Delete remaining Drone files to finish migration to GHA (#4552)

2025-03-14 03:06:42 +00:00 · 2025-01-14 17:02:30 +01:00
parent 424274aab5
commit 52388dd460
7 changed files with 1 additions and 267 deletions
--- a/.drone/docker-manifest.tmpl
+++ b/.drone/docker-manifest.tmpl
@ -1,13 +0,0 @@
-image: grafana/{{config.target}}
-tags:
-  - latest
-  - {{build.tags}}
-manifests:
-  - image: grafana/{{config.target}}:{{build.tags}}-amd64
-    platform:
-      architecture: amd64
-      os: linux
-  - image: grafana/{{config.target}}:{{build.tags}}-arm64
-    platform:
-      architecture: arm64
-      os: linux
--- a/.drone/drone.jsonnet
+++ b/.drone/drone.jsonnet
@ -1,78 +0,0 @@
-local apps = ['tempo', 'tempo-vulture', 'tempo-query', 'tempo-cli'];
-local archs = ['amd64', 'arm64'];
-
-//# Building blocks ##
-
-local pipeline(name, arch='amd64') = {
-  kind: 'pipeline',
-  name: name,
-  platform: {
-    os: 'linux',
-    arch: arch,
-  },
-  steps: [],
-  depends_on: [],
-  trigger: {
-    ref: [
-      'refs/heads/main',
-      'refs/tags/v*',
-      // weekly release branches
-      'refs/heads/r?',
-      'refs/heads/r??',
-      'refs/heads/r???',
-    ],
-  },
-};
-
-local secret(name, vault_path, vault_key) = {
-  kind: 'secret',
-  name: name,
-  get: {
-    path: vault_path,
-    name: vault_key,
-  },
-};
-
-local docker_username_secret = secret('docker_username', 'infra/data/ci/docker_hub', 'username');
-local docker_password_secret = secret('docker_password', 'infra/data/ci/docker_hub', 'password');
-
-// secret needed to access us.gcr.io in deploy_to_dev()
-local docker_config_json_secret = secret('dockerconfigjson', 'secret/data/common/gcr', '.dockerconfigjson');
-
-// secret needed for dep-tools
-local gh_token_secret = secret('gh_token', 'infra/data/ci/github/grafanabot', 'pat');
-local tempo_app_id_secret = secret('tempo_app_id_secret', 'infra/data/ci/tempo/github-app', 'app-id');
-local tempo_app_installation_id_secret = secret('tempo_app_installation_id_secret', 'infra/data/ci/tempo/github-app', 'app-installation-id');
-local tempo_app_private_key_secret = secret('tempo_app_private_key_secret', 'infra/data/ci/tempo/github-app', 'app-private-key');
-
-// secret to sign linux packages
-local gpg_passphrase = secret('gpg_passphrase', 'infra/data/ci/packages-publish/gpg', 'passphrase');
-local gpg_private_key = secret('gpg_private_key', 'infra/data/ci/packages-publish/gpg', 'private-key');
-
-local aws_dev_access_key_id = secret('AWS_ACCESS_KEY_ID-dev', 'infra/data/ci/tempo-dev/aws-credentials-drone', 'access_key_id');
-local aws_dev_secret_access_key = secret('AWS_SECRET_ACCESS_KEY-dev', 'infra/data/ci/tempo-dev/aws-credentials-drone', 'secret_access_key');
-local aws_prod_access_key_id = secret('AWS_ACCESS_KEY_ID-prod', 'infra/data/ci/tempo-prod/aws-credentials-drone', 'access_key_id');
-local aws_prod_secret_access_key = secret('AWS_SECRET_ACCESS_KEY-prod', 'infra/data/ci/tempo-prod/aws-credentials-drone', 'secret_access_key');
-
-//# Steps ##
-
-// the alpine/git image has apk errors when run on aarch64, this is the most recent image that does not have this issue
