Housekeeping (#2)

PR adds features to make actions more maintainable: - CODEOWNERS file - Linters for actions - Move examples to a directory with the name different from actions - Add README.md - Rewrite actions to use inputs with descriptions and requirements Signed-off-by: m.nabokikh <[email protected]>
deckhouse · Feb 1, 2024 · 24c57aa · 24c57aa
1 parent 8a49d02
commit 24c57aa
Show file tree

Hide file tree

Showing 11 changed files with 195 additions and 105 deletions.
diff --git a/.examples/build.yml b/.examples/build.yml
@@ -0,0 +1,18 @@
+on: [push]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    name: Build and Push images
+    steps:
+      - uses: actions/checkout@v4
+      - uses: deckhouse/modules-actions/setup@v1
+        with:
+          registry: registry.deckhouse.io
+          registry_login: ${{ secrets.REGISTRY_LOGIN }}
+          registry_password: ${{ secrets.REGISTRY_PASSWORD }}
+      - uses: deckhouse/modules-actions/build@v1
+        with:
+          module_source: registry.deckhouse.io/deckhouse/ce/modules
+          module_name: everything-controller
+          module_tag: v1.0.0
diff --git a/.examples/deploy.yml b/.examples/deploy.yml
@@ -0,0 +1,35 @@
+on:
+  workflow_dispatch:
+   inputs:
+      release_channel:
+        description: "Select the release channel"
+        type: choice
+        default: alpha
+        options:
+          - "alpha"
+          - "beta"
+          - "early-access"
+          - "stable"
+          - "rock-solid"
+      tag:
+        description: "Tag of the module, e.g., v1.21.1"
+        type: string
+        required: true
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    name: Deploy the module
+    steps:
+      - uses: actions/checkout@v4
+      - uses: deckhouse/modules-actions/setup@v1
+        with:
+          registry: registry.deckhouse.io
+          registry_login: ${{ secrets.REGISTRY_LOGIN }}
+          registry_password: ${{ secrets.REGISTRY_PASSWORD }}
+      - uses: deckhouse/modules-actions/deploy@v1
+        with:
+          module_source: registry.deckhouse.io/deckhouse/ce/modules
+          module_name: everything-controller
+          module_tag: ${{ github.event.inputs.tag }}
+          release_channel: ${{ github.event.inputs.release_channel }}
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
@@ -0,0 +1 @@
+* @nabokihms
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,9 @@
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+      day: "tuesday"
+    labels:
+      - "dependencies"
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -0,0 +1,17 @@
+name: CI
+on: [push]
+
+jobs:
+  lint-actions:
+    name: Lint Actions
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        action: ["build", "deploy", "setup"]
+    steps:
+      - uses: actions/checkout@v4
+      - name: "${{ matrix.action }}: validate action.yml against a remote schema"
+        uses: cardinalby/schema-validator-action@v3
+        with:
+          file: './${{ matrix.action }}/action.yml'
+          schema: 'https://json.schemastore.org/github-action.json'
diff --git a/README.md b/README.md
@@ -0,0 +1,33 @@
+# Deckhouse Modules Actions
+
+<img src="https://raw.githubusercontent.com/deckhouse/deckhouse/main/docs/site/images/d8-small-logo.png" width="100"/>
+
+## Overview
+
+This repository contains GitHub Actions workflows for building and deploying modules for the Deckhouse Kubernetes Platform.
+
+## Workflows
+| Workflow                          | Description                                                                                                           |
+|-----------------------------------|-----------------------------------------------------------------------------------------------------------------------|
+| [**setup**](./setup/action.yml)   | Sets up the environment for building and deploying modules. This workflow **must** be run before any other workflows. |
+| [**build**](./build/action.yml)   | Builds the Deckhouse modules using the [werf](https://werf.io/) tool.                                                 |
+| [**deploy**](./deploy/action.yml) | Deploys the Deckhouse modules to the one of selected release channels.                                                |
+
+## Examples
+
+All examples are located in the [examples](./.examples) directory. They show how to use the workflows in different scenarios.
+
+1. `build.yaml` — can be run for each PR commit and when a new release is created. Builds the modules and pushes them to the container registry.
+2. `deploy.yaml` — can be run after releasing a new version of the modules. Deploys the modules to the selected release channel.
+
+## Usage
+
+To use these GitHub Action workflows in your own repository:
+
+1. Copy the workflows (YAML files) from the `.examples` directory into your repository.
+
+2. Adjust the workflow files based on your specific requirements and configurations.
+
+3. Make sure to configure any necessary secrets or environment variables in your GitHub repository settings to enable secure deployment.
+
+4. Trigger the workflows manually or automatically on each push, pull request, or any other event as needed.
diff --git a/build/action.yml b/build/action.yml
@@ -1,40 +1,46 @@
-name: 'Build Module'
+name: 'Build Deckhouse Module'
 description: 'Build Deckhouse module'
+inputs:
+  module_source:
+    description: 'Registry repository address for of the module, e.g., registry.example.com/module-source'
+    required: true
+  module_name:
+    description: 'Name of the module, e.g., my-module'
+    required: true
+  module_tag:
+    description: 'The version of the module to deploy to release channel, e.g., v1.21.1'
+    required: true
+
 runs:
   using: "composite"
   steps:
-      - run: |
-              source "$(werf ci-env github --as-file)"
-              werf build --repo=${MODULES_MODULE_SOURCE}/${MODULES_MODULE_NAME} --save-build-report --build-report-path images_tags_werf.json
-
-              
-        shell: bash
-        name: Build images
+    - name: Build dependency images
+      shell: bash
+      run: |
+        source "$(werf ci-env github --as-file)"
+        werf build --repo=${{ inputs.module_source }}/${{ inputs.module_name }} --save-build-report --build-report-path images_tags_werf.json
 
