diff --git a/.github/create_bundle.sh b/.github/create_bundle.sh deleted file mode 100755 index dd42291..0000000 --- a/.github/create_bundle.sh +++ /dev/null @@ -1,69 +0,0 @@ -#!/bin/bash -set -e - -CLUSTER_BUNDLE_FILE="bundle/manifests/barbican-operator.clusterserviceversion.yaml" - -echo "Creating barbican-operator bundle" -cd .. -echo "${GITHUB_SHA}" -echo "${BASE_IMAGE}" -skopeo --version - -echo "Calculating image digest for docker://${REGISTRY}/${BASE_IMAGE}:${GITHUB_SHA}" -DIGEST=$(skopeo inspect docker://${REGISTRY}/${BASE_IMAGE}:${GITHUB_SHA} | jq '.Digest' -r) -# Output: -# Calculating image digest for docker://quay.io/openstack-k8s-operators/barbican-operator:d03f2c1c362c04fc5ef819f92a218f9ea59bbd0c -# Digest: sha256:1d5b578fd212f8dbd03c0235f1913ef738721766f8c94236af5efecc6d8d8cb1 -echo "Digest: ${DIGEST}" - -RELEASE_VERSION=$(grep "^VERSION" Makefile | awk -F'?= ' '{ print $2 }') -OPERATOR_IMG_WITH_DIGEST="${REGISTRY}/${BASE_IMAGE}@${DIGEST}" - -echo "New Operator Image with Digest: $OPERATOR_IMG_WITH_DIGEST" -echo "Release Version: $RELEASE_VERSION" - -echo "Creating bundle image..." -VERSION=$RELEASE_VERSION IMG=$OPERATOR_IMG_WITH_DIGEST make bundle - -echo "Bundle file images:" -cat "${CLUSTER_BUNDLE_FILE}" | grep "image:" -# FIXME: display any ENV variables once we have offline support implemented -#grep -A1 IMAGE_URL_DEFAULT "${CLUSTER_BUNDLE_FILE}" - -# We do not want to exit here. Some images are in different registries, so -# error will be reported to the console. -set +e -for csv_image in $(cat "${CLUSTER_BUNDLE_FILE}" | grep "image:" | sed -e "s|.*image:||" | sort -u); do - digest_image="" - echo "CSV line: ${csv_image}" - - # case where @ is in the csv_image image - if [[ "$csv_image" =~ .*"@".* ]]; then - delimeter='@' - else - delimeter=':' - fi - - base_image=$(echo $csv_image | cut -f 1 -d${delimeter}) - tag_image=$(echo $csv_image | cut -f 2 -d${delimeter}) - - if [[ "$base_image:$tag_image" == "controller:latest" ]]; then - echo "$base_image:$tag_image becomes $OPERATOR_IMG_WITH_DIGEST" - sed -e "s|$base_image:$tag_image|$OPERATOR_IMG_WITH_DIGEST|g" -i "${CLUSTER_BUNDLE_FILE}" - else - digest_image=$(skopeo inspect docker://${base_image}${delimeter}${tag_image} | jq '.Digest' -r) - echo "Base image: $base_image" - if [ -n "$digest_image" ]; then - echo "$base_image${delimeter}$tag_image becomes $base_image@$digest_image" - sed -i "s|$base_image$delimeter$tag_image|$base_image@$digest_image|g" "${CLUSTER_BUNDLE_FILE}" - else - echo "$base_image${delimeter}$tag_image not changed" - fi - fi -done - -echo "Resulting bundle file images:" -cat "${CLUSTER_BUNDLE_FILE}" | grep "image:" - -# FIXME: display any ENV variables once we have offline support implemented -#grep -A1 IMAGE_URL_DEFAULT "${CLUSTER_BUNDLE_FILE}" diff --git a/.github/create_opm_index.sh b/.github/create_opm_index.sh deleted file mode 100755 index 6ff3c76..0000000 --- a/.github/create_opm_index.