ci: basic flash pipeline (audit not required)

lnflash · Jan 7, 2025 · c7603ca · c7603ca
1 parent f2a7178
commit c7603ca
Show file tree

Hide file tree

Showing 5 changed files with 91 additions and 40 deletions.
diff --git a/ci/pipeline.yml b/ci/pipeline.yml
@@ -50,7 +50,7 @@ resources:
 - #@ nodejs_deps_resource()
 - #@ deps_version_resource()
 - #@ bundled_deps_resource()
-- #@ slack_resource()
+#! - #@ slack_resource()
 
 - #@ version_resource()
 - #@ charts_repo_resource()
@@ -61,4 +61,4 @@ resources:
 
 resource_types:
 - #@ gcr_resource_type()
-- #@ slack_resource_type()
+#! - #@ slack_resource_type()
diff --git a/ci/repipe b/ci/repipe
@@ -7,8 +7,39 @@ if [[ $(which ytt) == "" ]]; then
   exit 1
 fi
 
-target="${FLY_TARGET:-galoy}"
-team=dev
+if [[ -n "$FLY_TARGET" ]]; then
+    target="$FLY_TARGET"
+else
+    # Run `fly targets`, get only the "name" field from each line, and store it in an array
+    mapfile -t target_names < <(fly targets | awk '{print $1}')
+
+    # Check if there are any target names
+    if [ ${#target_names[@]} -eq 0 ]; then
+        echo "No targets found."
+        exit 1
+    fi
+
+    # Display target names and let the user select one
+    echo "Select a target (run 'fly targets' for more info):"
+    for i in "${!target_names[@]}"; do
+        echo "$((i + 1)). ${target_names[$i]}"
+    done
+
+    read -p "Enter the number of the target: " selection
+
+    # Check if the selection is valid
+    if ! [[ "$selection" =~ ^[0-9]+$ ]] || (( selection < 1 || selection > ${#target_names[@]} )); then
+        echo "Invalid selection."
+        exit 1
+    fi
+
+    # Set selected_target to only the name field of the chosen target
+    target="${target_names[$((selection - 1))]}"
+fi
+echo "Targetting $target"
+
+team=main
+values="${PIPELINE_VALUES}"
 
 TMPDIR=""
 TMPDIR=$(mktemp -d -t repipe.XXXXXX)
@@ -18,5 +49,5 @@ ytt -f ci > ${TMPDIR}/pipeline.yml
 
 echo "Updating pipeline @ ${target}"
 
-fly -t ${target} set-pipeline --team=${team} -p galoy-pay -c ${TMPDIR}/pipeline.yml
-fly -t ${target} unpause-pipeline --team=${team} -p galoy-pay
+fly -t ${target} set-pipeline --team=${team} -p flash-pay -c ${TMPDIR}/pipeline.yml -l ${values}
+fly -t ${target} unpause-pipeline --team=${team} -p flash-pay
diff --git a/ci/values.yml b/ci/values.yml
@@ -1,17 +1,21 @@
 #@data/values
 ---
-git_uri: git@github.com:GaloyMoney/galoy-pay.git
+git_uri: https://github.com/lnflash/flash-pay.git
 git_branch: main
-git_charts_uri: git@github.com:GaloyMoney/charts.git
+git_charts_uri: https://github.com/lnflash/charts.git
 git_charts_branch: main
-git_charts_bot_branch: bot-bump-galoy-pay-image
-github_private_key: ((github.private_key))
-github_token: ((github.api_token))
-docker_registry: us.gcr.io/galoy-org
-docker_registry_user: ((docker-creds.username))
-docker_registry_password: ((docker-creds.password))
+git_charts_bot_branch: bot-bump-flash-pay-image
+docker_registry: ((docker.registry))
+docker_registry_user: ((docker.username))
+docker_registry_password: ((docker.password))
 git_version_branch: version
-gh_org: GaloyMoney
-gh_repository: galoy-pay
+gh_org: lnflash
+gh_repository: flash-pay
+#! github_private_key: ((github.private_key))
+gh_user: ((github.username)) 
+gh_password: ((github.api_token)) 
+github_token: ((github.api_token))
+
+#! UNUSED
 slack_channel: galoy-pay-github
 slack_webhook_url: ((addons-slack.api_url))
diff --git a/ci/vendor/pipeline-fragments.lib.yml b/ci/vendor/pipeline-fragments.lib.yml
@@ -4,6 +4,10 @@
 #@  return "us.gcr.io/galoy-org"
 #@ end
 
