apitech
/
grafana
mirror of https://github.com/grafana/grafana
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
The open and composable observability and data visualization platform. Visualize metrics, logs, and traces from multiple sources like Prometheus, Loki, Elasticsearch, InfluxDB, Postgres and many more.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
45498 Commits
5917 Branches
582 Tags
1.7 GiB
 
 
 
 
 
 
Tag: Branch: Tree: 9c295ea072
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '9c295ea072'
${ noResults }
grafana/.drone.yml

4221 lines
104 KiB
Raw Blame History

---
clone:
retries: 3
depends_on: []
environment:
EDITION: oss
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: pr-verify-drone
node:
type: no-parallel
platform:
arch: amd64
os: linux
services: []
steps:
- commands:
- echo $DRONE_RUNNER_NAME
image: alpine:3.18.3
name: identify-runner
- commands:
- go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd
depends_on: []
environment:
CGO_ENABLED: 0
image: golang:1.20.8-alpine
name: compile-build-cmd
- commands:
- ./bin/build verify-drone
depends_on:
- compile-build-cmd
image: byrnedo/alpine-curl:0.1.8
name: lint-drone
trigger:
event:
- pull_request
paths:
exclude:
- docs/**
- '*.md'
include:
- scripts/drone/**
- .drone.yml
- .drone.star
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
---
clone:
retries: 3
depends_on: []
environment:
EDITION: oss
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: pr-verify-starlark
node:
type: no-parallel
platform:
arch: amd64
os: linux
services: []
steps:
- commands:
- echo $DRONE_RUNNER_NAME
image: alpine:3.18.3
name: identify-runner
- commands:
- go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd
depends_on: []
environment:
CGO_ENABLED: 0
image: golang:1.20.8-alpine
name: compile-build-cmd
- commands:
- go install github.com/bazelbuild/buildtools/buildifier@latest
- buildifier --lint=warn -mode=check -r .
depends_on:
- compile-build-cmd
image: golang:1.20.8-alpine
name: lint-starlark
trigger:
event:
- pull_request
paths:
exclude:
- docs/**
- '*.md'
include:
- scripts/drone/**
- .drone.star
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
---
clone:
retries: 3
depends_on: []
environment:
EDITION: oss
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: pr-test-frontend
node:
type: no-parallel
platform:
arch: amd64
os: linux
services: []
steps:
- commands:
- echo $DRONE_RUNNER_NAME
image: alpine:3.18.3
name: identify-runner
- commands:
- yarn install --immutable
depends_on: []
image: node:18.12.0-alpine
name: yarn-install
- commands:
- apk add --update git bash
- yarn betterer ci
depends_on:
- yarn-install
image: node:18.12.0-alpine
name: betterer-frontend
- commands:
- apk add --update curl jq bash
- is_fork=$(curl "https://$GITHUB_TOKEN@api.github.com/repos/grafana/grafana/pulls/$DRONE_PULL_REQUEST"
| jq .head.repo.fork)
- if [ "$is_fork" != false ]; then return 1; fi
- git clone "https://$${GITHUB_TOKEN}@github.com/grafana/grafana-enterprise.git"
../grafana-enterprise
- cd ../grafana-enterprise
- if git checkout ${DRONE_SOURCE_BRANCH}; then echo "checked out ${DRONE_SOURCE_BRANCH}";
elif git checkout ${DRONE_TARGET_BRANCH}; then echo "git checkout ${DRONE_TARGET_BRANCH}";
else git checkout main; fi
- cd ../
- ln -s src grafana
- cd ./grafana-enterprise
- ./build.sh
environment:
GITHUB_TOKEN:
from_secret: github_token
failure: ignore
image: alpine/git:2.40.1
name: clone-enterprise
- commands:
- yarn run ci:test-frontend
depends_on:
- yarn-install
environment:
TEST_MAX_WORKERS: 50%
image: node:18.12.0-alpine
name: test-frontend
trigger:
event:
- pull_request
paths:
exclude:
- docs/**
- '*.md'
- pkg/**
- packaging/**
- go.sum
- go.mod
include: []
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
---
clone:
retries: 3
depends_on: []
environment:
EDITION: oss
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: pr-lint-frontend
node:
type: no-parallel
platform:
arch: amd64
os: linux
services: []
steps:
- commands:
- apk add --update curl jq bash
- is_fork=$(curl "https://$GITHUB_TOKEN@api.github.com/repos/grafana/grafana/pulls/$DRONE_PULL_REQUEST"
| jq .head.repo.fork)
- if [ "$is_fork" != false ]; then return 1; fi
- git clone "https://$${GITHUB_TOKEN}@github.com/grafana/grafana-enterprise.git"
../grafana-enterprise
- cd ../grafana-enterprise
- if git checkout ${DRONE_SOURCE_BRANCH}; then echo "checked out ${DRONE_SOURCE_BRANCH}";
elif git checkout ${DRONE_TARGET_BRANCH}; then echo "git checkout ${DRONE_TARGET_BRANCH}";
else git checkout main; fi
- cd ../
- ln -s src grafana
- cd ./grafana-enterprise
- ./build.sh
environment:
GITHUB_TOKEN:
from_secret: github_token
failure: ignore
image: alpine/git:2.40.1
name: clone-enterprise
- commands:
- echo $DRONE_RUNNER_NAME
image: alpine:3.18.3
name: identify-runner
- commands:
- yarn install --immutable
depends_on: []
image: node:18.12.0-alpine
name: yarn-install
- commands:
- yarn run prettier:check
- yarn run lint
- yarn run typecheck
depends_on:
- yarn-install
environment:
TEST_MAX_WORKERS: 50%
image: node:18.12.0-alpine
name: lint-frontend
- commands:
- apk add --update git
- |-
yarn run i18n:extract || (echo "
Extraction failed. Make sure that you have no dynamic translation phrases, such as 't(\`preferences.theme.\$${themeID}\`, themeName)' and that no translation key is used twice. Search the output for '[warning]' to find the offending file." && false)
- "\n file_diff=$(git diff --dirstat public/locales)\n if
[ -n \"$file_diff\" ]; then\n echo $file_diff\n echo
\"\nTranslation extraction has not been committed. Please run 'yarn i18n:extract',
commit the changes and push again.\"\n exit 1\n fi\n
\ "
- yarn run i18n:compile
depends_on:
- yarn-install
image: node:18.12.0-alpine
name: verify-i18n
trigger:
event:
- pull_request
paths:
exclude:
- docs/**
- '*.md'
- pkg/**
- packaging/**
- go.sum
- go.mod
include: []
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
---
clone:
retries: 3
depends_on: []
environment:
EDITION: oss
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: pr-test-backend
node:
type: no-parallel
platform:
arch: amd64
os: linux
services: []
steps:
- commands:
- apk add --update curl jq bash
- is_fork=$(curl "https://$GITHUB_TOKEN@api.github.com/repos/grafana/grafana/pulls/$DRONE_PULL_REQUEST"
| jq .head.repo.fork)
- if [ "$is_fork" != false ]; then return 1; fi
- git clone "https://$${GITHUB_TOKEN}@github.com/grafana/grafana-enterprise.git"
../grafana-enterprise
- cd ../grafana-enterprise
- if git checkout ${DRONE_SOURCE_BRANCH}; then echo "checked out ${DRONE_SOURCE_BRANCH}";
elif git checkout ${DRONE_TARGET_BRANCH}; then echo "git checkout ${DRONE_TARGET_BRANCH}";
else git checkout main; fi
- cd ../
- ln -s src grafana
- cd ./grafana-enterprise
- ./build.sh
environment:
GITHUB_TOKEN:
from_secret: github_token
failure: ignore
image: alpine/git:2.40.1
name: clone-enterprise
- commands:
- echo $DRONE_RUNNER_NAME
image: alpine:3.18.3
name: identify-runner
- commands:
- '# It is required that code generated from Thema/CUE be committed and in sync
with its inputs.'
- '# The following command will fail if running code generators produces any diff
in output.'
- apk add --update make
- CODEGEN_VERIFY=1 make gen-cue
depends_on: []
image: golang:1.20.8-alpine
name: verify-gen-cue
- commands:
- '# It is required that generated jsonnet is committed and in sync with its inputs.'
- '# The following command will fail if running code generators produces any diff
in output.'
- apk add --update make
- CODEGEN_VERIFY=1 make gen-jsonnet
depends_on: []
image: golang:1.20.8-alpine
name: verify-gen-jsonnet
- commands:
- apk add --update make
- make gen-go
depends_on:
- verify-gen-cue
image: golang:1.20.8-alpine
name: wire-install
- commands:
- apk add --update build-base shared-mime-info shared-mime-info-lang
- go test -tags requires_buildifer -short -covermode=atomic -timeout=5m ./pkg/...
depends_on:
- wire-install
image: golang:1.20.8-alpine
name: test-backend
- commands:
- apk add --update build-base
- go test -count=1 -covermode=atomic -timeout=5m -run '^TestIntegration' $(find
./pkg -type f -name '*_test.go' -exec grep -l '^func TestIntegration' '{}' '+'
| grep -o '\(.*\)/' | sort -u)
depends_on:
- wire-install
image: golang:1.20.8-alpine
name: test-backend-integration
trigger:
event:
- pull_request
paths:
exclude:
- docs/**
- '*.md'
include:
- pkg/**
- packaging/**
- .drone.yml
- conf/**
- go.sum
- go.mod
- public/app/plugins/**/plugin.json
- devenv/**
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
---
clone:
retries: 3
depends_on: []
environment:
EDITION: oss
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: pr-lint-backend
node:
type: no-parallel
platform:
arch: amd64
os: linux
services: []
steps:
- commands:
- echo $DRONE_RUNNER_NAME
image: alpine:3.18.3
name: identify-runner
- commands:
- go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd
depends_on: []
environment:
CGO_ENABLED: 0
image: golang:1.20.8-alpine
name: compile-build-cmd
- commands:
- apk add --update curl jq bash
- is_fork=$(curl "https://$GITHUB_TOKEN@api.github.com/repos/grafana/grafana/pulls/$DRONE_PULL_REQUEST"
| jq .head.repo.fork)
- if [ "$is_fork" != false ]; then return 1; fi
- git clone "https://$${GITHUB_TOKEN}@github.com/grafana/grafana-enterprise.git"
../grafana-enterprise
- cd ../grafana-enterprise
- if git checkout ${DRONE_SOURCE_BRANCH}; then echo "checked out ${DRONE_SOURCE_BRANCH}";
elif git checkout ${DRONE_TARGET_BRANCH}; then echo "git checkout ${DRONE_TARGET_BRANCH}";
else git checkout main; fi
- cd ../
- ln -s src grafana
- cd ./grafana-enterprise
- ./build.sh
environment:
GITHUB_TOKEN:
from_secret: github_token
failure: ignore
image: alpine/git:2.40.1
name: clone-enterprise
- commands:
- apk add --update make
- make gen-go
depends_on: []
image: golang:1.20.8-alpine
name: wire-install
- commands:
- apk add --update make build-base
- make lint-go
depends_on:
- wire-install
environment:
CGO_ENABLED: "1"
image: golang:1.20.8-alpine
name: lint-backend
- commands:
- go run scripts/modowners/modowners.go check go.mod
image: golang:1.20.8-alpine
name: validate-modfile
- commands:
- apk add --update make
- make swagger-validate
image: golang:1.20.8-alpine
name: validate-openapi-spec
trigger:
event:
- pull_request
paths:
exclude:
- docs/**
- '*.md'
include:
- pkg/**
- packaging/**
- .drone.yml
- conf/**
- go.sum
- go.mod
- public/app/plugins/**/plugin.json
- devenv/**
- .bingo/**
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
---
clone:
retries: 3
depends_on: []
environment:
EDITION: oss
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: pr-build-e2e
node:
type: no-parallel
platform:
arch: amd64
os: linux
services: []
steps:
- commands:
- echo $DRONE_RUNNER_NAME
image: alpine:3.18.3
name: identify-runner
- commands:
- mkdir -p bin
- curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v3.0.42/grabpl
- chmod +x bin/grabpl
image: byrnedo/alpine-curl:0.1.8
name: grabpl
- commands:
- go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd
depends_on: []
environment:
CGO_ENABLED: 0
image: golang:1.20.8-alpine
name: compile-build-cmd
- commands:
- '# It is required that code generated from Thema/CUE be committed and in sync
with its inputs.'
- '# The following command will fail if running code generators produces any diff
in output.'
- apk add --update make
- CODEGEN_VERIFY=1 make gen-cue
depends_on: []
image: golang:1.20.8-alpine
name: verify-gen-cue
- commands:
- '# It is required that generated jsonnet is committed and in sync with its inputs.'
- '# The following command will fail if running code generators produces any diff
in output.'
