[rollout] new rollout config

rollout/cli_tools_cloudbuild_build.yaml

@@ -0,0 +1,182 @@
+# Build all the docker images and put them into container registry (gcr.io)
+# Later, these images will be copied to artifacts registry on demand.
+
+timeout: 1800s
+
+options:
+  env:
+  - GO111MODULE=auto
+  - GOPROXY=https://proxy.golang.org
+  volumes:
+  - name: go-pkg
+    path: /go/pkg
+  - name: go-src
+    path: /go/src
+
+substitutions:
+  _RELEASE: 'latest'
+
+steps:
+# Build daisy.
+- name: 'golang'
+  dir: 'daisy/cli'
+  args: ['go', 'build', '-o=/workspace/linux/daisy']
+  env: ['CGO_ENABLED=0']
+- name: 'golang'
+  dir: 'daisy/cli'
+  args: ['go', 'build', '-o=/workspace/windows/daisy']
+  env: ['GOOS=windows']
+- name: 'golang'
+  dir: 'daisy/cli'
+  args: ['go', 'build', '-o=/workspace/darwin/daisy']
+  env: ['GOOS=darwin']
+- name: 'gcr.io/kaniko-project/executor:v1.0.0'
+  args:
+  - --destination=gcr.io/$PROJECT_ID/daisy:$_RELEASE
+  - --destination=gcr.io/$PROJECT_ID/daisy:$COMMIT_SHA
+  - --destination=gcr.io/$PROJECT_ID/daisy:$_WORKFLOW_EXECUTION_ID
+  - --context=/workspace
+  - --dockerfile=daisy.Dockerfile
+
+# Build gce_image_publish.
+- name: 'golang'
+  dir: 'cli_tools/gce_image_publish'
+  args: ['go', 'build', '-o=/workspace/linux/gce_image_publish']
+  env: ['CGO_ENABLED=0']
+- name: 'golang'
+  dir: 'cli_tools/gce_image_publish'
+  args: ['go', 'build', '-o=/workspace/windows/gce_image_publish.exe']
+  env: ['GOOS=windows']
+- name: 'golang'
+  dir: 'cli_tools/gce_image_publish'
+  args: ['go', 'build', '-o=/workspace/darwin/gce_image_publish']
+  env: ['GOOS=darwin']
+- name: 'gcr.io/kaniko-project/executor:v1.0.0'
+  args:
+  - --destination=gcr.io/$PROJECT_ID/gce_image_publish:$_RELEASE
+  - --destination=gcr.io/$PROJECT_ID/gce_image_publish:$COMMIT_SHA
+  - --destination=gcr.io/$PROJECT_ID/gce_image_publish:$_WORKFLOW_EXECUTION_ID
+  - --context=/workspace
+  - --dockerfile=gce_image_publish.Dockerfile
+
+# Build gce_export.
+- name: 'golang'
+  dir: 'cli_tools/gce_export'
+  args: ['go', 'build', '-o=/workspace/linux/gce_export']
+  env: ['CGO_ENABLED=0']
+- name: 'golang'
+  dir: 'cli_tools/gce_export'
+  args: ['go', 'build', '-o=/workspace/windows/gce_export']
+  env: ['GOOS=windows']
+- name: 'gcr.io/kaniko-project/executor:v1.0.0'
+  args:
+  - --destination=gcr.io/$PROJECT_ID/gce_export:$_RELEASE
+  - --destination=gcr.io/$PROJECT_ID/gce_export:$COMMIT_SHA
+  - --destination=gcr.io/$PROJECT_ID/gce_export:$_WORKFLOW_EXECUTION_ID
+  - --context=/workspace
+  - --dockerfile=gce_export.Dockerfile
+
+# Build import_precheck.
+- name: 'golang'
+  dir: 'cli_tools/import_precheck'
+  args: ['go', 'build', '-o=/workspace/linux/import_precheck']
+  env: ['CGO_ENABLED=0']
+- name: 'golang'
+  dir: 'cli_tools/import_precheck'
+  args: ['go', 'build', '-o=/workspace/windows/import_precheck.exe']
+  env: ['GOOS=windows']
+
+# Build gce_vm_image_import.
+- name: 'golang'
+  dir: 'cli_tools/gce_vm_image_import'
+  args: ['go', 'build', '-o=/workspace/linux/gce_vm_image_import']
+  env: ['CGO_ENABLED=0']
+- name: 'gcr.io/kaniko-project/executor:v1.1.0'
+  args:
+  - --destination=gcr.io/$PROJECT_ID/gce_vm_image_import:$_RELEASE
+  - --destination=gcr.io/$PROJECT_ID/gce_vm_image_import:$COMMIT_SHA
+  - --destination=gcr.io/$PROJECT_ID/gce_vm_image_import:$_WORKFLOW_EXECUTION_ID
