feat(chart): create operator configuration resource via helm chart #449
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches: | |
- 'main' | |
tags: | |
- '*.*.*' | |
paths-ignore: | |
- '*.md' | |
pull_request: | |
paths-ignore: | |
- '*.md' | |
workflow_dispatch: | |
jobs: | |
verify: | |
name: Build & Test | |
runs-on: ubuntu-latest | |
timeout-minutes: 15 | |
concurrency: | |
group: ci-concurrency-group-${{ github.ref }} | |
cancel-in-progress: true | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-go@v5 | |
with: | |
go-version: ~1.22 | |
cache: true | |
- name: go version | |
run: | | |
go version | |
- name: build | |
run: | | |
make | |
- name: verify that generated code is up-to-date | |
run: | | |
# make (which we ran in the previous step) will implicitly also run the targets manifests & generate, which | |
# could potentially modify code that is under version control, if changes have been comitted that would have | |
# required updating manifests or generated code and these updates have not been done. | |
git diff --exit-code | |
- name: lint | |
run: | | |
make lint | |
- name: install Helm unittest plugin | |
shell: bash | |
run: | | |
helm plugin install https://github.com/helm-unittest/helm-unittest.git | |
- name: test | |
run: | | |
make test | |
# Builds and potentially pushes all container images. For pushes to PRs/branches, we simply verify that the image | |
# build still works, the resulting image will not be pushed to any target registry. For pushes to the main branch, the | |
# images are tagged with "main-dev", but not with a version x.y.z. Finally, for pushes to a tag (or when a tag is | |
# created), the images are tagged with the version indicated by the tag respectively, and also with latest. That is: | |
# Creating a GitHub release (or creating a git tag via other means) will trigger building images tagged with x.y.z | |
# meant for production use. | |
build-and-push-images: | |
name: Build Images | |
runs-on: ubuntu-latest | |
needs: | |
- verify | |
concurrency: | |
group: ci-concurrency-group-${{ github.ref }} | |
cancel-in-progress: true | |
timeout-minutes: 60 | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: build operator controller image | |
uses: ./.github/actions/build-image | |
with: | |
githubToken: ${{ secrets.GITHUB_TOKEN }} | |
imageName: operator-controller | |
imageTitle: Dash0 Kubernetes Operator Controller | |
imageDescription: the controller for the Dash0 Kubernetes operator | |
imageUrl: https://github.com/dash0hq/dash0-operator/tree/main | |
context: . | |
- name: build instrumentation image | |
uses: ./.github/actions/build-image | |
with: | |
githubToken: ${{ secrets.GITHUB_TOKEN }} | |
imageName: instrumentation | |
imageTitle: Dash0 Instrumentation | |
imageDescription: contains Dash0 OpenTelemetry distributions for multiple runtimes | |
imageUrl: https://github.com/dash0hq/dash0-operator/tree/main/images/instrumentation | |
context: images/instrumentation | |
- name: build collector image | |
uses: ./.github/actions/build-image | |
with: | |
githubToken: ${{ secrets.GITHUB_TOKEN }} | |
imageName: collector | |
imageTitle: Dash0 Kubernetes Collector | |
imageDescription: the OpenTelemetry collector for the Dash0 Kubernetes operator | |
imageUrl: https://github.com/dash0hq/dash0-operator/tree/main/images/collector | |
context: images/collector | |
- name: build configuration reloader image | |
uses: ./.github/actions/build-image | |
with: | |
githubToken: ${{ secrets.GITHUB_TOKEN }} | |
imageName: configuration-reloader | |
imageTitle: Dash0 Kubernetes Configuration Reloader | |
imageDescription: the configuration reloader for the Dash0 Kubernetes operator | |
imageUrl: https://github.com/dash0hq/dash0-operator/tree/main/images/configreloader | |
context: images | |
file: images/configreloader/Dockerfile | |
- name: build filelog offset synch image | |
uses: ./.github/actions/build-image | |
with: | |
githubToken: ${{ secrets.GITHUB_TOKEN }} | |
imageName: filelog-offset-synch | |
imageTitle: Dash0 Kubernetes Filelog Offset Synch | |
imageDescription: the filelog offset synch for the Dash0 Kubernetes operator | |
imageUrl: https://github.com/dash0hq/dash0-operator/tree/main | |
context: images | |
file: images/filelogoffsetsynch/Dockerfile | |
publish-helm-chart-dry-run: | |
name: Publish Helm Chart (Dry Run) | |
runs-on: ubuntu-latest | |
if: ${{ ! contains(github.ref, 'refs/tags/') && github.actor != 'dependabot[bot]'}} | |
needs: | |
- build-and-push-images | |
concurrency: | |
group: ci-concurrency-group-${{ github.ref }} | |
cancel-in-progress: true | |
steps: | |
- uses: actions/checkout@v4 | |
- name: publish helm chart (dry run) | |
run: | | |
git config user.name "github-actions[bot]" | |
git config user.email "41898282+github-actions[bot]@users.noreply.github.com" | |
echo "verifying that helm chart can be published" | |
DRY_RUN=true helm-chart/bin/publish.sh 0.0.0 | |
# By default, when a GH action run is triggered by dependabot, it will only get read-only permissions. | |
# See https://docs.github.com/en/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions#changing-github_token-permissions | |
# For that reason, we skip the check whether the Helm chart can still be published for Dependabot update PRs. | |
# Those PRs do not change the Helm chart anyway. | |
# Note that the value of the "name" attribute needs to be identical to the publish-helm-chart-dry-run job, since the | |
# branch protection rules reference this property, and it is a required check. | |
skip-publish-helm-chart-dry-run-for-dependabot: | |
name: Publish Helm Chart (Dry Run) | |
runs-on: ubuntu-latest | |
if: ${{ ! contains(github.ref, 'refs/tags/') && github.actor == 'dependabot[bot]'}} | |
needs: | |
- build-and-push-images | |
concurrency: | |
group: ci-concurrency-group-${{ github.ref }} | |
cancel-in-progress: true | |
steps: | |
- name: skipping publish helm chart (dry run) | |
run: | | |
echo skipping publish helm chart dry run for dependabot commit | |
publish-helm-chart: | |
name: Publish Helm Chart | |
runs-on: ubuntu-latest | |
if: ${{ contains(github.ref, 'refs/tags/') && github.actor != 'dependabot[bot]'}} | |
needs: | |
- build-and-push-images | |
concurrency: | |
group: ci-concurrency-group-${{ github.ref }} | |
cancel-in-progress: true | |
steps: | |
- uses: actions/checkout@v4 | |
- name: publish helm chart | |
run: | | |
git config user.name "github-actions[bot]" | |
git config user.email "41898282+github-actions[bot]@users.noreply.github.com" | |
echo "publishing helm chart version ${{ github.ref_name }}" | |
helm-chart/bin/publish.sh ${{ github.ref_name }} |