Skip to content

Commit

Permalink
Move retag or full image decision to ansible
Browse files Browse the repository at this point in the history
  • Loading branch information
@Molter73
Molter73 committed Oct 24, 2023
1 parent 6da74f4 commit 543429f
Show file tree
Hide file tree
Showing 2 changed files with 39 additions and 75 deletions.
57 changes: 3 additions & 54 deletions .github/workflows/collector-full.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,9 +51,6 @@ jobs:
runs-on: ubuntu-latest
needs:
- init
if: |
github.event_name != 'pull_request' ||
contains(github.event.pull_request.labels.*.name, 'build-full-images')
strategy:
fail-fast: false
matrix:
Expand Down Expand Up @@ -140,15 +137,15 @@ jobs:
-e collector_tag="${{ inputs.collector-tag }}" \
-e driver_version="${DRIVER_VERSION}" \
-e context_path="${{ github.workspace }}/kernel-modules/container" \
-e build_full_image=${{ github.event_name != 'pull_request' || contains(github.event.pull_request.labels.*.name, 'build-full-images') }} \
-e @'${{ github.workspace }}/ansible/secrets.yml' \
ansible/ci-build-collector-full.yml
multiarch-manifests:
runs-on: ubuntu-latest
if: |
github.event_name != 'pull_request' ||
( contains(github.event.pull_request.labels.*.name, 'build-full-images') &&
contains(github.event.pull_request.labels.*.name, 'run-multiarch-builds') )
contains(github.event.pull_request.labels.*.name, 'run-multiarch-builds')
needs:
- build-collector-full
env:
Expand Down Expand Up @@ -201,8 +198,7 @@ jobs:
runs-on: ubuntu-latest
if: |
github.event_name == 'pull_request' &&
( contains(github.event.pull_request.labels.*.name, 'build-full-images') &&
!contains(github.event.pull_request.labels.*.name, 'run-multiarch-builds') )
!contains(github.event.pull_request.labels.*.name, 'run-multiarch-builds')
needs:
- build-collector-full
steps:
Expand Down Expand Up @@ -241,50 +237,3 @@ jobs:
dst-image: quay.io/rhacs-eng/collector:${{ inputs.collector-tag }}-latest
username: ${{ secrets.QUAY_RHACS_ENG_RW_USERNAME }}
password: ${{ secrets.QUAY_RHACS_ENG_RW_PASSWORD }}

retag-collector-slim:
# TODO: Runing without build-full-images and with run-multiarch-builds
# should create manifests based on the slim images.
runs-on: ubuntu-latest
if: |
github.event_name == 'pull_request' &&
!contains(github.event.pull_request.labels.*.name, 'build-full-images')
env:
COLLECTOR_IMAGE_SLIM: quay.io/stackrox-io/collector:${{ inputs.collector-tag }}-slim

steps:
- name: Pull slim image
run: |
docker pull "${COLLECTOR_IMAGE_SLIM}"
- name: Retag and push stackrox-io
uses: stackrox/actions/images/retag-and-push@v1
with:
src-image: ${{ env.COLLECTOR_IMAGE_SLIM }}
dst-image: quay.io/stackrox-io/collector:${{ inputs.collector-tag }}
username: ${{ secrets.QUAY_STACKROX_IO_RW_USERNAME }}
password: ${{ secrets.QUAY_STACKROX_IO_RW_PASSWORD }}

- name: Retag and push stackrox-io -latest
uses: stackrox/actions/images/retag-and-push@v1
with:
src-image: ${{ env.COLLECTOR_IMAGE_SLIM }}
dst-image: quay.io/stackrox-io/collector:${{ inputs.collector-tag }}-latest
username: ${{ secrets.QUAY_STACKROX_IO_RW_USERNAME }}
password: ${{ secrets.QUAY_STACKROX_IO_RW_PASSWORD }}

- name: Retag and push rhacs-eng
uses: stackrox/actions/images/retag-and-push@v1
with:
src-image: ${{ env.COLLECTOR_IMAGE_SLIM }}
dst-image: quay.io/rhacs-eng/collector:${{ inputs.collector-tag }}
username: ${{ secrets.QUAY_RHACS_ENG_RW_USERNAME }}
password: ${{ secrets.QUAY_RHACS_ENG_RW_PASSWORD }}

- name: Retag and push rhacs-eng -latest
uses: stackrox/actions/images/retag-and-push@v1
with:
src-image: ${{ env.COLLECTOR_IMAGE_SLIM }}
dst-image: quay.io/rhacs-eng/collector:${{ inputs.collector-tag }}-latest
username: ${{ secrets.QUAY_RHACS_ENG_RW_USERNAME }}
password: ${{ secrets.QUAY_RHACS_ENG_RW_PASSWORD }}
57 changes: 36 additions & 21 deletions ansible/ci-build-collector-full.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,29 +16,44 @@
pull:
platform: "linux/{{ arch }}"

- name: Calculate required layers
shell:
cmd: "{{ context_path }}/required-layers.py -m 300 {{ context_path }}/kernel-modules"
register: required_layers
- name: Build full image
when:
- build_full_image
- arch != 'arm64'
block:
- name: Calculate required layers
shell:
cmd: "{{ context_path }}/required-layers.py -m 300 {{ context_path }}/kernel-modules"
register: required_layers

- set_fact:
required_layers: "{{ required_layers.stdout }}"
- set_fact:
required_layers: "{{ required_layers.stdout }}"

- name: Build the collector full image
community.docker.docker_image:
name: "{{ collector_image }}-{{ arch }}"
build:
platform: "linux/{{ arch }}"
target: "probe-layer-{{ required_layers }}"
args:
collector_repo: quay.io/stackrox-io/collector
collector_version: "{{ collector_tag }}-{{ arch }}"
module_version: "{{ driver_version }}"
max_layer_size: 300
required_layers: "{{ required_layers }}"
path: "{{ context_path }}"
push: true
source: build
- name: Build the collector full image
community.docker.docker_image:
name: "{{ collector_image }}-{{ arch }}"
build:
platform: "linux/{{ arch }}"
target: "probe-layer-{{ required_layers }}"
args:
collector_repo: quay.io/stackrox-io/collector
collector_version: "{{ collector_tag }}-{{ arch }}"
module_version: "{{ driver_version }}"
max_layer_size: 300
required_layers: "{{ required_layers }}"
path: "{{ context_path }}"
push: true
source: build

- name: Retag slim image
when: not build_full_image or arch == 'arm64'
block:
- name: Retag slim image
community.docker.docker_image:
name: "{{ collector_image }}-{{ arch }}-slim"
repository: "{{ collector_image }}-{{ arch }}"
push: true
source: local

- name: Retag and push stackrox-io -latest
community.docker.docker_image:
Expand Down

0 comments on commit 543429f

Please sign in to comment.