Update CMCTL binary #847
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build, Test, Publish Image & Manifest | |
on: | |
push: | |
branches: [ "main", "test-ci/*" ] | |
paths-ignore: | |
- 'docs/**' | |
- '*.md' | |
- 'LICENSE.txt' | |
- 'PROJECT' | |
tags: [ "v*" ] | |
pull_request: | |
branches: [ "main" ] | |
env: | |
GO_VERSION: ~1.22 | |
# Taken from https://github.com/kubernetes-sigs/kind/releases/tag/v0.18.0 | |
# The image here should be listed under 'Images built for this release' for the version of kind in go.mod | |
KIND_NODE_IMAGE: "kindest/node:v1.29.2@sha256:51a1434a5397193442f0be2a297b488b6c919ce8a3931be0ce822606ea5ca245" | |
KIND_OLDEST_NODE_IMAGE: "kindest/node:v1.26.3@sha256:61b92f38dff6ccc29969e7aa154d34e38b89443af1a2c14e6cfbd2df6419c66f" | |
BASELINE_UPGRADE_VERSION: v2.1.0 | |
jobs: | |
kubectl_tests: | |
name: kubectl rabbitmq tests | |
runs-on: ubuntu-latest | |
needs: | |
- build_operator | |
steps: | |
- name: Install Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
check-latest: true | |
- name: Check out code into the Go module directory | |
uses: actions/checkout@v4 | |
- name: carvel-setup-action | |
uses: carvel-dev/setup-action@v2.0.1 | |
with: | |
only: ytt | |
- name: Install Bats | |
run: | | |
git clone https://github.com/bats-core/bats-core.git "$HOME"/bats-core | |
cd "$HOME"/bats-core | |
sudo ./install.sh /usr/local | |
- name: Download Operator artifact | |
uses: actions/download-artifact@v4 | |
with: | |
name: operator_image | |
path: /tmp | |
- name: Create KinD | |
uses: helm/kind-action@v1 | |
with: | |
cluster_name: cluster-operator-testing | |
node_image: ${{ env.KIND_NODE_IMAGE }} | |
- name: kubectl rabbitmq tests | |
env: | |
IMG: "rabbitmqoperator/cluster-operator:${{ needs.build_operator.outputs.image_tag }}" | |
run: | | |
kind load image-archive /tmp/operator.tar --name cluster-operator-testing | |
make manifests deploy-namespace-rbac | |
kubectl kustomize config/crd | kubectl apply -f- | |
kubectl kustomize config/default/base | ytt -f- \ | |
-f config/ytt/overlay-manager-image.yaml \ | |
--data-value operator_image="${IMG}" \ | |
-f config/ytt/never_pull.yaml \ | |
| kubectl apply -f- | |
make kubectl-plugin-tests | |
- name: Notify Google Chat | |
# TODO: add back before PR | |
if: false | |
# if: ${{ failure() && github.event_name != 'pull_request' }} | |
uses: SimonScholz/google-chat-action@main | |
with: | |
webhookUrl: '${{ secrets.GOOGLE_CHAT_WEBHOOK_URL }}' | |
jobStatus: ${{ job.status }} | |
title: Cluster Operator - RabbitMQ kubectl tests | |
unit_integration_tests: | |
name: unit and integration tests | |
runs-on: ubuntu-latest | |
steps: | |
- name: Install Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
check-latest: true | |
- name: Check out code into the Go module directory | |
uses: actions/checkout@v4 | |
- name: Unit tests | |
run: make install-tools kubebuilder-assets just-unit-tests | |
- name: Integration tests | |
run: make just-integration-tests | |
- name: Notify Google Chat | |
if: ${{ failure() && github.event_name != 'pull_request' }} | |
uses: SimonScholz/google-chat-action@main | |
with: | |
webhookUrl: '${{ secrets.GOOGLE_CHAT_WEBHOOK_URL }}' | |
jobStatus: ${{ job.status }} | |
title: Cluster Operator - Unit and Integration tests | |
build_operator: | |
name: Build Operator image | |
runs-on: ubuntu-latest | |
needs: unit_integration_tests | |
outputs: | |
image_tag: ${{ steps.meta.outputs.version }} | |
permissions: | |
contents: 'write' | |
id-token: 'write' | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Install Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
