Skip to content

Commit

Permalink
split build and test workflows
Browse files Browse the repository at this point in the history
  • Loading branch information
@mwangggg
mwangggg committed Aug 31, 2023
1 parent 2387314 commit a309121
Show file tree
Hide file tree
Showing 2 changed files with 154 additions and 120 deletions.
148 changes: 148 additions & 0 deletions .github/workflows/build-ci.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,148 @@
name: build-CI

concurrency:
group: ci-${{ github.run_id }}
cancel-in-progress: true

on:
push:
branches:
- main
- v[0-9]+
- v[0-9]+.[0-9]+
- cryostat-v[0-9]+.[0-9]+

env:
CI_USER: cryostat+bot
CI_REGISTRY: quay.io/cryostat
CI_OPERATOR_IMG: quay.io/cryostat/cryostat-operator
CI_BUNDLE_IMG: quay.io/cryostat/cryostat-operator-bundle
CI_SCORECARD_IMG: quay.io/cryostat/cryostat-operator-scorecard
CI_PLATFORMS: linux/amd64,linux/arm64
REPOSITORY: ${{ github.event.pull_request.head.repo.full_name }}
REF: ${{ github.event.pull_request.head.ref }}
OPENSUSE_UNOFFICIAL_LIBCONTAINERS_KEY_URL: "https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_22.04/Release.key"
OPENSUSE_UNOFFICIAL_LIBCONTAINERS_SOURCE_URL: "https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_22.04"

jobs:
check-before-build:
runs-on: ubuntu-latest
if: ${{ github.repository_owner == 'cryostatio' }}
steps:
- name: Fail if safe-to-test label NOT applied
if: ${{ github.event_name == 'pull_request_target' && !contains(github.event.pull_request.labels.*.name, 'safe-to-test') }}
run: exit 1

build-operator:
runs-on: ubuntu-latest
needs: [check-before-build]
steps:
- uses: actions/checkout@v2
- name: Install podman v4
run: |
echo "deb $OPENSUSE_UNOFFICIAL_LIBCONTAINERS_SOURCE_URL/ /" | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:unstable.list
curl -fsSL $OPENSUSE_UNOFFICIAL_LIBCONTAINERS_KEY_URL | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_unstable.gpg > /dev/null
sudo apt update
sudo apt install podman
- name: Build operator image
run: |
IMAGE_NAMESPACE=${{ env.CI_REGISTRY }} SKIP_TESTS=true PLATFORMS=${{ env.CI_PLATFORMS }} MANIFEST_PUSH=false make oci-buildx
- name: Tag image
id: tag-image
run: |
IMG_TAG="$(make --eval='print-img-ver: ; @echo $(IMAGE_VERSION)' print-img-ver)"
if [ "$GITHUB_REF" == "refs/heads/main" ]; then
podman tag \
${{ env.CI_OPERATOR_IMG }}:$IMG_TAG \
${{ env.CI_OPERATOR_IMG }}:latest
echo "tags=$IMG_TAG latest" >> $GITHUB_OUTPUT
else
echo "tags=$IMG_TAG" >> $GITHUB_OUTPUT
fi
- name: Push to quay.io
id: push-to-quay
uses: redhat-actions/push-to-registry@v2
with:
image: cryostat-operator
tags: ${{ steps.tag-image.outputs.tags }}
registry: ${{ env.CI_REGISTRY }}
username: ${{ env.CI_USER }}
password: ${{ secrets.REGISTRY_PASSWORD }}
- name: Print image URL
run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}"

build-bundle:
runs-on: ubuntu-latest
needs: [check-before-build]
steps:
- uses: actions/checkout@v2
- name: Build bundle image
run: IMAGE_NAMESPACE=${{ env.CI_REGISTRY }} make bundle-build
- name: Tag image
id: tag-image
run: |
IMG_TAG="$(make --eval='print-img-ver: ; @echo $(IMAGE_VERSION)' print-img-ver)"
if [ "$GITHUB_REF" == "refs/heads/main" ]; then
podman tag \
${{ env.CI_BUNDLE_IMG }}:$IMG_TAG \
${{ env.CI_BUNDLE_IMG }}:latest
echo "tags=$IMG_TAG latest" >> $GITHUB_OUTPUT
else
echo "tags=$IMG_TAG" >> $GITHUB_OUTPUT
fi
- name: Push to quay.io
id: push-to-quay
uses: redhat-actions/push-to-registry@v2
with:
image: cryostat-operator-bundle
tags: ${{ steps.tag-image.outputs.tags }}
registry: ${{ env.CI_REGISTRY }}
username: ${{ env.CI_USER }}
password: ${{ secrets.REGISTRY_PASSWORD }}
- name: Print image URL
run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}"

