feat: add latest cluster image and update deploy docs. (#3484)

* update sealos cloud deploy docs. * fix tls gen and add latest cluster image.
labring · Jul 10, 2023 · 7df69f2 · 7df69f2
1 parent 1570909
commit 7df69f2
Show file tree

Hide file tree

Showing 6 changed files with 62 additions and 22 deletions.
diff --git a/.github/workflows/cloud.yml b/.github/workflows/cloud.yml
@@ -3,6 +3,10 @@ name: Build Cloud Cluster image
 on:
   release:
     types: [ published ]
+  workflow_run:
+    workflows: [ "Build Controllers image", "Build Frontend Image" ]
+    types:
+      - completed
   workflow_dispatch:
     inputs:
       push_image:
@@ -95,7 +99,9 @@ jobs:
           sed -i "s#latest#${BuildFromTag}#g" etc/sealos/desktop-config.yaml
           sudo bash init.sh
           sudo sealos build  -t ${{ steps.prepare.outputs.repo }}:${{ steps.prepare.outputs.tag_name }} -f Kubefile
+          sudo sealos build  -t ${{ steps.prepare.outputs.repo }}:latest -f Kubefile
           sudo sealos push ${{ steps.prepare.outputs.repo }}:${{ steps.prepare.outputs.tag_name }}
+          sudo sealos push ${{ steps.prepare.outputs.repo }}:latest
 
       # todo: build multi-arch images
 

diff --git a/.github/workflows/controllers.yml b/.github/workflows/controllers.yml
@@ -210,10 +210,12 @@ jobs:
       - name: Prepare
         id: prepare
         run: |
-          bash ./scripts/resolve-tag-image.sh "${{ inputs.push_image }}" "${{ steps.check_tag.outputs.isTag }}"  "${{ inputs.push_image_tag }}"
+          tag_name=$(bash ./scripts/resolve-tag-image.sh "${{ inputs.push_image }}" "${{ steps.check_tag.outputs.isTag }}"  "${{ inputs.push_image_tag }}")
           echo old_docker_repo=ghcr.io/labring/sealos-${{ matrix.module.name }}-controller >> $GITHUB_OUTPUT
           echo new_docker_repo=ghcr.io/${{ github.repository_owner }}/sealos-${{ matrix.module.name }}-controller >> $GITHUB_OUTPUT
           echo cluster_repo=ghcr.io/${{ github.repository_owner }}/sealos-cloud-${{ matrix.module.name }}-controller >> $GITHUB_OUTPUT
+          echo cluster_image=ghcr.io/${{ github.repository_owner }}/sealos-cloud-${{ matrix.module.name }}-controller:${tag_name} >> $GITHUB_OUTPUT
+          echo latest_cluster_image=ghcr.io/${{ github.repository_owner }}/sealos-cloud-${{ matrix.module.name }}-controller:latest >> $GITHUB_OUTPUT
 
       - name: Download sealos
         uses: actions/download-artifact@v3
@@ -240,22 +242,38 @@ jobs:
       - name: Build ${{ matrix.module.name }}-controller cluster image
         working-directory: controllers/${{ matrix.module.path }}/deploy
         run: |
-          CLUSTER_IMAGE_NAME=${{ steps.prepare.outputs.cluster_repo }}:${{ steps.prepare.outputs.tag_name }}
-          sudo sealos build -t ${CLUSTER_IMAGE_NAME}-amd64 --platform linux/amd64 -f Kubefile
+          sudo sealos build -t ${{ steps.prepare.outputs.cluster_image }}-amd64 --platform linux/amd64 -f Kubefile
+          sudo sealos build -t ${{ steps.prepare.outputs.latest_cluster_image }}-amd64 --platform linux/amd64 -f Kubefile
           # delete old registry cache
           sudo rm -rf registry
-          sudo sealos build -t ${CLUSTER_IMAGE_NAME}-arm64 --platform linux/arm64 -f Kubefile
+          sudo sealos build -t ${{ steps.prepare.outputs.cluster_image }}-arm64 --platform linux/arm64 -f Kubefile
+          sudo sealos build -t ${{ steps.prepare.outputs.latest_cluster_image }}-arm64 --platform linux/arm64 -f Kubefile
 
       - name: Manifest Cluster Images
         # if push to master, then patch images to ghcr.io
         run: |
-          CLUSTER_IMAGE_NAME=${{ steps.prepare.outputs.cluster_repo }}:${{ steps.prepare.outputs.tag_name }}
           sudo sealos images
-          bash docker/patch/manifest-cluster-images.sh $CLUSTER_IMAGE_NAME
+          bash docker/patch/manifest-cluster-images.sh ${{ steps.prepare.outputs.cluster_image }}
+          bash docker/patch/manifest-cluster-images.sh ${{ steps.prepare.outputs.latest_cluster_image }}
         env:
           OWNER: ${{ github.repository_owner }}
 