- apk add --update make
- CODEGEN_VERIFY=1 make gen-jsonnet
depends_on: []
image: golang:1.20.8-alpine
name: verify-gen-jsonnet
- commands:
- apk add --update make
- make gen-go
depends_on:
- verify-gen-cue
image: golang:1.20.8-alpine
name: wire-install
- commands:
- yarn install --immutable
depends_on: []
image: node:18.12.0-alpine
name: yarn-install
- commands:
- apk add --update jq bash
- yarn packages:build
- yarn packages:pack
- ./scripts/validate-npm-packages.sh
depends_on:
- yarn-install
environment:
NODE_OPTIONS: --max_old_space_size=8192
image: node:18.12.0-alpine
name: build-frontend-packages
- commands:
- git clone "https://$${GITHUB_TOKEN}@github.com/grafana/grafana-enterprise.git"
--depth=1
- cd grafana-enterprise
- git fetch origin "refs/tags/*:refs/tags/*" --quiet
- if git show-ref --tags $${TEST_TAG} --quiet; then git tag -d $${TEST_TAG} && git
push --delete origin $${TEST_TAG}; fi
- git tag $${TEST_TAG} && git push origin $${TEST_TAG}
- cd -
- git fetch https://$${GITHUB_TOKEN}@github.com/grafana/grafana.git "refs/tags/*:refs/tags/*"
--quiet && git fetch --quiet
- if git show-ref --tags $${TEST_TAG} --quiet; then git tag -d $${TEST_TAG} && git
push --delete https://$${GITHUB_TOKEN}@github.com/grafana/grafana.git $${TEST_TAG};
fi
- git tag $${TEST_TAG} && git push https://$${GITHUB_TOKEN}@github.com/grafana/grafana.git
$${TEST_TAG}
environment:
GITHUB_TOKEN:
from_secret: github_token
TEST_TAG: v0.0.0-test
failure: ignore
image: alpine/git:2.40.1
name: trigger-test-release
when:
branch: main
paths:
include:
- .drone.yml
- pkg/build/**
repo:
- grafana/grafana
- failure: ignore
image: grafana/drone-downstream
name: trigger-enterprise-downstream
settings:
params:
- SOURCE_BUILD_NUMBER=${DRONE_COMMIT}
- SOURCE_COMMIT=${DRONE_COMMIT}
- OSS_PULL_REQUEST=${DRONE_PULL_REQUEST}
repositories:
- grafana/grafana-enterprise@${DRONE_SOURCE_BRANCH}
server: https://drone.grafana.net
token:
from_secret: drone_token
- commands:
- /src/grafana-build package --distro=linux/amd64,linux/arm64 --go-version=1.20.8
--yarn-cache=$$YARN_CACHE_FOLDER --build-id=$$DRONE_BUILD_NUMBER --grafana-dir=$$PWD
> packages.txt
depends_on:
- yarn-install
image: grafana/grafana-build:main
name: rgm-package
pull: always
volumes:
- name: docker
path: /var/run/docker.sock
- commands:
- apk add --update tar bash
- mkdir grafana
- tar --strip-components=1 -xvf ./dist/*amd64.tar.gz -C grafana
- cp -r devenv scripts tools grafana && cd grafana && ./scripts/grafana-server/start-server
depends_on:
- rgm-package
detach: true
environment:
GF_APP_MODE: development
GF_SERVER_HTTP_PORT: "3001"
GF_SERVER_ROUTER_LOGGING: "1"
image: alpine:3.18.3
name: grafana-server
- commands:
- ./bin/build e2e-tests --port 3001 --suite dashboards-suite
depends_on:
- grafana-server
environment:
HOST: grafana-server
image: cypress/included:13.1.0
name: end-to-end-tests-dashboards-suite
- commands:
- ./bin/build e2e-tests --port 3001 --suite smoke-tests-suite
depends_on:
- grafana-server
environment:
HOST: grafana-server
image: cypress/included:13.1.0
name: end-to-end-tests-smoke-tests-suite
- commands:
- ./bin/build e2e-tests --port 3001 --suite panels-suite
depends_on:
- grafana-server
environment:
HOST: grafana-server
image: cypress/included:13.1.0
name: end-to-end-tests-panels-suite
- commands:
- ./bin/build e2e-tests --port 3001 --suite various-suite
depends_on:
- grafana-server
environment:
HOST: grafana-server
image: cypress/included:13.1.0
name: end-to-end-tests-various-suite
- commands:
- cd /
- ./cpp-e2e/scripts/ci-run.sh azure ${DRONE_SOURCE_BRANCH}
depends_on:
- grafana-server
environment:
AZURE_SP_APP_ID:
from_secret: azure_sp_app_id
AZURE_SP_PASSWORD:
from_secret: azure_sp_app_pw
AZURE_TENANT:
from_secret: azure_tenant
CYPRESS_CI: "true"
GITHUB_TOKEN:
from_secret: github_token
HOST: grafana-server
image: us-docker.pkg.dev/grafanalabs-dev/cloud-data-sources/e2e:3.0.0
name: end-to-end-tests-cloud-plugins-suite-azure
when:
paths:
include:
- pkg/tsdb/azuremonitor/**
- public/app/plugins/datasource/azuremonitor/**
- e2e/cloud-plugins-suite/azure-monitor.spec.ts
repo:
- grafana/grafana
- commands:
- apt-get update
- apt-get install -yq zip
- printenv GCP_GRAFANA_UPLOAD_ARTIFACTS_KEY > /tmp/gcpkey_upload_artifacts.json
- gcloud auth activate-service-account --key-file=/tmp/gcpkey_upload_artifacts.json
- find ./e2e -type f -name "*spec.ts.mp4" | zip e2e/videos.zip -@
- gsutil cp e2e/videos.zip gs://$${E2E_TEST_ARTIFACTS_BUCKET}/${DRONE_BUILD_NUMBER}/artifacts/videos/videos.zip
- export E2E_ARTIFACTS_VIDEO_ZIP=https://storage.googleapis.com/$${E2E_TEST_ARTIFACTS_BUCKET}/${DRONE_BUILD_NUMBER}/artifacts/videos/videos.zip
- 'echo "E2E Test artifacts uploaded to: $${E2E_ARTIFACTS_VIDEO_ZIP}"'
- 'curl -X POST https://api.github.com/repos/${DRONE_REPO}/statuses/${DRONE_COMMIT_SHA}
-H "Authorization: token $${GITHUB_TOKEN}" -d "{\"state\":\"success\",\"target_url\":\"$${E2E_ARTIFACTS_VIDEO_ZIP}\",
\"description\": \"Click on the details to download e2e recording videos\", \"context\":
\"e2e_artifacts\"}"'
depends_on:
- end-to-end-tests-dashboards-suite
- end-to-end-tests-panels-suite
- end-to-end-tests-smoke-tests-suite
- end-to-end-tests-various-suite
environment:
E2E_TEST_ARTIFACTS_BUCKET: releng-pipeline-artifacts-dev
GCP_GRAFANA_UPLOAD_ARTIFACTS_KEY:
from_secret: gcp_upload_artifacts_key
GITHUB_TOKEN:
from_secret: github_token
failure: ignore
image: google/cloud-sdk:431.0.0
name: e2e-tests-artifacts-upload
when:
status:
- success
- failure
- commands:
- yarn storybook:build
- ./bin/build verify-storybook
depends_on:
- rgm-package
- build-frontend-packages
environment:
NODE_OPTIONS: --max_old_space_size=4096
image: node:18.12.0-alpine
name: build-storybook
when:
paths:
include:
- packages/grafana-ui/**
- commands:
- yarn wait-on http://$HOST:$PORT
- pa11y-ci --config .pa11yci-pr.conf.js
depends_on:
- grafana-server
environment:
GRAFANA_MISC_STATS_API_KEY:
from_secret: grafana_misc_stats_api_key
HOST: grafana-server
PORT: 3001
failure: always
image: grafana/docker-puppeteer:1.1.0
name: test-a11y-frontend
- commands:
- docker run --privileged --rm tonistiigi/binfmt --install all
- /src/grafana-build docker $(cat packages.txt | grep tar.gz | grep -v docker |
grep -v sha256 | awk '{print "--package=" $0}') --ubuntu-base=ubuntu:22.04 --alpine-base=alpine:3.18.3
--tag-format='{{ .version_base }}-{{ .buildID }}-{{ .arch }}' --ubuntu-tag-format='{{
.version_base }}-{{ .buildID }}-ubuntu-{{ .arch }}' > docker.txt
- find ./dist -name '*docker*.tar.gz' -type f | xargs -n1 docker load -i
depends_on:
- rgm-package
image: grafana/grafana-build:main
name: rgm-build-docker
pull: always
volumes:
- name: docker
path: /var/run/docker.sock
- commands:
- ./bin/grabpl artifacts docker publish --dockerhub-repo grafana/grafana
depends_on:
- rgm-build-docker
environment:
DOCKER_PASSWORD:
from_secret: docker_password
DOCKER_USER:
from_secret: docker_username
GITHUB_APP_ID:
from_secret: delivery-bot-app-id
GITHUB_APP_INSTALLATION_ID:
from_secret: delivery-bot-app-installation-id
GITHUB_APP_PRIVATE_KEY:
from_secret: delivery-bot-app-private-key
failure: ignore
image: google/cloud-sdk:431.0.0
name: publish-images-grafana
volumes:
- name: docker
path: /var/run/docker.sock
trigger:
event:
- pull_request
paths:
exclude:
- '*.md'
- docs/**
- latest.json
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
---
clone:
retries: 3
depends_on: []
environment:
EDITION: oss
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: pr-integration-tests
node:
type: no-parallel
platform:
arch: amd64
os: linux
services:
- environment:
PGDATA: /var/lib/postgresql/data/pgdata
POSTGRES_DB: grafanatest
POSTGRES_PASSWORD: grafanatest
POSTGRES_USER: grafanatest
image: postgres:12.3-alpine
name: postgres
volumes:
- name: postgres
path: /var/lib/postgresql/data/pgdata
- commands:
- docker-entrypoint.sh mysqld --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci
environment:
MYSQL_DATABASE: grafana_tests
MYSQL_PASSWORD: password
MYSQL_ROOT_PASSWORD: rootpass
MYSQL_USER: grafana
image: mysql:5.7.39
name: mysql57
volumes:
- name: mysql57
path: /var/lib/mysql
- commands:
- docker-entrypoint.sh mysqld --default-authentication-plugin=mysql_native_password
environment:
MYSQL_DATABASE: grafana_tests
MYSQL_PASSWORD: password
MYSQL_ROOT_PASSWORD: rootpass
MYSQL_USER: grafana
image: mysql:8.0.32
name: mysql80
volumes:
- name: mysql80
path: /var/lib/mysql
- environment: {}
image: redis:6.2.11-alpine
name: redis
- environment: {}
image: memcached:1.6.9-alpine
name: memcached
steps:
- commands:
- apk add --update curl jq bash
- is_fork=$(curl "https://$GITHUB_TOKEN@api.github.com/repos/grafana/grafana/pulls/$DRONE_PULL_REQUEST"
| jq .head.repo.fork)
- if [ "$is_fork" != false ]; then return 1; fi
- git clone "https://$${GITHUB_TOKEN}@github.com/grafana/grafana-enterprise.git"
../grafana-enterprise
- cd ../grafana-enterprise
- if git checkout ${DRONE_SOURCE_BRANCH}; then echo "checked out ${DRONE_SOURCE_BRANCH}";
elif git checkout ${DRONE_TARGET_BRANCH}; then echo "git checkout ${DRONE_TARGET_BRANCH}";
else git checkout main; fi
- cd ../
- ln -s src grafana
- cd ./grafana-enterprise
- ./build.sh
environment:
GITHUB_TOKEN:
from_secret: github_token
failure: ignore
image: alpine/git:2.40.1
name: clone-enterprise
- commands:
- mkdir -p bin
- curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v3.0.42/grabpl
- chmod +x bin/grabpl
image: byrnedo/alpine-curl:0.1.8
name: grabpl
- commands:
- go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd
depends_on: []
environment:
CGO_ENABLED: 0
image: golang:1.20.8-alpine
name: compile-build-cmd
- commands:
- echo $DRONE_RUNNER_NAME
image: alpine:3.18.3
name: identify-runner
- commands:
- '# It is required that code generated from Thema/CUE be committed and in sync
with its inputs.'
- '# The following command will fail if running code generators produces any diff
in output.'
- apk add --update make
- CODEGEN_VERIFY=1 make gen-cue
depends_on: []
image: golang:1.20.8-alpine
name: verify-gen-cue
- commands:
- '# It is required that generated jsonnet is committed and in sync with its inputs.'
- '# The following command will fail if running code generators produces any diff
in output.'
- apk add --update make
- CODEGEN_VERIFY=1 make gen-jsonnet
depends_on: []
image: golang:1.20.8-alpine
name: verify-gen-jsonnet
- commands:
- apk add --update make
- make gen-go
depends_on:
- verify-gen-cue
image: golang:1.20.8-alpine
name: wire-install
- commands:
- dockerize -wait tcp://postgres:5432 -timeout 120s
image: jwilder/dockerize:0.6.1
name: wait-for-postgres
- commands:
- apk add --update build-base
- apk add --update postgresql-client
- psql -p 5432 -h postgres -U grafanatest -d grafanatest -f devenv/docker/blocks/postgres_tests/setup.sql
- go clean -testcache
- go test -p=1 -count=1 -covermode=atomic -timeout=5m -run '^TestIntegration' $(find
./pkg -type f -name '*_test.go' -exec grep -l '^func TestIntegration' '{}' '+'
| grep -o '\(.*\)/' | sort -u)
depends_on:
- wire-install
- wait-for-postgres
environment:
GRAFANA_TEST_DB: postgres
PGPASSWORD: grafanatest
POSTGRES_HOST: postgres
image: golang:1.20.8-alpine
name: postgres-integration-tests
- commands:
- dockerize -wait tcp://mysql57:3306 -timeout 120s
image: jwilder/dockerize:0.6.1
name: wait-for-mysql-5.7
- commands:
- apk add --update build-base
- apk add --update mysql-client
- cat devenv/docker/blocks/mysql_tests/setup.sql | mysql -h mysql57 -P 3306 -u root
-prootpass
- go clean -testcache
- go test -p=1 -count=1 -covermode=atomic -timeout=5m -run '^TestIntegration' $(find
./pkg -type f -name '*_test.go' -exec grep -l '^func TestIntegration' '{}' '+'
| grep -o '\(.*\)/' | sort -u)
depends_on:
- wire-install
- wait-for-mysql-5.7
environment:
GRAFANA_TEST_DB: mysql
MYSQL_HOST: mysql57
image: golang:1.20.8-alpine
name: mysql-5.7-integration-tests
- commands:
- dockerize -wait tcp://mysql80:3306 -timeout 120s
image: jwilder/dockerize:0.6.1
name: wait-for-mysql-8.0
- commands:
- apk add --update build-base
- apk add --update mysql-client
- cat devenv/docker/blocks/mysql_tests/setup.sql | mysql -h mysql80 -P 3306 -u root
-prootpass
- go clean -testcache
- go test -p=1 -count=1 -covermode=atomic -timeout=5m -run '^TestIntegration' $(find
./pkg -type f -name '*_test.go' -exec grep -l '^func TestIntegration' '{}' '+'
| grep -o '\(.*\)/' | sort -u)
depends_on:
- wire-install
- wait-for-mysql-8.0
environment:
GRAFANA_TEST_DB: mysql
MYSQL_HOST: mysql80
image: golang:1.20.8-alpine
name: mysql-8.0-integration-tests
- commands:
- dockerize -wait tcp://redis:6379 -timeout 120s
image: jwilder/dockerize:0.6.1
name: wait-for-redis
- commands:
- apk add --update build-base
- go clean -testcache
- go test -run IntegrationRedis -covermode=atomic -timeout=2m ./pkg/...
