apitech
/
grafana
mirror of https://github.com/grafana/grafana
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

[v10.4.x] Chore: Remove verification steps for deb/rpm in drone (#97299)

Browse Source 
Chore: Remove verification steps for deb/rpm in drone (#96991)

remove verification steps for deb/rpm in drone

(cherry picked from commit feeb2c6ce0)

Co-authored-by: Serge Zaitsev <serge.zaitsev@grafana.com>
pull/97305/head
Jev Forsberg 7 months ago committed by GitHub
parent 1d6e3faa46
commit 9bbed3484a
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 1 additions and 333 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 231
      .drone.yml
  2. 15
      scripts/drone/events/release.star
  3. 88
      scripts/drone/steps/lib.star

231
.drone.yml
Unescape View File

@ -3128,132 +3128,6 @@ volumes:
path: /var/run/docker.sock path: /var/run/docker.sock
name: docker name: docker
--- ---
clone:
retries: 3
depends_on: []
image_pull_secrets:
- gcr
- gar
kind: pipeline
name: verify-linux-packages
node:
type: no-parallel
platform:
arch: amd64
os: linux
services: []
steps:
- commands:
- export version=$(echo ${TAG} | sed -e "s/+security-/-/g")
- 'echo "Step 1: Updating package lists..."'
- apt-get update >/dev/null 2>&1
- 'echo "Step 2: Installing prerequisites..."'
- DEBIAN_FRONTEND=noninteractive apt-get install -yq apt-transport-https software-properties-common
wget >/dev/null 2>&1
- 'echo "Step 3: Adding Grafana GPG key..."'
- mkdir -p /etc/apt/keyrings/
- wget -q -O - https://apt.grafana.com/gpg.key | gpg --dearmor | tee /etc/apt/keyrings/grafana.gpg
> /dev/null
- 'echo "Step 4: Adding Grafana repository..."'
- echo "deb [signed-by=/etc/apt/keyrings/grafana.gpg] https://apt.grafana.com stable
main" | tee -a /etc/apt/sources.list.d/grafana.list
- 'echo "Step 5: Installing Grafana..."'
- for i in $(seq 1 60); do
- ' if apt-get update >/dev/null 2>&1 && DEBIAN_FRONTEND=noninteractive apt-get
install -yq grafana=$version >/dev/null 2>&1; then'
- ' echo "Command succeeded on attempt $i"'
- ' break'
- ' else'
- ' echo "Attempt $i failed"'
- ' if [ $i -eq 60 ]; then'
- ' echo ''All attempts failed'''
- ' exit 1'
- ' fi'
- ' echo "Waiting 30 seconds before next attempt..."'
- ' sleep 30'
- ' fi'
- done
- 'echo "Step 6: Verifying Grafana installation..."'
- 'if dpkg -s grafana | grep -q "Version: $version"; then'
- ' echo "Successfully verified Grafana version $version"'
- else
- ' echo "Failed to verify Grafana version $version"'
- ' exit 1'
- fi
- echo "Verification complete."
depends_on: []
environment: {}
image: ubuntu:22.04
name: verify-linux-DEB-packages
- commands:
- 'echo "Step 1: Updating package lists..."'
- dnf check-update -y >/dev/null 2>&1 || true
- 'echo "Step 2: Installing prerequisites..."'
- dnf install -y dnf-utils >/dev/null 2>&1
- 'echo "Step 3: Adding Grafana GPG key..."'
- rpm --import https://rpm.grafana.com/gpg.key
- 'echo "Step 4: Configuring Grafana repository..."'
- |-
echo -e '[grafana]
name=grafana
baseurl=https://rpm.grafana.com
repo_gpgcheck=0
enabled=1
gpgcheck=0
gpgkey=https://rpm.grafana.com/gpg.key
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
' > /etc/yum.repos.d/grafana.repo
- 'echo "Step 5: Checking RPM repository..."'
- export version=$(echo "${TAG}" | sed -e "s/+security-/^security_/g")
- dnf list available grafana-$version
- if [ $? -eq 0 ]; then
- ' echo "Grafana package found in repository. Installing from repo..."'
- for i in $(seq 1 60); do
- ' if dnf install -y --nogpgcheck grafana-$version >/dev/null 2>&1; then'
- ' echo "Command succeeded on attempt $i"'
- ' break'
- ' else'
- ' echo "Attempt $i failed"'
- ' if [ $i -eq 60 ]; then'
- ' echo ''All attempts failed'''
- ' exit 1'
- ' fi'
- ' echo "Waiting 30 seconds before next attempt..."'
- ' sleep 30'
- ' fi'
- done
- ' echo "Verifying GPG key..."'
- ' rpm --import https://rpm.grafana.com/gpg.key'
- ' rpm -qa gpg-pubkey* | xargs rpm -qi | grep -i grafana'
- else
- ' echo "Grafana package version $version not found in repository."'
- ' dnf repolist'
- ' dnf list available grafana*'
- ' exit 1'
- fi
- 'echo "Step 6: Verifying Grafana installation..."'
- if rpm -q grafana | grep -q "$verison"; then
- ' echo "Successfully verified Grafana version $version"'
- else
- ' echo "Failed to verify Grafana version $version"'
- ' exit 1'
- fi
