-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
PR adds features to make actions more maintainable: - CODEOWNERS file - Linters for actions - Move examples to a directory with the name different from actions - Add README.md - Rewrite actions to use inputs with descriptions and requirements Signed-off-by: m.nabokikh <[email protected]>
- Loading branch information
Showing
11 changed files
with
195 additions
and
105 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
on: [push] | ||
|
||
jobs: | ||
build: | ||
runs-on: ubuntu-latest | ||
name: Build and Push images | ||
steps: | ||
- uses: actions/checkout@v4 | ||
- uses: deckhouse/modules-actions/setup@v1 | ||
with: | ||
registry: registry.deckhouse.io | ||
registry_login: ${{ secrets.REGISTRY_LOGIN }} | ||
registry_password: ${{ secrets.REGISTRY_PASSWORD }} | ||
- uses: deckhouse/modules-actions/build@v1 | ||
with: | ||
module_source: registry.deckhouse.io/deckhouse/ce/modules | ||
module_name: everything-controller | ||
module_tag: v1.0.0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
on: | ||
workflow_dispatch: | ||
inputs: | ||
release_channel: | ||
description: "Select the release channel" | ||
type: choice | ||
default: alpha | ||
options: | ||
- "alpha" | ||
- "beta" | ||
- "early-access" | ||
- "stable" | ||
- "rock-solid" | ||
tag: | ||
description: "Tag of the module, e.g., v1.21.1" | ||
type: string | ||
required: true | ||
|
||
jobs: | ||
deploy: | ||
runs-on: ubuntu-latest | ||
name: Deploy the module | ||
steps: | ||
- uses: actions/checkout@v4 | ||
- uses: deckhouse/modules-actions/setup@v1 | ||
with: | ||
registry: registry.deckhouse.io | ||
registry_login: ${{ secrets.REGISTRY_LOGIN }} | ||
registry_password: ${{ secrets.REGISTRY_PASSWORD }} | ||
- uses: deckhouse/modules-actions/deploy@v1 | ||
with: | ||
module_source: registry.deckhouse.io/deckhouse/ce/modules | ||
module_name: everything-controller | ||
module_tag: ${{ github.event.inputs.tag }} | ||
release_channel: ${{ github.event.inputs.release_channel }} |
Validating CODEOWNERS rules …
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
* @nabokihms |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
version: 2 | ||
updates: | ||
- package-ecosystem: "github-actions" | ||
directory: "/" | ||
schedule: | ||
interval: "weekly" | ||
day: "tuesday" | ||
labels: | ||
- "dependencies" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
name: CI | ||
on: [push] | ||
|
||
jobs: | ||
lint-actions: | ||
name: Lint Actions | ||
runs-on: ubuntu-latest | ||
strategy: | ||
matrix: | ||
action: ["build", "deploy", "setup"] | ||
steps: | ||
- uses: actions/checkout@v4 | ||
- name: "${{ matrix.action }}: validate action.yml against a remote schema" | ||
uses: cardinalby/schema-validator-action@v3 | ||
with: | ||
file: './${{ matrix.action }}/action.yml' | ||
schema: 'https://json.schemastore.org/github-action.json' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
# Deckhouse Modules Actions | ||
|
||
<img src="https://raw.githubusercontent.com/deckhouse/deckhouse/main/docs/site/images/d8-small-logo.png" width="100"/> | ||
|
||
## Overview | ||
|
||
This repository contains GitHub Actions workflows for building and deploying modules for the Deckhouse Kubernetes Platform. | ||
|
||
## Workflows | ||
| Workflow | Description | | ||
|-----------------------------------|-----------------------------------------------------------------------------------------------------------------------| | ||
| [**setup**](./setup/action.yml) | Sets up the environment for building and deploying modules. This workflow **must** be run before any other workflows. | | ||
