Cleanup CI workflows

.github/workflows/controller-sharding.yaml

@@ -1,9 +1,6 @@
 name: controller-sharding
 
 on:
-  release:
-    types:
-    - published
   push:
     branches:
     - main
@@ -30,7 +27,7 @@ jobs:
         working-directory: go/src/github.com/timebertt/kubernetes-controller-sharding
 
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
       with:
         path: go/src/github.com/timebertt/kubernetes-controller-sharding
     - uses: actions/setup-go@v4
@@ -43,7 +40,10 @@ jobs:
   images:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
+      with:
+        # fetch all history so that git describe works (needed by hack/prepare-image-metadata.sh)
+        fetch-depth: 0
     - uses: actions/setup-go@v4
       with:
         go-version-file: go.mod
@@ -52,80 +52,7 @@ jobs:
         version: v0.15.0
     - name: Prepare image metadata
       id: meta
-      # generate comma-separated tags and labels for image build (similar to docker/metadata-action)
-      run: |
-        set -ex
-
-        build_date="$(date -u +%Y-%m-%dT%H:%M:%SZ)"
-        # revision is the commit sha
-        revision=${{ github.sha }}
-        # short_ref is the branch name, or the semver git tag
-        short_ref=${{ github.ref_name }}
-        # version is the semantic version
-        version=v0.1.0-dev # used if no semver tag has been pushed yet
-        major_version="0"
-        minor_version="1"
-
-        if ${{ github.event_name == 'pull_request' }} ; then
-          # for PR events, ref_name is '<pr-number>/merge' but tags may not contain /
-          short_ref=pr-${{ github.event.pull_request.number }}
-        fi
-
-        if [[ ${{ github.ref }} = refs/tags/* && $short_ref =~ ^v([0-9]+)\.([0-9]+)\.([0-9]+)([-].*)?([+].*)?$ ]] ; then
-          # if triggered for a semver tag, extract its information
-          version=$short_ref
-
-          major_version=${BASH_REMATCH[1]}
-          minor_version=${BASH_REMATCH[2]}
-        elif [[ "$(git describe --tags --match "v*.*.*" --abbrev=0 2>/dev/null)" =~ ^v([0-9]+)\.([0-9]+)\.([0-9]+)$ ]] ; then
-          # otherwise, find the previous semver tag, extract its information, bump minor/patch, and append -dev
-          major_version=${BASH_REMATCH[1]}
-          minor_version=${BASH_REMATCH[2]}
-          patch_version=${BASH_REMATCH[3]}
-
-          if [[ $short_ref = release-* ]] ; then
-            (( patch_version++ ))
-          else
-            (( minor_version++ ))
-          fi
-
-          version=v$major_version.$minor_version.$patch_version-dev
-        fi
-
-        tags=(
-          $short_ref
-          sha-$( echo $revision | head -c7 )
-        )
-
-        if [[ $short_ref = main ]] ; then
-          tags+=( latest )
-        fi
-
-        echo "tags=$(IFS=, ; echo "${tags[*]}")" >> $GITHUB_OUTPUT
-
-        labels=(
-          org.opencontainers.image.created=$build_date
-          org.opencontainers.image.licenses=Apache-2.0
-          org.opencontainers.image.revision=$revision
-          org.opencontainers.image.source=https://github.com/${{ github.repository }}
-          org.opencontainers.image.url=https://github.com/${{ github.repository }}
-          org.opencontainers.image.version=$version
-        )
-
-        echo "labels=$(IFS=, ; echo "${labels[*]}")" >> $GITHUB_OUTPUT
-
-        # calculate ldflags for injecting version information into binaries
-        tree_state="$([ -z "$(git status --porcelain 2>/dev/null)" ] && echo clean || echo dirty)"
-
-        echo "LDFLAGS<<EOF
-        -X k8s.io/component-base/version.gitMajor=$major_version
-        -X k8s.io/component-base/version.gitMinor=$minor_version
-        -X k8s.io/component-base/version.gitVersion=$version
-        -X k8s.io/component-base/version.gitTreeState=$tree_state
-        -X k8s.io/component-base/version.gitCommit=$revision
-        -X k8s.io/component-base/version.buildDate=$build_date
-        -X k8s.io/component-base/version/verflag.programName=kubernetes-controller-sharding
-        EOF" >> $GITHUB_ENV
+      run: ./hack/prepare-image-metadata.sh
     - name: ko build
       run: |
         set -ex

