|
| 1 | +# ============= |
| 2 | +# This file is automatically generated from the templates in stackabletech/operator-templating |
| 3 | +# DON'T MANUALLY EDIT THIS FILE |
| 4 | +# ============= |
| 5 | +--- |
| 6 | +name: Build hbase-operator Artifacts |
| 7 | + |
| 8 | +permissions: {} |
| 9 | + |
| 10 | +on: |
| 11 | + push: |
| 12 | + branches: |
| 13 | + - main |
| 14 | + tags: |
| 15 | + - '[0-9][0-9].[0-9]+.[0-9]+-rc[0-9]+' |
| 16 | + - '[0-9][0-9].[0-9]+.[0-9]+' |
| 17 | + schedule: |
| 18 | + # Run every Saturday morning: https://crontab.guru/#15_3_*_*_6 |
| 19 | + - cron: '15 3 * * 6' |
| 20 | + pull_request: |
| 21 | + paths: |
| 22 | + - '.github/workflows/build.yaml' |
| 23 | + - 'rust-toolchain.toml' |
| 24 | + - '.dockerignore' |
| 25 | + - 'deploy/**' |
| 26 | + - '.cargo/**' |
| 27 | + - 'docker/**' |
| 28 | + - 'Cargo.*' |
| 29 | + - '*.rs' |
| 30 | + merge_group: |
| 31 | + |
| 32 | +env: |
| 33 | + OPERATOR_NAME: "hbase-operator" |
| 34 | + RUST_NIGHTLY_TOOLCHAIN_VERSION: "nightly-2025-10-23" |
| 35 | + NIX_PKG_MANAGER_VERSION: "2.30.0" |
| 36 | + RUST_TOOLCHAIN_VERSION: "1.89.0" |
| 37 | + HADOLINT_VERSION: "v2.14.0" |
| 38 | + PYTHON_VERSION: "3.14" |
| 39 | + CARGO_TERM_COLOR: always |
| 40 | + |
| 41 | +jobs: |
| 42 | + cargo-udeps: |
| 43 | + name: Run cargo-udeps |
| 44 | + runs-on: ubuntu-latest |
| 45 | + env: |
| 46 | + RUSTC_BOOTSTRAP: 1 |
| 47 | + steps: |
| 48 | + - name: Install host dependencies |
| 49 | + uses: awalsh128/cache-apt-pkgs-action@2c09a5e66da6c8016428a2172bd76e5e4f14bb17 # v1.5.3 |
| 50 | + with: |
| 51 | + packages: protobuf-compiler krb5-user libkrb5-dev libclang-dev liblzma-dev libssl-dev pkg-config apt-transport-https |
| 52 | + version: ubuntu-latest |
| 53 | + |
| 54 | + - name: Checkout Repository |
| 55 | + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 |
| 56 | + with: |
| 57 | + persist-credentials: false |
| 58 | + submodules: recursive |
| 59 | + |
| 60 | + - name: Install Rust ${{ env.RUST_TOOLCHAIN_VERSION }} toolchain |
| 61 | + uses: dtolnay/rust-toolchain@b3b07ba8b418998c39fb20f53e8b695cdcc8de1b |
| 62 | + with: |
| 63 | + toolchain: ${{ env.RUST_TOOLCHAIN_VERSION }} |
| 64 | + |
| 65 | + - name: Setup Rust Cache |
| 66 | + uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0 # v2.8.0 |
| 67 | + with: |
| 68 | + cache-all-crates: "true" |
| 69 | + key: udeps |
| 70 | + |
| 71 | + - name: Install cargo-udeps |
| 72 | + uses: stackabletech/cargo-install-action@8f7dbbcd2ebe22717efc132d0dd61e80841994b9 # cargo-udeps |
| 73 | + |
| 74 | + - name: Run cargo-udeps |
| 75 | + run: cargo udeps --workspace --all-targets |
| 76 | + |
| 77 | + build-container-image: |
| 78 | + name: Build/Publish ${{ matrix.runner.arch }} Image |
| 79 | + if: github.event_name != 'merge_group' |
| 80 | + permissions: |
| 81 | + id-token: write |
| 82 | + strategy: |
| 83 | + fail-fast: false |
| 84 | + matrix: |
| 85 | + runner: |
| 86 | + - { name: "ubuntu-latest", arch: "amd64" } |
| 87 | + - { name: "ubicloud-standard-8-arm", arch: "arm64" } |
| 88 | + runs-on: ${{ matrix.runner.name }} |
| 89 | + outputs: |
| 90 | + operator-version: ${{ steps.version.outputs.OPERATOR_VERSION }} |
| 91 | + steps: |
| 92 | + - name: Install host dependencies |
| 93 | + uses: awalsh128/cache-apt-pkgs-action@2c09a5e66da6c8016428a2172bd76e5e4f14bb17 # v1.5.3 |
| 94 | + with: |
| 95 | + packages: protobuf-compiler krb5-user libkrb5-dev libclang-dev liblzma-dev libssl-dev pkg-config apt-transport-https |
| 96 | + version: ${{ matrix.runner.name }} |
| 97 | + |
| 98 | + - name: Checkout Repository |
| 99 | + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 |
| 100 | + with: |
| 101 | + persist-credentials: false |
| 102 | + submodules: recursive |
| 103 | + |
| 104 | + - name: Update/Extract Operator Version |
| 105 | + id: version |