check-latest: true | |
- name: OCI Metadata for multi-arch image | |
id: meta | |
uses: docker/metadata-action@v5 | |
with: | |
# list of Docker images to use as base name for tags | |
images: | | |
rabbitmqoperator/cluster-operator | |
quay.io/rabbitmqoperator/cluster-operator | |
# generate Docker tags based on the following events/attributes | |
tags: | | |
type=sha | |
type=ref,event=pr | |
type=semver,pattern={{version}} | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Login to Docker Hub | |
if: github.event_name != 'pull_request' | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: Login to Quay.io | |
if: github.event_name != 'pull_request' | |
uses: docker/login-action@v3 | |
with: | |
registry: quay.io | |
username: ${{ secrets.QUAY_USERNAME }} | |
password: ${{ secrets.QUAY_ROBOT_TOKEN }} | |
- name: Build and push | |
id: build | |
uses: docker/build-push-action@v6 | |
# TODO: re-enable before PR | |
if: false | |
# if: ${{ github.event_name != 'pull_request' && startsWith(github.ref, 'refs/tags/v') }} | |
with: | |
context: . | |
platforms: linux/amd64, linux/arm64, linux/ppc64le, linux/s390x | |
provenance: false | |
push: true | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
- name: Build to TAR | |
id: build_tar | |
uses: docker/build-push-action@v6 | |
with: | |
context: . | |
provenance: false | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
outputs: | | |
type=docker,dest=./operator.tar | |
- name: Upload Operator artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: operator_image | |
path: ./operator.tar | |
- name: Build manifest | |
if: github.event_name != 'pull_request' | |
env: | |
RELEASE_VERSION: ${{ steps.meta.outputs.version }} | |
run: | | |
make install-tools | |
pushd config/installation | |
kustomize edit set image rabbitmqoperator/cluster-operator-dev=rabbitmqoperator/cluster-operator:"${RELEASE_VERSION}" | |
popd | |
make generate-installation-manifest QUAY_IO_OPERATOR_IMAGE=quay.io/rabbitmqoperator/cluster-operator:"${RELEASE_VERSION}" | |
echo -n "cluster-operator-${{ steps.meta.outputs.version }}.yml" > "latest-cluster-operator-dev-manifest.txt" | |
- name: Upload operator manifests | |
if: github.event_name != 'pull_request' | |
uses: actions/upload-artifact@v4 | |
with: | |
name: operator-manifests | |
path: releases/cluster-operator*.yml | |
retention-days: 2 | |
if-no-files-found: error | |
upload_gcs: | |
runs-on: ubuntu-latest | |
name: Upload manifests to GCS | |
# TODO: remove before sending PR | |
if: false | |
# if: ${{ github.event_name != 'pull_request' }} | |
needs: | |
- build_operator | |
env: | |
image_version: ${{ needs.build_operator.outputs.image_tag }} | |
steps: | |
- name: Download Operator manifests | |
uses: actions/download-artifact@v4 | |
with: | |
name: operator-manifests | |
path: release/ | |
- name: Rename manifest for GCS | |
run: mv releases/cluster-operator.yml cluster-operator-${{ env.image_version }}.yml | |
- id: auth | |
name: Auth to Google Cloud | |
uses: 'google-github-actions/auth@v2' | |
with: | |
workload_identity_provider: ${{ secrets.GCP_IDENTITY_PROVIDER }} | |
service_account: ${{ secrets.GCP_SA }} | |
- name: Upload manifests to GCS | |
uses: google-github-actions/upload-cloud-storage@v2 | |
with: | |
path: cluster-operator-${{ env.image_version }}.yml | |
destination: operator-manifests-dev | |
- name: Update carvel-packaging-dev pipeline trigger | |
uses: google-github-actions/upload-cloud-storage@v2 | |
with: | |
path: latest-cluster-operator-dev-manifest.txt | |
destination: operator-manifests-dev | |
process_gcloudignore: false | |
- name: Notify Google Chat | |
