diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 524f5180..c8cd7fe6 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -41,12 +41,12 @@ jobs: steps: - uses: actions/checkout@v4 - name: Install Forge - uses: input-output-hk/catalyst-forge/actions/install@master + uses: input-output-hk/catalyst-forge/actions/install@mve-next if: ${{ inputs.forge_version != 'local' }} with: version: ${{ inputs.forge_version }} - name: Install Local Forge - uses: input-output-hk/catalyst-forge/actions/install-local@master + uses: input-output-hk/catalyst-forge/actions/install-local@mve-next if: ${{ inputs.forge_version == 'local' }} with: earthly_token: ${{ secrets.earthly_token }} @@ -61,14 +61,14 @@ jobs: echo "skip=false" >> $GITHUB_OUTPUT fi - name: Setup CI - uses: input-output-hk/catalyst-forge/actions/setup@master + uses: input-output-hk/catalyst-forge/actions/setup@mve-next with: skip_docker: 'true' skip_github: 'true' skip_earthly: ${{ steps.local.outputs.skip }} - name: Discovery id: discovery - uses: input-output-hk/catalyst-forge/actions/discovery@master + uses: input-output-hk/catalyst-forge/actions/discovery@mve-next with: filters: | ${{ env.FORGE_REGEX_CHECK }} @@ -79,67 +79,68 @@ jobs: ${{ env.FORGE_REGEX_RELEASE }} ${{ env.FORGE_REGEX_PUBLISH }} - check: - uses: input-output-hk/catalyst-forge/.github/workflows/run.yml@master - needs: [discover] - if: (fromJson(needs.discover.outputs.earthfiles)['^check(-.*)?$'] != null) && !failure() && !cancelled() - with: - earthfiles: ${{ toJson(fromJson(needs.discover.outputs.earthfiles)['^check(-.*)?$']) }} - forge_version: ${{ inputs.forge_version }} - local: ${{ inputs.local }} - verbosity: ${{ inputs.verbosity }} - secrets: - earthly_token: ${{ secrets.earthly_token }} + # check: + # uses: input-output-hk/catalyst-forge/.github/workflows/run.yml@mve-next + # needs: [discover] + # if: (fromJson(needs.discover.outputs.earthfiles)['^check(-.*)?$'] != null) && !failure() && !cancelled() + # with: + # earthfiles: ${{ toJson(fromJson(needs.discover.outputs.earthfiles)['^check(-.*)?$']) }} + # forge_version: ${{ inputs.forge_version }} + # local: ${{ inputs.local }} + # verbosity: ${{ inputs.verbosity }} + # secrets: + # earthly_token: ${{ secrets.earthly_token }} - build: - uses: input-output-hk/catalyst-forge/.github/workflows/run.yml@master - needs: [discover, check] - if: (fromJson(needs.discover.outputs.earthfiles)['^build(-.*)?$'] != null) && !failure() && !cancelled() - with: - earthfiles: ${{ toJson(fromJson(needs.discover.outputs.earthfiles)['^build(-.*)?$']) }} - forge_version: ${{ inputs.forge_version }} - local: ${{ inputs.local }} - verbosity: ${{ inputs.verbosity }} - secrets: - earthly_token: ${{ secrets.earthly_token }} + # build: + # uses: input-output-hk/catalyst-forge/.github/workflows/run.yml@mve-next + # needs: [discover, check] + # if: (fromJson(needs.discover.outputs.earthfiles)['^build(-.*)?$'] != null) && !failure() && !cancelled() + # with: + # earthfiles: ${{ toJson(fromJson(needs.discover.outputs.earthfiles)['^build(-.*)?$']) }} + # forge_version: ${{ inputs.forge_version }} + # local: ${{ inputs.local }} + # verbosity: ${{ inputs.verbosity }} + # secrets: + # earthly_token: ${{ secrets.earthly_token }} - package: - uses: input-output-hk/catalyst-forge/.github/workflows/run.yml@master - needs: [discover, check, build] - if: (fromJson(needs.discover.outputs.earthfiles)['^package(-.*)?$'] != null) && !failure() && !cancelled() - with: - earthfiles: ${{ toJson(fromJson(needs.discover.outputs.earthfiles)['^package(-.*)?$']) }} - forge_version: ${{ inputs.forge_version }} - local: ${{ inputs.local }} - verbosity: ${{ inputs.verbosity }} - secrets: - earthly_token: ${{ secrets.earthly_token }} + # package: + # uses: input-output-hk/catalyst-forge/.github/workflows/run.yml@mve-next + # needs: [discover, check, build] + # if: (fromJson(needs.discover.outputs.earthfiles)['^package(-.*)?$'] != null) && !failure() && !cancelled() + # with: + # earthfiles: ${{ toJson(fromJson(needs.discover.outputs.earthfiles)['^package(-.*)?$']) }} + # forge_version: ${{ inputs.forge_version }} + # local: ${{ inputs.local }} + # verbosity: ${{ inputs.verbosity }} + # secrets: + # earthly_token: ${{ secrets.earthly_token }} - test: - uses: input-output-hk/catalyst-forge/.github/workflows/run.yml@master - needs: [discover, check, build, package] - if: (fromJson(needs.discover.outputs.earthfiles)['^test(-.*)?$'] != null) && !failure() && !cancelled() - with: - earthfiles: ${{ toJson(fromJson(needs.discover.outputs.earthfiles)['^test(-.*)?$']) }} - forge_version: ${{ inputs.forge_version }} - local: ${{ inputs.local }} - verbosity: ${{ inputs.verbosity }} - secrets: - earthly_token: ${{ secrets.earthly_token }} + # test: + # uses: input-output-hk/catalyst-forge/.github/workflows/run.yml@mve-next + # needs: [discover, check, build, package] + # if: (fromJson(needs.discover.outputs.earthfiles)['^test(-.*)?$'] != null) && !failure() && !cancelled() + # with: + # earthfiles: ${{ toJson(fromJson(needs.discover.outputs.earthfiles)['^test(-.*)?$']) }} + # forge_version: ${{ inputs.forge_version }} + # local: ${{ inputs.local }} + # verbosity: ${{ inputs.verbosity }} + # secrets: + # earthly_token: ${{ secrets.earthly_token }} - docs: - uses: input-output-hk/catalyst-forge/.github/workflows/docs.yml@master - needs: [discover, check, build, test] - if: (fromJson(needs.discover.outputs.earthfiles)['^docs(-.*)?$'] != null) && !failure() && !cancelled() - with: - earthfiles: ${{ toJson(fromJson(needs.discover.outputs.earthfiles)['^docs(-.*)?$']) }} - forge_version: ${{ inputs.forge_version }} - secrets: - earthly_token: ${{ secrets.earthly_token }} + # docs: + # uses: input-output-hk/catalyst-forge/.github/workflows/docs.yml@mve-next + # needs: [discover, check, build, test] + # if: (fromJson(needs.discover.outputs.earthfiles)['^docs(-.*)?$'] != null) && !failure() && !cancelled() + # with: + # earthfiles: ${{ toJson(fromJson(needs.discover.outputs.earthfiles)['^docs(-.*)?