Skip to content

Commit

Permalink
verify operator uses webhook version and release is conditional
Browse files Browse the repository at this point in the history
  • Loading branch information
Andrew committed Sep 30, 2024
1 parent f9fa660 commit d5cfd80
Show file tree
Hide file tree
Showing 8 changed files with 53 additions and 27 deletions.
22 changes: 14 additions & 8 deletions .github/workflows/minimal-app.yml
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ on:
paths:
- minimal-app/**
- .github/workflows/minimal-app.yml
- .github/workflows/scripts
push:
branches:
- main
Expand Down Expand Up @@ -60,36 +61,41 @@ jobs:
IMAGE_NAME=$(mvn help:evaluate -Dexpression=image-name -q -DforceStdout)
echo "REGISTRY=$REGISTRY" >> "$GITHUB_OUTPUT"
echo "TAG_NAME=${{ env.GIT_TAG_PREFIX }}$VERSION" >> "$GITHUB_OUTPUT"
echo "IMAGE_NAME=$REGISTRY/$IMAGE_NAME:$VERSION" >> "$GITHUB_OUTPUT"
echo "FULL_IMAGE_NAME=$REGISTRY/$IMAGE_NAME:$VERSION" >> "$GITHUB_OUTPUT"
cat $GITHUB_OUTPUT
id: naming-selector
name: generate names for artifacts
- run: |
! docker manifest inspect ${{ steps.naming-selector.outputs.IMAGE_NAME }}
name: confirm image is not already pushed
- run: |
git fetch --tags
! git rev-parse -q --verify "refs/tags/${{ steps.naming-selector.outputs.TAG_NAME }}"
name: confirm git tag does not exist
if git rev-parse -q --verify "refs/tags/${{ steps.naming-selector.outputs.TAG_NAME }}"; then
# confirm image exists
docker manifest inspect ${{ steps.naming-selector.outputs.FULL_IMAGE_NAME }}
else
echo "needs_release=true" >> $GITHUB_ENV
fi
name: check if release is needed
- uses: actions/setup-java@v3
with:
java-version: "${{ env.JAVA_VERSION }}"
distribution: "temurin"
- run: mvn --batch-mode --update-snapshots verify
if: env.needs_release == 'true'
name: build image

- uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
if: env.needs_release == 'true'
with:
registry: ${{ steps.naming-selector.outputs.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- run: docker push ${{ steps.naming-selector.outputs.IMAGE_NAME }}
- run: docker push ${{ steps.naming-selector.outputs.FULL_IMAGE_NAME }}
if: env.needs_release == 'true'

- uses: mathieudutour/github-tag-action@v6.1
if: env.needs_release == 'true'
id: tag_version
with:
custom_tag: ${{ steps.naming-selector.outputs.TAG_NAME }}
Expand Down
10 changes: 8 additions & 2 deletions .github/workflows/operator.yml
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ on:
- operator/**
- "!operator/webhook/**"
- .github/workflows/operator.yml
- .github/workflows/scripts
push:
branches:
- main
Expand Down Expand Up @@ -57,13 +58,17 @@ jobs:
- run: |
git fetch --tags
! git rev-parse -q --verify "refs/tags/${{ steps.naming-selector.outputs.TAG_NAME }}"
name: confirm git tag does not exist
if ! git rev-parse -q --verify "refs/tags/${{ steps.naming-selector.outputs.TAG_NAME }}"; then
echo "needs_release=true" >> $GITHUB_ENV
fi
name: check if release is needed
- run: make prep-release
if: env.needs_release == 'true'
name: generate release files

- uses: mathieudutour/github-tag-action@v6.1
if: env.needs_release == 'true'
id: tag_version
with:
custom_tag: ${{ steps.naming-selector.outputs.TAG_NAME }}
Expand All @@ -72,6 +77,7 @@ jobs:
tag_prefix: ""

- uses: ncipollo/release-action@v1
if: env.needs_release == 'true'
with:
tag: ${{ steps.tag_version.outputs.new_tag }}
name: Release ${{ steps.tag_version.outputs.new_tag }}
Expand Down
14 changes: 14 additions & 0 deletions .github/workflows/scripts/shared/verify_current_webhook_img.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
OPERATOR_DIR=operator
OPERATOR_CONTROLLER_YAML=$OPERATOR_DIR/controller/integrationroute-controller.yaml

verify_current_webhook_img() {
current_webhook_img=$(make --no-print-directory -C operator/webhook get-image-name)
webhook_image_used=$(yq eval '.spec.template.spec.containers[].image' $OPERATOR_CONTROLLER_YAML)

