Add just Recipies, Playbooks, & Zuul Jobs

just recepies (prelimiary):
- Apply Cluster Stack to K8s-Cluster
- Check for ClusterStack being created (Draft)
- Apply Test Cluster Ressource to K8s Cluster

Playbooks and Zuul Jobs for:
- Uploading Assets for PR and Post-Merge Runs
- Creating Chore Branches based on changes to versions.yaml at al.

Signed-off-by: Oliver Kautz <oliver.kautz@gonicus.de>

.zuul.yaml

@@ -53,6 +53,41 @@
       scs_compliance:
         enabled: true
 
+## Cluster Stack Asset and Chore Jobs.
+## TODO: Adjust parent to a job that sets up credentials for registry and GH token, i.e. playbook definiton
+# - job:
+#     name: publish-cluster-stack-assets
+#     parent: base
+#     description: |
+#       Creates Cluster Stack Assets and uploads them to the configured OCI Registry.
+#       If used in a PR, Assets with a hashed version will be used. Otherwise, a 
+#       new release is build.
+#     timeout: 900 # 15m
+#     pre-run: playbooks/dependencies.yaml
+#     run: playbooks/upload_assets.yaml
+
+# - job:
+#     name: publish-cluster-stack-release-assets
+#     parent: publish-cluster-stack-assets
+#     description: |
+#       Creates Cluster Stack Assets and uploads them to the configured OCI Registry.
+#       If used in a PR, Assets with a hashed version will be used. Otherwise, a 
+#       new release is build.
+#     timeout: 900 # 15m
+#     pre-run: playbooks/dependencies.yaml
+#     run: playbooks/upload_assets.yaml
+#     vars:
+#       is_pr: False
+
+# - job:
+#     name: cluster-stacks-chore
+#     parent: base
+#     description: |
+#       Creates Cluster Stack manifests with updated versions and opens chore branches
+#       and PRs against the correspondend release branches. 
+#     timeout: 900 # 15m
+#     pre-run: playbooks/dependencies.yaml
+#     run: playbooks/create_chore_branches.yaml
 
 - project:
     name: SovereignCloudStack/cluster-stacks

justfile

@@ -14,6 +14,7 @@ workingBranchPrefix := "chore/update-"
 targetBranchPrefix := "release-"
 
 # For Cluster Stack creation
+
 mgmtcluster := "contextName"
 mgmcluster_namespace := "NamespaceName"
 
@@ -30,7 +31,7 @@ help: default
 dependencies:
     #!/usr/bin/env bash
     set -euo pipefail
-    
+
     if ! which csctl >/dev/null 2>&1; then
       echo -e "\e[33m\e[1mcsctl not found, building it from source.\e[0m"
       mkdir -p bin
@@ -138,7 +139,6 @@ build-version VERSION:
       ./hack/generate_version.py --target-version {{ replace(VERSION, "-", ".") }}
     fi
 
-
 # Build assets for a certain Kubernetes Version. Out directory needs to be present.
 [group('Build Assets')]
 build-assets-local-for VERSION: dependencies
@@ -176,7 +176,7 @@ build-assets-all-local: build-versions-all
 
 # Publish assets to OCI registry
 [group('Release')]
-publish-assets VERSION: 
+publish-assets VERSION:
     #!/usr/bin/env bash
     if [[ -e providers/openstack/out/{{ replace(VERSION, ".", "-") }} ]]; then
       if [[ -n ${OCI_REGISTRY} && \ 
@@ -202,11 +202,16 @@ publish-assets-all:
 
 # Publish new release of providers/openstack/scs
 [group('Release')]
+publish-test-release: dependencies
+    csctl create -m hash --publish --remote oci providers/openstack/scs/
+
+# Publish new release of providers/openstack/scs
 [confirm('Are you sure to publish a new stable release? (y|n)')]
+[group('Release')]
 publish-release: dependencies
     csctl create --publish --remote oci providers/openstack/scs/
 
-# Remove old branches that had been merged to main 
+# Remove old branches that had been merged to main
 [group('git')]
 git-clean:
     git branch --merged | grep -Ev "(^\*|^\+|^release/\+|main)" | xargs --no-run-if-empty git branch -d
@@ -217,17 +222,17 @@ git-chore-branch VERSION: && (gh-create-chore-pr VERSION)
     #!/usr/bin/env bash
     set -euo pipefail
     currentBranch=$(git branch --show-current)
-    if git show-ref -q  --branches {{ workingBranchPrefix }}{{replace(VERSION, "-", ".") }}; then
+    if git show-ref -q  --branches {{ workingBranchPrefix }}{{ replace(VERSION, "-", ".") }}; then
       # Switch to branch if it exists
-      git switch {{ workingBranchPrefix }}{{replace(VERSION, "-", ".") }}
+      git switch {{ workingBranchPrefix }}{{ replace(VERSION, "-", ".") }}
     else
       # Create branch and switch to it
-      git switch -c {{ workingBranchPrefix }}{{replace(VERSION, "-", ".") }}
+      git switch -c {{ workingBranchPrefix }}{{ replace(VERSION, "-", ".") }}
     fi
-    cp -r providers/openstack/out/{{replace(VERSION, ".", "-") }}/* providers/openstack/scs/
+    cp -r providers/openstack/out/{{ replace(VERSION, ".", "-") }}/* providers/openstack/scs/
     git add providers/openstack/scs/
-    git commit -s -m "chore(versions): Update Release for {{replace(VERSION, "-", ".") }}"
-    git push --set-upstream origin {{ workingBranchPrefix }}{{replace(VERSION, "-", ".") }}
+    git commit -s -m "chore(versions): Update Release for {{ replace(VERSION, "-", ".") }}"
+    git push --set-upstream origin {{ workingBranchPrefix }}{{ replace(VERSION, "-", ".") }}
     git switch ${currentBranch}
 
 # Create chore branches for all available out versions
@@ -273,9 +278,9 @@ gh-create-chore-pr VERSION: gh-login
     if ! which gh >/dev/null 2>&1; then
       echo "GitHub CLI not installed."
     else
-      gh pr --title "chore(versions): Update Release for {{replace(VERSION, "-", ".") }}" \
-            --head {{ workingBranchPrefix }}{{replace(VERSION, "-", ".") }} \
-            --base {{ targetBranchPrefix }}{{replace(VERSION, "-", ".") }} \
+      gh pr --title "chore(versions): Update Release for {{ replace(VERSION, "-", ".") }}" \
+            --head {{ workingBranchPrefix }}{{ replace(VERSION, "-", ".") }} \
+            --base {{ targetBranchPrefix }}{{ replace(VERSION, "-", ".") }} \
             --dry-run
     fi
 
@@ -286,23 +291,23 @@ create-clusterstack PATH:
     set -euo pipefail
     # Given directory name
     directory_name=".release/$PATH"
-    
+
     # Extract parts from the directory name
     IFS='/' read -ra PARTS <<<"$directory_name"
     IFS='-' read -ra PARTS <<<"${PARTS[1]}"
-    
+
     provider="${PARTS[0]}"
     name="${PARTS[1]}"
     kubernetes_major_version="${PARTS[2]}"
     kubernetes_minor_version="${PARTS[3]}"
     version="${PARTS[4]}-${PARTS[5]}.${PARTS[6]}"
     channel="custom"
-    
+
     if [[ -z ${PARTS[6]} ]]; then
       version="${PARTS[4]}"
       channel="stable"
     fi
-    
+
     Create the YAML structure
     clusterstack_yaml=$(cat <<-EOF
       ---
@@ -324,7 +329,7 @@ create-clusterstack PATH:
         - ${version}
       EOF
     )
-    
+
     echo "$clusterstack" | kubectl apply -f -
 