$']) }} + # forge_version: ${{ inputs.forge_version }} + # secrets: + # earthly_token: ${{ secrets.earthly_token }} release: - uses: input-output-hk/catalyst-forge/.github/workflows/release.yml@master - needs: [discover, check, build, test] + uses: input-output-hk/catalyst-forge/.github/workflows/release.yml@mve-next + #needs: [discover, check, build, test] + needs: [discover] if: (fromJson(needs.discover.outputs.releases)[0] != null) && !failure() && !cancelled() with: releases: ${{ needs.discover.outputs.releases }} @@ -149,20 +150,21 @@ jobs: secrets: earthly_token: ${{ secrets.earthly_token }} - deploy: - uses: input-output-hk/catalyst-forge/.github/workflows/deploy.yml@master - needs: [discover, check, build, test, release] - if: (fromJson(needs.discover.outputs.deployments)[0] != null) && github.ref == format('refs/heads/{0}', github.event.repository.default_branch) && !failure() && !cancelled() - with: - deployments: ${{ needs.discover.outputs.deployments }} - forge_version: ${{ inputs.forge_version }} - local: ${{ inputs.local }} - verbosity: ${{ inputs.verbosity }} - secrets: - earthly_token: ${{ secrets.earthly_token }} + # deploy: + # uses: input-output-hk/catalyst-forge/.github/workflows/deploy.yml@mve-next + # needs: [discover, check, build, test, release] + # if: (fromJson(needs.discover.outputs.deployments)[0] != null) && github.ref == format('refs/heads/{0}', github.event.repository.default_branch) && !failure() && !cancelled() + # with: + # deployments: ${{ needs.discover.outputs.deployments }} + # forge_version: ${{ inputs.forge_version }} + # local: ${{ inputs.local }} + # verbosity: ${{ inputs.verbosity }} + # secrets: + # earthly_token: ${{ secrets.earthly_token }} final: - needs: [check, build, package, test, release] + #needs: [check, build, package, test, release] + needs: [discover] if: (!failure() && !cancelled()) runs-on: ubuntu-latest steps: diff --git a/foundry/api/blueprint.cue b/foundry/api/blueprint.cue index 00d8c23c..b8d7872c 100644 --- a/foundry/api/blueprint.cue +++ b/foundry/api/blueprint.cue @@ -16,8 +16,9 @@ project: { deployment: { environment: "dev" modules: main: { + namespace: string | *"default" @env(name="ARGOCD_APP_NAMESPACE",type="string") container: "foundry-api-deployment" - version: "0.1.0" + version: "0.1.1" values: { environment: name: "dev" server: image: { @@ -29,8 +30,9 @@ project: { release: { docker: { on: { - merge: {} - tag: {} + //merge: {} + //tag: {} + always: {} } config: { tag: _ @forge(name="GIT_COMMIT_HASH") diff --git a/tools/argocd/Earthfile b/tools/argocd/Earthfile index c5e438bd..b31dd56b 100644 --- a/tools/argocd/Earthfile +++ b/tools/argocd/Earthfile @@ -3,7 +3,7 @@ VERSION 0.8 timoni: FROM golang:1.23.0 - ARG TIMONI_VERSION=v0.22.1 + ARG TIMONI_VERSION=v0.17.0 WORKDIR /work @@ -20,7 +20,8 @@ docker: ARG TARGETARCH ARG USERPLATFORM - RUN useradd -m argocd + RUN apt-get update && apt-get install -y ca-certificates amazon-ecr-credential-helper + RUN useradd -m -u 999 argocd USER argocd WORKDIR /home/argocd @@ -36,7 +37,8 @@ docker: RUN mkdir -p cmp-server/config COPY plugin.yml cmp-server/config/plugin.yaml + COPY init.sh /home/argocd/init.sh + RUN chmod +x /home/argocd/init.sh + ENTRYPOINT [ "/var/run/argocd/argocd-cmp-server" ] SAVE IMAGE ${container}:${tag} - - diff --git a/tools/argocd/init.sh b/tools/argocd/init.sh new file mode 100644 index 00000000..3d287792 --- /dev/null +++ b/tools/argocd/init.sh @@ -0,0 +1,16 @@ +#!/bin/bash + +set -o errexit +set -o nounset +set -o pipefail +set -o xtrace + +ACCOUNT_ID=$(echo "${AWS_ROLE_ARN}" | cut -d':' -f5) +mkdir -p /home/argocd/.docker +cat >/home/argocd/.docker/config.json <