build-scorecard:
runs-on: ubuntu-latest
needs: [check-before-build]
steps:
- uses: actions/checkout@v2
- name: Get scorecard image tag
id: get-image-tag
run: |
SCORECARD_TAG=$(yq '[.stages[0].tests[].image | capture("cryostat-operator-scorecard:(?P<tag>[\w.\-_]+)$")][0].tag' bundle/tests/scorecard/config.yaml)
echo "tag=$SCORECARD_TAG" >> $GITHUB_OUTPUT
- name: Check if scorecard image tag already exists
id: check-tag-exists
run: |
EXIST=false
if [ -n "$(podman search --list-tags ${CI_SCORECARD_IMG} --format json | jq --arg TAG ${{ steps.get-image-tag.outputs.tag }} '.[0].Tags[] | select( . == $TAG)')" ]; then
EXIST=true
fi
echo "exist=$EXIST" >> $GITHUB_OUTPUT
- name: Install podman v4
run: |
echo "deb $OPENSUSE_UNOFFICIAL_LIBCONTAINERS_SOURCE_URL/ /" | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:unstable.list
curl -fsSL $OPENSUSE_UNOFFICIAL_LIBCONTAINERS_KEY_URL | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_unstable.gpg > /dev/null
sudo apt update
sudo apt install podman
- name: Build scorecard image
run: |
CUSTOM_SCORECARD_IMG=${CI_SCORECARD_IMG}:${{ steps.get-image-tag.outputs.tag }} \
PLATFORMS=${{ env.CI_PLATFORMS }} \
MANIFEST_PUSH=false \
make scorecard-build
if: ${{ steps.check-tag-exists.outputs.exist == 'false' }}
- name: Push to quay.io
id: push-to-quay
uses: redhat-actions/push-to-registry@v2
with:
image: cryostat-operator-scorecard
tags: ${{ steps.get-image-tag.outputs.tag }}
registry: ${{ env.CI_REGISTRY }}
username: ${{ env.CI_USER }}
password: ${{ secrets.REGISTRY_PASSWORD }}
if: ${{ steps.check-tag-exists.outputs.exist == 'false' }}
- name: Print image URL
run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}"
if: ${{ steps.check-tag-exists.outputs.exist == 'false' }}
126 changes: 6 additions & 120 deletions .github/workflows/ci.yaml → .github/workflows/test-ci.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
name: CI
name: test-CI

concurrency:
group: ci-${{ github.run_id }}
Expand All @@ -20,9 +20,11 @@ env:
OPENSUSE_UNOFFICIAL_LIBCONTAINERS_SOURCE_URL: "https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_22.04"

jobs:
check-before-build:
check-before-test:
runs-on: ubuntu-latest
if: ${{ github.repository_owner == 'cryostatio' && github.event.issue.pull_request && startsWith(github.event.comment.body, '/build_test' }}
permissions:
pull-requests: write
if: github.repository_owner == 'cryostatio' && github.event.issue.pull_request && startsWith(github.event.comment.body, '/build_test')
steps:
- name: Fail if needs-triage label applied
if: ${{ contains(github.event.issue.labels.*.name, 'needs-triage') }}
Expand Down Expand Up @@ -55,10 +57,8 @@ jobs:
checkout-branch:
runs-on: ubuntu-latest
needs: [check-before-build]
needs: [check-before-test]
permissions:
contents: read
issues: read
pull-requests: read
outputs:
PR_head_ref: ${{ fromJSON(steps.comment-branch.outputs.result).ref }}
Expand Down Expand Up @@ -201,117 +201,3 @@ jobs:
make test-scorecard
- name: Clean up Kind cluster
run: kind delete cluster -n ci-${{ github.run_id }}

