Release pipeline

ondat · Nov 7, 2022 · 4d6ecd8 · 4d6ecd8
1 parent d3fdc47
commit 4d6ecd8
Show file tree

Hide file tree

Showing 7 changed files with 188 additions and 4 deletions.
diff --git a/.github/RELEASE_TEMPLATE.md b/.github/RELEASE_TEMPLATE.md
@@ -0,0 +1,57 @@
+# How to try it
+
+## Prerequisite
+ * Kubernetes cluster
+ * Kubeconfig to deploy
+ * Configured AWS EBS CSI driver
+ * Installed Cert Manager (`make deploy-cert-manager` should help)
+
+## How to try it
+```console
+cat <<EOF | kubectl apply -f -
+apiVersion: storage.k8s.io/v1
+kind: StorageClass
+metadata:
+  name: ebs-sc
+provisioner: ebs.csi.aws.com
+parameters:
+  type: gp3
+allowVolumeExpansion: true
+reclaimPolicy: Retain
+volumeBindingMode: WaitForFirstConsumer
+EOF
+
+kubectl apply -f https://github.com/ondat/discoblocks/releases/download/#VERSION#/discoblocks-bundle.yaml
+
+cat <<EOF | kubectl apply -f -
+apiVersion: discoblocks.ondat.io/v1
+kind: DiskConfig
+metadata:
+  name: nginx
+spec:
+  storageClassName: ebs-sc
+  capacity: 1Gi
+  mountPointPattern: /usr/share/nginx/html/data
+  nodeSelector:
+    matchLabels:
+      kubernetes.io/os: linux 
+  podSelector:
+       app: nginx
+  policy:
+    upscaleTriggerPercentage: 80
+    maximumCapacityOfDisk: 2Gi
+    maximumNumberOfDisks: 3
+    coolDown: 10m
+EOF
+
+kubectl apply create deployment --image=nginx nginx
+```
+
+### Build your own version
+``` console
+git clone -b #VERSION# https://github.com/ondat/discoblocks.git
+cd discoblocks
+export IMG=myregistry/discconfig:current
+make docker-build docker-push deploy bundle
+kubectl apply -f discoblocks-bundle.yaml
+```
diff --git a/.github/workflows/_kuttl.yml b/.github/workflows/_kuttl.yml
@@ -7,6 +7,9 @@ env:
   KUTTL: /usr/local/bin/kubectl-kuttl
   KUBECTL_STORAGEOS: /usr/local/bin/kubectl-storageos
   PLUGIN_PATH: ./kubectl-storageos
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+  IMAGE_TAG: ${{ github.sha }}
 jobs:
   test:
     name: test
@@ -28,8 +31,8 @@ jobs:
           sudo chmod +x $KUTTL
       - name: pull and tag image
         run: |
-          docker pull ghcr.io/ondat/discoblocks:${{ github.sha }}
-          docker tag ghcr.io/ondat/discoblocks:${{ github.sha }} ${{ env.IMG }}
+          docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }}
+          docker tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }} ${{ env.IMG }}
       - name: run kuttl
         run: kubectl-kuttl test --config tests/e2e/kuttl/kuttl-config-1.23.yaml
       - uses: actions/upload-artifact@v3

diff --git a/.github/workflows/_test.yml b/.github/workflows/_test.yml
@@ -0,0 +1,21 @@
+name: "test"
+
+on: workflow_call 
+
+permissions: 
+  contents: read
+  pull-requests: read
+
+jobs:
+  test:
+    name: Test
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+      - name: Set up Go
+        uses: actions/setup-go@v2
+        with:
+          go-version: 1.18
+      - name: Execute test
+        run: make manifests generate test
diff --git a/.github/workflows/e2e-on-pr.yml b/.github/workflows/e2e-on-pr.yml
@@ -19,16 +19,18 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
+  test:
+    uses: ./.github/workflows/_test.yml
+
   golangci-lint:
     uses: ./.github/workflows/_gocilint.yml
 
   gosec-scanning:
     uses: ./.github/workflows/_gosecscan.yml
-    needs: golangci-lint
 
