mirror of
https://github.com/siderolabs/omni.git
synced 2026-05-05 06:36:12 +02:00
chore: rekres to update to new kres schema
This also allows enforcecontexts per branch. Signed-off-by: Noel Georgi <git@frezbo.dev>
This commit is contained in:
Noel Georgi
parent
edbb621aa2
commit
967c229e1d
10
.github/workflows/ci.yaml
vendored
10
.github/workflows/ci.yaml
vendored
@ -1,6 +1,6 @@
|
||||
# THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT.
|
||||
#
|
||||
# Generated on 2026-04-07T14:45:56Z by kres 4e3b74d.
|
||||
# Generated on 2026-04-18T04:34:01Z by kres 15ff2fd.
|
||||
|
||||
concurrency:
|
||||
group: ${{ github.head_ref || github.run_id }}
|
||||
@ -74,6 +74,14 @@ jobs:
|
||||
- name: Set secrets for job
|
||||
run: |
|
||||
sops -d .secrets.yaml | yq -e '.secrets | to_entries[] | .key + "=" + .value' >> "$GITHUB_ENV"
|
||||
- name: CI temp release tag
|
||||
if: github.event_name == 'pull_request'
|
||||
run: |
|
||||
make ci-temp-release-tag
|
||||
- name: Check dirty
|
||||
if: github.event_name == 'pull_request'
|
||||
run: |
|
||||
make check-dirty
|
||||
- name: js
|
||||
run: |
|
||||
make js
|
||||
|
||||
11
.github/workflows/helm.yaml
vendored
11
.github/workflows/helm.yaml
vendored
@ -1,6 +1,6 @@
|
||||
# THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT.
|
||||
#
|
||||
# Generated on 2026-04-07T14:45:56Z by kres 4e3b74d.
|
||||
# Generated on 2026-04-18T04:34:01Z by kres 15ff2fd.
|
||||
|
||||
concurrency:
|
||||
group: helm-${{ github.head_ref || github.run_id }}
|
||||
@ -65,11 +65,6 @@ jobs:
|
||||
driver: remote
|
||||
endpoint: tcp://buildkit-amd64.ci.svc.cluster.local:1234
|
||||
timeout-minutes: 10
|
||||
- name: Install Helm
|
||||
uses: azure/setup-helm@dda3372f752e03dde6b3237bc9431cdc2f7a02a2 # version: v5.0.0
|
||||
- name: Install cosign
|
||||
if: github.event_name != 'pull_request'
|
||||
uses: sigstore/cosign-installer@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003 # version: v4.1.1
|
||||
- name: Login to registry
|
||||
if: github.event_name != 'pull_request'
|
||||
uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # version: v4.1.0
|
||||
@ -97,10 +92,6 @@ jobs:
|
||||
if: github.event_name == 'pull_request'
|
||||
run: |
|
||||
make helm-docs
|
||||
- name: Check dirty
|
||||
if: github.event_name == 'pull_request'
|
||||
run: |
|
||||
make check-dirty
|
||||
- name: helm login
|
||||
if: startsWith(github.ref, 'refs/tags/') && !contains(github.ref_name, '-')
|
||||
env:
|
||||
|
||||
45
.kres.yaml
45
.kres.yaml
@ -4,11 +4,6 @@ name: omnictl
|
||||
spec:
|
||||
disableImage: true
|
||||
---
|
||||
kind: golang.GoVulnCheck
|
||||
spec:
|
||||
ignore:
|
||||
- GO-2026-4923 # not fixed yet
|
||||
---
|
||||
kind: auto.CommandConfig
|
||||
name: acompat
|
||||
spec:
|
||||
@ -872,13 +867,39 @@ spec:
|
||||
- .vue
|
||||
skipPaths:
|
||||
- node_modules/
|
||||
enforceContexts:
|
||||
- e2e-short
|
||||
- e2e-scaling
|
||||
- e2e-templates
|
||||
- e2e-upgrades
|
||||
- e2e-backups
|
||||
- e2e-forced-removal
|
||||
protectedBranches:
|
||||
- name: main
|
||||
enforceContexts:
|
||||
- e2e-short
|
||||
- e2e-scaling
|
||||
- e2e-templates
|
||||
- e2e-upgrades
|
||||
- e2e-backups
|
||||
- e2e-forced-removal
|
||||
- name: release-1.5
|
||||
enforceContexts:
|
||||
- e2e-short
|
||||
- e2e-scaling
|
||||
- e2e-templates
|
||||
- e2e-upgrades
|
||||
- e2e-backups
|
||||
- e2e-forced-removal
|
||||
- name: release-1.6
|
||||
enforceContexts:
|
||||
- e2e-short
|
||||
- e2e-scaling
|
||||
- e2e-templates
|
||||
- e2e-upgrades
|
||||
- e2e-backups
|
||||
- e2e-forced-removal
|
||||
- name: release-1.7
|
||||
enforceContexts:
|
||||
- e2e-short
|
||||
- e2e-scaling
|
||||
- e2e-templates
|
||||
- e2e-upgrades
|
||||
- e2e-backups
|
||||
- e2e-forced-removal
|
||||
---
|
||||
kind: golang.Toolchain
|
||||
spec:
