Release test-0.0.0

.github/actions/certify-openshift-images/action.yaml

@@ -11,6 +11,10 @@ inputs:
   version:
     description: The version of the image to be certified
     required: true
+  registry_username:
+    description: The username to access the registry
+    required: false
+    default: "mongodb+mongodb_atlas_kubernetes"
   registry_password:
     description: The password to access the quay.io registry
     required: true
@@ -31,6 +35,7 @@ runs:
     REGISTRY: ${{ inputs.registry }}
     REPOSITORY: ${{ inputs.repository }}
     VERSION: ${{ inputs.version }}
+    REGISTRY_USERNAME: ${{ inputs.registry_username }}
     REGISTRY_PASSWORD: ${{ inputs.registry_password }}
     RHCC_TOKEN: ${{ inputs.rhcc_token }}
     RHCC_PROJECT: ${{ inputs.rhcc_project }}

.github/actions/certify-openshift-images/entrypoint.sh

@@ -16,7 +16,7 @@
 
 set -eou pipefail
 
-docker login -u mongodb+mongodb_atlas_kubernetes -p "${REGISTRY_PASSWORD}" "${REGISTRY}"
+echo "${REGISTRY_PASSWORD}" | docker login -u "${REGISTRY_USERNAME}" --password-stdin "${REGISTRY}"
 
 submit_flag=--submit
 if [ "${SUBMIT}" == "false" ]; then
@@ -27,6 +27,6 @@ echo "Check and Submit result to RedHat Connect"
 # Send results to RedHat if preflight finished wthout errors
 preflight check container "${REGISTRY}/${REPOSITORY}:${VERSION}" \
   --pyxis-api-token="${RHCC_TOKEN}" \
-  --certification-project-id="${RHCC_PROJECT}" \
+  --certification-component-id="${RHCC_PROJECT}" \
   --docker-config="${HOME}/.docker/config.json" \
   ${submit_flag}

.github/actions/set-tag/action.yml

@@ -1,8 +1,18 @@
 name: 'Setup tag for docker image'
-description: 'Setup tag for docker image: branch name with commit ID'
+description: 'Generates a Docker image tag using branch name and short commit SHA.'
+inputs:
+  branch_name:
+    description: 'Branch name to use for the tag (e.g., main, feature-xyz). Optional.'
+    required: false
+  commit_sha:
+    description: 'Full commit SHA to extract the short commit ID from. Optional.'
+    required: false
+
 outputs:
   tag:
-    description: 'tag for the image'
+    description: 'Generated image tag in the format {branch-name}-{6-char-sha}'
+
 runs:
   using: 'docker'
   image: 'Dockerfile'
+  args: []

.github/actions/set-tag/entrypoint.sh

@@ -13,17 +13,31 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-
-#set -eou pipefail
+set -eou pipefail
 
 git config --global --add safe.directory /github/workspace
 
-# Setup tag name
-commit_id=$(git rev-parse --short HEAD)
-branch_name=${GITHUB_HEAD_REF-}
-if [ -z "${branch_name}" ]; then
-    branch_name=$(echo "$GITHUB_REF" | awk -F'/' '{print $3}')
+# Get the full commit hash and shorten to 6 characters
+full_commit_sha="${INPUT_COMMIT_SHA:-}"
+if [ -z "$full_commit_sha" ]; then
+  full_commit_sha=$(git rev-parse HEAD)
+fi
+commit_id=$(echo "$full_commit_sha" | cut -c1-6)
+
+# Get the full branch name
+branch_name="${INPUT_BRANCH_NAME:-}"
+if [ -z "$branch_name" ]; then
+  if [ -n "$GITHUB_HEAD_REF" ]; then
+    branch_name="$GITHUB_HEAD_REF"
+  else
+    branch_name="${GITHUB_REF#refs/heads/}"
+  fi
 fi
-branch_name=$(echo "${branch_name}" | awk '{print substr($0, 1, 15)}' | sed 's/\//-/g; s/\./-/g')
+
+# Replace / and . with -
+# Then truncate to 15 characters
+branch_name=$(echo "$branch_name" | sed 's/[\/\.]/-/g' | awk '{print substr($0, 1, 15)}')
+
+# Create tag as {branch_name}-{6-digit-commit} 
 tag="${branch_name}-${commit_id}"
-echo "tag=$tag" >> "$GITHUB_OUTPUT"
+echo "tag=${tag}" >> "$GITHUB_OUTPUT"

