Merge pull request #873 from rabbitmq/dependabot/go_modules/github.co… #251
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build, Test, Publish Image & Manifest | |
on: | |
push: | |
branches: [ "main"] | |
paths-ignore: | |
- 'docs/**' | |
- '*.md' | |
- 'LICENSE.txt' | |
- 'PROJECT' | |
- 'hack/**' | |
tags: [ "v*" ] | |
env: | |
GO_VERSION: '1.22.x' # Require Go 1.22 minor | |
jobs: | |
golangci: | |
name: lint | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-go@v5 | |
with: | |
go-version: 'stable' | |
- name: golangci-lint | |
uses: golangci/golangci-lint-action@v6 | |
with: | |
version: latest | |
args: --timeout=5m | |
unit_integration_tests: | |
name: unit and integration tests | |
runs-on: ubuntu-latest | |
steps: | |
- name: Install Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
check-latest: true | |
- name: Check out code into the Go module directory | |
uses: actions/checkout@v4 | |
- name: Unit tests | |
run: make install-tools kubebuilder-assets just-unit-tests | |
- name: Integration tests | |
run: make integration-tests | |
- name: Notify Google Chat | |
if: failure() | |
uses: SimonScholz/google-chat-action@main | |
with: | |
webhookUrl: '${{ secrets.GOOGLE_CHAT_WEBHOOK_URL }}' | |
jobStatus: ${{ job.status }} | |
title: Messaging Topology Operator - Unit and Integration tests | |
build_operator: | |
runs-on: ubuntu-latest | |
needs: unit_integration_tests | |
permissions: | |
contents: 'write' | |
id-token: 'write' | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Install Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
check-latest: true | |
- name: OCI Metadata | |
id: meta | |
uses: docker/metadata-action@v5 | |
with: | |
images: rabbitmqoperator/messaging-topology-operator | |
# generate Docker tags based on the following events/attributes | |
tags: | | |
type=sha | |
type=ref,event=pr | |
type=semver,pattern={{version}} | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Login to Docker Hub | |
if: github.event_name != 'pull_request' | |
uses: docker/login-action@v3 | |
with: | |
# github action secrets are saved in the repo | |
# see github documentation on how to manage and access action secrets | |
# https://docs.github.com/en/actions/security-guides/encrypted-secrets | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: Build and push | |
uses: docker/build-push-action@v6 | |
with: | |
context: . | |
push: true | |
platforms: linux/amd64, linux/arm64 | |
provenance: false | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
- name: OCI Metadata for single-arch amd64 image | |
id: single-arch-meta-amd64 | |
uses: docker/metadata-action@v5 | |
with: | |
images: | | |
rabbitmqoperator/messaging-topology-operator | |
flavor: | | |
latest=false | |
tags: | | |
type=semver,pattern={{version}},suffix=-amd64,latest=false | |
type=sha,suffix=-amd64,latest=false | |
- name: Build and push single-arch amd64 image | |
uses: docker/build-push-action@v6 | |
with: | |
context: . | |
platforms: linux/amd64 | |
provenance: false | |
push: ${{ github.event_name != 'pull_request' }} | |
tags: ${{ steps.single-arch-meta-amd64.outputs.tags }} | |
labels: ${{ steps.single-arch-meta-amd64.outputs.labels }} | |
- name: OCI Metadata for single-arch arm64 image | |
id: single-arch-meta-arm64 | |
uses: docker/metadata-action@v5 | |
with: | |
images: | | |
rabbitmqoperator/messaging-topology-operator | |
flavor: | | |
latest=false | |
tags: | | |
type=semver,pattern={{version}},suffix=-arm64,latest=false | |
type=sha,suffix=-arm64,latest=false | |
- name: Build and push single-arch arm64 image | |
uses: docker/build-push-action@v6 | |
with: | |
context: . | |
platforms: linux/arm64 | |
provenance: false | |
push: ${{ github.event_name != 'pull_request' }} | |
tags: ${{ steps.single-arch-meta-arm64.outputs.tags }} | |
labels: ${{ steps.single-arch-meta-arm64.outputs.labels }} | |
- name: Build manifest | |
env: | |
RELEASE_VERSION: ${{ steps.meta.outputs.version }} | |
run: | | |
make install-tools | |
pushd config/installation | |
kustomize edit set image \ | |
rabbitmqoperator/messaging-topology-operator-dev=rabbitmqoperator/messaging-topology-operator:"${RELEASE_VERSION}" | |
popd | |
pushd config/installation/cert-manager | |
kustomize edit set image \ | |
rabbitmqoperator/messaging-topology-operator-dev=rabbitmqoperator/messaging-topology-operator:"${RELEASE_VERSION}" | |
