From 7e2c2bf92cfc121809a781a80ba533b775cdc779 Mon Sep 17 00:00:00 2001 From: Jon Date: Wed, 17 Jan 2024 07:30:24 +0930 Subject: [PATCH] multi-architecture builds and publish (#1681) * Add multi-arch image builds to makefile * A default set of platforms is specified and will build those if var `PLATFORMS` is not specified on the CLI * Builds containers and stores @ghcr with tag that is git commit. * Pushes the image to quay.io/ansible with tag devel. * Update Promote to use single build point and the multi-arch manifest - Pulls the complete manifest containing all architectures that matches the version from ghcr - Tag manifest with the specified version and publish to quay.io - Tag manifest as 'latest' and publish to quay.io Author: jon-nfc Co-authored-by: Christian M. Adams Co-authored-by: TheRealHaoLiu --- .github/workflows/devel.yaml | 35 ++++++++++++++++---- .github/workflows/promote.yaml | 59 +++++++++++++++++++++++++--------- .github/workflows/stage.yml | 39 +++++++++++----------- Makefile | 15 +++++++++ 4 files changed, 106 insertions(+), 42 deletions(-) diff --git a/.github/workflows/devel.yaml b/.github/workflows/devel.yaml index 3917ed4bf..ced9d9091 100644 --- a/.github/workflows/devel.yaml +++ b/.github/workflows/devel.yaml @@ -13,15 +13,36 @@ jobs: steps: - uses: actions/checkout@v3 - - name: Build Image + - name: Fail if QUAY_REGISTRY not set run: | - IMG=awx-operator:devel make docker-build + if [[ -z "${{ vars.QUAY_REGISTRY }}" ]]; then + echo "QUAY_REGISTRY not set. Please set QUAY_REGISTRY in variable GitHub Actions variables." + exit 1 + fi - - name: Push To Quay - uses: redhat-actions/push-to-registry@v2.1.1 + - name: Log into registry ghcr.io + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 with: - image: awx-operator - tags: devel - registry: quay.io/ansible/ + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + + - name: Log into registry quay.io + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 + with: + registry: ${{ vars.QUAY_REGISTRY }} username: ${{ secrets.QUAY_USER }} password: ${{ secrets.QUAY_TOKEN }} + + + - name: Build and Store Image @ghcr + run: | + IMG=ghcr.io/${{ github.repository }}:${{ github.sha }} make docker-buildx + + + - name: Publish Image to quay.io + run: | + docker buildx imagetools create \ + ghcr.io/${{ github.repository }}:${{ github.sha }} \ + --tag ${{ vars.QUAY_REGISTRY }}/awx-operator:devel diff --git a/.github/workflows/promote.yaml b/.github/workflows/promote.yaml index 60f14fdb0..5b3afaae8 100644 --- a/.github/workflows/promote.yaml +++ b/.github/workflows/promote.yaml @@ -8,47 +8,76 @@ on: tag_name: description: 'Name for the tag of the release.' required: true + quay_registry: + description: 'Quay registry to push to.' + default: 'quay.io/ansible' + +env: + QUAY_REGISTRY: ${{ vars.QUAY_REGISTRY }} jobs: promote: runs-on: ubuntu-latest steps: - - name: Set TAG_NAME for workflow_dispatch event + - name: Set GitHub Env vars for workflow_dispatch event if: ${{ github.event_name == 'workflow_dispatch' }} run: | echo "TAG_NAME=${{ github.event.inputs.tag_name }}" >> $GITHUB_ENV + echo "QUAY_REGISTRY=${{ github.event.inputs.quay_registry }}" >> $GITHUB_ENV - - name: Set TAG_NAME for release event + - name: Set GitHub Env vars if release event if: ${{ github.event_name == 'release' }} run: | echo "TAG_NAME=${{ github.event.release.tag_name }}" >> $GITHUB_ENV + - name: Fail if QUAY_REGISTRY not set + run: | + if [[ -z "${{ env.QUAY_REGISTRY }}" ]]; then + echo "QUAY_REGISTRY not set. Please set QUAY_REGISTRY in variable GitHub Actions variables." + exit 1 + fi + - uses: actions/checkout@v3 with: depth: 0 - - name: Log in to GHCR - run: | - echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u ${{ github.actor }} --password-stdin - - name: Log in to Quay + - name: Log into registry ghcr.io + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + + - name: Log into registry quay.io + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 + with: + registry: ${{ env.QUAY_REGISTRY }} + username: ${{ secrets.QUAY_USER }} + password: ${{ secrets.QUAY_TOKEN }} + + + - name: Pull Tagged Staged Image and Publish to quay.io run: | - echo ${{ secrets.QUAY_TOKEN }} | docker login quay.io -u ${{ secrets.QUAY_USER }} --password-stdin + docker buildx imagetools create \ + ghcr.io/${{ github.repository }}:${{ env.TAG_NAME }} \ + --tag ${{ env.QUAY_REGISTRY }}/awx-operator:${{ env.TAG_NAME }} + - - name: Re-tag and promote awx-operator image + - name: Pull Staged Image and Publish to quay.io/${{ github.repository }}:latest run: | - docker pull ghcr.io/${{ github.repository }}:${TAG_NAME} - docker tag ghcr.io/${{ github.repository }}:${TAG_NAME} quay.io/${{ github.repository }}:${TAG_NAME} - docker tag ghcr.io/${{ github.repository }}:${TAG_NAME} quay.io/${{ github.repository }}:latest - docker push quay.io/${{ github.repository }}:${TAG_NAME} - docker push quay.io/${{ github.repository }}:latest + docker buildx imagetools create \ + ghcr.io/${{ github.repository }}:${{ env.TAG_NAME }} \ + --tag ${{ env.QUAY_REGISTRY }}/awx-operator:latest + - name: Release Helm chart run: | ansible-playbook ansible/helm-release.yml -v \ - -e operator_image=quay.io/${{ github.repository }} \ + -e operator_image=${{ env.QUAY_REGISTRY }}/awx-operator \ -e chart_owner=${{ github.repository_owner }} \ - -e tag=${TAG_NAME} \ + -e tag=${{ env.TAG_NAME }} \ -e gh_token=${{ secrets.GITHUB_TOKEN }} \ -e gh_user=${{ github.actor }} \ -e repo_type=https diff --git a/.github/workflows/stage.yml b/.github/workflows/stage.yml index 7ef76bf01..a6c12d919 100644 --- a/.github/workflows/stage.yml +++ b/.github/workflows/stage.yml @@ -37,12 +37,6 @@ jobs: exit 0 - - name: Checkout awx - uses: actions/checkout@v3 - with: - repository: ${{ github.repository_owner }}/awx - path: awx - - name: Checkout awx-operator uses: actions/checkout@v3 with: @@ -53,17 +47,20 @@ jobs: run: | python3 -m pip install docker - - name: Log in to GHCR - run: | - echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u ${{ github.actor }} --password-stdin + - name: Log into registry ghcr.io + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} - - name: Build and stage awx-operator + - name: Stage awx-operator working-directory: awx-operator run: | BUILD_ARGS="--build-arg DEFAULT_AWX_VERSION=${{ github.event.inputs.default_awx_version }} \ - --build-arg OPERATOR_VERSION=${{ github.event.inputs.version }}" \ - IMAGE_TAG_BASE=ghcr.io/${{ github.repository_owner }}/awx-operator \ - VERSION=${{ github.event.inputs.version }} make docker-build docker-push + --build-arg OPERATOR_VERSION=${{ github.event.inputs.version }}" \ + IMG=ghcr.io/${{ github.repository }}:${{ github.event.inputs.version }} \ + make docker-buildx - name: Run test deployment working-directory: awx-operator @@ -76,10 +73,12 @@ jobs: env: AWX_TEST_VERSION: ${{ github.event.inputs.default_awx_version }} - - name: Create draft release - working-directory: awx - run: | - ansible-playbook tools/ansible/stage.yml \ - -e version=${{ github.event.inputs.version }} \ - -e repo=${{ github.repository_owner }}/awx-operator \ - -e github_token=${{ secrets.GITHUB_TOKEN }} + - name: Create Draft Release + id: create_release + uses: actions/create-release@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + tag_name: ${{ github.event.inputs.version }} + release_name: Release ${{ github.event.inputs.version }} + draft: true diff --git a/Makefile b/Makefile index 88fe3ff9b..9e03a1f93 100644 --- a/Makefile +++ b/Makefile @@ -107,6 +107,21 @@ docker-build: ## Build docker image with the manager. docker-push: ## Push docker image with the manager. ${CONTAINER_CMD} push ${IMG} +# PLATFORMS defines the target platforms for the manager image be build to provide support to multiple +# architectures. (i.e. make docker-buildx IMG=myregistry/mypoperator:0.0.1). To use this option you need to: +# - able to use docker buildx . More info: https://docs.docker.com/build/buildx/ +# - have enable BuildKit, More info: https://docs.docker.com/develop/develop-images/build_enhancements/ +# - be able to push the image for your registry (i.e. if you do not inform a valid value via IMG=> than the export will fail) +# To properly provided solutions that supports more than one platform you should use this option. +PLATFORMS ?= linux/arm64,linux/amd64,linux/s390x,linux/ppc64le +.PHONY: docker-buildx +docker-buildx: ## Build and push docker image for the manager for cross-platform support + - docker buildx create --name project-v3-builder + docker buildx use project-v3-builder + - docker buildx build --push $(BUILD_ARGS) --platform=$(PLATFORMS) --tag ${IMG} -f Dockerfile . + - docker buildx rm project-v3-builder + + ##@ Deployment .PHONY: install