depends_on:
- wire-install
- wait-for-redis
environment:
REDIS_URL: redis://redis:6379/0
image: golang:1.20.8-alpine
name: redis-integration-tests
- commands:
- dockerize -wait tcp://memcached:11211 -timeout 120s
image: jwilder/dockerize:0.6.1
name: wait-for-memcached
- commands:
- apk add --update build-base
- go clean -testcache
- go test -run IntegrationMemcached -covermode=atomic -timeout=2m ./pkg/...
depends_on:
- wire-install
- wait-for-memcached
environment:
MEMCACHED_HOSTS: memcached:11211
image: golang:1.20.8-alpine
name: memcached-integration-tests
trigger:
event:
- pull_request
paths:
exclude:
- docs/**
- '*.md'
include:
- pkg/**
- packaging/**
- .drone.yml
- conf/**
- go.sum
- go.mod
- public/app/plugins/**/plugin.json
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
- name: postgres
temp:
medium: memory
- name: mysql57
temp:
medium: memory
- name: mysql80
temp:
medium: memory
---
clone:
retries: 3
depends_on: []
environment:
EDITION: oss
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: pr-docs
node:
type: no-parallel
platform:
arch: amd64
os: linux
services: []
steps:
- commands:
- echo $DRONE_RUNNER_NAME
image: alpine:3.18.3
name: identify-runner
- commands:
- yarn install --immutable
depends_on: []
image: node:18.12.0-alpine
name: yarn-install
- commands:
- pip3 install codespell
- codespell -I .codespellignore docs/
image: python:3.8
name: codespell
- commands:
- yarn run prettier:checkDocs
depends_on:
- yarn-install
environment:
NODE_OPTIONS: --max_old_space_size=8192
image: node:18.12.0-alpine
name: lint-docs
- commands:
- mkdir -p /hugo/content/docs/grafana/latest
- 'echo -e ''---\nredirectURL: /docs/grafana/latest/\ntype: redirect\nversioned:
true\n---\n'' > /hugo/content/docs/grafana/_index.md'
- cp -r docs/sources/* /hugo/content/docs/grafana/latest/
- cd /hugo && make prod
image: grafana/docs-base:dbd975af06
name: build-docs-website
- commands:
- '# It is required that code generated from Thema/CUE be committed and in sync
with its inputs.'
- '# The following command will fail if running code generators produces any diff
in output.'
- apk add --update make
- CODEGEN_VERIFY=1 make gen-cue
depends_on: []
image: golang:1.20.8-alpine
name: verify-gen-cue
trigger:
event:
- pull_request
paths:
include:
- '*.md'
- docs/**
- packages/**/*.md
- latest.json
repo:
- grafana/grafana
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
---
clone:
retries: 3
depends_on: []
environment:
EDITION: oss
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: pr-shellcheck
node:
type: no-parallel
platform:
arch: amd64
os: linux
services: []
steps:
- commands:
- go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd
depends_on: []
environment:
CGO_ENABLED: 0
image: golang:1.20.8-alpine
name: compile-build-cmd
- commands:
- apt-get update -yq && apt-get install shellcheck
- shellcheck -e SC1071 -e SC2162 scripts/**/*.sh
image: ubuntu:22.04
name: shellcheck
trigger:
event:
- pull_request
paths:
exclude:
- '*.md'
- docs/**
- latest.json
include:
- scripts/**/*.sh
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
---
clone:
retries: 3
depends_on: []
environment:
EDITION: oss
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: pr-integration-benchmarks
node:
type: no-parallel
platform:
arch: amd64
os: linux
services:
- environment:
PGDATA: /var/lib/postgresql/data/pgdata
POSTGRES_DB: grafanatest
POSTGRES_PASSWORD: grafanatest
POSTGRES_USER: grafanatest
image: postgres:12.3-alpine
name: postgres
volumes:
- name: postgres
path: /var/lib/postgresql/data/pgdata
- commands:
- docker-entrypoint.sh mysqld --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci
environment:
MYSQL_DATABASE: grafana_tests
MYSQL_PASSWORD: password
MYSQL_ROOT_PASSWORD: rootpass
MYSQL_USER: grafana
image: mysql:5.7.39
name: mysql57
volumes:
- name: mysql57
path: /var/lib/mysql
- commands:
- docker-entrypoint.sh mysqld --default-authentication-plugin=mysql_native_password
environment:
MYSQL_DATABASE: grafana_tests
MYSQL_PASSWORD: password
MYSQL_ROOT_PASSWORD: rootpass
MYSQL_USER: grafana
image: mysql:8.0.32
name: mysql80
volumes:
- name: mysql80
path: /var/lib/mysql
- environment: {}
image: redis:6.2.11-alpine
name: redis
- environment: {}
image: memcached:1.6.9-alpine
name: memcached
steps:
- commands:
- apk add --update curl jq bash
- git clone "https://$${GITHUB_TOKEN}@github.com/grafana/grafana-enterprise.git"
../grafana-enterprise
- cd ../grafana-enterprise
- if git checkout ${DRONE_SOURCE_BRANCH}; then echo "checked out ${DRONE_SOURCE_BRANCH}";
elif git checkout ${DRONE_TARGET_BRANCH}; then echo "git checkout ${DRONE_TARGET_BRANCH}";
else git checkout main; fi
- cd ../
- ln -s src grafana
- cd ./grafana-enterprise
- ./build.sh
environment:
GITHUB_TOKEN:
from_secret: github_token
failure: ignore
image: alpine/git:2.40.1
name: clone-enterprise
- commands:
- go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd
depends_on: []
environment:
CGO_ENABLED: 0
image: golang:1.20.8-alpine
name: compile-build-cmd
- commands:
- '# It is required that code generated from Thema/CUE be committed and in sync
with its inputs.'
- '# The following command will fail if running code generators produces any diff
in output.'
- apk add --update make
- CODEGEN_VERIFY=1 make gen-cue
depends_on:
- clone-enterprise
image: golang:1.20.8-alpine
name: verify-gen-cue
- commands:
- '# It is required that generated jsonnet is committed and in sync with its inputs.'
- '# The following command will fail if running code generators produces any diff
in output.'
- apk add --update make
- CODEGEN_VERIFY=1 make gen-jsonnet
depends_on:
- clone-enterprise
image: golang:1.20.8-alpine
name: verify-gen-jsonnet
- commands:
- apk add --update make
- make gen-go
depends_on:
- verify-gen-cue
image: golang:1.20.8-alpine
name: wire-install
- commands:
- apk add --update build-base
- if [ -z ${GO_PACKAGES} ]; then echo 'missing GO_PACKAGES'; false; fi
- go test -v -run=^$ -benchmem -timeout=1h -count=8 -bench=. ${GO_PACKAGES}
depends_on:
- wire-install
image: golang:1.20.8-alpine
name: sqlite-benchmark-integration-tests
- commands:
- apk add --update build-base
- if [ -z ${GO_PACKAGES} ]; then echo 'missing GO_PACKAGES'; false; fi
- go test -v -run=^$ -benchmem -timeout=1h -count=8 -bench=. ${GO_PACKAGES}
depends_on:
- wire-install
environment:
GRAFANA_TEST_DB: postgres
PGPASSWORD: grafanatest
POSTGRES_HOST: postgres
image: golang:1.20.8-alpine
name: postgres-benchmark-integration-tests
- commands:
- apk add --update build-base
- if [ -z ${GO_PACKAGES} ]; then echo 'missing GO_PACKAGES'; false; fi
- go test -v -run=^$ -benchmem -timeout=1h -count=8 -bench=. ${GO_PACKAGES}
depends_on:
- wire-install
environment:
GRAFANA_TEST_DB: mysql
MYSQL_HOST: mysql57
image: golang:1.20.8-alpine
name: mysql-5.7-benchmark-integration-tests
- commands:
- apk add --update build-base
- if [ -z ${GO_PACKAGES} ]; then echo 'missing GO_PACKAGES'; false; fi
- go test -v -run=^$ -benchmem -timeout=1h -count=8 -bench=. ${GO_PACKAGES}
depends_on:
- wire-install
environment:
GRAFANA_TEST_DB: mysql
MYSQL_HOST: mysql80
image: golang:1.20.8-alpine
name: mysql-8.0-benchmark-integration-tests
trigger:
event:
- promote
target:
- gobenchmarks
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
- name: postgres
temp:
medium: memory
- name: mysql57
temp:
medium: memory
- name: mysql80
temp:
medium: memory
---
clone:
retries: 3
depends_on: []
environment:
EDITION: oss
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: main-docs
node:
type: no-parallel
platform:
arch: amd64
os: linux
services: []
steps:
- commands:
- echo $DRONE_RUNNER_NAME
image: alpine:3.18.3
name: identify-runner
- commands:
- yarn install --immutable
depends_on: []
image: node:18.12.0-alpine
name: yarn-install
- commands:
- pip3 install codespell
- codespell -I .codespellignore docs/
image: python:3.8
name: codespell
- commands:
- yarn run prettier:checkDocs
depends_on:
- yarn-install
environment:
NODE_OPTIONS: --max_old_space_size=8192
image: node:18.12.0-alpine
name: lint-docs
- commands:
- mkdir -p /hugo/content/docs/grafana/latest
- 'echo -e ''---\nredirectURL: /docs/grafana/latest/\ntype: redirect\nversioned:
true\n---\n'' > /hugo/content/docs/grafana/_index.md'
- cp -r docs/sources/* /hugo/content/docs/grafana/latest/
- cd /hugo && make prod
image: grafana/docs-base:dbd975af06
name: build-docs-website
- commands:
- '# It is required that code generated from Thema/CUE be committed and in sync
with its inputs.'
- '# The following command will fail if running code generators produces any diff
in output.'
- apk add --update make
- CODEGEN_VERIFY=1 make gen-cue
depends_on: []
image: golang:1.20.8-alpine
name: verify-gen-cue
trigger:
branch: main
event:
- push
paths:
include:
- '*.md'
- docs/**
- packages/**/*.md
- latest.json
repo:
- grafana/grafana
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
---
clone:
retries: 3
depends_on: []
environment:
EDITION: oss
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: main-test-frontend
node:
type: no-parallel
platform:
arch: amd64
os: linux
services: []
steps:
- commands:
- echo $DRONE_RUNNER_NAME
image: alpine:3.18.3
name: identify-runner
- commands:
- yarn install --immutable
depends_on: []
image: node:18.12.0-alpine
name: yarn-install
- commands:
- apk add --update git bash
- yarn betterer ci
depends_on:
- yarn-install
image: node:18.12.0-alpine
name: betterer-frontend
- commands:
- yarn run ci:test-frontend
depends_on:
- yarn-install
environment:
TEST_MAX_WORKERS: 50%
image: node:18.12.0-alpine
name: test-frontend
trigger:
branch: main
event:
- push
paths:
exclude:
- '*.md'
- docs/**
- latest.json
repo:
- grafana/grafana
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
---
clone:
retries: 3
depends_on: []
environment:
EDITION: oss
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: main-lint-frontend
node:
type: no-parallel
platform:
arch: amd64
os: linux
services: []
steps:
- commands:
- echo $DRONE_RUNNER_NAME
image: alpine:3.18.3
name: identify-runner
- commands:
- yarn install --immutable
depends_on: []
image: node:18.12.0-alpine
name: yarn-install
- commands:
- yarn run prettier:check
- yarn run lint
- yarn run typecheck
depends_on:
- yarn-install
environment:
TEST_MAX_WORKERS: 50%
image: node:18.12.0-alpine
name: lint-frontend
- commands:
- apk add --update git
- |-
yarn run i18n:extract || (echo "
Extraction failed. Make sure that you have no dynamic translation phrases, such as 't(\`preferences.theme.\$${themeID}\`, themeName)' and that no translation key is used twice. Search the output for '[warning]' to find the offending file." && false)
- "\n file_diff=$(git diff --dirstat public/locales)\n if
[ -n \"$file_diff\" ]; then\n echo $file_diff\n echo
\"\nTranslation extraction has not been committed. Please run 'yarn i18n:extract',
commit the changes and push again.\"\n exit 1\n fi\n
\ "
- yarn run i18n:compile
depends_on:
- yarn-install
image: node:18.12.0-alpine
name: verify-i18n
trigger:
branch: main
event:
- push
paths:
exclude:
- '*.md'
- docs/**
- latest.json
repo:
- grafana/grafana
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
---
clone:
retries: 3
depends_on: []
environment:
EDITION: oss
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: main-test-backend
node:
type: no-parallel
platform:
arch: amd64
os: linux
services: []
steps:
- commands:
- echo $DRONE_RUNNER_NAME
image: alpine:3.18.3
name: identify-runner
- commands:
- '# It is required that code generated from Thema/CUE be committed and in sync
with its inputs.'
- '# The following command will fail if running code generators produces any diff
in output.'