-// https://github.com/alpine-docker/git/issues/35
-local alpine_git_image = 'alpine/git:v2.30.2';
-
-//# Pipelines & resources
-[
-  docker_username_secret,
-  docker_password_secret,
-  docker_config_json_secret,
-  gh_token_secret,
-  tempo_app_id_secret,
-  tempo_app_installation_id_secret,
-  tempo_app_private_key_secret,
-  aws_dev_access_key_id,
-  aws_dev_secret_access_key,
-  aws_prod_access_key_id,
-  aws_prod_secret_access_key,
-  gpg_private_key,
-  gpg_passphrase,
-]
--- a/.drone/drone.yml
+++ b/.drone/drone.yml
@ -1,83 +0,0 @@
---
-get:
-  name: username
-  path: infra/data/ci/docker_hub
-kind: secret
-name: docker_username
---
-get:
-  name: password
-  path: infra/data/ci/docker_hub
-kind: secret
-name: docker_password
---
-get:
-  name: .dockerconfigjson
-  path: secret/data/common/gcr
-kind: secret
-name: dockerconfigjson
---
-get:
-  name: pat
-  path: infra/data/ci/github/grafanabot
-kind: secret
-name: gh_token
---
-get:
-  name: app-id
-  path: infra/data/ci/tempo/github-app
-kind: secret
-name: tempo_app_id_secret
---
-get:
-  name: app-installation-id
-  path: infra/data/ci/tempo/github-app
-kind: secret
-name: tempo_app_installation_id_secret
---
-get:
-  name: app-private-key
-  path: infra/data/ci/tempo/github-app
-kind: secret
-name: tempo_app_private_key_secret
---
-get:
-  name: access_key_id
-  path: infra/data/ci/tempo-dev/aws-credentials-drone
-kind: secret
-name: AWS_ACCESS_KEY_ID-dev
---
-get:
-  name: secret_access_key
-  path: infra/data/ci/tempo-dev/aws-credentials-drone
-kind: secret
-name: AWS_SECRET_ACCESS_KEY-dev
---
-get:
-  name: access_key_id
-  path: infra/data/ci/tempo-prod/aws-credentials-drone
-kind: secret
-name: AWS_ACCESS_KEY_ID-prod
---
-get:
-  name: secret_access_key
-  path: infra/data/ci/tempo-prod/aws-credentials-drone
-kind: secret
-name: AWS_SECRET_ACCESS_KEY-prod
---
-get:
-  name: private-key
-  path: infra/data/ci/packages-publish/gpg
-kind: secret
-name: gpg_private_key
---
-get:
-  name: passphrase
-  path: infra/data/ci/packages-publish/gpg
-kind: secret
-name: gpg_passphrase
---
-kind: signature
-hmac: 3c75d5aee874c3a55608d626bfdca5d28ef23ecefebc5b9cdfc43aa8f6a19cec
-
-...
--- a/.drone/readme.md
+++ b/.drone/readme.md
@ -1,49 +0,0 @@
-# Drone
-
-Drone is used for building our official dockerhub images. It is broken into 3 
-pipelines. Note that none of the pipelines include testing so it's important that 
-the codebase is otherwise tested when it begins this process. Currently we use GitHub
-Actions for testing every PR and only build the main branch, tags and weekly release
-branches (`r**`).
-
-# Pipelines
-
-The pipelines are `docker-amd64`, `docker-arm64`, and `manifest`. The two docker pipelines
-run concurrently and create images tagged like `tempo:<tag>-<arch>` or `tempo:<branch>-<sha>-<arch>`.
-E.g. `tempo:1.1.0-arm64` or `tempo:main-e2a314-amd64`. The manifest step then creates a manifest 
-that combines the mentioned images into one multiarch image named as you would expect: 
-`tempo:1.1.0` or `tempo:main-e2a314`.  