-      - name: Renew issue and Sync Images
+      - name: Renew issue and Sync Images for ${{ steps.prepare.outputs.cluster_image }}
+        uses: labring/gh-rebot@v0.0.6
+        if: ${{ github.repository_owner == env.DEFAULT_OWNER }}
+        with:
+          version: v0.0.8-rc1
+        env:
+          GH_TOKEN: "${{ secrets.GH_PAT }}"
+          SEALOS_TYPE: "issue_renew"
+          SEALOS_ISSUE_TITLE: "[DaylyReport] Auto build for sealos"
+          SEALOS_ISSUE_BODYFILE: "scripts/ISSUE_RENEW.md"
+          SEALOS_ISSUE_LABEL: "dayly-report"
+          SEALOS_ISSUE_TYPE: "day"
+          SEALOS_ISSUE_REPO: "labring-actions/cluster-image"
+          SEALOS_COMMENT_BODY: "/imagesync ${{ steps.prepare.outputs.cluster_image }}"
+
+      - name: Renew issue and Sync Images for ${{ steps.prepare.outputs.latest_cluster_image }}
         uses: labring/gh-rebot@v0.0.6
         if: ${{ github.repository_owner == env.DEFAULT_OWNER }}
         with:
@@ -268,4 +286,4 @@ jobs:
           SEALOS_ISSUE_LABEL: "dayly-report"
           SEALOS_ISSUE_TYPE: "day"
           SEALOS_ISSUE_REPO: "labring-actions/cluster-image"
-          SEALOS_COMMENT_BODY: "/imagesync ghcr.io/${{ github.repository_owner }}/sealos-cloud-${{ matrix.module.name }}-controller:${{ steps.prepare.outputs.tag_name }}"
+          SEALOS_COMMENT_BODY: "/imagesync ${{ steps.prepare.outputs.latest_cluster_image }}"
diff --git a/.github/workflows/frontend.yml b/.github/workflows/frontend.yml
@@ -164,6 +164,7 @@ jobs:
           echo new_docker_image=ghcr.io/${{ github.repository_owner }}/sealos-${{ env.MODULE_NAME }}-frontend:${tag_name} >> $GITHUB_OUTPUT
           echo cluster_repo=ghcr.io/${{ github.repository_owner }}/sealos-cloud-${{ env.MODULE_NAME }}-frontend >> $GITHUB_OUTPUT
           echo cluster_image=ghcr.io/${{ github.repository_owner }}/sealos-cloud-${{ env.MODULE_NAME }}-frontend:${tag_name} >> $GITHUB_OUTPUT
+          echo latest_cluster_image=ghcr.io/${{ github.repository_owner }}/sealos-cloud-${{ env.MODULE_NAME }}-frontend:latest >> $GITHUB_OUTPUT
 
       - name: Download sealos
         uses: actions/download-artifact@v3
@@ -185,19 +186,21 @@ jobs:
         run: |
           sudo sed -i "s;${{ steps.prepare.outputs.old_docker_image }};${{ steps.prepare.outputs.new_docker_image }};" manifests/*
           sudo sealos build -t ${{ steps.prepare.outputs.cluster_image }}-amd64 --platform linux/amd64 -f Kubefile
+          sudo sealos build -t ${{ steps.prepare.outputs.latest_cluster_image }}-amd64 --platform linux/amd64 -f Kubefile
           # delete old registry cache
           sudo rm -rf registry
           sudo sealos build -t ${{ steps.prepare.outputs.cluster_image }}-arm64 --platform linux/arm64 -f Kubefile
+          sudo sealos build -t ${{ steps.prepare.outputs.latest_cluster_image }}-arm64 --platform linux/arm64 -f Kubefile
 
       - name: Manifest Cluster Images
         run: |
-          CLUSTER_IMAGE_NAME=${{ steps.prepare.outputs.cluster_image }}
           sudo sealos images
-          bash docker/patch/manifest-cluster-images.sh $CLUSTER_IMAGE_NAME
+          bash docker/patch/manifest-cluster-images.sh ${{ steps.prepare.outputs.cluster_image }}
+          bash docker/patch/manifest-cluster-images.sh ${{ steps.prepare.outputs.latest_cluster_image }}
         env:
           OWNER: ${{ github.repository_owner }}
 