build-operator:
runs-on: ubuntu-latest
needs: [checkout-branch]
steps:
- uses: actions/checkout@v2
- name: Install podman v4
run: |
echo "deb $OPENSUSE_UNOFFICIAL_LIBCONTAINERS_SOURCE_URL/ /" | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:unstable.list
curl -fsSL $OPENSUSE_UNOFFICIAL_LIBCONTAINERS_KEY_URL | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_unstable.gpg > /dev/null
sudo apt update
sudo apt install podman
- name: Build operator image
run: |
IMAGE_NAMESPACE=${{ env.CI_REGISTRY }} SKIP_TESTS=true PLATFORMS=${{ env.CI_PLATFORMS }} MANIFEST_PUSH=false make oci-buildx
- name: Tag image
id: tag-image
run: |
IMG_TAG="$(make --eval='print-img-ver: ; @echo $(IMAGE_VERSION)' print-img-ver)"
if [ "$GITHUB_REF" == "refs/heads/main" ]; then
podman tag \
${{ env.CI_OPERATOR_IMG }}:$IMG_TAG \
${{ env.CI_OPERATOR_IMG }}:latest
echo "tags=$IMG_TAG latest" >> $GITHUB_OUTPUT
else
echo "tags=$IMG_TAG" >> $GITHUB_OUTPUT
fi
- name: Push to quay.io
id: push-to-quay
uses: redhat-actions/push-to-registry@v2
with:
image: cryostat-operator
tags: ${{ steps.tag-image.outputs.tags }}
registry: ${{ env.CI_REGISTRY }}
username: ${{ env.CI_USER }}
password: ${{ secrets.REGISTRY_PASSWORD }}
- name: Print image URL
run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}"

build-bundle:
runs-on: ubuntu-latest
needs: [checkout-branch]
steps:
- uses: actions/checkout@v2
- name: Build bundle image
run: IMAGE_NAMESPACE=${{ env.CI_REGISTRY }} make bundle-build
- name: Tag image
id: tag-image
run: |
IMG_TAG="$(make --eval='print-img-ver: ; @echo $(IMAGE_VERSION)' print-img-ver)"
if [ "$GITHUB_REF" == "refs/heads/main" ]; then
podman tag \
${{ env.CI_BUNDLE_IMG }}:$IMG_TAG \
${{ env.CI_BUNDLE_IMG }}:latest
echo "tags=$IMG_TAG latest" >> $GITHUB_OUTPUT
else
echo "tags=$IMG_TAG" >> $GITHUB_OUTPUT
fi
- name: Push to quay.io
id: push-to-quay
uses: redhat-actions/push-to-registry@v2
with:
image: cryostat-operator-bundle
tags: ${{ steps.tag-image.outputs.tags }}
registry: ${{ env.CI_REGISTRY }}
username: ${{ env.CI_USER }}
password: ${{ secrets.REGISTRY_PASSWORD }}
- name: Print image URL
run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}"

build-scorecard:
runs-on: ubuntu-latest
needs: [checkout-branch]
steps:
- uses: actions/checkout@v2
- name: Get scorecard image tag
id: get-image-tag
run: |
SCORECARD_TAG=$(yq '[.stages[0].tests[].image | capture("cryostat-operator-scorecard:(?P<tag>[\w.\-_]+)$")][0].tag' bundle/tests/scorecard/config.yaml)
echo "tag=$SCORECARD_TAG" >> $GITHUB_OUTPUT
- name: Check if scorecard image tag already exists
id: check-tag-exists
run: |
EXIST=false
if [ -n "$(podman search --list-tags ${CI_SCORECARD_IMG} --format json | jq --arg TAG ${{ steps.get-image-tag.outputs.tag }} '.[0].Tags[] | select( . == $TAG)')" ]; then
EXIST=true
fi
echo "exist=$EXIST" >> $GITHUB_OUTPUT
- name: Install podman v4
run: |
echo "deb $OPENSUSE_UNOFFICIAL_LIBCONTAINERS_SOURCE_URL/ /" | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:unstable.list
curl -fsSL $OPENSUSE_UNOFFICIAL_LIBCONTAINERS_KEY_URL | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_unstable.gpg > /dev/null
sudo apt update
sudo apt install podman
- name: Build scorecard image
run: |
CUSTOM_SCORECARD_IMG=${CI_SCORECARD_IMG}:${{ steps.get-image-tag.outputs.tag }} \
PLATFORMS=${{ env.CI_PLATFORMS }} \
MANIFEST_PUSH=false \
make scorecard-build
if: ${{ steps.check-tag-exists.outputs.exist == 'false' }}
- name: Push to quay.io
id: push-to-quay
uses: redhat-actions/push-to-registry@v2
with:
image: cryostat-operator-scorecard
tags: ${{ steps.get-image-tag.outputs.tag }}
registry: ${{ env.CI_REGISTRY }}
username: ${{ env.CI_USER }}
password: ${{ secrets.REGISTRY_PASSWORD }}
if: ${{ steps.check-tag-exists.outputs.exist == 'false' }}
- name: Print image URL
run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}"
if: ${{ steps.check-tag-exists.outputs.exist == 'false' }}

0 comments on commit a309121

Please sign in to comment.