From 1246372c9856c827acef959f19e4a2544be409a9 Mon Sep 17 00:00:00 2001 From: Vincent Date: Mon, 2 Dec 2024 01:26:06 -0700 Subject: [PATCH 1/3] Refactor release CI Image tags will be generated based upon the event that triggered the workflow: - push event: - main branch: latest - devel branch: devel - all other branches: -latest Branches must be added to the on.push.branches array above to trigger - pull_request event: DEV-PR- Branches must be added to the on.pull_request.branches array above to trigger - release event: - schedule event: nightly This will be the same configuration as the 'latest' tag, but may contain updated packages, etc. from upstream - all other events: Run podman test as part of same workflow as release (fail faster) --- .github/workflows/build-devel-latest.yml | 39 --------- .github/workflows/build-latest.yml | 39 --------- .github/workflows/ci.yml | 48 ----------- .github/workflows/release.yml | 103 +++++++++++++++++++++-- 4 files changed, 98 insertions(+), 131 deletions(-) delete mode 100644 .github/workflows/build-devel-latest.yml delete mode 100644 .github/workflows/build-latest.yml delete mode 100644 .github/workflows/ci.yml diff --git a/.github/workflows/build-devel-latest.yml b/.github/workflows/build-devel-latest.yml deleted file mode 100644 index 2d13886..0000000 --- a/.github/workflows/build-devel-latest.yml +++ /dev/null @@ -1,39 +0,0 @@ -name: Build and Push latest image - -on: - push: - # build and push anytime commits are merged to main - branches: - - devel - -jobs: - build_and_push_latest: - runs-on: ubuntu-22.04 - name: Build and push latest tag from main on new commits - steps: - - uses: actions/checkout@v4 - - - uses: actions/setup-python@v5 - with: - python-version: "3.12" - - - name: Install dependencies - run: | - python -m pip install --upgrade pip setuptools - pip install -r requirements.txt - - - name: Quay login - run: | - echo "${{ secrets.QUAY_TOKEN }}" | docker login quay.io -u ${{ secrets.QUAY_USERNAME }} --password-stdin - - - name: Build and push image - run: | - docker buildx create --name awx-ee-buildx - docker buildx use awx-ee-buildx - ansible-builder create -v3 --output-file=Dockerfile - docker buildx build \ - --push \ - --platform=linux/amd64,linux/arm64 \ - --tag=${{ vars.IMAGE_REGISTRY }}:devel \ - context - diff --git a/.github/workflows/build-latest.yml b/.github/workflows/build-latest.yml deleted file mode 100644 index eed910a..0000000 --- a/.github/workflows/build-latest.yml +++ /dev/null @@ -1,39 +0,0 @@ -name: Build and Push latest image - -on: - push: - # build and push anytime commits are merged to main - branches: - - main - -jobs: - build_and_push_latest: - runs-on: ubuntu-22.04 - name: Build and push latest tag from main on new commits - steps: - - uses: actions/checkout@v4 - - - uses: actions/setup-python@v5 - with: - python-version: "3.12" - - - name: Install dependencies - run: | - python -m pip install --upgrade pip setuptools - pip install -r requirements.txt - - - name: Quay login - run: | - echo "${{ secrets.QUAY_TOKEN }}" | docker login quay.io -u ${{ secrets.QUAY_USERNAME }} --password-stdin - - - name: Build and push image - run: | - docker buildx create --name awx-ee-buildx - docker buildx use awx-ee-buildx - ansible-builder create -v3 --output-file=Dockerfile - docker buildx build \ - --push \ - --platform=linux/amd64,linux/arm64 \ - --tag=${{ vars.IMAGE_REGISTRY }}:latest \ - context - diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml deleted file mode 100644 index d105d52..0000000 --- a/.github/workflows/ci.yml +++ /dev/null @@ -1,48 +0,0 @@ ---- - -name: CI - -on: - pull_request: - branches: - - main - -jobs: - podman: - runs-on: ubuntu-22.04 - name: Podman - steps: - - uses: actions/checkout@v4 - - - uses: actions/setup-python@v5 - with: - python-version: "3.12" - - - name: Install dependencies - run: | - python -m pip install --upgrade pip setuptools - pip install -r requirements.txt - - - name: Build EE with Podman - run: | - ansible-builder build -v3 -t ${{ vars.IMAGE_REGISTRY }}:latest --container-runtime=podman - - docker: - runs-on: ubuntu-22.04 - name: Docker - steps: - - uses: actions/checkout@v4 - - - uses: actions/setup-python@v5 - with: - python-version: "3.12" - - - name: Install dependencies - run: | - python -m pip install --upgrade pip setuptools - pip install -r requirements.txt - - - name: Build EE with Docker - run: | - ansible-builder build -v3 -t ${{ vars.IMAGE_REGISTRY }}:latest --container-runtime=docker - diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 2444390..ace294d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,14 +1,84 @@ -name: Release +--- +# This workflow will build and push an AWX EE image to a container registry based upon the provided configuration +# +# Image tags will be generated based upon the event that triggered the workflow: +# - push event: +# - main branch: latest +# - devel branch: devel +# - all other branches: -latest +# Branches must be added to the on.push.branches array above to trigger +# - pull_request event: DEV-PR- +# Branches must be added to the on.pull_request.branches array above to trigger +# - release event: +# - schedule event: nightly +# This will be the same configuration as the 'latest' tag, but may contain updated packages, etc. from upstream +# - all other events: +# +# Variables: +# IMAGE_REGISTRY_URL: The container registry to push the image to (default: ghcr.io) +# IMAGE_REPOSITORY: The repository to push the image to (default: github.repository) +# IMAGE_REGISTRY_USER: The username to authenticate with the container registry (default: github.actor) +# +# Secrets: +# IMAGE_REGISTRY_TOKEN: The token to authenticate with the container registry (default: secrets.GITHUB_TOKEN) +# + +name: Build & Release on: + push: + # build and push anytime commits are merged to specified branches + branches: + - main + - devel + paths: + - ".github/workflows/release.yml" + - "./**" + - '!**/*.md' + pull_request: + # build and push anytime a pull request is opened or synchronized + branches: + - main + - devel + paths: + - ".github/workflows/release.yml" + - "./**" + - '!**/*.md' release: + # build and push anytime a release is created types: - created + schedule: + # build and push nightly + - cron: "13 4 * * *" jobs: + ci: + runs-on: ubuntu-latest + name: CI Build (Podman) + strategy: + fail-fast: true + steps: + - uses: actions/checkout@v4 + + - uses: actions/setup-python@v5 + with: + python-version: "3.12" + + - name: Install dependencies + run: | + python -m pip install --upgrade pip setuptools + pip install -r requirements.txt + + - name: Build EE with Podman + run: | + ansible-builder build -v3 -t ${{ vars.IMAGE_REGISTRY_URL || 'ghcr.io' }}/${{ vars.IMAGE_REPOSITORY || github.repository }} --container-runtime=podman + release: - runs-on: ubuntu-22.04 + runs-on: ubuntu-latest name: Release + strategy: + fail-fast: true steps: - uses: actions/checkout@v4 @@ -21,9 +91,32 @@ jobs: python -m pip install --upgrade pip setuptools pip install -r requirements.txt - - name: Quay login + - name: Login to Docker Container Registry + uses: docker/login-action@v3 + with: + registry: ${{ vars.IMAGE_REGISTRY_URL || 'ghcr.io' }} + username: ${{ vars.IMAGE_REGISTRY_USER || github.actor }} + password: ${{ secrets.IMAGE_REGISTRY_TOKEN || secrets.GITHUB_TOKEN }} + + - name: Generate image tag run: | - echo "${{ secrets.QUAY_TOKEN }}" | docker login quay.io -u ${{ secrets.QUAY_USERNAME }} --password-stdin + if [[ "${{ github.event_name }}" == "push" ]]; then + if [[ "${{ github.ref_name }}" == "main" ]]; then + echo "IMAGE_TAG=latest" >> $GITHUB_ENV + elif [[ "${{ github.ref_name }}" == "devel" ]]; then + echo "IMAGE_TAG=devel" >> $GITHUB_ENV + else + echo "IMAGE_TAG=${{ github.ref_name }}-latest" >> $GITHUB_ENV + fi + elif [[ "${{ github.event_name }}" == "pull_request" ]]; then + echo "IMAGE_TAG=DEV-PR-${{ github.event.pull_request.number }}" >> $GITHUB_ENV + elif [[ "${{ github.event_name }}" == "release" ]]; then + echo "IMAGE_TAG=${{ github.event.release.tag_name }}" >> $GITHUB_ENV + elif [[ "${{ github.event_name }}" == "schedule" ]]; then + echo "IMAGE_TAG=nightly" >> $GITHUB_ENV + else + echo "IMAGE_TAG=${GITHUB_SHA::7}" >> $GITHUB_ENV + fi - name: Build and push image run: | @@ -33,6 +126,6 @@ jobs: docker buildx build \ --push \ --platform=linux/amd64,linux/arm64 \ - --tag=${{ vars.IMAGE_REGISTRY }}:${{ github.event.release.tag_name }} \ + --tag=${{ vars.IMAGE_REGISTRY_URL || 'ghcr.io' }}/${{ vars.IMAGE_REPOSITORY || github.repository }}:${{ env.IMAGE_TAG }} \ context From 1c988e15e49b79865b4d198d5b5ed2e77bd23300 Mon Sep 17 00:00:00 2001 From: Vincent Date: Mon, 2 Dec 2024 01:33:23 -0700 Subject: [PATCH 2/3] Build on PR to feature branch --- .github/workflows/release.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index ace294d..52bb080 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -40,6 +40,7 @@ on: branches: - main - devel + - build-runner # Remove this line before merging to 'main' or 'devel' paths: - ".github/workflows/release.yml" - "./**" From 0ea94f196d1b17a337d6ede8ac8d15d793ecb2e7 Mon Sep 17 00:00:00 2001 From: Vincent Date: Mon, 2 Dec 2024 01:51:07 -0700 Subject: [PATCH 3/3] Update PR CI No need to run on chages of only markdown files --- .github/workflows/merge-pr.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/merge-pr.yml b/.github/workflows/merge-pr.yml index e77b3fd..3bcfd55 100644 --- a/.github/workflows/merge-pr.yml +++ b/.github/workflows/merge-pr.yml @@ -1,3 +1,5 @@ +--- + name: "Create Tag on Pull Request merge" on: pull_request: @@ -5,6 +7,9 @@ on: - closed branches: - main + paths: + - "./**" + - '!**/*.md' jobs: TagMerge: @@ -73,3 +78,4 @@ jobs: -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}"\ "${{ github.event.pull_request._links.comments.href }}" \ -d '{"body":"Created tag v${{ steps.tagged.outputs.newtag }}"}' +