Skip to content

Fix CI failure #2363

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 4 commits into from
Oct 30, 2025
Merged

Fix CI failure #2363

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
d9d1fbd
removed + from generated version tag and extracted a common action
dmartinol Oct 29, 2025
9a15200
quoting variable
dmartinol Oct 29, 2025
ea9acb5
lint fixes
dmartinol Oct 30, 2025
ea59ce6
Merge branch 'main' into fix_ci
dmartinol Oct 30, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 26 additions & 0 deletions .github/actions/compute-version/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
name: 'Compute Version Number'
description: 'Computes a semantic version string based on the branch/tag context'
outputs:
tag:
description: 'The computed version tag'
value: ${{ steps.version-string.outputs.tag }}
runs:
using: 'composite'
steps:
- name: Compute version number
id: version-string
shell: bash
run: |
if [[ "${{ github.ref }}" == "refs/heads/main" ]]; then
# For main branch, use semver with -dev suffix
echo "tag=0.0.1-dev.${GITHUB_RUN_NUMBER}_$(git rev-parse --short HEAD)" >> "$GITHUB_OUTPUT"
elif [[ "${{ github.ref }}" == refs/tags/* ]]; then
# For tags, use the tag as is (assuming it's semver)
TAG="${{ github.ref_name }}"
echo "tag=$TAG" >> "$GITHUB_OUTPUT"
else
# For other branches, use branch name and run number
BRANCH="${{ github.ref_name }}"
echo "tag=0.0.1-$BRANCH.${GITHUB_RUN_NUMBER}_$(git rev-parse --short HEAD)" >> "$GITHUB_OUTPUT"
fi

80 changes: 15 additions & 65 deletions .github/workflows/image-build-and-publish.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,19 +26,7 @@ jobs:

- name: Compute version number
id: version-string
run: |
if [[ "${{ github.ref }}" == "refs/heads/main" ]]; then
# For main branch, use semver with -dev suffix
echo "tag=0.0.1-dev.$GITHUB_RUN_NUMBER+$(git rev-parse --short HEAD)" >> "$GITHUB_OUTPUT"
elif [[ "${{ github.ref }}" == refs/tags/* ]]; then
# For tags, use the tag as is (assuming it's semver)
TAG="${{ github.ref_name }}"
echo "tag=$TAG" >> "$GITHUB_OUTPUT"
else
# For other branches, use branch name and run number
BRANCH="${{ github.ref_name }}"
echo "tag=0.0.1-$BRANCH.$GITHUB_RUN_NUMBER+$(git rev-parse --short HEAD)" >> "$GITHUB_OUTPUT"
fi
uses: ./.github/actions/compute-version

- name: Login to GitHub Container Registry
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
Expand All @@ -60,7 +48,7 @@ jobs:
BUILD_DATE: ${{ github.event.head_commit.timestamp }}
KO_CONFIG_PATH: ${{ github.workspace }}/.github/ko-ci.yml
run: |
TAG=$(echo "${{ steps.version-string.outputs.tag }}" | sed 's/+/_/g')
TAG=${{ steps.version-string.outputs.tag }}
TAGS="-t $TAG"

# Add latest tag only if building from a tag
Expand All @@ -75,7 +63,7 @@ jobs:
# This step uses the identity token to provision an ephemeral certificate
# against the sigstore community Fulcio instance.
run: |
TAG=$(echo "${{ steps.version-string.outputs.tag }}" | sed 's/+/_/g')
TAG=${{ steps.version-string.outputs.tag }}
# Sign the ko image
cosign sign -y $BASE_REPO:$TAG

Expand All @@ -101,19 +89,7 @@ jobs:

- name: Compute version number
id: version-string
run: |
if [[ "${{ github.ref }}" == "refs/heads/main" ]]; then
# For main branch, use semver with -dev suffix
echo "tag=0.0.1-dev.$GITHUB_RUN_NUMBER+$(git rev-parse --short HEAD)" >> "$GITHUB_OUTPUT"
elif [[ "${{ github.ref }}" == refs/tags/* ]]; then
# For tags, use the tag as is (assuming it's semver)
TAG="${{ github.ref_name }}"
echo "tag=$TAG" >> "$GITHUB_OUTPUT"
else
# For other branches, use branch name and run number
BRANCH="${{ github.ref_name }}"
echo "tag=0.0.1-$BRANCH.$GITHUB_RUN_NUMBER+$(git rev-parse --short HEAD)" >> "$GITHUB_OUTPUT"
fi
uses: ./.github/actions/compute-version

- name: Login to GitHub Container Registry
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
Expand Down Expand Up @@ -154,7 +130,7 @@ jobs:
- name: Sign container image
if: startsWith(github.ref, 'refs/tags/')
run: |
TAG=$(echo "${{ steps.version-string.outputs.tag }}" | sed 's/+/_/g')
TAG=${{ steps.version-string.outputs.tag }}
cosign sign -y $BASE_REPO:$TAG
cosign sign -y $BASE_REPO:latest

Expand Down Expand Up @@ -189,19 +165,7 @@ jobs:

- name: Compute version number
id: version-string
run: |
if [[ "${{ github.ref }}" == "refs/heads/main" ]]; then
# For main branch, use semver with -dev suffix
echo "tag=0.0.1-dev.$GITHUB_RUN_NUMBER+$(git rev-parse --short HEAD)" >> "$GITHUB_OUTPUT"
elif [[ "${{ github.ref }}" == refs/tags/* ]]; then
# For tags, use the tag as is (assuming it's semver)
TAG="${{ github.ref_name }}"
echo "tag=$TAG" >> "$GITHUB_OUTPUT"
else
# For other branches, use branch name and run number
BRANCH="${{ github.ref_name }}"
echo "tag=0.0.1-$BRANCH.$GITHUB_RUN_NUMBER+$(git rev-parse --short HEAD)" >> "$GITHUB_OUTPUT"
fi
uses: ./.github/actions/compute-version

- name: Login to GitHub Container Registry
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
Expand Down Expand Up @@ -238,7 +202,7 @@ jobs:
BUILD_DATE: ${{ github.event.head_commit.timestamp }}
KO_CONFIG_PATH: ${{ github.workspace }}/.github/ko-ci.yml
run: |
TAG=$(echo "${{ steps.version-string.outputs.tag }}" | sed 's/+/_/g')
TAG=${{ steps.version-string.outputs.tag }}
TAGS="-t $TAG"

# Add latest tag only if building from a tag
Expand All @@ -258,8 +222,7 @@ jobs:
tags: ${{ steps.ubi-meta.outputs.tags }}
build-args: |
CODEDIR=cmd/thv-operator
TAG=$(echo "${{ steps.version-string.outputs.tag }}" | sed 's/+/_/g')
VERSION=$TAG-ubi
VERSION=${{ steps.version-string.outputs.tag }}-ubi
COMMIT=${{ github.sha }}
BUILD_DATE=${{ github.event.head_commit.timestamp }}
labels: ${{ steps.ubi-meta.outputs.labels }}
Expand All @@ -268,8 +231,8 @@ jobs:
# This step uses the identity token to provision an ephemeral certificate
# against the sigstore community Fulcio instance.
run: |
TAG=$(echo "${{ steps.version-string.outputs.tag }}" | sed 's/+/_/g')
UBI_TAG=$(echo "${{ steps.version-string.outputs.tag }}-ubi" | sed 's/+/_/g')
TAG=${{ steps.version-string.outputs.tag }}
UBI_TAG="${{ steps.version-string.outputs.tag }}-ubi"
# Sign the ko image
cosign sign -y $BASE_REPO:$TAG
cosign sign -y $BASE_REPO:$UBI_TAG
Expand Down Expand Up @@ -301,19 +264,7 @@ jobs:

- name: Compute version number
id: version-string
run: |
if [[ "${{ github.ref }}" == "refs/heads/main" ]]; then
# For main branch, use semver with -dev suffix
echo "tag=0.0.1-dev.$GITHUB_RUN_NUMBER+$(git rev-parse --short HEAD)" >> "$GITHUB_OUTPUT"
elif [[ "${{ github.ref }}" == refs/tags/* ]]; then
# For tags, use the tag as is (assuming it's semver)
TAG="${{ github.ref_name }}"
echo "tag=$TAG" >> "$GITHUB_OUTPUT"
else
# For other branches, use branch name and run number
BRANCH="${{ github.ref_name }}"
echo "tag=0.0.1-$BRANCH.$GITHUB_RUN_NUMBER+$(git rev-parse --short HEAD)" >> "$GITHUB_OUTPUT"
fi
uses: ./.github/actions/compute-version

- name: Login to GitHub Container Registry
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
Expand Down Expand Up @@ -350,7 +301,7 @@ jobs:
BUILD_DATE: ${{ github.event.head_commit.timestamp }}
KO_CONFIG_PATH: ${{ github.workspace }}/.github/ko-ci.yml
run: |
TAG=$(echo "${{ steps.version-string.outputs.tag }}" | sed 's/+/_/g')
TAG=${{ steps.version-string.outputs.tag }}
TAGS="-t $TAG"
# Add latest tag only if building from a tag
if [[ "${{ github.ref }}" == refs/tags/* ]]; then
Expand All @@ -368,8 +319,7 @@ jobs:
tags: ${{ steps.ubi-meta.outputs.tags }}
build-args: |
CODEDIR=cmd/thv-proxyrunner
TAG=$(echo "${{ steps.version-string.outputs.tag }}" | sed 's/+/_/g')
VERSION=$TAG-ubi
VERSION=${{ steps.version-string.outputs.tag }}-ubi
COMMIT=${{ github.sha }}
BUILD_DATE=${{ github.event.head_commit.timestamp }}
labels: ${{ steps.ubi-meta.outputs.labels }}
Expand All @@ -378,8 +328,8 @@ jobs:
# This step uses the identity token to provision an ephemeral certificate
# against the sigstore community Fulcio instance.
run: |
TAG=$(echo "${{ steps.version-string.outputs.tag }}" | sed 's/+/_/g')
UBI_TAG=$(echo "${{ steps.version-string.outputs.tag }}-ubi" | sed 's/+/_/g')
TAG=${{ steps.version-string.outputs.tag }}
UBI_TAG="${{ steps.version-string.outputs.tag }}-ubi"
# Sign the ko image
cosign sign -y $BASE_REPO:$TAG
cosign sign -y $BASE_REPO:$UBI_TAG
Expand Down
Loading