- apk add --update make
- CODEGEN_VERIFY=1 make gen-cue
depends_on: []
image: golang:1.20.8-alpine
name: verify-gen-cue
- commands:
- '# It is required that generated jsonnet is committed and in sync with its inputs.'
- '# The following command will fail if running code generators produces any diff
in output.'
- apk add --update make
- CODEGEN_VERIFY=1 make gen-jsonnet
depends_on: []
image: golang:1.20.8-alpine
name: verify-gen-jsonnet
- commands:
- apk add --update make
- make gen-go
depends_on:
- verify-gen-cue
image: golang:1.20.8-alpine
name: wire-install
- commands:
- apk add --update build-base shared-mime-info shared-mime-info-lang
- go test -tags requires_buildifer -short -covermode=atomic -timeout=5m ./pkg/...
depends_on:
- wire-install
image: golang:1.20.8-alpine
name: test-backend
- commands:
- apk add --update build-base
- go test -count=1 -covermode=atomic -timeout=5m -run '^TestIntegration' $(find
./pkg -type f -name '*_test.go' -exec grep -l '^func TestIntegration' '{}' '+'
| grep -o '\(.*\)/' | sort -u)
depends_on:
- wire-install
image: golang:1.20.8-alpine
name: test-backend-integration
trigger:
branch: main
event:
- push
paths:
exclude:
- '*.md'
- docs/**
- latest.json
repo:
- grafana/grafana
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
---
clone:
retries: 3
depends_on: []
environment:
EDITION: oss
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: main-lint-backend
node:
type: no-parallel
platform:
arch: amd64
os: linux
services: []
steps:
- commands:
- echo $DRONE_RUNNER_NAME
image: alpine:3.18.3
name: identify-runner
- commands:
- go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd
depends_on: []
environment:
CGO_ENABLED: 0
image: golang:1.20.8-alpine
name: compile-build-cmd
- commands:
- apk add --update make
- make gen-go
depends_on: []
image: golang:1.20.8-alpine
name: wire-install
- commands:
- apk add --update make build-base
- make lint-go
depends_on:
- wire-install
environment:
CGO_ENABLED: "1"
image: golang:1.20.8-alpine
name: lint-backend
- commands:
- go run scripts/modowners/modowners.go check go.mod
image: golang:1.20.8-alpine
name: validate-modfile
- commands:
- apk add --update make
- make swagger-validate
image: golang:1.20.8-alpine
name: validate-openapi-spec
- commands:
- ./bin/build verify-drone
depends_on:
- compile-build-cmd
image: byrnedo/alpine-curl:0.1.8
name: lint-drone
trigger:
branch: main
event:
- push
paths:
exclude:
- '*.md'
- docs/**
- latest.json
repo:
- grafana/grafana
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
---
clone:
retries: 3
depends_on: []
environment:
EDITION: oss
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: main-build-e2e-publish
node:
type: no-parallel
platform:
arch: amd64
os: linux
services: []
steps:
- commands:
- echo $DRONE_RUNNER_NAME
image: alpine:3.18.3
name: identify-runner
- commands:
- mkdir -p bin
- curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v3.0.42/grabpl
- chmod +x bin/grabpl
image: byrnedo/alpine-curl:0.1.8
name: grabpl
- commands:
- go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd
depends_on: []
environment:
CGO_ENABLED: 0
image: golang:1.20.8-alpine
name: compile-build-cmd
- commands:
- '# It is required that code generated from Thema/CUE be committed and in sync
with its inputs.'
- '# The following command will fail if running code generators produces any diff
in output.'
- apk add --update make
- CODEGEN_VERIFY=1 make gen-cue
depends_on: []
image: golang:1.20.8-alpine
name: verify-gen-cue
- commands:
- '# It is required that generated jsonnet is committed and in sync with its inputs.'
- '# The following command will fail if running code generators produces any diff
in output.'
- apk add --update make
- CODEGEN_VERIFY=1 make gen-jsonnet
depends_on: []
image: golang:1.20.8-alpine
name: verify-gen-jsonnet
- commands:
- apk add --update make
- make gen-go
depends_on:
- verify-gen-cue
image: golang:1.20.8-alpine
name: wire-install
- commands:
- yarn install --immutable
depends_on: []
image: node:18.12.0-alpine
name: yarn-install
- commands:
- apk add --update jq
- new_version=$(cat package.json | jq .version | sed s/pre/${DRONE_BUILD_NUMBER}/g)
- 'echo "New version: $new_version"'
- yarn run lerna version $new_version --exact --no-git-tag-version --no-push --force-publish
-y
- yarn install --mode=update-lockfile
depends_on:
- yarn-install
image: node:18.12.0-alpine
name: update-package-json-version
- commands:
- apk add --update jq bash
- yarn packages:build
- yarn packages:pack
- ./scripts/validate-npm-packages.sh
depends_on:
- yarn-install
- update-package-json-version
environment:
NODE_OPTIONS: --max_old_space_size=8192
image: node:18.12.0-alpine
name: build-frontend-packages
- commands:
- /src/grafana-build package --distro=linux/amd64,linux/arm64 --go-version=1.20.8
--yarn-cache=$$YARN_CACHE_FOLDER --build-id=$$DRONE_BUILD_NUMBER --grafana-dir=$$PWD
> packages.txt
depends_on:
- yarn-install
image: grafana/grafana-build:main
name: rgm-package
pull: always
volumes:
- name: docker
path: /var/run/docker.sock
- commands:
- apk add --update tar bash
- mkdir grafana
- tar --strip-components=1 -xvf ./dist/*amd64.tar.gz -C grafana
- cp -r devenv scripts tools grafana && cd grafana && ./scripts/grafana-server/start-server
depends_on:
- rgm-package
detach: true
environment:
GF_APP_MODE: development
GF_SERVER_HTTP_PORT: "3001"
GF_SERVER_ROUTER_LOGGING: "1"
image: alpine:3.18.3
name: grafana-server
- commands:
- ./bin/build e2e-tests --port 3001 --suite dashboards-suite
depends_on:
- grafana-server
environment:
HOST: grafana-server
image: cypress/included:13.1.0
name: end-to-end-tests-dashboards-suite
- commands:
- ./bin/build e2e-tests --port 3001 --suite smoke-tests-suite
depends_on:
- grafana-server
environment:
HOST: grafana-server
image: cypress/included:13.1.0
name: end-to-end-tests-smoke-tests-suite
- commands:
- ./bin/build e2e-tests --port 3001 --suite panels-suite
depends_on:
- grafana-server
environment:
HOST: grafana-server
image: cypress/included:13.1.0
name: end-to-end-tests-panels-suite
- commands:
- ./bin/build e2e-tests --port 3001 --suite various-suite
depends_on:
- grafana-server
environment:
HOST: grafana-server
image: cypress/included:13.1.0
name: end-to-end-tests-various-suite
- commands:
- cd /
- ./cpp-e2e/scripts/ci-run.sh azure ${DRONE_SOURCE_BRANCH}
depends_on:
- grafana-server
environment:
AZURE_SP_APP_ID:
from_secret: azure_sp_app_id
AZURE_SP_PASSWORD:
from_secret: azure_sp_app_pw
AZURE_TENANT:
from_secret: azure_tenant
CYPRESS_CI: "true"
GITHUB_TOKEN:
from_secret: github_token
HOST: grafana-server
image: us-docker.pkg.dev/grafanalabs-dev/cloud-data-sources/e2e:3.0.0
name: end-to-end-tests-cloud-plugins-suite-azure
when:
paths:
include:
- pkg/tsdb/azuremonitor/**
- public/app/plugins/datasource/azuremonitor/**
- e2e/cloud-plugins-suite/azure-monitor.spec.ts
repo:
- grafana/grafana
- commands:
- apt-get update
- apt-get install -yq zip
- printenv GCP_GRAFANA_UPLOAD_ARTIFACTS_KEY > /tmp/gcpkey_upload_artifacts.json
- gcloud auth activate-service-account --key-file=/tmp/gcpkey_upload_artifacts.json
- find ./e2e -type f -name "*spec.ts.mp4" | zip e2e/videos.zip -@
- gsutil cp e2e/videos.zip gs://$${E2E_TEST_ARTIFACTS_BUCKET}/${DRONE_BUILD_NUMBER}/artifacts/videos/videos.zip
- export E2E_ARTIFACTS_VIDEO_ZIP=https://storage.googleapis.com/$${E2E_TEST_ARTIFACTS_BUCKET}/${DRONE_BUILD_NUMBER}/artifacts/videos/videos.zip
- 'echo "E2E Test artifacts uploaded to: $${E2E_ARTIFACTS_VIDEO_ZIP}"'
- 'curl -X POST https://api.github.com/repos/${DRONE_REPO}/statuses/${DRONE_COMMIT_SHA}
-H "Authorization: token $${GITHUB_TOKEN}" -d "{\"state\":\"success\",\"target_url\":\"$${E2E_ARTIFACTS_VIDEO_ZIP}\",
\"description\": \"Click on the details to download e2e recording videos\", \"context\":
\"e2e_artifacts\"}"'
depends_on:
- end-to-end-tests-dashboards-suite
- end-to-end-tests-panels-suite
- end-to-end-tests-smoke-tests-suite
- end-to-end-tests-various-suite
environment:
E2E_TEST_ARTIFACTS_BUCKET: releng-pipeline-artifacts-dev
GCP_GRAFANA_UPLOAD_ARTIFACTS_KEY:
from_secret: gcp_upload_artifacts_key
GITHUB_TOKEN:
from_secret: github_token
failure: ignore
image: google/cloud-sdk:431.0.0
name: e2e-tests-artifacts-upload
when:
status:
- success
- failure
- commands:
- yarn storybook:build
- ./bin/build verify-storybook
depends_on:
- rgm-package
- build-frontend-packages
environment:
NODE_OPTIONS: --max_old_space_size=4096
image: node:18.12.0-alpine
name: build-storybook
when:
paths:
include:
- packages/grafana-ui/**
- commands:
- yarn wait-on http://$HOST:$PORT
- pa11y-ci --config .pa11yci.conf.js --json > pa11y-ci-results.json
depends_on:
- grafana-server
environment:
GRAFANA_MISC_STATS_API_KEY:
from_secret: grafana_misc_stats_api_key
HOST: grafana-server
PORT: 3001
failure: ignore
image: grafana/docker-puppeteer:1.1.0
name: test-a11y-frontend
- commands:
- ./bin/build store-storybook --deployment canary
depends_on:
- build-storybook
- end-to-end-tests-dashboards-suite
- end-to-end-tests-panels-suite
- end-to-end-tests-smoke-tests-suite
- end-to-end-tests-various-suite
environment:
GCP_KEY:
from_secret: gcp_grafanauploads
PRERELEASE_BUCKET:
from_secret: prerelease_bucket
image: grafana/grafana-ci-deploy:1.3.3
name: store-storybook
when:
paths:
include:
- packages/grafana-ui/**
repo:
- grafana/grafana
- commands:
- apk add --update bash grep git
- ./scripts/ci-frontend-metrics.sh ./grafana/public/build | ./bin/build publish-metrics
$$GRAFANA_MISC_STATS_API_KEY
depends_on:
- test-a11y-frontend
environment:
GRAFANA_MISC_STATS_API_KEY:
from_secret: grafana_misc_stats_api_key
failure: ignore
image: node:18.12.0-alpine
name: publish-frontend-metrics
when:
repo:
- grafana/grafana
- commands:
- docker run --privileged --rm tonistiigi/binfmt --install all
- /src/grafana-build docker $(cat packages.txt | grep tar.gz | grep -v docker |
grep -v sha256 | awk '{print "--package=" $0}') --ubuntu-base=ubuntu:22.04 --alpine-base=alpine:3.18.3
--tag-format='{{ .version_base }}-{{ .buildID }}-{{ .arch }}' --ubuntu-tag-format='{{
.version_base }}-{{ .buildID }}-ubuntu-{{ .arch }}' > docker.txt
- find ./dist -name '*docker*.tar.gz' -type f | xargs -n1 docker load -i
depends_on:
- rgm-package
image: grafana/grafana-build:main
name: rgm-build-docker
pull: always
volumes:
- name: docker
path: /var/run/docker.sock
- commands:
- ./bin/grabpl artifacts docker publish --dockerhub-repo grafana/grafana
depends_on:
- rgm-build-docker
environment:
DOCKER_PASSWORD:
from_secret: docker_password
DOCKER_USER:
from_secret: docker_username
GCP_KEY:
from_secret: gcp_grafanauploads
GITHUB_APP_ID:
from_secret: delivery-bot-app-id
GITHUB_APP_INSTALLATION_ID:
from_secret: delivery-bot-app-installation-id
GITHUB_APP_PRIVATE_KEY:
from_secret: delivery-bot-app-private-key
image: google/cloud-sdk:431.0.0
name: publish-images-grafana
volumes:
- name: docker
path: /var/run/docker.sock
when:
repo:
- grafana/grafana
- commands:
- ./bin/grabpl artifacts docker publish --dockerhub-repo grafana/grafana-oss
depends_on:
- rgm-build-docker
environment:
DOCKER_PASSWORD:
from_secret: docker_password
DOCKER_USER:
from_secret: docker_username
GCP_KEY:
from_secret: gcp_grafanauploads
GITHUB_APP_ID:
from_secret: delivery-bot-app-id
GITHUB_APP_INSTALLATION_ID:
from_secret: delivery-bot-app-installation-id
GITHUB_APP_PRIVATE_KEY:
from_secret: delivery-bot-app-private-key
image: google/cloud-sdk:431.0.0
name: publish-images-grafana-oss
volumes:
- name: docker
path: /var/run/docker.sock
when:
repo:
- grafana/grafana
- commands:
- apk add --update bash
- ./scripts/publish-npm-packages.sh --dist-tag 'canary' --registry 'https://registry.npmjs.org'
depends_on:
- end-to-end-tests-dashboards-suite
- end-to-end-tests-panels-suite
- end-to-end-tests-smoke-tests-suite
- end-to-end-tests-various-suite
- build-frontend-packages
environment:
NPM_TOKEN:
from_secret: npm_token
image: node:18.12.0-alpine
name: release-canary-npm-packages
when:
paths:
include:
- packages/**
repo:
- grafana/grafana
- commands:
- ./bin/build upload-packages --edition oss
depends_on:
- end-to-end-tests-dashboards-suite
- end-to-end-tests-panels-suite
- end-to-end-tests-smoke-tests-suite
- end-to-end-tests-various-suite
environment:
GCP_KEY:
from_secret: gcp_grafanauploads_base64
PRERELEASE_BUCKET:
from_secret: prerelease_bucket
image: grafana/grafana-ci-deploy:1.3.3
name: upload-packages
when:
repo:
- grafana/grafana
- commands:
- ./bin/build upload-cdn --edition oss
depends_on:
- grafana-server
environment:
GCP_KEY:
from_secret: gcp_grafanauploads
PRERELEASE_BUCKET:
from_secret: prerelease_bucket
image: grafana/grafana-ci-deploy:1.3.3
name: upload-cdn-assets
when:
repo:
- grafana/grafana
trigger:
branch: main
event:
- push
paths:
exclude:
- '*.md'
- docs/**
- latest.json
repo:
- grafana/grafana
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
---
clone:
retries: 3
depends_on: []
environment:
EDITION: oss
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: main-integration-tests
node:
type: no-parallel
platform:
arch: amd64
os: linux
services:
- environment:
PGDATA: /var/lib/postgresql/data/pgdata
POSTGRES_DB: grafanatest
POSTGRES_PASSWORD: grafanatest
POSTGRES_USER: grafanatest
image: postgres:12.3-alpine
name: postgres
volumes:
- name: postgres
path: /var/lib/postgresql/data/pgdata
- commands:
- docker-entrypoint.sh mysqld --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci
environment:
MYSQL_DATABASE: grafana_tests
MYSQL_PASSWORD: password
MYSQL_ROOT_PASSWORD: rootpass
MYSQL_USER: grafana
image: mysql:5.7.39
name: mysql57
volumes:
- name: mysql57
path: /var/lib/mysql
- commands:
- docker-entrypoint.sh mysqld --default-authentication-plugin=mysql_native_password
environment:
MYSQL_DATABASE: grafana_tests
MYSQL_PASSWORD: password
MYSQL_ROOT_PASSWORD: rootpass
MYSQL_USER: grafana
image: mysql:8.0.32
name: mysql80
volumes:
- name: mysql80
path: /var/lib/mysql
- environment: {}
image: redis:6.2.11-alpine
name: redis
- environment: {}
image: memcached:1.6.9-alpine
name: memcached
steps:
- commands:
- mkdir -p bin
- curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v3.0.42/grabpl
- chmod +x bin/grabpl
image: byrnedo/alpine-curl:0.1.8
name: grabpl
- commands:
- go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd
depends_on: []
environment:
CGO_ENABLED: 0
image: golang:1.20.8-alpine
name: compile-build-cmd
- commands:
- echo $DRONE_RUNNER_NAME
image: alpine:3.18.3
name: identify-runner
- commands:
- '# It is required that code generated from Thema/CUE be committed and in sync
with its inputs.'