|
||||
|
||||
31
Makefile
31
Makefile
@ -1,18 +1,19 @@
|
||||
# THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT.
|
||||
#
|
||||
# Generated on 2026-04-16T13:44:23Z by kres b6d29bf.
|
||||
# Generated on 2026-04-20T11:44:49Z by kres 4b58472-dirty.
|
||||
|
||||
# common variables
|
||||
|
||||
SHA := $(shell git describe --match=none --always --abbrev=8 --dirty)
|
||||
TAG := $(shell git describe --tag --always --dirty --match v[0-9]\*)
|
||||
TAG ?= $(shell git describe --tag --always --dirty --match v[0-9]\*)
|
||||
TAG_SUFFIX ?=
|
||||
ABBREV_TAG := $(shell git describe --tags >/dev/null 2>/dev/null && git describe --tag --always --match v[0-9]\* --abbrev=0 || echo 'undefined')
|
||||
ABBREV_TAG ?= $(shell git describe --tags >/dev/null 2>/dev/null && git describe --tag --always --match v[0-9]\* --abbrev=0 || echo 'undefined')
|
||||
BRANCH := $(shell git rev-parse --abbrev-ref HEAD)
|
||||
ARTIFACTS := _out
|
||||
IMAGE_TAG ?= $(TAG)$(TAG_SUFFIX)
|
||||
OPERATING_SYSTEM := $(shell uname -s | tr '[:upper:]' '[:lower:]')
|
||||
GOARCH := $(shell uname -m | sed 's/x86_64/amd64/' | sed 's/aarch64/arm64/')
|
||||
CI_RELEASE_TAG := $(shell git log --oneline --format=%B -n 1 HEAD^2 -- 2>/dev/null | head -n 1 | sed -r "/^release\(.*\)/ s/^release\((.*)\):.*$$/\\1/; t; Q")
|
||||
WITH_DEBUG ?= false
|
||||
WITH_RACE ?= false
|
||||
REGISTRY ?= ghcr.io
|
||||
@ -169,6 +170,14 @@ $(ARTIFACTS): ## Creates artifacts directory.
|
||||
clean: ## Cleans up all artifacts.
|
||||
@rm -rf $(ARTIFACTS)
|
||||
|
||||
.PHONY: ci-temp-release-tag
|
||||
ci-temp-release-tag: ## Generates a temporary release tag for CI run.
|
||||
@if [ -n "$(CI_RELEASE_TAG)" -a -n "$${GITHUB_ENV}" ]; then \
|
||||
echo Setting temporary release tag "$(CI_RELEASE_TAG)"; \
|
||||
echo "TAG=$(CI_RELEASE_TAG)" >> "$${GITHUB_ENV}"; \
|
||||
echo "ABBREV_TAG=$(CI_RELEASE_TAG)" >> "$${GITHUB_ENV}"; \
|
||||
fi
|
||||
|
||||
target-%: ## Builds the specified target defined in the Dockerfile. The build result will only remain in the build cache.
|
||||
@$(BUILD) --target=$* $(COMMON_ARGS) $(TARGET_ARGS) $(CI_ARGS) .
|
||||
|
||||
@ -188,7 +197,7 @@ local-%: ## Builds the specified target defined in the Dockerfile using the loc
|
||||
done'
|
||||
|
||||
.PHONY: check-dirty
|
||||
check-dirty:
|
||||
check-dirty: generate
|
||||
@if test -n "`git status --porcelain`"; then echo "Source tree is dirty"; git status; git diff; exit 1 ; fi
|
||||
|
||||
generate-frontend: ## Generate .proto definitions.
|
||||
@ -215,7 +224,7 @@ $(ARTIFACTS)/frontend-js:
|
||||
.PHONY: frontend
|
||||
frontend: $(ARTIFACTS)/frontend-js ## Builds js release for frontend.
|
||||
|
||||
generate: ## Generate .proto definitions.
|
||||
generate: helm-plugin-install ## Generate .proto definitions.
|
||||
@$(MAKE) local-$@ DEST=./
|
||||
@TAG=$$(cat internal/version/data/tag); \
|
||||
if echo "$$TAG" | grep -qE '^v[0-9]+\.[0-9]+\.[0-9]+$$'; then \
|
||||
@ -495,3 +504,15 @@ conformance:
|
||||
@docker pull $(CONFORMANCE_IMAGE)
|
||||
@docker run --rm -it -v $(PWD):/src -w /src $(CONFORMANCE_IMAGE) enforce
|
||||
|
||||
.PHONY: renovate-local
|
||||
renovate-local: ## runs renovate locally to check syntax and test configuration
|
||||
@docker run --rm \
|
||||
--user $(shell id -u):$(shell id -g) \
|
||||
-v $(PWD):/src \
|
||||
-w /src \
|
||||
-e GITHUB_TOKEN \
|
||||
-e LOG_LEVEL=debug \
|
||||
-e RENOVATE_PLATFORM=local \
|
||||
-e RENOVATE_DRY_RUN=full \
|
||||
renovate/renovate
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user