.github/workflows/webhosting-operator.yaml

@@ -1,20 +1,19 @@
 name: webhosting-operator
 
 on:
-  release:
-    types:
-    - published
   push:
     branches:
     - main
     tags:
     - v*
     paths:
     - "webhosting-operator/**"
+    - ".github/workflows/webhosting-operator.yaml"
     - "!**.md"
   pull_request:
     paths:
     - "webhosting-operator/**"
+    - ".github/workflows/webhosting-operator.yaml"
     - "!**.md"
 
 jobs:
@@ -30,7 +29,7 @@ jobs:
         working-directory: go/src/github.com/timebertt/kubernetes-controller-sharding
 
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
       with:
         path: go/src/github.com/timebertt/kubernetes-controller-sharding
     - uses: actions/setup-go@v4
@@ -43,7 +42,10 @@ jobs:
   images:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
+      with:
+        # fetch all history so that git describe works (needed by hack/prepare-image-metadata.sh)
+        fetch-depth: 0
     - uses: actions/setup-go@v4
       with:
         go-version-file: webhosting-operator/go.mod
@@ -53,42 +55,18 @@ jobs:
         version: v0.15.0
     - name: Prepare image metadata
       id: meta
-      # generate comma-separated tags and labels for image build (similar to docker/metadata-action)
-      run: |
-        short_ref=${{ github.ref_name }}
-        if ${{ github.event_name == 'pull_request' }} ; then
-          # for PR events, ref_name is '<pr-number>/merge' but tags may not contain /
-          short_ref=pr-${{ github.event.pull_request.number }}
-        fi
-
-        tags=(
-          $short_ref
-          sha-$( echo ${{ github.sha }} | head -c7 )
-        )
-
-        if ${{ github.ref_name == 'main' }} ; then
-          tags+=( latest )
-        fi
-
-        echo "tags=$(IFS=, ; echo "${tags[*]}")" >> $GITHUB_OUTPUT
-
-        labels=(
-          org.opencontainers.image.created=$( date -u +%Y-%m-%dT%H:%M:%SZ )
-          org.opencontainers.image.licenses=Apache-2.0
-          org.opencontainers.image.revision=${{ github.sha }}
-          org.opencontainers.image.source=https://github.com/${{ github.repository }}
-          org.opencontainers.image.url=https://github.com/${{ github.repository }}
-          org.opencontainers.image.version=$short_ref
-        )
-
-        echo "labels=$(IFS=, ; echo "${labels[*]}")" >> $GITHUB_OUTPUT
+      run: ./hack/prepare-image-metadata.sh
     - name: ko build
       run: |
         set -ex
-
         cd ./webhosting-operator
+
+        entrypoints=(
+          ./cmd/experiment
+          ./cmd/webhosting-operator
+        )
+
         ko build --push=${{ github.event_name != 'pull_request' }} --sbom none --base-import-paths \
           --tags "${{ steps.meta.outputs.tags }}" --image-label "${{ steps.meta.outputs.labels }}" \
           --platform linux/amd64,linux/arm64 \
-          ./cmd/experiment \
-          ./cmd/webhosting-operator
+          "${entrypoints[@]}"

Makefile

@@ -125,7 +125,8 @@ images: export KO_DOCKER_REPO = $(GHCR_REPO)
 
