Skip to content

Commit

Permalink
Merge pull request #274 from Kuadrant/262-ci-improve-build-images-job…
Browse files Browse the repository at this point in the history
…-for-release-tags

ci: Improve build images job for release tags
  • Loading branch information
maleck13 authored Oct 24, 2024
2 parents 0ed8ff6 + b802cd4 commit 341c786
Show file tree
Hide file tree
Showing 4 changed files with 204 additions and 24 deletions.
186 changes: 186 additions & 0 deletions .github/workflows/build-images-for-tag-release.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,186 @@
name: Build and Publish Images For Tag Release

on:
push:
tags:
- "v[0-9]+.[0-9]+.[0-9]+"
env:
IMG_REGISTRY_HOST: quay.io
IMG_REGISTRY_ORG: kuadrant
IMG_REGISTRY_REPO: dns-operator
OPERATOR_NAME: dns-operator

jobs:
build:
name: Build and Push image
runs-on: ubuntu-latest
outputs:
build-tags: ${{ steps.build-image.outputs.tags }}
image: ${{ steps.push-to-quay.outputs.registry-path }}
steps:
- name: Check out code
uses: actions/checkout@v4

- name: Install qemu dependency
run: |
sudo apt-get update
sudo apt-get install -y qemu-user-static
- name: Build Image
id: build-image
uses: redhat-actions/buildah-build@v2
with:
image: ${{ env.OPERATOR_NAME }}
tags: ${{ github.ref_name }}
platforms: linux/amd64,linux/arm64
build-args: |
GIT_SHA=${{ github.sha }}
DIRTY=false
dockerfiles: |
./Dockerfile
- name: Print Build Info
run: echo "Image = ${{ steps.build-image.outputs.image }}, Tags = ${{ steps.build-image.outputs.tags }}"

- name: Push Image
if: github.repository_owner == 'kuadrant'
id: push-to-quay
uses: redhat-actions/push-to-registry@v2
with:
image: ${{ steps.build-image.outputs.image }}
tags: ${{ steps.build-image.outputs.tags }}
registry: ${{ env.IMG_REGISTRY_HOST }}/${{ env.IMG_REGISTRY_ORG }}
username: ${{ secrets.IMG_REGISTRY_USERNAME }}
password: ${{ secrets.IMG_REGISTRY_TOKEN }}

- name: Print Image URL
run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}"

build-bundle:
name: Build and Push bundle image
needs: [build]
runs-on: ubuntu-latest
outputs:
build-tags: ${{ steps.build-image.outputs.tags }}
image: ${{ steps.push-to-quay.outputs.registry-path }}
steps:
- name: Check out code
uses: actions/checkout@v4
- name: Install yq tool
run: |
# following sub-shells running make target should have yq already installed
make yq
- name: Read operator image reference URL from the manifest bundle
id: parsed-operator-image
run: |
url=`make bundle-operator-image-url`
echo url=$url >> $GITHUB_OUTPUT
- name: Print tags and references
run: echo "Operator image tag = ${{ needs.build.outputs.image }}, Reference in bundle = ${{ steps.parsed-operator-image.outputs.url }}"
- name: Verify referenced operator image tag matches the tag currently being built
if: ${{ needs.build.outputs.image != steps.parsed-operator-image.outputs.url }}
run: exit 1

- name: Install qemu dependency
run: |
sudo apt-get update
sudo apt-get install -y qemu-user-static
- name: Build Image
id: build-image
uses: redhat-actions/buildah-build@v2
with:
image: ${{ env.OPERATOR_NAME }}-bundle
tags: ${{ needs.build.outputs.build-tags }}
platforms: linux/amd64,linux/arm64
dockerfiles: |
./bundle.Dockerfile
- name: Print Build Info
run: echo "Image = ${{ steps.build-image.outputs.image }}, Tags = ${{ steps.build-image.outputs.tags }}, Operator IMG = ${{ steps.parsed-operator-image.outputs.url }}"

- name: Push Image
if: github.repository_owner == 'kuadrant'
id: push-to-quay
uses: redhat-actions/push-to-registry@v2
with:
image: ${{ steps.build-image.outputs.image }}
tags: ${{ steps.build-image.outputs.tags }}
registry: ${{ env.IMG_REGISTRY_HOST }}/${{ env.IMG_REGISTRY_ORG }}
username: ${{ secrets.IMG_REGISTRY_USERNAME }}
password: ${{ secrets.IMG_REGISTRY_TOKEN }}

