From ea9c1c25c817b5f64c052c1b376e560bad564e02 Mon Sep 17 00:00:00 2001 From: Thuan Vo Date: Wed, 23 Aug 2023 16:44:28 -0700 Subject: [PATCH 01/12] build(scorecard): fix path to container file --- Makefile | 4 ++-- internal/images/custom-scorecard-tests/Dockerfile | 4 +++- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/Makefile b/Makefile index cb061df3..b2d9dba5 100644 --- a/Makefile +++ b/Makefile @@ -291,7 +291,7 @@ else ifeq ($(IMAGE_BUILDER), podman) for platform in $$(echo $(PLATFORMS) | sed "s/,/ /g"); do \ os=$$(echo $${platform} | cut -d/ -f 1); \ arch=$$(echo $${platform} | cut -d/ -f 2); \ - BUILDAH_FORMAT=docker $(IMAGE_BUILDER) buildx build --manifest $(OPERATOR_IMG) --platform $${platform} --build-arg TARGETOS=$${os} --build-arg TARGETARCH=$${arch} . ; \ + BUILDAH_FORMAT=docker $(IMAGE_BUILDER) buildx build -f Dockerfile.cross --manifest $(OPERATOR_IMG) --platform $${platform} --build-arg TARGETOS=$${os} --build-arg TARGETARCH=$${arch} . ; \ done if [ "${MANIFEST_PUSH}" = "true" ] ; then \ $(IMAGE_BUILDER) manifest push $(OPERATOR_IMG) $(OPERATOR_IMG) ; \ @@ -452,7 +452,7 @@ else ifeq ($(IMAGE_BUILDER), podman) for platform in $$(echo $(PLATFORMS) | sed "s/,/ /g"); do \ os=$$(echo $${platform} | cut -d/ -f 1); \ arch=$$(echo $${platform} | cut -d/ -f 2); \ - BUILDAH_FORMAT=docker $(IMAGE_BUILDER) buildx build --manifest $(CUSTOM_SCORECARD_IMG) --platform $${platform} --build-arg TARGETOS=$${os} --build-arg TARGETARCH=$${arch} . ; \ + BUILDAH_FORMAT=docker $(IMAGE_BUILDER) buildx build -f internal/images/custom-scorecard-tests/Dockerfile.cross --manifest $(CUSTOM_SCORECARD_IMG) --platform $${platform} --build-arg TARGETOS=$${os} --build-arg TARGETARCH=$${arch} . ; \ done if [ "${MANIFEST_PUSH}" = "true" ] ; then \ $(IMAGE_BUILDER) manifest push $(CUSTOM_SCORECARD_IMG) $(CUSTOM_SCORECARD_IMG) ; \ diff --git a/internal/images/custom-scorecard-tests/Dockerfile b/internal/images/custom-scorecard-tests/Dockerfile index c0cb4ec3..101f5efd 100644 --- a/internal/images/custom-scorecard-tests/Dockerfile +++ b/internal/images/custom-scorecard-tests/Dockerfile @@ -14,6 +14,8 @@ # Build the manager binary FROM docker.io/library/golang:1.20 as builder +ARG TARGETOS +ARG TARGETARCH WORKDIR /workspace # Copy the Go Modules manifests @@ -29,7 +31,7 @@ COPY internal/images/custom-scorecard-tests/main.go internal/images/custom-score COPY internal/test/scorecard/ internal/test/scorecard/ # Build -RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 GO111MODULE=on go build -a -o cryostat-scorecard-tests \ +RUN CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} GO111MODULE=on go build -a -o cryostat-scorecard-tests \ internal/images/custom-scorecard-tests/main.go FROM registry.access.redhat.com/ubi8/ubi-minimal:latest From cce06fd8e272a6ecbe0fb2755053eebef206a222 Mon Sep 17 00:00:00 2001 From: Thuan Vo Date: Wed, 23 Aug 2023 16:45:30 -0700 Subject: [PATCH 02/12] ci(scorecard): remove multiarch scorecard in tests --- .github/workflows/ci.yaml | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 33c52a10..6db27788 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -74,18 +74,10 @@ jobs: - uses: jpkrohling/setup-operator-sdk@v1.1.0 with: operator-sdk-version: v1.28.0 - - name: Install qemu - continue-on-error: false - run: | - sudo apt-get update - sudo apt-get install -y qemu-user-static - name: Build scorecard image for test id: build-scorecard run: | - CUSTOM_SCORECARD_IMG=ghcr.io/${{ github.repository_owner }}/cryostat-operator-scorecard:ci-$GITHUB_SHA \ - PLATFORMS=${{ env.CI_PLATFORMS }} \ - MANIFEST_PUSH=false \ - make scorecard-build + CUSTOM_SCORECARD_IMG=ghcr.io/${{ github.repository_owner }}/cryostat-operator-scorecard:ci-$GITHUB_SHA make scorecard-build echo "tag=ci-$GITHUB_SHA" >> $GITHUB_OUTPUT - name: Push scorecard image to ghcr.io for test id: push-scorecard-to-ghcr From 9164222e552c48a36a24c2ea183315d5a5a24301 Mon Sep 17 00:00:00 2001 From: Thuan Vo Date: Wed, 23 Aug 2023 17:50:35 -0700 Subject: [PATCH 03/12] fix(make): fix missing Dockerfile.cross --- Makefile | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Makefile b/Makefile index b2d9dba5..4c7ffc91 100644 --- a/Makefile +++ b/Makefile @@ -279,14 +279,13 @@ oci-build: manifests generate fmt vet test-envtest # To properly provided solutions that supports more than one platform you should use this option. .PHONY: oci-buildx oci-buildx: manifests generate fmt vet test-envtest ## Build OCI image for the manager for cross-platform support -ifeq ($(IMAGE_BUILDER), docker) # copy existing Dockerfile and insert --platform=${BUILDPLATFORM} into Dockerfile.cross, and preserve the original Dockerfile sed -e '1 s/\(^FROM\)/FROM --platform=\$$\{BUILDPLATFORM\}/; t' -e ' 1,// s//FROM --platform=\$$\{BUILDPLATFORM\}/' Dockerfile > Dockerfile.cross +ifeq ($(IMAGE_BUILDER), docker) - $(IMAGE_BUILDER) buildx create --name project-v3-builder $(IMAGE_BUILDER) buildx use project-v3-builder - $(IMAGE_BUILDER) buildx build --push --platform=$(PLATFORMS) --tag $(OPERATOR_IMG) -f Dockerfile.cross . - $(IMAGE_BUILDER) buildx rm project-v3-builder - rm Dockerfile.cross else ifeq ($(IMAGE_BUILDER), podman) for platform in $$(echo $(PLATFORMS) | sed "s/,/ /g"); do \ os=$$(echo $${platform} | cut -d/ -f 1); \ @@ -299,6 +298,7 @@ else ifeq ($(IMAGE_BUILDER), podman) else $(error unsupported IMAGE_BUILDER: $(IMAGE_BUILDER)) endif + rm Dockerfile.cross .PHONY: cert_manager cert_manager: remove_cert_manager @@ -440,14 +440,13 @@ custom-scorecard-tests: fmt vet scorecard-build: custom-scorecard-tests printf '# Code generated by hack/custom.config.yaml.in. DO NOT EDIT.\n' > config/scorecard/patches/custom.config.yaml envsubst < hack/custom.config.yaml.in >> config/scorecard/patches/custom.config.yaml -ifeq ($(IMAGE_BUILDER), docker) # copy existing Dockerfile and insert --platform=${BUILDPLATFORM} into Dockerfile.cross, and preserve the original Dockerfile sed -e '1 s/\(^FROM\)/FROM --platform=\$$\{BUILDPLATFORM\}/; t' -e ' 1,// s//FROM --platform=\$$\{BUILDPLATFORM\}/' internal/images/custom-scorecard-tests/Dockerfile > internal/images/custom-scorecard-tests/Dockerfile.cross +ifeq ($(IMAGE_BUILDER), docker) - $(IMAGE_BUILDER) buildx create --name project-v3-builder $(IMAGE_BUILDER) buildx use project-v3-builder - $(IMAGE_BUILDER) buildx build --push --platform=$(PLATFORMS) --tag $(CUSTOM_SCORECARD_IMG) -f internal/images/custom-scorecard-tests/Dockerfile.cross . - $(IMAGE_BUILDER) buildx rm project-v3-builder - rm internal/images/custom-scorecard-tests/Dockerfile.cross else ifeq ($(IMAGE_BUILDER), podman) for platform in $$(echo $(PLATFORMS) | sed "s/,/ /g"); do \ os=$$(echo $${platform} | cut -d/ -f 1); \ @@ -460,6 +459,7 @@ else ifeq ($(IMAGE_BUILDER), podman) else $(error unsupported IMAGE_BUILDER: $(IMAGE_BUILDER)) endif + rm internal/images/custom-scorecard-tests/Dockerfile.cross # Local development/testing helpers ifneq ($(origin SAMPLE_APP_NAMESPACE), undefined) From d2d12911de4cc5291c25ab5b1624eb0a864b7eb8 Mon Sep 17 00:00:00 2001 From: Thuan Vo Date: Wed, 23 Aug 2023 17:51:36 -0700 Subject: [PATCH 04/12] chore(scorecard): bump scorecard versions --- bundle/manifests/cryostat-operator.clusterserviceversion.yaml | 2 +- bundle/tests/scorecard/config.yaml | 4 ++-- config/scorecard/patches/custom.config.yaml | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/bundle/manifests/cryostat-operator.clusterserviceversion.yaml b/bundle/manifests/cryostat-operator.clusterserviceversion.yaml index 4f897304..b9ea818f 100644 --- a/bundle/manifests/cryostat-operator.clusterserviceversion.yaml +++ b/bundle/manifests/cryostat-operator.clusterserviceversion.yaml @@ -54,7 +54,7 @@ metadata: capabilities: Seamless Upgrades categories: Monitoring, Developer Tools containerImage: quay.io/cryostat/cryostat-operator:2.4.0-dev - createdAt: "2023-08-16T19:16:28Z" + createdAt: "2023-08-24T00:50:46Z" description: JVM monitoring and profiling tool operatorframework.io/initialization-resource: |- { diff --git a/bundle/tests/scorecard/config.yaml b/bundle/tests/scorecard/config.yaml index a8f0f127..5a44c1a4 100644 --- a/bundle/tests/scorecard/config.yaml +++ b/bundle/tests/scorecard/config.yaml @@ -69,7 +69,7 @@ stages: - entrypoint: - cryostat-scorecard-tests - operator-install - image: quay.io/cryostat/cryostat-operator-scorecard:2.4.0-20230816190348 + image: quay.io/cryostat/cryostat-operator-scorecard:2.4.0-20230824004852 labels: suite: cryostat test: operator-install @@ -79,7 +79,7 @@ stages: - entrypoint: - cryostat-scorecard-tests - cryostat-cr - image: quay.io/cryostat/cryostat-operator-scorecard:2.4.0-20230816190348 + image: quay.io/cryostat/cryostat-operator-scorecard:2.4.0-20230824004852 labels: suite: cryostat test: cryostat-cr diff --git a/config/scorecard/patches/custom.config.yaml b/config/scorecard/patches/custom.config.yaml index 8064ed3a..6d915258 100644 --- a/config/scorecard/patches/custom.config.yaml +++ b/config/scorecard/patches/custom.config.yaml @@ -8,7 +8,7 @@ entrypoint: - cryostat-scorecard-tests - operator-install - image: "quay.io/cryostat/cryostat-operator-scorecard:2.4.0-20230816190348" + image: "quay.io/cryostat/cryostat-operator-scorecard:2.4.0-20230824004852" labels: suite: cryostat test: operator-install @@ -18,7 +18,7 @@ entrypoint: - cryostat-scorecard-tests - cryostat-cr - image: "quay.io/cryostat/cryostat-operator-scorecard:2.4.0-20230816190348" + image: "quay.io/cryostat/cryostat-operator-scorecard:2.4.0-20230824004852" labels: suite: cryostat test: cryostat-cr From 4ab7a9a205e7b4b5da77a314b7b5e5af8e5e5b8e Mon Sep 17 00:00:00 2001 From: Thuan Vo Date: Wed, 23 Aug 2023 20:56:24 -0700 Subject: [PATCH 05/12] ci(scorecard): limit to amd64 build in tests --- .github/workflows/ci.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 6db27788..6961c2db 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -77,7 +77,10 @@ jobs: - name: Build scorecard image for test id: build-scorecard run: | - CUSTOM_SCORECARD_IMG=ghcr.io/${{ github.repository_owner }}/cryostat-operator-scorecard:ci-$GITHUB_SHA make scorecard-build + CUSTOM_SCORECARD_IMG=ghcr.io/${{ github.repository_owner }}/cryostat-operator-scorecard:ci-$GITHUB_SHA \ + PLATFORMS=linux/amd64 \ + MANIFEST_PUSH=false \ + make scorecard-build echo "tag=ci-$GITHUB_SHA" >> $GITHUB_OUTPUT - name: Push scorecard image to ghcr.io for test id: push-scorecard-to-ghcr From 1843526b93e9859db7292a6305aec57645466a41 Mon Sep 17 00:00:00 2001 From: Thuan Vo Date: Thu, 24 Aug 2023 13:24:34 -0700 Subject: [PATCH 06/12] chore(make): clean up