if: failure() | |
uses: SimonScholz/google-chat-action@main | |
with: | |
webhookUrl: '${{ secrets.GOOGLE_CHAT_WEBHOOK_URL }}' | |
jobStatus: ${{ job.status }} | |
title: Cluster Operator - Build and push operator | |
build_operator_single_arch_amd64: | |
name: Build single-arch AMD64 image | |
if: ${{ github.event_name != 'pull_request' && startsWith(github.ref, 'refs/tags/v') }} | |
runs-on: ubuntu-latest | |
needs: unit_integration_tests | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: OCI Metadata for single-arch amd64 image | |
#if: startsWith(github.ref, 'refs/tags/v') | |
id: single-arch-meta-amd64 | |
uses: docker/metadata-action@v5 | |
with: | |
images: | | |
rabbitmqoperator/cluster-operator | |
flavor: | | |
latest=false | |
tags: | | |
type=semver,pattern={{version}},suffix=-amd64,latest=false | |
- name: Build and push single-arch amd64 image | |
uses: docker/build-push-action@v6 | |
with: | |
context: . | |
platforms: linux/amd64 | |
provenance: false | |
push: true | |
tags: ${{ steps.single-arch-meta-amd64.outputs.tags }} | |
labels: ${{ steps.single-arch-meta-amd64.outputs.labels }} | |
build_operator_single_arch_arm64: | |
name: Build single-arch ARM64 image | |
if: ${{ github.event_name != 'pull_request' && startsWith(github.ref, 'refs/tags/v') }} | |
runs-on: ubuntu-latest | |
needs: unit_integration_tests | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: OCI Metadata for single-arch arm64 image | |
id: single-arch-meta-arm64 | |
uses: docker/metadata-action@v5 | |
with: | |
# list of Docker images to use as base name for tags | |
images: | | |
rabbitmqoperator/cluster-operator | |
flavor: | | |
latest=false | |
# generate Docker tags based on the following events/attributes | |
tags: | | |
type=semver,pattern={{version}},suffix=-arm64,latest=false | |
type=sha,suffix=-arm64,latest=false | |
- name: Build and push single-arch arm64 image | |
if: github.event_name != 'pull_request' | |
#if: startsWith(github.ref, 'refs/tags/v') | |
uses: docker/build-push-action@v6 | |
with: | |
context: . | |
platforms: linux/arm64 | |
provenance: false | |
push: ${{ github.event_name != 'pull_request' }} | |
tags: ${{ steps.single-arch-meta-arm64.outputs.tags }} | |
labels: ${{ steps.single-arch-meta-arm64.outputs.labels }} | |
system_tests: | |
name: Local system tests (stable k8s) | |
runs-on: ubuntu-latest | |
needs: build_operator | |
strategy: | |
matrix: | |
rabbitmq-image: | |
- rabbitmq:3.11.0-management | |
- rabbitmq:management | |
- pivotalrabbitmq/rabbitmq:main | |
steps: | |
- name: Install Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
check-latest: true | |
- name: Check out code into the Go module directory | |
uses: actions/checkout@v4 | |
- name: Create KinD | |
uses: helm/kind-action@v1 | |
with: | |
cluster_name: system-testing | |
node_image: ${{ env.KIND_NODE_IMAGE }} | |
- name: Download Operator manifest | |
uses: actions/download-artifact@v4 | |
# This manifest was generated by the build_operator job, and it has the image tag for this specific execution. | |
# Thanks to that, we don't have to make YAML modifications to deploy the right image. | |
with: | |
name: operator-manifests | |
path: tmp/ | |
- name: Download Operator artifact | |
uses: actions/download-artifact@v4 | |
with: | |
name: operator_image | |
path: /tmp | |
- name: carvel-setup-action | |
uses: carvel-dev/setup-action@v2.0.1 | |
with: | |
only: ytt | |
- name: Install Operator build | |
run: | | |
kind load image-archive /tmp/operator.tar --name system-testing | |
ytt -f tmp/cluster-operator.yml -f config/ytt/never_pull.yaml | kubectl apply -f- | |