   image-build:
     uses: ./.github/workflows/_docker-build.yml
-    needs: gosec-scanning
+    needs: [test, golangci-lint, gosec-scanning]
 
   image-vulnerability-scan:
     uses: ./.github/workflows/_trivy.yml

diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -0,0 +1,90 @@
+name: Release Version
+
+on:
+  push:
+    branches:
+      - main
+    tags:
+      - "v*"
+
+permissions:
+  contents: write
+  pull-requests: read
+  actions: read
+  security-events: write
+  packages: write
+
+concurrency:
+  group: ci-release-${{ github.ref }}-1
+  cancel-in-progress: true
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+  IMAGE_TAG: ${{ github.sha }}
+jobs:
+  test:
+    uses: ./.github/workflows/_test.yml
+
+  golangci-lint:
+    uses: ./.github/workflows/_gocilint.yml
+
+  gosec-scanning:
+    uses: ./.github/workflows/_gosecscan.yml
+
+  image-build:
+    uses: ./.github/workflows/_docker-build.yml
+    needs: [test, golangci-lint, gosec-scanning]
+
+  image-vulnerability-scan:
+    uses: ./.github/workflows/_trivy.yml
+    needs: image-build
+
+  kuttl:
+    uses: ./.github/workflows/_kuttl.yml
+    needs: image-build
+
+  auto-release:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+      - name: log in to ghrc.io
+        uses: docker/login-action@1edf6180e07d2ffb423fc48a1a552855c0a1f508
+        with: 
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Tag and push image
+        run: |
+          docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }}
+          docker tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }} ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.ref_name }}
+          docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.ref_name }}
+      - name: Generate bundle manifest
+        run: make bundle
+        env:
+          IMG: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.ref_name }}
+      - name: Compress Kustomize manifests
+        run: (cd config ; tar -czvf ../discoblocks-kustomize.tar.gz .)
+      - name: Set since tag
+        run: echo "SINCE_TAG=$(git describe --tags --always $(git rev-list --tags) | grep -e '^v[0-9]+*\.[0-9]+*\.[0-9]+*$' | head -1)" >> $GITHUB_ENV
+      - name: "Generate release changelog"
+        uses: heinrichreimer/[email protected]
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }} 
+          base: .github/RELEASE_TEMPLATE.md
+          sinceTag: ${{ env.SINCE_TAG }}
+          simpleList: true
+      - name: Fix version in changelog
+        run: sed -i "s/#VERSION#/${{ github.ref_name }}/g" CHANGELOG.md
+      - name: Create pre-release
+        uses: softprops/action-gh-release@v1
+        with:
+          prerelease: true
+          body_path: CHANGELOG.md
+          files: |
+            discoblocks-bundle.yaml
+            discoblocks-kustomize.tar.gz
+    needs: [image-vulnerability-scan, kuttl]
diff --git a/.gitignore b/.gitignore
@@ -26,3 +26,7 @@ kubeconfig
 *.swp
 *.swo
 *~
+
+CHANGELOG.md
+discoblocks-bundle.yaml
+discoblocks-kustomize.tar.gz
diff --git a/Makefile b/Makefile
@@ -108,6 +108,13 @@ deploy: manifests kustomize ## Deploy controller to the K8s cluster specified in
 undeploy: ## Undeploy controller from the K8s cluster specified in ~/.kube/config. Call with ignore-not-found=true to ignore resource not found errors during deletion.
 	$(KUSTOMIZE) build config/default | kubectl delete --ignore-not-found=$(ignore-not-found) -f -
 
+.PHONY: bundle
+bundle: manifests kustomize ## Generates Kubernetes manifests
+	rm -rf discoblocks-bundle.yaml
+	cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG}
+	$(KUSTOMIZE) build config/default > discoblocks-bundle.yaml
+	cd config/manager && $(KUSTOMIZE) edit set image controller=discoblocks:latest
+
 .PHONY: deploy-cert-manager
 deploy-cert-manager: manifests kustomize ## Deploy cert manager to the K8s cluster specified in ~/.kube/config.
 	kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.8.0/cert-manager.yaml