multiarch builds --- Makefile | 14 ++------------ 1 file changed, 2 insertions(+), 12 deletions(-) diff --git a/Makefile b/Makefile index 4c7ffc91..541f4db2 100644 --- a/Makefile +++ b/Makefile @@ -274,8 +274,6 @@ oci-build: manifests generate fmt vet test-envtest # If IMAGE_BUILDER is docker, you need to: # - able to use docker buildx. More info: https://docs.docker.com/build/buildx/ # - have enable BuildKit, More info: https://docs.docker.com/develop/develop-images/build_enhancements/ -# If IMAGE_BUILDER is podman, you need to: -# - install qemu-user-static. # To properly provided solutions that supports more than one platform you should use this option. .PHONY: oci-buildx oci-buildx: manifests generate fmt vet test-envtest ## Build OCI image for the manager for cross-platform support @@ -287,11 +285,7 @@ ifeq ($(IMAGE_BUILDER), docker) - $(IMAGE_BUILDER) buildx build --push --platform=$(PLATFORMS) --tag $(OPERATOR_IMG) -f Dockerfile.cross . - $(IMAGE_BUILDER) buildx rm project-v3-builder else ifeq ($(IMAGE_BUILDER), podman) - for platform in $$(echo $(PLATFORMS) | sed "s/,/ /g"); do \ - os=$$(echo $${platform} | cut -d/ -f 1); \ - arch=$$(echo $${platform} | cut -d/ -f 2); \ - BUILDAH_FORMAT=docker $(IMAGE_BUILDER) buildx build -f Dockerfile.cross --manifest $(OPERATOR_IMG) --platform $${platform} --build-arg TARGETOS=$${os} --build-arg TARGETARCH=$${arch} . ; \ - done + BUILDAH_FORMAT=docker $(IMAGE_BUILDER) build -f Dockerfile.cross --manifest $(OPERATOR_IMG) --platform $(PLATFORMS) . ; \ if [ "${MANIFEST_PUSH}" = "true" ] ; then \ $(IMAGE_BUILDER) manifest push $(OPERATOR_IMG) $(OPERATOR_IMG) ; \ fi @@ -448,11 +442,7 @@ ifeq ($(IMAGE_BUILDER), docker) - $(IMAGE_BUILDER) buildx build --push --platform=$(PLATFORMS) --tag $(CUSTOM_SCORECARD_IMG) -f internal/images/custom-scorecard-tests/Dockerfile.cross . - $(IMAGE_BUILDER) buildx rm project-v3-builder else ifeq ($(IMAGE_BUILDER), podman) - for platform in $$(echo $(PLATFORMS) | sed "s/,/ /g"); do \ - os=$$(echo $${platform} | cut -d/ -f 1); \ - arch=$$(echo $${platform} | cut -d/ -f 2); \ - BUILDAH_FORMAT=docker $(IMAGE_BUILDER) buildx build -f internal/images/custom-scorecard-tests/Dockerfile.cross --manifest $(CUSTOM_SCORECARD_IMG) --platform $${platform} --build-arg TARGETOS=$${os} --build-arg TARGETARCH=$${arch} . ; \ - done + BUILDAH_FORMAT=docker $(IMAGE_BUILDER) build -f internal/images/custom-scorecard-tests/Dockerfile.cross --manifest $(CUSTOM_SCORECARD_IMG) --platform $(PLATFORMS) . ; \ if [ "${MANIFEST_PUSH}" = "true" ] ; then \ $(IMAGE_BUILDER) manifest push $(CUSTOM_SCORECARD_IMG) $(CUSTOM_SCORECARD_IMG) ; \ fi From abddf99294c352aac876bf6e9f84c073592f1243 Mon Sep 17 00:00:00 2001 From: Thuan Vo Date: Thu, 24 Aug 2023 13:25:22 -0700 Subject: [PATCH 07/12] chore(api): regenerate source with go 1.20 --- api/v1beta1/zz_generated.deepcopy.go | 4 ---- 1 file changed, 4 deletions(-) diff --git a/api/v1beta1/zz_generated.deepcopy.go b/api/v1beta1/zz_generated.deepcopy.go index aea1e737..8876502c 100644 --- a/api/v1beta1/zz_generated.deepcopy.go +++ b/api/v1beta1/zz_generated.deepcopy.go @@ -15,10 +15,6 @@ // See the License for the specific language governing permissions and // limitations under the License. -// Package v1beta1 contains API Schema definitions for the operator v1beta1 API group -// +kubebuilder:object:generate=true -// +groupName=operator.cryostat.io - // Code generated by controller-gen. DO NOT EDIT. package v1beta1 From 2a56af21c9f0ea4663450a6d60a741d01f2c9bb6 Mon Sep 17 