-      - run: |
-              IMAGE_SRC="$(jq -r '.Images."bundle".DockerImageName' images_tags_werf.json)"
-              IMAGE_DST="$(jq -r '.Images.bundle.DockerRepo' images_tags_werf.json):${MODULES_MODULE_TAG}"
-              echo "✨ Bundle image : Pushing ${IMAGE_SRC} to ${IMAGE_DST}"
-              crane copy ${IMAGE_SRC} ${IMAGE_DST}
-              
-        shell: bash
-        name: Bundle image
-        
-      - run: |
-              IMAGE_SRC="$(jq -r '.Images."release-channel-version".DockerImageName' images_tags_werf.json)"
-              IMAGE_DST="$(jq -r '.Images."release-channel-version".DockerRepo' images_tags_werf.json)/release:${MODULES_MODULE_TAG}"
-              echo "✨ Release-channel image : Pushing ${IMAGE_SRC} to ${IMAGE_DST}"
-              crane copy ${IMAGE_SRC} ${IMAGE_DST}
-              
-        shell: bash
-        name: Release-channel image
+    - name: Bundle the module image
+      shell: bash
+      run: |
+        IMAGE_SRC="$(jq -r '.Images."bundle".DockerImageName' images_tags_werf.json)"
+        IMAGE_DST="$(jq -r '.Images.bundle.DockerRepo' images_tags_werf.json):${{ inputs.module_tag }}"
+        echo "✨ Bundle image : Pushing ${IMAGE_SRC} to ${IMAGE_DST}"
+        crane copy ${IMAGE_SRC} ${IMAGE_DST}
 
-      - run: |
-              echo "✨ Register the module ${MODULES_MODULE_NAME}"
-              crane append \
-                --oci-empty-base \
-                --new_layer "" \
-                --new_tag "${MODULES_MODULE_SOURCE}:${MODULES_MODULE_NAME}"
+    - name: Prepare the release-channel image
+      shell: bash
+      run: |
+        IMAGE_SRC="$(jq -r '.Images."release-channel-version".DockerImageName' images_tags_werf.json)"
+        IMAGE_DST="$(jq -r '.Images."release-channel-version".DockerRepo' images_tags_werf.json)/release:${{ inputs.module_tag }}"
+        echo "✨ Release-channel image : Pushing ${IMAGE_SRC} to ${IMAGE_DST}"
+        crane copy ${IMAGE_SRC} ${IMAGE_DST}
 
