From fc73522084f44de819146028a4b790076767c136 Mon Sep 17 00:00:00 2001 From: Arturo Reuschenbach Puncernau Date: Fri, 18 Jul 2025 13:11:32 +0200 Subject: [PATCH 1/6] chore(greenhouse): adds long sha as a tag to the release --- .github/workflows/build-push-greenhouse-image.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/build-push-greenhouse-image.yaml b/.github/workflows/build-push-greenhouse-image.yaml index 77933dbb49..1e0a525b14 100644 --- a/.github/workflows/build-push-greenhouse-image.yaml +++ b/.github/workflows/build-push-greenhouse-image.yaml @@ -92,6 +92,7 @@ jobs: tags: | type=semver,pattern={{major}}.{{minor}}.{{patch}},value=${{ steps.read_version.outputs.IMAGE_VERSION }} type=sha,enable=true,format=short,prefix= + type=raw,value=${{ github.sha }} labels: | org.opencontainers.image.description=${{env.DESCRIPTION}} org.opencontainers.image.title=Greenhouse-UI From 46f7702a8a9f028cbd6e898823bf32ea160f3686 Mon Sep 17 00:00:00 2001 From: Arturo Reuschenbach Puncernau Date: Fri, 18 Jul 2025 13:38:58 +0200 Subject: [PATCH 2/6] chore(ci): test workflow with failing jobs --- .github/workflows/test.yaml | 53 +++++++++++++++++++++++++++++++++++++ 1 file changed, 53 insertions(+) create mode 100644 .github/workflows/test.yaml diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml new file mode 100644 index 0000000000..00c278341c --- /dev/null +++ b/.github/workflows/test.yaml @@ -0,0 +1,53 @@ +name: Test + +on: + pull_request: + types: + - opened + - reopened + - synchronize + - closed + +jobs: + build-and-push: + name: Build and Push Some Image + runs-on: [default] + + steps: + - name: produce an error + run: exit 1 + - name: Set failure output + id: set-failure-output + if: failure() + run: echo "failed=build-and-push" >> $GITHUB_OUTPUT + + vulnerability-scan: + name: Build and Push Some Image + runs-on: [default] + + steps: + - name: produce an error + run: exit 1 + - name: Set failure output + id: set-failure-output + if: failure() + run: echo "failed=vulnerability-scan" >> $GITHUB_OUTPUT + + notify-on-failure: + if: failure() + permissions: + contents: read + needs: [build-and-push, vulnerability-scan] + uses: cloudoperators/juno/.github/workflows/shared-slack-notification.yaml@main + with: + title: "🚨 TESTING WORKFLOW WITH FAILING JOB NAME 🚨" + body: | + An error occurred while building the Greenhouse image for the branch `${{ github.head_ref || github.ref_name }}`. + + ❌ Failing jobs: + - ${{ needs.build-and-push.outputs.failed }} + - ${{ needs.vulnerability-scan.outputs.failed }} + + <${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|Check the logs> + secrets: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} From 63ac2f28db00926a39d40c7e51cf2b5f434cb178 Mon Sep 17 00:00:00 2001 From: Arturo Reuschenbach Puncernau Date: Fri, 18 Jul 2025 13:43:15 +0200 Subject: [PATCH 3/6] chore(ci): adds outcome --- .github/workflows/test.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 00c278341c..eb09c4b19a 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -12,6 +12,8 @@ jobs: build-and-push: name: Build and Push Some Image runs-on: [default] + outputs: + failed: ${{ steps.set-failure-output.outcome }} steps: - name: produce an error @@ -24,6 +26,8 @@ jobs: vulnerability-scan: name: Build and Push Some Image runs-on: [default] + outputs: + failed: ${{ steps.set-failure-output.outcome }} steps: - name: produce an error From 9d2bdf9859001050ea079f6572c135d2200ab16b Mon Sep 17 00:00:00 2001 From: Arturo Reuschenbach Puncernau Date: Fri, 18 Jul 2025 13:46:04 +0200 Subject: [PATCH 4/6] chore(ci): ouput the right var --- .github/workflows/test.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index eb09c4b19a..85873a9648 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -13,7 +13,7 @@ jobs: name: Build and Push Some Image runs-on: [default] outputs: - failed: ${{ steps.set-failure-output.outcome }} + failed: ${{ steps.set-failure-output.outputs.failed }} steps: - name: produce an error @@ -27,7 +27,7 @@ jobs: name: Build and Push Some Image runs-on: [default] outputs: - failed: ${{ steps.set-failure-output.outcome }} + failed: ${{ steps.set-failure-output.outputs.failed }} steps: - name: produce an error From 60a70916d52aff4d4b220c02205edc51871b5e62 Mon Sep 17 00:00:00 2001 From: Arturo Reuschenbach Puncernau Date: Fri, 18 Jul 2025 13:51:53 +0200 Subject: [PATCH 5/6] chore(ci): extends message with failing jobs --- .../build-push-greenhouse-image.yaml | 24 ++++++++++++++++-- .../workflows/build-push-supernova-image.yaml | 25 ++++++++++++++++--- 2 files changed, 44 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build-push-greenhouse-image.yaml b/.github/workflows/build-push-greenhouse-image.yaml index 1e0a525b14..89ca78b535 100644 --- a/.github/workflows/build-push-greenhouse-image.yaml +++ b/.github/workflows/build-push-greenhouse-image.yaml @@ -31,7 +31,8 @@ jobs: build-and-push: name: Build and Push Greenhouse Dashboard Image runs-on: [default] - + outputs: + failed: ${{ steps.set-failure-output.outputs.failed }} permissions: contents: read packages: write @@ -125,6 +126,11 @@ jobs: # against the sigstore community Fulcio instance. run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST} + - name: Set failure output + id: set-failure-output + if: failure() + run: echo "failed=build-and-push" >> $GITHUB_OUTPUT + vulnerability-scan: permissions: contents: read @@ -133,6 +139,8 @@ jobs: name: Vulnerability Scan needs: build-and-push runs-on: [default] + outputs: + failed: ${{ steps.set-failure-output.outputs.failed }} steps: - name: Run Trivy vulnerability scanner uses: aquasecurity/trivy-action@76071ef0d7ec797419534a183b498b4d6366cf37 # 0.31.0 @@ -164,6 +172,11 @@ jobs: with: sarif_file: trivy-results.sarif + - name: Set failure output + id: set-failure-output + if: failure() + run: echo "failed=vulnerability-scan" >> $GITHUB_OUTPUT + notify-on-failure: if: failure() permissions: @@ -172,6 +185,13 @@ jobs: uses: cloudoperators/juno/.github/workflows/shared-slack-notification.yaml@main with: title: "🚨 JUNO Greenhouse Image Failed 🚨" - body: "An error occurred while building the Greenhouse image for the branch ${{ github.head_ref || github.ref_name }}. Please check the logs for more information. <${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|Check the logs>" + body: | + An error occurred while building the Greenhouse image for the branch `${{ github.head_ref || github.ref_name }}`. + + ❌ Failing jobs: + - ${{ needs.build-and-push.outputs.failed }} + - ${{ needs.vulnerability-scan.outputs.failed }} + + <${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|Check the logs> secrets: SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} diff --git a/.github/workflows/build-push-supernova-image.yaml b/.github/workflows/build-push-supernova-image.yaml index aa24886802..e655a6dae0 100644 --- a/.github/workflows/build-push-supernova-image.yaml +++ b/.github/workflows/build-push-supernova-image.yaml @@ -26,7 +26,8 @@ jobs: build-and-push: name: Build and push Supernova image runs-on: [default] - + outputs: + failed: ${{ steps.set-failure-output.outputs.failed }} permissions: contents: read packages: write @@ -143,16 +144,22 @@ jobs: # against the sigstore community Fulcio instance. run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST} + - name: Set failure output + id: set-failure-output + if: failure() + run: echo "failed=build-and-push" >> $GITHUB_OUTPUT + vulnerability-scan: if: success() permissions: contents: read packages: read security-events: write - name: Vulnerability Scan needs: build-and-push runs-on: [default] + outputs: + failed: ${{ steps.set-failure-output.outputs.failed }} steps: - name: Run Trivy vulnerability scanner uses: aquasecurity/trivy-action@76071ef0d7ec797419534a183b498b4d6366cf37 # 0.31.0 @@ -184,6 +191,11 @@ jobs: with: sarif_file: trivy-results.sarif + - name: Set failure output + id: set-failure-output + if: failure() + run: echo "failed=vulnerability-scan" >> $GITHUB_OUTPUT + notify-on-failure: if: failure() permissions: @@ -192,6 +204,13 @@ jobs: uses: cloudoperators/juno/.github/workflows/shared-slack-notification.yaml@main with: title: "🚨 JUNO Supernova Image Failed 🚨" - body: "An error occurred while building the Supernova image for the branch ${{ github.head_ref || github.ref_name }}. Please check the logs for more information. <${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|Check the logs>" + body: | + An error occurred while building the Supernova image for the branch `${{ github.head_ref || github.ref_name }}`. + + ❌ Failing jobs: + - ${{ needs.build-and-push.outputs.failed }} + - ${{ needs.vulnerability-scan.outputs.failed }} + + <${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|Check the logs> secrets: SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} From 1fff6c37e821b9690d74dc8423d3c9431f50a516 Mon Sep 17 00:00:00 2001 From: Arturo Reuschenbach Puncernau Date: Fri, 18 Jul 2025 13:52:21 +0200 Subject: [PATCH 6/6] chore(ci): removes tests --- .github/workflows/test.yaml | 57 ------------------------------------- 1 file changed, 57 deletions(-) delete mode 100644 .github/workflows/test.yaml diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml deleted file mode 100644 index 85873a9648..0000000000 --- a/.github/workflows/test.yaml +++ /dev/null @@ -1,57 +0,0 @@ -name: Test - -on: - pull_request: - types: - - opened - - reopened - - synchronize - - closed - -jobs: - build-and-push: - name: Build and Push Some Image - runs-on: [default] - outputs: - failed: ${{ steps.set-failure-output.outputs.failed }} - - steps: - - name: produce an error - run: exit 1 - - name: Set failure output - id: set-failure-output - if: failure() - run: echo "failed=build-and-push" >> $GITHUB_OUTPUT - - vulnerability-scan: - name: Build and Push Some Image - runs-on: [default] - outputs: - failed: ${{ steps.set-failure-output.outputs.failed }} - - steps: - - name: produce an error - run: exit 1 - - name: Set failure output - id: set-failure-output - if: failure() - run: echo "failed=vulnerability-scan" >> $GITHUB_OUTPUT - - notify-on-failure: - if: failure() - permissions: - contents: read - needs: [build-and-push, vulnerability-scan] - uses: cloudoperators/juno/.github/workflows/shared-slack-notification.yaml@main - with: - title: "🚨 TESTING WORKFLOW WITH FAILING JOB NAME 🚨" - body: | - An error occurred while building the Greenhouse image for the branch `${{ github.head_ref || github.ref_name }}`. - - ❌ Failing jobs: - - ${{ needs.build-and-push.outputs.failed }} - - ${{ needs.vulnerability-scan.outputs.failed }} - - <${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|Check the logs> - secrets: - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}