00:00:00 2001 From: Thuan Vo Date: Thu, 24 Aug 2023 13:26:28 -0700 Subject: [PATCH 08/12] ci(scorecard): remove qemu --- .github/workflows/ci.yaml | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 6961c2db..029a5e6c 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -154,11 +154,6 @@ jobs: if: ${{ github.event_name == 'push' && github.repository_owner == 'cryostatio' }} steps: - uses: actions/checkout@v2 - - name: Install qemu - continue-on-error: false - run: | - sudo apt-get update - sudo apt-get install -y qemu-user-static - name: Build operator image run: | IMAGE_NAMESPACE=${{ env.CI_REGISTRY }} SKIP_TESTS=true PLATFORMS=${{ env.CI_PLATFORMS }} MANIFEST_PUSH=false make oci-buildx @@ -233,11 +228,6 @@ jobs: EXIST=true fi echo "exist=$EXIST" >> $GITHUB_OUTPUT - - name: Install qemu - continue-on-error: false - run: | - sudo apt-get update - sudo apt-get install -y qemu-user-static if: ${{ steps.check-tag-exists.outputs.exist == 'false' }} - name: Build scorecard image run: | From dfc06aa447de2df600a398368e972bcf443d9ea3 Mon Sep 17 00:00:00 2001 From: Thuan Vo Date: Thu, 24 Aug 2023 14:21:44 -0700 Subject: [PATCH 09/12] ci(podman): workaround for podman v4 --- .github/workflows/ci.yaml | 32 +++++++++++++++++++++++++++++++- 1 file changed, 31 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 029a5e6c..806d7ca9 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -61,7 +61,7 @@ jobs: - name: Run controller tests run: make test-envtest scorecard-test: - runs-on: ubuntu-latest + runs-on: ubuntu-latest # 22.04 if: ${{ github.repository_owner == 'cryostatio' }} steps: - name: Fail if safe-to-test label NOT applied @@ -74,6 +74,16 @@ jobs: - uses: jpkrohling/setup-operator-sdk@v1.1.0 with: operator-sdk-version: v1.28.0 + - name: Install podman v4 + run: | + ubuntu_version='22.04' + key_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${ubuntu_version}/Release.key" + sources_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${ubuntu_version}" + + sudo echo "deb $sources_url/ /" | tee /etc/apt/sources.list.d/devel:kubic:libcontainers:unstable.list + sudo curl -fsSL $key_url | gpg --dearmor | tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_unstable.gpg > /dev/null + sudo apt update + sudo apt install podman - name: Build scorecard image for test id: build-scorecard run: | @@ -154,6 +164,16 @@ jobs: if: ${{ github.event_name == 'push' && github.repository_owner == 'cryostatio' }} steps: - uses: actions/checkout@v2 + - name: Install podman v4 + run: | + ubuntu_version='22.04' + key_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${ubuntu_version}/Release.key" + sources_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${ubuntu_version}" + + sudo echo "deb $sources_url/ /" | tee /etc/apt/sources.list.d/devel:kubic:libcontainers:unstable.list + sudo curl -fsSL $key_url | gpg --dearmor | tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_unstable.gpg > /dev/null + sudo apt update + sudo apt install podman - name: Build operator image run: | IMAGE_NAMESPACE=${{ env.CI_REGISTRY }} SKIP_TESTS=true PLATFORMS=${{ env.CI_PLATFORMS }} MANIFEST_PUSH=false make oci-buildx @@ -215,6 +235,16 @@ jobs: if: ${{ github.event_name == 'push' && github.repository_owner == 'cryostatio' }} steps: - uses: actions/checkout@v2 + - name: Install podman v4 + run: | + ubuntu_version='22.04' + key_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${ubuntu_version}/Release.key" + sources_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${ubuntu_version}" + + sudo