+  - --context=/workspace
+  - --dockerfile=gce_vm_image_import.Dockerfile
+
+# Build gce_onestep_image_import.
+- name: 'golang'
+  dir: 'cli_tools/gce_onestep_image_import'
+  args: ['go', 'build', '-o=/workspace/linux/gce_onestep_image_import']
+  env: ['CGO_ENABLED=0']
+- name: 'gcr.io/kaniko-project/executor:v1.1.0'
+  args:
+  - --destination=gcr.io/$PROJECT_ID/gce_onestep_image_import:$_RELEASE
+  - --destination=gcr.io/$PROJECT_ID/gce_onestep_image_import:$COMMIT_SHA
+  - --destination=gcr.io/$PROJECT_ID/gce_onestep_image_import:$_WORKFLOW_EXECUTION_ID
+  - --context=/workspace
+  - --dockerfile=gce_onestep_image_import.Dockerfile
+
+# Build gce_vm_image_export.
+- name: 'golang'
+  dir: 'cli_tools/gce_vm_image_export'
+  args: ['go', 'build', '-o=/workspace/linux/gce_vm_image_export']
+  env: ['CGO_ENABLED=0']
+- name: 'gcr.io/kaniko-project/executor:v1.1.0'
+  args:
+  - --destination=gcr.io/$PROJECT_ID/gce_vm_image_export:$_RELEASE
+  - --destination=gcr.io/$PROJECT_ID/gce_vm_image_export:$COMMIT_SHA
+  - --destination=gcr.io/$PROJECT_ID/gce_vm_image_export:$_WORKFLOW_EXECUTION_ID
+  - --context=/workspace
+  - --dockerfile=gce_vm_image_export.Dockerfile
+
+# Build gce_ovf_import.
+- name: 'golang'
+  dir: 'cli_tools/gce_ovf_import'
+  args: ['go', 'build', '-o=/workspace/linux/gce_ovf_import']
+  env: ['CGO_ENABLED=0']
+- name: 'gcr.io/kaniko-project/executor:v1.1.0'
+  args:
+  - --destination=gcr.io/$PROJECT_ID/gce_ovf_import:$_RELEASE
+  - --destination=gcr.io/$PROJECT_ID/gce_ovf_import:$COMMIT_SHA
+  - --destination=gcr.io/$PROJECT_ID/gce_ovf_import:$_WORKFLOW_EXECUTION_ID
+  - --context=/workspace
+  - --dockerfile=gce_ovf_import.Dockerfile
+
+# Build gce_ovf_export.
+- name: 'golang'
+  dir: 'cli_tools/gce_ovf_export'
+  args: ['go', 'build', '-o=/workspace/linux/gce_ovf_export']
+  env: ['CGO_ENABLED=0']
+- name: 'gcr.io/kaniko-project/executor:v1.1.0'
+  args:
+  - --destination=gcr.io/$PROJECT_ID/gce_ovf_export:$_RELEASE
+  - --destination=gcr.io/$PROJECT_ID/gce_ovf_export:$COMMIT_SHA
+  - --destination=gcr.io/$PROJECT_ID/gce_ovf_export:$_WORKFLOW_EXECUTION_ID
+  - --context=/workspace
+  - --dockerfile=gce_ovf_export.Dockerfile
+
+# Build gce_windows_upgrade.
+- name: 'golang'
+  dir: 'cli_tools/gce_windows_upgrade'
+  args: ['go', 'build', '-o=/workspace/linux/gce_windows_upgrade']
+  env: ['CGO_ENABLED=0']
+- name: 'gcr.io/kaniko-project/executor:v1.1.0'
+  args:
+  - --destination=gcr.io/$PROJECT_ID/gce_windows_upgrade:$_RELEASE
+  - --destination=gcr.io/$PROJECT_ID/gce_windows_upgrade:$COMMIT_SHA
+  - --destination=gcr.io/$PROJECT_ID/gce_windows_upgrade:$_WORKFLOW_EXECUTION_ID
+  - --context=/workspace
+  - --dockerfile=gce_windows_upgrade.Dockerfile
+
+# Copy Linux binaries to GCS
+- name: 'gcr.io/cloud-builders/gsutil'
+  args: ['cp', '/workspace/linux/*', 'gs://$PROJECT_ID/$_RELEASE/linux/']
+
+# Copy Windows binaries to GCS
+- name: 'gcr.io/cloud-builders/gsutil'
+  args: ['cp', '/workspace/windows/*', 'gs://$PROJECT_ID/$_RELEASE/windows/']
+
+# Copy OSX binaries to GCS
+- name: 'gcr.io/cloud-builders/gsutil'
+  args: ['cp', '/workspace/darwin/*', 'gs://$PROJECT_ID/$_RELEASE/darwin/']
+
+
+# TODO: Make binaries world-readable.
+#- name: 'gcr.io/cloud-builders/gsutil'
+#  args: ['-m', 'acl', '-r', 'ch', '-u', 'AllUsers:R', 'gs://$PROJECT_ID/$_RELEASE/*']