popd | |
make generate-manifests | |
echo -n "messaging-topology-operator-with-certmanager-${{ steps.meta.outputs.version }}.yaml" > "latest-topology-operator-dev-manifest.txt" | |
- name: Upload operator manifests | |
uses: actions/upload-artifact@v4 | |
with: | |
name: operator-manifests | |
path: releases/messaging-topology-operator*.yaml | |
retention-days: 2 | |
if-no-files-found: error | |
- name: Rename manifest for GCS | |
run: mv releases/messaging-topology-operator-with-certmanager.yaml messaging-topology-operator-with-certmanager-${{ steps.meta.outputs.version }}.yaml | |
- id: 'auth' | |
uses: 'google-github-actions/auth@v2' | |
with: | |
# using workload identity provider to authenticate with GCP | |
# workload identity provider configurations can be viewed in GCP console and gcloud cli | |
# doc: https://cloud.google.com/blog/products/identity-security/enabling-keyless-authentication-from-github-actions | |
workload_identity_provider: ${{ secrets.GCP_IDENTITY_PROVIDER }} | |
service_account: ${{ secrets.GCP_SA }} | |
- name: Upload manifests to GCS | |
uses: 'google-github-actions/upload-cloud-storage@v2' | |
with: | |
path: messaging-topology-operator-with-certmanager-${{ steps.meta.outputs.version }}.yaml | |
destination: operator-manifests-dev | |
process_gcloudignore: false | |
- name: Update carvel-packaging-dev pipeline trigger | |
uses: 'google-github-actions/upload-cloud-storage@v2' | |
with: | |
path: latest-topology-operator-dev-manifest.txt | |
destination: operator-manifests-dev | |
process_gcloudignore: false | |
- name: Notify Google Chat | |
if: failure() | |
uses: SimonScholz/google-chat-action@main | |
with: | |
webhookUrl: '${{ secrets.GOOGLE_CHAT_WEBHOOK_URL }}' | |
jobStatus: ${{ job.status }} | |
title: Messaging Topology Operator - Build and Push operator | |
system_tests_gke: | |
name: System tests using gke | |
runs-on: ubuntu-latest | |
permissions: | |
contents: 'write' | |
id-token: 'write' | |
needs: build_operator | |
steps: | |
- name: Check out code into the Go module directory | |
uses: actions/checkout@v4 | |
- uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
check-latest: true | |
- id: 'auth' | |
uses: 'google-github-actions/auth@v2' | |
with: | |
workload_identity_provider: ${{ secrets.GCP_IDENTITY_PROVIDER }} | |
service_account: ${{ secrets.GCP_SA }} | |
- id: 'get-credentials' | |
uses: 'google-github-actions/get-gke-credentials@v2' | |
with: | |
cluster_name: messaging-topology-operator-ci | |
location: europe-west2-a | |
- name: Get operator manifest | |
uses: actions/download-artifact@v4 | |
with: | |
name: operator-manifests | |
- name: Install cert-manager and cluster operator | |
run: | | |
make install-tools | |
make cert-manager | |
make cluster-operator | |
- name: Install operator from build | |
run: | | |
make destroy | |
kubectl apply -f messaging-topology-operator-with-certmanager.yaml | |
kubectl --namespace=rabbitmq-system wait --for=condition=Available deployment/messaging-topology-operator | |
- name: System tests | |
run: | | |
make system-tests | |
- name: Notify Google Chat | |
if: failure() | |
uses: SimonScholz/google-chat-action@main | |
with: | |
webhookUrl: '${{ secrets.GOOGLE_CHAT_WEBHOOK_URL }}' | |
jobStatus: ${{ job.status }} | |
title: Messaging Topology Operator - System tests | |
release: | |
name: Release to GitHub Releases | |
runs-on: ubuntu-latest | |
# triggered by git tags, not pushes | |
if: startsWith(github.ref, 'refs/tags/v') | |
needs: system_tests_gke | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Get operator manifest | |
uses: actions/download-artifact@v4 | |
with: | |
name: operator-manifests | |
- name: Release | |
uses: softprops/action-gh-release@a74c6b72af54cfa997e81df42d94703d6313a2d0 | |
if: startsWith(github.ref, 'refs/tags/') | |
with: | |
files: | | |
messaging-topology-operator.yaml | |
messaging-topology-operator-with-certmanager.yaml | |
generate_release_notes: true | |
draft: true | |
fail_on_unmatched_files: true | |
- name: Notify Google Chat | |
if: failure() | |
uses: SimonScholz/google-chat-action@main | |
with: | |
webhookUrl: '${{ secrets.GOOGLE_CHAT_WEBHOOK_URL }}' | |
jobStatus: ${{ job.status }} | |
title: Messaging Topology Operator - Release to GitHub releases |