Skip to content

Commit

Permalink
Merge pull request #19 from weaveworks/nightly-workflow
Browse files Browse the repository at this point in the history 
Adding patches for flux v2.1.2
  • Loading branch information
@souleb
souleb committed Oct 13, 2023
2 parents 40ac41e + 2aaeacd commit 18d85fe
Show file tree
Hide file tree
Showing 23 changed files with 943 additions and 166 deletions.
6 changes: 3 additions & 3 deletions .github/workflows/controller_release.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ on:
type: string
nightly:
required: false
type: boolean
type: string
secrets:
ghcrToken:
required: true
Expand Down Expand Up @@ -39,8 +39,8 @@ jobs:
shell: bash
run: |
sudo apt-get install -y stgit
git config user.name "${GITHUB_ACTOR}"
git config user.email "${GITHUB_ACTOR}@users.noreply.github.com"
git config --global user.name "Soule BA"
git config --global user.email "[email protected]"
- name: Setup QEMU
uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0
- name: Setup Docker Buildx
Expand Down
12 changes: 9 additions & 3 deletions .github/workflows/nightly_v21.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,16 +12,22 @@ jobs:
- name: Checkout
uses: actions/checkout@v4
- name: Push nightly tag
shell: bash
run: |
git config user.name "${GITHUB_ACTOR}"
git config user.email "${GITHUB_ACTOR}@users.noreply.github.com"
git config --global user.name "Soule BA"
git config --global user.email "[email protected]"
# Get the latest release tag
git fetch 'refs/tags/*:refs/tags/*'
DESCRIBE=$(git tag -l --sort=-v:refname | grep -v nightly | head -n 1)
MAJOR_VERSION=$(echo $DESCRIBE | awk '{split($0,a,"."); print a[1]}')
MINOR_VERSION=$(echo $DESCRIBE | awk '{split($0,a,"."); print a[2]}')
PATCH_VERSION=$(echo $DESCRIBE | awk '{split($0,a,"."); print a[3]}')
PATCH_NUMBER=$(echo $DESCRIBE | awk '{split($0,a,"."); print a[4]}')
TAG="${MAJOR_VERSION}.${MINOR_VERSION}.${PATCH_VERSION}.${PATCH_NUMBER}.nightly.$(date +'%Y%m%d')"
TAG="${MAJOR_VERSION}.${MINOR_VERSION}.${PATCH_VERSION}
if [[ "$PATCH_NUMBER" =~ ^[0-9]+$ ]]; then
TAG="${TAG}.${PATCH_NUMBER}"
fi
TAG="${TAG}.nightly.$(date +'%Y%m%d')"
git tag -a $TAG -m "$TAG: nightly build"
git push origin $TAG
174 changes: 89 additions & 85 deletions .github/workflows/release_v21.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,19 +7,21 @@ on:

jobs:
nightly-tag:
outputs:
nightly: ${{ steps.version.outputs.nightly }}
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- name: version
id: version
shell: bash
run: |
TAG=$(echo ${{ github.ref_name }})
NIGHTLY=false
if [[ $TAG == "*.nightly*" ]]; then
NIGHTLY=true
if [[ "{{ github.ref_name }}" == "*.nightly*" ]]; then
echo "nightly=true" >> $GITHUB_OUTPUT
else
echo "nightly=false" >> $GITHUB_OUTPUT
fi
echo "nightly=${NIGHTLY}" >> $GITHUB_OUTPUT
exit 0
release-source-controller:
needs: [nightly-tag]
permissions:
Expand All @@ -30,7 +32,77 @@ jobs:
with:
controller: source-controller
version: v21
nightly: ${{ steps.nightly-tag.outputs.nightly }}
nightly: ${{ needs.nightly-tag.outputs.nightly }}
secrets:
ghcrToken: ${{ secrets.WEAVE_ASSURED_GHCR_BOT_TOKEN }}

release-kustomize-controller:
needs: [nightly-tag]
permissions:
contents: read
id-token: write
packages: write
uses: ./.github/workflows/controller_release.yaml
with:
controller: kustomize-controller
version: v21
nightly: ${{ needs.nightly-tag.outputs.nightly }}
secrets:
ghcrToken: ${{ secrets.WEAVE_ASSURED_GHCR_BOT_TOKEN }}

release-helm-controller:
needs: [nightly-tag]
permissions:
contents: read
id-token: write
packages: write
uses: ./.github/workflows/controller_release.yaml
with:
controller: helm-controller
version: v21
nightly: ${{ needs.nightly-tag.outputs.nightly }}
secrets:
ghcrToken: ${{ secrets.WEAVE_ASSURED_GHCR_BOT_TOKEN }}

release-image-reflector-controller:
needs: [nightly-tag]
permissions:
contents: read
id-token: write
packages: write
uses: ./.github/workflows/controller_release.yaml
with:
controller: image-reflector-controller
version: v21
nightly: ${{ needs.nightly-tag.outputs.nightly }}
secrets:
ghcrToken: ${{ secrets.WEAVE_ASSURED_GHCR_BOT_TOKEN }}

release-image-automation-controller:
needs: [nightly-tag]
permissions:
contents: read
id-token: write
packages: write
uses: ./.github/workflows/controller_release.yaml
with:
controller: image-automation-controller
version: v21
nightly: ${{ needs.nightly-tag.outputs.nightly }}
secrets:
ghcrToken: ${{ secrets.WEAVE_ASSURED_GHCR_BOT_TOKEN }}

release-notification-controller:
needs: [nightly-tag]
permissions:
contents: read
id-token: write
packages: write
uses: ./.github/workflows/controller_release.yaml
with:
controller: notification-controller
version: v21
nightly: ${{ needs.nightly-tag.outputs.nightly }}
secrets:
ghcrToken: ${{ secrets.WEAVE_ASSURED_GHCR_BOT_TOKEN }}

