From 4acf13cd0f540da0a3bc2de633a3c582dab2cc9d Mon Sep 17 00:00:00 2001 From: Helder Santana Date: Mon, 5 Dec 2022 17:29:34 +0100 Subject: [PATCH 01/15] Add GH action that handle community release --- .github/actions/openshift-release/Dockerfile | 12 ++++++ .github/actions/openshift-release/action.yaml | 18 +++++++++ .../actions/openshift-release/entrypoint.sh | 37 +++++++++++++++++++ 3 files changed, 67 insertions(+) create mode 100644 .github/actions/openshift-release/Dockerfile create mode 100644 .github/actions/openshift-release/action.yaml create mode 100644 .github/actions/openshift-release/entrypoint.sh diff --git a/.github/actions/openshift-release/Dockerfile b/.github/actions/openshift-release/Dockerfile new file mode 100644 index 0000000000..e1e4219cb4 --- /dev/null +++ b/.github/actions/openshift-release/Dockerfile @@ -0,0 +1,12 @@ +FROM alpine:latest + +RUN apk update && \ + apk add --no-cache libc6-compat curl tar git sed + +RUN curl -Lo tmp/ghcli.tar.gz https://github.com/cli/cli/releases/download/v2.20.2/gh_2.20.2_linux_386.tar.gz && \ + tar --strip-components=1 -xf tmp/ghcli.tar.gz -C /usr/local && \ + rm tmp/ghcli.tar.gz + +COPY entrypoint.sh /entrypoint.sh + +ENTRYPOINT ["/entrypoint.sh"] \ No newline at end of file diff --git a/.github/actions/openshift-release/action.yaml b/.github/actions/openshift-release/action.yaml new file mode 100644 index 0000000000..f68f070eb9 --- /dev/null +++ b/.github/actions/openshift-release/action.yaml @@ -0,0 +1,18 @@ +name: 'Redhat Release' +description: 'Create release PRs Redhat operator-hub and openshift ecosystem (community and certified)' +inputs: + GITHUB_TOKEN: + description: "Github Action token" + required: true + VERSION: + description: "Operator version" + required: true + REPOSITORY: + description: "Repository where to create the pull request" + required: true + CERTIFIED: + description: "Prepare pull request for certification process" + required: false +runs: + using: 'docker' + image: 'Dockerfile' \ No newline at end of file diff --git a/.github/actions/openshift-release/entrypoint.sh b/.github/actions/openshift-release/entrypoint.sh new file mode 100644 index 0000000000..4da39b5adf --- /dev/null +++ b/.github/actions/openshift-release/entrypoint.sh @@ -0,0 +1,37 @@ +#!/bin/bash + +set -eou pipefail + +if [ -z "${VERSION+x}" ]; then + echo "Operator version is not set" + exit 1 +fi + +if [ -z "${REPOSITORY+x}" ]; then + echo "Repository to create PR is not set" + exit 1 +fi + +git config --global --add safe.directory /github/workspace + +gh repo fork --clone "${REPOSITORY}" repository + +REPO_PATH="repository/operators/mongodb-atlas-kubernetes" +mkdir "${REPO_PATH}/${VERSION}" +cp -r bundle.Dockerfile bundle/manifests bundle/metadata bundle/tests "${REPO_PATH}/${VERSION}" + +cd "${REPO_PATH}" +git fetch upstream main +git reset --hard upstream/main + +# replace the move instructions in the docker file +sed -i.bak 's/COPY bundle\/manifests/COPY manifests/' "${VERSION}/bundle.Dockerfile" +sed -i.bak 's/COPY bundle\/metadata/COPY metadata/' "${VERSION}/bundle.Dockerfile" +sed -i.bak 's/COPY bundle\/tests\/scorecard/COPY tests\/scorecard/' "${VERSION}/bundle.Dockerfile" +rm "${VERSION}/bundle.Dockerfile.bak" + +# commit +git checkout -b "mongodb-atlas-operator-community-${VERSION}" +git add "operators/mongodb-atlas-kubernetes/${VERSION}" +git commit -m "MongoDB Atlas Operator ${VERSION}" --signoff +# git push origin "mongodb-atlas-operator-community-${VERSION}" \ No newline at end of file From 7d4cd3f846cd601175dbd61006847db7d2bdb118 Mon Sep 17 00:00:00 2001 From: Helder Santana Date: Mon, 5 Dec 2022 17:29:55 +0100 Subject: [PATCH 02/15] Add workflow to do openshift release --- .github/workflows/release-openshift.yaml | 33 ++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 .github/workflows/release-openshift.yaml diff --git a/.github/workflows/release-openshift.yaml b/.github/workflows/release-openshift.yaml new file mode 100644 index 0000000000..3cd33bf46b --- /dev/null +++ b/.github/workflows/release-openshift.yaml @@ -0,0 +1,33 @@ +name: Openshift Release +on: + workflow_dispatch: + inputs: + version: + description: "Release version:" + required: true +jobs: + create-release-pr: + name: "Create Pull request for openshift release" + runs-on: ubuntu-latest + env: + VERSION: ${{ github.event.inputs.version }} + strategy: + fail-fast: false + matrix: + repositories: + - repository: git@github.com:mongodb-forks/community-operators.git + certified: false + #- repository: git@github.com:mongodb-forks/certified-operators.git + # certified: false + #- repository: git@github.com:mongodb-forks/certified-operators.git + # certified: true + steps: + - name: Check out code + uses: actions/checkout@v3.1.0 + with: + fetch-depth: 0 + - name: Create pull requests + uses: ./.github/actions/openshift-release + env: + REPOSITORY: "${{ matrix.repositories.repository }}" + CERTIFIED: "${{ matrix.repositories.certified }}" \ No newline at end of file From 3a3e6728765ef856370bf2dcd9dbeae20275ccda Mon Sep 17 00:00:00 2001 From: Helder Santana Date: Mon, 5 Dec 2022 17:37:55 +0100 Subject: [PATCH 03/15] add trigger to enable test --- .github/workflows/release-openshift.