Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ci: Improve build images job for release tags #169

Merged
merged 6 commits into from
Nov 5, 2024
Merged
Show file tree
Hide file tree
Changes from 5 commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 7 additions & 1 deletion .github/workflows/build-images-base.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,12 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Read release string version
id: release
run: |
version=`make read-release-version`
echo version=$version >> $GITHUB_OUTPUT
eguzki marked this conversation as resolved.
Show resolved Hide resolved
- name: Install qemu dependency
run: |
sudo apt-get update
Expand All @@ -91,6 +96,7 @@ jobs:
build-args: |
GIT_SHA=${{ github.sha }}
DIRTY=false
VERSION=${{ steps.release.outputs.version }}
eguzki marked this conversation as resolved.
Show resolved Hide resolved
QUAY_IMAGE_EXPIRY=${{ inputs.quayImageExpiry }}
- name: Push Image
if: ${{ !env.ACT }}
Expand Down
197 changes: 197 additions & 0 deletions .github/workflows/build-images-for-tag-release.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,197 @@
name: Build and Publish Images For Tag Release

on:
push:
tags:
- "v[0-9]+.[0-9]+.[0-9]+"
env:
IMG_REGISTRY_HOST: quay.io
IMG_REGISTRY_ORG: kuadrant
IMG_REGISTRY_REPO: limitador-operator
OPERATOR_NAME: limitador-operator

jobs:
build:
name: Build and Push image
runs-on: ubuntu-latest
outputs:
build-tags: ${{ steps.build-image.outputs.tags }}
image: ${{ steps.push-to-quay.outputs.registry-path }}
steps:
- name: Check out code
uses: actions/checkout@v4

- name: Read release string version
id: release
run: |
version=`make read-release-version`
echo version=$version >> $GITHUB_OUTPUT

- name: Print tags
run: echo "Git reference name = ${{ github.ref_name }}, release version = ${{ steps.release.outputs.version }}"
- name: Verify git reference name matches the release version
if: ${{ github.ref_name != steps.release.outputs.version }}
run: exit 1

- name: Install qemu dependency
run: |
sudo apt-get update
sudo apt-get install -y qemu-user-static

- name: Build Image
id: build-image
uses: redhat-actions/buildah-build@v2
with:
image: ${{ env.OPERATOR_NAME }}
tags: ${{ github.ref_name }}
platforms: linux/amd64,linux/arm64
build-args: |
GIT_SHA=${{ github.sha }}
DIRTY=false
VERSION=${{ github.ref_name }}

dockerfiles: |
./Dockerfile

- name: Print Build Info
run: echo "Image = ${{ steps.build-image.outputs.image }}, Tags = ${{ steps.build-image.outputs.tags }}"

- name: Push Image
if: github.repository_owner == 'kuadrant'
id: push-to-quay
uses: redhat-actions/push-to-registry@v2
with:
image: ${{ steps.build-image.outputs.image }}
tags: ${{ steps.build-image.outputs.tags }}
registry: ${{ env.IMG_REGISTRY_HOST }}/${{ env.IMG_REGISTRY_ORG }}
username: ${{ secrets.IMG_REGISTRY_USERNAME }}
password: ${{ secrets.IMG_REGISTRY_TOKEN }}

- name: Print Image URL
run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}"

build-bundle:
name: Build and Push bundle image
needs: [build]
runs-on: ubuntu-latest
outputs:
build-tags: ${{ steps.build-image.outputs.tags }}
image: ${{ steps.push-to-quay.outputs.registry-path }}
steps:
- name: Check out code
uses: actions/checkout@v4
- name: Install yq tool
run: |
# following sub-shells running make target should have yq already installed
make yq
- name: Read operator image reference URL from the manifest bundle
id: parsed-operator-image
run: |
url=`make bundle-operator-image-url`
echo url=$url >> $GITHUB_OUTPUT
- name: Print tags and references
run: echo "Operator image tag = ${{ needs.build.outputs.image }}, Reference in bundle = ${{ steps.parsed-operator-image.outputs.url }}"
- name: Verify referenced operator image tag matches the tag currently being built
if: ${{ needs.build.outputs.image != steps.parsed-operator-image.outputs.url }}
run: exit 1

