Skip to content

Commit

Permalink
push 1.0.1 to new repo
Browse files Browse the repository at this point in the history
  • Loading branch information
@oksana-grishchenko
oksana-grishchenko committed Jul 15, 2024
1 parent 40b9e1c commit dbb1676
Showing 1 changed file with 4 additions and 303 deletions.
307 changes: 4 additions & 303 deletions .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ name: Release
on:
push:
branches:
- release-workflow-major-release
- push-prod-image-to-new-repo

permissions:
contents: write
Expand All @@ -16,7 +16,7 @@ jobs:
runs-on: ubuntu-latest
env:
TOOLS_PATH: "/opt/tools/bin"
VERSION: 1.0.0-rc1
VERSION: 1.0.1
RELEASE_TYPE: major
# version in format "X.Y" which is going to be updated with each patch release
FLOATING_TAG: ''
Expand Down Expand Up @@ -49,255 +49,12 @@ jobs:
echo "ARCH=$(uname -m | sed 's/x86_64/amd64/;s/aarch64/arm64/')" >> $GITHUB_ENV
echo "OS=$(uname | awk '{print tolower($0)}')" >> $GITHUB_ENV
- name: Operator - check out
uses: actions/checkout@v4
with:
repository: percona/everest-operator
path: everest-operator
token: ${{ secrets.ROBOT_TOKEN }}

- name: Operator - create release branch
run: |
cd everest-operator
# Check if the branch already exists
git fetch
check_branch=$(git ls-remote --heads origin ${BRANCH_NAME})
if [[ -z ${check_branch} ]]; then
git checkout -b $BRANCH_NAME
git push origin $BRANCH_NAME
fi
git checkout $BRANCH_NAME
# update version in the Makefile
sed -i "s/^VERSION ?=.*/VERSION ?= $VERSION/g" Makefile
# if there is something to commit, commit it and add the tag
if [[ -n $(git status --porcelain) ]]; then
if git tag --list | grep -q "^$GH_TAG$"; then
echo "The tag is already present in github. Please create a different RC/Release"
exit 1
fi
make init
make release
# configure userdata for commits
git config --global user.email "[email protected]"
git config --global user.name "Everest RC CI triggered by ${{ github.actor }}"
# commit and push the updated files
git commit -a -m "update version tag"
git push origin $BRANCH_NAME
git tag $GH_TAG
git push origin $GH_TAG
else
echo "No need for a new build"
fi
- name: Operator - install operator-sdk
run: |
mkdir -p $TOOLS_PATH
echo $TOOLS_PATH >> $GITHUB_PATH
export OPERATOR_SDK_DL_URL=https://github.com/operator-framework/operator-sdk/releases/download/v1.25.2
curl -LO ${OPERATOR_SDK_DL_URL}/operator-sdk_${OS}_${ARCH}
gpg --keyserver keyserver.ubuntu.com --recv-keys 052996E2A20B5C7E
curl -LO ${OPERATOR_SDK_DL_URL}/checksums.txt
curl -LO ${OPERATOR_SDK_DL_URL}/checksums.txt.asc
gpg -u "Operator SDK (release) <[email protected]>" --verify checksums.txt.asc
grep operator-sdk_${OS}_${ARCH} checksums.txt | sha256sum -c -
chmod +x operator-sdk_${OS}_${ARCH}
mv operator-sdk_${OS}_${ARCH} $TOOLS_PATH/operator-sdk
- name: Operator - build and bundle
run: |
cd everest-operator
make build manifests bundle
- name: Operator - setup Docker meta for everest-operator
id: operator_meta
uses: docker/metadata-action@v4
# docker/metadata-action action looks more elegant when being triggered by a GH tag,
# however this workflow can't be triggered by a GH tag since there are some changes need to be done
# in the codebase prior putting the tag, so the action uses the raw tags
with:
images: |
percona/everest-operator,enable=${{ env.IS_RC == 0 }}
perconalab/everest-operator
tags: |
type=raw,value=${{ env.VERSION }}
type=raw,value=latest
type=raw,value=${{ env.FLOATING_TAG }},enable=${{ env.IS_RC == 0 }}
- name: Operator - setup Docker meta for everest-operator-bundle
id: bundle_meta
uses: docker/metadata-action@v4
with:
images: |
percona/everest-operator-bundle,enable=${{ env.IS_RC == 0 }}
perconalab/everest-operator-bundle
tags: |
type=raw,value=${{ env.VERSION }}
type=raw,value=${{ env.FLOATING_TAG }},enable=${{ env.IS_RC == 0 }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}

