diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index c2c62544c..b08f9e6a7 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -1,4 +1,4 @@ -name: For each commit and PR +name: Tink on: push: branches: @@ -8,80 +8,72 @@ on: pull_request: env: CGO_ENABLED: 0 + GO_VERSION: 1.18 jobs: verify: + name: Verify runs-on: ubuntu-latest steps: - - name: Checkout code - uses: actions/checkout@v2 - - name: Install Go - uses: actions/setup-go@v2 + - uses: actions/checkout@v3 + - uses: actions/setup-go@v3 with: - go-version: "1.18.5" - - name: make verify - run: make verify + go-version: "${{ env.GO_VERSION }}" + - run: make verify test: + name: Test runs-on: ubuntu-latest steps: - - name: Checkout code - uses: actions/checkout@v2 - - name: Install Go - uses: actions/setup-go@v2 + - uses: actions/checkout@v3 + - uses: actions/setup-go@v3 with: - go-version: "1.18.5" + go-version: "${{ env.GO_VERSION }}" - name: Install nix uses: cachix/install-nix-action@v16 with: nix_path: nixpkgs=channel:nixos-unstable - - name: Fetch Nix Packages + - name: Install required nix packages run: nix-shell --run 'true' - - name: Generate - run: nix-shell --run 'make generate' - - name: go test - run: make test - - name: upload codecov + - run: make test + - name: Upload codecov run: bash <(curl -s https://codecov.io/bash) - ci-checks: + checks: + name: CI Checks runs-on: ubuntu-latest steps: - - name: Checkout code - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Install nix uses: cachix/install-nix-action@v16 with: nix_path: nixpkgs=channel:nixos-unstable - - name: Fetch Nix Packages - run: nix-shell --run 'true' + - run: nix-shell --run 'true' - run: PATH=$PWD/bin/:$PATH ./ci-checks.sh # We preemptively build the binaries for efficiency instead of waiting on unit tests to pass # hence this doesn't depend on anything. - crosscompile: + build: + name: Build runs-on: ubuntu-latest strategy: matrix: platform: [amd64, arm64] steps: - - name: Checkout code - uses: actions/checkout@v2 - - name: Install Go - uses: actions/setup-go@v2 + - uses: actions/checkout@v3 + - uses: actions/setup-go@v3 with: - go-version: "1.18.5" + go-version: "${{ env.GO_VERSION }}" - name: Build linux/${{ matrix.platform }} - run: | - make build -j$(nproc) GOOS=linux GOARCH=${{ matrix.platform }} - - name: Upload binaries - uses: actions/upload-artifact@v2 + run: make build -j$(nproc) GOOS=linux GOARCH=${{ matrix.platform }} + - uses: actions/upload-artifact@v3 with: name: binaries path: bin/* - docker-images: + package: + name: Package runs-on: ubuntu-latest needs: - verify - test - - ci-checks - - crosscompile + - checks + - build strategy: matrix: include: @@ -92,36 +84,30 @@ jobs: - repository: quay.io/tinkerbell/tink-controller binary: tink-controller steps: - - name: Docker Image Tag for Sha + - name: Create docker image tags id: docker-image-tag - run: | - echo ::set-output name=tags::${{ matrix.repository }}:latest,${{ matrix.repository }}:sha-${GITHUB_SHA::8} - - name: Checkout code - uses: actions/checkout@v2 + run: echo ::set-output name=tags::${{ matrix.repository }}:latest,${{ matrix.repository }}:sha-${GITHUB_SHA::8} + - uses: actions/checkout@v3 - name: Login to quay.io - uses: docker/login-action@v1 + uses: docker/login-action@v2 if: ${{ startsWith(github.ref, 'refs/heads/main') }} with: registry: quay.io username: ${{ secrets.QUAY_USERNAME }} password: ${{ secrets.QUAY_PASSWORD }} - - name: Set up QEMU - uses: docker/setup-qemu-action@v1 