Extract build step to separate action

Allda · Allda · commit 61af43f226c6 · 2022-01-05T09:30:28.000+01:00
The build action is used by both e2e and deployment action and is
executed only once.
diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml
@@ -1,14 +1,22 @@
-name: Build and Push Image
+---
+name: Build
+
 on:  # yamllint disable-line rule:truthy
-  pull_request:
-  push:
+  workflow_run:
+    workflows:
+      - validation
     branches:
       - main
+    types:
+      - completed
+  workflow_dispatch:
 
 jobs:
   build:
     name: Build and push image
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
+
+    if: ${{ github.event.workflow_run.conclusion == 'success' }}
 
     steps:
       - uses: actions/checkout@v2
@@ -31,8 +39,6 @@ jobs:
           registry: quay.io/redhat-isv
           username: ${{ secrets.REGISTRY_USERNAME }}
           password: ${{ secrets.REGISTRY_PASSWORD }}
-        if: ${{ github.event_name == 'push' }}
 
       - name: Print image url
         run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}"
-        if: ${{ github.event_name == 'push' }}
diff --git a/.github/workflows/build-ppc64le-image.yml b/.github/workflows/build-ppc64le-image.yml
@@ -1,9 +1,13 @@
 name: Build and Push ppc64le Image
 on:  # yamllint disable-line rule:truthy
-  pull_request:
-  push:
+  workflow_run:
+    workflows:
+      - validation
     branches:
       - main
+    types:
+      - completed
+  workflow_dispatch:
 
 jobs:
   build:
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -11,41 +11,10 @@ on:  # yamllint disable-line rule:truthy
       - completed
 
 jobs:
-  build:
-    name: Build and push image
-    runs-on: ubuntu-latest
-
-    if: ${{ github.event.workflow_run.conclusion == 'success' }}
-
-    steps:
-      - uses: actions/checkout@v2
-
-      - name: Build Image
-        id: build-image
-        uses: redhat-actions/buildah-build@v2
-        with:
-          image: operator-pipelines-images
-          tags: latest ${{ github.sha }}
-          dockerfiles: |
-            ./operator-pipeline-images/Dockerfile
-
-      - name: Push To quay.io
-        id: push-to-quay
-        uses: redhat-actions/push-to-registry@v2
-        with:
-          image: ${{ steps.build-image.outputs.image }}
-          tags: ${{ steps.build-image.outputs.tags }}
-          registry: quay.io/redhat-isv
-          username: ${{ secrets.REGISTRY_USERNAME }}
-          password: ${{ secrets.REGISTRY_PASSWORD }}
-
-      - name: Print image url
-        run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}"
 
   deploy-dev:
     runs-on: ubuntu-latest
-    needs:
-      - build
+    if: ${{ github.event.workflow_run.conclusion == 'success' }}
     environment:
       name: dev
     steps:
@@ -68,8 +37,7 @@ jobs:
 
   deploy-qa:
     runs-on: ubuntu-latest
-    needs:
-      - build
+    if: ${{ github.event.workflow_run.conclusion == 'success' }}
     environment:
       name: qa
     steps:
diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml
@@ -7,7 +7,7 @@ name: E2E-CI
 on:  # yamllint disable-line rule:truthy
   workflow_run:
     workflows:
-      - validation
+      - Build
     branches:
       - main
     types:
@@ -139,7 +139,7 @@ jobs:
         run: |
           oc new-project $OC_PROJECT
           pushd ansible
-          bash init-custom-env.sh $OC_PROJECT stage vault-password
+          bash init-custom-env.sh $OC_PROJECT stage vault-password ${{ github.sha }}
           popd
 
       - name: Run CI pipeline
diff --git a/.github/workflows/validation.yml b/.github/workflows/validation.yml
@@ -6,6 +6,7 @@ on:  # yamllint disable-line rule:truthy
   push:
     branches:
       - main
+  workflow_dispatch:
 
 jobs:
   yaml-lint:
diff --git a/ansible/init-custom-env.sh b/ansible/init-custom-env.sh
@@ -12,8 +12,9 @@ umask 077
 
 NAMESPACE=$1
 ENV=$2
+PIPELINE_IMAGE_TAG=${4:-released}
 SECRET=$(dirname "$0")/vaults/custom/ocp-token.yml
-PASSWD_FILE=./vault-password
+PASSWD_FILE=$3
 
 # Initialize the environment by creating the service account and giving for it admin permissions
 initialize_environment() {
@@ -29,6 +30,7 @@ initialize_environment() {
         -e "custom=true" \
         -e "ocp_host=`oc whoami --show-server`" \
         -e "ocp_token=`oc whoami -t`" \
+        -e "operator_pipeline_image_tag=$PIPELINE_IMAGE_TAG" \
         --tags init \
         -vvvv
 }
diff --git a/docs/developer-guide.md b/docs/developer-guide.md
@@ -38,14 +38,15 @@ selecting `copy login command`.
 
 ```bash
 # Assuming the current working directory is ansible/
-./init-custom-env.sh $PROJECT $ENVIRONMENT $PASSWD_FILE
+./init-custom-env.sh $PROJECT $ENVIRONMENT $PASSWD_FILE [$PIPELINE_IMAGE_TAG]
 ```
 
 | Argument | Description |
 | -------- | ----------- |
 | PROJECT | An OpenShift project name (eg. `john-playground`). Pipeline resources will be installed here. |
 | ENVIRONMENT | The environmental dependencies and corresponding credentials to leverage. Can be one of `dev`, `qa`, `stage` or `prod`. |
 | PASSWD_FILE | File path containing the ansible vault password. |
+| PIPELINE_IMAGE_TAG | The tag name of operator pipeline image. (optional) |
 
 :warning: Conflicts may occur if the project already contains some resources. They may need to be removed first.
 
