diff --git a/.github/workflows/publish_edge.yaml b/.github/workflows/publish_edge.yaml new file mode 100644 index 00000000..ec775b0d --- /dev/null +++ b/.github/workflows/publish_edge.yaml @@ -0,0 +1,68 @@ +name: Release Ceph ROCKs +# Runs whenever a new commit is pushed to below mentioned branches. +on: + push: + branches: + - 'stable/*' + - 'main' + # Allows you to run this workflow manually from the Actions tab + workflow_dispatch: + +jobs: + release_to_registry: + name: Release Ceph Edge ROCK to GHCR + runs-on: ubuntu-22.04 + permissions: + packages: write + outputs: + rock: ${{ steps.rockcraft.outputs.rock }} + steps: + - name: Check out the repo + uses: actions/checkout@v3 + + - name: Install deps and clean legacy rules. + run: | + sudo snap install lxd + sudo snap install rockcraft --classic --edge + sudo lxd init --auto + for ipt in iptables iptables-legacy ip6tables ip6tables-legacy; do sudo $ipt --flush; sudo $ipt --flush -t nat; sudo $ipt --delete-chain; sudo $ipt --delete-chain -t nat; sudo $ipt -P FORWARD ACCEPT; sudo $ipt -P INPUT ACCEPT; sudo $ipt -P OUTPUT ACCEPT; done + sudo systemctl reload snap.lxd.daemon + sleep 5 + + - name: Patch version information into ROCK recipe + id: versioning + run: | + PKG_VER_STR=$(sudo rockcraft pull pkg_info -v &> >(grep "Version")) + PKG_VER=$(cut -d' ' -f3 <<< $PKG_VER_STR) + CEPH_VER=$(cut -d'-' -f1 <<< $PKG_VER) + sed -i "/version/c\version: $CEPH_VER" rockcraft.yaml + echo "::set-output name=ceph_version::$CEPH_VER" + + - name: login to GitHub Container Registry + uses: docker/login-action@v1 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38 + with: + images: ghcr.io/canonical/ceph + tags: | + type=edge,prefix=quincy-,enable=${{ startsWith(steps.versioning.outputs.ceph_version, '17') }} + type=edge,prefix=reef-,enable=${{ startsWith(steps.versioning.outputs.ceph_version, '18') }} + type=edge,prefix=dev-,enable={{is_default_branch}} + + - name: Prepare Rock + uses: canonical/craft-actions/rockcraft-pack@main + id: rockcraft + + - name: Load to Docker daemon + run: | + skopeo --insecure-policy copy oci-archive:${{ steps.rockcraft.outputs.rock }} docker-daemon:${{ steps.meta.outputs.tags }} + docker image ls -a + sleep 10 + docker push ${{ steps.meta.outputs.tags }} + diff --git a/.github/workflows/publish_hotfix.yaml b/.github/workflows/publish_hotfix.yaml new file mode 100644 index 00000000..ccfd0b7c --- /dev/null +++ b/.github/workflows/publish_hotfix.yaml @@ -0,0 +1,76 @@ +name: Publish Temporary ROCK + +on: + pull_request: + types: [ labeled ] + +jobs: + hotfix_publish: + name: Publish hotfix release + # Run only if 'hotfix' label is attached. + if: ${{ github.event.label.name == 'hotfix' }} + runs-on: ubuntu-22.04 + permissions: + packages: write + outputs: + rock: ${{ steps.rockcraft.outputs.rock }} + steps: + - run: | + echo Publishing container image for PR# $NUMBER + env: + NUMBER: ${{ github.event.pull_request.number }} + + - name: Checkout + uses: actions/checkout@v3 + + - name: Checkout Pull Request + run: hub pr checkout ${{ github.event.pull_request.number }} + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Install deps and clean legacy rules. + run: | + sudo snap install lxd + sudo snap install rockcraft --classic --edge + sudo lxd init --auto + for ipt in iptables iptables-legacy ip6tables ip6tables-legacy; do sudo $ipt --flush; sudo $ipt --flush -t nat; sudo $ipt --delete-chain; sudo $ipt --delete-chain -t nat; sudo $ipt -P FORWARD ACCEPT; sudo $ipt -P INPUT ACCEPT; sudo $ipt -P OUTPUT ACCEPT; done + sudo systemctl reload snap.lxd.daemon + sleep 5 + + - name: Patch PR information into ROCK recipe + id: versioning + run: | + PKG_VER_STR=$(sudo rockcraft pull pkg_info -v &> >(grep "Version")) + PKG_VER=$(cut -d' ' -f3 <<< $PKG_VER_STR) + CEPH_VER=$(cut -d'-' -f1 <<< $PKG_VER) + sed -i "/version:/c\version: $PR_NUM-$CEPH_VER" rockcraft.yaml + echo "::set-output name=ceph_version::$CEPH_VER" + env: + PR_NUM: ${{ github.event.pull_request.number }} + + - name: login to GitHub Container Registry + uses: docker/login-action@v1 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38 + with: + images: ghcr.io/canonical/ceph + tags: | + type=raw,value=hotfix-${{ github.event.pull_request.number }}-${{ steps.versioning.outputs.ceph_version }} + + - name: Prepare Rock + uses: canonical/craft-actions/rockcraft-pack@main + id: rockcraft + + - name: Load to Docker daemon + run: | + skopeo --insecure-policy copy oci-archive:${{ steps.rockcraft.outputs.rock }} docker-daemon:${{ steps.meta.outputs.tags }} + docker image ls -a + sleep 10 + docker push ${{ steps.meta.outputs.tags }} + diff --git a/.github/workflows/publish_image.yaml b/.github/workflows/publish_image.yaml deleted file mode 100644 index c12759c7..00000000 --- a/.github/workflows/publish_image.yaml +++ /dev/null @@ -1,42 +0,0 @@ -name: Publish Ceph ROCK - -on: - push: - branches: ['main'] - # Allows you to run this workflow manually from the Actions tab - workflow_dispatch: - -jobs: - push_to_registry: - name: Push Ceph ROCK to GHCR - runs-on: ubuntu-latest - outputs: - rock: ${{ steps.rockcraft.outputs.rock }} - steps: - - name: Check out the repo - uses: actions/checkout@v3 - - - name: login to GitHub Container Registry - uses: docker/login-action@v1 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Extract metadata (tags, labels) for Docker - id: meta - uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38 - with: - images: ghcr.io/canonical/ceph - - - name: Prepare Rock - uses: canonical/craft-actions/rockcraft-pack@main - id: rockcraft - - - name: Load to Docker daemon - run: | - skopeo --insecure-policy copy oci-archive:${{ steps.rockcraft.outputs.rock }} docker-daemon:${{ steps.meta.outputs.tags }} - docker image ls -a - sleep 10 - docker push ${{ steps.meta.outputs.tags }} - diff --git a/.github/workflows/publish_release.yaml b/.github/workflows/publish_release.yaml new file mode 100644 index 00000000..29eecccb --- /dev/null +++ b/.github/workflows/publish_release.yaml @@ -0,0 +1,71 @@ +name: Release Ceph ROCKs +# Only runs when a commit on release branches is tagged with ceph version string. +on: + push: + tags: + - v[1-9][0-9]\.[0-2]\.@([0-9]|[0-9][0-9]) # Version glob to match git tags with ceph versions + # Allows you to run this workflow manually from the Actions tab + workflow_dispatch: + +jobs: + release_to_registry: + name: Release Ceph ROCK to GHCR + runs-on: ubuntu-22.04 + permissions: + packages: write + outputs: + rock: ${{ steps.rockcraft.outputs.rock }} + steps: + - name: Check out the repo + uses: actions/checkout@v3 + + - name: Install deps and clean legacy rules. + run: | + sudo snap install lxd + sudo snap install rockcraft --classic --edge + sudo lxd init --auto + for ipt in iptables iptables-legacy ip6tables ip6tables-legacy; do sudo $ipt --flush; sudo $ipt --flush -t nat; sudo $ipt --delete-chain; sudo $ipt --delete-chain -t nat; sudo $ipt -P FORWARD ACCEPT; sudo $ipt -P INPUT ACCEPT; sudo $ipt -P OUTPUT ACCEPT; done + sudo systemctl reload snap.lxd.daemon + sleep 5 + + - name: Patch version information into ROCK recipe + id: versioning + run: | + PKG_VER_STR=$(sudo rockcraft pull pkg_info -v &> >(grep "Version")) + PKG_VER=$(cut -d' ' -f3 <<< $PKG_VER_STR) + CEPH_VER=$(cut -d'-' -f1 <<< $PKG_VER) + DEB_VER=$(cut -d'-' -f2 <<< $PKG_VER) + sed -i "/version:/c\version: $CEPH_VER" rockcraft.yaml + echo "::set-output name=ceph_version::$CEPH_VER" + echo "::set-output name=deb_version::$DEB_VER" + + - name: login to GitHub Container Registry + uses: docker/login-action@v1 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38 + with: + images: ghcr.io/canonical/ceph + tags: | + type=semver,pattern={{major}}.{{minor}}.