Skip to content

Bump docker/metadata-action from 4 to 5 (#76) #285

Bump docker/metadata-action from 4 to 5 (#76)

Bump docker/metadata-action from 4 to 5 (#76) #285

Workflow file for this run

name: ci
on:
pull_request:
push:
branches:
- main
tags:
- '*'
jobs:
docker-base:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
# Build and push with docker buildx
- name: Setup docker buildx
uses: docker/setup-buildx-action@v2
- name: Configure tags based on git tags + latest
uses: docker/metadata-action@v5
id: meta
with:
images: clux/controller
tags: |
type=pep440,pattern={{version}}
type=raw,value=latest,enable={{is_default_branch}}
type=ref,event=pr
- name: Docker login on main origin
uses: docker/login-action@v3
if: github.event_name != 'pull_request'
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- uses: actions/cache@v4
with:
path: |
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
target/
key: musl-cargo-${{ hashFiles('**/Cargo.lock') }}
- name: Compile base features
run: |
mkdir -p ~/.cargo/{git,registry}
docker run --rm -t \
--mount type=bind,source=${{ github.workspace }},target=/volume \
--mount type=bind,source=$HOME/.cargo/registry,target=/root/.cargo/registry \
--mount type=bind,source=$HOME/.cargo/git,target=/root/.cargo/git \
clux/muslrust:stable \
cargo build --release --bin controller
cp target/x86_64-unknown-linux-musl/release/controller .
- name: Docker buildx and push with base features
uses: docker/build-push-action@v4
with:
context: .
cache-from: type=gha,scope=base
cache-to: type=gha,scope=base,mode=max
push: ${{ github.ref == 'refs/heads/main' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
platforms: linux/amd64
- name: Persist base image build to a tarball
uses: docker/build-push-action@v4
with:
context: .
platforms: linux/amd64
tags: ${{ steps.meta.outputs.tags }}
cache-from: type=gha,scope=base
outputs: type=docker,dest=/tmp/image.tar
- name: Upload base docker image as artifact for e2e tests
uses: actions/upload-artifact@v3
with:
name: controller-image
path: /tmp/image.tar
docker-otel:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
# Build and push with docker buildx
- name: Setup docker buildx
uses: docker/setup-buildx-action@v2
- name: Configure tags based on git tags for otel
uses: docker/metadata-action@v5
id: meta
with:
images: clux/controller
tags: |
type=pep440,pattern={{version}},prefix=otel-
type=raw,value=otel,enable={{is_default_branch}}
type=ref,event=pr,prefix=otel-
- uses: actions/cache@v4
with:
path: |
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
target/
key: musl-cargo-otel-${{ hashFiles('**/Cargo.lock') }}
- name: Compile with telemetry
run: |
mkdir -p ~/.cargo/{git,registry}
docker run --rm -t \
--mount type=bind,source=${{ github.workspace }},target=/volume \
--mount type=bind,source=$HOME/.cargo/registry,target=/root/.cargo/registry \
--mount type=bind,source=$HOME/.cargo/git,target=/root/.cargo/git \
clux/muslrust:stable \
cargo build --features=telemetry --release --bin controller
cp target/x86_64-unknown-linux-musl/release/controller .
- name: Docker login on main origin
uses: docker/login-action@v3
if: github.event_name != 'pull_request'
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Docker buildx and push with telemetry
uses: docker/build-push-action@v4
with:
context: .
cache-from: type=gha,scope=otel
cache-to: type=gha,scope=otel,mode=max
push: ${{ github.ref == 'refs/heads/main' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
platforms: linux/amd64
e2e:
runs-on: ubuntu-latest
needs: [docker-base]
steps:
- uses: actions/checkout@v3
- uses: nolar/setup-k3d-k3s@v1
with:
version: v1.27
k3d-name: kube
k3d-args: "--no-lb --no-rollback --k3s-arg --disable=traefik,servicelb,metrics-server@server:*"
- run: kubectl apply -f yaml/crd.yaml
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Download docker image artifact from docker job
uses: actions/download-artifact@v3
with:
name: controller-image
path: /tmp
- name: Load docker image from tarball
run: docker load --input /tmp/image.tar
- name: helm template | kubctl apply
run: |
apiserver="$(kubectl get endpoints kubernetes -ojson | jq '.subsets[0].addresses[0].ip' -r)"
helm template charts/doc-controller \
--set version=latest \
--set networkPolicy.enabled=true \
--set networkPolicy.apiserver.0=${apiserver}/32 \
| kubectl apply -f -
- run: kubectl wait --for=condition=available deploy/doc-controller --timeout=30s
- run: kubectl apply -f yaml/instance-samuel.yaml
- run: sleep 2 # TODO: add condition on status and wait for it instead
# verify reconcile actions have happened
- run: kubectl get netpol doc-controller -oyaml
- run: kubectl logs deploy/doc-controller
- run: kubectl get event --field-selector "involvedObject.kind=Document,involvedObject.name=samuel" | grep "HideRequested"
- run: kubectl get doc -oyaml | grep -A1 finalizers | grep documents.kube.rs
lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Install protoc
run: sudo apt-get install -y protobuf-compiler
- uses: dtolnay/rust-toolchain@stable
with:
toolchain: nightly
components: rustfmt,clippy
- run: cargo +nightly fmt -- --check
- uses: giraffate/clippy-action@v1
with:
reporter: 'github-pr-review'
github_token: ${{ secrets.GITHUB_TOKEN }}
clippy_flags: --all-features
integration:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: dtolnay/rust-toolchain@stable
- uses: Swatinem/rust-cache@v2
- uses: nolar/setup-k3d-k3s@v1
with:
version: v1.25
k3d-name: kube
k3d-args: "--no-lb --no-rollback --k3s-arg --disable=traefik,servicelb,metrics-server@server:*"
- name: Build workspace
run: cargo build
- name: Install crd
run: cargo run --bin crdgen | kubectl apply -f -
- name: Run all default features integration library tests
run: cargo test --lib --all -- --ignored
unit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 2
- uses: dtolnay/rust-toolchain@stable
- uses: Swatinem/rust-cache@v2
# Real CI work starts here
- name: Build workspace
run: cargo build
- name: Run workspace unit tests
run: cargo test
- name: Generate crd.yaml
run: cargo run --bin crdgen > yaml/crd.yaml
- name: Generate deployment.yaml
run: helm template charts/doc-controller > yaml/deployment.yaml
- name: Ensure generated output is committed
run: |
if ! git diff --exit-code yaml/; then
echo "Uncommitted changes in yaml directory"
echo "Please run 'just generate' and commit the results"
exit 1
fi