- name: Operator - build everest-operator image
uses: docker/build-push-action@v3
with:
context: everest-operator
push: false
tags: ${{ steps.operator_meta.outputs.tags }}

- name: Operator - set everest-operator image to scan
id: set_operator_image
run: |
# taking the first tag to check with trivy. Since the build is the same, no need to check the rest of them
echo "::set-output name=image_to_check::$(echo "${{ steps.operator_meta.outputs.tags }}" | head -n 1)"
- name: Operator - run Trivy vulnerability scanner
uses: aquasecurity/[email protected]
with:
image-ref: ${{ steps.set_operator_image.outputs.image_to_check }}
format: 'table'
exit-code: '1'
severity: 'CRITICAL,HIGH'

- name: Operator - push everest-operator image
uses: docker/build-push-action@v3
with:
context: everest-operator
push: true
tags: ${{ steps.operator_meta.outputs.tags }}

- name: Operator - build everest-operator-bundle image
uses: docker/build-push-action@v3
with:
context: everest-operator
push: false
tags: ${{ steps.bundle_meta.outputs.tags }}
file: everest-operator/bundle.Dockerfile

- name: Operator - set everest-operator-bundle image to scan
id: set_operator_bundle_image
run: |
# taking the first tag to check with trivy. Since the build is the same, no need to check the rest of them
echo "::set-output name=image_to_check::$(echo "${{ steps.bundle_meta.outputs.tags }}" | head -n 1)"
- name: Operator - Run Trivy vulnerability scanner
uses: aquasecurity/[email protected]
with:
image-ref: ${{ steps.set_operator_bundle_image.outputs.image_to_check }}
format: 'table'
exit-code: '1'
severity: 'CRITICAL,HIGH'

- name: Operator - push everest-operator-bundle image
uses: docker/build-push-action@v3
with:
context: everest-operator
push: true
tags: ${{ steps.bundle_meta.outputs.tags }}
file: everest-operator/bundle.Dockerfile

- name: Catalog - checkout
uses: actions/checkout@v4
with:
repository: percona/everest-catalog
path: everest-catalog
token: ${{ secrets.ROBOT_TOKEN }}

- name: Catalog - create release branch
run: |
cd everest-catalog
# Check if the branch already exists
git fetch
check_branch=$(git ls-remote --heads origin ${BRANCH_NAME})
if [[ -z ${check_branch} ]]; then
git checkout -b $BRANCH_NAME
git push origin $BRANCH_NAME
fi
git checkout $BRANCH_NAME
# if the tag doesn't exist yet, create it
if git tag --list | grep -q "^$GH_TAG$"; then
echo "The tag is already present in github. Please create a different RC/Release"
exit 1
fi
- name: Catalog - update veneer file
run: |
cd everest-catalog
# configure userdata for commits
git config --global user.email "[email protected]"
git config --global user.name "Everest RC CI triggered by ${{ github.actor }}"
# Check if veneer has the new version listed
if ! grep -q "$VERSION$" catalog/everest-operator/catalog.yaml; then
echo "catalog/everest-operator/catalog.yaml does not include the version $VERSION"
exit 1
fi

git tag $GH_TAG
git push origin $GH_TAG

- name: Catalog - docker meta
id: catalog_meta
uses: docker/metadata-action@v4
with:
images: |
percona/everest-catalog,enable=${{ env.IS_RC == 0 }}
perconalab/everest-catalog
tags: |
type=raw,value=${{ env.VERSION }}
type=raw,value=${{ env.FLOATING_TAG }},enable=${{ env.IS_RC == 0 }}
- name: Catalog - build image
uses: docker/build-push-action@v3
with:
context: everest-catalog
push: false
tags: ${{ steps.catalog_meta.outputs.tags }}
file: everest-catalog/everest-catalog.Dockerfile