- echo "Verification complete."
depends_on: []
environment: {}
image: rockylinux:9
name: verify-linux-RPM-packages
trigger:
event:
- promote
target: verify-linux-packages
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
---
clone: clone:
retries: 3 retries: 3
depends_on: depends_on:
@ -3322,109 +3196,6 @@ steps:
service_account_json: service_account_json:
from_secret: packages_service_account from_secret: packages_service_account
target_bucket: grafana-packages target_bucket: grafana-packages
- commands:
- export version=$(echo ${TAG} | sed -e "s/+security-/-/g")
- 'echo "Step 1: Updating package lists..."'
- apt-get update >/dev/null 2>&1
- 'echo "Step 2: Installing prerequisites..."'
- DEBIAN_FRONTEND=noninteractive apt-get install -yq apt-transport-https software-properties-common
wget >/dev/null 2>&1
- 'echo "Step 3: Adding Grafana GPG key..."'
- mkdir -p /etc/apt/keyrings/
- wget -q -O - https://apt.grafana.com/gpg.key | gpg --dearmor | tee /etc/apt/keyrings/grafana.gpg
> /dev/null
- 'echo "Step 4: Adding Grafana repository..."'
- echo "deb [signed-by=/etc/apt/keyrings/grafana.gpg] https://apt.grafana.com stable
main" | tee -a /etc/apt/sources.list.d/grafana.list
- 'echo "Step 5: Installing Grafana..."'
- for i in $(seq 1 60); do
- ' if apt-get update >/dev/null 2>&1 && DEBIAN_FRONTEND=noninteractive apt-get
install -yq grafana=$version >/dev/null 2>&1; then'
- ' echo "Command succeeded on attempt $i"'
- ' break'
- ' else'
- ' echo "Attempt $i failed"'
- ' if [ $i -eq 60 ]; then'
- ' echo ''All attempts failed'''
- ' exit 1'
- ' fi'
- ' echo "Waiting 30 seconds before next attempt..."'
- ' sleep 30'
- ' fi'
- done
- 'echo "Step 6: Verifying Grafana installation..."'
- 'if dpkg -s grafana | grep -q "Version: $version"; then'
- ' echo "Successfully verified Grafana version $version"'
- else
- ' echo "Failed to verify Grafana version $version"'
- ' exit 1'
- fi
- echo "Verification complete."
depends_on:
- publish-linux-packages-deb
environment: {}
image: ubuntu:22.04
name: verify-linux-DEB-packages
- commands:
- 'echo "Step 1: Updating package lists..."'
- dnf check-update -y >/dev/null 2>&1 || true
- 'echo "Step 2: Installing prerequisites..."'
- dnf install -y dnf-utils >/dev/null 2>&1
- 'echo "Step 3: Adding Grafana GPG key..."'
- rpm --import https://rpm.grafana.com/gpg.key
- 'echo "Step 4: Configuring Grafana repository..."'
- |-
echo -e '[grafana]
name=grafana
baseurl=https://rpm.grafana.com
repo_gpgcheck=0
enabled=1
gpgcheck=0
gpgkey=https://rpm.grafana.com/gpg.key
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
' > /etc/yum.repos.d/grafana.repo
- 'echo "Step 5: Checking RPM repository..."'
- export version=$(echo "${TAG}" | sed -e "s/+security-/^security_/g")
- dnf list available grafana-$version
- if [ $? -eq 0 ]; then
- ' echo "Grafana package found in repository. Installing from repo..."'
- for i in $(seq 1 60); do
- ' if dnf install -y --nogpgcheck grafana-$version >/dev/null 2>&1; then'
- ' echo "Command succeeded on attempt $i"'
- ' break'
- ' else'
- ' echo "Attempt $i failed"'
- ' if [ $i -eq 60 ]; then'
- ' echo ''All attempts failed'''
- ' exit 1'
- ' fi'
- ' echo "Waiting 30 seconds before next attempt..."'
- ' sleep 30'
- ' fi'
- done
- ' echo "Verifying GPG key..."'
- ' rpm --import https://rpm.grafana.com/gpg.key'
- ' rpm -qa gpg-pubkey* | xargs rpm -qi | grep -i grafana'
- else
- ' echo "Grafana package version $version not found in repository."'
- ' dnf repolist'
- ' dnf list available grafana*'
- ' exit 1'
- fi
- 'echo "Step 6: Verifying Grafana installation..."'
- if rpm -q grafana | grep -q "$verison"; then
- ' echo "Successfully verified Grafana version $version"'
- else
- ' echo "Failed to verify Grafana version $version"'
- ' exit 1'
- fi
- echo "Verification complete."
depends_on:
- publish-linux-packages-rpm
environment: {}
image: rockylinux:9
name: verify-linux-RPM-packages
- commands: - commands:
- ./bin/build publish grafana-com --edition oss ${DRONE_TAG} - ./bin/build publish grafana-com --edition oss ${DRONE_TAG}
depends_on: depends_on:
@ -5126,6 +4897,6 @@ kind: secret
name: gcr_credentials name: gcr_credentials
--- ---
kind: signature kind: signature
hmac: d5afbd3e3107644d41932a47ef3722072b03617f16c2d41550faacf50107fe1a hmac: 9ade54c2059751aae400f8b1a7ad1a4699205c49d3e4e349fd8168fad5b0df6b
... ...