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/release-openshift.yaml b/.github/workflows/release-openshift.yaml index 3cd33bf46b..4f031a7d79 100644 --- a/.github/workflows/release-openshift.yaml +++ b/.github/workflows/release-openshift.yaml @@ -1,5 +1,8 @@ name: Openshift Release on: + push: + branches: + - CLOUDP-143633-automate-opnshift-release workflow_dispatch: inputs: version: From 1e7de27ca3c98b12fda9c62ad2210f3ec30c0bc8 Mon Sep 17 00:00:00 2001 From: Helder Santana Date: Mon, 5 Dec 2022 17:43:17 +0100 Subject: [PATCH 04/15] add exec permission to entrypoint --- .github/actions/openshift-release/Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/actions/openshift-release/Dockerfile b/.github/actions/openshift-release/Dockerfile index e1e4219cb4..854da23951 100644 --- a/.github/actions/openshift-release/Dockerfile +++ b/.github/actions/openshift-release/Dockerfile @@ -8,5 +8,6 @@ RUN curl -Lo tmp/ghcli.tar.gz https://github.com/cli/cli/releases/download/v2.20 rm tmp/ghcli.tar.gz COPY entrypoint.sh /entrypoint.sh +RUN chmod +x /entrypoint.sh ENTRYPOINT ["/entrypoint.sh"] \ No newline at end of file From 56dae21c69325be131fb4b3f064577ca9ac37283 Mon Sep 17 00:00:00 2001 From: Helder Santana Date: Mon, 5 Dec 2022 17:55:51 +0100 Subject: [PATCH 05/15] rename workflow --- .github/workflows/release-openshift.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release-openshift.yaml b/.github/workflows/release-openshift.yaml index 4f031a7d79..ae03f9ae92 100644 --- a/.github/workflows/release-openshift.yaml +++ b/.github/workflows/release-openshift.yaml @@ -1,4 +1,4 @@ -name: Openshift Release +name: Release Openshift on: push: branches: @@ -9,7 +9,7 @@ on: description: "Release version:" required: true jobs: - create-release-pr: + release-openshift: name: "Create Pull request for openshift release" runs-on: ubuntu-latest env: From d1108fc462dcb3477411068ea5b9f75dd18f7511 Mon Sep 17 00:00:00 2001 From: Helder Santana Date: Mon, 5 Dec 2022 18:10:21 +0100 Subject: [PATCH 06/15] add line break --- .github/actions/openshift-release/Dockerfile | 8 +++++--- .github/actions/openshift-release/action.yaml | 5 +---- .github/actions/openshift-release/entrypoint.sh | 4 ++-- .github/workflows/release-openshift.yaml | 3 ++- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/actions/openshift-release/Dockerfile b/.github/actions/openshift-release/Dockerfile index 854da23951..2bcca3726f 100644 --- a/.github/actions/openshift-release/Dockerfile +++ b/.github/actions/openshift-release/Dockerfile @@ -7,7 +7,9 @@ RUN curl -Lo tmp/ghcli.tar.gz https://github.com/cli/cli/releases/download/v2.20 tar --strip-components=1 -xf tmp/ghcli.tar.gz -C /usr/local && \ rm tmp/ghcli.tar.gz -COPY entrypoint.sh /entrypoint.sh -RUN chmod +x /entrypoint.sh +COPY entrypoint.sh /home/entrypoint.sh +RUN chmod +x /home/entrypoint.sh -ENTRYPOINT ["/entrypoint.sh"] \ No newline at end of file +RUN ls -lsa /home/entrypoint.sh && pwd + +ENTRYPOINT ["/home/entrypoint.sh"] diff --git a/.github/actions/openshift-release/action.yaml b/.github/actions/openshift-release/action.yaml index f68f070eb9..8c308c164d 100644 --- a/.github/actions/openshift-release/action.yaml +++ b/.github/actions/openshift-release/action.yaml @@ -1,9 +1,6 @@ name: 'Redhat Release' description: 'Create release PRs Redhat operator-hub and openshift ecosystem (community and certified)' inputs: - GITHUB_TOKEN: - description: "Github Action token" - required: true VERSION: description: "Operator version" required: true @@ -15,4 +12,4 @@ inputs: required: false runs: using: 'docker' - image: 'Dockerfile' \ No newline at end of file + image: 'Dockerfile' diff --git a/.github/actions/openshift-release/entrypoint.sh b/.github/actions/openshift-release/entrypoint.sh index 4da39b5adf..1ff2f493b1 100644 --- a/.github/actions/openshift-release/entrypoint.sh +++ b/.github/actions/openshift-release/entrypoint.