Skip to content

Fixed bug where unresolved DNS names would cause egress network policies to not be created #1772

Fixed bug where unresolved DNS names would cause egress network policies to not be created

Fixed bug where unresolved DNS names would cause egress network policies to not be created #1772

Workflow file for this run

name: Build
concurrency:
group: "${{ github.repository }}${{ github.ref }}"
cancel-in-progress: true
on:
pull_request:
types:
- opened
- synchronize
push:
branches:
- main
env:
REGISTRY: us-central1-docker.pkg.dev/main-383408/otterize
jobs:
build:
if: (github.event_name == 'push' && github.repository == 'otterize/intents-operator') || github.event.pull_request.head.repo.full_name == 'otterize/intents-operator'
name: Build
runs-on: ubuntu-latest
outputs:
registry: ${{ steps.registry.outputs.registry }} # workaround since env is not available outside of steps, i.e. in calling external workflows like we later do in e2e-test
strategy:
matrix:
service:
- intents-operator
steps:
- id: registry
run: echo "registry=${{ env.REGISTRY }}" >> "$GITHUB_OUTPUT"
- name: Check out the code
uses: actions/checkout@v2
with:
fetch-depth: 1
- uses: actions/setup-go@v3
with:
# Upgraded Go version? Make sure to upgrade it in the GitHub Actions setup, the Dockerfile and the go.mod as well, so the linter and tests run the same version.
go-version: 1.21
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@master
with:
driver-opts: network=host
- name: Login to GCR
uses: docker/login-action@v2
with:
registry: ${{ env.REGISTRY }}
username: _json_key_base64
password: ${{ secrets.B64_GCLOUD_SERVICE_ACCOUNT_JSON}}
- name: Login to DockerHub
uses: docker/login-action@v1
with:
username: otterize
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Test
run: |-
cd ./src/operator
go install sigs.k8s.io/controller-runtime/tools/setup-envtest@latest
make test
- name: Build
uses: docker/build-push-action@v2
with:
context: src/
file: src/${{ matrix.service }}.Dockerfile
tags: ${{ env.REGISTRY }}/${{ matrix.service }}:${{ github.sha }}
push: true
network: host
platforms: linux/amd64,linux/arm64
cache-from: type=gha
cache-to: type=gha,mode=max
build-args: |
"VERSION=0.0.${{ github.run_id }}"
netpol-e2e-test:
uses: ./.github/workflows/netpol-e2e-test.yaml
name: Trigger e2e tests
# Must pass the secrets as the called workflow does not have access to the same context
secrets:
B64_GCLOUD_SERVICE_ACCOUNT_JSON: ${{ secrets.B64_GCLOUD_SERVICE_ACCOUNT_JSON }}
with:
registry: ${{ needs.build.outputs.registry }}
operator-tag: ${{ github.sha }}
operator-image: intents-operator
needs:
- build
tag-latest-dev:
name: Tag latest
if: github.ref == 'refs/heads/main'
needs:
- build
- netpol-e2e-test
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: GCP auth
uses: 'google-github-actions/auth@v1'
with:
credentials_json: ${{ secrets.B64_GCLOUD_SERVICE_ACCOUNT_JSON }}
- name: Set up Cloud SDK
uses: 'google-github-actions/setup-gcloud@v1'
# Push the Docker image to AWS ECR
- name: Tag Images as latest
run: |-
retag_image_as_latest() { if [[ $(gcloud container images add-tag "${{ env.REGISTRY }}/$1:${{ github.sha }}" "${{ env.REGISTRY }}/$1:latest" --quiet) ]]; then echo "Failed tagging $1 as latest"; exit 1; fi } # using --quiet to avoid prompt
retag_image_as_latest intents-operator