR=/var/log/influxdb3

if ! id influxdb3 &>/dev/null; then
useradd --system -U -M influxdb3 -s /bin/false -d $DATA_DIR
fi

# check if DATA_DIR exists
if [ ! -d "$DATA_DIR" ]; then
mkdir -p $DATA_DIR
chown $USER:$GROUP $DATA_DIR
fi

# check if LOG_DIR exists
if [ ! -d "$LOG_DIR" ]; then
mkdir -p $LOG_DIR
chown $USER:$GROUP $DATA_DIR
fi
Empty file.
Empty file.
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ RUST_VERSION="$(sed -E -ne 's/channel = "(.*)"/\1/p' rust-toolchain.toml)"
COMMIT_SHA="$(git rev-parse HEAD)"
COMMIT_TS="$(env TZ=UTC0 git show --quiet --date='format-local:%Y-%m-%dT%H:%M:%SZ' --format="%cd" HEAD)"
NOW="$(date --utc --iso-8601=seconds)"
REPO_URL="https://github.com/influxdata/influxdb_iox"
REPO_URL="https://github.com/influxdata/influxdb"

exec docker buildx build \
--build-arg CARGO_INCREMENTAL="no" \
Expand All @@ -22,8 +22,8 @@ exec docker buildx build \
--label org.opencontainers.image.url="$REPO_URL" \
--label org.opencontainers.image.revision="$COMMIT_SHA" \
--label org.opencontainers.image.vendor="InfluxData Inc." \
--label org.opencontainers.image.title="InfluxDB IOx, '$PACKAGE'" \
--label org.opencontainers.image.description="InfluxDB IOx production image for package '$PACKAGE'" \
--label org.opencontainers.image.title="InfluxDB3 Edge" \
--label org.opencontainers.image.description="InfluxDB3 Edge Image" \
--label com.influxdata.image.commit-date="$COMMIT_TS" \
--label com.influxdata.image.package="$PACKAGE" \
--progress plain \
Expand Down
8 changes: 8 additions & 0 deletions .circleci/scripts/package-validation/debian
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
#!/bin/bash
set -o errexit \
-o nounset \
-o pipefail

path="$(dirname "$(realpath "${BASH_SOURCE[0]}")")"

"${path}/validate" deb "${1}"
97 changes: 97 additions & 0 deletions .circleci/scripts/package-validation/redhat
Original file line number Diff line number Diff line change
@@ -0,0 +1,97 @@
#!/bin/bash
set -o errexit \
-o nounset \
-o pipefail

# $1 -> architecture
# $2 -> package path
case ${1} in
x86_64) arch=x86_64 ;;
aarch64) arch=arm64 ;;
esac

package="$(realpath "${2}")"

path="$(dirname "$(realpath "${BASH_SOURCE[0]}")")"

terraform_init() {
pushd "${path}/tf" &>/dev/null

# Unfortunately, CircleCI doesn't offer any RPM based machine images.
# This is required to test the functionality of the systemd services.
# (systemd doesn't run within docker containers). This will spawn a
# Amazon Linux instance in AWS.
terraform init
terraform apply \
-auto-approve \
-var "architecture=${1}" \
-var "package_path=${2}" \
-var "identifier=${CIRCLE_JOB}"

popd &>/dev/null
}

terraform_free() {
pushd "${path}/tf" &>/dev/null

terraform destroy \
-auto-approve \
-var "architecture=${1}" \
-var "package_path=${2}" \
-var "identifier=${CIRCLE_JOB}"

popd &>/dev/null
}

terraform_ip() {
pushd "${path}/tf" &>/dev/null

terraform output -raw node_ssh

popd &>/dev/null
}


# This ensures that the associated resources within AWS are released
# upon exit or when encountering an error. This is setup before the
# call to "terraform apply" so even partially initialized resources
# are released.
# shellcheck disable=SC2064
trap "terraform_free \"${arch}\" \"${package}\"" \
SIGINT \
SIGTERM \
ERR \
EXIT

function terraform_setup()
{
# TODO(bnpfeife): remove this once the executor is updated.
#
# Unfortunately, terraform provided by the CircleCI executor is *terribly*
# out of date. Most Linux distributions are disabling "ssh-rsa" public key
# algorithms which this uses to remote into the ec2 instance . This
# installs the latest version of terraform.
#
# Addendum: the "terraform_version" CircleCI option is broken!
sudo tee /etc/apt/sources.list.d/hashicorp.list <<EOF >/dev/null || true
deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main
EOF

curl -fL https://apt.releases.hashicorp.com/gpg | gpg --dearmor | \
sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg >/dev/null

export DEBIAN_FRONTEND=noninteractive
sudo -E apt-get update
sudo -E apt-get install --yes terraform
}

terraform_setup

terraform_init "${arch}" "${package}"

printf 'Setup complete! Testing %s... (this takes several minutes!)' "${1}"

# Since terraform *just* created this instance, the host key is not
# known. Therefore, we'll disable StrictHostKeyChecking so ssh does
# not wait for user input.
ssh -o 'StrictHostKeyChecking=no' "ec2-user@$(terraform_ip)" 'sudo ./validate rpm ./influxdb3.rpm'
114 changes: 114 additions & 0 deletions .circleci/scripts/package-validation/tf/main.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,114 @@
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 2.70"
}
}
}

variable "architecture" {
type = string
}

variable "identifier" {
type = string
}

variable "package_path" {
type = string
}

provider "aws" {
region = "us-east-1"
}

data "aws_ami" "test_ami" {
most_recent = true

filter {
name = "name"
values = ["al20*-ami-20*"]
}
filter {
name = "virtualization-type"
values = ["hvm"]
}
filter {
name = "architecture"
values = [var.architecture]
}

owners = ["137112412989"]
}

resource "aws_security_group" "influxdb_test_package_sg" {
ingress {
description = "Allow ssh connection"
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}

egress {
description = "Allow all outgoing"
from_port = 0
to_port = 0
protocol = "all"
cidr_blocks = ["0.0.0.0/0"]
}
}

resource "aws_instance" "test_instance" {
count = 1
ami = data.aws_ami.test_ami.id
instance_type = var.architecture == "x86_64" ? "t2.micro" : "c6g.medium"
key_name = "circleci-oss-test"
vpc_security_group_ids = [aws_security_group.influxdb_test_package_sg.id]

tags = {
Name = format("circleci_%s_test_%s", var.identifier, var.architecture)
}

provisioner "file" {
source = var.package_path
destination = "/home/ec2-user/influxdb3.rpm"

connection {
type = "ssh"
user = "ec2-user"
host = self.public_dns
agent = true
}
}

provisioner "file" {
source = "../validate"
destination = "/home/ec2-user/validate"

connection {
type = "ssh"
user = "ec2-user"
host = self.public_dns
agent = true
}
}

provisioner "remote-exec" {
inline = [
"chmod +x /home/ec2-user/validate",
]

connection {
type = "ssh"
user = "ec2-user"
host = self.public_dns
agent = true
}
}
}

output "node_ssh" {
value = aws_instance.test_instance.0.public_dns
}
Loading