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/sh set -eou pipefail @@ -34,4 +34,4 @@ rm "${VERSION}/bundle.Dockerfile.bak" git checkout -b "mongodb-atlas-operator-community-${VERSION}" git add "operators/mongodb-atlas-kubernetes/${VERSION}" git commit -m "MongoDB Atlas Operator ${VERSION}" --signoff -# git push origin "mongodb-atlas-operator-community-${VERSION}" \ No newline at end of file +# git push origin "mongodb-atlas-operator-community-${VERSION}" diff --git a/.github/workflows/release-openshift.yaml b/.github/workflows/release-openshift.yaml index ae03f9ae92..0f094d54fb 100644 --- a/.github/workflows/release-openshift.yaml +++ b/.github/workflows/release-openshift.yaml @@ -13,6 +13,7 @@ jobs: name: "Create Pull request for openshift release" runs-on: ubuntu-latest env: + GH_TOKEN: ${{ github.token }} VERSION: ${{ github.event.inputs.version }} strategy: fail-fast: false @@ -33,4 +34,4 @@ jobs: uses: ./.github/actions/openshift-release env: REPOSITORY: "${{ matrix.repositories.repository }}" - CERTIFIED: "${{ matrix.repositories.certified }}" \ No newline at end of file + CERTIFIED: "${{ matrix.repositories.certified }}" From d2252592a7ab4bec9c000c05ed9ce1cd5e8a83c1 Mon Sep 17 00:00:00 2001 From: Helder Santana Date: Tue, 6 Dec 2022 17:19:32 +0100 Subject: [PATCH 07/15] fail when version was already created --- .github/actions/openshift-release/Dockerfile | 4 +--- .../actions/openshift-release/entrypoint.sh | 22 +++++++++++++++---- .github/workflows/release-openshift.yaml | 20 ++++++++--------- 3 files changed, 29 insertions(+), 17 deletions(-) diff --git a/.github/actions/openshift-release/Dockerfile b/.github/actions/openshift-release/Dockerfile index 2bcca3726f..8f001caf54 100644 --- a/.github/actions/openshift-release/Dockerfile +++ b/.github/actions/openshift-release/Dockerfile @@ -1,7 +1,7 @@ FROM alpine:latest RUN apk update && \ - apk add --no-cache libc6-compat curl tar git sed + apk add --no-cache libc6-compat curl tar git sed bash RUN curl -Lo tmp/ghcli.tar.gz https://github.com/cli/cli/releases/download/v2.20.2/gh_2.20.2_linux_386.tar.gz && \ tar --strip-components=1 -xf tmp/ghcli.tar.gz -C /usr/local && \ @@ -10,6 +10,4 @@ RUN curl -Lo tmp/ghcli.tar.gz https://github.com/cli/cli/releases/download/v2.20 COPY entrypoint.sh /home/entrypoint.sh RUN chmod +x /home/entrypoint.sh -RUN ls -lsa /home/entrypoint.sh && pwd - ENTRYPOINT ["/home/entrypoint.sh"] diff --git a/.github/actions/openshift-release/entrypoint.sh b/.github/actions/openshift-release/entrypoint.sh index 1ff2f493b1..503ba20443 100644 --- a/.github/actions/openshift-release/entrypoint.sh +++ b/.github/actions/openshift-release/entrypoint.sh @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/bash set -eou pipefail @@ -12,15 +12,29 @@ if [ -z "${REPOSITORY+x}" ]; then exit 1 fi +echo $VERSION +echo $REPOSITORY +echo $CERTIFIED + git config --global --add safe.directory /github/workspace -gh repo fork --clone "${REPOSITORY}" repository +mkdir -p "../${REPOSITORY}" + +gh repo fork --clone "${REPOSITORY}" "../${REPOSITORY}" + +REPO_PATH="../${REPOSITORY}/operators/mongodb-atlas-kubernetes" + +ls -lsa "${REPO_PATH}" + +if [ -d "${REPO_PATH}/${VERSION}" ]; then + echo "version already exist in repository" + exit 1 +fi -REPO_PATH="repository/operators/mongodb-atlas-kubernetes" mkdir "${REPO_PATH}/${VERSION}" cp -r bundle.Dockerfile bundle/manifests bundle/metadata bundle/tests "${REPO_PATH}/${VERSION}" -cd "${REPO_PATH}" +cd "../${REPOSITORY}" git fetch upstream main git reset --hard upstream/main diff --git a/.github/workflows/release-openshift.yaml b/.github/workflows/release-openshift.yaml index 0f094d54fb..1de7bf423d 100644 --- a/.github/workflows/release-openshift.yaml +++ b/.github/workflows/release-openshift.yaml @@ -13,16 +13,15 @@ jobs: name: "Create Pull request for openshift release" runs-on: ubuntu-latest env: - GH_TOKEN: ${{ github.token }} - VERSION: ${{ github.event.inputs.version }} + GH_TOKEN: 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 #${{ github.token }} strategy: - fail-fast: false matrix: - repositories: - - repository: git@github.com:mongodb-forks/community-operators.git + repository: ["k8s-operatorhub/community-operators"] # , "redhat-openshift-ecosystem/community-operators-prod"] + include: + - repository: "k8s-operatorhub/community-operators" + certified: false + - repository: "redhat-openshift-ecosystem/community-operators-prod" certified: false - #- repository: git@github.com:mongodb-forks/certified-operators.git - # certified: false #- repository: git@github.com:mongodb-forks/certified-operators.git # certified: true steps: @@ -32,6 +31,7 @@ jobs: fetch-depth: 0 - name: Create pull requests uses: ./.github/actions/openshift-release - env: - REPOSITORY: "${{ matrix.repositories.repository }}" - CERTIFIED: "${{ matrix.repositories.certified }}" + with: + VERSION: ${{ github.event.inputs.version }} + REPOSITORY: "${{ matrix.repository }}" + CERTIFIED: "${{ matrix.certified }}" From 76c26d3a13becc88cae252a240270b36400486be Mon Sep 17 00:00:00 2001 From: Helder Santana Date: Tue, 6 Dec 2022 18:38:36 +0100 Subject: [PATCH 08/15] non-certified release --- .../actions/openshift-release/entrypoint.sh | 36 ++++++++++--------- .github/workflows/release-openshift.yaml | 5 +-- 2 files changed, 23 insertions(+), 18 deletions(-) diff --git a/.github/actions/openshift-release/entrypoint.sh b/.github/actions/openshift-release/entrypoint.sh index 503ba20443..460ae79f26 100644 --- a/.github/actions/openshift-release/entrypoint.sh +++ b/.github/actions/openshift-release/entrypoint.sh @@ -12,40 +12,44 @@ if [ -z "${REPOSITORY+x}" ]; then exit 1 fi -echo $VERSION -echo $REPOSITORY -echo $CERTIFIED - -git config --global --add safe.directory /github/workspace +OPERATOR_PATH=$(pwd) mkdir -p "../${REPOSITORY}" +git config --global --add safe.directory /github/workspace gh repo fork --clone "${REPOSITORY}" "../${REPOSITORY}" -REPO_PATH="../${REPOSITORY}/operators/mongodb-atlas-kubernetes" - -ls -lsa "${REPO_PATH}" +REPO_PATH=$(realpath "../${REPOSITORY}/operators/mongodb-atlas-kubernetes") +cd "${REPO_PATH}" +git fetch upstream main +git reset --hard upstream/main -if [ -d "${REPO_PATH}/${VERSION}" ]; then +if [ -d "${VERSION}" ]; then echo "version already exist in repository" exit 1 fi -mkdir "${REPO_PATH}/${VERSION}" +mkdir "${VERSION}" +cd "${OPERATOR_PATH}" cp -r bundle.Dockerfile bundle/manifests bundle/metadata bundle/tests "${REPO_PATH}/${VERSION}" -cd "../${REPOSITORY}" -git fetch upstream main -git reset --hard upstream/main - # replace the move instructions in the docker file +cd "${REPO_PATH}" sed -i.bak 's/COPY bundle\/manifests/COPY manifests/' "${VERSION}/bundle.Dockerfile" sed -i.bak 's/COPY bundle\/metadata/COPY metadata/' "${VERSION}/bundle.Dockerfile" sed -i.bak 's/COPY bundle\/tests\/scorecard/COPY tests\/scorecard/' "${VERSION}/bundle.Dockerfile" rm "${VERSION}/bundle.Dockerfile.bak" -# commit +# configure git user +git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com" +git config --global user.name "github-actions[bot]" + +# commit, push and open PR git checkout -b "mongodb-atlas-operator-community-${VERSION}" -git add "operators/mongodb-atlas-kubernetes/${VERSION}" +git add "${VERSION}" +git status git commit -m "MongoDB Atlas Operator ${VERSION}" --signoff # git push origin "mongodb-atlas-operator-community-${VERSION}" +# gh pr create \ +# --title "operator mongodb-atlas-kubernetes (${VERSION})" \ +# --assignee "${ASSIGNEES}" diff --git a/.github/workflows/release-openshift.yaml b/.github/workflows/release-openshift.yaml index 1de7bf423d..cd0186ff73 100644 --- a/.github/workflows/release-openshift.yaml +++ b/.github/workflows/release-openshift.yaml @@ -20,8 +20,8 @@ jobs: include: - repository: "k8s-operatorhub/community-operators" certified: false - - repository: "redhat-openshift-ecosystem/community-operators-prod" - certified: false + #- repository: "redhat-openshift-ecosystem/community-operators-prod" + # certified: false #- repository: git@github.com:mongodb-forks/certified-operators.git # certified: true steps: @@ -35,3 +35,4 @@ jobs: VERSION: ${{ github.event.inputs.version }} REPOSITORY: "${{ matrix.repository }}" CERTIFIED: "${{ matrix.certified }}" + ASSIGNEES: "priyolahiri,fabritsius,igor-karpukhin,sugar-pack,helderjs" From 6d0c8afb1b5eb6dd1c810cda22a07f5ee4b31c06 Mon Sep 17 00:00:00 2001 From: Helder Santana Date: Tue, 6 Dec 2022 18:48:39 +0100 Subject: [PATCH 09/15] remove and revoke token --- .github/workflows/release-openshift.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release-openshift.yaml b/.github/workflows/release-openshift.yaml index cd0186ff73..ae044da74a 100644 --- a/.github/workflows/release-openshift.yaml +++ b/.github/workflows/release-openshift.yaml @@ -13,7 +13,7 @@ jobs: name: "Create Pull request for openshift release" runs-on: ubuntu-latest env: - GH_TOKEN: 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 #${{ github.token }} + GH_TOKEN: ${{ github.token }} strategy: matrix: repository: ["k8s-operatorhub/community-operators"] # , "redhat-openshift-ecosystem/community-operators-prod"] From 9c28a2f747a95b7bb470a27a30ee30a5fd8adef0 Mon Sep 17 00:00:00 2001 From: Helder Santana Date: Wed, 7 Dec 2022 19:07:29 +0100 Subject: [PATCH 10/15] refactor the job into multiple steps --- .github/workflows/release-openshift.yaml | 96 +++++++++++++++++++++--- 1 file changed, 84 insertions(+), 12 deletions(-) diff --git a/.github/workflows/release-openshift.yaml b/.github/workflows/release-openshift.yaml index ae044da74a..795f2ef919 100644 --- a/.github/workflows/release-openshift.yaml +++ b/.github/workflows/release-openshift.yaml @@ -13,26 +13,98 @@ jobs: name: "Create Pull request for openshift release" runs-on: ubuntu-latest env: - GH_TOKEN: ${{ github.token }} + GITHUB_TOKEN: ${{ github.token }} + REPO_PATH: "operators/mongodb-atlas-kubernetes" strategy: matrix: - repository: ["k8s-operatorhub/community-operators"] # , "redhat-openshift-ecosystem/community-operators-prod"] + repository: ["mongodb-forks/community-operators", "mongodb-forks/certified-operators"] + #repository: ["mongodb-forks/community-operators"] # , "redhat-openshift-ecosystem/community-operators-prod"] include: - - repository: "k8s-operatorhub/community-operators" - certified: false + # - repository: "mongodb-forks/community-operators" + # certified: false #- repository: "redhat-openshift-ecosystem/community-operators-prod" # certified: false - #- repository: git@github.com:mongodb-forks/certified-operators.git - # certified: true + - repository: "mongodb-forks/certified-operators" + certified: true steps: - - name: Check out code + - name: Clone/Checkout Atlas Operator uses: actions/checkout@v3.1.0 with: + ref: main + path: "mongodb-atlas-kubernetes" fetch-depth: 0 - - name: Create pull requests - uses: ./.github/actions/openshift-release + - name: Clone/Checkout releases repositories + uses: actions/checkout@v3.1.0 with: + repository: ${{ matrix.repository }} + ref: main + path: ${{ matrix.repository }} + token: ${{ github.token }} + - name: Prepare version + env: + VERSION: ${{ github.event.inputs.version }} + REPOSITORY: ${{ matrix.repository }} + run: | + cd $REPOSITORY + mkdir -p "${REPO_PATH}/${VERSION}" + + cd ../../mongodb-atlas-kubernetes + cp -r bundle.Dockerfile bundle/manifests bundle/metadata bundle/tests "../${REPOSITORY}/${REPO_PATH}/${VERSION}" + - name: Configure non-certified release + if: ${{ ! matrix.certified }} + env: + VERSION: ${{ github.event.inputs.version }} + REPOSITORY: ${{ matrix.repository }} + run: | + echo "Configure non-certified release" + cd "$REPOSITORY/$REPO_PATH" + sed -i.bak 's/COPY bundle\/manifests/COPY manifests/' "${VERSION}/bundle.Dockerfile" + sed -i.bak 's/COPY bundle\/metadata/COPY metadata/' "${VERSION}/bundle.Dockerfile" + sed -i.bak 's/COPY bundle\/tests\/scorecard/COPY tests\/scorecard/' "${VERSION}/bundle.Dockerfile" + rm "${VERSION}/bundle.Dockerfile.bak" + - name: Configure certified release + if: ${{ matrix.certified }} + env: VERSION: ${{ github.event.inputs.version }} - REPOSITORY: "${{ matrix.repository }}" - CERTIFIED: "${{ matrix.certified }}" - ASSIGNEES: "priyolahiri,fabritsius,igor-karpukhin,sugar-pack,helderjs" + REPOSITORY: ${{ matrix.repository }} + IMAGE: quay.io/mongodb/mongodb-atlas-kubernetes-operator + RH_CERTIFICATION_PYXIS_API_TOKEN: ${{ secrets.RH_CERTIFICATION_PYXIS_API_TOKEN }} + RH_CERTIFICATION_OSPID: ${{ secrets.RH_CERTIFICATION_OSPID }} + run: | + wget https://github.com/redhat-openshift-ecosystem/openshift-preflight/releases/download/1.4.0/preflight-linux-amd64 -O preflight -q + chmod +x ./preflight && sudo mv ./preflight /usr/local/bin/preflight + + preflight --version + podman --version + + podman login -u unused -p "${REGISTRY_TOKEN}" quay.io --authfile ./authfile.json + IMG_SHA=$("podman" inspect --format='{{ index .RepoDigests 0}}' "${IMAGE}":"${VERSION}") + + # Do the preflight check first + preflight check container "${IMG_SHA}" --docker-config=./authfile.json + + # Send results to RedHat if preflight finished without errors + preflight check container "${IMG_SHA}" \ + --submit \ + --pyxis-api-token="${RH_CERTIFICATION_PYXIS_API_TOKEN}" \ + --certification-project-id="${RH_CERTIFICATION_OSPID}" \ + --docker-config=./authfile.json + + # Replace image version with SHA256 + value="${IMG_SHA}" yq e -i '.spec.install.spec.deployments[0].spec.template.spec.containers[0].image = env(value)' \ + "${VERSION}"/manifests/mongodb-atlas-kubernetes.clusterserviceversion.yaml + + # Add skip range + value='">=0.8.0"' yq e -i '.spec.skipRange = env(value)' \ + "${VERSION}"/manifests/mongodb-atlas-kubernetes.clusterserviceversion.yaml + - name: test + run: | + pwd + ls -lsa +# - name: Create pull requests +# uses: ./.github/actions/openshift-release +# with: +# VERSION: ${{ github.event.inputs.version }} +# REPOSITORY: "${{ matrix.repository }}" +# CERTIFIED: "${{ matrix.certified }}" +# ASSIGNEES: "priyolahiri,fabritsius,igor-karpukhin,sugar-pack,helderjs" From 39fd45b0cea95be869f30e755d993b589291177f Mon Sep 17 00:00:00 2001 From: Helder Santana Date: Thu, 8 Dec 2022 17:41:11 +0100 Subject: [PATCH 11/15] finalize process --- .github/workflows/release-openshift.yaml | 52 ++++++++++++++---------- 1 file changed, 31 insertions(+), 21 deletions(-) diff --git a/.github/workflows/release-openshift.yaml b/.github/workflows/release-openshift.yaml index 795f2ef919..7dcc762f91 100644 --- a/.github/workflows/release-openshift.yaml +++ b/.github/workflows/release-openshift.yaml @@ -8,6 +8,7 @@ on: version: description: "Release version:" required: true + default: "1.5.1" jobs: release-openshift: name: "Create Pull request for openshift release" @@ -17,15 +18,12 @@ jobs: REPO_PATH: "operators/mongodb-atlas-kubernetes" strategy: matrix: - repository: ["mongodb-forks/community-operators", "mongodb-forks/certified-operators"] + #repository: ["mongodb-forks/community-operators", "mongodb-forks/certified-operators"] + repository: ["helderjs/community-operators"] #repository: ["mongodb-forks/community-operators"] # , "redhat-openshift-ecosystem/community-operators-prod"] - include: - # - repository: "mongodb-forks/community-operators" - # certified: false - #- repository: "redhat-openshift-ecosystem/community-operators-prod" - # certified: false - - repository: "mongodb-forks/certified-operators" - certified: true + #include: + # - repository: "mongodb-forks/certified-operators" + # certified: true steps: - name: Clone/Checkout Atlas Operator uses: actions/checkout@v3.1.0 @@ -75,10 +73,10 @@ jobs: chmod +x ./preflight && sudo mv ./preflight /usr/local/bin/preflight preflight --version - podman --version + docker --version - podman login -u unused -p "${REGISTRY_TOKEN}" quay.io --authfile ./authfile.json - IMG_SHA=$("podman" inspect --format='{{ index .RepoDigests 0}}' "${IMAGE}":"${VERSION}") + docker login -u unused -p "${REGISTRY_TOKEN}" quay.io --authfile ./authfile.json + IMG_SHA=$("docker" inspect --format='{{ index .RepoDigests 0}}' "${IMAGE}":"${VERSION}") # Do the preflight check first preflight check container "${IMG_SHA}" --docker-config=./authfile.json @@ -97,14 +95,26 @@ jobs: # Add skip range value='">=0.8.0"' yq e -i '.spec.skipRange = env(value)' \ "${VERSION}"/manifests/mongodb-atlas-kubernetes.clusterserviceversion.yaml - - name: test + - name: Commit and Push Changes + env: + VERSION: ${{ github.event.inputs.version }} + REPOSITORY: ${{ matrix.repository }} run: | - pwd - ls -lsa -# - name: Create pull requests -# uses: ./.github/actions/openshift-release -# with: -# VERSION: ${{ github.event.inputs.version }} -# REPOSITORY: "${{ matrix.repository }}" -# CERTIFIED: "${{ matrix.certified }}" -# ASSIGNEES: "priyolahiri,fabritsius,igor-karpukhin,sugar-pack,helderjs" + cd "$REPOSITORY/$REPO_PATH" + + # configure git user + git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com" + git config --global user.name "github-actions[bot]" + + # commit, push + git checkout -b "mongodb-atlas-operator-community-${VERSION}" + git add "${VERSION}" + git status + git commit -m "MongoDB Atlas Operator ${VERSION}" --signoff + git push origin "mongodb-atlas-operator-community-${VERSION}" + + # open PR + gh auth setup-git + gh pr create \ + --title "operator mongodb-atlas-kubernetes (${VERSION})" \ + --assignee "helderjs" \ No newline at end of file From 384a0d6957443b757907eabf28a2cf69ddd8851e Mon Sep 17 00:00:00 2001 From: Helder Santana Date: Fri, 9 Dec 2022 14:48:15 +0100 Subject: [PATCH 12/15] remove test data --- .github/actions/openshift-release/Dockerfile | 13 ----- .github/actions/openshift-release/action.yaml | 15 ----- .../actions/openshift-release/entrypoint.sh | 55 ------------------- .github/workflows/release-openshift.yaml | 20 +++---- 4 files changed, 8 insertions(+), 95 deletions(-) delete mode 100644 .github/actions/openshift-release/Dockerfile delete mode 100644 .github/actions/openshift-release/action.yaml delete mode 100644 .github/actions/openshift-release/entrypoint.sh diff --git a/.github/actions/openshift-release/Dockerfile b/.github/actions/openshift-release/Dockerfile deleted file mode 100644 index 8f001caf54..0000000000 --- a/.github/actions/openshift-release/Dockerfile +++ /dev/null @@ -1,13 +0,0 @@ -FROM alpine:latest - -RUN apk update && \ - apk add --no-cache libc6-compat curl tar git sed bash - -RUN curl -Lo tmp/ghcli.tar.gz https://github.com/cli/cli/releases/download/v2.20.2/gh_2.20.2_linux_386.tar.gz && \ - tar --strip-components=1 -xf tmp/ghcli.tar.gz -C /usr/local && \ - rm tmp/ghcli.tar.gz - -COPY entrypoint.sh /home/entrypoint.sh -RUN chmod +x /home/entrypoint.sh - -ENTRYPOINT ["/home/entrypoint.sh"] diff --git a/.github/actions/openshift-release/action.yaml b/.github/actions/openshift-release/action.yaml deleted file mode 100644 index 8c308c164d..0000000000 --- a/.github/actions/openshift-release/action.yaml +++ /dev/null @@ -1,15 +0,0 @@ -name: 'Redhat Release' -description: 'Create release PRs Redhat operator-hub and openshift ecosystem (community and certified)' -inputs: - VERSION: - description: "Operator version" - required: true - REPOSITORY: - description: "Repository where to create the pull request" - required: true - CERTIFIED: - description: "Prepare pull request for certification process" - required: false -runs: - using: 'docker' - image: 'Dockerfile' diff --git a/.github/actions/openshift-release/entrypoint.sh b/.github/actions/openshift-release/entrypoint.sh deleted file mode 100644 index 460ae79f26..0000000000 --- a/.github/actions/openshift-release/entrypoint.sh +++ /dev/null @@ -1,55 +0,0 @@ -#!