Skip to content

ci: fix build-image action, list new input file #377

ci: fix build-image action, list new input file

ci: fix build-image action, list new input file #377

Workflow file for this run

name: CI
on:
push:
branches:
- 'main'
tags:
- '*.*.*'
paths-ignore:
- '*.md'
pull_request:
paths-ignore:
- '*.md'
workflow_dispatch:
jobs:
verify:
name: Build & Test
runs-on: ubuntu-latest
concurrency:
group: ci-concurrency-group-${{ github.ref }}
cancel-in-progress: true
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: ~1.22
cache: true
- name: go version
run: |
go version
- name: build
run: |
make
- name: verify that generated code is up-to-date
run: |
# make (which we ran in the previous step) will implicitly also run the targets manifests & generate, which
# could potentially modify code that is under version control, if changes have been comitted that would have
# required updating manifests or generated code and these updates have not been done.
git diff --exit-code
- name: lint
run: |
make lint
- name: install Helm unittest plugin
shell: bash
run: |
helm plugin install https://github.com/helm-unittest/helm-unittest.git
- name: test
run: |
make test
# Builds and potentially pushes all container images. For pushes to PRs/branches, we simply verify that the image
# build still works, the resulting image will not be pushed to any target registry. For pushes to the main branch, the
# images are tagged with "main-dev", but not with a version x.y.z. Finally, for pushes to a tag (or when a tag is
# created), the images are tagged with the version indicated by the tag respectively, and also with latest. That is:
# Creating a GitHub release (or creating a git tag via other means) will trigger building images tagged with x.y.z
# meant for production use.
build-and-push-images:
name: Build Images
runs-on: ubuntu-latest
needs:
- verify
concurrency:
group: ci-concurrency-group-${{ github.ref }}
cancel-in-progress: true
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: build operator controller image
uses: ./.github/actions/build-image
with:
githubToken: ${{ secrets.GITHUB_TOKEN }}
imageName: operator-controller
imageTitle: Dash0 Kubernetes Operator Controller
imageDescription: the controller for the Dash0 Kubernetes operator
imageUrl: https://github.com/dash0hq/dash0-operator/tree/main
context: .
- name: build instrumentation image
uses: ./.github/actions/build-image
with:
githubToken: ${{ secrets.GITHUB_TOKEN }}
imageName: instrumentation
imageTitle: Dash0 Instrumentation
imageDescription: contains Dash0 OpenTelemetry distributions for multiple runtimes
imageUrl: https://github.com/dash0hq/dash0-operator/tree/main/images/instrumentation
context: images/instrumentation
- name: build collector image
uses: ./.github/actions/build-image
with:
githubToken: ${{ secrets.GITHUB_TOKEN }}
imageName: collector
imageTitle: Dash0 Kubernetes Collector
imageDescription: the OpenTelemetry collector for the Dash0 Kubernetes operator
imageUrl: https://github.com/dash0hq/dash0-operator/tree/main/images/collector
context: images/collector
- name: build configuration reloader image
uses: ./.github/actions/build-image
with:
githubToken: ${{ secrets.GITHUB_TOKEN }}
imageName: configuration-reloader
imageTitle: Dash0 Kubernetes Configuration Reloader
imageDescription: the configuration reloader for the Dash0 Kubernetes operator
imageUrl: https://github.com/dash0hq/dash0-operator/tree/main/images/configreloader
context: images
file: images/configreloader/Dockerfile
- name: build filelog offset synch image
uses: ./.github/actions/build-image
with:
githubToken: ${{ secrets.GITHUB_TOKEN }}
imageName: filelog-offset-synch
imageTitle: Dash0 Kubernetes Filelog Offset Synch
imageDescription: the filelog offset synch for the Dash0 Kubernetes operator
imageUrl: https://github.com/dash0hq/dash0-operator/tree/main
context: images
file: images/filelogoffsetsynch/Dockerfile
publish-helm-chart-dry-run:
name: Publish Helm Chart (Dry Run)
runs-on: ubuntu-latest
if: ${{ ! contains(github.ref, 'refs/tags/') && github.actor != 'dependabot[bot]'}}
needs:
- build-and-push-images
concurrency:
group: ci-concurrency-group-${{ github.ref }}
cancel-in-progress: true
steps:
- uses: actions/checkout@v4
- name: publish helm chart (dry run)
run: |
git config user.name "github-actions[bot]"
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
echo "verifying that helm chart can be published"
DRY_RUN=true helm-chart/bin/publish.sh 0.0.0
# By default, when a GH action run is triggered by dependabot, it will only get read-only permissions.
# See https://docs.github.com/en/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions#changing-github_token-permissions
# For that reason, we skip the check whether the Helm chart can still be published for Dependabot update PRs.
# Those PRs do not change the Helm chart anyway.
# Note that the value of the "name" attribute needs to be identical to the publish-helm-chart-dry-run job, since the
# branch protection rules reference this property, and it is a required check.
skip-publish-helm-chart-dry-run-for-dependabot:
name: Publish Helm Chart (Dry Run)
runs-on: ubuntu-latest
if: ${{ ! contains(github.ref, 'refs/tags/') && github.actor == 'dependabot[bot]'}}
needs:
- build-and-push-images
concurrency:
group: ci-concurrency-group-${{ github.ref }}
cancel-in-progress: true
steps:
- name: skipping publish helm chart (dry run)
run: |
echo skipping publish helm chart dry run for dependabot commit
publish-helm-chart:
name: Publish Helm Chart
runs-on: ubuntu-latest
if: ${{ contains(github.ref, 'refs/tags/') && github.actor != 'dependabot[bot]'}}
needs:
- build-and-push-images
concurrency:
group: ci-concurrency-group-${{ github.ref }}
cancel-in-progress: true
steps:
- uses: actions/checkout@v4
- name: publish helm chart
run: |
git config user.name "github-actions[bot]"
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
echo "publishing helm chart version ${{ github.ref_name }}"
helm-chart/bin/publish.sh ${{ github.ref_name }}