kubectl --namespace=rabbitmq-system wait --for=condition=Available deployment/rabbitmq-cluster-operator | |
- name: System tests | |
env: | |
KIND_NODE_IMAGE: ${{ env.KIND_NODE_IMAGE }} | |
RABBITMQ_IMAGE: ${{ matrix.rabbitmq-image }} | |
# make deploy-kind builds the image locally | |
run: | | |
make cert-manager | |
SUPPORT_VOLUME_EXPANSION=false make system-tests | |
- name: Dry-run example YAMLs | |
run: | | |
for a in docs/examples/*/*.y*ml; do | |
manifest_path="$manifest_path -f $a" | |
done | |
# The examples are assumed to run in the 'examples' namespace, create if it doesn't exist | |
kubectl create namespace examples --dry-run=client -o yaml | kubectl apply -f - | |
kubectl --namespace=examples apply --dry-run=server $manifest_path | |
system_tests_oldest_k8s: | |
name: Local system tests (min k8s) | |
runs-on: ubuntu-latest | |
needs: build_operator | |
strategy: | |
matrix: | |
rabbitmq-image: | |
- rabbitmq:3.11.0-management | |
- rabbitmq:management | |
steps: | |
- name: Install Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
check-latest: true | |
- name: Check out code into the Go module directory | |
uses: actions/checkout@v4 | |
- name: Create KinD | |
uses: helm/kind-action@v1 | |
with: | |
cluster_name: system-testing-oldest-k8s | |
node_image: ${{ env.KIND_OLDEST_NODE_IMAGE }} | |
- name: Download Operator artifact | |
uses: actions/download-artifact@v4 | |
with: | |
name: operator_image | |
path: /tmp | |
- name: Download Operator manifest | |
uses: actions/download-artifact@v4 | |
# This manifest was generated by the build_operator job, and it has the image tag for this specific execution. | |
# Thanks to that, we don't have to make YAML modifications to deploy the right image. | |
with: | |
name: operator-manifests | |
path: tmp/ | |
- name: carvel-setup-action | |
uses: carvel-dev/setup-action@v2.0.1 | |
with: | |
only: ytt | |
- name: Install Operator build | |
run: | | |
kind load image-archive /tmp/operator.tar --name system-testing-oldest-k8s | |
ytt -f tmp/cluster-operator.yml -f config/ytt/never_pull.yaml | kubectl apply -f- | |
kubectl --namespace=rabbitmq-system wait --for=condition=Available deployment/rabbitmq-cluster-operator | |
- name: System tests | |
env: | |
KIND_NODE_IMAGE: ${{ env.KIND_OLDEST_NODE_IMAGE }} | |
RABBITMQ_IMAGE: ${{ matrix.rabbitmq-image }} | |
# make system-tests will install required tools e.g. ginkgo | |
run: | | |
make cert-manager | |
SUPPORT_VOLUME_EXPANSION=false make system-tests | |
test_doc_examples: | |
name: Documented example tests | |
runs-on: ubuntu-latest | |
if: ${{ github.event_name != 'pull_request' }} | |
needs: build_operator | |
permissions: | |
# Required by google-github-actions/auth@v2 | |
# Required by google-github-actions/get-gke-credentials@v2 | |
id-token: 'write' | |
steps: | |
- name: Install Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
check-latest: true | |
- name: Check out code into the Go module directory | |
uses: actions/checkout@v4 | |
- name: Download Operator artifact | |
uses: actions/download-artifact@v4 | |
with: | |
name: operator_image | |
path: /tmp | |
- name: Download Operator manifest | |
uses: actions/download-artifact@v4 | |
# This manifest was generated by the build_operator job, and it has the image tag for this specific execution. | |
# Thanks to that, we don't have to make YAML modifications to deploy the right image. | |
with: | |
name: operator-manifests | |
path: tmp/ | |
- name: Create KinD | |
uses: helm/kind-action@v1 | |
with: | |
cluster_name: examples-testing | |
node_image: ${{ env.KIND_NODE_IMAGE }} | |
- name: carvel-setup-action | |
uses: carvel-dev/setup-action@v2.0.1 | |
