Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add github actions like in ctlplane operators
* dependabot config to auto create PRs to update dependencies * CI workflows to run checks + create images when PR merges
- Loading branch information
Showing
6 changed files
with
389 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,69 @@ | ||
#!/bin/bash | ||
set -e | ||
|
||
CLUSTER_BUNDLE_FILE="bundle/manifests/ansibleee-operator.clusterserviceversion.yaml" | ||
|
||
echo "Creating ansibleee operator bundle" | ||
cd .. | ||
echo "${GITHUB_SHA}" | ||
echo "${BASE_IMAGE}" | ||
skopeo --version | ||
|
||
echo "Calculating image digest for docker://${REGISTRY}/${BASE_IMAGE}:${GITHUB_SHA}" | ||
DIGEST=$(skopeo inspect docker://${REGISTRY}/${BASE_IMAGE}:${GITHUB_SHA} | jq '.Digest' -r) | ||
# Output: | ||
# Calculating image digest for docker://quay.io/openstack-k8s-operators/ansibleee-operator:d03f2c1c362c04fc5ef819f92a218f9ea59bbd0c | ||
# Digest: sha256:1d5b578fd212f8dbd03c0235f1913ef738721766f8c94236af5efecc6d8d8cb1 | ||
echo "Digest: ${DIGEST}" | ||
|
||
RELEASE_VERSION=$(grep "^VERSION" Makefile | awk -F'?= ' '{ print $2 }') | ||
OPERATOR_IMG_WITH_DIGEST="${REGISTRY}/${BASE_IMAGE}@${DIGEST}" | ||
|
||
echo "New Operator Image with Digest: $OPERATOR_IMG_WITH_DIGEST" | ||
echo "Release Version: $RELEASE_VERSION" | ||
|
||
echo "Creating bundle image..." | ||
VERSION=$RELEASE_VERSION IMG=$OPERATOR_IMG_WITH_DIGEST make bundle | ||
|
||
echo "Bundle file images:" | ||
cat "${CLUSTER_BUNDLE_FILE}" | grep "image:" | ||
# FIXME: display any ENV variables once we have offline support implemented | ||
#grep -A1 IMAGE_URL_DEFAULT "${CLUSTER_BUNDLE_FILE}" | ||
|
||
# We do not want to exit here. Some images are in different registries, so | ||
# error will be reported to the console. | ||
set +e | ||
for csv_image in $(cat "${CLUSTER_BUNDLE_FILE}" | grep "image:" | sed -e "s|.*image:||" | sort -u); do | ||
digest_image="" | ||
echo "CSV line: ${csv_image}" | ||
|
||
# case where @ is in the csv_image image | ||
if [[ "$csv_image" =~ .*"@".* ]]; then | ||
delimeter='@' | ||
else | ||
delimeter=':' | ||
fi | ||
|
||
base_image=$(echo $csv_image | cut -f 1 -d${delimeter}) | ||
tag_image=$(echo $csv_image | cut -f 2 -d${delimeter}) | ||
|
||
if [[ "$base_image:$tag_image" == "controller:latest" ]]; then | ||
echo "$base_image:$tag_image becomes $OPERATOR_IMG_WITH_DIGEST" | ||
sed -e "s|$base_image:$tag_image|$OPERATOR_IMG_WITH_DIGEST|g" -i "${CLUSTER_BUNDLE_FILE}" | ||
else | ||
digest_image=$(skopeo inspect docker://${base_image}${delimeter}${tag_image} | jq '.Digest' -r) | ||
echo "Base image: $base_image" | ||
if [ -n "$digest_image" ]; then | ||
echo "$base_image${delimeter}$tag_image becomes $base_image@$digest_image" | ||
sed -i "s|$base_image$delimeter$tag_image|$base_image@$digest_image|g" "${CLUSTER_BUNDLE_FILE}" | ||
else | ||
echo "$base_image${delimeter}$tag_image not changed" | ||
fi | ||
fi | ||
done | ||
|
||
echo "Resulting bundle file images:" | ||
cat "${CLUSTER_BUNDLE_FILE}" | grep "image:" | ||
|
||
# FIXME: display any ENV variables once we have offline support implemented | ||
#grep -A1 IMAGE_URL_DEFAULT "${CLUSTER_BUNDLE_FILE}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
#!/bin/bash | ||
set -e | ||
|
||
echo "Creating operator index image" | ||
echo "${REGISTRY}" | ||
echo "${GITHUB_SHA}" | ||