/bin/bash - -set -eou pipefail - -if [ -z "${VERSION+x}" ]; then - echo "Operator version is not set" - exit 1 -fi - -if [ -z "${REPOSITORY+x}" ]; then - echo "Repository to create PR is not set" - exit 1 -fi - -OPERATOR_PATH=$(pwd) - -mkdir -p "../${REPOSITORY}" - -git config --global --add safe.directory /github/workspace -gh repo fork --clone "${REPOSITORY}" "../${REPOSITORY}" - -REPO_PATH=$(realpath "../${REPOSITORY}/operators/mongodb-atlas-kubernetes") -cd "${REPO_PATH}" -git fetch upstream main -git reset --hard upstream/main - -if [ -d "${VERSION}" ]; then - echo "version already exist in repository" - exit 1 -fi - -mkdir "${VERSION}" -cd "${OPERATOR_PATH}" -cp -r bundle.Dockerfile bundle/manifests bundle/metadata bundle/tests "${REPO_PATH}/${VERSION}" - -# replace the move instructions in the docker file -cd "${REPO_PATH}" -sed -i.bak 's/COPY bundle\/manifests/COPY manifests/' "${VERSION}/bundle.Dockerfile" -sed -i.bak 's/COPY bundle\/metadata/COPY metadata/' "${VERSION}/bundle.Dockerfile" -sed -i.bak 's/COPY bundle\/tests\/scorecard/COPY tests\/scorecard/' "${VERSION}/bundle.Dockerfile" -rm "${VERSION}/bundle.Dockerfile.bak" - -# configure git user -git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com" -git config --global user.name "github-actions[bot]" - -# commit, push and open PR -git checkout -b "mongodb-atlas-operator-community-${VERSION}" -git add "${VERSION}" -git status -git commit -m "MongoDB Atlas Operator ${VERSION}" --signoff -# git push origin "mongodb-atlas-operator-community-${VERSION}" -# gh pr create \ -# --title "operator mongodb-atlas-kubernetes (${VERSION})" \ -# --assignee "${ASSIGNEES}" diff --git a/.github/workflows/release-openshift.yaml b/.github/workflows/release-openshift.yaml index 7dcc762f91..de23cf8cc2 100644 --- a/.github/workflows/release-openshift.yaml +++ b/.github/workflows/release-openshift.yaml @@ -1,14 +1,10 @@ name: Release Openshift on: - push: - branches: - - CLOUDP-143633-automate-opnshift-release workflow_dispatch: inputs: version: description: "Release version:" required: true - default: "1.5.1" jobs: release-openshift: name: "Create Pull request for openshift release" @@ -18,12 +14,10 @@ jobs: REPO_PATH: "operators/mongodb-atlas-kubernetes" strategy: matrix: - #repository: ["mongodb-forks/community-operators", "mongodb-forks/certified-operators"] - repository: ["helderjs/community-operators"] - #repository: ["mongodb-forks/community-operators"] # , "redhat-openshift-ecosystem/community-operators-prod"] - #include: - # - repository: "mongodb-forks/certified-operators" - # certified: true + repository: ["mongodb-forks/community-operators", "mongodb-forks/community-operators-prod", "mongodb-forks/certified-operators"] + include: + - repository: "mongodb-forks/certified-operators" + certified: true steps: - name: Clone/Checkout Atlas Operator uses: actions/checkout@v3.1.0 @@ -66,6 +60,7 @@ jobs: VERSION: ${{ github.event.inputs.version }} REPOSITORY: ${{ matrix.repository }} IMAGE: quay.io/mongodb/mongodb-atlas-kubernetes-operator + REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }} RH_CERTIFICATION_PYXIS_API_TOKEN: ${{ secrets.RH_CERTIFICATION_PYXIS_API_TOKEN }} RH_CERTIFICATION_OSPID: ${{ secrets.RH_CERTIFICATION_OSPID }} run: | @@ -95,10 +90,11 @@ jobs: # Add skip range value='">=0.8.0"' yq e -i '.spec.skipRange = env(value)' \ "${VERSION}"/manifests/mongodb-atlas-kubernetes.clusterserviceversion.yaml - - name: Commit and Push Changes + - name: Push Changes & Open PR env: VERSION: ${{ github.event.inputs.version }} REPOSITORY: ${{ matrix.repository }} + ASSIGNEES: priyolahiri,fabritsius,igor-karpukhin,sugar-pack,helderjs run: | cd "$REPOSITORY/$REPO_PATH" @@ -117,4 +113,4 @@ jobs: gh auth setup-git gh pr create \ --title "operator mongodb-atlas-kubernetes (${VERSION})" \ - --assignee "helderjs" \ No newline at end of file + --assignee "${ASSIGNEES}" \ No newline at end of file From 0080b834e0aa3351129c24dbf3d8fad5df1b3c81 Mon Sep 17 00:00:00 2001 From: Helder Santana Date: Wed, 4 Jan 2023 09:29:24 -0300 Subject: [PATCH 13/15] adjust for multi-arch support --- .github/workflows/release-openshift.yaml | 42 ++++++++++-------------- 1 file changed, 17 insertions(+), 25 deletions(-) diff --git a/.github/workflows/release-openshift.yaml b/.github/workflows/release-openshift.yaml index de23cf8cc2..479189961a 100644 --- a/.github/workflows/release-openshift.yaml +++ b/.github/workflows/release-openshift.yaml @@ -54,6 +54,14 @@ jobs: sed -i.bak 's/COPY bundle\/metadata/COPY metadata/' "${VERSION}/bundle.Dockerfile" sed -i.bak 's/COPY bundle\/tests\/scorecard/COPY tests\/scorecard/' "${VERSION}/bundle.Dockerfile" rm "${VERSION}/bundle.Dockerfile.bak" + - name: Certify Openshift images + uses: ./.github/actions/certify-openshift-images + with: + repository: quay.io/mongodb/mongodb-atlas-kubernetes-operator + version: ${{ github.event.inputs.version }} + quay_password: ${{ secrets.QUAY_PASSWORD }} + rhcc_token: ${{ secrets.RH_CERTIFICATION_PYXIS_API_TOKEN }} + rhcc_project: ${{ secrets.RH_CERTIFICATION_OSPID }} - name: Configure certified release if: ${{ matrix.certified }} env: @@ -64,32 +72,13 @@ jobs: RH_CERTIFICATION_PYXIS_API_TOKEN: ${{ secrets.RH_CERTIFICATION_PYXIS_API_TOKEN }} RH_CERTIFICATION_OSPID: ${{ secrets.RH_CERTIFICATION_OSPID }} run: | - wget https://github.com/redhat-openshift-ecosystem/openshift-preflight/releases/download/1.4.0/preflight-linux-amd64 -O preflight -q - chmod +x ./preflight && sudo mv ./preflight /usr/local/bin/preflight - - preflight --version - docker --version - - docker login -u unused -p "${REGISTRY_TOKEN}" quay.io --authfile ./authfile.json - IMG_SHA=$("docker" inspect --format='{{ index .RepoDigests 0}}' "${IMAGE}":"${VERSION}") - - # Do the preflight check first - preflight check container "${IMG_SHA}" --docker-config=./authfile.json - - # Send results to RedHat if preflight finished without errors - preflight check container "${IMG_SHA}" \ - --submit \ - --pyxis-api-token="${RH_CERTIFICATION_PYXIS_API_TOKEN}" \ - --certification-project-id="${RH_CERTIFICATION_OSPID}" \ - --docker-config=./authfile.json - - # Replace image version with SHA256 - value="${IMG_SHA}" yq e -i '.spec.install.spec.deployments[0].spec.template.spec.containers[0].image = env(value)' \ - "${VERSION}"/manifests/mongodb-atlas-kubernetes.clusterserviceversion.yaml + # Reference image to quay.io + containerImage="${IMAGE}:${VERSION}" + yq e -i '.metadata.annotations.containerImage = env(containerImage)' "${VERSION}"/manifests/mongodb-atlas-kubernetes.clusterserviceversion.yaml + yq e -i '.spec.install.spec.deployments[0].spec.template.spec.containers[0].image = env(containerImage)' "${VERSION}"/manifests/mongodb-atlas-kubernetes.clusterserviceversion.yaml # Add skip range - value='">=0.8.0"' yq e -i '.spec.skipRange = env(value)' \ - "${VERSION}"/manifests/mongodb-atlas-kubernetes.clusterserviceversion.yaml + value='">=0.8.0"' yq e -i '.spec.skipRange = env(value)' "${VERSION}"/manifests/mongodb-atlas-kubernetes.clusterserviceversion.yaml - name: Push Changes & Open PR env: VERSION: ${{ github.event.inputs.version }} @@ -98,6 +87,10 @@ jobs: run: | cd "$REPOSITORY/$REPO_PATH" + # Sync fork + gh auth setup-git + gh repo sync -b main + # configure git user git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com" git config --global user.name "github-actions[bot]" @@ -110,7 +103,6 @@ jobs: git push origin "mongodb-atlas-operator-community-${VERSION}" # open PR - gh auth setup-git gh pr create \ --title "operator mongodb-atlas-kubernetes (${VERSION})" \ --assignee "${ASSIGNEES}" \ No newline at end of file From 8064e5d0f710ceef65d52d7889a91bc8d25be0e7 Mon Sep 17 00:00:00 2001 From: Helder Santana Date: Thu, 5 Jan 2023 10:58:59 -0300 Subject: [PATCH 14/15] use repo digest to refer image version --- .github/workflows/release-openshift.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release-openshift.yaml b/.github/workflows/release-openshift.yaml index 479189961a..4975caba10 100644 --- a/.github/workflows/release-openshift.yaml +++ b/.github/workflows/release-openshift.yaml @@ -72,8 +72,9 @@ jobs: RH_CERTIFICATION_PYXIS_API_TOKEN: ${{ secrets.RH_CERTIFICATION_PYXIS_API_TOKEN }} RH_CERTIFICATION_OSPID: ${{ secrets.RH_CERTIFICATION_OSPID }} run: | - # Reference image to quay.io - containerImage="${IMAGE}:${VERSION}" + # Reference to image + TAG_DIGEST=$(docker inspect --format='{{ index .RepoDigests 0}}' "${IMAGE}":"${VERSION}") + containerImage="quay.io/${IMAGE}:${TAG_DIGEST}" yq e -i '.metadata.annotations.containerImage = env(containerImage)' "${VERSION}"/manifests/mongodb-atlas-kubernetes.clusterserviceversion.yaml yq e -i '.spec.install.spec.deployments[0].spec.template.spec.containers[0].image = env(containerImage)' "${VERSION}"/manifests/mongodb-atlas-kubernetes.clusterserviceversion.yaml From f4b7287dcbc1fe1190ee1b5cfd6641d7ef9da2c5 Mon Sep 17 00:00:00 2001 From: Helder Santana Date: Thu, 5 Jan 2023 12:46:21 -0300 Subject: [PATCH 15/15] fix container image --- .github/workflows/release-openshift.yaml | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/.github/workflows/release-openshift.yaml b/.github/workflows/release-openshift.yaml index 4975caba10..9067f094b0 100644 --- a/.github/workflows/release-openshift.yaml +++ b/.github/workflows/release-openshift.yaml @@ -68,13 +68,10 @@ jobs: VERSION: ${{ github.event.inputs.version }} REPOSITORY: ${{ matrix.repository }} IMAGE: quay.io/mongodb/mongodb-atlas-kubernetes-operator - REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }} - RH_CERTIFICATION_PYXIS_API_TOKEN: ${{ secrets.RH_CERTIFICATION_PYXIS_API_TOKEN }} - RH_CERTIFICATION_OSPID: ${{ secrets.RH_CERTIFICATION_OSPID }} run: | # Reference to image - TAG_DIGEST=$(docker inspect --format='{{ index .RepoDigests 0}}' "${IMAGE}":"${VERSION}") - containerImage="quay.io/${IMAGE}:${TAG_DIGEST}" + REPO_DIGEST=$(docker inspect --format='{{ index .RepoDigests 0}}' "${IMAGE}":"${VERSION}") + containerImage="quay.io/${REPO_DIGEST}" yq e -i '.metadata.annotations.containerImage = env(containerImage)' "${VERSION}"/manifests/mongodb-atlas-kubernetes.clusterserviceversion.yaml yq e -i '.spec.install.spec.deployments[0].spec.template.spec.containers[0].image = env(containerImage)' "${VERSION}"/manifests/mongodb-atlas-kubernetes.clusterserviceversion.yaml