- '# The following command will fail if running code generators produces any diff
in output.'
- apk add --update make
- CODEGEN_VERIFY=1 make gen-cue
depends_on: []
image: golang:1.20.8-alpine
name: verify-gen-cue
- commands:
- '# It is required that generated jsonnet is committed and in sync with its inputs.'
- '# The following command will fail if running code generators produces any diff
in output.'
- apk add --update make
- CODEGEN_VERIFY=1 make gen-jsonnet
depends_on: []
image: golang:1.20.8-alpine
name: verify-gen-jsonnet
- commands:
- apk add --update make
- make gen-go
depends_on:
- verify-gen-cue
image: golang:1.20.8-alpine
name: wire-install
- commands:
- dockerize -wait tcp://postgres:5432 -timeout 120s
image: jwilder/dockerize:0.6.1
name: wait-for-postgres
- commands:
- apk add --update build-base
- apk add --update postgresql-client
- psql -p 5432 -h postgres -U grafanatest -d grafanatest -f devenv/docker/blocks/postgres_tests/setup.sql
- go clean -testcache
- go test -p=1 -count=1 -covermode=atomic -timeout=5m -run '^TestIntegration' $(find
./pkg -type f -name '*_test.go' -exec grep -l '^func TestIntegration' '{}' '+'
| grep -o '\(.*\)/' | sort -u)
depends_on:
- wire-install
- wait-for-postgres
environment:
GRAFANA_TEST_DB: postgres
PGPASSWORD: grafanatest
POSTGRES_HOST: postgres
image: golang:1.20.8-alpine
name: postgres-integration-tests
- commands:
- dockerize -wait tcp://mysql57:3306 -timeout 120s
image: jwilder/dockerize:0.6.1
name: wait-for-mysql-5.7
- commands:
- apk add --update build-base
- apk add --update mysql-client
- cat devenv/docker/blocks/mysql_tests/setup.sql | mysql -h mysql57 -P 3306 -u root
-prootpass
- go clean -testcache
- go test -p=1 -count=1 -covermode=atomic -timeout=5m -run '^TestIntegration' $(find
./pkg -type f -name '*_test.go' -exec grep -l '^func TestIntegration' '{}' '+'
| grep -o '\(.*\)/' | sort -u)
depends_on:
- wire-install
- wait-for-mysql-5.7
environment:
GRAFANA_TEST_DB: mysql
MYSQL_HOST: mysql57
image: golang:1.20.8-alpine
name: mysql-5.7-integration-tests
- commands:
- dockerize -wait tcp://mysql80:3306 -timeout 120s
image: jwilder/dockerize:0.6.1
name: wait-for-mysql-8.0
- commands:
- apk add --update build-base
- apk add --update mysql-client
- cat devenv/docker/blocks/mysql_tests/setup.sql | mysql -h mysql80 -P 3306 -u root
-prootpass
- go clean -testcache
- go test -p=1 -count=1 -covermode=atomic -timeout=5m -run '^TestIntegration' $(find
./pkg -type f -name '*_test.go' -exec grep -l '^func TestIntegration' '{}' '+'
| grep -o '\(.*\)/' | sort -u)
depends_on:
- wire-install
- wait-for-mysql-8.0
environment:
GRAFANA_TEST_DB: mysql
MYSQL_HOST: mysql80
image: golang:1.20.8-alpine
name: mysql-8.0-integration-tests
- commands:
- dockerize -wait tcp://redis:6379 -timeout 120s
image: jwilder/dockerize:0.6.1
name: wait-for-redis
- commands:
- apk add --update build-base
- go clean -testcache
- go test -run IntegrationRedis -covermode=atomic -timeout=2m ./pkg/...
depends_on:
- wire-install
- wait-for-redis
environment:
REDIS_URL: redis://redis:6379/0
image: golang:1.20.8-alpine
name: redis-integration-tests
- commands:
- dockerize -wait tcp://memcached:11211 -timeout 120s
image: jwilder/dockerize:0.6.1
name: wait-for-memcached
- commands:
- apk add --update build-base
- go clean -testcache
- go test -run IntegrationMemcached -covermode=atomic -timeout=2m ./pkg/...
depends_on:
- wire-install
- wait-for-memcached
environment:
MEMCACHED_HOSTS: memcached:11211
image: golang:1.20.8-alpine
name: memcached-integration-tests
trigger:
branch: main
event:
- push
paths:
exclude:
- '*.md'
- docs/**
- latest.json
repo:
- grafana/grafana
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
- name: postgres
temp:
medium: memory
- name: mysql57
temp:
medium: memory
- name: mysql80
temp:
medium: memory
---
clone:
retries: 3
depends_on:
- main-test-frontend
- main-test-backend
- main-build-e2e-publish
- main-integration-tests
environment:
EDITION: oss
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: main-windows
platform:
arch: amd64
os: windows
version: "1809"
services: []
steps:
- commands:
- echo $env:DRONE_RUNNER_NAME
image: mcr.microsoft.com/windows:1809
name: identify-runner
- commands:
- $$ProgressPreference = "SilentlyContinue"
- Invoke-WebRequest https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v3.0.42/windows/grabpl.exe
-OutFile grabpl.exe
image: grafana/ci-wix:0.1.1
name: windows-init
trigger:
branch: main
event:
- push
paths:
exclude:
- '*.md'
- docs/**
- latest.json
repo:
- grafana/grafana
type: docker
volumes:
- host:
path: //./pipe/docker_engine/
name: docker
---
clone:
retries: 3
depends_on: []
kind: pipeline
name: notify-drone-changes
platform:
arch: amd64
os: linux
steps:
- image: plugins/slack
name: slack
settings:
channel: slack-webhooks-test
template: "`.drone.yml` and `starlark` files have been changed on the OSS repo,
by: {{build.author}}. \nBranch: <https://github.com/{{ repo.owner }}/{{ repo.name
}}/commits/{{ build.branch }}|{{ build.branch }}>\nCommit hash: <https://github.com/{{repo.owner}}/{{repo.name}}/commit/{{build.commit}}|{{
truncate build.commit 8 }}>"
webhook:
from_secret: drone-changes-webhook
trigger:
branch: main
event:
- push
paths:
exclude:
- exclude
include:
- .drone.yml
repo:
- grafana/grafana
type: docker
---
clone:
retries: 3
depends_on:
- main-build-e2e-publish
- main-integration-tests
environment:
EDITION: oss
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: main-trigger-downstream
node:
type: no-parallel
platform:
arch: amd64
os: linux
services: []
steps:
- image: grafana/drone-downstream
name: trigger-enterprise-downstream
settings:
params:
- SOURCE_BUILD_NUMBER=${DRONE_COMMIT}
- SOURCE_COMMIT=${DRONE_COMMIT}
repositories:
- grafana/grafana-enterprise@main
server: https://drone.grafana.net
token:
from_secret: drone_token
trigger:
branch: main
event:
- push
paths:
exclude:
- '*.md'
- docs/**
- latest.json
repo:
- grafana/grafana-security-mirror
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
---
clone:
retries: 3
depends_on:
- main-test-frontend
- main-test-backend
- main-build-e2e-publish
- main-integration-tests
- main-windows
kind: pipeline
name: main-notify
platform:
arch: amd64
os: linux
steps:
- image: plugins/slack
name: slack
settings:
channel: grafana-ci-notifications
template: |-
Build {{build.number}} failed for commit: <https://github.com/{{repo.owner}}/{{repo.name}}/commit/{{build.commit}}|{{ truncate build.commit 8 }}>: {{build.link}}
Branch: <https://github.com/{{ repo.owner }}/{{ repo.name }}/commits/{{ build.branch }}|{{ build.branch }}>
Author: {{build.author}}
webhook:
from_secret: slack_webhook
trigger:
branch: main
event:
- push
paths:
exclude:
- '*.md'
- docs/**
- latest.json
repo:
- grafana/grafana
status:
- failure
type: docker
---
clone:
retries: 3
depends_on: []
environment:
EDITION: oss
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: publish-docker-public
node:
type: no-parallel
platform:
arch: amd64
os: linux
services: []
steps:
- commands:
- echo $DRONE_RUNNER_NAME
image: alpine:3.18.3
name: identify-runner
- commands:
- mkdir -p bin
- curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v3.0.42/grabpl
- chmod +x bin/grabpl
image: byrnedo/alpine-curl:0.1.8
name: grabpl
- commands:
- go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd
depends_on: []
environment:
CGO_ENABLED: 0
image: golang:1.20.8-alpine
name: compile-build-cmd
- commands:
- ./bin/build artifacts docker fetch --edition oss
depends_on:
- compile-build-cmd
environment:
DOCKER_PASSWORD:
from_secret: docker_password
DOCKER_USER:
from_secret: docker_username
GCP_KEY:
from_secret: gcp_grafanauploads
image: google/cloud-sdk:431.0.0
name: fetch-images
volumes:
- name: docker
path: /var/run/docker.sock
- commands:
- ./bin/grabpl artifacts docker publish --dockerhub-repo grafana/grafana --version-tag
${DRONE_TAG}
depends_on:
- fetch-images
environment:
DOCKER_PASSWORD:
from_secret: docker_password
DOCKER_USER:
from_secret: docker_username
GCP_KEY:
from_secret: gcp_grafanauploads
GITHUB_APP_ID:
from_secret: delivery-bot-app-id
GITHUB_APP_INSTALLATION_ID:
from_secret: delivery-bot-app-installation-id
GITHUB_APP_PRIVATE_KEY:
from_secret: delivery-bot-app-private-key
image: google/cloud-sdk:431.0.0
name: publish-images-grafana
volumes:
- name: docker
path: /var/run/docker.sock
- commands:
- ./bin/grabpl artifacts docker publish --dockerhub-repo grafana/grafana-oss --version-tag
${DRONE_TAG}
depends_on:
- fetch-images
environment:
DOCKER_PASSWORD:
from_secret: docker_password
DOCKER_USER:
from_secret: docker_username
GCP_KEY:
from_secret: gcp_grafanauploads
GITHUB_APP_ID:
from_secret: delivery-bot-app-id
GITHUB_APP_INSTALLATION_ID:
from_secret: delivery-bot-app-installation-id
GITHUB_APP_PRIVATE_KEY:
from_secret: delivery-bot-app-private-key
image: google/cloud-sdk:431.0.0
name: publish-images-grafana-oss
volumes:
- name: docker
path: /var/run/docker.sock
trigger:
event:
- promote
target:
- public
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
---
clone:
retries: 3
depends_on: []
environment:
EDITION: oss
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: publish-artifacts-public
node:
type: no-parallel
platform:
arch: amd64
os: linux
services: []
steps:
- commands:
- go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd
depends_on: []
environment:
CGO_ENABLED: 0
image: golang:1.20.8-alpine
name: compile-build-cmd
- commands:
- ./bin/build artifacts packages --tag $${DRONE_TAG} --src-bucket $${PRERELEASE_BUCKET}
depends_on:
- compile-build-cmd
environment:
GCP_KEY:
from_secret: gcp_grafanauploads_base64
PRERELEASE_BUCKET:
from_secret: prerelease_bucket
image: grafana/grafana-ci-deploy:1.3.3
name: publish-artifacts
- commands:
- ./bin/build artifacts static-assets --tag ${DRONE_TAG} --static-asset-editions=grafana-oss
depends_on:
- compile-build-cmd
environment:
GCP_KEY:
from_secret: gcp_grafanauploads_base64
PRERELEASE_BUCKET:
from_secret: prerelease_bucket
STATIC_ASSET_EDITIONS:
from_secret: static_asset_editions
image: grafana/grafana-ci-deploy:1.3.3
name: publish-static-assets
- commands:
- ./bin/build artifacts storybook --tag ${DRONE_TAG}
depends_on:
- compile-build-cmd
environment:
GCP_KEY:
from_secret: gcp_grafanauploads_base64
PRERELEASE_BUCKET:
from_secret: prerelease_bucket
image: grafana/grafana-ci-deploy:1.3.3
name: publish-storybook
trigger:
event:
- promote
target:
- public
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
---
clone:
retries: 3
depends_on: []
environment:
EDITION: oss
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: publish-npm-packages-public
node:
type: no-parallel
platform:
arch: amd64
os: linux
services: []
steps:
- commands:
- go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd
depends_on: []
environment:
CGO_ENABLED: 0
image: golang:1.20.8-alpine
name: compile-build-cmd
- commands:
- yarn install --immutable
depends_on: []
image: node:18.12.0-alpine
name: yarn-install
- commands:
- ./bin/build artifacts npm retrieve --tag ${DRONE_TAG}
depends_on:
- compile-build-cmd
- yarn-install
environment:
GCP_KEY:
from_secret: gcp_grafanauploads_base64
PRERELEASE_BUCKET:
from_secret: prerelease_bucket
failure: ignore
image: grafana/grafana-ci-deploy:1.3.3
name: retrieve-npm-packages
- commands:
- ./bin/build artifacts npm release --tag ${DRONE_TAG}
depends_on:
- compile-build-cmd
- retrieve-npm-packages
environment:
NPM_TOKEN:
from_secret: npm_token
failure: ignore
image: golang:1.20.8-alpine
name: release-npm-packages
trigger:
event:
- promote
target:
- public
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
---
clone:
retries: 3
depends_on:
- publish-artifacts-public
- publish-docker-public
environment:
EDITION: oss
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: publish-packages
node:
type: no-parallel
platform:
arch: amd64
os: linux
services: []
steps:
- commands:
- go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd
depends_on: []
environment:
CGO_ENABLED: 0
image: golang:1.20.8-alpine
name: compile-build-cmd
- depends_on:
- compile-build-cmd
image: us.gcr.io/kubernetes-dev/package-publish:latest
name: publish-linux-packages-deb
privileged: true
settings:
access_key_id:
from_secret: packages_access_key_id
deb_distribution: auto
gpg_passphrase:
from_secret: packages_gpg_passphrase
gpg_private_key:
from_secret: packages_gpg_private_key
gpg_public_key:
from_secret: packages_gpg_public_key
package_path: gs://grafana-prerelease/artifacts/downloads/*${DRONE_TAG}/oss/**.deb
secret_access_key:
from_secret: packages_secret_access_key
service_account_json:
from_secret: packages_service_account
target_bucket: grafana-packages
- depends_on:
- compile-build-cmd
image: us.gcr.io/kubernetes-dev/package-publish:latest
name: publish-linux-packages-rpm
privileged: true
settings:
access_key_id:
from_secret: packages_access_key_id
deb_distribution: auto
gpg_passphrase:
from_secret: packages_gpg_passphrase
gpg_private_key:
from_secret: packages_gpg_private_key
gpg_public_key:
from_secret: packages_gpg_public_key
package_path: gs://grafana-prerelease/artifacts/downloads/*${DRONE_TAG}/oss/**.rpm
secret_access_key:
from_secret: packages_secret_access_key
service_account_json:
from_secret: packages_service_account
target_bucket: grafana-packages
- commands:
- ./bin/build publish grafana-com --edition oss ${DRONE_TAG}
depends_on:
- publish-linux-packages-deb
- publish-linux-packages-rpm
environment:
GCP_KEY:
from_secret: gcp_grafanauploads_base64
GRAFANA_COM_API_KEY:
from_secret: grafana_api_key
image: grafana/grafana-ci-deploy:1.3.3
name: publish-grafanacom
trigger:
event:
- promote
target:
- public
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
---
clone:
retries: 3
depends_on: []
environment:
EDITION: oss
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: release-whatsnew-checker
node:
type: no-parallel
platform:
arch: amd64
os: linux
services: []
steps:
- commands:
- go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd
depends_on: []
environment:
CGO_ENABLED: 0
image: golang:1.20.8-alpine
name: compile-build-cmd
- commands:
- ./bin/build whatsnew-checker
depends_on:
- compile-build-cmd
image: golang:1.20.8-alpine
name: whats-new-checker
trigger:
event:
exclude:
- promote
ref:
exclude:
- refs/tags/*-cloud*
include:
- refs/tags/v*
repo:
exclude:
- grafana/grafana
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
---
clone:
retries: 3
depends_on: []
environment:
EDITION: oss
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: release-test-frontend
node:
type: no-parallel
platform:
arch: amd64
os: linux
services: []
steps:
- commands:
- echo $DRONE_RUNNER_NAME
image: alpine:3.18.3
name: identify-runner
- commands:
- yarn install --immutable
depends_on: []
image: node:18.12.0-alpine
name: yarn-install
- commands:
- apk add --update git bash
- yarn betterer ci
depends_on:
- yarn-install
image: node:18.12.0-alpine
name: betterer-frontend
- commands:
- yarn run ci:test-frontend
depends_on:
- yarn-install
environment:
TEST_MAX_WORKERS: 50%
image: node:18.12.0-alpine
name: test-frontend
trigger:
event:
exclude:
- promote
ref:
exclude:
- refs/tags/*-cloud*
include:
- refs/tags/v*
repo:
exclude:
- grafana/grafana
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
---
clone:
retries: 3
depends_on: []
environment:
EDITION: oss
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: release-test-backend
node:
type: no-parallel
platform:
arch: amd64
os: linux
services: []
steps:
- commands:
- echo $DRONE_RUNNER_NAME
image: alpine:3.18.3
name: identify-runner
- commands:
- '# It is required that code generated from Thema/CUE be committed and in sync
with its inputs.'
- '# The following command will fail if running code generators produces any diff
in output.'
- apk add --update make
- CODEGEN_VERIFY=1 make gen-cue
depends_on: []
image: golang:1.20.8-alpine
name: verify-gen-cue
- commands:
- '# It is required that generated jsonnet is committed and in sync with its inputs.'
- '# The following command will fail if running code generators produces any diff
in output.'
- apk add --update make
- CODEGEN_VERIFY=1 make gen-jsonnet
depends_on: []
image: golang:1.20.8-alpine
name: verify-gen-jsonnet
- commands:
- apk add --update make
- make gen-go
depends_on:
- verify-gen-cue
image: golang:1.20.8-alpine
name: wire-install
- commands:
- apk add --update build-base shared-mime-info shared-mime-info-lang
- go test -tags requires_buildifer -short -covermode=atomic -timeout=5m ./pkg/...
depends_on:
- wire-install
image: golang:1.20.8-alpine
name: test-backend
- commands:
- apk add --update build-base
- go test -count=1 -covermode=atomic -timeout=5m -run '^TestIntegration' $(find
./pkg -type f -name '*_test.go' -exec grep -l '^func TestIntegration' '{}' '+'
| grep -o '\(.*\)/' | sort -u)
depends_on:
- wire-install
image: golang:1.20.8-alpine
name: test-backend-integration
trigger:
event:
exclude:
- promote
ref:
exclude:
- refs/tags/*-cloud*
include:
- refs/tags/v*
repo:
exclude:
- grafana/grafana
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
---
clone:
retries: 3
depends_on:
- main-test-backend
- main-test-frontend
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: rgm-main-prerelease
node:
type: no-parallel
platform:
arch: amd64
os: linux
services: []
steps:
- commands:
- export GRAFANA_DIR=$$(pwd)
- cd /src && ./scripts/drone_publish_main.sh
environment:
_EXPERIMENTAL_DAGGER_CLOUD_TOKEN:
from_secret: dagger_token
DESTINATION:
from_secret: destination
GCP_KEY_BASE64:
from_secret: gcp_key_base64
GITHUB_TOKEN:
from_secret: github_token
GO_VERSION: 1.20.8
GPG_PASSPHRASE:
from_secret: packages_gpg_passphrase
GPG_PRIVATE_KEY:
from_secret: packages_gpg_private_key
GPG_PUBLIC_KEY:
from_secret: packages_gpg_public_key
failure: ignore
image: grafana/grafana-build:main
name: rgm-build
pull: always
volumes:
- name: docker
path: /var/run/docker.sock
trigger:
branch: main
event:
- push
paths:
exclude:
- '*.md'
- docs/**
- packages/**/*.md
- latest.json
repo:
- grafana/grafana
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
---
clone:
retries: 3
depends_on:
- release-test-backend
- release-test-frontend
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: rgm-tag-prerelease
node:
type: no-parallel
platform:
arch: amd64
os: linux
services: []
steps:
- commands:
- export GRAFANA_DIR=$$(pwd)
- cd /src && ./scripts/drone_publish_tag_grafana.sh
environment:
_EXPERIMENTAL_DAGGER_CLOUD_TOKEN:
from_secret: dagger_token
DESTINATION:
from_secret: destination
GCP_KEY_BASE64:
from_secret: gcp_key_base64
GITHUB_TOKEN:
from_secret: github_token
GO_VERSION: 1.20.8
GPG_PASSPHRASE:
from_secret: packages_gpg_passphrase
GPG_PRIVATE_KEY:
from_secret: packages_gpg_private_key
GPG_PUBLIC_KEY:
from_secret: packages_gpg_public_key
image: grafana/grafana-build:main
name: rgm-build
pull: always
volumes:
- name: docker
path: /var/run/docker.sock
trigger:
event:
exclude:
- promote
ref:
exclude:
- refs/tags/*-cloud*
include:
- refs/tags/v*
repo:
exclude:
- grafana/grafana
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
---
clone:
retries: 3
depends_on:
- rgm-tag-prerelease
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: rgm-tag-prerelease-windows
platform:
arch: amd64
os: windows
version: "1809"
services: []
steps:
- commands:
- echo $env:DRONE_RUNNER_NAME
failure: ignore
image: mcr.microsoft.com/windows:1809
name: identify-runner
- commands:
- $$ProgressPreference = "SilentlyContinue"
- Invoke-WebRequest https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v3.0.42/windows/grabpl.exe
-OutFile grabpl.exe
failure: ignore
image: grafana/ci-wix:0.1.1
name: windows-init
- commands:
- $$gcpKey = $$env:GCP_KEY
- '[System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($$gcpKey))
> gcpkey.json'
- dos2unix gcpkey.json
- gcloud auth activate-service-account --key-file=gcpkey.json
- rm gcpkey.json
- cp C:\App\nssm-2.24.zip .
- .\grabpl.exe windows-installer --target gs://grafana-prerelease/artifacts/downloads/${DRONE_TAG}/oss/release/grafana-${DRONE_TAG:1}.windows-amd64.zip
--edition oss ${DRONE_TAG}
- $$fname = ((Get-Childitem grafana*.msi -name) -split "`n")[0]
- gsutil cp $$fname gs://grafana-prerelease/artifacts/downloads/${DRONE_TAG}/oss/release/
- gsutil cp "$$fname.sha256" gs://grafana-prerelease/artifacts/downloads/${DRONE_TAG}/oss/release/
depends_on:
- windows-init
environment:
GCP_KEY:
from_secret: gcp_grafanauploads_base64
GITHUB_TOKEN:
from_secret: github_token
PRERELEASE_BUCKET:
from_secret: prerelease_bucket
failure: ignore
image: grafana/ci-wix:0.1.1
name: build-windows-installer
trigger:
event:
exclude:
- promote
ref:
exclude:
- refs/tags/*-cloud*
include:
- refs/tags/v*
repo:
exclude:
- grafana/grafana
type: docker
volumes:
- host:
path: //./pipe/docker_engine/
name: docker
---
clone:
retries: 3
depends_on:
- release-test-backend
- release-test-frontend
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: rgm-version-branch-prerelease
node:
type: no-parallel
platform:
arch: amd64
os: linux
services: []
steps:
- commands:
- export GRAFANA_DIR=$$(pwd)
- cd /src && ./scripts/drone_publish_tag_grafana.sh
environment:
_EXPERIMENTAL_DAGGER_CLOUD_TOKEN:
from_secret: dagger_token
DESTINATION:
from_secret: destination
GCP_KEY_BASE64:
from_secret: gcp_key_base64
GITHUB_TOKEN:
from_secret: github_token
GO_VERSION: 1.20.8
GPG_PASSPHRASE:
from_secret: packages_gpg_passphrase
GPG_PRIVATE_KEY:
from_secret: packages_gpg_private_key
GPG_PUBLIC_KEY:
from_secret: packages_gpg_public_key
image: grafana/grafana-build:main
name: rgm-build
pull: always
volumes:
- name: docker
path: /var/run/docker.sock
trigger:
ref:
- refs/heads/v[0-9]*
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
---
clone:
retries: 3
depends_on:
- rgm-tag-prerelease
- rgm-tag-prerelease-windows
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: rgm-tag-verify-prerelease-assets
node:
type: no-parallel
platform:
arch: amd64
os: linux
services: []
steps:
- commands:
- apt-get update && apt-get install -yq gettext
- printenv GCP_KEY | base64 -d > /tmp/key.json
- gcloud auth activate-service-account --key-file=/tmp/key.json
- ./scripts/list-release-artifacts.sh ${DRONE_TAG} | xargs -n1 gsutil stat >> /tmp/stat.log
- '! cat /tmp/stat.log | grep "No URLs matched"'
depends_on:
- clone
environment:
BUCKET: grafana-prerelease
GCP_KEY:
from_secret: gcp_key_base64
image: google/cloud-sdk:431.0.0
name: gsutil-stat
trigger:
event:
exclude:
- promote
ref:
exclude:
- refs/tags/*-cloud*
include:
- refs/tags/v*
repo:
exclude:
- grafana/grafana
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
---
clone:
retries: 3
depends_on:
- rgm-version-branch-prerelease
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: rgm-prerelease-verify-prerelease-assets
node:
type: no-parallel
platform:
arch: amd64
os: linux
services: []
steps:
- commands:
- apt-get update && apt-get install -yq gettext
- printenv GCP_KEY | base64 -d > /tmp/key.json
- gcloud auth activate-service-account --key-file=/tmp/key.json
- ./scripts/list-release-artifacts.sh ${DRONE_TAG} | xargs -n1 gsutil stat >> /tmp/stat.log
- '! cat /tmp/stat.log | grep "No URLs matched"'
depends_on:
- clone
environment:
BUCKET: grafana-prerelease
GCP_KEY:
from_secret: gcp_key_base64
image: google/cloud-sdk:431.0.0
name: gsutil-stat
trigger:
ref:
- refs/heads/v[0-9]*
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
---
clone:
disable: true
depends_on: []
environment:
EDITION: oss
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: testing-test-backend-windows
platform:
arch: amd64
os: windows
version: "1809"
services: []
steps:
- commands:
- git clone "https://$$env:GITHUB_TOKEN@github.com/$$env:DRONE_REPO.git" .