echo "${INDEX_IMAGE}" | ||
echo "${INDEX_IMAGE_TAG}" | ||
echo "${BUNDLE_IMAGE}" | ||
|
||
echo "opm index add --bundles ${REGISTRY}/${BUNDLE_IMAGE}:${GITHUB_SHA} --tag ${REGISTRY}/${INDEX_IMAGE}:${GITHUB_SHA} -u podman --pull-tool podman" | ||
opm index add --bundles "${REGISTRY}/${BUNDLE_IMAGE}:${GITHUB_SHA}" --tag "${REGISTRY}/${INDEX_IMAGE}:${GITHUB_SHA}" -u podman --pull-tool podman | ||
|
||
echo "podman tag ${REGISTRY}/${INDEX_IMAGE}:${GITHUB_SHA} ${REGISTRY}/${INDEX_IMAGE}:${INDEX_IMAGE_TAG}" | ||
podman tag "${REGISTRY}/${INDEX_IMAGE}:${GITHUB_SHA}" "${REGISTRY}/${INDEX_IMAGE}:${INDEX_IMAGE_TAG}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
# To get started with Dependabot version updates, you'll need to specify which | ||
# package ecosystems to update and where the package manifests are located. | ||
# Please see the documentation for all configuration options: | ||
# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates | ||
|
||
version: 2 | ||
updates: | ||
- package-ecosystem: "gomod" | ||
directory: "/" | ||
schedule: | ||
interval: "daily" | ||
- package-ecosystem: "gomod" | ||
directory: "/apis/" | ||
schedule: | ||
interval: "daily" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,200 @@ | ||
name: AnsibleEE Operator image builder | ||
|
||
on: | ||
push: | ||
branches: | ||
- '*' | ||
paths-ignore: | ||
- .gitignore | ||
- .pull_request_pipeline | ||
- changelog.txt | ||
- kuttl-test.yaml | ||
- LICENSE | ||
- Makefile | ||
- OWNERS | ||
- PROJECT | ||
- README.md | ||
- .github/ | ||
- build/ | ||
- docs/ | ||
- tests/ | ||
|
||
env: | ||
imageregistry: 'quay.io' | ||
imagenamespace: ${{ secrets.IMAGENAMESPACE || secrets.QUAY_USERNAME }} | ||
latesttag: latest | ||
|
||
jobs: | ||
|
||
check-secrets: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Check secrets are set | ||
id: have-secrets | ||
if: "${{ env.imagenamespace != '' }}" | ||
run: echo "::set-output name=ok::true" | ||
outputs: | ||
have-secrets: ${{ steps.have-secrets.outputs.ok }} | ||
|
||
build-ansibleee-operator: | ||
name: Build ansibleee-operator image using buildah | ||
runs-on: ubuntu-latest | ||
needs: [check-secrets] | ||
if: needs.check-secrets.outputs.have-secrets == 'true' | ||
|
||
steps: | ||
- uses: actions/checkout@v2 | ||
|
||
- name: Get branch name | ||
id: branch-name | ||
uses: tj-actions/branch-names@v5 | ||
|
||
- name: Set latest tag for non master branch | ||
if: "${{ steps.branch-name.outputs.current_branch != 'master' }}" | ||
run: | | ||
echo "latesttag=${{ steps.branch-name.outputs.current_branch }}-latest" >> $GITHUB_ENV | ||
- name: Buildah Action | ||
id: build-ansibleee-operator | ||
uses: redhat-actions/buildah-build@v2 | ||
with: | ||
image: ansibleee-operator | ||
tags: ${{ env.latesttag }} ${{ github.sha }} | ||
containerfiles: | | ||
./Dockerfile | ||
- name: Push ansibleee-operator To ${{ env.imageregistry }} | ||
uses: redhat-actions/push-to-registry@v2 | ||
with: | ||
image: ${{ steps.build-ansibleee-operator.outputs.image }} | ||
tags: ${{ steps.build-ansibleee-operator.outputs.tags }} | ||
registry: ${{ env.imageregistry }}/${{ env.imagenamespace }} | ||
username: ${{ secrets.QUAY_USERNAME }} | ||
password: ${{ secrets.QUAY_PASSWORD }} | ||
|
||
build-ansibleee-operator-bundle: | ||
needs: [ check-secrets, build-ansibleee-operator ] | ||
name: ansibleee-operator-bundle | ||