15
scripts/drone/events/release.star
Unescape View File

@ -28,8 +28,6 @@ load(
"verify_gen_cue_step", "verify_gen_cue_step",
"verify_gen_jsonnet_step", "verify_gen_jsonnet_step",
"verify_grafanacom_step", "verify_grafanacom_step",
"verify_linux_DEB_packages_step",
"verify_linux_RPM_packages_step",
"wire_install_step", "wire_install_step",
"yarn_install_step", "yarn_install_step",
) )
@ -195,8 +193,6 @@ def publish_packages_pipeline():
compile_build_cmd(), compile_build_cmd(),
publish_linux_packages_step(package_manager = "deb"), publish_linux_packages_step(package_manager = "deb"),
publish_linux_packages_step(package_manager = "rpm"), publish_linux_packages_step(package_manager = "rpm"),
verify_linux_DEB_packages_step(depends_on = ["publish-linux-packages-deb"]),
verify_linux_RPM_packages_step(depends_on = ["publish-linux-packages-rpm"]),
publish_grafanacom_step(ver_mode = "release"), publish_grafanacom_step(ver_mode = "release"),
verify_grafanacom_step(), verify_grafanacom_step(),
] ]
@ -217,17 +213,6 @@ def publish_packages_pipeline():
verify_grafanacom_step(depends_on = []), verify_grafanacom_step(depends_on = []),
], ],
), ),
pipeline(
name = "verify-linux-packages",
trigger = {
"event": ["promote"],
"target": "verify-linux-packages",
},
steps = [
verify_linux_DEB_packages_step(),
verify_linux_RPM_packages_step(),
],
),
pipeline( pipeline(
name = "publish-packages", name = "publish-packages",
trigger = trigger, trigger = trigger,

