rancher · nicholasSUSE · Nov 26, 2024 · Dec 10, 2024 · Dec 10, 2024 · Dec 11, 2024
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
@@ -0,0 +1,95 @@
+name: Build
+
+on:
+  pull_request:
+    branches:
+      - dev-v*
+      - release-v*
+
+jobs:
+  build:
+    name: Validate
+    runs-on: org-${{ github.repository_owner_id }}-amd64-k8s
+    container: registry.suse.com/bci/bci-base:latest
+    steps:
+      - name: install dependencies
+        run: zypper --non-interactive install docker jq git make go awk
+      - name: install gh
+        env:
+          GH_VERSION: 2.63.2
+        run: |
+          mkdir -p /tmp/gh
+          curl -fsL https://github.com/cli/cli/releases/download/v${GH_VERSION}/gh_${GH_VERSION}_linux_amd64.tar.gz | tar xvzf - --strip-components=1 -C /tmp/gh
+          mv /tmp/gh/bin/gh /usr/bin/gh
+          chmod +x /usr/bin/gh
+
+      - name: install yq
+        env:
+          YQ_VERSION: "v4.16.1"
+        run: |
+          curl -fsL https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/yq_linux_amd64 -o /usr/bin/yq
+          chmod +x /usr/bin/yq
+
+      - name: Load Secrets from Vault
+        uses: rancher-eio/read-vault-secrets@main
+        with:
+          secrets: |
+            secret/data/github/repo/${{ github.repository }}/dockerhub/rancher/credentials username | DOCKER_USERNAME;
+            secret/data/github/repo/${{ github.repository }}/dockerhub/rancher/credentials password | DOCKER_TOKEN;
+
+      - name: Git safe directory
+        run: |
+          git config --global --add safe.directory "$PWD"
+          echo $PATH >> $GITHUB_PATH
+
+      - name: actions/checkout@v4
+        uses: actions/checkout@v4
+
+      - name: Checkout PR
+        run: gh pr checkout ${{ github.event.pull_request.number }}
+        env:
+            GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Checkout into new branch (staging-pr-workflow)
+        run: git checkout -b staging-pr-workflow
+
+      - name: Pull scripts
+        run: make pull-scripts
+
+      - name: Check release.yaml
+        run: make check-release-yaml
+        continue-on-error: false
+
+
+      - name: Release PR Chekpoints
+        if: contains(github.base_ref, 'release-v')
+        run: make validate-release-charts BRANCH=${{ github.event.pull_request.base.ref }} GH_TOKEN=${{ secrets.GITHUB_TOKEN }} PR_NUMBER=${{ github.event.pull_request.number }}
+        continue-on-error: false
+
+
+      - name: Validate index.yaml Vs assets/ dir
+        run: |
+          echo "github.base_ref"
+          echo "${{ github.base_ref }}"
+          if [[ "${{ github.base_ref }}" == refs/heads/release-v* ]]; then
+            echo "Validating remote release branch"
+            make validate remote=true
+          else
+            echo "Validating local branch"
+            make validate
+          fi
+        continue-on-error: false
+
+
+      - name: Check container images
+        run: make check-images
+        env:
+          DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
+          DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
+        continue-on-error: false
+
+
+      - name: Check RC images and charts
+        if: contains(github.base_ref, 'release-v')
+        run: make check-rc
+        continue-on-error: false
diff --git a/.github/workflows/charts-release.yaml b/.github/workflows/charts-release.yaml
diff --git a/.github/workflows/pull-request.yaml b/.github/workflows/pull-request.yaml