-
Notifications
You must be signed in to change notification settings - Fork 91
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add GHA workflow to push operator images for PRs
Signed-off-by: Pavel Macík <pavel.macik@gmail.com>
- Loading branch information
Showing
14 changed files
with
346 additions
and
39 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
# action.yml | ||
name: 'Clean container images by tags.' | ||
description: 'Deletes images from remote repository by tags that match a regular expression.' | ||
inputs: | ||
repository: | ||
description: "Repository" | ||
required: true | ||
tags: | ||
description: "Regular expression for tag names to remote" | ||
required: true | ||
username: | ||
descriptino: "Repo username" | ||
required: false | ||
default: "" | ||
password: | ||
descriptino: "Repo password" | ||
required: false | ||
default: "" | ||
runs: | ||
using: "composite" | ||
steps: | ||
- id: clean-images | ||
env: | ||
REPO: ${{ inputs.repository }} | ||
TAGS: ${{ inputs.tags }} | ||
REPO_USERNAME: ${{ inputs.username }} | ||
REPO_PASSWORD: ${{ inputs.password }} | ||
run: | | ||
$GITHUB_ACTION_PATH/clean-images.sh "${REPO}" "${TAGS}" | ||
shell: bash |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
#!/usr/bin/env bash | ||
|
||
REPO=$1 | ||
# REPO_USERNAME=... | ||
# REPO_PASSWORD=... | ||
TAGS=${2:-} | ||
|
||
if [ -z "$TAGS" ] || [ -z "$REPO" ]; then | ||
echo "Usage: $0 <repo> <images regex>" | ||
echo "" | ||
echo "Optionally set REPO_USERNAME and REPO_PASSWORD env variables to provide repo credentials." | ||
echo "" | ||
exit 1 | ||
fi | ||
|
||
if [ -n "$REPO_USERNAME" ]; then | ||
REPO_CREDS="--creds ${REPO_USERNAME}:${REPO_PASSWORD}" | ||
fi | ||
|
||
for tag in $(skopeo list-tags --tls-verify=false docker://${REPO} | jq -r ".Tags[] | select(.? | match(\"${TAGS}\"))"); do | ||
echo "Deleting docker://${REPO}:${tag}" | ||
skopeo delete ${REPO_CREDS} docker://${REPO}:${tag} | ||
done |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,17 +1,33 @@ | ||
#!/usr/bin/env bash | ||
|
||
curl -Lo operator-sdk https://github.com/operator-framework/operator-sdk/releases/download/v${SDK_VERSION}/operator-sdk_linux_amd64 | ||
chmod +x operator-sdk | ||
mv -v operator-sdk $GITHUB_WORKSPACE/bin/ | ||
echo "Downloading requested CLI" | ||
|
||
curl -Lo opm https://github.com/operator-framework/operator-registry/releases/download/v${OPM_VERSION}/linux-amd64-opm | ||
chmod +x opm | ||
mv -v opm $GITHUB_WORKSPACE/bin/ | ||
if [ "$OPERATOR_SDK" == true ]; then | ||
echo "Downloading operator-sdk..." | ||
curl -Lo operator-sdk https://github.com/operator-framework/operator-sdk/releases/download/v${SDK_VERSION}/operator-sdk_linux_amd64 | ||
chmod +x operator-sdk | ||
mv -v operator-sdk $GITHUB_WORKSPACE/bin/ | ||
fi | ||
|
||
curl -Lo kubectl https://storage.googleapis.com/kubernetes-release/release/v${K8S_VERSION}/bin/linux/amd64/kubectl | ||
chmod +x kubectl | ||
mv -v kubectl $GITHUB_WORKSPACE/bin/ | ||
if [ "$OPM" == true ]; then | ||
echo "Downloading opm..." | ||
curl -Lo opm https://github.com/operator-framework/operator-registry/releases/download/v${OPM_VERSION}/linux-amd64-opm | ||
chmod +x opm | ||
mv -v opm $GITHUB_WORKSPACE/bin/ | ||
fi | ||
|
||
curl -Lo minikube https://storage.googleapis.com/minikube/releases/v${MINIKUBE_VERSION}/minikube-linux-amd64 | ||