- name: Install qemu dependency
run: |
sudo apt-get update
sudo apt-get install -y qemu-user-static

- name: Build Image
id: build-image
uses: redhat-actions/buildah-build@v2
with:
image: ${{ env.OPERATOR_NAME }}-bundle
tags: ${{ needs.build.outputs.build-tags }}
platforms: linux/amd64,linux/arm64
dockerfiles: |
./bundle.Dockerfile

- name: Print Build Info
run: echo "Image = ${{ steps.build-image.outputs.image }}, Tags = ${{ steps.build-image.outputs.tags }}, Operator IMG = ${{ steps.parsed-operator-image.outputs.url }}"

- name: Push Image
if: github.repository_owner == 'kuadrant'
id: push-to-quay
uses: redhat-actions/push-to-registry@v2
with:
image: ${{ steps.build-image.outputs.image }}
tags: ${{ steps.build-image.outputs.tags }}
registry: ${{ env.IMG_REGISTRY_HOST }}/${{ env.IMG_REGISTRY_ORG }}
username: ${{ secrets.IMG_REGISTRY_USERNAME }}
password: ${{ secrets.IMG_REGISTRY_TOKEN }}

- name: Print Image URL
run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}"

build-catalog:
name: Build and Push catalog image
needs: [build, build-bundle]
runs-on: ubuntu-latest
outputs:
build-tags: ${{ steps.build-image.outputs.tags }}
image: ${{ steps.push-to-quay.outputs.registry-path }}
steps:
- name: Check out code
uses: actions/checkout@v4
- name: Install yq tool
run: |
# following sub-shells running make target should have yq already installed
make yq
- name: Read operator bundle image reference
id: parsed-operator-bundle
run: |
image=`make print-bundle-image`
echo image=$image >> $GITHUB_OUTPUT
- name: Print tags and references
run: echo "Operator bundle image tag = ${{ needs.build-bundle.outputs.image }}, Reference in catalog = ${{ steps.parsed-operator-bundle.outputs.image }}"
- name: Verify referenced bundle tag matches the bundle tag currently being built
if: ${{ needs.build-bundle.outputs.image != steps.parsed-operator-bundle.outputs.image }}
run: exit 1
- name: Generate Catalog Content
run: make catalog
- name: Install qemu dependency
run: |
sudo apt-get update
sudo apt-get install -y qemu-user-static
- name: Build Image
id: build-image
uses: redhat-actions/buildah-build@v2
with:
image: ${{ env.OPERATOR_NAME }}-catalog
tags: ${{ needs.build.outputs.build-tags }}
platforms: linux/amd64,linux/arm64
context: ./catalog
dockerfiles: ./catalog/${{ env.OPERATOR_NAME }}-catalog.Dockerfile

- name: Print Build Info
run: echo "Image = ${{ steps.build-image.outputs.image }}, Tags = ${{ steps.build-image.outputs.tags }}, Bundle IMG = ${{ steps.parsed-operator-bundle.outputs.image }}"

- name: Push Image
if: github.repository_owner == 'kuadrant'
id: push-to-quay
uses: redhat-actions/push-to-registry@v2
with:
image: ${{ steps.build-image.outputs.image }}
tags: ${{ steps.build-image.outputs.tags }}
registry: ${{ env.IMG_REGISTRY_HOST }}/${{ env.IMG_REGISTRY_ORG }}
username: ${{ secrets.IMG_REGISTRY_USERNAME }}
password: ${{ secrets.IMG_REGISTRY_TOKEN }}

