Skip to content

Commit

Permalink
Merge pull request #182 from mitulshah-suse/move-to-gha
Browse files Browse the repository at this point in the history 
Move from drone to Github Actions
  • Loading branch information
@kinarashah
kinarashah authored Jun 6, 2024
2 parents edd123f + cbafd3d commit fd2af49
Show file tree
Hide file tree
Showing 5 changed files with 191 additions and 150 deletions.
149 changes: 0 additions & 149 deletions .drone.yml
View file

This file was deleted.

29 changes: 29 additions & 0 deletions .github/workflows/fossa.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
name: Fossa scan

on:
push:
branches:
- '*'
tags:
- '*'

jobs:
fossa:
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
timeout-minutes: 20
steps:
- name: Checkout Repo
uses: actions/checkout@v4
- name: Read FOSSA token
uses: rancher-eio/read-vault-secrets@main
with:
secrets: |
secret/data/github/org/rancher/fossa/push token | FOSSA_API_KEY_PUSH_ONLY
- name: FOSSA scan
uses: fossas/fossa-action@main
with:
api-key: ${{ env.FOSSA_API_KEY_PUSH_ONLY }}
run-tests: false
155 changes: 155 additions & 0 deletions .github/workflows/workflow.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,155 @@
name: Workflow for rke-tools

on:
push:
branches:
- master
tags:
- '*'
pull_request:
branches:
- master

env:
IMAGE: rancher/rke-tools

jobs:
ci:
permissions:
contents: read
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version-file: 'go.mod'
- name: Run golangci-lint
uses: golangci/golangci-lint-action@v6
with:
version: v1.58
args: --disable-all -E revive
- name: Build
run: |
./scripts/ci
- name: Upload rke-etcd-backup artifact
if: github.event_name == 'push' && github.ref_type == 'tag'
uses: actions/upload-artifact@v4
with:
name: rke-etcd-backup-${{ github.run_number }}-${{ github.run_attempt }}
path: bin/rke-etcd-backup
if-no-files-found: error
retention-days: 1

build-and-push:
permissions:
contents: read
id-token: write
runs-on: ubuntu-latest
timeout-minutes: 30
needs: ci
if: github.event_name == 'push' && github.ref_type == 'tag'
strategy:
fail-fast: true
matrix:
arch: [amd64, arm64]
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Download rke-etcd-backup artifact
uses: actions/download-artifact@v4
with:
name: rke-etcd-backup-${{ github.run_number }}-${{ github.run_attempt }}
path: .
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.IMAGE }}
flavor: |
latest=false
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Load Secrets from Vault
uses: rancher-eio/read-vault-secrets@main
with:
secrets: |
secret/data/github/repo/${{ github.repository }}/dockerhub/rancher/credentials username | DOCKER_USERNAME ;
secret/data/github/repo/${{ github.repository }}/dockerhub/rancher/credentials password | DOCKER_PASSWORD
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ env.DOCKER_USERNAME }}
password: ${{ env.DOCKER_PASSWORD }}
- name: Build and push Docker image
id: build
uses: docker/build-push-action@v5
with:
context: .
file: package/Dockerfile
push: true
platforms: linux/${{ matrix.arch }}
tags: ${{ env.IMAGE }}:${{ github.ref_name }}-linux-${{ matrix.arch }}
build-args: ARCH=${{ matrix.arch }}
labels: "${{ steps.meta.outputs.labels }}"
- name: Export digest
run: |
mkdir -p /tmp/digests
digest="${{ steps.build.outputs.digest }}"
touch "/tmp/digests/${digest#sha256:}"
- name: Upload digest
uses: actions/upload-artifact@v4
with:
name: "digests-linux-${{ matrix.arch }}"
path: /tmp/digests/*
if-no-files-found: error
retention-days: 1
overwrite: true

merge:
runs-on: ubuntu-latest
needs: build-and-push
permissions:
contents: read
id-token: write
timeout-minutes: 10
if: github.event_name == 'push' && github.ref_type == 'tag'
steps:
- name: Download digests
uses: actions/download-artifact@v4
with:
path: /tmp/digests
pattern: digests-*
merge-multiple: true
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.IMAGE }}
flavor: |
latest=false
- name: Load Secrets from Vault
uses: rancher-eio/read-vault-secrets@main
with:
secrets: |
secret/data/github/repo/${{ github.repository }}/dockerhub/rancher/credentials username | DOCKER_USERNAME ;
secret/data/github/repo/${{ github.repository }}/dockerhub/rancher/credentials password | DOCKER_PASSWORD
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ env.DOCKER_USERNAME }}
password: ${{ env.DOCKER_PASSWORD }}
- name: Create manifest list and push
working-directory: /tmp/digests
run: |
docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
$(printf '${{ env.IMAGE }}@sha256:%s ' *)
- name: Inspect image
run: |
docker buildx imagetools inspect ${{ env.IMAGE }}:${{ steps.meta.outputs.version }}
1 change: 1 addition & 0 deletions scripts/package
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,5 +21,6 @@ cp -r ../{conf.d,cert-deployer,templates,nginx-proxy,*.sh} .

IMAGE=${REPO}/rke-tools:${TAG}
docker build --build-arg ARCH=${ARCH} -t ${IMAGE} .
mkdir -p ../dist
echo ${IMAGE} > ../dist/images
echo Built ${IMAGE}
7 changes: 6 additions & 1 deletion scripts/version
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,12 @@ if [ -n "$(git status --porcelain --untracked-files=no)" ]; then
fi

COMMIT=$(git rev-parse --short HEAD)
GIT_TAG=${DRONE_TAG:-$(git tag -l --contains HEAD | head -n 1)}

if [[ $GITHUB_ACTIONS = true && $GITHUB_REF_TYPE = "tag" ]]; then
TAG_NAME=$GITHUB_REF_NAME
fi

GIT_TAG=${TAG_NAME:-$(git tag -l --contains HEAD | head -n 1)}

if [[ -z "$DIRTY" && -n "$GIT_TAG" ]]; then
VERSION=$GIT_TAG
Expand Down

0 comments on commit fd2af49

Please sign in to comment.