Merge branch 'main' into docs/improve_remote_rule_evaluation_docs

grafana · Oct 29, 2024 · 789723c · 789723c
2 parents 65c1f00 + 90f34ca
commit 789723c
Show file tree

Hide file tree

Showing 1,057 changed files with 78,644 additions and 46,531 deletions.
diff --git a/.github/renovate.json b/.github/renovate.json
@@ -1,36 +1,53 @@
 {
-    "$schema": "https://docs.renovatebot.com/renovate-schema.json",
-    "extends": [
-      "config:base"
-    ],
-    "labels": ["dependencies"],
-    "prHourlyLimit": 4,
-    "baseBranches": ["main"],
-    "packageRules": [
-      {
-        "matchBaseBranches": ["release-2.9.x","release-2.8.x"],
-        "packagePatterns": ["*"],
-        "enabled": false
-      },
-      {
-        "matchFileNames": [ "operator/go.mod" ],
-        "matchPackageNames": [
-          "github.com/grafana/loki",
-          "github.com/grafana/loki/operator/apis/loki"
-        ],
-        "enabled": false
-      }
-    ],
-    "vulnerabilityAlerts": {
-      "enabled": true,
-      "addLabels": ["area/security"]
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "config:recommended"
+  ],
+  "labels": [
+    "dependencies"
+  ],
+  "prHourlyLimit": 4,
+  "baseBranches": [
+    "main"
+  ],
+  "packageRules": [
+    {
+      "matchBaseBranches": [
+        "release-2.9.x",
+        "release-2.8.x"
+      ],
+      "enabled": false,
+      "matchPackageNames": [
+        "*"
+      ]
     },
-
-    "osvVulnerabilityAlerts": true,
-    "prConcurrentLimit": 10,
-    "rebaseWhen": "conflicted",
-    "branchPrefix": "deps-update/",
-    "postUpdateOptions": ["gomodTidy"],
-    "semanticCommitType": "fix",
-    "semanticCommitScope": "deps"
-  }
+    {
+      "matchFileNames": [
+        "operator/go.mod"
+      ],
+      "matchPackageNames": [
+        "github.com/grafana/loki",
+        "github.com/grafana/loki/operator/api/loki"
+      ],
+      "enabled": false
+    }
+  ],
+  "digest": {
+    "enabled": false
+  },
+  "vulnerabilityAlerts": {
+    "enabled": true,
+    "addLabels": [
+      "area/security"
+    ]
+  },
+  "osvVulnerabilityAlerts": true,
+  "prConcurrentLimit": 10,
+  "rebaseWhen": "conflicted",
+  "branchPrefix": "deps-update/",
+  "postUpdateOptions": [
+    "gomodTidy"
+  ],
+  "semanticCommitType": "fix",
+  "semanticCommitScope": "deps"
+}
diff --git a/.github/workflows/helm-release.yaml b/.github/workflows/helm-release.yaml
@@ -1,7 +1,13 @@
 name: helm-release
 
 on:
-  workflow_dispatch: # must be invoked manually
+  workflow_dispatch: # for manual testing
+  push:
+    branches:
+      - main
+      - k[0-9]+
+    paths:
+      - 'production/helm/loki/Chart.yaml'
 
 jobs:
   call-update-helm-repo:

diff --git a/.github/workflows/helm-tagged-release-pr.yaml b/.github/workflows/helm-tagged-release-pr.yaml
@@ -1,15 +1,23 @@
-name: helm-weekly-release-pr
+name: Helm tagged release PR
 
 on:
   release:
     types:
       - released
 
+  workflow_dispatch: # for manual testing
+
 jobs:
   weekly-release-pr:
     runs-on: ubuntu-latest
+    env:
+      RELEASE_VERSION: "${{ github.event.release.tag_name || 'test' }}"
+      BUILD_IN_CONTAINER: false
     steps:
       - uses: actions/checkout@v4
+      - uses: gabe565/setup-helm-docs-action@v1
+        with:
+          version: v1.11.2
 
