Skip to content

Commit

Permalink
Auto generated from templates by gromit (#418)
Browse files Browse the repository at this point in the history 
Co-authored-by: Gromit <policy@gromit>
  • Loading branch information
@konrad-sol
konrad-sol and Gromit authored Oct 4, 2024
1 parent e0d1743 commit 09a2ffe
Show file tree
Hide file tree
Showing 2 changed files with 76 additions and 33 deletions.
108 changes: 75 additions & 33 deletions .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
# yamllint disable rule:line-length rule:truthy
name: Release
# Generated by: gromit policy

# Distribution channels covered by this workflow
Expand All @@ -6,8 +8,9 @@
# - docker hub
# - devenv ECR
# - Cloudsmith

name: Release
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: ${{ github.event_name == 'pull_request' }}
on:
# Trigger release every monday at midnight for master CI images
schedule:
Expand All @@ -21,8 +24,14 @@ on:
- 'v*'

Check warning on line 24 in .github/workflows/release.yml

View workflow job for this annotation

GitHub Actions / test-controller-distros 

Using test variation

Check warning on line 24 in .github/workflows/release.yml

View workflow job for this annotation

GitHub Actions / test-controller-distros 

Using test variation

Check warning on line 24 in .github/workflows/release.yml

View workflow job for this annotation

GitHub Actions / test-controller-distros 

Using test variation
env:
GOPRIVATE: github.com/TykTechnologies
VARIATION: inverted
DOCKER_BUILD_SUMMARY: false
DOCKER_BUILD_RECORD_UPLOAD: false
# startsWith covers pull_request_target too
BASE_REF: ${{startsWith(github.event_name, 'pull_request') && github.base_ref || github.ref_name}}
jobs:
goreleaser:
if: github.event.pull_request.draft == false
name: '${{ matrix.golang_cross }}'
runs-on: ubuntu-latest-m
permissions:
Expand Down Expand Up @@ -138,7 +147,7 @@ jobs:
type=semver,pattern={{version}},prefix=v
- name: push image to CI
if: ${{ matrix.golang_cross == '1.21-bookworm' }}
uses: docker/build-push-action@v5
uses: docker/build-push-action@v6
with:
context: "dist"
platforms: linux/amd64,linux/arm64
Expand All @@ -161,13 +170,12 @@ jobs:
latest=false
prefix=v
tags: |
type=semver,pattern={{major}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{version}}
labels: "org.opencontainers.image.title=tyk-identity-broker (distroless) \norg.opencontainers.image.description=Tyk Authentication Proxy for third-party login\norg.opencontainers.image.vendor=tyk.io\norg.opencontainers.image.version=${{ github.ref_name }}\n"
- name: build multiarch image
- name: push image to prod
if: ${{ matrix.golang_cross == '1.21-bookworm' }}
uses: docker/build-push-action@v5
uses: docker/build-push-action@v6
with:
context: "dist"
platforms: linux/amd64,linux/arm64
Expand All @@ -179,45 +187,66 @@ jobs:
push: ${{ startsWith(github.ref, 'refs/tags') }}
tags: ${{ steps.tag_metadata.outputs.tags }}
labels: ${{ steps.tag_metadata.outputs.labels }}
- uses: actions/upload-artifact@v4
- name: save deb
uses: actions/upload-artifact@v4
if: ${{ matrix.golang_cross == '1.21-bookworm' }}
with:
name: deb
retention-days: 1
path: |
dist/*.deb
!dist/*PAYG*.deb
- uses: actions/upload-artifact@v4
!dist/*fips*.deb
- name: save rpm
uses: actions/upload-artifact@v4
if: ${{ matrix.golang_cross == '1.21-bookworm' }}
with:
name: rpm
retention-days: 1
path: |
dist/*.rpm
!dist/*PAYG*.rpm
!dist/*fips*.rpm
test-controller-distros:
if: github.event.pull_request.draft == false
needs:
- goreleaser
runs-on: ubuntu-latest
outputs:
deb: ${{ steps.params.outputs.deb }}
rpm: ${{ steps.params.outputs.rpm }}
steps:
- name: set params
id: params
shell: bash
env:
# startsWith covers pull_request_target too
BASE_REF: ${{startsWith(github.event_name, 'pull_request') && github.base_ref || github.ref_name}}