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 - - name: Download binaries + uses: docker/setup-buildx-action@v2 + - name: Download all binaries uses: actions/download-artifact@v2 with: name: binaries path: ./bin - - run: | - ls -l . - ls -l bin/ - file bin/ - - name: Fix Permissions + # Artifact upload doesn't preserve permissions so we need to fix them before use in + # the Dockerfiles. + - name: Fix permissions run: chmod +x bin/* - - name: ${{ matrix.repository }} - uses: docker/build-push-action@v2 + - name: Build ${{ matrix.repository }} and push + uses: docker/build-push-action@v3 with: context: . file: cmd/${{ matrix.binary }}/Dockerfile diff --git a/.github/workflows/tags.yaml b/.github/workflows/tags.yaml index b9ebfdcad..378fa7d67 100644 --- a/.github/workflows/tags.yaml +++ b/.github/workflows/tags.yaml @@ -2,7 +2,7 @@ on: push: tags: - "v*" -name: Create release +name: Release env: REGISTRY: quay.io IMAGE_NAME: ${{ github.repository }} @@ -10,9 +10,8 @@ jobs: release: runs-on: ubuntu-latest steps: - - name: Checkout code - uses: actions/checkout@v2 - - name: Generate Release Notes + - uses: actions/checkout@v3 + - name: Generate release notes run: | release_notes=$(gh api repos/{owner}/{repo}/releases/generate-notes -F tag_name=${{ github.ref }} --jq .body) echo 'RELEASE_NOTES<> $GITHUB_ENV @@ -22,39 +21,38 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} OWNER: ${{ github.repository_owner }} REPO: ${{ github.event.repository.name }} - - name: Docker manager metadata + - name: Generate Docker image metadata id: meta - uses: docker/metadata-action@v3 + uses: docker/metadata-action@v4 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} flavor: latest=false tags: type=ref,event=tag - - name: Set the from image tag + github-token: ${{ secrets.GITHUB_TOKEN }} + - name: Set the FROM_TAG variable run: echo "FROM_TAG=sha-${GITHUB_SHA::8}" >> $GITHUB_ENV - # This is for tink server. quay.io/tinkerbell/tink - - name: Copy the image using skopeo + - name: Create tink-server image run: skopeo copy --all --dest-creds="${DST_REG_USER}":"${DST_REG_PASS}" docker://"${SRC_IMAGE}" docker://"${DST_IMAGE}" env: SRC_IMAGE: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.FROM_TAG }} DST_IMAGE: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }} DST_REG_USER: ${{ secrets.QUAY_USERNAME }} DST_REG_PASS: ${{ secrets.QUAY_PASSWORD }} - - name: Copy the tink-controller image using skopeo + - name: Create tink-controller image run: skopeo copy --all --dest-creds="${DST_REG_USER}":"${DST_REG_PASS}" docker://"${SRC_IMAGE}" docker://"${DST_IMAGE}" env: SRC_IMAGE: ${{ env.REGISTRY }}/tinkerbell/tink-controller:${{ env.FROM_TAG }} DST_IMAGE: ${{ env.REGISTRY }}/tinkerbell/tink-controller:${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }} DST_REG_USER: ${{ secrets.QUAY_USERNAME }} DST_REG_PASS: ${{ secrets.QUAY_PASSWORD }} - - name: Copy the tink-worker image using skopeo + - name: Create tink-worker image run: skopeo copy --all --dest-creds="${DST_REG_USER}":"${DST_REG_PASS}" docker://"${SRC_IMAGE}" docker://"${DST_IMAGE}" env: SRC_IMAGE: ${{ env.REGISTRY }}/tinkerbell/tink-worker:${{ env.FROM_TAG }} DST_IMAGE: ${{ env.REGISTRY }}/tinkerbell/tink-worker:${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }} DST_REG_USER: ${{ secrets.QUAY_USERNAME }} DST_REG_PASS: ${{ secrets.QUAY_PASSWORD }} - - name: Create Release - id: create_release + - name: Create release uses: actions/create-release@v1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}