- name: Print Image URL
run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}"

build-catalog:
name: Build and Push catalog image
needs: [build, build-bundle]
runs-on: ubuntu-latest
outputs:
build-tags: ${{ steps.build-image.outputs.tags }}
image: ${{ steps.push-to-quay.outputs.registry-path }}
steps:
- name: Check out code
uses: actions/checkout@v4
- name: Install yq tool
run: |
# following sub-shells running make target should have yq already installed
make yq
- name: Read operator bundle image reference
id: parsed-operator-bundle
run: |
image=`make print-bundle-image`
echo image=$image >> $GITHUB_OUTPUT
- name: Print tags and references
run: echo "Operator bundle image tag = ${{ needs.build-bundle.outputs.image }}, Reference in catalog = ${{ steps.parsed-operator-bundle.outputs.image }}"
- name: Verify referenced bundle tag matches the bundle tag currently being built
if: ${{ needs.build-bundle.outputs.image != steps.parsed-operator-bundle.outputs.image }}
run: exit 1
- name: Run make catalog-build
run: make catalog-build
- name: Install qemu dependency
run: |
sudo apt-get update
sudo apt-get install -y qemu-user-static
- name: Build Image
id: build-image
uses: redhat-actions/buildah-build@v2
with:
image: ${{ env.OPERATOR_NAME }}-catalog
tags: ${{ needs.build.outputs.build-tags }}
platforms: linux/amd64,linux/arm64
context: ./tmp/catalog
dockerfiles: |
./tmp/catalog/index.Dockerfile
- name: Print Build Info
run: echo "Image = ${{ steps.build-image.outputs.image }}, Tags = ${{ steps.build-image.outputs.tags }}, Bundle IMG = ${{ steps.parsed-operator-bundle.outputs.image }}"

- name: Push Image
if: github.repository_owner == 'kuadrant'
id: push-to-quay
uses: redhat-actions/push-to-registry@v2
with:
image: ${{ steps.build-image.outputs.image }}
tags: ${{ steps.build-image.outputs.tags }}
registry: ${{ env.IMG_REGISTRY_HOST }}/${{ env.IMG_REGISTRY_ORG }}
username: ${{ secrets.IMG_REGISTRY_USERNAME }}
password: ${{ secrets.IMG_REGISTRY_TOKEN }}

- name: Print Image URL
run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}"

verify-builds:
name: Ensure all image references are equal (operator, bundle, catalog)
needs: [build, build-bundle, build-catalog]
runs-on: ubuntu-latest
steps:
- name: Verify bundle and operator image tags match
if: ${{ needs.build.outputs.build-tags != needs.build-bundle.outputs.build-tags }}
run: exit 1
- name: Verify catalog and bundle tags match
if: ${{ needs.build-bundle.outputs.build-tags != needs.build-catalog.outputs.build-tags }}
run: exit 1
24 changes: 6 additions & 18 deletions .github/workflows/build-images.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,13 +5,10 @@ on:
branches:
- main
- "release-*"
tags:
- "v[0-9]+.[0-9]+.[0-9]+"
workflow_dispatch:

env:
IMG_TAGS: ${{ github.sha }} ${{ github.ref_name }}
IMG_REF: ${{ github.sha }}
IMG_REGISTRY_HOST: quay.io
IMG_REGISTRY_ORG: kuadrant
IMG_REGISTRY_REPO: dns-operator
Expand All @@ -21,10 +18,10 @@ env:
jobs:
build:
name: Build and Push image
runs-on: ubuntu-20.04
runs-on: ubuntu-latest
outputs:
build-image: ${{ env.IMG_REGISTRY_HOST }}/${{ env.IMG_REGISTRY_ORG }}/${{ steps.build-image.outputs.image }}:${{ env.IMG_REF }}
build-tags: ${{ steps.build-image.outputs.tags }}
build-tags: ${{ steps.build-image.outputs.tags }}
build-image: ${{ env.IMG_REGISTRY_HOST }}/${{ env.IMG_REGISTRY_ORG }}/${{ steps.build-image.outputs.image }}:${{ github.sha }}
steps:
- name: Check out code
uses: actions/checkout@v4
Expand All @@ -35,11 +32,6 @@ jobs:
run: |
echo "IMG_TAGS=latest ${{ env.IMG_TAGS }}" >> $GITHUB_ENV
- name: Update image ref on tags
if: startsWith(github.ref, 'refs/tags/')
run: |
echo "IMG_REF=${{ github.ref_name }}" >> $GITHUB_ENV
- name: Install qemu dependency
run: |
sudo apt-get update
Expand Down Expand Up @@ -79,10 +71,9 @@ jobs:
build-bundle:
name: Build and Push bundle image
needs: [build]
runs-on: ubuntu-20.04
runs-on: ubuntu-latest
outputs:
bundle-image: ${{ env.IMG_REGISTRY_HOST }}/${{ env.IMG_REGISTRY_ORG }}/${{ steps.build-image.outputs.image }}:${{ env.IMG_REF }}

bundle-image: ${{ env.IMG_REGISTRY_HOST }}/${{ env.IMG_REGISTRY_ORG }}/${{ steps.build-image.outputs.image }}:${{ github.sha }}
steps:
- name: Check out code
uses: actions/checkout@v4
Expand All @@ -102,9 +93,6 @@ jobs:
image: ${{ env.OPERATOR_NAME }}-bundle
tags: ${{ needs.build.outputs.build-tags }}
platforms: linux/amd64,linux/arm64
build-args: |
GIT_SHA=${{ github.sha }}
DIRTY=false
dockerfiles: |
./bundle.Dockerfile
Expand All @@ -128,7 +116,7 @@ jobs:
build-catalog:
name: Build and Push catalog image
needs: [build, build-bundle]
runs-on: ubuntu-20.04
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@v4
Expand Down
12 changes: 9 additions & 3 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -230,13 +230,13 @@ local-deploy-namespaced: docker-build kind-load-image ## Deploy the dns operator
##@ Build