{{patch}},value=${{ steps.versioning.outputs.ceph_version }} + type=raw,value=quincy,enable=${{ startsWith(steps.versioning.outputs.ceph_version, '17') }} + type=raw,value=reef,enable=${{ startsWith(steps.versioning.outputs.ceph_version, '18') }} + type=raw,value=${{ steps.versioning.outputs.deb_version }} + type=raw,value=dev,enable={{is_default_branch}} + + - name: Prepare Rock + uses: canonical/craft-actions/rockcraft-pack@main + id: rockcraft + + - name: Load to Docker daemon + run: | + skopeo --insecure-policy copy oci-archive:${{ steps.rockcraft.outputs.rock }} docker-daemon:${{ steps.meta.outputs.tags }} + docker image ls -a + sleep 10 + docker push ${{ steps.meta.outputs.tags }} + diff --git a/.github/workflows/publish_temp_image.yaml b/.github/workflows/publish_temp_image.yaml deleted file mode 100644 index 70a656fd..00000000 --- a/.github/workflows/publish_temp_image.yaml +++ /dev/null @@ -1,55 +0,0 @@ -name: Publish Temporary ROCK - -on: - issue_comment: - types: [created] - -jobs: - pr_commented: - name: PR comment - # Run only if the comment is on a pull request and contains the keyword. - if: ${{ github.event.issue.pull_request }} && contains(github.event.comment.body, '/publish') - runs-on: ubuntu-latest - outputs: - rock: ${{ steps.rockcraft.outputs.rock }} - steps: - - run: | - echo Publishing container image for PR# $NUMBER - env: - NUMBER: ${{ github.event.issue.number }} - - - name: Checkout - uses: actions/checkout@v3 - - - name: Checkout Pull Request - run: hub pr checkout ${{ github.event.issue.number }} - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - - name: login to GitHub Container Registry - uses: docker/login-action@v1 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Extract metadata (tags, labels) for Docker - id: meta - uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38 - with: - images: ghcr.io/canonical/ceph - # Create OCI tag using the PR. - tags: | - type=ref,event=pr - - - name: Prepare Rock - uses: canonical/craft-actions/rockcraft-pack@main - id: rockcraft - - - name: Load to Docker daemon - run: | - skopeo --insecure-policy copy oci-archive:${{ steps.rockcraft.outputs.rock }} docker-daemon:ghcr.io/canonical/ceph:${{ github.event.issue.number }} - docker image ls -a - sleep 10 - docker push ghcr.io/canonical/ceph:${{ github.event.issue.number }} - diff --git a/.github/workflows/registry_housekeeping.yaml b/.github/workflows/registry_housekeeping.yaml new file mode 100644 index 00000000..d2384c60 --- /dev/null +++ b/.github/workflows/registry_housekeeping.yaml @@ -0,0 +1,32 @@ +name: Delete old container images + +on: + schedule: + - cron: "0 0 1 * *" # every day at midnight + + +jobs: + clean-ghcr: + name: GHCR cleanup + runs-on: ubuntu-22.04 + steps: + - name: Delete all untagged Hotfixes. + uses: snok/container-retention-policy@v2 + with: + image-names: hotfix-* + cut-off: one day ago UTC + timestamp-to-use: updated_at + untagged-only: true + account-type: org + org-name: canonical + token: ${{ secrets.GITHUB_TOKEN }} + + - name: Delete all tagged Hotfixes older than 6 months. + uses: snok/container-retention-policy@v2 + with: + image-names: hotfix-* + cut-off: six months ago UTC + timestamp-to-use: updated_at + account-type: org + org-name: canonical + token: ${{ secrets.GITHUB_TOKEN }} diff --git a/rockcraft.yaml b/rockcraft.yaml index e40528a2..7276d0d9 100644 --- a/rockcraft.yaml +++ b/rockcraft.yaml @@ -1,9 +1,8 @@ name: ceph base: ubuntu:22.04 # the base environment for this ROCK -version: '0.1' # just for humans. Semantic versioning is recommended +version: '0.1' # replaced by CI when building to publish. summary: Ubuntu based Ceph container image -description: | - Rock for Containerised Ceph based on Ubuntu Ceph distribution. +description: ROCK for Containerised Ceph based on Ubuntu Ceph distribution. license: Apache-2.0 platforms: amd64: @@ -23,6 +22,12 @@ services: startup: enabled parts: + # Workaround part which build nothing to fetch package info early in CI. + pkg_info: + plugin: nil + override-pull: | + apt info ceph-common + ceph: plugin: nil overlay-packages: