devops folders consolidate

2026-01-25 23:27:41 +02:00
parent 6e687b523a
commit a743bb9a1d
613 changed files with 8611 additions and 41846 deletions
--- a/devops/services/export/minio-compose.yml
+++ b/devops/services/export/minio-compose.yml
@@ -1,21 +0,0 @@
-version: '3.8'
-services:
-  minio:
-    image: minio/minio:RELEASE.2024-10-08T09-56-18Z
-    command: server /data --console-address ":9001"
-    environment:
-      MINIO_ROOT_USER: exportci
-      MINIO_ROOT_PASSWORD: exportci123
-    ports:
-      - "9000:9000"
-      - "9001:9001"
-    volumes:
-      - minio-data:/data
-    healthcheck:
-      test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
-      interval: 5s
-      timeout: 3s
-      retries: 5
-volumes:
-  minio-data:
-    driver: local
--- a/devops/services/export/seed-minio.sh
+++ b/devops/services/export/seed-minio.sh
@@ -1,23 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-MINIO_ENDPOINT=${MINIO_ENDPOINT:-http://localhost:9000}
-MINIO_ACCESS_KEY=${MINIO_ACCESS_KEY:-exportci}
-MINIO_SECRET_KEY=${MINIO_SECRET_KEY:-exportci123}
-BUCKET=${BUCKET:-export-ci}
-TMP=$(mktemp)
-cleanup(){ rm -f "$TMP"; }
-trap cleanup EXIT
-
-cat > "$TMP" <<'DATA'
-{"id":"exp-001","object":"s3://export-ci/sample-export.ndjson","status":"ready"}
-DATA
-
-export AWS_ACCESS_KEY_ID="$MINIO_ACCESS_KEY"
-export AWS_SECRET_ACCESS_KEY="$MINIO_SECRET_KEY"
-export AWS_EC2_METADATA_DISABLED=true
-
-if ! aws --endpoint-url "$MINIO_ENDPOINT" s3 ls "s3://$BUCKET" >/dev/null 2>&1; then
-  aws --endpoint-url "$MINIO_ENDPOINT" s3 mb "s3://$BUCKET"
-fi
-aws --endpoint-url "$MINIO_ENDPOINT" s3 cp "$TMP" "s3://$BUCKET/sample-export.ndjson"
-echo "Seeded $BUCKET/sample-export.ndjson"
--- a/devops/services/export/trivy-smoke.sh
+++ b/devops/services/export/trivy-smoke.sh
@@ -1,51 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-# Smoke tests for Trivy compatibility and OCI distribution for Export Center.
-ROOT=${ROOT:-$(cd "$(dirname "$0")/../.." && pwd)}
-ARTifacts=${ARTifacts:-$ROOT/out/export-smoke}
-mkdir -p "$ARTifacts"
-
-# 1) Trivy DB import compatibility
-TRIVY_VERSION="0.52.2"
-TRIVY_BIN="$ARTifacts/trivy"
-if [[ ! -x "$TRIVY_BIN" ]]; then
-  curl -fsSL "https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz" -o "$ARTifacts/trivy.tgz"
-  tar -xzf "$ARTifacts/trivy.tgz" -C "$ARTifacts" trivy
-fi
-"$TRIVY_BIN" module db import --help > "$ARTifacts/trivy-import-help.txt"
-
-# 2) OCI distribution check (local registry)
-REGISTRY_PORT=${REGISTRY_PORT:-5005}
-REGISTRY_DIR="$ARTifacts/registry"
-mkdir -p "$REGISTRY_DIR"
-podman run --rm -d -p "${REGISTRY_PORT}:5000" --name export-registry -v "$REGISTRY_DIR":/var/lib/registry registry:2
-trap 'podman rm -f export-registry >/dev/null 2>&1 || true' EXIT
-sleep 2
-
-echo '{"schemaVersion":2,"manifests":[]}' > "$ARTifacts/empty-index.json"
-DIGEST=$(sha256sum "$ARTifacts/empty-index.json" | awk '{print $1}')
-mkdir -p "$ARTifacts/blobs/sha256"
-cp "$ARTifacts/empty-index.json" "$ARTifacts/blobs/sha256/$DIGEST"
-
-# Push blob and manifest via curl
-cat > "$ARTifacts/manifest.json" <<JSON
-{
-  "schemaVersion": 2,
-  "mediaType": "application/vnd.oci.image.manifest.v1+json",
-  "config": {
-    "mediaType": "application/vnd.oci.image.config.v1+json",
-    "size": 2,
-    "digest": "sha256:d4735e3a265e16eee03f59718b9b5d03d68c8ffa19c2f8f71b66e08d6c6f2c1a"
-  },
-  "layers": []
-}
-JSON
-MAN_DIGEST=$(sha256sum "$ARTifacts/manifest.json" | awk '{print $1}')
-
-curl -sSf -X PUT "http://localhost:${REGISTRY_PORT}/v2/export-smoke/blobs/uploads/" -H 'Content-Length: 0' -o "$ARTifacts/upload-location.txt"
-UPLOAD_URL=$(cat "$ARTifacts/upload-location.txt" | tr -d '\r\n')
-
-curl -sSf -X PUT "${UPLOAD_URL}?digest=sha256:${MAN_DIGEST}" --data-binary "@$ARTifacts/manifest.json"
-
-curl -sSf "http://localhost:${REGISTRY_PORT}/v2/export-smoke/manifests/sha256:${MAN_DIGEST}" -o "$ARTifacts/manifest.pull.json"
-echo "trivy smoke + oci registry ok" > "$ARTifacts/result.txt"