- name: Print Image URL
run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}"

verify-builds:
name: Ensure all image references are equal (operator, bundle, catalog)
needs: [build, build-bundle, build-catalog]
runs-on: ubuntu-latest
steps:
- name: Verify bundle and operator image tags match
if: ${{ needs.build.outputs.build-tags != needs.build-bundle.outputs.build-tags }}
run: exit 1
- name: Verify catalog and bundle tags match
if: ${{ needs.build-bundle.outputs.build-tags != needs.build-catalog.outputs.build-tags }}
run: exit 1
27 changes: 16 additions & 11 deletions .github/workflows/release.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -8,11 +8,11 @@ on:
required: true
limitadorOperatorVersion:
description: Limitador Operator bundle version
default: latest
default: 0.0.0
type: string
limitadorVersion:
description: Limitador service version
default: latest
default: 0.0.0
type: string
prerelease:
description: Is the release a pre release?
Expand All @@ -22,7 +22,7 @@ on:
jobs:
build:
name: Release operator
runs-on: ubuntu-20.04
runs-on: ubuntu-latest
steps:
- name: Install gettext-base
run: |
Expand All @@ -34,24 +34,29 @@ jobs:
go-version: 1.21.x
id: go
- name: Checkout code at git ref
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
ref: ${{ inputs.gitRef }}
token: ${{ secrets.KUADRANT_DEV_PAT }}
- name: Create release branch
if: ${{ !startsWith(inputs.gitRef, 'release-v') }}
run: |
git checkout -b release-v${{ inputs.limitadorOperatorVersion }}
- name: Prepare release
run: |
make prepare-release \
VERSION=${{ inputs.limitadorOperatorVersion }} \
LIMITADOR_VERSION=${{ inputs.limitadorVersion }} \
make prepare-release
LIMITADOR_VERSION=${{ inputs.limitadorVersion }}
- name: Commit and push
run: |
git config --global user.name "github-actions[bot]"
git config --global user.email "github-actions[bot]@users.noreply.github.com"
git add -A && git commit -s -m "Prepared release v${{ inputs.limitadorOperatorVersion }}"
git push origin release-v${{ inputs.limitadorOperatorVersion }}
uses: stefanzweifel/git-auto-commit-action@v5
with:
commit_message: "Prepared release v${{ inputs.limitadorOperatorVersion }}"
commit_user_name: "github-actions[bot]"
commit_user_email: "github-actions[bot]@users.noreply.github.com"
branch: release-v${{ inputs.limitadorOperatorVersion }}
create_branch: true
tagging_message: v${{ inputs.limitadorOperatorVersion }}
commit_options: '--signoff'
- name: Create release
uses: softprops/action-gh-release@v1
with:
Expand Down
6 changes: 4 additions & 2 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -14,15 +14,17 @@ COPY main.go main.go
COPY api/ api/
COPY controllers/ controllers/
COPY pkg/ pkg/
COPY version/ version/

# Build
ARG GIT_SHA
ARG DIRTY
ARG VERSION

ENV GIT_SHA=${GIT_SHA:-unknown}
ENV DIRTY=${DIRTY:-unknown}
RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -a -ldflags "-X main.gitSHA=${GIT_SHA} -X main.dirty=${DIRTY}" -o manager main.go
ENV VERSION=${VERSION:-unknown}

RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -a -ldflags "-X main.version=${VERSION} -X main.gitSHA=${GIT_SHA} -X main.dirty=${DIRTY}" -o manager main.go

# Use distroless as minimal base image to package the manager binary
# Refer to https://github.com/GoogleContainerTools/distroless for more details
Expand Down
22 changes: 19 additions & 3 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -95,6 +95,7 @@ else
GOBIN=$(shell go env GOBIN)
endif