-      - name: Renew issue and Sync Images
+      - name: Renew issue and Sync Images for ${{ steps.prepare.outputs.cluster_image }}
         uses: labring/gh-rebot@v0.0.6
         if: ${{ github.repository_owner == env.DEFAULT_OWNER }}
         with:
@@ -210,4 +213,19 @@ jobs:
           SEALOS_ISSUE_LABEL: "dayly-report"
           SEALOS_ISSUE_TYPE: "day"
           SEALOS_ISSUE_REPO: "labring-actions/cluster-image"
-          SEALOS_COMMENT_BODY: "/imagesync ghcr.io/${{ github.repository_owner }}/sealos-cloud-${{ env.MODULE_NAME }}-frontend:${{ steps.prepare.outputs.tag_name }}"
+          SEALOS_COMMENT_BODY: "/imagesync ${{ steps.prepare.outputs.cluster_image }}"
+
+      - name: Renew issue and Sync Images for ${{ steps.prepare.outputs.latest_cluster_image }}
+        uses: labring/gh-rebot@v0.0.6
+        if: ${{ github.repository_owner == env.DEFAULT_OWNER }}
+        with:
+          version: v0.0.8-rc1
+        env:
+          GH_TOKEN: "${{ secrets.GH_PAT }}"
+          SEALOS_TYPE: "issue_renew"
+          SEALOS_ISSUE_TITLE: "[DaylyReport] Auto build for sealos"
+          SEALOS_ISSUE_BODYFILE: "scripts/ISSUE_RENEW.md"
+          SEALOS_ISSUE_LABEL: "dayly-report"
+          SEALOS_ISSUE_TYPE: "day"
+          SEALOS_ISSUE_REPO: "labring-actions/cluster-image"
+          SEALOS_COMMENT_BODY: "/imagesync ${{ steps.prepare.outputs.latest_cluster_image }}"
diff --git a/deploy/cloud/README.md b/deploy/cloud/README.md
@@ -22,19 +22,18 @@ Here is one way to get a TLS cert by using acme.sh with alidns.
 
     acme.sh --issue --dns dns_ali -d "127.0.0.1.nip.io" -d "*.127.0.0.1.nip.io"
     ```
-
 4. base64 encode your cert and key, and save the output which will be used in the next step
     ```shell
-        base64 -w 0 ~/.acme.sh/${<your domian path>}/fullchain.cer
-        base64 -w 0 ~/.acme.sh/${<your domian path>}/${<your domian>}.key
+    base64 -w 0 ~/.acme.sh/${<your domian path>}/fullchain.cer
+    base64 -w 0 ~/.acme.sh/${<your domian path>}/${<your domian>}.key
     ```
 
 Other dns api please read: https://github.com/acmesh-official/acme.sh/wiki/dnsapi
 
 #### Using self-signed cert
 We provide a self-signed cert for you to test by default if you didn't provide a cert. You can replace it with your own cert.
 
-### Kubernetes cluster
+### Kubernetes Setup
 Please read sealos doc to create a kubernetes cluster: https://sealos.io/en/docs/lifecycle-management/quick-start/installation
 
 ```shell
@@ -54,7 +53,7 @@ sealos apply -f Clusterfile
 
 Note: if you want to change pod cidr, please edit the `Clusterfile` before run `sealos apply`
 
-### Ingress-nginx
+### Ingress-nginx setup
 We use ingress-nginx to expose our services. You can install ingress-nginx by using sealos:
 
 Create `ingress-nginx-config.yaml` file
@@ -83,9 +82,10 @@ Install ingress-nginx and switch to NodePort mode
 sealos run docker.io/labring/ingress-nginx:v1.5.1 --config-file ingress-nginx-config.yaml
 ```
 
-### Save your cert file to a sealos config file
+## run sealos cloud cluster image
 
-You can skip this step if you use the self-signed cert that we provide by default.
+### Generate TLS config file
+You can skip this step if you use the self-signed cert that we provide by default. 
 
 Please make sure `spec.match` is the same as the image you want to run and the registry name such as ghcr.io/docker.io can
 
@@ -105,7 +105,6 @@ spec:
       tls.key: <your-tls.key-base64>
 ```
 
-## run sealos cloud cluster image
 ```shell
 sealos run docker.io/labring/sealos-cloud:latest\
     --env cloudDomain="127.0.0.1.nip.io"\

diff --git a/deploy/cloud/scripts/init.sh b/deploy/cloud/scripts/init.sh
@@ -19,7 +19,7 @@ function mock_tls {
   fi
 
   mkdir -p etc/tls
-  openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout etc/tls/tls.key -out etc/tls/tls.crt -subj "/CN=$1" -addext "subjectAltName=DNS:*.$1" > /dev/null
+  openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout etc/tls/tls.key -out etc/tls/tls.crt -subj "/CN=$1" -addext "subjectAltName=DNS:$1,DNS:*.$1" >/dev/null 2>&1
   sed -i -e "s;$tlsCrtPlaceholder;$(base64 -w 0 etc/tls/tls.crt);" -e "s;$tlsKeyPlaceholder;$(base64 -w 0 etc/tls/tls.key);" manifests/tls-secret.yaml
 }
 

diff --git a/frontend/providers/terminal/deploy/images/shim/imagelist b/frontend/providers/terminal/deploy/images/shim/imagelist