| [**build**](./build/action.yml) | Builds the Deckhouse modules using the [werf](https://werf.io/) tool. | | ||
| [**deploy**](./deploy/action.yml) | Deploys the Deckhouse modules to the one of selected release channels. | | ||
|
||
## Examples | ||
|
||
All examples are located in the [examples](./.examples) directory. They show how to use the workflows in different scenarios. | ||
|
||
1. `build.yaml` — can be run for each PR commit and when a new release is created. Builds the modules and pushes them to the container registry. | ||
2. `deploy.yaml` — can be run after releasing a new version of the modules. Deploys the modules to the selected release channel. | ||
|
||
## Usage | ||
|
||
To use these GitHub Action workflows in your own repository: | ||
|
||
1. Copy the workflows (YAML files) from the `.examples` directory into your repository. | ||
|
||
2. Adjust the workflow files based on your specific requirements and configurations. | ||
|
||
3. Make sure to configure any necessary secrets or environment variables in your GitHub repository settings to enable secure deployment. | ||
|
||
4. Trigger the workflows manually or automatically on each push, pull request, or any other event as needed. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,40 +1,46 @@ | ||
name: 'Build Module' | ||
name: 'Build Deckhouse Module' | ||
description: 'Build Deckhouse module' | ||
inputs: | ||
module_source: | ||
description: 'Registry repository address for of the module, e.g., registry.example.com/module-source' | ||
required: true | ||
module_name: | ||
description: 'Name of the module, e.g., my-module' | ||
required: true | ||
module_tag: | ||
description: 'The version of the module to deploy to release channel, e.g., v1.21.1' | ||
required: true | ||
|
||
runs: | ||
using: "composite" | ||
steps: | ||
- run: | | ||
source "$(werf ci-env github --as-file)" | ||
werf build --repo=${MODULES_MODULE_SOURCE}/${MODULES_MODULE_NAME} --save-build-report --build-report-path images_tags_werf.json | ||
shell: bash | ||
name: Build images | ||
- name: Build dependency images | ||
shell: bash | ||
run: | | ||
source "$(werf ci-env github --as-file)" | ||
werf build --repo=${{ inputs.module_source }}/${{ inputs.module_name }} --save-build-report --build-report-path images_tags_werf.json | ||
- run: | | ||
IMAGE_SRC="$(jq -r '.Images."bundle".DockerImageName' images_tags_werf.json)" | ||
IMAGE_DST="$(jq -r '.Images.bundle.DockerRepo' images_tags_werf.json):${MODULES_MODULE_TAG}" | ||
echo "✨ Bundle image : Pushing ${IMAGE_SRC} to ${IMAGE_DST}" | ||
crane copy ${IMAGE_SRC} ${IMAGE_DST} | ||
shell: bash | ||
name: Bundle image | ||
- run: | | ||
IMAGE_SRC="$(jq -r '.Images."release-channel-version".DockerImageName' images_tags_werf.json)" | ||
IMAGE_DST="$(jq -r '.Images."release-channel-version".DockerRepo' images_tags_werf.json)/release:${MODULES_MODULE_TAG}" | ||
echo "✨ Release-channel image : Pushing ${IMAGE_SRC} to ${IMAGE_DST}" | ||
crane copy ${IMAGE_SRC} ${IMAGE_DST} | ||
shell: bash | ||
name: Release-channel image | ||
- name: Bundle the module image | ||
shell: bash | ||
run: | | ||
IMAGE_SRC="$(jq -r '.Images."bundle".DockerImageName' images_tags_werf.json)" | ||
IMAGE_DST="$(jq -r '.Images.bundle.DockerRepo' images_tags_werf.json):${{ inputs.module_tag }}" | ||
echo "✨ Bundle image : Pushing ${IMAGE_SRC} to ${IMAGE_DST}" | ||
crane copy ${IMAGE_SRC} ${IMAGE_DST} | ||
- run: | | ||
echo "✨ Register the module ${MODULES_MODULE_NAME}" | ||
crane append \ | ||
