-
Notifications
You must be signed in to change notification settings - Fork 27
84 lines (82 loc) · 3.67 KB
/
generate-images-digests.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
name: Generate Images Digests
on:
workflow_dispatch:
inputs:
tag:
type: string
description: "e.g: v2.8.4"
required: true
base_registry:
type: choice
description: "registry where the images were first uploaded to"
options:
- "registry.rancher.com"
- "docker.io"
- "stgregistry.suse.com"
required: true
rancher_repo_owner:
type: string
description: "org that the rancher repo is located in"
default: "rancher"
required: true
prime_only:
type: boolean
description: "release is prime only"
default: true
required: true
prime_artifacts_bucket:
type: string
description: "name of the bucket to upload the files"
default: "prime-artifacts"
required: true
jobs:
digests:
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
steps:
- name: setup ecm-distro-tools
uses: rancher/ecm-distro-tools@v0.38.1
with:
version: v0.38.1
- name: Create ecm config file
run: |
mkdir -p ~/.ecm-distro-tools
release config gen
- name: Generate Digests
run: |
export LINUX_IMAGES_URL=https://github.com/${{ github.event.inputs.rancher_repo_owner }}/rancher/releases/download/${{ github.event.inputs.tag }}/rancher-images.txt
export WINDOWS_IMAGES_URL=https://github.com/${{ github.event.inputs.rancher_repo_owner }}/rancher/releases/download/${{ github.event.inputs.tag }}/rancher-windows-images.txt
if [[ ${{ github.event.inputs.prime_only }} = true ]]; then
export LINUX_IMAGES_URL=https://prime.ribs.rancher.io/rancher/${{ github.event.inputs.tag }}/rancher-images.txt
export WINDOWS_IMAGES_URL=https://prime.ribs.rancher.io/rancher/${{ github.event.inputs.tag }}/rancher-windows-images.txt
fi
mkdir -p /tmp/dist
release generate rancher docker-images-digests \
--images-url "$LINUX_IMAGES_URL" \
--output-file /tmp/dist/rancher-images-digests-linux-amd64.txt \
--registry "${{ github.event.inputs.base_registry }}"
release generate rancher docker-images-digests \
--images-url "$WINDOWS_IMAGES_URL" \
--output-file /tmp/dist/rancher-images-digests-windows-ltsc2022.txt \
--registry "${{ github.event.inputs.base_registry }}"
cp /tmp/dist/rancher-images-digests-linux-amd64.txt /tmp/dist/rancher-images-digests-linux-arm64.txt
cp /tmp/dist/rancher-images-digests-windows-ltsc2022.txt /tmp/dist/rancher-images-digests-windows-1809.txt
- name: Upload Artifacts to GitHub
uses: actions/upload-artifact@v4
with:
name: "digests-${{ github.event.inputs.tag }}"
path: /tmp/dist
if-no-files-found: error
retention-days: 1
overwrite: false
- name: Load Secrets from Vault
uses: rancher-eio/read-vault-secrets@main
with:
secrets: |
secret/data/github/repo/${{ github.repository }}/prime-artifacts-uploader-access-key/credentials token | PRIME_ARTIFACTS_UPLOADER_ACCESS_KEY ;
secret/data/github/repo/${{ github.repository }}/prime-artifacts-uploader-secret-key/credentials token | PRIME_ARTIFACTS_UPLOADER_SECRET_KEY ;
- name: Upload Artifacts to S3
run: |
AWS_ACCESS_KEY_ID=$PRIME_ARTIFACTS_UPLOADER_ACCESS_KEY AWS_SECRET_ACCESS_KEY=$PRIME_ARTIFACTS_UPLOADER_SECRET_KEY aws s3 cp --recursive /tmp/artifacts s3://${{ github.event.inputs.prime_artifacts_bucket }}/rancher/${{ github.event.inputs.tag }}