From 3e83a0d29f53dec3d04a4ef710105f89c353474c Mon Sep 17 00:00:00 2001 From: Heba Elayoty Date: Fri, 15 Sep 2023 14:27:59 -0700 Subject: [PATCH] Add Publish to MCR workflow Signed-off-by: Heba Elayoty --- .github/workflows/build-publish-image.yml | 1 - .github/workflows/publish-image-mcr.yml | 73 +++++++++++++++++++++++ 2 files changed, 73 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build-publish-image.yml b/.github/workflows/build-publish-image.yml index 6c74bdc6d..b0b7ffc06 100644 --- a/.github/workflows/build-publish-image.yml +++ b/.github/workflows/build-publish-image.yml @@ -1,6 +1,5 @@ name: Create, Scan and Publish KDM image on: - workflow_dispatch: pull_request: branches: - main diff --git a/.github/workflows/publish-image-mcr.yml b/.github/workflows/publish-image-mcr.yml index e69de29bb..572186976 100644 --- a/.github/workflows/publish-image-mcr.yml +++ b/.github/workflows/publish-image-mcr.yml @@ -0,0 +1,73 @@ +name: Push image to MCR +on: + workflow_dispatch: + workflow_run: + workflows: [ "Create release" ] + types: [ completed ] + branches: [ main, release-** ] + + +permissions: + id-token: write + contents: read + +jobs: + publish: + if: ${{ github.event.workflow_run.conclusion == 'success' }} + runs-on: ubuntu-latest + defaults: + run: + shell: pwsh + steps: + - name: Download tag artifact + uses: actions/github-script@v6 + with: + github-token: ${{ secrets.KDM_ACCESS_TOKEN_READ }} + script: | + let allArtifacts = await github.rest.actions.listWorkflowRunArtifacts({ + owner: context.repo.owner, + repo: context.repo.repo, + run_id: context.payload.workflow_run.id, + }); + let matchArtifact = allArtifacts.data.artifacts.filter((artifact) => { + return artifact.name == "artifacts" + })[0]; + let download = await github.rest.actions.downloadArtifact({ + owner: context.repo.owner, + repo: context.repo.repo, + artifact_id: matchArtifact.id, + archive_format: 'zip', + }); + let fs = require('fs'); + fs.writeFileSync(`/tmp/artifacts.zip`, Buffer.from(download.data)); + - run: | + mkdir -p /tmp/artifacts + unzip /tmp/artifacts.zip -d /tmp/artifacts + shell: bash + - run: | + echo "Downloaded artifacts:" + ls -ablh /tmp/artifacts + shell: bash + - name: Parse artifacts and assign GA environment variables + run: | + tag=$(tail -n 1 /tmp/artifacts/tag.txt) + echo "IMG_TAG=$tag" >> $GITHUB_ENV + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + submodules: true + ref: ${{ env.IMG_TAG }} + - name: 'Az CLI login' + uses: azure/login@v1.4.7 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + - name: 'Publish to ACR' + id: publish + run: | + az acr login -n ${{ vars.AZURE_MCR_REGISTRY }} + OUTPUT_TYPE=type=registry make docker-build-kdm + env: + VERSION: ${{ env.IMG_TAG }} + REGISTRY: ${{ secrets.AZURE_MCR_REGISTRY }}