--oci-empty-base \ | ||
--new_layer "" \ | ||
--new_tag "${MODULES_MODULE_SOURCE}:${MODULES_MODULE_NAME}" | ||
- name: Prepare the release-channel image | ||
shell: bash | ||
run: | | ||
IMAGE_SRC="$(jq -r '.Images."release-channel-version".DockerImageName' images_tags_werf.json)" | ||
IMAGE_DST="$(jq -r '.Images."release-channel-version".DockerRepo' images_tags_werf.json)/release:${{ inputs.module_tag }}" | ||
echo "✨ Release-channel image : Pushing ${IMAGE_SRC} to ${IMAGE_DST}" | ||
crane copy ${IMAGE_SRC} ${IMAGE_DST} | ||
shell: bash | ||
name: Module registration | ||
- name: Register ${{ inputs.module_name }} module | ||
shell: bash | ||
run: | | ||
echo "✨ Register the module ${{ inputs.module_name }}" | ||
crane append \ | ||
--oci-empty-base \ | ||
--new_layer "" \ | ||
--new_tag "${{ inputs.module_source }}/${{ inputs.module_name }}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,15 +1,27 @@ | ||
name: 'Deploy Module' | ||
name: 'Deploy Deckhouse Module' | ||
description: 'Deploy Deckhouse module' | ||
inputs: | ||
module_source: | ||
description: 'Registry repository address for of the module, e.g., registry.example.com/module-source' | ||
required: true | ||
module_name: | ||
description: 'Name of the module, e.g., my-module' | ||
required: true | ||
module_tag: | ||
description: 'The version of the module to deploy to release channel, e.g., v1.21.1' | ||
required: true | ||
release_channel: | ||
description: 'Name of the release channel. Must be one of alpha, beta, early-access, stable, rock-solid' | ||
required: true | ||
|
||
runs: | ||
using: "composite" | ||
steps: | ||
- run: | | ||
REPO="${MODULES_MODULE_SOURCE}/${MODULES_MODULE_NAME}/release" | ||
IMAGE_SRC="${REPO}:${MODULES_MODULE_TAG}" | ||
IMAGE_DST="${REPO}:${RELEASE_CHANNEL}" | ||
echo "✨ Deploy : Pushing ${IMAGE_SRC} to ${IMAGE_DST}" | ||
crane copy "${IMAGE_SRC}" "${IMAGE_DST}" | ||
shell: bash | ||
name: Deploy | ||
- name: Deploy ${{ inputs.module_name }} module to ${{ inputs.release_channel }} release channel | ||
shell: bash | ||
run: | | ||
REPO="${{ inputs.module_source }}/${{ inputs.module_name }}/release" | ||
IMAGE_SRC="${REPO}:${{ inputs.module_tag }}" | ||
IMAGE_DST="${REPO}:${{ inputs.release_channel }}" | ||
echo "✨ Deploy : Pushing ${IMAGE_SRC} to ${IMAGE_DST}" | ||
crane copy "${IMAGE_SRC}" "${IMAGE_DST}" |
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,19 +1,30 @@ | ||
name: 'Install Module' | ||
description: 'Install Deckhouse module' | ||
name: 'Setup Deckhouse Module Building Environment' | ||
description: 'Setup Deckhouse Module' | ||
inputs: | ||
registry: | ||
description: 'Registry URL' | ||
required: true | ||
registry_login: | ||
description: 'Registry login' | ||
required: true | ||
registry_password: | ||
description: 'Registry password' | ||
required: true | ||
|
||
runs: | ||
using: "composite" | ||
steps: | ||
- uses: werf/actions/[email protected] | ||
- uses: imjasonh/[email protected] | ||
|
||
- run: werf version | ||
- name: Print werf version | ||
shell: bash | ||
name: Werf version | ||
- run: crane version | ||
run: werf version | ||
|
||
- name: Print crane version | ||
shell: bash | ||
name: Crane version | ||
run: crane version | ||
|
||
- run: werf cr login -u ${{ secrets.MODULES_REGISTRY_LOGIN}} -p ${{ secrets.MODULES_REGISTRY_PASSWORD }} ${MODULES_REGISTRY} | ||
- name: Login into registry ${{ inputs.registry }} | ||
shell: bash | ||
name: Werf login registry | ||
run: werf cr login -u ${{ inputs.registry_login }} -p ${{ inputs.registry_password }} ${{ inputs.registry }} |