feat: support env reuse and git mirror in v0.1 cicd
This commit is contained in:
@@ -18,9 +18,29 @@ interface ArtifactCatalog {
|
||||
sourceBranch: string;
|
||||
gitopsBranch: string;
|
||||
sourceCommitId: string;
|
||||
services: Array<{ serviceId: string; image: string; digest: string; repositoryDigest: string; imageTag: string }>;
|
||||
summary?: string;
|
||||
services: CatalogService[];
|
||||
}
|
||||
|
||||
interface CatalogService {
|
||||
serviceId: string;
|
||||
image: string;
|
||||
digest: string;
|
||||
repositoryDigest: string;
|
||||
imageTag: string;
|
||||
artifactKind?: string;
|
||||
status?: string;
|
||||
envIdentity?: string;
|
||||
envImage?: string;
|
||||
envDigest?: string;
|
||||
envRepositoryDigest?: string;
|
||||
bootCommit?: string;
|
||||
bootScript?: string;
|
||||
provenance?: JsonRecord;
|
||||
}
|
||||
|
||||
const defaultBootRepoUrl = "http://git-mirror-http.devops-infra.svc.cluster.local/pikasTech/agentrun.git";
|
||||
|
||||
export async function runGitopsRenderCli(argv: string[]): Promise<void> {
|
||||
try {
|
||||
const options = parseArgs(argv);
|
||||
@@ -52,29 +72,39 @@ export async function renderGitops(options: RenderOptions): Promise<JsonRecord>
|
||||
await writeFile(path.join(options.outDir, "runtime-v01", "postgres.yaml"), postgresYaml(runtimeNamespace));
|
||||
await writeFile(path.join(options.outDir, "runtime-v01", "mgr.yaml"), managerYaml(runtimeNamespace, image, options.sourceCommit));
|
||||
await writeFile(path.join(options.outDir, "runtime-v01", "runner-rbac.yaml"), runnerRbacYaml(runtimeNamespace));
|
||||
return { outDir: options.outDir, runtimeNamespace, gitopsBranch, runtimePath, image: image.repositoryDigest, sourceCommit: options.sourceCommit };
|
||||
return { outDir: options.outDir, runtimeNamespace, gitopsBranch, runtimePath, image: repositoryDigestForService(image), sourceCommit: options.sourceCommit, envIdentity: image.envIdentity ?? null, artifactStatus: image.status ?? null };
|
||||
}
|
||||
|
||||
async function loadCatalog(options: RenderOptions, gitopsBranch: string): Promise<ArtifactCatalog> {
|
||||
if (options.catalogFile) return JSON.parse(await readFile(options.catalogFile, "utf8")) as ArtifactCatalog;
|
||||
if (options.requireCatalog) throw new AgentRunError("schema-invalid", "artifact catalog is required for promotion render", { httpStatus: 2 });
|
||||
const digest = `sha256:${"0".repeat(64)}`;
|
||||
const image = `${options.registryPrefix}/agentrun-mgr:${options.sourceCommit}`;
|
||||
const image = `${options.registryPrefix}/agentrun-mgr-env:${options.sourceCommit}`;
|
||||
return {
|
||||
lane: "v0.1",
|
||||
sourceBranch: "v0.1",
|
||||
gitopsBranch,
|
||||
sourceCommitId: options.sourceCommit,
|
||||
services: [{ serviceId: "agentrun-mgr", image, digest, repositoryDigest: `${options.registryPrefix}/agentrun-mgr@${digest}`, imageTag: options.sourceCommit }],
|
||||
summary: "build=1 reuse=0 unsafeReuse=0",
|
||||
services: [{ serviceId: "agentrun-mgr", artifactKind: "env-reuse", status: "placeholder", image, digest, repositoryDigest: `${options.registryPrefix}/agentrun-mgr-env@${digest}`, imageTag: options.sourceCommit, envIdentity: options.sourceCommit, envImage: image, envDigest: digest, envRepositoryDigest: `${options.registryPrefix}/agentrun-mgr-env@${digest}`, bootCommit: options.sourceCommit, bootScript: "deploy/runtime/boot/agentrun-boot.sh" }],
|
||||
};
|
||||
}
|
||||
|
||||
function imageForService(catalog: ArtifactCatalog, serviceId: string, options: RenderOptions): { repositoryDigest: string } {
|
||||
function imageForService(catalog: ArtifactCatalog, serviceId: string, options: RenderOptions): CatalogService {