-        shell: bash
-        name: Module registration
+    - name: Register ${{ inputs.module_name }} module
+      shell: bash
+      run: |
+        echo "✨ Register the module ${{ inputs.module_name }}"
+        crane append \
+          --oci-empty-base \
+          --new_layer "" \
+          --new_tag "${{ inputs.module_source }}/${{ inputs.module_name }}"
diff --git a/deploy/action.yml b/deploy/action.yml
@@ -1,15 +1,27 @@
-name: 'Deploy Module'
+name: 'Deploy Deckhouse Module'
 description: 'Deploy Deckhouse module'
+inputs:
+  module_source:
+    description: 'Registry repository address for of the module, e.g., registry.example.com/module-source'
+    required: true
+  module_name:
+    description: 'Name of the module, e.g., my-module'
+    required: true
+  module_tag:
+    description: 'The version of the module to deploy to release channel, e.g., v1.21.1'
+    required: true
+  release_channel:
+    description: 'Name of the release channel. Must be one of alpha, beta, early-access, stable, rock-solid'
+    required: true
+
 runs:
   using: "composite"
   steps:
-      - run: |
-               
-               REPO="${MODULES_MODULE_SOURCE}/${MODULES_MODULE_NAME}/release"
-               IMAGE_SRC="${REPO}:${MODULES_MODULE_TAG}"
-               IMAGE_DST="${REPO}:${RELEASE_CHANNEL}"
-               echo "✨ Deploy : Pushing ${IMAGE_SRC} to ${IMAGE_DST}"
-               crane copy "${IMAGE_SRC}" "${IMAGE_DST}"
-          
-        shell: bash
-        name: Deploy 
+    - name: Deploy ${{ inputs.module_name }} module to ${{ inputs.release_channel }} release channel
+      shell: bash
+      run: |
+        REPO="${{ inputs.module_source }}/${{ inputs.module_name }}/release"
+        IMAGE_SRC="${REPO}:${{ inputs.module_tag }}"
+        IMAGE_DST="${REPO}:${{ inputs.release_channel }}"
+        echo "✨ Deploy : Pushing ${IMAGE_SRC} to ${IMAGE_DST}"
+        crane copy "${IMAGE_SRC}" "${IMAGE_DST}"
diff --git a/example/build.yml b/example/build.yml
diff --git a/example/deploy.yml b/example/deploy.yml
diff --git a/setup/action.yml b/setup/action.yml
@@ -1,19 +1,30 @@
-name: 'Install Module'
-description: 'Install Deckhouse module'
+name: 'Setup Deckhouse Module Building Environment'
+description: 'Setup Deckhouse Module'
+inputs:
+  registry:
+    description: 'Registry URL'
+    required: true
+  registry_login:
+    description: 'Registry login'
+    required: true
+  registry_password:
+    description: 'Registry password'
+    required: true
+
 runs:
   using: "composite"
   steps:
     - uses: werf/actions/[email protected]
     - uses: imjasonh/[email protected]
 
-    - run: werf version
+    - name: Print werf version
       shell: bash
-      name: Werf version
-      
-    - run: crane version
+      run: werf version
+
+    - name: Print crane version
       shell: bash
-      name: Crane version
+      run: crane version
 
-    - run: werf cr login -u ${{ secrets.MODULES_REGISTRY_LOGIN}} -p ${{  secrets.MODULES_REGISTRY_PASSWORD }} ${MODULES_REGISTRY}
+    - name: Login into registry ${{ inputs.registry }}
       shell: bash
-      name: Werf login registry
+      run: werf cr login -u ${{ inputs.registry_login }} -p ${{ inputs.registry_password }} ${{ inputs.registry }}