Skip to content

Samba Container Image CI #1764

Samba Container Image CI

Samba Container Image CI #1764

name: Samba Container Image CI
on:
push:
branches: [master]
pull_request:
branches: [master]
schedule:
- cron: '0 2 * * *'
# Allow manually triggering a run in the github ui.
# See: https://docs.github.com/en/actions/using-workflows/manually-running-a-workflow
workflow_dispatch: {}
env:
CONTAINER_CMD: docker
jobs:
checks:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
# We need a newer version of shellcheck to avoid problems with the
# relative imports. Our scripts work on v0.7.2 and up but not the
# v0.7.0 preinstalled in the ubutnu image. We can force a local
# install by expliclity setting SHELLCHECK to `$ALT_BIN/shellcheck`
- name: Run static check tools
run: make check SHELLCHECK=$PWD/.bin/shellcheck
check-commits:
runs-on: ubuntu-latest
if: github.event_name == 'pull_request'
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
ref: ${{ github.event.pull_request.head.sha }}
- name: Ensure branches
run: git fetch
- name: Lint git commit messages
run: make check-gitlint
build-server:
# Reminder: the nightly-server images consume nightly samba rpm builds
# it is not *just* an image that gets built nightly
strategy:
matrix:
package_source: [default, nightly]
os: [centos, fedora, opensuse]
arch: [amd64, arm64]
exclude:
# there are no nightly packages for opensuse
- package_source: nightly
os: opensuse
- os: centos
arch: arm64
include:
- package_source: devbuilds
os: centos
arch: amd64
runs-on: ubuntu-latest
env:
BUILDAH_FORMAT: oci
IMG_TAG: ${{ matrix.package_source }}-${{ matrix.os }}-${{ matrix.arch }}
steps:
- uses: actions/checkout@v4
- name: Build the server image
run: make KIND=server PACKAGE_SOURCE=${{ matrix.package_source }} OS_NAME=${{ matrix.os}} BUILD_ARCH=${{ matrix.arch}} build-image
- name: Upload server image
uses: ishworkh/[email protected]
with:
image: "samba-server:${{ env.IMG_TAG }}"
container_engine: ${{ env.CONTAINER_CMD }}
retention_days: 1
build-ad-server:
strategy:
matrix:
package_source: [default, nightly]
os: [centos, fedora, opensuse]
arch: [amd64, arm64]
exclude:
# there are no nightly packages for opensuse
- package_source: nightly
os: opensuse
# the distro packages for centos do not include an ad-dc
- package_source: default
os: centos
- os: centos
arch: arm64
runs-on: ubuntu-latest
env:
BUILDAH_FORMAT: oci
IMG_TAG: ${{ matrix.package_source }}-${{ matrix.os }}-${{ matrix.arch }}
steps:
- uses: actions/checkout@v4
- name: Build the ad server image
run: make KIND=ad-server PACKAGE_SOURCE=${{ matrix.package_source }} OS_NAME=${{ matrix.os }} BUILD_ARCH=${{ matrix.arch }} build-image
- name: Upload ad server image
uses: ishworkh/[email protected]
with:
image: "samba-ad-server:${{ env.IMG_TAG }}"
container_engine: ${{ env.CONTAINER_CMD }}
retention_days: 1
build-client:
strategy:
matrix:
os: [centos, fedora, opensuse]
arch: [amd64, arm64]
exclude:
- os: centos
arch: arm64
runs-on: ubuntu-latest
env:
BUILDAH_FORMAT: oci
IMG_TAG: default-${{ matrix.os }}-${{ matrix.arch }}
steps:
- uses: actions/checkout@v4
- name: build the client image
run: make KIND=client OS_NAME=${{ matrix.os }} BUILD_ARCH=${{ matrix.arch }} build-image
# The client image is used as a base for the samba-toolbox build process.
- name: Upload the client image
uses: ishworkh/[email protected]
with:
image: "samba-client:${{ env.IMG_TAG }}"
container_engine: ${{ env.CONTAINER_CMD }}
retention_days: 1
build-toolbox:
strategy:
matrix:
os: [centos, fedora, opensuse]
arch: [amd64]
needs: build-client
runs-on: ubuntu-latest
env:
BUILDAH_FORMAT: oci
IMG_TAG: default-${{ matrix.os }}-${{ matrix.arch }}
steps:
- uses: actions/checkout@v4
# Download locally stored samba-client image to be used as base for building
# samba-toolbox.
- name: Download client image
uses: ishworkh/[email protected]
with:
image: "samba-client:${{ env.IMG_TAG }}"