| 106 | + env: |
| 107 | + PR_BASE_REF: ${{ github.event.pull_request.base.ref }} |
| 108 | + PR_NUMBER: ${{ github.event.pull_request.number }} |
| 109 | + GITHUB_EVENT_NAME: ${{ github.event_name }} |
| 110 | + GITHUB_DEBUG: ${{ runner.debug }} |
| 111 | + shell: bash |
| 112 | + run: | |
| 113 | + set -euo pipefail |
| 114 | + [ -n "$GITHUB_DEBUG" ] && set -x |
| 115 | +
|
| 116 | + CURRENT_VERSION=$(cargo metadata --format-version 1 --no-deps | jq -r '.packages[0].version') |
| 117 | +
|
| 118 | + if [ "$GITHUB_EVENT_NAME" == 'pull_request' ]; then |
| 119 | + # Include a PR suffix if this workflow is triggered by a PR |
| 120 | + if [ "$PR_BASE_REF" == 'main' ]; then |
| 121 | + NEW_VERSION="0.0.0-pr$PR_NUMBER" |
| 122 | + else |
| 123 | + NEW_VERSION="$CURRENT_VERSION-pr$PR_NUMBER" |
| 124 | + fi |
| 125 | + else |
| 126 | + # Just use the current version if this workflow is run on push, schedule, etc... |
| 127 | + NEW_VERSION="$CURRENT_VERSION" |
| 128 | + fi |
| 129 | +
|
| 130 | + sed -i "s/version = \"${CURRENT_VERSION}\"/version = \"${NEW_VERSION}\"/" Cargo.toml |
| 131 | + echo "OPERATOR_VERSION=$NEW_VERSION" | tee -a "$GITHUB_OUTPUT" |
| 132 | +
|
| 133 | + - name: Install Nix |
| 134 | + uses: cachix/install-nix-action@fc6e360bedc9ee72d75e701397f0bb30dce77568 # v31.5.2 |
| 135 | + |
| 136 | + - name: Install Rust ${{ env.RUST_TOOLCHAIN_VERSION }} Toolchain |
| 137 | + uses: dtolnay/rust-toolchain@b3b07ba8b418998c39fb20f53e8b695cdcc8de1b |
| 138 | + with: |
| 139 | + toolchain: ${{ env.RUST_TOOLCHAIN_VERSION }} |
| 140 | + |
| 141 | + - name: Build Container Image |
| 142 | + id: build |
| 143 | + uses: stackabletech/actions/build-container-image@29bea1b451c0c2e994bd495969286f95bf49ed6a # v0.11.0 |
| 144 | + with: |
| 145 | + image-name: ${{ env.OPERATOR_NAME }} |
| 146 | + image-index-manifest-tag: ${{ steps.version.outputs.OPERATOR_VERSION }} |
| 147 | + build-arguments: VERSION=${{ steps.version.outputs.OPERATOR_VERSION }} |
| 148 | + container-file: docker/Dockerfile |
| 149 | + |
| 150 | + - name: Publish Container Image |
| 151 | + uses: stackabletech/actions/publish-image@29bea1b451c0c2e994bd495969286f95bf49ed6a # v0.11.0 |
| 152 | + with: |
| 153 | + image-registry-uri: oci.stackable.tech |
| 154 | + image-registry-username: robot$sdp+github-action-build |
| 155 | + image-registry-password: ${{ secrets.HARBOR_ROBOT_SDP_GITHUB_ACTION_BUILD_SECRET }} |
| 156 | + image-repository: sdp/${{ env.OPERATOR_NAME }} |
| 157 | + image-manifest-tag: ${{ steps.build.outputs.image-manifest-tag }} |
| 158 | + source-image-uri: ${{ steps.build.outputs.image-manifest-uri }} |
| 159 | + |
| 160 | + publish-index-manifest: |
| 161 | + name: Publish/Sign ${{ needs.build-container-image.outputs.operator-version }} Index |
| 162 | + if: github.event_name != 'merge_group' |
| 163 | + needs: |
| 164 | + - build-container-image |
| 165 | + permissions: |
| 166 | + id-token: write |
| 167 | + runs-on: ubuntu-latest |
| 168 | + steps: |
| 169 | + - name: Checkout Repository |
| 170 | + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 |
| 171 | + with: |
| 172 | + persist-credentials: false |
| 173 | + |
| 174 | + - name: Publish and Sign Image Index |
| 175 | + uses: stackabletech/actions/publish-image-index-manifest@29bea1b451c0c2e994bd495969286f95bf49ed6a # v0.11.0 |
| 176 | + with: |
| 177 | + image-registry-uri: oci.stackable.tech |
| 178 | + image-registry-username: robot$sdp+github-action-build |
| 179 | + image-registry-password: ${{ secrets.HARBOR_ROBOT_SDP_GITHUB_ACTION_BUILD_SECRET }} |
| 180 | + image-repository: sdp/${{ env.OPERATOR_NAME }} |
| 181 | + image-index-manifest-tag: ${{ needs.build-container-image.outputs.operator-version }} |
| 182 | + |
| 183 | + publish-helm-chart: |
| 184 | + name: Package/Publish ${{ needs.build-container-image.outputs.operator-version }} Helm Chart |
