Skip to content

[release-v2.10] 1st batch release 2.10.2 #791

[release-v2.10] 1st batch release 2.10.2

[release-v2.10] 1st batch release 2.10.2 #791

# Generate-Regsync-Config action will run for every PR into release-v2.9 branch only after an approval is given
# It will run make target to generate regsync file and add a commit to the PR updating the regsync file.
# It will then install and run regsync client and do the prime image mirroring.
name: Generate-Regsync-Config
on:
pull_request:
types:
- labeled
jobs:
onLabelAndApproval:
if: github.event.label.name == 'regsync-ready' && startsWith(github.event.pull_request.base.ref, 'release-v')
runs-on: ubuntu-latest
outputs:
is_approved: ${{ steps.check-approval.outputs.approved }}
steps:
- name: Check if PR is approved
id: check-approval
run: |
IS_APPROVED=$(gh api repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/reviews --jq '[.[] | select(.state == "APPROVED")] | length')
if [[ "$IS_APPROVED" -gt 0 ]]; then
echo "::set-output name=approved::true"
else
echo "::set-output name=approved::false"
fi
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
build:
needs: onLabelAndApproval
if: needs.onLabelAndApproval.outputs.is_approved == 'true'
runs-on: ubuntu-latest
permissions:
contents: write
id-token: write
steps:
- name: Read App Secrets
uses: rancher-eio/read-vault-secrets@main
with:
secrets: |
secret/data/github/repo/${{ github.repository }}/github/app-credentials appId | APP_ID ;
secret/data/github/repo/${{ github.repository }}/github/app-credentials privateKey | PRIVATE_KEY
- name: Create App Token
uses: actions/create-github-app-token@v1
id: app-token
with:
app-id: ${{ env.APP_ID }}
private-key: ${{ env.PRIVATE_KEY }}
- name: Checkout
uses: actions/checkout@v4
with:
token: ${{ steps.app-token.outputs.token }}
- name: Set-up Ruby 3.2
uses: ruby/setup-ruby@v1
with:
ruby-version: '3.2' # Not needed with a .ruby-version file
- name: Generate RegSync
env:
GH_TOKEN: ${{ steps.app-token.outputs.token }}
run: |
gh pr checkout ${{ github.event.pull_request.number }}
git config --global user.email "${{ secrets.USER_GITHUB }}"
git config --global user.name "rancherbot"
make pull-scripts
make regsync
- name: Check for modifications in regsync.yaml
id: check_changes
run: |
git diff --quiet regsync.yaml || echo "::set-output name=changed::true"
- name: Commit files
if: steps.check_changes.outputs.changed == 'true'
run: |
git add regsync.yaml
git commit -m "Updating resync.yaml"
git push
- name: No changes in regsync.yaml
if: steps.check_changes.outputs.changed != 'true'
run: |
echo "regsync.yaml is the same"
- name: Install Regsync
run: |
curl --silent --fail --location --output regsync https://github.com/regclient/regclient/releases/download/v0.5.1/regsync-linux-amd64
chmod +x regsync
- name: Sync Images to Registry
run: |
export PATH=$PATH:$(pwd)
head regsync.yaml
ruby ./scripts/regsync-split.rb
tree ./split-regsync
time find split-regsync -type f -name split-regsync.yaml -print -exec time regsync once --config '{}' ';'
env:
REGISTRY_ENDPOINT: ${{ secrets.REGISTRY_ENDPOINT }}
REGISTRY_USERNAME: ${{ secrets.REGISTRY_USERNAME }}
REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}