-
Notifications
You must be signed in to change notification settings - Fork 67
222 lines (215 loc) · 7.52 KB
/
build-test-publish.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
name: Build, Test, Publish Image & Manifest
on:
push:
branches: [ "main"]
paths-ignore:
- 'docs/**'
- '*.md'
- 'LICENSE.txt'
- 'PROJECT'
- 'hack/**'
tags: [ "v*" ]
env:
GO_VERSION: '1.20.x' # Require Go 1.20 minor
jobs:
unit_integration_tests:
name: unit and integration tests
runs-on: ubuntu-latest
container: us.gcr.io/cf-rabbitmq-for-k8s-bunny/rabbitmq-for-kubernetes-ci
steps:
- name: Install Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
check-latest: true
- name: Check out code into the Go module directory
uses: actions/checkout@v4
- name: Unit tests
run: make unit-tests
- name: Integration tests
run: make integration-tests
build_operator:
runs-on: ubuntu-latest
needs: unit_integration_tests
permissions:
contents: 'write'
id-token: 'write'
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Install Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
check-latest: true
- name: OCI Metadata
id: meta
uses: docker/metadata-action@v5
with:
images: rabbitmqoperator/messaging-topology-operator
# generate Docker tags based on the following events/attributes
tags: |
type=sha
type=ref,event=pr
type=semver,pattern={{version}}
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Docker Hub
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
# github action secrets are saved in the repo
# see github documentation on how to manage and access action secrets
# https://docs.github.com/en/actions/security-guides/encrypted-secrets
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build and push
uses: docker/build-push-action@v3
with:
context: .
push: true
platforms: linux/amd64, linux/arm64
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
- name: OCI Metadata for single-arch amd64 image
id: single-arch-meta-amd64
uses: docker/metadata-action@v5
with:
images: |
rabbitmqoperator/messaging-topology-operator
flavor: |
latest=false
tags: |
type=semver,pattern={{version}},suffix=-amd64,latest=false
type=sha,suffix=-amd64,latest=false
- name: Build and push single-arch amd64 image
uses: docker/build-push-action@v3
with:
context: .
platforms: linux/amd64
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.single-arch-meta-amd64.outputs.tags }}
labels: ${{ steps.single-arch-meta-amd64.outputs.labels }}
- name: OCI Metadata for single-arch arm64 image
id: single-arch-meta-arm64
uses: docker/metadata-action@v5
with:
images: |
rabbitmqoperator/messaging-topology-operator
flavor: |
latest=false
tags: |
type=semver,pattern={{version}},suffix=-arm64,latest=false
type=sha,suffix=-arm64,latest=false
- name: Build and push single-arch arm64 image
uses: docker/build-push-action@v3
with:
context: .
platforms: linux/arm64
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.single-arch-meta-arm64.outputs.tags }}
labels: ${{ steps.single-arch-meta-arm64.outputs.labels }}
- name: Build manifest
env:
RELEASE_VERSION: ${{ steps.meta.outputs.version }}
run: |
make install-tools
pushd config/installation
kustomize edit set image \
rabbitmqoperator/messaging-topology-operator-dev=rabbitmqoperator/messaging-topology-operator:"${RELEASE_VERSION}"
popd
pushd config/installation/cert-manager
kustomize edit set image \
rabbitmqoperator/messaging-topology-operator-dev=rabbitmqoperator/messaging-topology-operator:"${RELEASE_VERSION}"
popd
make generate-manifests
- name: Upload operator manifests
uses: actions/upload-artifact@v4
with:
name: operator-manifests
path: releases/messaging-topology-operator*.yaml
retention-days: 2
if-no-files-found: error
- name: Rename manifest for GCS
run: mv releases/messaging-topology-operator-with-certmanager.yaml messaging-topology-operator-with-certmanager-${{ steps.meta.outputs.version }}.yaml
- id: 'auth'
uses: 'google-github-actions/auth@v2'
with:
# using workload identity provider to authenticate with GCP
# workload identity provider configurations can be viewed in GCP console and gcloud cli
# doc: https://cloud.google.com/blog/products/identity-security/enabling-keyless-authentication-from-github-actions
workload_identity_provider: ${{ secrets.GCP_IDENTITY_PROVIDER }}
service_account: ${{ secrets.GCP_SA }}
- name: Upload manifests to GCS
uses: 'google-github-actions/upload-cloud-storage@v2'
with:
path: messaging-topology-operator-with-certmanager-${{ steps.meta.outputs.version }}.yaml
destination: operator-manifests-dev
process_gcloudignore: false
system_tests_gke:
name: System tests using gke
runs-on: ubuntu-latest
container: us.gcr.io/cf-rabbitmq-for-k8s-bunny/rabbitmq-for-kubernetes-ci
permissions:
contents: 'write'
id-token: 'write'
needs: build_operator
steps:
- name: Check out code into the Go module directory
uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
check-latest: true
- id: 'auth'
uses: 'google-github-actions/auth@v2'
with:
workload_identity_provider: ${{ secrets.GCP_IDENTITY_PROVIDER }}
service_account: ${{ secrets.GCP_SA }}
- id: 'get-credentials'
uses: 'google-github-actions/get-gke-credentials@v2'
with:
cluster_name: messaging-topology-operator-ci
location: europe-west2-a
- name: Get operator manifest
uses: actions/download-artifact@v4
with:
name: operator-manifests
- name: Install cert-manager and cluster operator
run: |
make install-tools
make cert-manager
make cluster-operator
- name: Install operator from build
run: |
make destroy
kubectl apply -f messaging-topology-operator-with-certmanager.yaml
kubectl --namespace=rabbitmq-system wait --for=condition=Available deployment/messaging-topology-operator
- name: System tests
run: |
make system-tests
release:
name: Release to GitHub Releases
runs-on: ubuntu-latest
# triggered by git tags, not pushes
if: startsWith(github.ref, 'refs/tags/v')
needs: system_tests_gke
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Get operator manifest
uses: actions/download-artifact@v4
with:
name: operator-manifests
- name: Release
uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844
if: startsWith(github.ref, 'refs/tags/')
with:
files: |
messaging-topology-operator.yaml
messaging-topology-operator-with-certmanager.yaml
generate_release_notes: true
draft: true
fail_on_unmatched_files: true