       - id: "get_github_app_token"
         name: "get github app token"
@@ -21,13 +29,14 @@ jobs:
 
       - name: Update/regenerate files
         id: update
-        run: bash .github/workflows/scripts/helm-tagged-release.sh ${{ github.event.release.tag_name }}
+        run: |
+          bash .github/workflows/scripts/helm-tagged-release.sh ${RELEASE_VERSION}
 
       - name: Create Pull Request
         uses: peter-evans/create-pull-request@v5
         with:
           token: ${{ steps.get_github_app_token.outputs.token }}
-          title: Release loki Helm chart ${{ steps.update.outputs.new_chart_version }}
+          title: "chore: release loki helm chart ${{ steps.update.outputs.new_chart_version }}"
           body: Automated PR created by [helm-tagged-release-pr.yaml](https://github.com/grafana/loki/blob/main/.github/workflows/helm-tagged-release-pr.yaml)
           commit-message: Update loki chart to ${{ steps.update.outputs.new_chart_version }}
           branch: helm-chart-tagged-${{ steps.update.outputs.new_chart_version }}

diff --git a/.github/workflows/helm-weekly-release-pr.yaml b/.github/workflows/helm-weekly-release-pr.yaml
@@ -1,17 +1,26 @@
-name: helm-weekly-release-pr
+name: Helm weekly release PR
 
 on:
   schedule:
-    - cron: '0 10 * * 1-5' # 10 UTC on weekdays; if we miss published images one day, they should align the day after
+    - cron: '0 10 * * 2' # 10 UTC every Tuesday (since ks get cut on Monday)
 
   workflow_dispatch: # for manual testing
 
+permissions:
+  contents: "read"
+  id-token: "write"
+  pull-requests: "write"
+
 jobs:
   weekly-release-pr:
     runs-on: ubuntu-latest
+    env:
+      BUILD_IN_CONTAINER: false
     steps:
       - uses: actions/checkout@v4
-      - uses: imjasonh/setup-crane@v0.4
+      - uses: gabe565/setup-helm-docs-action@v1
+        with:
+          version: v1.11.2
 
       - id: "get_github_app_token"
         name: "get github app token"
@@ -21,15 +30,37 @@ jobs:
           owner: "${{ github.repository_owner }}"
           private-key: "${{ secrets.APP_PRIVATE_KEY }}"
 
-      - name: Update/regenerate files
+      - name: "Login to DockerHub (from vault)"
+        uses: "grafana/shared-workflows/actions/dockerhub-login@main"
+
+      - uses: imjasonh/setup-crane@v0.4
+
+      - name: Update/regenerate files for k release
+        id: update-k
+        run: |
+          bash .github/workflows/scripts/helm-weekly-release.sh -k
+
+      - name: Create Pull Request
+        uses: peter-evans/create-pull-request@v5
+        with:
+          token: ${{ steps.get_github_app_token.outputs.token }}
+          title: "chore: release loki helm chart ${{ steps.update-k.outputs.new_chart_version }}"
+          body: Automated PR created by [helm-weekly-release-pr.yaml](https://github.com/grafana/loki/blob/main/.github/workflows/helm-weekly-release-pr.yaml)
+          commit-message: Update loki chart to ${{ steps.update-k.outputs.new_chart_version }}
+          branch: helm-chart-weekly-${{ steps.update-k.outputs.new_chart_version }}
+          base: ${{ steps.update-k.outputs.weekly }}
+          labels: helm
+
+      - name: Update/regenerate files for standard release
         id: update
-        run: bash .github/workflows/scripts/helm-weekly-release.sh
+        run: |
+          bash .github/workflows/scripts/helm-weekly-release.sh
 