echo "deb $sources_url/ /" | tee /etc/apt/sources.list.d/devel:kubic:libcontainers:unstable.list + sudo curl -fsSL $key_url | gpg --dearmor | tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_unstable.gpg > /dev/null + sudo apt update + sudo apt install podman - name: Get scorecard image tag id: get-image-tag run: | From e8eca86cb84cdbb63f14d7cf4ed7bd8c87783d92 Mon Sep 17 00:00:00 2001 From: Thuan Vo Date: Thu, 24 Aug 2023 14:32:07 -0700 Subject: [PATCH 10/12] ci(scorecard): install podman after check --- .github/workflows/ci.yaml | 41 ++++++++++++++++++--------------------- 1 file changed, 19 insertions(+), 22 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 806d7ca9..a38e1945 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -34,6 +34,7 @@ env: CI_PLATFORMS: linux/amd64,linux/arm64 REPOSITORY: ${{ github.event.pull_request.head.repo.full_name }} REF: ${{ github.event.pull_request.head.ref }} + RUNNER_VERSION: "22.04" jobs: controller-test: @@ -61,7 +62,7 @@ jobs: - name: Run controller tests run: make test-envtest scorecard-test: - runs-on: ubuntu-latest # 22.04 + runs-on: ubuntu-latest if: ${{ github.repository_owner == 'cryostatio' }} steps: - name: Fail if safe-to-test label NOT applied @@ -76,12 +77,11 @@ jobs: operator-sdk-version: v1.28.0 - name: Install podman v4 run: | - ubuntu_version='22.04' - key_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${ubuntu_version}/Release.key" - sources_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${ubuntu_version}" + key_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${RUNNER_VERSION}/Release.key" + sources_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${RUNNER_VERSION}" - sudo echo "deb $sources_url/ /" | tee /etc/apt/sources.list.d/devel:kubic:libcontainers:unstable.list - sudo curl -fsSL $key_url | gpg --dearmor | tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_unstable.gpg > /dev/null + echo "deb $sources_url/ /" | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:unstable.list + curl -fsSL $key_url | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_unstable.gpg > /dev/null sudo apt update sudo apt install podman - name: Build scorecard image for test @@ -166,12 +166,11 @@ jobs: - uses: actions/checkout@v2 - name: Install podman v4 run: | - ubuntu_version='22.04' - key_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${ubuntu_version}/Release.key" - sources_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${ubuntu_version}" + key_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${RUNNER_VERSION}/Release.key" + sources_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${RUNNER_VERSION}" - sudo echo "deb $sources_url/ /" | tee /etc/apt/sources.list.d/devel:kubic:libcontainers:unstable.list - sudo curl -fsSL $key_url | gpg --dearmor | tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_unstable.gpg > /dev/null + echo "deb $sources_url/ /" | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:unstable.list + curl -fsSL $key_url | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_unstable.gpg > /dev/null sudo apt update sudo apt install podman - name: Build operator image @@ -235,16 +234,6 @@ jobs: if: ${{ github.event_name == 'push' && github.repository_owner == 'cryostatio' }} steps: - uses: actions/checkout@v2 - - name: Install podman v4 - run: | - ubuntu_version='22.04' - key_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${ubuntu_version}/Release.key" - sources_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${ubuntu_version}" - - sudo