Skip to content

Commit

Permalink
Migrate webhook CI to GHA
Browse files Browse the repository at this point in the history
- Misc. changes to CI caught during further testing:
1. There should be two shell variables, HELM_VERSION for pulling
   down the right version of helm, and HELM_CHART_VERSION, for identifying
   generated helm charts.

2. Similarly, `TAG` and `IMAGE_TAG` are two different things.

3. Stop using make/dapper: env vars get lost

4. Skip the RKE Machine config unit test on CI/arm64
   - Written up in issue 45837
  • Loading branch information
ericpromislow committed Jun 28, 2024
1 parent 97679b8 commit 9f702b4
Show file tree
Hide file tree
Showing 19 changed files with 573 additions and 301 deletions.
191 changes: 0 additions & 191 deletions .drone.yml

This file was deleted.

88 changes: 88 additions & 0 deletions .github/workflows/ci.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,88 @@
# Add a comment to force a change.

name: Webhook CI

on:
push:
branches:
- release/v*
paths-ignore:
- '.gitignore'
- 'CODEOWNERS'
- 'LICENSE'
pull_request:
paths-ignore:
- '.gitignore'
- 'CODEOWNERS'
- 'LICENSE'
workflow_dispatch:

permissions:
contents: read

jobs:
build:
name: CI
strategy:
matrix:
archBox:
- { arch: amd64, vmArch: x64 }
- { arch: arm64, vmArch: arm64 }
runs-on: runs-on,runner=1cpu-linux-${{ matrix.archBox.vmArch }},run-id=${{ github.run_id }}
steps:
- name : Checkout repository
# https://github.com/actions/checkout/releases/tag/v4.1.1
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1

- name: Setup Go
# https://github.com/actions/setup-go/releases/tag/v5.0.0
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version-file: 'go.mod'

# TODO: Pull this next one out once there's a helm-release for rancher 2.9
- name: Checkout rancher/rancher and build the chart
run: |
mkdir -p "${{ runner.temp}}"
pushd "${{ runner.temp}}"
git clone --depth 1 -b release/v2.9 https://github.com/rancher/rancher.git rancherDir
cd rancherDir
./scripts/chart/build chart
tar cfz "${{ runner.temp }}/rancher.tgz" -C build/chart/rancher .
popd
- name: install K3d
run: ./.github/workflows/scripts/install-k3d.sh
env:
K3D_VERSION: latest

- name: ci
run: make ci

- name: setup cluster
run: ./.github/workflows/scripts/setup-cluster.sh
env:
CLUSTER_NAME: webhook
K3S_VERSION: v1.28.9-k3s1
ARCH: "${{ matrix.archBox.arch }}"

- name: import image
run: k3d image import dist/rancher-webhook-image.tar -c webhook

- name: start rancher
run: ./.github/workflows/scripts/start-rancher.sh
env:
CHART_PATH: "${{ runner.temp }}/rancher.tgz"
RANCHER_IMAGE_TAG: "v2.9-head"
VERSION: "2.9"

- name: get vars
run: cat dist/image_tag >> $GITHUB_ENV

- name: Run integration tests
run: ./.github/workflows/scripts/integration-test-ci
env:
ARCH: "${{ matrix.archBox.arch }}"
CLUSTER_NAME: webhook
IMAGE_REPO: rancher/webhook
IMAGE_TAG: "${{ env.IMAGE_TAG }}"
55 changes: 55 additions & 0 deletions .github/workflows/publish.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,55 @@
name: Publish Webhook Images

on:
push:
tags:
- v*
workflow_dispatch:

env:
REGISTRY: docker.io
REPO: rancher

permissions:
contents: read

jobs:
push:
permissions:
contents: read
id-token: write
name: Build and push Webhook images
runs-on: ubuntu-latest
steps:
- name: "Read vault secrets"
uses: rancher-eio/read-vault-secrets@main
with:
secrets: |
secret/data/github/repo/${{ github.repository }}/dockerhub/rancher/credentials username | DOCKER_USERNAME ;
secret/data/github/repo/${{ github.repository }}/dockerhub/rancher/credentials password | DOCKER_PASSWORD
- name : Checkout repository
# https://github.com/actions/checkout/releases/tag/v4.1.1
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Set up Docker Buildx
# https://github.com/docker/setup-buildx-action/commit/d70bba72b1f3fd22344832f00baa16ece964efeb
uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb
- name: Log in to the Container registry
# https://github.com/docker/login-action/commit/0d4c9c5ea7693da7b068278f7b52bda2a190a446
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446
with:
registry: ${{ env.REGISTRY }}
username: ${{ env.DOCKER_USERNAME }}
password: ${{ env.DOCKER_PASSWORD }}
# setup tag name
- if: ${{ startsWith(github.ref, 'refs/tags/') }}
run: |
echo TAG_NAME=$(echo $GITHUB_REF | sed -e "s|refs/tags/||") >> $GITHUB_ENV
- name: Build and push the webhook image
# https://github.com/docker/build-push-action/commit/ca052bb54ab0790a636c9b5f226502c73d547a25
uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25
with:
context: .
file: ./package/Dockerfile
push: true
tags: ${{ env.REGISTRY }}/${{ env.REPO }}/rancher-webhook:${{ env.TAG_NAME }}
platforms: linux/amd64,linux/arm64
Loading

0 comments on commit 9f702b4

Please sign in to comment.