       - name: Create Pull Request
         uses: peter-evans/create-pull-request@v5
         with:
           token: ${{ steps.get_github_app_token.outputs.token }}
-          title: Release loki Helm chart ${{ steps.update.outputs.new_chart_version }}
+          title: "chore: release loki helm chart ${{ steps.update.outputs.new_chart_version }}"
           body: Automated PR created by [helm-weekly-release-pr.yaml](https://github.com/grafana/loki/blob/main/.github/workflows/helm-weekly-release-pr.yaml)
           commit-message: Update loki chart to ${{ steps.update.outputs.new_chart_version }}
           branch: helm-chart-weekly-${{ steps.update.outputs.new_chart_version }}

diff --git a/.github/workflows/logql-analyzer.yml b/.github/workflows/logql-analyzer.yml
@@ -0,0 +1,114 @@
+name: LogQL Analyzer
+
+on:
+  workflow_dispatch:
+  release:
+    types:
+      - released
+
+permissions:
+  contents: read
+  id-token: write
+
+jobs:
+  analyze:
+    runs-on: ubuntu-latest
+
+    env:
+      BUILD_TIMEOUT: 60
+      IMAGE_PREFIX: "grafana"
+      RELEASE_VERSION: "${{ github.event.release.tag_name || 'test' }}"
+    steps:
+    - uses: actions/checkout@v4
+      with:
+        fetch-tags: true
+        path: loki
+
+    - name: prepare
+      id: prepare
+      env:
+        MAJOR_MINOR_VERSION_REGEXP: '([0-9]+\\.[0-9]+)'
+        RELEASE_TAG_REGEXP: '^([0-9]+\\.[0-9]+\\.[0-9]+)$'
+      working-directory: loki
+      run: |
+        echo "$(./tools/image-tag)" > .tag
+        if [[ "$RELEASE_VERSION" == "test" ]]; then
+          echo "RELEASE_VERSION is not set, using image tag"
+          RELEASE_VERSION="$(cat .tag)"
+        fi
+        echo "RELEASE_VERSION: $RELEASE_VERSION"
+
+        # if the tag matches the pattern `D.D.D` then RELEASE_NAME="D-D-x", otherwise RELEASE_NAME="next"
+        RELEASE_NAME=$([[ $RELEASE_VERSION =~ $RELEASE_TAG_REGEXP ]] && echo $RELEASE_TAG | grep -oE $MAJOR_MINOR_VERSION_REGEXP | sed "s/\\./-/g" | sed "s/$/-x/" || echo "next")
+        echo "RELEASE_NAME: $RELEASE_NAME"
+
+        echo "release_version=${RELEASE_VERSION}" >> "$GITHUB_OUTPUT"
+        echo "release_name=${RELEASE_NAME}" >> "$GITHUB_OUTPUT"
+
+    - id: "get-github-app-token"
+      name: "get github app token"
+      uses: "actions/create-github-app-token@v1"
+      with:
+        app-id: "${{ secrets.APP_ID }}"
+        owner: "${{ github.repository_owner }}"
+        private-key: "${{ secrets.APP_PRIVATE_KEY }}"
+
+    - name: "Set up QEMU"
+      uses: "docker/setup-qemu-action@v3"
+    - name: "set up docker buildx"
+      uses: "docker/setup-buildx-action@v3"
+    - name: "Login to DockerHub (from vault)"
+      uses: "grafana/shared-workflows/actions/dockerhub-login@main"
+
+    - name: "Build and push"
+      timeout-minutes: "${{ fromJSON(env.BUILD_TIMEOUT) }}"
+      uses: "docker/build-push-action@v6"
+      with:
+        build-args: "IMAGE_TAG=${{ steps.prepare.outputs.release_version }}"
+        context: loki
+        file: "loki/cmd/logql-analyzer/Dockerfile"
+        platforms: "linux/amd64"
+        push: true
+        tags: "grafana/logql-analyzer:${{ steps.prepare.outputs.release_version }}"
+
+    - name: Log in to Google Artifact Registry