RELEASE_FILE = $(PROJECT_PATH)/make/release.mk

all: build

Expand Down Expand Up @@ -264,19 +265,19 @@ test-unit: clean-cov generate fmt vet ## Run Unit tests.
build: GIT_SHA=$(shell git rev-parse HEAD || echo "unknown")
build: DIRTY=$(shell $(PROJECT_PATH)/utils/check-git-dirty.sh || echo "unknown")
build: generate fmt vet ## Build manager binary.
go build -ldflags "-X main.gitSHA=${GIT_SHA} -X main.dirty=${DIRTY}" -o bin/manager main.go
go build -ldflags "-X main.version=v$(VERSION) -X main.gitSHA=${GIT_SHA} -X main.dirty=${DIRTY}" -o bin/manager main.go

run: export LOG_LEVEL = debug
run: export LOG_MODE = development
run: GIT_SHA=$(shell git rev-parse HEAD || echo "unknown")
run: DIRTY=$(shell $(PROJECT_PATH)/utils/check-git-dirty.sh || echo "unknown")
run: manifests generate fmt vet ## Run a controller from your host.)
go run -ldflags "-X main.gitSHA=${GIT_SHA} -X main.dirty=${DIRTY}" ./main.go
go run -ldflags "-X main.version=v$(VERSION) -X main.gitSHA=${GIT_SHA} -X main.dirty=${DIRTY}" ./main.go

docker-build: GIT_SHA=$(shell git rev-parse HEAD || echo "unknown")
docker-build: DIRTY=$(shell $(PROJECT_PATH)/utils/check-git-dirty.sh || echo "unknown")
docker-build: ## Build docker image with the manager.
docker build --build-arg GIT_SHA=$(GIT_SHA) --build-arg DIRTY=$(DIRTY) --build-arg QUAY_IMAGE_EXPIRY=$(QUAY_IMAGE_EXPIRY) -t $(IMG) .
docker build --build-arg VERSION=v$(VERSION) --build-arg GIT_SHA=$(GIT_SHA) --build-arg DIRTY=$(DIRTY) --build-arg QUAY_IMAGE_EXPIRY=$(QUAY_IMAGE_EXPIRY) -t $(IMG) .

docker-push: ## Push docker image with the manager.
docker push $(IMG)
Expand Down Expand Up @@ -369,13 +370,28 @@ bundle-build: ## Build the bundle image.
bundle-push: ## Push the bundle image.
$(MAKE) docker-push IMG=$(BUNDLE_IMG)

.PHONY: bundle-operator-image-url
bundle-operator-image-url: $(YQ) ## Read operator image reference URL from the manifest bundle.
@$(YQ) '.metadata.annotations.containerImage' bundle/manifests/limitador-operator.clusterserviceversion.yaml

print-bundle-image: ## Pring bundle images.
@echo $(BUNDLE_IMG)

.PHONY: prepare-release
prepare-release: IMG_TAG=v$(VERSION)
prepare-release: ## Prepare the manifests for OLM and Helm Chart for a release.
echo -e "#Release default values\\nLIMITADOR_VERSION=$(LIMITADOR_VERSION)\nIMG=$(IMAGE_TAG_BASE):$(IMG_TAG)\nBUNDLE_IMG=$(IMAGE_TAG_BASE)-bundle:$(IMG_TAG)\n\
CATALOG_IMG=$(IMAGE_TAG_BASE)-catalog:$(IMG_TAG)\nCHANNELS=$(CHANNELS)\nBUNDLE_CHANNELS=--channels=$(CHANNELS)\n\
VERSION=$(VERSION)" > $(RELEASE_FILE)
$(MAKE) bundle VERSION=$(VERSION) \
LIMITADOR_VERSION=$(LIMITADOR_VERSION) \
$(MAKE) helm-build VERSION=$(VERSION) \
LIMITADOR_VERSION=$(LIMITADOR_VERSION)

.PHONY: read-release-version
read-release-version: ## Reads release version
@echo "v$(VERSION)"

##@ Misc

.PHONY: local-env-setup
Expand Down
Loading
Loading