chmod +x minikube | ||
mv -v minikube $GITHUB_WORKSPACE/bin/ | ||
if [ "$KUBECTL" == true ] || [ "$START_MINIKUBE" == true ]; then | ||
echo "Downloading kubectl..." | ||
curl -Lo kubectl https://storage.googleapis.com/kubernetes-release/release/v${K8S_VERSION}/bin/linux/amd64/kubectl | ||
chmod +x kubectl | ||
mv -v kubectl $GITHUB_WORKSPACE/bin/ | ||
fi | ||
|
||
if [ "$MINIKUBE" == true ] || [ "$START_MINIKUBE" == true ]; then | ||
echo "Downloading minikube..." | ||
curl -Lo minikube https://storage.googleapis.com/minikube/releases/v${MINIKUBE_VERSION}/minikube-linux-amd64 | ||
chmod +x minikube | ||
mv -v minikube $GITHUB_WORKSPACE/bin/ | ||
fi | ||
|
||
echo "All requested CLI downloaded!" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
#!/bin/bash | ||
cmd="/usr/bin/podman" | ||
case "$1" in | ||
push) | ||
prefix=${2%/*} | ||
img=${2#${prefix}} | ||
"$cmd" push --tls-verify=false $2 docker://localhost:5000${img} | ||
;; | ||
inspect) | ||
prefix=${3%/*} | ||
img=${3#${prefix}} | ||
echo $prefix${img%:*}@$(skopeo inspect --tls-verify=false docker://localhost:5000${img} | jq -r .Digest) | ||
;; | ||
*) | ||
"$cmd" "$@" | ||
;; | ||
esac |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
unqualified-search-registries = ['docker.io'] | ||
|
||
[[registry]] | ||
prefix = "REGISTRY_PREFIX" | ||
insecure = true | ||
location = "localhost:5000" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
#!/usr/bin/env bash | ||
|
||
set -x | ||
|
||
mkdir -p ${GITHUB_WORKSPACE}/registry | ||
|
||
podman run -d -p 5000:5000 --rm -v ${GITHUB_WORKSPACE}/registry:/var/lib/registry:Z --name reg registry:2.7 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
#!/usr/bin/env bash | ||
|
||
set -x | ||
|
||
mkdir -p $HOME/.config/containers | ||
sed -e "s,REGISTRY_PREFIX,${REGISTRY_PREFIX},g" ./.github/actions/setup-podman/registries_template.conf > $HOME/.config/containers/registries.conf | ||
cp -rvf ./.github/actions/setup-podman/podman ${GITHUB_WORKSPACE}/bin/podman |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,70 @@ | ||
name: PR checks - Build operator images | ||
|
||
on: | ||
pull_request: | ||
branches: | ||
- master | ||
|
||
env: | ||
SDK_VERSION: "1.3.0" | ||
OPM_VERSION: "1.15.2" | ||
CONTAINER_RUNTIME: "podman" | ||
ARTIFACTS: "artifacts" | ||
REGISTRY_PREFIX: quay.io/redhat-developer | ||
REPO: servicebinding-operator | ||
|
||
jobs: | ||
build-operator-images: | ||
name: "Build operator images (PR)" | ||
runs-on: ubuntu-20.04 | ||
|
||
steps: | ||
- name: Checkout Git Repository | ||
uses: actions/checkout@v2 | ||
|
||
- name: Setup CLI | ||
uses: ./.github/actions/setup-cli | ||
with: | ||
operator-sdk: true | ||
opm: true | ||
|
||
- name: Setup local registry | ||
run: | | ||
.github/actions/setup-podman/setup-local-registry.sh | ||
.github/actions/setup-podman/setup-podman-wrapper.sh | ||
- name: Build images | ||
env: | ||
PR_NUMBER: ${{github.event.pull_request.number}} | ||
PR_SHA: ${{github.event.pull_request.head.sha}} | ||
OPERATOR_REPO_REF: ${{env.REGISTRY_PREFIX}}/${{env.REPO}} | ||
run: | | ||
export TAG=pr-${PR_NUMBER}-${PR_SHA:0:8} | ||
export OPERATOR_IMAGE_REF=${OPERATOR_REPO_REF}:${TAG} | ||
export OPERATOR_BUNDLE_IMAGE_REF=${OPERATOR_IMAGE_REF}-bundle | ||
export OPERATOR_INDEX_IMAGE_REF=${OPERATOR_IMAGE_REF}-index | ||
which podman | ||