- git checkout -f $$env:DRONE_COMMIT
environment:
GITHUB_TOKEN:
from_secret: github_token
image: grafana/ci-wix:0.1.1
name: clone
- commands: []
depends_on:
- clone
image: golang:1.20.8-windowsservercore-1809
name: windows-init
- commands:
- go install github.com/google/wire/cmd/wire@v0.5.0
- wire gen -tags oss ./pkg/server
depends_on:
- windows-init
image: golang:1.20.8-windowsservercore-1809
name: wire-install
- commands:
- go test -tags requires_buildifer -short -covermode=atomic -timeout=5m ./pkg/...
depends_on:
- wire-install
image: golang:1.20.8-windowsservercore-1809
name: test-backend
trigger:
event:
- promote
target:
- test-windows
type: docker
volumes:
- host:
path: //./pipe/docker_engine/
name: docker
---
clone:
retries: 3
depends_on: []
environment:
EDITION: oss
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: integration-tests
node:
type: no-parallel
platform:
arch: amd64
os: linux
services:
- environment:
PGDATA: /var/lib/postgresql/data/pgdata
POSTGRES_DB: grafanatest
POSTGRES_PASSWORD: grafanatest
POSTGRES_USER: grafanatest
image: postgres:12.3-alpine
name: postgres
volumes:
- name: postgres
path: /var/lib/postgresql/data/pgdata
- commands:
- docker-entrypoint.sh mysqld --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci
environment:
MYSQL_DATABASE: grafana_tests
MYSQL_PASSWORD: password
MYSQL_ROOT_PASSWORD: rootpass
MYSQL_USER: grafana
image: mysql:5.7.39
name: mysql57
volumes:
- name: mysql57
path: /var/lib/mysql
- commands:
- docker-entrypoint.sh mysqld --default-authentication-plugin=mysql_native_password
environment:
MYSQL_DATABASE: grafana_tests
MYSQL_PASSWORD: password
MYSQL_ROOT_PASSWORD: rootpass
MYSQL_USER: grafana
image: mysql:8.0.32
name: mysql80
volumes:
- name: mysql80
path: /var/lib/mysql
- environment: {}
image: redis:6.2.11-alpine
name: redis
- environment: {}
image: memcached:1.6.9-alpine
name: memcached
steps:
- commands:
- mkdir -p bin
- curl -fL -o bin/grabpl https://grafana-downloads.storage.googleapis.com/grafana-build-pipeline/v3.0.42/grabpl
- chmod +x bin/grabpl
image: byrnedo/alpine-curl:0.1.8
name: grabpl
- commands:
- echo $DRONE_RUNNER_NAME
image: alpine:3.18.3
name: identify-runner
- commands:
- '# It is required that code generated from Thema/CUE be committed and in sync
with its inputs.'
- '# The following command will fail if running code generators produces any diff
in output.'
- apk add --update make
- CODEGEN_VERIFY=1 make gen-cue
depends_on: []
image: golang:1.20.8-alpine
name: verify-gen-cue
- commands:
- '# It is required that generated jsonnet is committed and in sync with its inputs.'
- '# The following command will fail if running code generators produces any diff
in output.'
- apk add --update make
- CODEGEN_VERIFY=1 make gen-jsonnet
depends_on: []
image: golang:1.20.8-alpine
name: verify-gen-jsonnet
- commands:
- apk add --update make
- make gen-go
depends_on:
- verify-gen-cue
image: golang:1.20.8-alpine
name: wire-install
- commands:
- dockerize -wait tcp://postgres:5432 -timeout 120s
image: jwilder/dockerize:0.6.1
name: wait-for-postgres
- commands:
- apk add --update build-base
- apk add --update postgresql-client
- psql -p 5432 -h postgres -U grafanatest -d grafanatest -f devenv/docker/blocks/postgres_tests/setup.sql
- go clean -testcache
- go test -p=1 -count=1 -covermode=atomic -timeout=5m -run '^TestIntegration' $(find
./pkg -type f -name '*_test.go' -exec grep -l '^func TestIntegration' '{}' '+'
| grep -o '\(.*\)/' | sort -u)
depends_on:
- wire-install
- wait-for-postgres
environment:
GRAFANA_TEST_DB: postgres
PGPASSWORD: grafanatest
POSTGRES_HOST: postgres
image: golang:1.20.8-alpine
name: postgres-integration-tests
- commands:
- dockerize -wait tcp://mysql57:3306 -timeout 120s
image: jwilder/dockerize:0.6.1
name: wait-for-mysql-5.7
- commands:
- apk add --update build-base
- apk add --update mysql-client
- cat devenv/docker/blocks/mysql_tests/setup.sql | mysql -h mysql57 -P 3306 -u root
-prootpass
- go clean -testcache
- go test -p=1 -count=1 -covermode=atomic -timeout=5m -run '^TestIntegration' $(find
./pkg -type f -name '*_test.go' -exec grep -l '^func TestIntegration' '{}' '+'
| grep -o '\(.*\)/' | sort -u)
depends_on:
- wire-install
- wait-for-mysql-5.7
environment:
GRAFANA_TEST_DB: mysql
MYSQL_HOST: mysql57
image: golang:1.20.8-alpine
name: mysql-5.7-integration-tests
- commands:
- dockerize -wait tcp://mysql80:3306 -timeout 120s
image: jwilder/dockerize:0.6.1
name: wait-for-mysql-8.0
- commands:
- apk add --update build-base
- apk add --update mysql-client
- cat devenv/docker/blocks/mysql_tests/setup.sql | mysql -h mysql80 -P 3306 -u root
-prootpass
- go clean -testcache
- go test -p=1 -count=1 -covermode=atomic -timeout=5m -run '^TestIntegration' $(find
./pkg -type f -name '*_test.go' -exec grep -l '^func TestIntegration' '{}' '+'
| grep -o '\(.*\)/' | sort -u)
depends_on:
- wire-install
- wait-for-mysql-8.0
environment:
GRAFANA_TEST_DB: mysql
MYSQL_HOST: mysql80
image: golang:1.20.8-alpine
name: mysql-8.0-integration-tests
- commands:
- dockerize -wait tcp://redis:6379 -timeout 120s
image: jwilder/dockerize:0.6.1
name: wait-for-redis
- commands:
- apk add --update build-base
- go clean -testcache
- go test -run IntegrationRedis -covermode=atomic -timeout=2m ./pkg/...
depends_on:
- wire-install
- wait-for-redis
environment:
REDIS_URL: redis://redis:6379/0
image: golang:1.20.8-alpine
name: redis-integration-tests
- commands:
- dockerize -wait tcp://memcached:11211 -timeout 120s
image: jwilder/dockerize:0.6.1
name: wait-for-memcached
- commands:
- apk add --update build-base
- go clean -testcache
- go test -run IntegrationMemcached -covermode=atomic -timeout=2m ./pkg/...
depends_on:
- wire-install
- wait-for-memcached
environment:
MEMCACHED_HOSTS: memcached:11211
image: golang:1.20.8-alpine
name: memcached-integration-tests
trigger:
event:
- promote
target: integration-tests
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
- name: postgres
temp:
medium: memory
- name: mysql57
temp:
medium: memory
- name: mysql80
temp:
medium: memory
---
clone:
disable: true
depends_on: []
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: publish-ci-windows-test-image
platform:
arch: amd64
os: windows
version: "1809"
services: []
steps:
- commands:
- git clone "https://$$env:GITHUB_TOKEN@github.com/grafana/grafana-ci-sandbox.git"
.
- git checkout -f $$env:DRONE_COMMIT
environment:
GITHUB_TOKEN:
from_secret: github_token
image: grafana/ci-wix:0.1.1
name: clone
- commands:
- cd scripts\build\ci-windows-test
- docker login -u $$env:DOCKER_USERNAME -p $$env:DOCKER_PASSWORD
- docker build -t grafana/grafana-ci-windows-test:$$env:TAG .