-
-The documentation on the manifest step is basically non-existent. There's some very
-weak documentation in the Drone docs, but it's not even worth looking at. To understand
-how to use the manifest step I'd recommend looking at the code itself:
-
-https://github.com/drone-plugins/drone-manifest
-
-It is a very simple wrapper that takes the configuration options and runs the following 
-cli tool:
-
-https://github.com/estesp/manifest-tool
-
-[`docker-manifest.tmpl`](./docker-manifest.tmpl) is pushed through the standard go templating library with access
-to these objects: https://github.com/drone-plugins/drone-manifest/blob/master/plugin.go#L23
-
-# Updating drone.yml
-
-`drone.yml` is generated based upon `drone.jsonnet`. To change the Drone pipelines edit
-`drone.jsonnet` and run:
-
-```
-make drone
-```
-
-# Signature
-
-`drone.yml` contains a signature that can only be generated with an access token from the Grafana
-Drone server. If you do not have an access token the last step of `make drone` will fail. Feel free
-to still submit a PR, a Tempo maintainer can update the signature before merging the PR. To regenerate
-the signature run:
-
-```
-make drone-signature
-```
--- a/.github/workflows/drone-signature-check.yml
+++ b/.github/workflows/drone-signature-check.yml
@ -1,23 +0,0 @@
-name: Check Drone CI Signature
-
-on:
-  push:
-    branches:
-      - "main"
-    paths:
-      - ".drone/drone.yml"
-  pull_request:
-    paths:
-      - ".drone/drone.yml"
-
-permissions:
-  id-token: write
-  contents: read
-
-jobs:
-  drone-signature-check:
-    # only run in grafana/tempo.
-    if: github.repository == 'grafana/tempo'    
-    uses: grafana/shared-workflows/.github/workflows/check-drone-signature.yaml@main
-    with:
-      drone_config_path: .drone/drone.yml
--- a/20
+++ b/20
@ -362,26 +362,6 @@ tempo-mixin: tools-image
 tempo-mixin-check: tools-image
 	$(TOOLS_CMD) $(MAKE) -C operations/tempo-mixin check

-##@ drone
-.PHONY: drone drone-jsonnet drone-signature
-# this requires the drone-cli https://docs.drone.io/cli/install/
-drone: ## Run Drone targets
-	# piggyback on Loki's build image, this image contains a newer version of drone-cli than is
-	# released currently (1.4.0). The newer version of drone-clie keeps drone.yml human-readable.
-	# This will run 'make drone-jsonnet' from within the container
-	docker run -e DRONE_SERVER -e DRONE_TOKEN --rm -v $(shell pwd):/src/loki ${LOKI_BUILD_IMAGE} drone-jsonnet drone-signature
-
-	drone lint .drone/drone.yml --trusted
-
-drone-jsonnet:
-	drone jsonnet --stream --format --source .drone/drone.jsonnet --target .drone/drone.yml
-
-drone-signature:
-ifndef DRONE_TOKEN
-	$(error DRONE_TOKEN is not set, visit https://drone.grafana.net/account)
-endif
-	DRONE_SERVER=https://drone.grafana.net drone sign --save grafana/tempo .drone/drone.yml
-
 .PHONY: generate-manifest
 generate-manifest:
 	GO111MODULE=on CGO_ENABLED=0 go run -v pkg/docsgen/generate_manifest.go
--- a/RELEASES.MD
+++ b/RELEASES.MD
@ -5,7 +5,7 @@
 - Push a semver tag to main on the merge commit above.  Something like:
  - `git tag -a v1.2.0-rc.0`
  - `git push origin v1.2.0-rc.0`
- This will initiate the build process in Github Actions and Drone.  The tagged docker image should
+- This will initiate the build process in Github Actions.  The tagged docker image should
  be available here shortly: https://hub.docker.com/r/grafana/tempo/tags?page=1&ordering=last_updated
 - A Github Release Draft should also be available here:  https://github.com/grafana/tempo/releases
  - Copy over the CHANGELOG entries for the release