Skip to content

Publish the certsuite image (latest release only) #692

Publish the certsuite image (latest release only)

Publish the certsuite image (latest release only) #692

Workflow file for this run

---
name: 'Publish the `cnf-certification-test` image (latest release only)'
"on":
# Run the workflow when a new release gets published
release:
target_commitish: main
types: [published]
# Run the workflow every day at 5 am UTC (1 am EST, 7am CET)
# This is useful for keeping the image up-to-date with security
# patches provided in the UBI.
# Disclaimer: There is no guarantee that scheduled workflows will
# run at the predefined time, if at all. The delay is usually
# around 10-30 minutes.
schedule:
- cron: '0 5 * * *'
workflow_dispatch:
defaults:
run:
shell: bash
env:
REGISTRY: quay.io
REGISTRY_LOCAL: localhost
RELEASE_LEVEL: 4.12
TNF_IMAGE_NAME: testnetworkfunction/cnf-certification-test
IMAGE_TAG: latest
TNF_CONTAINER_CLIENT: docker
TNF_NON_INTRUSIVE_ONLY: false
TNF_ALLOW_PREFLIGHT_INSECURE: false
TNF_DISABLE_CONFIG_AUTODISCOVER: false
TNF_CONFIG_DIR: /tmp/tnf/config
TNF_OUTPUT_DIR: /tmp/tnf/output
TNF_SRC_URL: 'https://github.com/${{ github.repository }}'
PARTNER_REPO: test-network-function/cnf-certification-test-partner
PARTNER_SRC_URL: 'https://github.com/${PARTNER_REPO}'
TESTING_CMD_PARAMS: '-n host -i ${REGISTRY_LOCAL}/${TNF_IMAGE_NAME}:${IMAGE_TAG} -t ${TNF_CONFIG_DIR} -o ${TNF_OUTPUT_DIR}'
ON_DEMAND_DEBUG_PODS: false
jobs:
test-and-push-tnf-image-main:
name: 'Test and push the `cnf-certification-test` image'
runs-on: ubuntu-22.04
env:
SHELL: /bin/bash
KUBECONFIG: '/home/runner/.kube/config'
PFLT_DOCKERCONFIG: '/home/runner/.docker/config'
CURRENT_VERSION_GENERIC_BRANCH: main
TNF_VERSION: ""
PARTNER_VERSION: ""
steps:
- name: Write temporary docker file
run: |
mkdir -p /home/runner/.docker
touch ${PFLT_DOCKERCONFIG}
echo '{ "auths": {} }' >> ${PFLT_DOCKERCONFIG}
- name: Checkout generic working branch of the current version
uses: actions/checkout@v4
with:
ref: ${{ env.CURRENT_VERSION_GENERIC_BRANCH }}
fetch-depth: '0'
- name: Get the latest TNF version from GIT
run: |
GIT_RELEASE=$(git tag --points-at HEAD | head -n 1)
GIT_PREVIOUS_RELEASE=$(git tag --no-contains HEAD --sort=v:refname | tail -n 1)
GIT_LATEST_RELEASE=$GIT_RELEASE
if [ -z "$GIT_RELEASE" ]; then
GIT_LATEST_RELEASE=$GIT_PREVIOUS_RELEASE
fi
echo "version_number=$GIT_LATEST_RELEASE" >> $GITHUB_OUTPUT
id: set_tnf_version
- name: Print the latest TNF version from GIT
run: |
echo Version tag: ${{ steps.set_tnf_version.outputs.version_number }}
- name: Get contents of the version.json file
run: echo "json=$(cat version.json | tr -d '[:space:]')" >> $GITHUB_OUTPUT
id: get_version_json_file
- name: Get the partner version number from file
run: |
echo Partner version tag: $VERSION_FROM_FILE_PARTNER
echo "partner_version_number=$VERSION_FROM_FILE_PARTNER" >> $GITHUB_OUTPUT
id: set_partner_version
env:
VERSION_FROM_FILE_PARTNER: ${{ fromJSON(steps.get_version_json_file.outputs.json).partner_tag }}
- name: Update env variables
run: |
echo "TNF_VERSION=${{ steps.set_tnf_version.outputs.version_number }}" >> $GITHUB_ENV
echo "PARTNER_VERSION=${{ steps.set_partner_version.outputs.partner_version_number }}" >> $GITHUB_ENV
- name: Ensure $TNF_VERSION and $IMAGE_TAG are set
run: '[[ -n "$TNF_VERSION" ]] && [[ -n "$IMAGE_TAG" ]] && [[ -n "$PARTNER_VERSION" ]]'
- name: Check whether the version tag exists on remote
run: git ls-remote --exit-code $TNF_SRC_URL refs/tags/$TNF_VERSION
- name: (if tag is missing) Display debug message
if: ${{ failure() }}
run: echo "Tag '$TNF_VERSION' does not exist on remote $TNF_SRC_URL"
- name: Check whether the version tag exists on remote
run: git ls-remote --exit-code ${{ env.PARTNER_SRC_URL }} refs/tags/$PARTNER_VERSION
- name: (if partner_tag is missing) Display debug message
if: ${{ failure() }}
run: echo "Tag '$PARTNER_VERSION' does not exist on remote $PARTNER_SRC_URL"
- name: Checkout the version tag
uses: actions/checkout@v4
with:
ref: ${{ env.TNF_VERSION }}
- name: Build the `cnf-certification-test` image
run: |
make build-image-tnf
env:
TNF_VERSION: ${{ env.TNF_VERSION }}
# Push the new TNF image to Quay.io.
- name: Authenticate against Quay.io
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
# Use a Robot Account to authenticate against Quay.io
# https://docs.quay.io/glossary/robot-accounts.html
username: ${{ secrets.QUAY_ROBOT_USERNAME }}
password: ${{ secrets.QUAY_ROBOT_TOKEN }}
- name: Push the newly built image to Quay.io
run: docker push --all-tags ${REGISTRY}/${TNF_IMAGE_NAME}
- name: If failed to create the image, send alert msg to dev team.
if: ${{ failure() }}
env:
COMMIT_SHA: ${{ github.sha }}
JOB_RUN_ID: ${{ github.run_id }}
JOB_RUN_ATTEMPT: ${{ github.run_attempt }}
GITHUB_REPO: 'https://github.com/${{ github.repository }}'
run: |
curl -X POST --data "{
\"text\": \"🚨⚠️ Failed to create container image version \`$TNF_VERSION\` from commit \<$GITHUB_REPO/commit/$COMMIT_SHA|$COMMIT_SHA\>, job ID \<$GITHUB_REPO/actions/runs/$JOB_RUN_ID/attempts/$JOB_RUN_ATTEMPT|$JOB_RUN_ID\> \"
}" -H 'Content-type: application/json; charset=UTF-8' ${{ secrets.GCHAT_WEBHOOK_URL }}