88
scripts/drone/steps/lib.star
Unescape View File

@ -1235,94 +1235,6 @@ def retry_command(command, attempts = 60, delay = 30):
"done", "done",
] ]
def verify_linux_DEB_packages_step(depends_on = []):
install_command = "apt-get update >/dev/null 2>&1 && DEBIAN_FRONTEND=noninteractive apt-get install -yq grafana=$version >/dev/null 2>&1"
return {
"name": "verify-linux-DEB-packages",
"image": images["ubuntu"],
"environment": {},
"commands": [
'export version=$(echo ${TAG} | sed -e "s/+security-/-/g")',
'echo "Step 1: Updating package lists..."',
"apt-get update >/dev/null 2>&1",
'echo "Step 2: Installing prerequisites..."',
"DEBIAN_FRONTEND=noninteractive apt-get install -yq apt-transport-https software-properties-common wget >/dev/null 2>&1",
'echo "Step 3: Adding Grafana GPG key..."',
"mkdir -p /etc/apt/keyrings/",
"wget -q -O - https://apt.grafana.com/gpg.key | gpg --dearmor | tee /etc/apt/keyrings/grafana.gpg > /dev/null",
'echo "Step 4: Adding Grafana repository..."',
'echo "deb [signed-by=/etc/apt/keyrings/grafana.gpg] https://apt.grafana.com stable main" | tee -a /etc/apt/sources.list.d/grafana.list',
'echo "Step 5: Installing Grafana..."',
# The packages take a bit of time to propogate within the repo. This retry will check their availability within 10 minutes.
] + retry_command(install_command) + [
'echo "Step 6: Verifying Grafana installation..."',
'if dpkg -s grafana | grep -q "Version: $version"; then',
' echo "Successfully verified Grafana version $version"',
"else",
' echo "Failed to verify Grafana version $version"',
" exit 1",
"fi",
'echo "Verification complete."',
],
"depends_on": depends_on,
}
def verify_linux_RPM_packages_step(depends_on = []):
repo_config = (
"[grafana]\n" +
"name=grafana\n" +
"baseurl=https://rpm.grafana.com\n" +
"repo_gpgcheck=0\n" + # Change this to 0
"enabled=1\n" +
"gpgcheck=0\n" + # Change this to 0
"gpgkey=https://rpm.grafana.com/gpg.key\n" +
"sslverify=1\n" +
"sslcacert=/etc/pki/tls/certs/ca-bundle.crt\n"
)
install_command = "dnf install -y --nogpgcheck grafana-$version >/dev/null 2>&1"
return {
"name": "verify-linux-RPM-packages",
"image": images["rocky"],
"environment": {},
"commands": [
'echo "Step 1: Updating package lists..."',
"dnf check-update -y >/dev/null 2>&1 || true",
'echo "Step 2: Installing prerequisites..."',
"dnf install -y dnf-utils >/dev/null 2>&1",
'echo "Step 3: Adding Grafana GPG key..."',
"rpm --import https://rpm.grafana.com/gpg.key",
'echo "Step 4: Configuring Grafana repository..."',
"echo -e '" + repo_config + "' > /etc/yum.repos.d/grafana.repo",
'echo "Step 5: Checking RPM repository..."',
'export version=$(echo "${TAG}" | sed -e "s/+security-/^security_/g")',
"dnf list available grafana-$version",
"if [ $? -eq 0 ]; then",
' echo "Grafana package found in repository. Installing from repo..."',
] + retry_command(install_command) + [
' echo "Verifying GPG key..."',
" rpm --import https://rpm.grafana.com/gpg.key",
" rpm -qa gpg-pubkey* | xargs rpm -qi | grep -i grafana",
"else",
' echo "Grafana package version $version not found in repository."',
" dnf repolist",
" dnf list available grafana*",
" exit 1",
"fi",
'echo "Step 6: Verifying Grafana installation..."',
'if rpm -q grafana | grep -q "$verison"; then',
' echo "Successfully verified Grafana version $version"',
"else",
' echo "Failed to verify Grafana version $version"',
" exit 1",
"fi",
'echo "Verification complete."',
],
"depends_on": depends_on,
}
def verify_gen_cue_step(): def verify_gen_cue_step():
return { return {
"name": "verify-gen-cue", "name": "verify-gen-cue",

Write Preview
Loading…
Cancel
Save