+#@ def flash_registry():
+#@  return "docker.io/lnflash"
+#@ end
+
 #@ def nodejs_concourse_image():
 #@   return public_docker_registry() + "/nodejs-concourse"
 #@ end
@@ -19,24 +23,24 @@
 #@ def nodejs_task_image_config():
 type: registry-image
 source:
-  username: ((docker-creds.username))
-  password: ((docker-creds.password))
+  #! username: ((docker-creds.username))
+  #! password: ((docker-creds.password))
   repository: #@ nodejs_concourse_image()
 #@ end
 
 #@ def rust_task_image_config():
 type: registry-image
 source:
-  username: ((docker-creds.username))
-  password: ((docker-creds.password))
+  #! username: ((docker-creds.username))
+  #! password: ((docker-creds.password))
   repository: #@ rust_concourse_image()
 #@ end
 
 #@ def release_task_image_config():
 type: registry-image
 source:
-  username: ((docker-creds.username))
-  password: ((docker-creds.password))
+  #! username: ((docker.username))
+  #! password: ((docker.password))
   repository: #@ release_concourse_image()
 #@ end
 
@@ -68,7 +72,7 @@ plan:
     - name: repo
     run:
       path: pipeline-tasks/ci/vendor/tasks/nodejs-check-code.sh
-on_failure: #@ slack_failure_notification()
+#! on_failure: #@ slack_failure_notification()
 #@ end
 
 #@ def rust_check_code():
@@ -115,7 +119,7 @@ plan:
 - put: bundled-deps
   params:
     file: bundled-deps/bundled-deps-*.tgz
-on_failure: #@ slack_failure_notification()
+#! on_failure: #@ slack_failure_notification()
 #@ end
 
 #@ def nodejs_integration_test():
@@ -199,7 +203,7 @@ plan:
       REPO_ROOT: repo
     run:
       path: pipeline-tasks/ci/vendor/tasks/nodejs-audit.sh
-on_failure: #@ slack_failure_notification()
+#! on_failure: #@ slack_failure_notification()
 #@ end
 
 #@ def build_edge_image():
@@ -248,7 +252,7 @@ plan:
 - in_parallel:
   - get: repo
     trigger: true
-    passed: [ build-edge-image, audit, check-code ]
+    passed: [ build-edge-image, check-code ]
   - get: edge-image
     passed: [ build-edge-image ]
     params:
@@ -346,7 +350,9 @@ source:
   fetch_tags: true
   uri: #@ data.values.git_uri
   branch: #@ data.values.git_branch
-  private_key: #@ data.values.github_private_key
+  username: #@ data.values.gh_user
+  password: #@ data.values.gh_password
+  #! private_key: #@ data.values.github_private_key
 #@ end
 
 #@ def pipeline_tasks_resource():
@@ -356,7 +362,9 @@ source:
   paths: [ci/vendor/*, ci/tasks/*, ci/config/*, Makefile]
   uri: #@ data.values.git_uri
   branch: #@ data.values.git_branch
-  private_key: #@ data.values.github_private_key
+  username: #@ data.values.gh_user
+  password: #@ data.values.gh_password
+  #! private_key: #@ data.values.github_private_key
 #@ end
 