+      uses: grafana/shared-workflows/actions/login-to-gar@main
+      with:
+        registry: "us-docker.pkg.dev"
+        environment: "prod"
+
+    - name: Update to latest image
+      env:
+        GITHUB_TOKEN: ${{ steps.get-github-app-token.outputs.token }}
+        RELEASE_NAME: ${{ steps.prepare.outputs.release_name }}
+        RELEASE_VERSION: ${{ steps.prepare.outputs.release_version }}
+      run: |
+        set -e -o pipefail
+
+        cat << EOF > config.json
+        {
+          "repo_name": "deployment_tools",
+          "destination_branch": "master",
+          "git_author_email": "119986603+updater-for-ci[bot]@users.noreply.github.com",
+          "git_author_name": "version_bumper[bot]",
+          "git_committer_email": "119986603+updater-for-ci[bot]@users.noreply.github.com",
+          "git_committer_name": "version_bumper[bot]",
+          "pull_request_branch_prefix": "logql-analyzer/updater",
+          "pull_request_enabled": true,
+          "pull_request_existing_strategy": "replace",
+          "pull_request_title_prefix": "[logql-analyzer updater] ",
+          "pull_request_message": "Add logql-analyzer version to ${RELEASE_VERSION} to supported versions",
+          "update_jsonnet_attribute_configs": [
+              {
+                "file_path": "ksonnet/environments/logql-analyzer/supported-versions.libsonnet",
+                "jsonnet_key": "${RELEASE_NAME}",
+                "jsonnet_value": "grafana/logql-analyzer:${RELEASE_VERSION}-amd64",
+                "upsert": true
+              }
+            ]
+        }
+        EOF
+
+        docker run --rm \
+          -e GITHUB_TOKEN="$GITHUB_TOKEN" \
+          -e CONFIG_JSON="$(cat config.json)" us-docker.pkg.dev/grafanalabs-global/docker-deployment-tools-prod/updater |& tee updater-output.log
diff --git a/.github/workflows/scripts/common.sh b/.github/workflows/scripts/common.sh
@@ -22,24 +22,20 @@ get_yaml_node() {
 # Increments the part of the semver string
 # $1: version itself
 # $2: number of part: 0 – major, 1 – minor, 2 – patch
+# shellcheck disable=SC2207,SC2046,SC2248,SC2250
 increment_semver() {
   local delimiter=.
-  local array=("$(echo "$1" | tr "${delimiter}" '\n')")
-  array[$2]=$((array[$2] + 1))
-  echo "$(
-    local IFS=${delimiter}
-    echo "${array[*]}"
-  )"
+  local array=($(echo "$1" | tr $delimiter '\n'))
+  array[$2]=$((array[$2]+1))
+  echo $(local IFS=$delimiter ; echo "${array[*]}")
 }
 
 # Sets the patch segment of a semver to 0
 # $1: version itself
+# shellcheck disable=SC2207,SC2046,SC2248,SC2250
 set_semver_patch_to_zero() {
   local delimiter=.
-  local array=("$(echo "$1" | tr "${delimiter}" '\n')")
+  local array=($(echo "$1" | tr $delimiter '\n'))
   array[2]="0"
-  echo "$(
-    local IFS=${delimiter}
-    echo "${array[*]}"
-  )"
+  echo $(local IFS=$delimiter ; echo "${array[*]}")
 }
diff --git a/.github/workflows/scripts/helm-tagged-release.sh b/.github/workflows/scripts/helm-tagged-release.sh
@@ -51,4 +51,5 @@ sed --in-place \
 
 make TTY='' helm-docs
 
-echo "::set-output name=new_chart_version::${new_chart_version}"
+# shellcheck disable=SC2154,SC2250
+echo "new_chart_version=${new_chart_version}" >> "$GITHUB_OUTPUT"