- name: Catalog - set catalog image to scan
id: set_catalog_image
run: |
# taking the first tag to check with trivy. Since the build is the same, no need to check the rest of them
echo "::set-output name=image_to_check::$(echo "${{ steps.catalog_meta.outputs.tags }}" | head -n 1)"
# TODO: fix the vulnerabilities in main and enable this check
# - name: Catalog - run Trivy vulnerability scanner
# uses: aquasecurity/[email protected]
# with:
# image-ref: ${{ steps.set_catalog_image.outputs.image_to_check }}
# format: 'table'
# exit-code: '1'
# severity: 'CRITICAL,HIGH'

- name: Catalog - push image
uses: docker/build-push-action@v3
with:
context: everest-catalog
push: true
tags: ${{ steps.catalog_meta.outputs.tags }}
file: everest-catalog/everest-catalog.Dockerfile

- name: Everest - check out
uses: actions/checkout@v4
Expand All @@ -311,49 +68,8 @@ jobs:

- name: Everest - create and update release branch
run: |
# Check if the branch already exists
git fetch
check_branch=$(git ls-remote --heads origin ${BRANCH_NAME})
if [[ -z ${check_branch} ]]; then
git checkout -b $BRANCH_NAME
git push origin $BRANCH_NAME
fi
git checkout $BRANCH_NAME
# Update deploy manifest
if [[ $env.IS_RC ]]; then
sed -i "s/perconalab\/everest.*/perconalab\/everest:$VERSION/g" deploy/quickstart-k8s.yaml
sed -i "s/percona\/percona-everest.*/perconalab\/everest:$VERSION/g" deploy/quickstart-k8s.yaml
else
sed -i "s/perconalab\/everest.*/percona\/percona-everest:$VERSION/g" deploy/quickstart-k8s.yaml
sed -i "s/percona\/percona-everest.*/percona\/percona-everest:$VERSION/g" deploy/quickstart-k8s.yaml
fi
# Update the operator go module to reference the version tag
go get github.com/percona/everest-operator@$GH_TAG
go mod tidy
# Change version in Makefile
sed -i "s/RELEASE_VERSION ?=.*/RELEASE_VERSION ?= v$VERSION/g" Makefile
# if there is something to commit, commit it and add the tag
if [[ -n $(git status --porcelain) ]]; then
if git tag --list | grep -q "^$GH_TAG$"; then
echo "The tag is already present in github. Please create a different RC/Release"
exit 1
fi
# configure userdata for commits
git config --global user.email "[email protected]"
git config --global user.name "Everest RC CI triggered by ${{ github.actor }}"
# commit and push the updated files
git commit -a -m "update version tag"
git push origin $BRANCH_NAME
git tag $GH_TAG
git push origin $GH_TAG
fi
git checkout v1.0.1
- name: Everest UI - setup pnpm
uses: pnpm/action-setup@v3
Expand Down Expand Up @@ -382,8 +98,7 @@ jobs:
id: everest_meta
with:
images: |
percona/percona-everest,enable=${{ env.IS_RC == 0 }}
perconalab/everest
percona/everest,enable=${{ env.IS_RC == 0 }}
tags: |
type=raw,value=${{ env.VERSION }}
type=raw,value=latest
Expand Down Expand Up @@ -419,17 +134,3 @@ jobs:
push: true
tags: ${{ steps.everest_meta.outputs.tags }}

- name: CLI - build binaries
run: |
make release-cli
- name: CLI - create release with binaries
uses: softprops/action-gh-release@v1
with:
draft: true
files: |
dist/*
env:
GITHUB_TOKEN: ${{ github.token }}


0 comments on commit dbb1676

Please sign in to comment.