runs-on: ubuntu-latest | ||
if: needs.check-secrets.outputs.have-secrets == 'true' | ||
|
||
steps: | ||
- name: Install Go | ||
uses: actions/setup-go@v2 | ||
with: | ||
go-version: 1.18.x | ||
|
||
- name: Checkout ansibleee-operator repository | ||
uses: actions/checkout@v2 | ||
|
||
- name: Install operator-sdk | ||
uses: redhat-actions/openshift-tools-installer@v1 | ||
with: | ||
source: github | ||
operator-sdk: '1.23.0' | ||
|
||
- name: Log in to Quay Registry | ||
uses: redhat-actions/podman-login@v1 | ||
with: | ||
registry: ${{ env.imageregistry }} | ||
username: ${{ secrets.QUAY_USERNAME }} | ||
password: ${{ secrets.QUAY_PASSWORD }} | ||
|
||
- name: Log in to Red Hat Registry | ||
uses: redhat-actions/podman-login@v1 | ||
with: | ||
registry: registry.redhat.io | ||
username: ${{ secrets.REDHATIO_USERNAME }} | ||
password: ${{ secrets.REDHATIO_PASSWORD }} | ||
|
||
- name: Create bundle image | ||
run: | | ||
pushd "${GITHUB_WORKSPACE}"/.github/ | ||
chmod +x "create_bundle.sh" | ||
"./create_bundle.sh" | ||
popd | ||
env: | ||
REGISTRY: ${{ env.imageregistry }}/${{ env.imagenamespace }} | ||
GITHUB_SHA: ${{ github.sha }} | ||
BASE_IMAGE: ansibleee-operator | ||
|
||
- name: Get branch name | ||
id: branch-name | ||
uses: tj-actions/branch-names@v5 | ||
|
||
- name: Set latest tag for non master branch | ||
if: "${{ steps.branch-name.outputs.current_branch != 'master' }}" | ||
run: | | ||
echo "latesttag=${{ steps.branch-name.outputs.current_branch }}-latest" >> $GITHUB_ENV | ||
- name: Build ansibleee-operator-bundle using buildah | ||
id: build-ansibleee-operator-bundle | ||
uses: redhat-actions/buildah-build@v2 | ||
with: | ||
image: ansibleee-operator-bundle | ||
tags: ${{ env.latesttag }} ${{ github.sha }} | ||
containerfiles: | | ||
./bundle.Dockerfile | ||
- name: Push ansibleee-operator To ${{ env.imageregistry }} | ||
uses: redhat-actions/push-to-registry@v2 | ||
with: | ||
image: ${{ steps.build-ansibleee-operator-bundle.outputs.image }} | ||
tags: ${{ steps.build-ansibleee-operator-bundle.outputs.tags }} | ||
registry: ${{ env.imageregistry }}/${{ env.imagenamespace }} | ||
username: ${{ secrets.QUAY_USERNAME }} | ||
password: ${{ secrets.QUAY_PASSWORD }} | ||
|
||
build-ansibleee-operator-index: | ||
needs: [ check-secrets, build-ansibleee-operator-bundle ] | ||
name: ansibleee-operator-index | ||
runs-on: ubuntu-latest | ||
if: needs.check-secrets.outputs.have-secrets == 'true' | ||
|
||
steps: | ||
- name: Checkout ansibleee-operator repository | ||
uses: actions/checkout@v2 | ||
|
||
- name: Get branch name | ||
id: branch-name | ||
uses: tj-actions/branch-names@v5 | ||
|
||
- name: Set latest tag for non master branch | ||
if: "${{ steps.branch-name.outputs.current_branch != 'master' }}" | ||
run: | | ||
echo "latesttag=${{ steps.branch-name.outputs.current_branch }}-latest" >> $GITHUB_ENV | ||
- name: Install opm | ||
uses: redhat-actions/openshift-tools-installer@v1 | ||
with: | ||
source: github | ||
opm: 'latest' | ||
|
||
- name: Log in to Red Hat Registry | ||
uses: redhat-actions/podman-login@v1 | ||
with: | ||
registry: ${{ env.imageregistry }} | ||
username: ${{ secrets.QUAY_USERNAME }} | ||
password: ${{ secrets.QUAY_PASSWORD }} | ||
|
||
- name: Create index image | ||
run: | | ||
pushd "${GITHUB_WORKSPACE}"/.github/ | ||
chmod +x "create_opm_index.sh" | ||
"./create_opm_index.sh" | ||
popd | ||
