diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml new file mode 100755 index 0000000000..a042364f2e --- /dev/null +++ b/.github/workflows/build.yaml @@ -0,0 +1,95 @@ +name: Build + +on: + pull_request: + branches: + - dev-v* + - release-v* + +jobs: + build: + name: Validate + runs-on: org-${{ github.repository_owner_id }}-amd64-k8s + container: registry.suse.com/bci/bci-base:latest + steps: + - name: install dependencies + run: zypper --non-interactive install docker jq git make go awk + - name: install gh + env: + GH_VERSION: 2.63.2 + run: | + mkdir -p /tmp/gh + curl -fsL https://github.com/cli/cli/releases/download/v${GH_VERSION}/gh_${GH_VERSION}_linux_amd64.tar.gz | tar xvzf - --strip-components=1 -C /tmp/gh + mv /tmp/gh/bin/gh /usr/bin/gh + chmod +x /usr/bin/gh + + - name: install yq + env: + YQ_VERSION: "v4.16.1" + run: | + curl -fsL https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/yq_linux_amd64 -o /usr/bin/yq + chmod +x /usr/bin/yq + + - name: Load Secrets from Vault + uses: rancher-eio/read-vault-secrets@main + with: + secrets: | + secret/data/github/repo/${{ github.repository }}/dockerhub/rancher/credentials username | DOCKER_USERNAME; + secret/data/github/repo/${{ github.repository }}/dockerhub/rancher/credentials password | DOCKER_TOKEN; + + - name: Git safe directory + run: | + git config --global --add safe.directory "$PWD" + echo $PATH >> $GITHUB_PATH + + - name: actions/checkout@v4 + uses: actions/checkout@v4 + + - name: Checkout PR + run: gh pr checkout ${{ github.event.pull_request.number }} + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Checkout into new branch (staging-pr-workflow) + run: git checkout -b staging-pr-workflow + + - name: Pull scripts + run: make pull-scripts + + - name: Check release.yaml + run: make check-release-yaml + continue-on-error: false + + + - name: Release PR Chekpoints + if: contains(github.base_ref, 'release-v') + run: make validate-release-charts BRANCH=${{ github.event.pull_request.base.ref }} GH_TOKEN=${{ secrets.GITHUB_TOKEN }} PR_NUMBER=${{ github.event.pull_request.number }} + continue-on-error: false + + + - name: Validate index.yaml Vs assets/ dir + run: | + echo "github.base_ref" + echo "${{ github.base_ref }}" + if [[ "${{ github.base_ref }}" == refs/heads/release-v* ]]; then + echo "Validating remote release branch" + make validate remote=true + else + echo "Validating local branch" + make validate + fi + continue-on-error: false + + + - name: Check container images + run: make check-images + env: + DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} + DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} + continue-on-error: false + + + - name: Check RC images and charts + if: contains(github.base_ref, 'release-v') + run: make check-rc + continue-on-error: false diff --git a/.github/workflows/charts-release.yaml b/.github/workflows/charts-release.yaml deleted file mode 100644 index 4ff92eae77..0000000000 --- a/.github/workflows/charts-release.yaml +++ /dev/null @@ -1,28 +0,0 @@ -name: Charts-Release-Validations - -on: - pull_request: - branches: - - release-v* - -jobs: - build: - name: Checkpoint 0 - release.yaml validation - runs-on: ubuntu-latest - steps: - - name: Checkout base branch - uses: actions/checkout@v4 - - - name: Checkout PR - run: gh pr checkout ${{ github.event.pull_request.number }} - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - - name: Checkout into branch - run: git checkout -b staging-pr-workflow - - - name: Pull scripts - run: make pull-scripts - - - name: Validate Charts Release - run: make validate-release-charts BRANCH=${{ github.event.pull_request.base.ref }} GH_TOKEN=${{ secrets.GITHUB_TOKEN }} PR_NUMBER=${{ github.event.pull_request.number }} diff --git a/.github/workflows/pull-request.yaml b/.github/workflows/pull-request.yaml deleted file mode 100755 index 20c06ed3b7..0000000000 --- a/.github/workflows/pull-request.yaml +++ /dev/null @@ -1,66 +0,0 @@ -name: CI-pullrequest - -on: - pull_request: - branches: - - dev-v* - - release-v* - -jobs: - build: - name: Build - runs-on: ubuntu-latest - steps: - - name: Checkout base branch - uses: actions/checkout@v4 - - - name: Checkout PR - run: gh pr checkout ${{ github.event.pull_request.number }} - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - - name: Checkout into branch - run: git checkout -b staging-pr-workflow - - - name: Pull scripts - run: sudo make pull-scripts - - - name: Check release.yaml - run: sudo make check-release-yaml - - - name: Validate - run: sudo make validate remote=true - - check-images: - name: Check Container Images - runs-on: ubuntu-latest - steps: - - name: Checkout base branch - uses: actions/checkout@v4 - - - name: Checkout PR - run: gh pr checkout ${{ github.event.pull_request.number }} - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - - name: Check container images - run: make check-images - env: - DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - - check-rc: - name: Check RC Images and Charts - runs-on: ubuntu-latest - steps: - - name: Checkout base branch - uses: actions/checkout@v4 - - - name: Checkout PR - run: gh pr checkout ${{ github.event.pull_request.number }} - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - - name: Check RC images and charts - run: make check-rc - if: startsWith(github.ref, 'refs/heads/release-v')