echo "deb $sources_url/ /" | tee /etc/apt/sources.list.d/devel:kubic:libcontainers:unstable.list - sudo curl -fsSL $key_url | gpg --dearmor | tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_unstable.gpg > /dev/null - sudo apt update - sudo apt install podman - name: Get scorecard image tag id: get-image-tag run: | @@ -258,7 +247,15 @@ jobs: EXIST=true fi echo "exist=$EXIST" >> $GITHUB_OUTPUT - if: ${{ steps.check-tag-exists.outputs.exist == 'false' }} + - name: Install podman v4 + run: | + key_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${RUNNER_VERSION}/Release.key" + sources_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${RUNNER_VERSION}" + + echo "deb $sources_url/ /" | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:unstable.list + curl -fsSL $key_url | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_unstable.gpg > /dev/null + sudo apt update + sudo apt install podman - name: Build scorecard image run: | CUSTOM_SCORECARD_IMG=${CI_SCORECARD_IMG}:${{ steps.get-image-tag.outputs.tag }} \ From 3a0e8365479582555002300f28955f115547e215 Mon Sep 17 00:00:00 2001 From: Thuan Vo Date: Thu, 24 Aug 2023 15:00:16 -0700 Subject: [PATCH 11/12] ci(podman): clean up podman installation --- .github/workflows/ci.yaml | 24 ++++++++---------------- 1 file changed, 8 insertions(+), 16 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index a38e1945..7ece883f 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -34,7 +34,8 @@ env: CI_PLATFORMS: linux/amd64,linux/arm64 REPOSITORY: ${{ github.event.pull_request.head.repo.full_name }} REF: ${{ github.event.pull_request.head.ref }} - RUNNER_VERSION: "22.04" + OPENSUSE_KEY_URL: "https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_22.04/Release.key" + OPENSUSE_SOURCE_URL: "https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_22.04" jobs: controller-test: @@ -77,11 +78,8 @@ jobs: operator-sdk-version: v1.28.0 - name: Install podman v4 run: | - key_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${RUNNER_VERSION}/Release.key" - sources_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${RUNNER_VERSION}" - - echo "deb $sources_url/ /" | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:unstable.list - curl -fsSL $key_url | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_unstable.gpg > /dev/null + echo "deb $OPENSUSE_SOURCE_URL/ /" | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:unstable.list + curl -fsSL $OPENSUSE_KEY_URL | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_unstable.gpg sudo apt update sudo apt install podman - name: Build scorecard image for test @@ -166,11 +164,8 @@ jobs: - uses: actions/checkout@v2 - name: Install podman v4 run: | - key_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${RUNNER_VERSION}/Release.key" - sources_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${RUNNER_VERSION}" - - echo "deb $sources_url/ /" | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:unstable.list - curl -fsSL $key_url | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_unstable.gpg > /dev/null + echo "deb $OPENSUSE_SOURCE_URL/ /" | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:unstable.list + curl -fsSL $OPENSUSE_KEY_URL | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_unstable.gpg > /dev/null sudo apt update sudo apt install podman - name: Build operator image @@ -249,11 +244,8 @@ jobs: echo "exist=$EXIST" >> $GITHUB_OUTPUT - name: Install podman v4 run: | - key_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${RUNNER_VERSION}/Release.key" - sources_url="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_${RUNNER_VERSION}" - - echo "deb $sources_url/ /" | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:unstable.list - curl -fsSL $key_url | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_unstable.gpg > /dev/null + echo "deb $OPENSUSE_SOURCE_URL/ /" | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:unstable.list + curl -fsSL $OPENSUSE_KEY_URL | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_unstable.gpg > /dev/null sudo apt update sudo apt install podman - name: Build scorecard image From 18e05fcd2a977683859511a2c2fb8a1805504fe8 Mon Sep 17 00:00:00 2001 From: Thuan Vo Date: Fri, 25 Aug 2023 10:03:09 -0700 Subject: [PATCH 12/12] ci(podman): rename env vars --- .github/workflows/ci.yaml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 7ece883f..82f421ce 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -34,8 +34,8 @@ env: CI_PLATFORMS: linux/amd64,linux/arm64 REPOSITORY: ${{ github.event.pull_request.head.repo.full_name }} REF: ${{ github.event.pull_request.head.ref }} - OPENSUSE_KEY_URL: "https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_22.04/Release.key" - OPENSUSE_SOURCE_URL: "https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_22.04" + OPENSUSE_UNOFFICIAL_LIBCONTAINERS_KEY_URL: "https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_22.04/Release.key" + OPENSUSE_UNOFFICIAL_LIBCONTAINERS_SOURCE_URL: "https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_22.04" jobs: controller-test: @@ -78,8 +78,8 @@ jobs: operator-sdk-version: v1.28.0 - name: Install podman v4 run: | - echo "deb $OPENSUSE_SOURCE_URL/ /" | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:unstable.list - curl -fsSL $OPENSUSE_KEY_URL | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_unstable.gpg + echo "deb $OPENSUSE_UNOFFICIAL_LIBCONTAINERS_SOURCE_URL/ /" | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:unstable.list + curl -fsSL $OPENSUSE_UNOFFICIAL_LIBCONTAINERS_KEY_URL | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_unstable.gpg sudo apt update sudo apt install podman - name: Build scorecard image for test @@ -164,8 +164,8 @@ jobs: - uses: actions/checkout@v2 - name: Install podman v4 run: | - echo "deb $OPENSUSE_SOURCE_URL/ /" | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:unstable.list - curl -fsSL $OPENSUSE_KEY_URL | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_unstable.gpg > /dev/null + echo "deb $OPENSUSE_UNOFFICIAL_LIBCONTAINERS_SOURCE_URL/ /" | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:unstable.list + curl -fsSL $OPENSUSE_UNOFFICIAL_LIBCONTAINERS_KEY_URL | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_unstable.gpg > /dev/null sudo apt update sudo apt install podman - name: Build operator image @@ -244,8 +244,8 @@ jobs: echo "exist=$EXIST" >> $GITHUB_OUTPUT - name: Install podman v4 run: | - echo "deb $OPENSUSE_SOURCE_URL/ /" | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:unstable.list - curl -fsSL $OPENSUSE_KEY_URL | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_unstable.gpg > /dev/null + echo "deb $OPENSUSE_UNOFFICIAL_LIBCONTAINERS_SOURCE_URL/ /" | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:unstable.list + curl -fsSL $OPENSUSE_UNOFFICIAL_LIBCONTAINERS_KEY_URL | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_unstable.gpg > /dev/null sudo apt update sudo apt install podman - name: Build scorecard image