test -n "$current_webhook_img"
test -n "$webhook_image_used"

test "$webhook_image_used" = "$current_webhook_img" || (echo "Operator is not using current version of webhook image" && exit 1)
}

verify_current_webhook_img
2 changes: 1 addition & 1 deletion .github/workflows/scripts/verify_minimal_app_releasable.sh
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ MINIMAL_APP_DIR=minimal-app
verify_version_bump() {
version=$(mvn -f minimal-app/pom.xml help:evaluate -Dexpression=project.version -q -DforceStdout)
potential_tag="${GIT_TAG_PREFIX}${version}"
sh .github/workflows/scripts/verify_changes_update_version.sh $potential_tag $MINIMAL_APP_DIR
sh .github/workflows/scripts/shared/verify_changes_update_version.sh $potential_tag $MINIMAL_APP_DIR
}

verify_version_bump
15 changes: 2 additions & 13 deletions .github/workflows/scripts/verify_operator_releasable.sh
Original file line number Diff line number Diff line change
@@ -1,22 +1,11 @@
set -eux

OPERATOR_DIR=operator
OPERATOR_CONTROLLER_YAML=$OPERATOR_DIR/controller/integrationroute-controller.yaml

verify_current_webhook_img() {
current_webhook_img=$(make --no-print-directory -C operator/webhook get-image-name)
webhook_image_used=$(yq eval '.spec.template.spec.containers[].image' $OPERATOR_CONTROLLER_YAML)

test -n "$current_webhook_img"
test -n "$webhook_image_used"

test "$webhook_image_used" = "$current_webhook_img" || (echo "Operator is not using current version of webhook image" && exit 1)
}

verify_version_bump() {
potential_tag=$(make --no-print-directory -C $OPERATOR_DIR get-tag)
sh .github/workflows/scripts/verify_changes_update_version.sh $potential_tag $OPERATOR_DIR
sh .github/workflows/scripts/shared/verify_changes_update_version.sh $potential_tag $OPERATOR_DIR
}

verify_current_webhook_img
sh .github/workflows/scripts/shared/verify_current_webhook_img.sh
verify_version_bump
3 changes: 2 additions & 1 deletion .github/workflows/scripts/verify_webhook_releasable.sh
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,8 @@ WEBHOOK_DIR=operator/webhook

verify_version_bump() {
potential_tag=$(make --no-print-directory -C $WEBHOOK_DIR get-tag)
sh .github/workflows/scripts/verify_changes_update_version.sh $potential_tag $WEBHOOK_DIR
sh .github/workflows/scripts/shared/verify_changes_update_version.sh $potential_tag $WEBHOOK_DIR
}

sh .github/workflows/scripts/shared/verify_current_webhook_img.sh
verify_version_bump
14 changes: 12 additions & 2 deletions .github/workflows/webhook.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ on:
paths:
- operator/webhook/**
- .github/workflows/webhook.yml
- .github/workflows/scripts
push:
branches:
- main
Expand Down Expand Up @@ -82,15 +83,22 @@ jobs:
name: generate names for artifacts
- run: |
! docker manifest inspect ${{ steps.naming-selector.outputs.FULL_IMAGE_NAME }}
name: confirm image is not already pushed
git fetch --tags
if git rev-parse -q --verify "refs/tags/${{ steps.naming-selector.outputs.TAG_NAME }}"; then
# confirm image exists
docker manifest inspect ${{ steps.naming-selector.outputs.FULL_IMAGE_NAME }}
else
echo "needs_release=true" >> $GITHUB_ENV
fi
name: check if release is needed
- run: |
git fetch --tags
! git rev-parse -q --verify "refs/tags/${{ steps.naming-selector.outputs.TAG_NAME }}"
name: confirm git tag does not exist
- uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
if: env.needs_release == 'true'
with:
registry: ${{ steps.naming-selector.outputs.REGISTRY }}
username: ${{ github.actor }}
Expand All @@ -100,13 +108,15 @@ jobs:
uses: docker/setup-buildx-action@v3

- uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4
if: env.needs_release == 'true'
with:
context: ${{ env.WORKING_DIR }}
platforms: linux/amd64,linux/arm64
push: true
tags: ${{ steps.naming-selector.outputs.FULL_IMAGE_NAME }}

- uses: mathieudutour/github-tag-action@v6.1
if: env.needs_release == 'true'
id: tag_version
with:
custom_tag: ${{ steps.naming-selector.outputs.TAG_NAME }}
Expand Down

0 comments on commit d5cfd80

Please sign in to comment.