rollout/cli_tools_cloudbuild_deploy.yaml

@@ -0,0 +1,46 @@
+timeout: 5400s
+
+options:
+
+steps:
+# Deploy given tools to given locations. Expect 2 vars substitutions, examples:
+# 1. $_REGIONS="us;us-east1;us-east2"
+# 2. $_TOOLS="gve_vm_image_import;gce_vm_image_export"
+# The script will pull the built docker images from gcr.io (container registry),
+# and then push to artifacts registry (e.g. us-east1-docker.pkg.dev/compute-image-tools/wrappers/gce_vm_image_import)
+# with 3 tags: the workflow execution ID, the commit SHA, and the "release".
+# 1. The workflow execution ID is used to track which workflow produced the image.
+# It's specifically useful when the original workflow was failed and we resumed it.
+# 2. The commit SHA is used to track which version of source code produced the image.
+# 3. The "release" tag marks it as the current effective image.
+- name: 'google/cloud-sdk:alpine'
+  args:
+  - 'bash'
+  - '-c'
+  - |
+    REGIONS_ARR=$(echo "$_REGIONS" | tr ";" "\n")
+    TOOLS_ARR=$(echo "$_TOOLS" | tr ";" "\n")
+
+    for _TOOL in $$TOOLS_ARR
+    do
+      echo "----> Preparing docker images for $$_TOOL..."
+      docker pull gcr.io/$PROJECT_ID/$$_TOOL:$_WORKFLOW_EXECUTION_ID || exit 1
+    done
+
+
+    for _REGION in $$REGIONS_ARR
+    do
+      for _TOOL in $$TOOLS_ARR
+      do
+        echo "--> Deploying... $$_TOOL -> $$_REGION"
+
+        docker tag gcr.io/$PROJECT_ID/$$_TOOL:$_WORKFLOW_EXECUTION_ID $$_REGION-docker.pkg.dev/$PROJECT_ID/wrappers/$$_TOOL:$_WORKFLOW_EXECUTION_ID || exit 1
+        docker tag gcr.io/$PROJECT_ID/$$_TOOL:$_WORKFLOW_EXECUTION_ID $$_REGION-docker.pkg.dev/$PROJECT_ID/wrappers/$$_TOOL:$COMMIT_SHA || exit 1
+        docker tag gcr.io/$PROJECT_ID/$$_TOOL:$_WORKFLOW_EXECUTION_ID $$_REGION-docker.pkg.dev/$PROJECT_ID/wrappers/$$_TOOL:release || exit 1
+
+        docker push $$_REGION-docker.pkg.dev/$PROJECT_ID/wrappers/$$_TOOL:$_WORKFLOW_EXECUTION_ID || exit 1
+        docker push $$_REGION-docker.pkg.dev/$PROJECT_ID/wrappers/$$_TOOL:$COMMIT_SHA || exit 1
+        docker push $$_REGION-docker.pkg.dev/$PROJECT_ID/wrappers/$$_TOOL:release || exit 1
+      done
+      echo "----> Deployed all tools for $$_REGION"
+    done

rollout/cli_tools_cloudbuild_release_workflow.yaml

@@ -0,0 +1,20 @@
+# Simply trigger the workflow to start the rollout schedule.
+
+timeout: 30s
+
+options:
+
+steps:
+- name: 'google/cloud-sdk:alpine'
+  args:
+    - 'bash'
+    - '-c'
+    - 'gcloud workflows execute workflow-gradually-rollout$_TEST_SUFFIX
+        --project=$PROJECT_ID
+        --data="{
+          \"rolloutPhase\":{$_ROLLOUT_PHASES},
+          \"tools\":\"gce_vm_image_import;gce_vm_image_export;gce_onestep_image_import;gce_ovf_import;gce_ovf_export;gce_windows_upgrade\",
+          \"tagName\":\"$TAG_NAME\",
+          \"waitPeriod\":\"$_WAIT_PERIOD\"
+        }"'
+  env: ['CGO_ENABLED=0']