From db5e8b830303337be3ab327fb2b6442e5072e806 Mon Sep 17 00:00:00 2001 From: Hayden Roszell Date: Mon, 23 Oct 2023 23:21:20 -0700 Subject: [PATCH] chore: Refactor actions workflow --- .github/workflows/helm_release.yml | 93 ++++++++++++++++++++++++++ .github/workflows/release.yml | 103 +++++++---------------------- .github/workflows/test.yml | 35 ++++++++-- 3 files changed, 147 insertions(+), 84 deletions(-) create mode 100644 .github/workflows/helm_release.yml diff --git a/.github/workflows/helm_release.yml b/.github/workflows/helm_release.yml new file mode 100644 index 0000000..ef3444f --- /dev/null +++ b/.github/workflows/helm_release.yml @@ -0,0 +1,93 @@ +name: Package and Release Helm Chart +on: + pull_request: + branches: + - 'v*' + types: + # action should run when the pull request is closed + # (regardless of whether it was merged or just closed) + - closed + +jobs: + helm: + name: Package and Release Helm Chart + runs-on: ubuntu-latest + + # Restrict to only run if the PR is merged + if: github.event.pull_request.merged == true + + steps: + # Set the IMAGE_NAME environment variable to the repository name + # Use parameter expansion to convert to lowercase + - name: Set IMAGE_NAME + run: | + echo "IMAGE_NAME=${GITHUB_REPOSITORY,,}" >>${GITHUB_ENV} + + # Set the CHART_NAME environment variable to the repository name + # IMAGE_NAME is in the format owner/repo, so use parameter expansion to get the repo name + - name: Set CHART_NAME + run: | + echo "CHART_NAME=${IMAGE_NAME##*/}" >>${GITHUB_ENV} + + # Checkout code + # https://github.com/actions/checkout + - name: Checkout code + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + + # Extract metadata (tags, labels) to use in Helm chart + # https://github.com/docker/metadata-action + - name: Extract Docker metadata + id: meta + uses: docker/metadata-action@96383f45573cb7f253c731d3b3ab81c87ef81934 # v5.0.0 + with: + images: ${{ env.IMAGE_NAME }} + + # Set version from DOCKER_METADATA_OUTPUT_VERSION as environment variable + # This workflow is triggered when PRs with semver tags are closed, so + # DOCKER_METADATA_OUTPUT_VERSION will be in the format `v1.2(.3)` + - name: Set Version + run: | + echo "VERSION=${DOCKER_METADATA_OUTPUT_VERSION:1}" >> $GITHUB_ENV + + # Change version and appVersion in Chart.yaml to the tag in the closed PR + - name: Update Helm App/Chart Version + shell: bash + run: | + sed -i "s/^version: .*/version: ${{ env.VERSION }}/g" deploy/charts/${{ env.CHART_NAME }}/Chart.yaml + sed -i "s/^appVersion: .*/appVersion: \"${{ env.DOCKER_METADATA_OUTPUT_VERSION }}\"/g" deploy/charts/${{ env.CHART_NAME }}/Chart.yaml + + # Setup Helm + # https://github.com/Azure/setup-helm + - name: Install Helm + uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3.5 + with: + token: ${{ secrets.GITHUB_TOKEN }} + + # Helm requires an ident name to be set for chart-releaser to work + - name: Configure Git + run: | + git config user.name "$GITHUB_ACTOR" + git config user.email "$GITHUB_ACTOR@users.noreply.github.com" + + # Build and release Helm chart to GitHub Pages + # https://github.com/helm/chart-releaser-action + - name: Run chart-releaser + uses: helm/chart-releaser-action@be16258da8010256c6e82849661221415f031968 # v1.5.0 + env: + CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" + with: + charts_dir: deploy/charts + + # Create GitHub tag with Container version to kick off container release workflow + # https://github.com/actions/github-script + - name: Create new tag to kick off container release + uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6.4.1 + with: + github-token: ${{ secrets.TOKEN }} + script: | + github.rest.git.createRef({ + owner: context.repo.owner, + repo: context.repo.repo, + ref: 'refs/tags/' + process.env.DOCKER_METADATA_OUTPUT_VERSION, + sha: context.sha + }) \ No newline at end of file diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 65f622a..c261a05 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,18 +1,10 @@ -name: Build and Release +name: Build and Release Container on: push: - branches: - - '*' - pull_request: - branches: + branches-ignore: + - 'v*' + tags: - 'v*' - types: - # action should run when the pull request is closed - # (regardless of whether it was merged or just closed) - - closed - # Make sure the action runs every time new commits are - # pushed to the pull request's branch - - synchronize env: REGISTRY: ghcr.io @@ -46,12 +38,18 @@ jobs: uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 # Extract metadata (tags, labels) for Docker + # If the workflow was triggered from a push, the edge tag will be included. + # If the workflow was triggered from a release, the latest tag will be included. # https://github.com/docker/metadata-action - name: Extract Docker metadata - id: meta uses: docker/metadata-action@96383f45573cb7f253c731d3b3ab81c87ef81934 # v5.0.0 with: - images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + images: | + ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + tags: | + type=semver,pattern=v{{version}} + type=sha + type=edge # Set up QEMU # https://github.com/docker/setup-qemu-action @@ -81,13 +79,12 @@ jobs: with: context: . platforms: ${{ matrix.platform }} - labels: ${{ steps.meta.outputs.labels }} - push: ${{ github.event.pull_request.merged == true }} + labels: ${{ env.DOCKER_METADATA_OUTPUT_LABELS }} + push: true outputs: type=image,name=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }},push-by-digest=true,name-canonical=true # Export digest - name: Export digest - if: github.event.pull_request.merged == true run: | mkdir -p /tmp/digests digest="${{ steps.build.outputs.digest }}" @@ -95,7 +92,6 @@ jobs: # Upload digest - name: Upload digest - if: github.event.pull_request.merged == true uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 with: name: digests @@ -104,8 +100,8 @@ jobs: retention-days: 1 merge: + name: Merge Container Manifests runs-on: ubuntu-latest - if: github.event.pull_request.merged == true needs: - build steps: @@ -128,12 +124,17 @@ jobs: uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 # Extract metadata (tags, labels) for Docker + # If the pull request is not merged, do not include the edge tag and only include the sha tag. # https://github.com/docker/metadata-action - name: Extract Docker metadata - id: meta uses: docker/metadata-action@96383f45573cb7f253c731d3b3ab81c87ef81934 # v5.0.0 with: - images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + images: | + ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + tags: | + type=semver,pattern=v{{version}} + type=sha + type=edge # Login to Docker registry # https://github.com/docker/login-action @@ -148,66 +149,10 @@ jobs: - name: Create manifest list and push working-directory: /tmp/digests run: | + # Create a manifest list with the selected tag(s) and push docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ $(printf '${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@sha256:%s ' *) - name: Inspect image run: | - docker buildx imagetools inspect ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.meta.outputs.version }} - - helm: - runs-on: ubuntu-latest - if: github.event.pull_request.merged == true - needs: - - merge - steps: - - name: Set IMAGE_NAME - run: | - echo "IMAGE_NAME=${GITHUB_REPOSITORY,,}" >>${GITHUB_ENV} - - # Checkout code - # https://github.com/actions/checkout - - name: Checkout code - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - - # Extract metadata (tags, labels) to use in Helm chart - # https://github.com/docker/metadata-action - - name: Extract Docker metadata - id: meta - uses: docker/metadata-action@96383f45573cb7f253c731d3b3ab81c87ef81934 # v5.0.0 - with: - images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - - # Set version from DOCKER_METADATA_OUTPUT_VERSION as environment variable - - name: Set Version - run: | - echo "VERSION=${DOCKER_METADATA_OUTPUT_VERSION:1}" >> $GITHUB_ENV - - # Change version and appVersion in Chart.yaml to the tag in the closed PR - - name: Update Helm App/Chart Version - shell: bash - run: | - sed -i "s/^version: .*/version: ${{ env.VERSION }}/g" deploy/charts/command-cert-manager-issuer/Chart.yaml - sed -i "s/^appVersion: .*/appVersion: \"${{ env.DOCKER_METADATA_OUTPUT_VERSION }}\"/g" deploy/charts/command-cert-manager-issuer/Chart.yaml - - # Setup Helm - # https://github.com/Azure/setup-helm - - name: Install Helm - uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3.5 - with: - token: ${{ secrets.GITHUB_TOKEN }} - - # Helm requires an ident name to be set for chart-releaser to work - - name: Configure Git - run: | - git config user.name "$GITHUB_ACTOR" - git config user.email "$GITHUB_ACTOR@users.noreply.github.com" - - # Build and release Helm chart to GitHub Pages - # https://github.com/helm/chart-releaser-action - - name: Run chart-releaser - uses: helm/chart-releaser-action@be16258da8010256c6e82849661221415f031968 # v1.5.0 - env: - CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" - with: - charts_dir: deploy/charts \ No newline at end of file + docker buildx imagetools inspect ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.DOCKER_METADATA_OUTPUT_VERSION }} \ No newline at end of file diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 6dd9918..4f8055a 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -6,30 +6,55 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 5 steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 + # Checkout code + # https://github.com/actions/checkout + - name: Checkout code + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + + # Setup GoLang build environment + # https://github.com/actions/setup-go + - name: Set up Go 1.x + uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 with: go-version-file: 'go.mod' cache: true + + # Download dependencies - run: go mod download + + # Build Go binary - run: go build -v . + + # Run Go linters + # https://github.com/golangci/golangci-lint-action - name: Run linters - uses: golangci/golangci-lint-action@08e2f20817b15149a52b5b3ebe7de50aff2ba8c5 # v3.4.0 + uses: golangci/golangci-lint-action@3a919529898de77ec3da873e3063ca4b10e7f5cc # v3.7.0 with: version: latest + test: name: Go Test needs: build runs-on: ubuntu-latest timeout-minutes: 5 steps: - - name: Checkout + # Checkout code + # https://github.com/actions/checkout + - name: Checkout code uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + + # Setup GoLang build environment + # https://github.com/actions/setup-go - name: Set up Go 1.x uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0 with: go-version-file: 'go.mod' cache: true + + # Download dependencies - run: go mod download - - name: Run go test + + # Run Go tests + - env: + name: Run go test run: go test -v ./... \ No newline at end of file