 #@ def edge_image_resource():
@@ -366,7 +374,7 @@ source:
   tag: edge
   username: #@ data.values.docker_registry_user
   password: #@ data.values.docker_registry_password
-  repository: #@ public_docker_registry() + "/" + data.values.gh_repository
+  repository: #@ flash_registry() + "/" + data.values.gh_repository
 #@ end
 
 #@ def nodejs_deps_resource():
@@ -376,7 +384,9 @@ source:
   paths: [yarn.lock]
   uri: #@ data.values.git_uri
   branch: #@ data.values.git_branch
-  private_key: #@ data.values.github_private_key
+  username: #@ data.values.gh_user
+  password: #@ data.values.gh_password
+  #! private_key: #@ data.values.github_private_key
 #@ end
 
 #@ def deps_version_resource():
@@ -385,17 +395,17 @@ type: semver
 source:
   initial_version: 0.1.0
   driver: gcs
-  bucket: ((staging-gcp-creds.bucket_name))
-  json_key: ((staging-gcp-creds.creds_json))
+  bucket: ((gcs.bucket))
+  json_key: ((gcs.sa_creds))
   key: #@ data.values.gh_repository + "-artifacts/versions/deps"
 #@ end
 
 #@ def bundled_deps_resource():
 name: bundled-deps
 type: gcs-resource
 source:
-  bucket: ((staging-gcp-creds.bucket_name))
-  json_key: ((staging-gcp-creds.creds_json))
+  bucket: ((gcs.bucket))
+  json_key: ((gcs.sa_creds))
   regexp: #@ data.values.gh_repository + "-artifacts/deps/bundled-deps-v(.*)-.*.tgz"
 #@ end
 
@@ -415,7 +425,9 @@ source:
   file: version
   uri: #@ data.values.git_uri
   branch: #@ data.values.git_version_branch
-  private_key: #@ data.values.github_private_key
+  username: #@ data.values.gh_user
+  password: #@ data.values.gh_password
+  #! private_key: #@ data.values.github_private_key
 #@ end
 
 #@ def charts_repo_resource():
@@ -424,7 +436,9 @@ type: git
 source:
   uri: #@ data.values.git_charts_uri
   branch: #@ data.values.git_charts_branch
-  private_key: #@ data.values.github_private_key
+  username: #@ data.values.gh_user
+  password: #@ data.values.gh_password
+  #! private_key: #@ data.values.github_private_key
 #@ end
 
 #@ def versioned_image_resource():
@@ -433,7 +447,7 @@ type: registry-image
 source:
   username: #@ data.values.docker_registry_user
   password: #@ data.values.docker_registry_password
-  repository: #@ public_docker_registry() + "/" + data.values.gh_repository
+  repository: #@ flash_registry() + "/" + data.values.gh_repository
 #@ end
 
 #@ def gh_release_resource():
@@ -451,7 +465,9 @@ type: git
 source:
   uri: #@ data.values.git_charts_uri
   branch: #@ "bot-bump-" + data.values.gh_repository + "-image"
-  private_key: #@ data.values.github_private_key
+  username: #@ data.values.gh_user
+  password: #@ data.values.gh_password
+  #! private_key: #@ data.values.github_private_key
 #@ end
 
 #@ def gcr_resource_type():

diff --git a/ci/vendor/tasks/chart-open-charts-pr.sh b/ci/vendor/tasks/chart-open-charts-pr.sh
@@ -23,7 +23,7 @@ ${digest}
 
 Code diff contained in this image:
 
-https://github.com/GaloyMoney/${CHARTS_SUBDIR}/compare/${old_ref}...${ref}
+https://github.com/lnflash/${CHARTS_SUBDIR}/compare/${old_ref}...${ref}
 EOF
 
 gh pr close ${BOT_BRANCH} || true
@@ -32,5 +32,5 @@ gh pr create \
   --body-file ../body.md \
   --base ${BRANCH} \
   --head ${BOT_BRANCH} \
-  --label galoybot \
+  --label flashbot \
   --label ${CHARTS_SUBDIR}