Skip to content

Commit

Permalink
[DPE-3086] Improve CI/CD pipeline (#26)
Browse files Browse the repository at this point in the history
  • Loading branch information
@deusebio
deusebio committed Jan 22, 2024
1 parent de42876 commit b561713
Show file tree
Hide file tree
Showing 2 changed files with 75 additions and 23 deletions.
95 changes: 75 additions & 20 deletions .github/workflows/publish.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,55 +5,110 @@ on:
- 3-22.04

jobs:

release_checks:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3

- name: Extract branch metadata
shell: bash
run: |
BRANCH=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}
echo "branch=${BRANCH}" >> $GITHUB_OUTPUT
# echo "risk=${BRANCH##*\/}" >> $GITHUB_OUTPUT
echo "risk=edge" >> $GITHUB_OUTPUT
echo "track=${BRANCH%*\/*}" >> $GITHUB_OUTPUT
id: branch_metadata

- name: Extract ROCK metadata
shell: bash
run: |
VERSION=$(yq '(.version|split("-"))[0]' rockcraft.yaml)
BASE=$(yq '(.base|split("@"))[1]' rockcraft.yaml)
echo "version=${VERSION}" >> $GITHUB_OUTPUT
echo "base=${BASE}" >> $GITHUB_OUTPUT
id: rock_metadata

- name: Check consistency between metadata and release branch
run: |
MAJOR_VERSION=$(echo ${{ steps.rock_metadata.outputs.version }} | sed -n "s/\(^[0-9]*\).*/\1/p")
BASE=${{ steps.rock_metadata.outputs.base }}
if [ "${MAJOR_VERSION}-${BASE}" != "${{ steps.branch_metadata.outputs.track }}" ]; then exit 1; fi
continue-on-error: false

outputs:
branch: ${{ steps.branch_metadata.outputs.branch }}
track: ${{ steps.branch_metadata.outputs.track }}
risk: ${{ steps.branch_metadata.outputs.risk }}
base: ${{ steps.rock_metadata.outputs.base }}
version: ${{ steps.rock_metadata.outputs.version }}

build:
uses: ./.github/workflows/build.yaml

publish:
needs: build
needs: [build, release_checks]
runs-on: ubuntu-latest
timeout-minutes: 5
timeout-minutes: 15
permissions:
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Setup Docker
run: |
sudo snap install docker
sudo addgroup --system docker; sudo adduser $USER docker
newgrp docker
sudo snap disable docker; sudo snap enable docker

- name: Install skopeo
run: |
sudo snap install --devmode --channel edge skopeo
- name: Install yq
run: |
sudo snap install yq
- uses: actions/download-artifact@v3
with:
name: charmed-zookeeper

- name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ secrets.GHCR_USER }}
password: ${{ secrets.GHCR_TOKEN }}

- name: Import and push to GHCR
run: |
version=$(yq '(.version|split("-"))[0]' rockcraft.yaml)
base=$(yq '(.base|split("@"))[1]' rockcraft.yaml)
risk=edge
tag=${version}-${base}_${risk}
channel=$(echo ${{ github.ref_name }} | cut -d "-" -f 1)
REPOSITORY="ghcr.io/canonical/"
RISK=${{ needs.release_checks.outputs.risk }}
TRACK=${{ needs.release_checks.outputs.track }}
if [ ! -z "$RISK" ] && [ "${RISK}" != "no-risk" ]; then TAG=${TRACK}_${RISK}; else TAG=${TRACK}; fi

IMAGE_NAME="${REPOSITORY}charmed-zookeeper"

ROCK_FILE=${{ needs.build.outputs.rock }}

sudo skopeo --insecure-policy copy \
oci-archive:$ROCK_FILE \
docker-daemon:ghcr.io/canonical/charmed-zookeeper:${tag}
oci-archive:${ROCK_FILE} \
docker-daemon:${IMAGE_NAME}:${TAG}

docker tag \
ghcr.io/canonical/charmed-zookeeper:${tag} \
ghcr.io/canonical/charmed-zookeeper:${channel}_${risk}
COMMIT_ID=$(git log -1 --format=%H)

# Add relevant labels
echo "FROM ${IMAGE_NAME}:${TAG}" | docker build --label org.opencontainers.image.revision="${COMMIT_ID}" --label org.opencontainers.image.source="${{ github.repositoryUrl }}" -t "${IMAGE_NAME}:${TAG}" -

docker push ghcr.io/canonical/charmed-zookeeper:${tag}
docker push ghcr.io/canonical/charmed-zookeeper:${channel}_${risk}
echo "Publishing ${IMAGE_NAME}:${TAG}"
docker push ${IMAGE_NAME}:${TAG}

if [[ "$RISK" == "edge" ]]; then
VERSION_TAG="${{ needs.release_checks.outputs.version }}-${{ needs.release_checks.outputs.base }}_edge"

docker tag ${IMAGE_NAME}:${TAG} ${IMAGE_NAME}:${VERSION_TAG}

echo "Publishing ${IMAGE_NAME}:${VERSION_TAG}"
docker push ${IMAGE_NAME}:${VERSION_TAG}
fi



3 changes: 0 additions & 3 deletions .github/workflows/trivy.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,9 +17,6 @@ jobs:
- name: Install skopeo
run: |
sudo snap install --devmode --channel edge skopeo
- name: Install yq
run: |
sudo snap install yq
- uses: actions/download-artifact@v3
with:
name: charmed-zookeeper
Expand Down

0 comments on commit b561713

Please sign in to comment.