env: | ||
REGISTRY: ${{ env.imageregistry }}/${{ env.imagenamespace }} | ||
GITHUB_SHA: ${{ github.sha }} | ||
BUNDLE_IMAGE: ansibleee-operator-bundle | ||
INDEX_IMAGE_TAG: ${{ env.latesttag }} | ||
INDEX_IMAGE: ansibleee-operator-index | ||
|
||
- name: Push ansibleee-operator-index To ${{ env.imageregistry }} | ||
uses: redhat-actions/push-to-registry@v2 | ||
with: | ||
image: ansibleee-operator-index | ||
tags: ${{ env.latesttag }} ${{ github.sha }} | ||
registry: ${{ env.imageregistry }}/${{ env.imagenamespace }} | ||
username: ${{ secrets.QUAY_USERNAME }} | ||
password: ${{ secrets.QUAY_PASSWORD }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
name: Golang lint, vet and unit test pipeline | ||
|
||
on: [push, pull_request] | ||
|
||
jobs: | ||
test: | ||
name: github (govet, golint and gotest) | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Install Go | ||
uses: actions/setup-go@v2 | ||
with: | ||
go-version: 1.18.x | ||
- name: Checkout project code | ||
uses: actions/checkout@v2 | ||
- name: Checkout openstack-k8s-operators-ci project | ||
uses: actions/checkout@v2 | ||
with: | ||
repository: openstack-k8s-operators/openstack-k8s-operators-ci | ||
path: ./openstack-k8s-operators-ci | ||
- name: Run govet.sh | ||
run: ./openstack-k8s-operators-ci/test-runner/govet.sh | ||
- name: Run golint.sh | ||
run: ./openstack-k8s-operators-ci/test-runner/golint.sh | ||
- name: Run gotest.sh | ||
run: ./openstack-k8s-operators-ci/test-runner/gotest.sh | ||
|
||
golangci: | ||
name: github (golangci) | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Install Go | ||
uses: actions/setup-go@v2 | ||
with: | ||
go-version: 1.18.x | ||
- name: Checkout project code | ||
uses: actions/checkout@v2 | ||
- name: Run golangci lint | ||
uses: golangci/golangci-lint-action@v2 | ||
with: | ||
version: latest | ||
args: --timeout 5m |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
name: Release AnsibleEE Operator | ||
|
||
on: | ||
release: | ||
types: | ||
- released | ||
- prereleased | ||
|
||
env: | ||
imageregistry: 'quay.io' | ||
imagenamespace: ${{ secrets.IMAGENAMESPACE || secrets.QUAY_USERNAME }} | ||
|
||
jobs: | ||
release: | ||
runs-on: ubuntu-latest | ||
|
||
steps: | ||
- uses: actions/checkout@v2 | ||
|
||
- name: Tag image | ||
uses: tinact/docker.image-retag@1.0.2 | ||
with: | ||
image_name: ${{ env.imagenamespace }}/ | ||
image_old_tag: ${{ github.sha }} | ||
image_new_tag: ${{ github.event.release.tag_name }} | ||
registry: ${{ env.imageregistry }} | ||
registry_username: ${{ secrets.QUAY_USERNAME }} | ||
registry_password: ${{ secrets.QUAY_PASSWORD }} | ||
|
||
- name: Tag -bundle image | ||
uses: tinact/docker.image-retag@1.0.2 | ||
with: | ||
image_name: ${{ env.imagenamespace }}/-bundle | ||
image_old_tag: ${{ github.sha }} | ||
image_new_tag: ${{ github.event.release.tag_name }} | ||
registry: ${{ env.imageregistry }} | ||
registry_username: ${{ secrets.QUAY_USERNAME }} | ||
registry_password: ${{ secrets.QUAY_PASSWORD }} | ||
|
||
- name: Tag -index image | ||
uses: tinact/docker.image-retag@1.0.2 | ||
with: | ||
image_name: ${{ env.imagenamespace }}/-index | ||
image_old_tag: ${{ github.sha }} | ||
image_new_tag: ${{ github.event.release.tag_name }} | ||
registry: ${{ env.imageregistry }} | ||
registry_username: ${{ secrets.QUAY_USERNAME }} | ||
registry_password: ${{ secrets.QUAY_PASSWORD }} |