.github/workflows/cloud-tests-filter.yml

@@ -55,7 +55,7 @@ jobs:
             ACTOR: ${{ github.actor }}
           run: |
             # Evaluate whether or not cloud tests should run
-            RUN_CLOUD_TESTS='false'
+            RUN_CLOUD_TESTS='true'
             # Scheduled runs on default branch always run all tests
             if [ "${EVENT}" == "schedule" ];then
               RUN_CLOUD_TESTS='true'

.github/workflows/cloud-tests.yml

@@ -21,23 +21,7 @@ jobs:
       - name: allowed message
         run: echo "Allowed to run"
 
-  int-tests:
-    needs: allowed
-    uses: ./.github/workflows/test-int.yml
-    secrets: inherit
-
   e2e-tests:
     needs: allowed
     uses: ./.github/workflows/test-e2e.yml
     secrets: inherit
-
-  test-e2e-gov:
-    needs:
-      - allowed
-    uses: ./.github/workflows/test-e2e-gov.yml
-    secrets: inherit
-
-  openshift-upgrade-test:
-    needs: allowed
-    uses: ./.github/workflows/openshift-upgrade-test.yaml
-    secrets: inherit

.github/workflows/promote-image.yml

@@ -0,0 +1,79 @@
+name: Promote Image
+
+on:
+  workflow_run:
+    workflows: ["Test"]
+    types: [completed]
+
+jobs:
+  promote-image:
+    runs-on: ubuntu-latest
+    environment: release
+    if: |
+      github.event.workflow_run.head_branch == 'main' &&
+      github.event.workflow_run.conclusion == 'success' &&
+      github.event.workflow_run.event == 'schedule'
+    env:
+      GHCR_REPO: ghcr.io/mongodb/mongodb-atlas-kubernetes-operator-prerelease
+      DOCKER_REPO: docker.io/mongodb/mongodb-atlas-kubernetes-operator-prerelease
+      QUAY_REPO: quay.io/mongodb/mongodb-atlas-kubernetes-operator-prerelease
+    steps:
+      - name: Checkout PR commit
+        uses: actions/checkout@v4
+
+      - name: Log in to the GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Login to Docker registry
+        uses: docker/login-action@v3
+        with:
+          registry: docker.io
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+
+      - name: Log in to Quay registry
+        uses: docker/login-action@v3
+        with:
+          registry: quay.io
+          username: ${{ secrets.QUAY_USERNAME }}
+          password: ${{ secrets.QUAY_PASSWORD }}
+
+      # Note, we have to be careful how we retrive the image. The event that pushed 
+      # the image to the ghcr.io repo was mainly a push/schedule that passed all the
+      # tests. This event has access to github.ref_name. However, the workflow_run
+      # event does not have access github.ref_name set up. 
+      # 
+      # Therefore, we need to manually specify the branch as main
+      - name: Prepare image tag
+        id: set_tag
+        uses: ./.github/actions/set-tag
+        with:
+          branch_name: ${{ github.event.workflow_run.head_branch }}
+          commit_sha: ${{ github.event.workflow_run.head_sha }}
+
+      - name: Prepare tag for promoted image
+        id: promoted_tag
+        run: |
+          RAW_TAG="${{ steps.set_tag.outputs.tag }}"
+          COMMIT_SHA="${RAW_TAG##*-}"
+          echo "tag=promoted-${COMMIT_SHA}" >> $GITHUB_OUTPUT
+
+      - name: Move image to Docker Hub
+        run: ./scripts/move-image.sh
+        env:
+          IMAGE_SRC_REPO: ${{ env.GHCR_REPO }}
+          IMAGE_DEST_REPO: ${{ env.DOCKER_REPO }}
+          IMAGE_SRC_TAG: ${{ steps.set_tag.outputs.tag }}
+          IMAGE_DEST_TAG: ${{ steps.promoted_tag.outputs.tag }}
+
+      - name: Move image to Quay
+        run: ./scripts/move-image.sh
+        env:
+          IMAGE_SRC_REPO: ${{ env.GHCR_REPO }}
+          IMAGE_DEST_REPO: ${{ env.QUAY_REPO }}
+          IMAGE_SRC_TAG: ${{ steps.set_tag.outputs.tag }}
+          IMAGE_DEST_TAG: ${{ steps.promoted_tag.outputs.tag }}