with: | |
only: ytt | |
- name: Install Operator build | |
run: | | |
make destroy | |
kind load image-archive /tmp/operator.tar --name examples-testing | |
ytt -f tmp/cluster-operator.yml -f config/ytt/never_pull.yaml | kubectl apply -f- | |
kubectl --namespace=rabbitmq-system wait --for=condition=Available deployment/rabbitmq-cluster-operator | |
- name: Documented example tests | |
run: docs/examples/test.sh | |
- name: Notify Google Chat | |
if: failure() | |
uses: SimonScholz/google-chat-action@main | |
with: | |
webhookUrl: '${{ secrets.GOOGLE_CHAT_WEBHOOK_URL }}' | |
jobStatus: ${{ job.status }} | |
title: Cluster Operator - Documented example tests | |
test_upgrade: | |
name: Test upgrade of the operator | |
runs-on: ubuntu-latest | |
# FIXME: enable this before PR | |
if: false | |
# if: ${{ github.event_name != 'pull_request' }} | |
needs: build_operator | |
permissions: | |
# Required by ben-z/gh-action-mutex@v1.0.0-alpha.9 | |
contents: 'write' | |
# Required by google-github-actions/auth@v2 | |
# Required by google-github-actions/get-gke-credentials@v2 | |
id-token: 'write' | |
steps: | |
- name: Install Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
check-latest: true | |
- name: Check out code into the Go module directory | |
uses: actions/checkout@v4 | |
- name: Acquire lock for ci-bunny-1 | |
uses: ben-z/gh-action-mutex@v1.0.0-alpha.9 | |
with: | |
branch: lock-ci-bunny-1 | |
- id: auth | |
name: Authenticate with GCP | |
uses: google-github-actions/auth@v2 | |
with: | |
workload_identity_provider: ${{ secrets.GCP_IDENTITY_PROVIDER }} | |
service_account: ${{ secrets.GCP_SA }} | |
- id: get-credentials | |
name: Fetch creds | |
uses: google-github-actions/get-gke-credentials@v2 | |
with: | |
cluster_name: ci-bunny-1 | |
location: europe-west1 | |
- name: Get operator manifest | |
uses: actions/download-artifact@v4 | |
with: | |
name: operator-manifests | |
- name: Test upgrade rollout | |
run: hack/test-upgrade.sh https://github.com/rabbitmq/cluster-operator/releases/download/${{ env.BASELINE_UPGRADE_VERSION }}/cluster-operator.yml cluster-operator.yml release-header.md | |
- name: Upload release header | |
if: github.event_name != 'pull_request' | |
uses: actions/upload-artifact@v4 | |
with: | |
name: release-header | |
path: release-header.md | |
retention-days: 2 | |
if-no-files-found: error | |
- name: Notify Google Chat | |
if: failure() | |
uses: SimonScholz/google-chat-action@main | |
with: | |
webhookUrl: '${{ secrets.GOOGLE_CHAT_WEBHOOK_URL }}' | |
jobStatus: ${{ job.status }} | |
title: Cluster Operator - Test upgrade | |
release: | |
name: Release to GitHub Releases | |
runs-on: ubuntu-latest | |
if: startsWith(github.ref, 'refs/tags/v') | |
needs: [system_tests, test_doc_examples, test_upgrade] | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Get operator manifest | |
uses: actions/download-artifact@v4 | |
with: | |
name: operator-manifests | |
- name: Get release header | |
uses: actions/download-artifact@v4 | |
with: | |
name: release-header | |
- name: Release | |
uses: softprops/action-gh-release@a74c6b72af54cfa997e81df42d94703d6313a2d0 | |
if: startsWith(github.ref, 'refs/tags/') | |
with: | |
files: | | |
cluster-operator.yml | |
cluster-operator-quay-io.yml | |
generate_release_notes: true | |
draft: true | |
body_path: release-header.md | |
fail_on_unmatched_files: true | |
- name: Notify Google Chat | |
if: failure() | |
uses: SimonScholz/google-chat-action@main | |
with: | |
webhookUrl: '${{ secrets.GOOGLE_CHAT_WEBHOOK_URL }}' | |
jobStatus: ${{ job.status }} | |
title: Cluster Operator - Release to GitHub releases |