improve CI/CD (#12)

jodevsa · Mar 19, 2022 · c64f43d · c64f43d
1 parent 1baf9a9
commit c64f43d
Show file tree

Hide file tree

Showing 9 changed files with 109 additions and 134 deletions.
diff --git a/.github/workflows/build-publish-operator-bundle.yaml b/.github/workflows/build-publish-operator-bundle.yaml
diff --git a/.github/workflows/build-publish-operator-image.yaml b/.github/workflows/build-publish-operator-image.yaml
@@ -13,18 +13,38 @@ on:
 
 env:
   REGISTRY: ghcr.io
-  IMAGE_NAME: ${{ github.repository }}-operator
+  IMAGE_NAME: ${{ github.repository }}
 
 jobs:
-  build-and-push-image:
+  build-and-test:
     runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+
+    - name: Set up Go
+      uses: actions/setup-go@v2
+      with:
+        go-version: 1.16
+
+    - name: Test
+      run: make test
+
+  build-and-push-operator-image:
+    runs-on: ubuntu-latest
+    needs: [build-and-push-wireguard-image]
     permissions:
       contents: read
       packages: write
 
     steps:
       - name: Checkout repository
         uses: actions/checkout@v2
+
+      - name: load wireguard image url
+        env: 
+          WIREGUARD_IMAGE: ${{ needs.build-and-push-wireguard-image.outputs.image }}
+        run : |
+          printf "WIREGUARD_IMAGE: \"$WIREGUARD_IMAGE\"" > release-config.yaml
 
       - name: Log in to the Container registry
         uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9
@@ -37,7 +57,10 @@ jobs:
         id: meta
         uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
         with:
-          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=ref,event=branch
+            type=sha,format=long
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/operator
 
       - name: Build and push Docker image
         uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc
@@ -46,7 +69,71 @@ jobs:
           push: true
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
+    outputs: 
+      image: ${{ steps.meta.outputs.tags }}
+
+  build-and-push-wireguard-image:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v2
 
+      - name: Log in to the Container registry
+        uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
 
-    - name: update release config
-      run: echo ${{ steps.meta }}
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
+        with:
+          tags: |
+            type=ref,event=branch
+            type=sha,format=long
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/wireguard
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc
+        with:
+          context: ./wireguard-image
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+
+    outputs: 
+      image: ${{ steps.meta.outputs.tags }}
+
+  save-release:
+    needs: [build-and-push-operator-image, build-and-push-wireguard-image]
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v2
+        with:
+          persist-credentials: false # otherwise, the token used is the GITHUB_TOKEN, instead of your personal access token.
+          fetch-depth: 0 # otherwise, there would be errors pushing refs to the destination repository.
+
+      - name: prepare new release
+        env: 
+          OPERATOR_IMAGE: ${{ needs.build-and-push-operator-image.outputs.image }}
+          WIREGUARD_IMAGE: ${{ needs.build-and-push-wireguard-image.outputs.image }}
+        run : |
+          git config --local user.email "jodevsa@gmail.com"
+          git config --local user.name "Github action"
+          printf "WIREGUARD_IMAGE: \"$WIREGUARD_IMAGE\"\nOPERATOR_IMAGE: \"$OPERATOR_IMAGE\"" > release-config.yaml
+          make update-controller-image
+          git add release-config.yaml
+          git add config/manager/kustomization.yaml
+          git commit -m "new release" -a
+
+      - name: commit new release
+        uses: ad-m/github-push-action@master
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          branch: ${{ github.head_ref }}
diff --git a/.github/workflows/build-push-wireguard-image.yml b/.github/workflows/build-push-wireguard-image.yml
diff --git a/.github/workflows/test-operator.yml b/.github/workflows/test-operator.yml
diff --git a/Dockerfile b/Dockerfile
@@ -13,7 +13,6 @@ RUN go mod download
 COPY main.go main.go
 COPY api/ api/
 COPY controllers/ controllers/
-COPY release-config.yaml release-config.yaml
 
 # Build
 RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -a -o manager main.go
@@ -23,6 +22,7 @@ RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -a -o manager main.go
 FROM gcr.io/distroless/static:nonroot
 WORKDIR /
 COPY --from=builder /workspace/manager .
+COPY release-config.yaml release-config.yaml
 USER 65532:65532
 
 ENTRYPOINT ["/manager"]
diff --git a/Makefile b/Makefile
@@ -111,6 +111,9 @@ install: manifests kustomize ## Install CRDs into the K8s cluster specified in ~
 uninstall: manifests kustomize ## Uninstall CRDs from the K8s cluster specified in ~/.kube/config.
 	$(KUSTOMIZE) build config/crd | kubectl delete -f -
 
+update-controller-image: kustomize
+	cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG}
+
 deploy: manifests kustomize ## Deploy controller to the K8s cluster specified in ~/.kube/config.
 	cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG}
 	$(KUSTOMIZE) build config/default | kubectl apply -f -

diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml
@@ -12,5 +12,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 images:
 - name: controller
-  newName: ghcr.io/jodevsa/wireguard-operator-operator
-  newTag: main
+  newName: ghcr.io/jodevsa/wireguard-operator/operator
+  newTag: sha-6f04ef8fef3e7e685084b894b4ec9926e533aab7
diff --git a/main.go b/main.go
@@ -50,15 +50,6 @@ func init() {
 }
 
 func main() {
-	viper.SetConfigName("release-config")
-	viper.SetConfigType("yaml")
-	viper.AddConfigPath("./")
-	err := viper.ReadInConfig()
-	if err != nil {
-		setupLog.Error(err, "Unable to read viper config")
-		os.Exit(1)
-	}
-
 	var metricsAddr string
 	var enableLeaderElection bool
 	var probeAddr string
@@ -75,6 +66,15 @@ func main() {
 
 	ctrl.SetLogger(zap.New(zap.UseFlagOptions(&opts)))
 
+	viper.SetConfigName("release-config")
+	viper.SetConfigType("yaml")
+	viper.AddConfigPath("./")
+	err := viper.ReadInConfig()
+	if err != nil {
+		setupLog.Error(err, "Unable to read viper config")
+		os.Exit(1)
+	}
+
 	mgr, err := ctrl.NewManager(ctrl.GetConfigOrDie(), ctrl.Options{
 		Scheme:                 scheme,
 		MetricsBindAddress:     metricsAddr,

diff --git a/release-config.yaml b/release-config.yaml
@@ -1,2 +1,2 @@
-WIREGUARD_IMAGE: "ghcr.io/jodevsa/wireguard-operator-wireguard-image:main"
-OPERATOR_IMAGE: "ghcr.io/jodevsa/wireguard-operator-operator:main"
+WIREGUARD_IMAGE: "ghcr.io/jodevsa/wireguard-operator/wireguard:sha-6f04ef8fef3e7e685084b894b4ec9926e533aab7"
+OPERATOR_IMAGE: "ghcr.io/jodevsa/wireguard-operator/operator:sha-6f04ef8fef3e7e685084b894b4ec9926e533aab7"