run: |
set -eo pipefail
curl -s --retry 5 --retry-delay 10 --fail-with-body "http://tui.internal.dev.tyk.technology/v2/$VARIATION/tyk-identity-broker/$BASE_REF/${{ github.event_name}}/api/Distros.gho" | tee -a "$GITHUB_OUTPUT"
if ! [[ $VARIATION =~ prod ]];then
echo "::warning file=.github/workflows/release.yml,line=24,col=1,endColumn=8::Using test variation"
fi
upgrade-deb:
services:
httpbin.org:
image: kennethreitz/httpbin
runs-on: ubuntu-latest
needs: goreleaser
needs:
- test-controller-distros
strategy:
fail-fast: false
fail-fast: true
matrix:
arch:
- amd64
- arm64
distro:
- ubuntu:xenial
- ubuntu:bionic
- ubuntu:focal
- ubuntu:jammy
- debian:bullseye
- debian:bookworm
distro: ${{ fromJson(needs.test-controller-distros.outputs.deb) }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 1
sparse-checkout: ci
- uses: actions/download-artifact@v4
with:
name: deb
Expand All @@ -230,53 +259,66 @@ jobs:
COPY tyk-identity-broker*_${TARGETARCH}.deb /tyk-identity-broker.deb
RUN apt-get update && apt-get install -y curl
RUN curl -fsSL https://packagecloud.io/install/repositories/tyk/tyk-identity-broker/script.deb.sh | bash && apt-get install -y tyk-identity-broker=1.1.0
RUN dpkg -i tyk-identity-broker.deb
' > Dockerfile
RUN dpkg -i /tyk-identity-broker.deb
' | tee Dockerfile
- name: install on ${{ matrix.distro }}
uses: docker/build-push-action@v5
uses: docker/build-push-action@v6
with:
context: "."
platforms: linux/${{ matrix.arch }}
build-args: |
RHELARCH=${{ startsWith(matrix.arch, 'arm64') && 'aarch64' || 'x86_64' }}
cache-from: type=gha
cache-to: type=gha,mode=max
file: Dockerfile
push: false
upgrade-rpm:
services:
httpbin.org:
image: kennethreitz/httpbin
needs: goreleaser
runs-on: ubuntu-latest
needs:
- test-controller-distros
strategy:
fail-fast: false
fail-fast: true
matrix:
distro:
- amazonlinux:2023
- registry.access.redhat.com/ubi8/ubi
- registry.access.redhat.com/ubi9/ubi
- amazonlinux:2
- registry.access.redhat.com/ubi7/ubi
arch:
- amd64
- arm64
distro: ${{ fromJson(needs.test-controller-distros.outputs.rpm) }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 1
sparse-checkout: ci
- uses: actions/download-artifact@v4
with:
name: rpm
- uses: docker/setup-qemu-action@v3
- uses: docker/setup-buildx-action@v3
- name: generate dockerfile
run: |
echo 'FROM ${{ matrix.distro }}
COPY tyk-identity-broker*.x86_64.rpm /tyk-identity-broker.rpm
ARG RHELARCH
COPY tyk-identity-broker*.${RHELARCH}.rpm /tyk-identity-broker.rpm
RUN command -v curl || yum install -y curl
RUN command -v useradd || yum install -y shadow-utils
RUN curl -fsSL https://packagecloud.io/install/repositories/tyk/tyk-identity-broker/script.rpm.sh | bash && yum install -y tyk-identity-broker-1.1.0-1
RUN curl https://keyserver.tyk.io/tyk.io.rpm.signing.key.2020 -o tyk-identity-broker.key && rpm --import tyk-identity-broker.key
RUN rpm --checksig tyk-identity-broker.rpm
RUN rpm -Uvh --force tyk-identity-broker.rpm
' > Dockerfile
RUN rpm --checksig /tyk-identity-broker.rpm
RUN rpm -Uvh --force /tyk-identity-broker.rpm
' | tee Dockerfile
- name: install on ${{ matrix.distro }}
uses: docker/build-push-action@v5
uses: docker/build-push-action@v6
with:
context: "."
platforms: linux/${{ matrix.arch }}
build-args: |
RHELARCH=${{ startsWith(matrix.arch, 'arm64') && 'aarch64' || 'x86_64' }}
cache-from: type=gha
cache-to: type=gha,mode=max
file: Dockerfile
push: false
sbom:
Expand Down
1 change: 1 addition & 0 deletions ci/goreleaser/goreleaser.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@
# This project needs CGO_ENABLED=1 and the cross-compiler toolchains for
# - arm64
# - amd64
version: 2
builds:
- id: std
ldflags:
Expand Down

0 comments on commit 09a2ffe

Please sign in to comment.