.PHONY: build
build: GIT_SHA=$(shell git rev-parse HEAD || echo "unknown")
build: GIT_SHA=$(shell git rev-parse HEAD || echo "unknown")
build: DIRTY=$(shell hack/check-git-dirty.sh || echo "unknown")
build: manifests generate fmt vet ## Build manager binary.
go build -ldflags "-X main.gitSHA=${GIT_SHA} -X main.dirty=${DIRTY}" -o bin/manager cmd/main.go

.PHONY: run
run: GIT_SHA=$(shell git rev-parse HEAD || echo "unknown")
run: GIT_SHA=$(shell git rev-parse HEAD || echo "unknown")
run: DIRTY=$(shell hack/check-git-dirty.sh || echo "unknown")
run: manifests generate fmt vet ## Run a controller from your host.
go run -ldflags "-X main.gitSHA=${GIT_SHA} -X main.dirty=${DIRTY}" ./cmd/main.go --zap-devel --provider inmemory,aws,google,azure
Expand All @@ -253,7 +253,7 @@ run-with-probes: manifests generate fmt vet ## Run a controller from your host.
# (i.e. docker build --platform linux/arm64 ). However, you must enable docker buildKit for it.
# More info: https://docs.docker.com/develop/develop-images/build_enhancements/
.PHONY: docker-build
docker-build: GIT_SHA=$(shell git rev-parse HEAD || echo "unknown")
docker-build: GIT_SHA=$(shell git rev-parse HEAD || echo "unknown")
docker-build: DIRTY=$(shell hack/check-git-dirty.sh || echo "unknown")
docker-build: ## Build docker image with the manager.
$(CONTAINER_TOOL) build -t ${IMG} . --build-arg GIT_SHA=$(GIT_SHA) --build-arg DIRTY=$(DIRTY)
Expand Down Expand Up @@ -442,6 +442,9 @@ bundle: manifests manifests-gen-base-csv kustomize operator-sdk ## Generate bund
$(OPERATOR_SDK) bundle validate ./bundle
$(MAKE) bundle-ignore-createdAt

bundle-operator-image-url: $(YQ) ## Read operator image reference URL from the manifest bundle.
@$(YQ) '.metadata.annotations.containerImage' bundle/manifests/dns-operator.clusterserviceversion.yaml

# Since operator-sdk 1.26.0, `make bundle` changes the `createdAt` field from the bundle
# even if it is patched:
# https://github.com/operator-framework/operator-sdk/pull/6136
Expand Down Expand Up @@ -507,6 +510,9 @@ catalog-build: opm ## Build a catalog image.
cd tmp/catalog && $(OPM) index add --container-tool docker --mode semver --bundles $(BUNDLE_IMGS) $(FROM_INDEX_OPT) --generate
cd tmp/catalog && docker build -t $(CATALOG_IMG) -f index.Dockerfile .

print-bundle-image: ## Pring bundle images.
@echo $(BUNDLE_IMG)

# Push the catalog image.
.PHONY: catalog-push
catalog-push: ## Push a catalog image.
Expand Down
6 changes: 3 additions & 3 deletions docs/RELEASE.md
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ git tag v0.2.0
git push upstream release-0.2
git push upstream v0.2.0
```
8. Verify that the build [image workflow](https://github.com/Kuadrant/dns-operator/actions/workflows/build-images.yaml) is triggered and completes for the new tag
8. Verify that the build [release tag workflow](https://github.com/Kuadrant/dns-operator/actions/workflows/build-images-for-tag-release.yaml) is triggered and completes for the new tag

9. Verify the new version can be installed from the catalog image, see [Verify OLM Deployment](#verify-olm-deployment)

Expand All @@ -56,7 +56,7 @@ git tag v0.2.1
git push upstream release-0.2
git push upstream v0.2.1
```
4. Verify that the build [image workflow](https://github.com/Kuadrant/dns-operator/actions/workflows/build-images.yaml) is triggered and completes for the new tag
4. Verify that the build [release tag workflow](https://github.com/Kuadrant/dns-operator/actions/workflows/build-images-for-tag-release.yaml) is triggered and completes for the new tag

5. Verify the new version can be installed from the catalog image, see [Verify OLM Deployment](#verify-olm-deployment)

Expand Down Expand Up @@ -93,4 +93,4 @@ olm.owner.namespace=dns-operator-system,olm.owner=dns-operator.v0.2.0-dev,operat
### Community Operator Index Catalogs

- [Operatorhub Community Operators](https://github.com/k8s-operatorhub/community-operators/tree/main/operators/dns-operator)
- [Openshift Community Operators](https://github.com/redhat-openshift-ecosystem/community-operators-prod/tree/main/operators/dns-operator)
- [Openshift Community Operators](https://github.com/redhat-openshift-ecosystem/community-operators-prod/tree/main/operators/dns-operator)

0 comments on commit 341c786

Please sign in to comment.