Skip to content

Commit

Permalink
Use the Makefile to build and push in GH actions
Browse files Browse the repository at this point in the history 
With this change we make sure all the build and push goes through the
make. A failure in CI would likely indicate that developers fail to
build images, and vice versa, given CI and local users use the same
buidlah version - currently github runner ubuntu 22 uses buildah 1.23.1
which is bit dated.

The remaining bits that don't use the makefile is the generation of the
PR to the CD repo. The current github actions have specific code to push
stuff for workflows in helm format, and the makefile invokes a script
that does it for kustomize format. We should unit the two behaviours to
the scripts can handle both, or just make all workflows use a single
format, and then use that from the action.

Signed-off-by: Roy Golan <[email protected]>
  • Loading branch information
@rgolangh
rgolangh committed Jul 14, 2024
1 parent 5997bd3 commit 094a9ea
Show file tree
Hide file tree
Showing 2 changed files with 33 additions and 66 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/jira-listener.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,4 +17,4 @@ jobs:
with:
workflow_id: escalation
application_id: jira-listener
secrets: inherit
secrets: inherit
97 changes: 32 additions & 65 deletions .github/workflows/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,11 @@ on:
workflow_id:
required: true
type: string
# application is those auxilary application we deploy with a workflow to complete some part of it with specialized code, like for exaple the jira-listener for the escaplation flow.
application_id:
required: false
type: string
default: 'UNDEFINED'
it_mode:
type: boolean
default: false
Expand All @@ -28,21 +33,17 @@ jobs:
username: ${{ secrets.REGISTRY_REDHAT_IO_USER }}
password: ${{ secrets.REGISTRY_REDHAT_IO_PASSWORD }}

- name: Buildah Action
- name: Build Image
id: build-image
uses: redhat-actions/buildah-build@v2
if: ${{ ! inputs.it_mode }}
with:
image: serverless-workflow-${{ inputs.workflow_id }}
tags: latest ${{ github.sha }}
extra-args: --ulimit nofile=4096:4096
containerfiles: |
pipeline/workflow-builder.Dockerfile
build-args: |
WF_RESOURCES=${{ inputs.workflow_id }}
FLOW_NAME=${{ inputs.workflow_id }}
FLOW_SUMMARY=${{ inputs.workflow_id }}
FLOW_DESCRIPTION=${{ inputs.workflow_id }}
run: |
make WORKFLOW_ID=${{ inputs.workflow_id }} \
APPLICATION_ID=${{ inputs.application_id }} \
GIT_TOKEN=${{ env.GH_TOKEN }} \
REGISTRY_REPO=${{ env.REGISTRY_REPO }} \
REGISTRY_USERNAME=${{ secrets.NEW_QUAY_USERNAME }} \
REGISTRY_PASSWORD=${{ secrets.NEW_QUAY_PASSWORD }} \
build-image
- name: Buildah Action for testing
id: build-dev-image
Expand Down Expand Up @@ -75,70 +76,36 @@ jobs:
- name: Push To quay.io
id: push-to-quay
if: ${{ ! inputs.it_mode }}
uses: redhat-actions/push-to-registry@v2
with:
image: ${{ steps.build-image.outputs.image }}
tags: ${{ steps.build-image.outputs.tags }}
registry: quay.io/orchestrator
username: ${{ secrets.NEW_QUAY_USERNAME }}
password: ${{ secrets.NEW_QUAY_PASSWORD }}

- name: Print image url
run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}"
run: |
make WORKFLOW_ID=${{ inputs.workflow_id }} \
APPLICATION_ID=${{ inputs.application_id }} \
GIT_TOKEN=${{ env.GH_TOKEN }} \
REGISTRY_REPO=${{ env.REGISTRY_REPO }} \
REGISTRY_USERNAME=${{ secrets.NEW_QUAY_USERNAME }} \
REGISTRY_PASSWORD=${{ secrets.NEW_QUAY_PASSWORD }} \
push-image
generate-manifests:
needs: build
runs-on: ubuntu-latest
permissions:
contents: read
pull-requests: write
steps:
- uses: actions/checkout@v4

- name: Add auto DB migration in props
run: echo -e "\nquarkus.flyway.migrate-at-start=true" >> ${{ inputs.workflow_id }}/application.properties

- name: Setup kn-workflow
run: |
KN_CLI_URL="https://mirror.openshift.com/pub/openshift-v4/clients/serverless/1.11.2/kn-linux-amd64.tar.gz"
curl -L "$KN_CLI_URL" | tar -xz && chmod +x kn-linux-amd64 && mv kn-linux-amd64 kn
- name: Use kn-workflow to generate manifests
run: cd ${{ inputs.workflow_id }} && ../kn workflow gen-manifest --namespace ""

- name: Set prod profile
run: yq --inplace eval '.metadata.annotations["sonataflow.org/profile"] = "prod"' ${{ inputs.workflow_id }}/manifests/01-sonataflow*.yaml

- name: Set container image ref in SonataFlow resource
run: yq --inplace '.spec.podTemplate.container.image="quay.io/orchestrator/serverless-workflow-${{ inputs.workflow_id }}:${{ github.sha }}"' ${{ inputs.workflow_id }}/manifests/01-sonataflow*.yaml

- name: Set persistence spec in SonataFlow resource
- name: Generate Manifests
id: generate-manifests
run: |
yq --inplace '.spec |= (
. + {
"persistence": {
"postgresql": {
"secretRef": {
"name": "sonataflow-psql-postgresql",
"userKey": "postgres-username",
"passwordKey": "postgres-password"
},
"serviceRef": {
"name": "sonataflow-psql-postgresql",
"port": 5432,
"databaseName": "sonataflow",
"databaseSchema": "${{ inputs.workflow_id }}"
}
}
}
}
)' ${{ inputs.workflow_id }}/manifests/01-sonataflow*.yaml
WORKDIR=${{ runner.temp }}/serverless-workflows
make WORKFLOW_ID=${{ inputs.workflow_id }} \
WORKDIR=${WORKDIR} \
APPLICATION_ID=${{ inputs.application_id }} \
PR_OR_COMMIT_URL=${PR_OR_COMMIT_URL} \
gen-manifests
echo manifests_dir=${{ runner.temp }}/serverless-workflows/${{ inputs.workflow_id }}/manifests >> "$GITHUB_OUTPUT"
- name: Archive manifests
uses: actions/upload-artifact@v4
with:
name: serverless-workflow-${{ inputs.workflow_id }}-manifests
path: ${{ inputs.workflow_id }}/manifests
path: ${{ steps.generate-manifests.outputs.manifests_dir }}

- uses: actions/github-script@v7
id: get_pr_data
Expand Down

0 comments on commit 094a9ea

Please sign in to comment.