BUILDAH_FORMAT=docker make SKIP_REGISTRY_LOGIN=true release-operator -o registry-login | ||
mkdir -p ${ARTIFACTS} | ||
echo "export OPERATOR_IMAGE_REF=${OPERATOR_IMAGE_REF}" >> ${ARTIFACTS}/operator.refs | ||
echo "export OPERATOR_BUNDLE_IMAGE_REF=${OPERATOR_BUNDLE_IMAGE_REF}" >> ${ARTIFACTS}/operator.refs | ||
echo "export OPERATOR_INDEX_IMAGE_REF=${OPERATOR_INDEX_IMAGE_REF}" >> ${ARTIFACTS}/operator.refs | ||
podman stop reg | ||
tar -czvf ${ARTIFACTS}/registry.tar.gz -C ${GITHUB_WORKSPACE} registry | ||
- name: Archive images | ||
uses: actions/upload-artifact@v2 | ||
with: | ||
name: operator-images-${{github.event.pull_request.number}}-${{github.event.pull_request.head.sha}} | ||
path: ${{env.ARTIFACTS}}/*.tar.gz | ||
|
||
- name: Archive image references | ||
uses: actions/upload-artifact@v2 | ||
with: | ||
name: operator-refs-${{github.event.pull_request.number}}-${{github.event.pull_request.head.sha}} | ||
path: ${{env.ARTIFACTS}}/*.refs |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
name: "PR checks - Clean operator images" | ||
|
||
on: | ||
pull_request_target: | ||
branches: | ||
- master | ||
types: [closed] | ||
|
||
env: | ||
OPERATOR_REPO_REF: quay.io/redhat-developer/servicebinding-operator | ||
|
||
jobs: | ||
clean-operator-images: | ||
name: "Clean operator images (PR)" | ||
runs-on: ubuntu-20.04 | ||
|
||
steps: | ||
- name: Checkout Git Repository | ||
uses: actions/checkout@v2 | ||
|
||
- name: Clean PR images | ||
uses: ./.github/actions/clean-images | ||
with: | ||
repository: ${{ env.OPERATOR_REPO_REF }} | ||
tags: "pr-${{github.event.pull_request.number}}-.*" | ||
username: ${{ secrets.QUAY_USERNAME }} | ||
password: ${{ secrets.QUAY_TOKEN }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,45 @@ | ||
name: "PR checks - Push operator images" | ||
|
||
on: | ||
pull_request_target: | ||
branches: | ||
- master | ||
|
||
env: | ||
REGISTRY_PREFIX: quay.io/redhat-developer | ||
REPO: servicebinding-operator | ||
|
||
jobs: | ||
push-operator-images: | ||
name: "Push operator images (PR)" | ||
runs-on: ubuntu-20.04 | ||
|
||
steps: | ||
- name: Checkout Git Repository | ||
uses: actions/checkout@v2 | ||
|
||
- name: Wait for build | ||
uses: lewagon/wait-on-check-action@1b1630e169116b58a4b933d5ad7effc46d3d312d | ||
with: | ||
ref: ${{ github.event.pull_request.head.sha }} | ||
check-name: "Build operator images (PR)" | ||
repo-token: ${{ secrets.GITHUB_TOKEN }} | ||
wait-interval: 60 | ||
|
||
- name: Download images | ||
uses: marcofaggian/action-download-multiple-artifacts@v3.0.8 | ||
with: | ||
names: operator-images-${{github.event.pull_request.number}}-${{github.event.pull_request.head.sha}} | ||
|
||
- name: Setup local registry | ||
run: | | ||
tar -xvf registry.tar.gz | ||
.github/actions/setup-podman/setup-local-registry.sh | ||
- name: Push operator, bundle and index images | ||
run: | | ||
set -x | ||
for tag in $(skopeo list-tags --tls-verify=false docker://localhost:5000/${REPO} | jq -r '.Tags[] | select(startswith("pr-${{github.event.pull_request.number}}-"))'); do | ||
sha=$(skopeo inspect --tls-verify=false docker://localhost:5000/${REPO}:${tag} | jq -r '.Digest') | ||
skopeo copy --dest-creds ${{secrets.QUAY_USERNAME}}:${{secrets.QUAY_TOKEN}} --all --src-tls-verify=false docker://localhost:5000/${REPO}@${sha} docker://${REGISTRY_PREFIX}/${REPO}:${tag} | ||
done |
Oops, something went wrong.