- docker push grafana/grafana-ci-windows-test:$$env:TAG
environment:
DOCKER_PASSWORD:
from_secret: docker_password
DOCKER_USERNAME:
from_secret: docker_username
image: docker:windowsservercore-1809
name: build-and-publish
volumes:
- name: docker
path: //./pipe/docker_engine/
trigger:
event:
- promote
target:
- ci-windows-test-image
type: docker
volumes:
- host:
path: //./pipe/docker_engine/
name: docker
---
clone:
retries: 3
depends_on: []
image_pull_secrets:
- dockerconfigjson
kind: pipeline
name: publish-ci-build-container-image
node:
type: no-parallel
platform:
arch: amd64
os: linux
services: []
steps:
- commands:
- if [ -z "${BUILD_CONTAINER_VERSION}" ]; then echo Missing BUILD_CONTAINER_VERSION;
false; fi
image: alpine:3.18.3
name: validate-version
- commands:
- printenv GCP_KEY > /tmp/key.json
- gcloud auth activate-service-account --key-file=/tmp/key.json
- gsutil cp gs://grafana-private-downloads/MacOSX10.15.sdk.tar.xz ./scripts/build/ci-build/MacOSX10.15.sdk.tar.xz
environment:
GCP_KEY:
from_secret: gcp_download_build_container_assets_key
image: google/cloud-sdk:431.0.0
name: download-macos-sdk
- commands:
- printenv DOCKER_PASSWORD | docker login -u "$DOCKER_USERNAME" --password-stdin
- docker build -t "grafana/build-container:${BUILD_CONTAINER_VERSION}" ./scripts/build/ci-build
- docker push "grafana/build-container:${BUILD_CONTAINER_VERSION}"
environment:
DOCKER_PASSWORD:
from_secret: docker_password
DOCKER_USERNAME:
from_secret: docker_username
image: google/cloud-sdk:431.0.0
name: build-and-publish
volumes:
- name: docker
path: /var/run/docker.sock
trigger:
event:
- promote
target:
- ci-build-container-image
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
---
clone:
retries: 3
kind: pipeline
name: scan-grafana/grafana:latest-image
platform:
arch: amd64
os: linux
steps:
- commands:
- echo $${GCR_CREDENTIALS} | docker login -u _json_key --password-stdin https://us.gcr.io
environment:
GCR_CREDENTIALS:
from_secret: gcr_credentials
image: docker:dind
name: authenticate-gcr
volumes:
- name: docker
path: /var/run/docker.sock
- name: config
path: /root/.docker/
- commands:
- trivy image --exit-code 0 --severity UNKNOWN,LOW,MEDIUM grafana/grafana:latest
depends_on:
- authenticate-gcr
image: aquasec/trivy:0.21.0
name: scan-unknown-low-medium-vulnerabilities
volumes:
- name: docker
path: /var/run/docker.sock
- name: config
path: /root/.docker/
- commands:
- trivy image --exit-code 1 --severity HIGH,CRITICAL grafana/grafana:latest
depends_on:
- authenticate-gcr
environment:
GOOGLE_APPLICATION_CREDENTIALS:
from_secret: gcr_credentials_json
image: aquasec/trivy:0.21.0
name: scan-high-critical-vulnerabilities
volumes:
- name: docker
path: /var/run/docker.sock
- name: config
path: /root/.docker/
- image: plugins/slack
name: slack-notify-failure
settings:
channel: grafana-backend-ops
template: 'Nightly docker image scan job for grafana/grafana:latest failed: {{build.link}}'
webhook:
from_secret: slack_webhook_backend
when:
status: failure
trigger:
cron: nightly
event: cron
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
- name: config
temp: {}
---
clone:
retries: 3
kind: pipeline
name: scan-grafana/grafana:main-image
platform:
arch: amd64
os: linux
steps:
- commands:
- echo $${GCR_CREDENTIALS} | docker login -u _json_key --password-stdin https://us.gcr.io
environment:
GCR_CREDENTIALS:
from_secret: gcr_credentials
image: docker:dind
name: authenticate-gcr
volumes:
- name: docker
path: /var/run/docker.sock
- name: config
path: /root/.docker/
- commands:
- trivy image --exit-code 0 --severity UNKNOWN,LOW,MEDIUM grafana/grafana:main
depends_on:
- authenticate-gcr
image: aquasec/trivy:0.21.0
name: scan-unknown-low-medium-vulnerabilities
volumes:
- name: docker
path: /var/run/docker.sock
- name: config
path: /root/.docker/
- commands:
- trivy image --exit-code 1 --severity HIGH,CRITICAL grafana/grafana:main
depends_on:
- authenticate-gcr
environment:
GOOGLE_APPLICATION_CREDENTIALS:
from_secret: gcr_credentials_json
image: aquasec/trivy:0.21.0
name: scan-high-critical-vulnerabilities
volumes:
- name: docker
path: /var/run/docker.sock
- name: config
path: /root/.docker/
- image: plugins/slack
name: slack-notify-failure
settings:
channel: grafana-backend-ops
template: 'Nightly docker image scan job for grafana/grafana:main failed: {{build.link}}'
webhook:
from_secret: slack_webhook_backend
when:
status: failure
trigger:
cron: nightly
event: cron
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
- name: config
temp: {}
---
clone:
retries: 3
kind: pipeline
name: scan-grafana/grafana:latest-ubuntu-image
platform:
arch: amd64
os: linux
steps:
- commands:
- echo $${GCR_CREDENTIALS} | docker login -u _json_key --password-stdin https://us.gcr.io
environment:
GCR_CREDENTIALS:
from_secret: gcr_credentials
image: docker:dind
name: authenticate-gcr
volumes:
- name: docker
path: /var/run/docker.sock
- name: config
path: /root/.docker/
- commands:
- trivy image --exit-code 0 --severity UNKNOWN,LOW,MEDIUM grafana/grafana:latest-ubuntu
depends_on:
- authenticate-gcr
image: aquasec/trivy:0.21.0
name: scan-unknown-low-medium-vulnerabilities
volumes:
- name: docker
path: /var/run/docker.sock
- name: config
path: /root/.docker/
- commands:
- trivy image --exit-code 1 --severity HIGH,CRITICAL grafana/grafana:latest-ubuntu
depends_on:
- authenticate-gcr
environment:
GOOGLE_APPLICATION_CREDENTIALS:
from_secret: gcr_credentials_json
image: aquasec/trivy:0.21.0
name: scan-high-critical-vulnerabilities
volumes:
- name: docker
path: /var/run/docker.sock
- name: config
path: /root/.docker/
- image: plugins/slack
name: slack-notify-failure
settings:
channel: grafana-backend-ops
template: 'Nightly docker image scan job for grafana/grafana:latest-ubuntu failed:
{{build.link}}'
webhook:
from_secret: slack_webhook_backend
when:
status: failure
trigger:
cron: nightly
event: cron
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
- name: config
temp: {}
---
clone:
retries: 3
kind: pipeline
name: scan-grafana/grafana:main-ubuntu-image
platform:
arch: amd64
os: linux
steps:
- commands:
- echo $${GCR_CREDENTIALS} | docker login -u _json_key --password-stdin https://us.gcr.io
environment:
GCR_CREDENTIALS:
from_secret: gcr_credentials
image: docker:dind
name: authenticate-gcr
volumes:
- name: docker
path: /var/run/docker.sock
- name: config
path: /root/.docker/
- commands:
- trivy image --exit-code 0 --severity UNKNOWN,LOW,MEDIUM grafana/grafana:main-ubuntu
depends_on:
- authenticate-gcr
image: aquasec/trivy:0.21.0
name: scan-unknown-low-medium-vulnerabilities
volumes:
- name: docker
path: /var/run/docker.sock
- name: config
path: /root/.docker/
- commands:
- trivy image --exit-code 1 --severity HIGH,CRITICAL grafana/grafana:main-ubuntu
depends_on:
- authenticate-gcr
environment:
GOOGLE_APPLICATION_CREDENTIALS:
from_secret: gcr_credentials_json
image: aquasec/trivy:0.21.0
name: scan-high-critical-vulnerabilities
volumes:
- name: docker
path: /var/run/docker.sock
- name: config
path: /root/.docker/
- image: plugins/slack
name: slack-notify-failure
settings:
channel: grafana-backend-ops
template: 'Nightly docker image scan job for grafana/grafana:main-ubuntu failed:
{{build.link}}'
webhook:
from_secret: slack_webhook_backend
when:
status: failure
trigger:
cron: nightly
event: cron
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
- name: config
temp: {}
---
clone:
retries: 3
kind: pipeline
name: scan-build-test-and-publish-docker-images
platform:
arch: amd64
os: linux
steps:
- commands:
- echo $${GCR_CREDENTIALS} | docker login -u _json_key --password-stdin https://us.gcr.io
environment:
GCR_CREDENTIALS:
from_secret: gcr_credentials
image: docker:dind
name: authenticate-gcr
volumes:
- name: docker
path: /var/run/docker.sock
- name: config
path: /root/.docker/
- commands:
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM alpine/git:2.40.1
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM golang:1.20.8-alpine
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM node:18.12.0-alpine
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM google/cloud-sdk:431.0.0
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM grafana/grafana-ci-deploy:1.3.3
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM alpine:3.18.3
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM ubuntu:22.04
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM byrnedo/alpine-curl:0.1.8
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM plugins/slack
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM python:3.8
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM postgres:12.3-alpine
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM mysql:5.7.39
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM mysql:8.0.32
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM redis:6.2.11-alpine
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM memcached:1.6.9-alpine
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM us.gcr.io/kubernetes-dev/package-publish:latest
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM osixia/openldap:1.4.0
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM grafana/drone-downstream
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM grafana/docker-puppeteer:1.1.0
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM grafana/docs-base:dbd975af06
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM cypress/included:13.1.0
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM jwilder/dockerize:0.6.1
- trivy --exit-code 0 --severity UNKNOWN,LOW,MEDIUM koalaman/shellcheck:stable
depends_on:
- authenticate-gcr
image: aquasec/trivy:0.21.0
name: scan-unknown-low-medium-vulnerabilities
volumes:
- name: docker
path: /var/run/docker.sock
- name: config
path: /root/.docker/
- commands:
- trivy --exit-code 1 --severity HIGH,CRITICAL alpine/git:2.40.1
- trivy --exit-code 1 --severity HIGH,CRITICAL golang:1.20.8-alpine
- trivy --exit-code 1 --severity HIGH,CRITICAL node:18.12.0-alpine
- trivy --exit-code 1 --severity HIGH,CRITICAL google/cloud-sdk:431.0.0
- trivy --exit-code 1 --severity HIGH,CRITICAL grafana/grafana-ci-deploy:1.3.3
- trivy --exit-code 1 --severity HIGH,CRITICAL alpine:3.18.3
- trivy --exit-code 1 --severity HIGH,CRITICAL ubuntu:22.04
- trivy --exit-code 1 --severity HIGH,CRITICAL byrnedo/alpine-curl:0.1.8
- trivy --exit-code 1 --severity HIGH,CRITICAL plugins/slack
- trivy --exit-code 1 --severity HIGH,CRITICAL python:3.8
- trivy --exit-code 1 --severity HIGH,CRITICAL postgres:12.3-alpine
- trivy --exit-code 1 --severity HIGH,CRITICAL mysql:5.7.39
- trivy --exit-code 1 --severity HIGH,CRITICAL mysql:8.0.32
- trivy --exit-code 1 --severity HIGH,CRITICAL redis:6.2.11-alpine
- trivy --exit-code 1 --severity HIGH,CRITICAL memcached:1.6.9-alpine
- trivy --exit-code 1 --severity HIGH,CRITICAL us.gcr.io/kubernetes-dev/package-publish:latest
- trivy --exit-code 1 --severity HIGH,CRITICAL osixia/openldap:1.4.0
- trivy --exit-code 1 --severity HIGH,CRITICAL grafana/drone-downstream
- trivy --exit-code 1 --severity HIGH,CRITICAL grafana/docker-puppeteer:1.1.0
- trivy --exit-code 1 --severity HIGH,CRITICAL grafana/docs-base:dbd975af06
- trivy --exit-code 1 --severity HIGH,CRITICAL cypress/included:13.1.0
- trivy --exit-code 1 --severity HIGH,CRITICAL jwilder/dockerize:0.6.1
- trivy --exit-code 1 --severity HIGH,CRITICAL koalaman/shellcheck:stable
depends_on:
- authenticate-gcr
environment:
GOOGLE_APPLICATION_CREDENTIALS:
from_secret: gcr_credentials_json
image: aquasec/trivy:0.21.0
name: scan-high-critical-vulnerabilities
volumes:
- name: docker
path: /var/run/docker.sock
- name: config
path: /root/.docker/
- image: plugins/slack
name: slack-notify-failure
settings:
channel: grafana-backend-ops
template: 'Nightly docker image scan job for build-images failed: {{build.link}}'
webhook:
from_secret: slack_webhook_backend
when:
status: failure
trigger:
cron: nightly
event: cron
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
- name: config
temp: {}
---
clone:
retries: 3
kind: pipeline
name: grafana-com-nightly
platform:
arch: amd64
os: linux
steps:
- commands:
- go build -o ./bin/build -ldflags '-extldflags -static' ./pkg/build/cmd
depends_on: []
environment:
CGO_ENABLED: 0
image: golang:1.20.8-alpine
name: compile-build-cmd
- commands:
- ./bin/build publish grafana-com --edition oss
depends_on:
- compile-build-cmd
environment:
GCP_KEY:
from_secret: gcp_key
GRAFANA_COM_API_KEY:
from_secret: grafana_api_key
image: grafana/grafana-ci-deploy:1.3.3
name: post-to-grafana-com
trigger:
cron: grafana-com-nightly
event: cron
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
- name: config
temp: {}
---
get:
name: credentials.json
path: infra/data/ci/grafana-release-eng/grafanauploads
kind: secret
name: gcp_grafanauploads
---
get:
name: credentials_base64
path: infra/data/ci/grafana-release-eng/grafanauploads
kind: secret
name: gcp_grafanauploads_base64
---
get:
name: api_key
path: infra/data/ci/grafana-release-eng/grafanacom
kind: secret
name: grafana_api_key
---
get:
name: .dockerconfigjson
path: secret/data/common/gcr
kind: secret
name: dockerconfigjson
---
get:
name: pat
path: infra/data/ci/github/grafanabot
kind: secret
name: github_token
---
get:
name: machine-user-token
path: infra/data/ci/drone
kind: secret
name: drone_token
---
get:
name: bucket
path: infra/data/ci/grafana/prerelease
kind: secret
name: prerelease_bucket
---
get:
name: username
path: infra/data/ci/grafanaci-docker-hub
kind: secret
name: docker_username
---
get:
name: password
path: infra/data/ci/grafanaci-docker-hub
kind: secret
name: docker_password
---
get:
name: credentials.json
path: infra/data/ci/grafana/releng/artifacts-uploader-service-account
kind: secret
name: gcp_upload_artifacts_key
---
get:
name: credentials.json
path: infra/data/ci/grafana/assets-downloader-build-container-service-account
kind: secret
name: gcp_download_build_container_assets_key
---
get:
name: application_id
path: infra/data/ci/datasources/cpp-azure-resourcemanager-credentials
kind: secret
name: azure_sp_app_id
---
get:
name: application_secret
path: infra/data/ci/datasources/cpp-azure-resourcemanager-credentials
kind: secret
name: azure_sp_app_pw
---
get:
name: tenant_id
path: infra/data/ci/datasources/cpp-azure-resourcemanager-credentials
kind: secret
name: azure_tenant
---
get:
name: token
path: infra/data/ci/grafana-release-eng/npm
kind: secret
name: npm_token
---
get:
name: public-key-b64
path: infra/data/ci/packages-publish/gpg
kind: secret
name: packages_gpg_public_key
---
get:
name: private-key-b64
path: infra/data/ci/packages-publish/gpg
kind: secret
name: packages_gpg_private_key
---
get:
name: passphrase
path: infra/data/ci/packages-publish/gpg
kind: secret
name: packages_gpg_passphrase
---
get:
name: credentials.json
path: infra/data/ci/packages-publish/service-account
kind: secret
name: packages_service_account
---
get:
name: AccessID
path: infra/data/ci/packages-publish/bucket-credentials
kind: secret
name: packages_access_key_id
---
get:
name: Secret
path: infra/data/ci/packages-publish/bucket-credentials
kind: secret
name: packages_secret_access_key
---
get:
name: static_asset_editions
path: infra/data/ci/grafana-release-eng/artifact-publishing
kind: secret
name: static_asset_editions
---
get:
name: gcp_service_account_prod_base64
path: infra/data/ci/grafana-release-eng/rgm
kind: secret
name: gcp_key_base64
---
get:
name: destination_prod
path: infra/data/ci/grafana-release-eng/rgm
kind: secret
name: destination
---
get:
name: dagger_token
path: infra/data/ci/grafana-release-eng/rgm
kind: secret
name: dagger_token
---
get:
name: app-id
path: infra/data/ci/grafana-release-eng/grafana-delivery-bot
kind: secret
name: delivery-bot-app-id
---
get:
name: app-installation-id
path: infra/data/ci/grafana-release-eng/grafana-delivery-bot
kind: secret
name: delivery-bot-app-installation-id
---
get:
name: app-private-key
path: infra/data/ci/grafana-release-eng/grafana-delivery-bot
kind: secret
name: delivery-bot-app-private-key
---
get:
name: service-account
path: secret/data/common/gcr
kind: secret
name: gcr_credentials
---
kind: signature
hmac: 852af171d897f0a2cc0b03375fa8dfeacc65c2df7113c5efd0e21b03195dd7af
...