| 185 | + if: github.event_name != 'merge_group' |
| 186 | + needs: |
| 187 | + - build-container-image |
| 188 | + permissions: |
| 189 | + id-token: write |
| 190 | + runs-on: ubuntu-latest |
| 191 | + steps: |
| 192 | + - name: Checkout Repository |
| 193 | + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 |
| 194 | + with: |
| 195 | + persist-credentials: false |
| 196 | + submodules: recursive |
| 197 | + |
| 198 | + - name: Package, Publish, and Sign Helm Chart |
| 199 | + uses: stackabletech/actions/publish-helm-chart@29bea1b451c0c2e994bd495969286f95bf49ed6a # v0.11.0 |
| 200 | + with: |
| 201 | + chart-registry-uri: oci.stackable.tech |
| 202 | + chart-registry-username: robot$sdp-charts+github-action-build |
| 203 | + chart-registry-password: ${{ secrets.HARBOR_ROBOT_SDP_CHARTS_GITHUB_ACTION_BUILD_SECRET }} |
| 204 | + chart-repository: sdp-charts |
| 205 | + chart-directory: deploy/helm/${{ env.OPERATOR_NAME }} |
| 206 | + chart-version: ${{ needs.build-container-image.outputs.operator-version }} |
| 207 | + app-version: ${{ needs.build-container-image.outputs.operator-version }} |
| 208 | + |
| 209 | + openshift-preflight-check: |
| 210 | + name: Run OpenShift Preflight Check for ${{ needs.build-container-image.outputs.operator-version }}-${{ matrix.arch }} |
| 211 | + if: github.event_name != 'merge_group' |
| 212 | + needs: |
| 213 | + - build-container-image |
| 214 | + - publish-index-manifest |
| 215 | + strategy: |
| 216 | + fail-fast: false |
| 217 | + matrix: |
| 218 | + arch: |
| 219 | + - amd64 |
| 220 | + - arm64 |
| 221 | + runs-on: ubuntu-latest |
| 222 | + steps: |
| 223 | + - name: Run OpenShift Preflight Check |
| 224 | + uses: stackabletech/actions/run-openshift-preflight@29bea1b451c0c2e994bd495969286f95bf49ed6a # v0.11.0 |
| 225 | + with: |
| 226 | + image-index-uri: oci.stackable.tech/sdp/${{ env.OPERATOR_NAME }}:${{ needs.build-container-image.outputs.operator-version }} |
| 227 | + image-architecture: ${{ matrix.arch }} |
| 228 | + |
| 229 | + # This job is a required check in GitHub Settings for this repository. |
| 230 | + # It saves us having to list many required jobs, or work around dynamically |
| 231 | + # named jobs (since there is no concept of required settings). |
| 232 | + finished: |
| 233 | + # WARNING: Do not change the name unless you will also be changing the |
| 234 | + # Required Checks (in branch protections) in GitHub settings. |
| 235 | + name: Finished Build and Publish |
| 236 | + needs: |
| 237 | + - cargo-udeps |
| 238 | + - openshift-preflight-check |
| 239 | + - publish-helm-chart |
| 240 | + runs-on: ubuntu-latest |
| 241 | + steps: |
| 242 | + - run: echo "We are done here" |
| 243 | + |
| 244 | + notify: |
| 245 | + name: Failure Notification |
| 246 | + if: (failure() || github.run_attempt > 1) && github.event_name != 'merge_group' |
| 247 | + needs: |
| 248 | + - build-container-image |
| 249 | + - publish-index-manifest |
| 250 | + - publish-helm-chart |
| 251 | + runs-on: ubuntu-latest |
| 252 | + steps: |
| 253 | + - name: Checkout Repository |
| 254 | + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 |
| 255 | + with: |
| 256 | + persist-credentials: false |
| 257 | + |
| 258 | + - name: Send Notification |
| 259 | + uses: stackabletech/actions/send-slack-notification@29bea1b451c0c2e994bd495969286f95bf49ed6a # v0.11.0 |
| 260 | + with: |
| 261 | + publish-helm-chart-result: ${{ needs.publish-helm-chart.result }} |
| 262 | + publish-manifests-result: ${{ needs.publish-index-manifest.result }} |
| 263 | + build-result: ${{ needs.build-container-image.result }} |
| 264 | + slack-token: ${{ secrets.SLACK_CONTAINER_IMAGE_TOKEN }} |
| 265 | + channel-id: C07UG6JH44F # notifications-container-images |
| 266 | + type: container-image-build |
0 commit comments