 .PHONY: images
 images: $(KO) ## Build and push container images using ko.
-	$(KO) build --push=$(PUSH) --sbom none --base-import-paths -t $(TAG) --platform linux/amd64,linux/arm64 ./cmd/sharder
+	$(KO) build --push=$(PUSH) --sbom none --base-import-paths -t $(TAG) --platform linux/amd64,linux/arm64 \
+		./cmd/sharder ./cmd/shard ./hack/cmd/janitor
 
 ##@ Deployment
 

hack/prepare-image-metadata.sh

@@ -0,0 +1,74 @@
+#!/usr/bin/env bash
+
+# This script generates comma-separated tags and labels for image builds (similar to docker/metadata-action).
+# It writes its output to the github output variable file or env file. It can only be used in github actions.
+
+set -x
+set -o errexit
+set -o pipefail
+set -o nounset
+
+build_date="$(date -u +%Y-%m-%dT%H:%M:%SZ)"
+# revision is the commit sha
+revision=$GITHUB_SHA
+# short_ref is the branch name, or the semver git tag
+short_ref=$GITHUB_REF_NAME
+# version is the semantic version
+version=v0.1.0-dev # used if no semver tag has been pushed yet
+major_version="0"
+minor_version="1"
+
+tags=( "sha-$( echo "$revision" | head -c7 )" )
+if [[ $short_ref = main ]] ; then
+  tags+=( latest )
+fi
+
+if [[ $GITHUB_REF = refs/tags/* && $short_ref =~ ^v([0-9]+)\.([0-9]+)\.([0-9]+)([-].*)?([+].*)?$ ]] ; then
+  # triggered for a semver tag, add it as image tag
+  tags+=( "$short_ref" )
+
+  # extract version information
+  version=$short_ref
+
+  major_version=${BASH_REMATCH[1]}
+  minor_version=${BASH_REMATCH[2]}
+elif [[ "$(git describe --tags --match "v*.*.*" --abbrev=0 2>/dev/null)" =~ ^v([0-9]+)\.([0-9]+)\.([0-9]+)$ ]] ; then
+  # otherwise, find the previous semver tag, extract its information, bump minor/patch, and append -dev
+  major_version=${BASH_REMATCH[1]}
+  minor_version=${BASH_REMATCH[2]}
+  patch_version=${BASH_REMATCH[3]}
+
+  if [[ $short_ref = release-* ]] ; then
+    (( patch_version++ ))
+  else
+    (( minor_version++ ))
+  fi
+
+  version=v$major_version.$minor_version.$patch_version-dev
+fi
+
+labels=(
+  org.opencontainers.image.created="$build_date"
+  org.opencontainers.image.licenses="Apache-2.0"
+  org.opencontainers.image.revision="$revision"
+  org.opencontainers.image.source="https://github.com/$GITHUB_REPOSITORY"
+  org.opencontainers.image.url="https://github.com/$GITHUB_REPOSITORY"
+  org.opencontainers.image.version="$version"
+)
+
+echo "tags=$(IFS=, ; echo "${tags[*]}")" >> "$GITHUB_OUTPUT"
+echo "labels=$(IFS=, ; echo "${labels[*]}")" >> "$GITHUB_OUTPUT"
+
+# calculate ldflags for injecting version information into binaries
+tree_state="$([[ -z "$(git status --porcelain 2>/dev/null)" ]] && echo clean || echo dirty)"
+
+# passing multi-line strings through an action output is difficult, through env vars is easier
+echo "LDFLAGS<<EOF
+-X k8s.io/component-base/version.gitMajor=$major_version
+-X k8s.io/component-base/version.gitMinor=$minor_version
+-X k8s.io/component-base/version.gitVersion=$version
+-X k8s.io/component-base/version.gitTreeState=$tree_state
+-X k8s.io/component-base/version.gitCommit=$revision
+-X k8s.io/component-base/version.buildDate=$build_date
+-X k8s.io/component-base/version/verflag.programName=kubernetes-controller-sharding
+EOF" >> "$GITHUB_ENV"