 # UNTESTED RECIPE: Check on Cluster Stack creation
@@ -357,7 +362,7 @@ check-clusterstack NAME:
 create-cluster VERSION CLASS:
     #!/usr/bin/env bash
     set -euo pipefail
-    cluster_manifest=<<-EOF
+    cluster_manifest=$(cat <<-EOF
       ---
       apiVersion: cluster.x-k8s.io/v1beta1
       kind: Cluster
@@ -377,4 +382,5 @@ create-cluster VERSION CLASS:
                 name: md-0
                 replicas: 1
       EOF
+    )
     echo "${cluster_manifest}" | kubectl apply -f -

playbooks/create_chore_branches.yaml

@@ -0,0 +1,27 @@
+---
+# This Play should be used on PRs against release branches to upload Release Assets to SCS Registry
+- name: "Create Chore Branches and PRs"
+  hosts: "all"
+  vars:
+    install_dir: "{{ ansible_user_dir }}/.local/bin"
+    github_token: ""
+  environment:
+    PATH: "{{ install_dir }}:{{ ansible_env.PATH }}"
+  tasks:
+    - name: "Install Just"
+      ansible.builtin.command:
+        cmd: "curl --proto '=https' --tlsv1.2 -sSf https://just.systems/install.sh | bash -s -- --to {{ ansible_user_dir }}/.local/bin/"
+        creates: "{{ ansible_user_dir }}/.local/bin/just"
+    - name: "Ensure just env file"
+      ansible.builtin.copy:
+        src: "{{ zuul.project.src_dir}}/just.env.example"
+        dest: "{{ zuul.project.src_dir}}/just.env"
+    - name: "Set Enviroments variables for just"
+      ansible.builtin.lineinfile:
+        path: "{{ zuul.project.src_dir}}/just.env"
+        regexp: '^GH_TOKEN='
+        line: "GH_TOKEN={{ github_token }}"
+    - name: "Build Versions"
+      ansible.builtin.command: "just --working-directory {{ zuul.project.src_dir}} --just-file {{ zuul.project.src_dir}}/justfile build-versions"
+    - name: "Create Chore PRs"
+      ansible.builtin.command: "just --working-directory {{ zuul.project.src_dir}} --just-file {{ zuul.project.src_dir}}/justfile git-chore-branches-all"

playbooks/upload_assets.yaml

@@ -0,0 +1,37 @@
+---
+# This Play should be used on PRs against release branches to upload Release Assets to SCS Registry
+- name: "Upload Assets"
+  hosts: "all"
+  vars:
+    install_dir: "{{ ansible_user_dir }}/.local/bin"
+    is_pr: True # Set to False for Runs after merge.
+    registry_credentials:
+      OCI_REGISTRY: "registry.scs.community"
+      OCI_REPOSITORY: "registry.scs.community/cluster-stacks/scs"
+      OCI_USERNAME: ""
+      OCI_PASSWORD: ""
+  environment:
+    PATH: "{{ install_dir }}:{{ ansible_env.PATH }}"
+  tasks:
+    - name: "Install Just"
+      ansible.builtin.command:
+        cmd: "curl --proto '=https' --tlsv1.2 -sSf https://just.systems/install.sh | bash -s -- --to {{ ansible_user_dir }}/.local/bin/"
+        creates: "{{ ansible_user_dir }}/.local/bin/just"
+    - name: "Ensure just env file"
+      ansible.builtin.copy:
+        src: "{{ zuul.project.src_dir}}/just.env.example"
+        dest: "{{ zuul.project.src_dir}}/just.env"
+    - name: "Set Enviroments variables for just"
+      ansible.builtin.lineinfile:
+        path: "{{ zuul.project.src_dir}}/just.env"
+        regexp: '^{{ item.key }}='
+        line: "{{ item.key }}={{ item.value }}"
+      loop: "{{registry_credentials | dict2items }}"
+    - name: "Upload Preliminary Assets"
+      ansible.builtin.cmd:
+        cmd: "just --working-directory {{ zuul.project.src_dir}} --just-file {{ zuul.project.src_dir}}/justfile publish-test-release"
+      when: is_pr
+    - name: "Upload Release Assets"
+      ansible.builtin.cmd:
+        cmd: "just --yes --working-directory {{ zuul.project.src_dir}} --just-file {{ zuul.project.src_dir}}/justfile publish-release"
+      when: not is_pr