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/bash -set -e - -echo "Creating operator index image" -echo "${REGISTRY}" -echo "${GITHUB_SHA}" -echo "${INDEX_IMAGE}" -echo "${INDEX_IMAGE_TAG}" -echo "${BUNDLE_IMAGE}" - -echo "opm index add --bundles ${REGISTRY}/${BUNDLE_IMAGE}:${GITHUB_SHA} --tag ${REGISTRY}/${INDEX_IMAGE}:${GITHUB_SHA} -u podman --pull-tool podman" -opm index add --bundles "${REGISTRY}/${BUNDLE_IMAGE}:${GITHUB_SHA}" --tag "${REGISTRY}/${INDEX_IMAGE}:${GITHUB_SHA}" -u podman --pull-tool podman - -echo "podman tag ${REGISTRY}/${INDEX_IMAGE}:${GITHUB_SHA} ${REGISTRY}/${INDEX_IMAGE}:${INDEX_IMAGE_TAG}" -podman tag "${REGISTRY}/${INDEX_IMAGE}:${GITHUB_SHA}" "${REGISTRY}/${INDEX_IMAGE}:${INDEX_IMAGE_TAG}" diff --git a/.github/workflows/build-barbican-operator.yaml b/.github/workflows/build-barbican-operator.yaml index 2f0be87..b80c0b5 100644 --- a/.github/workflows/build-barbican-operator.yaml +++ b/.github/workflows/build-barbican-operator.yaml @@ -1,4 +1,4 @@ -name: Barbican Operator image builder +name: barbican operator image builder on: push: @@ -11,177 +11,15 @@ env: latesttag: latest jobs: - - check-secrets: - runs-on: ubuntu-latest - steps: - - name: Check secrets are set - id: have-secrets - if: "${{ env.imagenamespace != '' }}" - run: echo "::set-output name=ok::true" - outputs: - have-secrets: ${{ steps.have-secrets.outputs.ok }} - - build-barbican-operator: - name: Build barbican-operator image using buildah - runs-on: ubuntu-latest - needs: [check-secrets] - if: needs.check-secrets.outputs.have-secrets == 'true' - - steps: - - uses: actions/checkout@v2 - - - name: Get branch name - id: branch-name - uses: tj-actions/branch-names@v5 - - - name: Set latest tag for non main branch - if: "${{ steps.branch-name.outputs.current_branch != 'main' }}" - run: | - echo "latesttag=${{ steps.branch-name.outputs.current_branch }}-latest" >> $GITHUB_ENV - - - name: Buildah Action - id: build-barbican-operator - uses: redhat-actions/buildah-build@v2 - with: - image: barbican-operator - tags: ${{ env.latesttag }} ${{ github.sha }} - containerfiles: | - ./Dockerfile - - - name: Push barbican-operator To ${{ env.imageregistry }} - uses: redhat-actions/push-to-registry@v2 - with: - image: ${{ steps.build-barbican-operator.outputs.image }} - tags: ${{ steps.build-barbican-operator.outputs.tags }} - registry: ${{ env.imageregistry }}/${{ env.imagenamespace }} - username: ${{ secrets.QUAY_USERNAME }} - password: ${{ secrets.QUAY_PASSWORD }} - - build-barbican-operator-bundle: - needs: [ check-secrets, build-barbican-operator ] - name: barbican-operator-bundle - runs-on: ubuntu-latest - if: needs.check-secrets.outputs.have-secrets == 'true' - - steps: - - name: Install Go - uses: actions/setup-go@v2 - with: - go-version: 1.19.x - - - name: Checkout barbican-operator repository - uses: actions/checkout@v2 - - - name: Install operator-sdk - uses: redhat-actions/openshift-tools-installer@v1 - with: - source: github - operator-sdk: '1.26.0' - - - name: Log in to Quay Registry - uses: redhat-actions/podman-login@v1 - with: - registry: ${{ env.imageregistry }} - username: ${{ secrets.QUAY_USERNAME }} - password: ${{ secrets.QUAY_PASSWORD }} - - - name: Log in to Red Hat Registry - uses: redhat-actions/podman-login@v1 - with: - registry: registry.redhat.io - username: ${{ secrets.REDHATIO_USERNAME }} - password: ${{ secrets.REDHATIO_PASSWORD }} - - - name: Create bundle image - run: | - pushd "${GITHUB_WORKSPACE}"/.github/ - chmod +x "create_bundle.sh" - "./create_bundle.sh" - popd - env: - REGISTRY: ${{ env.imageregistry }}/${{ env.imagenamespace }} - GITHUB_SHA: ${{ github.sha }} - BASE_IMAGE: barbican-operator - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - - name: Get branch name - id: branch-name - uses: tj-actions/branch-names@v5 - - - name: Set latest tag for non main branch - if: "${{ steps.branch-name.outputs.current_branch != 'main' }}" - run: | - echo "latesttag=${{ steps.branch-name.outputs.current_branch }}-latest" >> $GITHUB_ENV - - - name: Build barbican-operator-bundle using buildah - id: build-barbican-operator-bundle - uses: redhat-actions/buildah-build@v2 - with: - image: barbican-operator-bundle - tags: ${{ env.latesttag }} ${{ github.sha }} - containerfiles: | - ./bundle.Dockerfile - - - name: Push barbican-operator To ${{ env.imageregistry }} - uses: redhat-actions/push-to-registry@v2 - with: - image: ${{ steps.build-barbican-operator-bundle.outputs.image }} - tags: ${{ steps.build-barbican-operator-bundle.outputs.tags }} - registry: ${{ env.imageregistry }}/${{ env.imagenamespace }} - username: ${{ secrets.QUAY_USERNAME }} - password: ${{ secrets.QUAY_PASSWORD }} - - build-barbican-operator-index: - needs: [ check-secrets, build-barbican-operator-bundle ] - name: barbican-operator-index - runs-on: ubuntu-latest - if: needs.check-secrets.outputs.have-secrets == 'true' - - steps: - - name: Checkout barbican-operator repository - uses: actions/checkout@v2 - - - name: Get branch name - id: branch-name - uses: tj-actions/branch-names@v5 - - - name: Set latest tag for non main branch - if: "${{ steps.branch-name.outputs.current_branch != 'main' }}" - run: | - echo "latesttag=${{ steps.branch-name.outputs.current_branch }}-latest" >> $GITHUB_ENV - - - name: Install opm - uses: redhat-actions/openshift-tools-installer@v1 - with: - source: github - opm: 'latest' - - - name: Log in to Red Hat Registry - uses: redhat-actions/podman-login@v1 - with: - registry: ${{ env.imageregistry }} - username: ${{ secrets.QUAY_USERNAME }} - password: ${{ secrets.QUAY_PASSWORD }} - - - name: Create index image - run: | - pushd "${GITHUB_WORKSPACE}"/.github/ - chmod +x "create_opm_index.sh" - "./create_opm_index.sh" - popd - env: - REGISTRY: ${{ env.imageregistry }}/${{ env.imagenamespace }} - GITHUB_SHA: ${{ github.sha }} - BUNDLE_IMAGE: barbican-operator-bundle - INDEX_IMAGE_TAG: ${{ env.latesttag }} - INDEX_IMAGE: barbican-operator-index - - - name: Push barbican-operator-index To ${{ env.imageregistry }} - uses: redhat-actions/push-to-registry@v2 - with: - image: barbican-operator-index - tags: ${{ env.latesttag }} ${{ github.sha }} - registry: ${{ env.imageregistry }}/${{ env.imagenamespace }} - username: ${{ secrets.QUAY_USERNAME }} - password: ${{ secrets.QUAY_PASSWORD }} + call-build-workflow: + uses: openstack-k8s-operators/openstack-k8s-operators-ci/.github/workflows/reusable-build-operator.yaml@main + with: + operator_name: barbican + go_version: 1.19.x + operator_sdk_version: 1.31.0 + secrets: + IMAGENAMESPACE: ${{ secrets.IMAGENAMESPACE }} + QUAY_USERNAME: ${{ secrets.QUAY_USERNAME }} + QUAY_PASSWORD: ${{ secrets.QUAY_PASSWORD }} + REDHATIO_USERNAME: ${{ secrets.REDHATIO_USERNAME }} + REDHATIO_PASSWORD: ${{ secrets.REDHATIO_PASSWORD }} diff --git a/Makefile b/Makefile index 4a49d04..8cde1b1 100644 --- a/Makefile +++ b/Makefile @@ -236,7 +236,7 @@ ifeq (,$(shell which opm 2>/dev/null)) set -e ;\ mkdir -p $(dir $(OPM)) ;\ OS=$(shell go env GOOS) && ARCH=$(shell go env GOARCH) && \ - curl -sSLo $(OPM) https://github.com/operator-framework/operator-registry/releases/download/v1.23.0/$${OS}-$${ARCH}-opm ;\ + curl -sSLo $(OPM) https://github.com/operator-framework/operator-registry/releases/download/v1.29.0/$${OS}-$${ARCH}-opm ;\ chmod +x $(OPM) ;\ } else