|
||||
const service = catalog.services.find((item) => item.serviceId === serviceId);
|
||||
if (!service) throw new AgentRunError("schema-invalid", `catalog missing service ${serviceId}`, { httpStatus: 2 });
|
||||
if (!/^sha256:[a-f0-9]{64}$/u.test(service.digest)) throw new AgentRunError("schema-invalid", `catalog service ${serviceId} has invalid digest`, { httpStatus: 2 });
|
||||
if (options.requireCatalog && service.digest === `sha256:${"0".repeat(64)}`) throw new AgentRunError("schema-invalid", "placeholder digest is not allowed in promotion render", { httpStatus: 2 });
|
||||
return { repositoryDigest: service.repositoryDigest || `${service.image.slice(0, service.image.lastIndexOf(":"))}@${service.digest}` };
|
||||
const digest = service.envDigest ?? service.digest;
|
||||
if (!/^sha256:[a-f0-9]{64}$/u.test(digest)) throw new AgentRunError("schema-invalid", `catalog service ${serviceId} has invalid digest`, { httpStatus: 2 });
|
||||
if (options.requireCatalog && digest === `sha256:${"0".repeat(64)}`) throw new AgentRunError("schema-invalid", "placeholder digest is not allowed in promotion render", { httpStatus: 2 });
|
||||
return service;
|
||||
}
|
||||
|
||||
function repositoryDigestForService(service: CatalogService): string {
|
||||
if (service.envRepositoryDigest) return service.envRepositoryDigest;
|
||||
if (service.repositoryDigest) return service.repositoryDigest;
|
||||
const image = service.envImage ?? service.image;
|
||||
const digest = service.envDigest ?? service.digest;
|
||||
return `${image.slice(0, image.lastIndexOf(":"))}@${digest}`;
|
||||
}
|
||||
|
||||
function projectYaml(namespace: string): string {
|
||||
@@ -209,7 +239,9 @@ spec:
|
||||
`;
|
||||
}
|
||||
|
||||
function managerYaml(namespace: string, image: { repositoryDigest: string }, sourceCommit: string): string {
|
||||
function managerYaml(namespace: string, image: CatalogService, sourceCommit: string): string {
|
||||
const imageRef = repositoryDigestForService(image);
|
||||
const envIdentity = image.envIdentity ?? image.imageTag ?? "unknown";
|
||||
return `apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
@@ -245,11 +277,13 @@ spec:
|
||||
app.kubernetes.io/name: agentrun-mgr
|
||||
annotations:
|
||||
agentrun.pikastech.local/lane: v0.1
|
||||
agentrun.pikastech.local/source-commit: ${JSON.stringify(sourceCommit)}
|
||||
agentrun.pikastech.local/env-identity: ${JSON.stringify(envIdentity)}
|
||||
spec:
|
||||
serviceAccountName: agentrun-v01-mgr
|
||||
containers:
|
||||
- name: mgr
|
||||
image: ${image.repositoryDigest}
|
||||
image: ${imageRef}
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- name: http
|
||||
@@ -264,12 +298,20 @@ spec:
|
||||
key: DATABASE_URL
|
||||
- name: AGENTRUN_SOURCE_COMMIT
|
||||
value: ${JSON.stringify(sourceCommit)}
|
||||
- name: AGENTRUN_BOOT_COMMIT
|
||||
value: ${JSON.stringify(sourceCommit)}
|
||||
- name: AGENTRUN_BOOT_MODE
|
||||
value: mgr
|
||||
- name: AGENTRUN_BOOT_REPO_URL
|
||||
value: ${JSON.stringify(defaultBootRepoUrl)}
|
||||
- name: AGENTRUN_ENV_IDENTITY
|
||||
value: ${JSON.stringify(envIdentity)}
|
||||
- name: AGENTRUN_RUNTIME_NAMESPACE
|
||||
value: ${JSON.stringify(namespace)}
|
||||
- name: AGENTRUN_INTERNAL_MGR_URL
|
||||
value: ${JSON.stringify(`http://agentrun-mgr.${namespace}.svc.cluster.local:8080`)}
|
||||
- name: AGENTRUN_RUNNER_IMAGE
|
||||
value: ${JSON.stringify(image.repositoryDigest)}
|
||||
value: ${JSON.stringify(imageRef)}
|
||||
- name: AGENTRUN_RUNNER_SERVICE_ACCOUNT
|
||||
value: "agentrun-v01-runner"
|
||||
readinessProbe:
|
||||
|
||||
Reference in New Issue
Block a user