container_engine: ${{ env.CONTAINER_CMD }}
# Workaround: retag the image so that the FQIN image matches the name in
# the toolbox containerfiles.
- name: Apply OS-latest tag to image (for centos)
run: ${{ env.CONTAINER_CMD }} tag samba-client:${{ env.IMG_TAG }} quay.io/samba.org/samba-client:${{ matrix.os }}-latest
- name: Apply latest tag to image (for fedora)
run: ${{ env.CONTAINER_CMD }} tag samba-client:${{ env.IMG_TAG }} quay.io/samba.org/samba-client:latest
- name: Build the toolbox image
run: make KIND=toolbox OS_NAME=${{ matrix.os }} BUILD_ARCH=${{ matrix.arch }} build-image
# Upload the toolbox image for reference and/or image push
- name: Upload the toolbox image
uses: ishworkh/[email protected]
with:
image: "samba-toolbox:${{ env.IMG_TAG }}"
container_engine: ${{ env.CONTAINER_CMD }}
retention_days: 1
test-server:
strategy:
matrix:
package_source: [default, nightly]
os: [centos, fedora, opensuse]
arch: [amd64]
exclude:
# there are no nightly packages for opensuse
- package_source: nightly
os: opensuse
include:
- package_source: devbuilds
os: centos
arch: amd64
needs: build-server
runs-on: ubuntu-latest
env:
BUILDAH_FORMAT: oci
IMG_TAG: ${{ matrix.package_source }}-${{ matrix.os }}-${{ matrix.arch }}
steps:
- uses: actions/checkout@v4
- name: Download server image
uses: ishworkh/[email protected]
with:
image: "samba-server:${{ env.IMG_TAG }}"
container_engine: ${{ env.CONTAINER_CMD }}
- name: Test the server image
run: LOCAL_TAG=samba-server:${{ env.IMG_TAG }} tests/test-samba-container.sh
test-ad-server-kubernetes:
strategy:
matrix:
package_source: [default, nightly]
os: [centos, fedora, opensuse]
arch: [amd64]
exclude:
# there are no nightly packages for opensuse
- package_source: nightly
os: opensuse
# the distro packages for centos do not include an ad-dc
- package_source: default
os: centos
needs:
- build-ad-server
- build-server
# need to explicitly use 20.04 to avoid problems with jq...
runs-on: ubuntu-20.04
env:
BUILDAH_FORMAT: oci
IMG_TAG: ${{ matrix.package_source }}-${{ matrix.os }}-${{ matrix.arch }}
steps:
- uses: actions/checkout@v4
- uses: nolar/setup-k3d-k3s@v1
- name: get nodes
run: kubectl get nodes
- name: Download ad server image
uses: ishworkh/[email protected]
with:
image: "samba-ad-server:${{ env.IMG_TAG }}"
container_engine: ${{ env.CONTAINER_CMD }}
- name: Download file server image
uses: ishworkh/[email protected]
with:
image: "samba-server:${{ env.IMG_TAG }}"
container_engine: ${{ env.CONTAINER_CMD }}
- name: import images to k3d
run: k3d image import samba-server:${{ env.IMG_TAG }} samba-ad-server:${{ env.IMG_TAG }}
- name: run the ad-dc deployment test
run: ./tests/test-samba-ad-server-kubernetes.sh
push:
# verify it passes the test jobs first
needs:
- build-client
- build-toolbox
- test-server
- test-ad-server-kubernetes
runs-on: ubuntu-latest
env:
REPO_BASE: quay.io/samba.org
# NOTE: the fromJSON below is needed beause the syntax github uses
# doesn't actually understand JS/JSON style arrays (inline). When I left it
# out I just got an error. It is present in their example(s).
if: >
contains(fromJSON('["push", "schedule", "workflow_dispatch"]'), github.event_name)
&& github.repository == 'samba-in-kubernetes/samba-container'
steps:
- uses: actions/checkout@v4
- name: log in to quay.io
run: ${CONTAINER_CMD} login -u "${{ secrets.QUAY_USER }}" -p "${{ secrets.QUAY_PASS }}" quay.io
# pull in already built images we plan on pushing
# (server images)
- name: Fetch server default-fedora-amd64
uses: ishworkh/[email protected]
with:
image: "samba-server:default-fedora-amd64"
container_engine: ${{ env.CONTAINER_CMD }}
- name: Fetch server default-fedora-arm64
uses: ishworkh/[email protected]
with:
image: "samba-server:default-fedora-arm64"
container_engine: ${{ env.CONTAINER_CMD }}
- name: Fetch server default-opensuse-arm64
uses: ishworkh/[email protected]
with:
image: "samba-server:default-opensuse-arm64"
container_engine: ${{ env.CONTAINER_CMD }}
- name: Fetch server nightly-fedora-amd64
uses: ishworkh/[email protected]
with:
image: "samba-server:nightly-fedora-amd64"
container_engine: ${{ env.CONTAINER_CMD }}
- name: Fetch server nightly-fedora-arm64
uses: ishworkh/[email protected]
with:
image: "samba-server:nightly-fedora-arm64"
container_engine: ${{ env.CONTAINER_CMD }}
- name: Fetch server nightly-centos-amd64
uses: ishworkh/[email protected]
with:
image: "samba-server:nightly-centos-amd64"
container_engine: ${{ env.CONTAINER_CMD }}
- name: Fetch server devbuilds-centos-amd64
uses: ishworkh/[email protected]
with:
image: "samba-server:devbuilds-centos-amd64"
container_engine: ${{ env.CONTAINER_CMD }}
# (ad server images)
- name: Fetch ad-server default-fedora-amd64
uses: ishworkh/[email protected]
with:
image: "samba-ad-server:default-fedora-amd64"
container_engine: ${{ env.CONTAINER_CMD }}
- name: Fetch ad-server default-fedora-arm64
uses: ishworkh/[email protected]
with:
image: "samba-ad-server:default-fedora-arm64"
container_engine: ${{ env.CONTAINER_CMD }}
- name: Fetch ad-server default-opensuse-arm64
uses: ishworkh/[email protected]
with:
image: "samba-ad-server:default-opensuse-arm64"
container_engine: ${{ env.CONTAINER_CMD }}
- name: Fetch ad-server nightly-fedora-amd64
uses: ishworkh/[email protected]
with:
image: "samba-ad-server:nightly-fedora-amd64"
container_engine: ${{ env.CONTAINER_CMD }}
- name: Fetch ad-server nightly-fedora-arm64
uses: ishworkh/[email protected]
with:
image: "samba-ad-server:nightly-fedora-arm64"
container_engine: ${{ env.CONTAINER_CMD }}
# (client images)
- name: Fetch client default-fedora-amd64
uses: ishworkh/[email protected]
with:
image: "samba-client:default-fedora-amd64"
container_engine: ${{ env.CONTAINER_CMD }}
- name: Fetch client default-fedora-arm64
uses: ishworkh/[email protected]
with:
image: "samba-client:default-fedora-arm64"
container_engine: ${{ env.CONTAINER_CMD }}
- name: Fetch client default-opensuse-arm64
uses: ishworkh/[email protected]
with:
image: "samba-client:default-opensuse-arm64"
container_engine: ${{ env.CONTAINER_CMD }}
# (toolbox images)
- name: Fetch toolbox default-fedora-amd64
uses: ishworkh/[email protected]
with:
image: "samba-toolbox:default-fedora-amd64"
container_engine: ${{ env.CONTAINER_CMD }}
# reapply missing tags
- name: Retag images
run: >
./hack/build-image
--retag
--container-engine=${CONTAINER_CMD}
--repo-base=${REPO_BASE}
--no-distro-qualified
-i samba-server:default-fedora-amd64
-i samba-server:default-fedora-arm64
-i samba-server:default-opensuse-arm64
-i samba-server:nightly-fedora-amd64
-i samba-server:nightly-fedora-arm64
-i samba-server:nightly-centos-amd64
-i samba-server:devbuilds-centos-amd64
-i samba-ad-server:default-fedora-amd64
-i samba-ad-server:default-fedora-arm64
-i samba-ad-server:default-opensuse-arm64
-i samba-ad-server:nightly-fedora-amd64
-i samba-ad-server:nightly-fedora-arm64
-i samba-client:default-fedora-amd64
-i samba-client:default-fedora-arm64
-i samba-client:default-opensuse-arm64
-i samba-toolbox:default-fedora-amd64
- name: Push images
run: >
./hack/build-image
--push
--container-engine=${CONTAINER_CMD}
--verbose
--push-state=exists
--push-selected-tags=mixed
-i ${REPO_BASE}/samba-server:default-fedora-amd64
-i ${REPO_BASE}/samba-server:default-fedora-arm64
-i ${REPO_BASE}/samba-server:default-opensuse-arm64
-i ${REPO_BASE}/samba-server:nightly-fedora-amd64
-i ${REPO_BASE}/samba-server:nightly-centos-amd64
-i ${REPO_BASE}/samba-server:devbuilds-centos-amd64
-i ${REPO_BASE}/samba-ad-server:default-fedora-amd64
-i ${REPO_BASE}/samba-ad-server:default-fedora-arm64
-i ${REPO_BASE}/samba-ad-server:default-opensuse-arm64
-i ${REPO_BASE}/samba-ad-server:nightly-fedora-amd64
-i ${REPO_BASE}/samba-client:default-fedora-amd64
-i ${REPO_BASE}/samba-client:default-fedora-arm64
-i ${REPO_BASE}/samba-client:default-opensuse-arm64
-i ${REPO_BASE}/samba-toolbox:default-fedora-amd64