Expand All @@ -49,20 +121,6 @@ jobs:
private-repository: true
secrets:
registry-password: ${{ secrets.WEAVE_ASSURED_GHCR_BOT_TOKEN }}

release-kustomize-controller:
needs: [nightly-tag]
permissions:
contents: read
id-token: write
packages: write
uses: ./.github/workflows/controller_release.yaml
with:
controller: kustomize-controller
version: v21
nightly: ${{ steps.nightly-tag.outputs.nightly }}
secrets:
ghcrToken: ${{ secrets.WEAVE_ASSURED_GHCR_BOT_TOKEN }}

kc-ghcr-provenance:
needs: [release-kustomize-controller]
Expand All @@ -80,20 +138,6 @@ jobs:
secrets:
registry-password: ${{ secrets.WEAVE_ASSURED_GHCR_BOT_TOKEN }}

release-helm-controller:
needs: [nightly-tag]
permissions:
contents: read
id-token: write
packages: write
uses: ./.github/workflows/controller_release.yaml
with:
controller: helm-controller
version: v21
nightly: ${{ steps.nightly-tag.outputs.nightly }}
secrets:
ghcrToken: ${{ secrets.WEAVE_ASSURED_GHCR_BOT_TOKEN }}

hc-ghcr-provenance:
needs: [release-helm-controller]
permissions:
Expand All @@ -109,20 +153,6 @@ jobs:
private-repository: true
secrets:
registry-password: ${{ secrets.WEAVE_ASSURED_GHCR_BOT_TOKEN }}

release-image-reflector-controller:
needs: [nightly-tag]
permissions:
contents: read
id-token: write
packages: write
uses: ./.github/workflows/controller_release.yaml
with:
controller: image-reflector-controller
version: v21
nightly: ${{ steps.nightly-tag.outputs.nightly }}
secrets:
ghcrToken: ${{ secrets.WEAVE_ASSURED_GHCR_BOT_TOKEN }}

irc-ghcr-provenance:
needs: [release-image-reflector-controller]
Expand All @@ -140,20 +170,6 @@ jobs:
secrets:
registry-password: ${{ secrets.WEAVE_ASSURED_GHCR_BOT_TOKEN }}

release-image-automation-controller:
needs: [nightly-tag]
permissions:
contents: read
id-token: write
packages: write
uses: ./.github/workflows/controller_release.yaml
with:
controller: image-automation-controller
version: v21
nightly: ${{ steps.nightly-tag.outputs.nightly }}
secrets:
ghcrToken: ${{ secrets.WEAVE_ASSURED_GHCR_BOT_TOKEN }}

iac-ghcr-provenance:
needs: [release-image-automation-controller]
permissions:
Expand All @@ -170,20 +186,6 @@ jobs:
secrets:
registry-password: ${{ secrets.WEAVE_ASSURED_GHCR_BOT_TOKEN }}

release-notification-controller:
needs: [nightly-tag]
permissions:
contents: read
id-token: write
packages: write
uses: ./.github/workflows/controller_release.yaml
with:
controller: notification-controller
version: v21
nightly: ${{ steps.nightly-tag.outputs.nightly }}
secrets:
ghcrToken: ${{ secrets.WEAVE_ASSURED_GHCR_BOT_TOKEN }}

nc-ghcr-provenance:
needs: [release-notification-controller]
permissions:
Expand Down Expand Up @@ -253,14 +255,16 @@ jobs:
else
VERSION=${FLUX2_BASE_VERSION}-wa
fi
if [[ "${{ steps.nightly-tag.outputs.nightly }}" == "true" ]]; then
if [[ "${{ needs.nightly-tag.outputs.nightly }}" == "true" ]]; then
VERSION=${VERSION}-nightly.$(date +%y%m%d%H%M%S)
else
VERSION=${VERSION}.$(date +%y%m%d%H%M%S)
fi
bash -x ./scripts/patch_repo.sh "https://github.com/fluxcd/flux2.git" flux2 ${FLUX2_BASE_VERSION}
unlink patches-flux
RAW_VERSION=$(echo $VERSION | cut -c2-)
echo "version=${VERSION}" >> $GITHUB_OUTPUT
echo "raw_version=${RAW_VERSION}" >> $GITHUB_OUTPUT
- name: Download all controllers release artifacts
uses: actions/download-artifact@v3
with:
Expand Down Expand Up @@ -314,12 +318,12 @@ jobs:
uses: goreleaser/goreleaser-action@7ec5c2b0c6cdda6e8bbb49444bc797dd33d74dd8 # v5.0.0
with:
version: latest
args: release --clean --skip-validate
args: release --clean --skip=validate
env:
GITHUB_TOKEN: ${{ secrets.WEAVE_ASSURED_GHCR_BOT_TOKEN }}
HOMEBREW_TAP_GITHUB_TOKEN: ${{ secrets.BOT_GITHUB_TOKEN }}
BUILD_VERSION: ${{ steps.patch.outputs.version }}
BUILD_VERSION_RAW: echo ${{ steps.patch.outputs.version }} | cut -c2-
BUILD_VERSION_RAW: ${{ steps.patch.outputs.raw_version }}
- name: Generate SLSA metadata
id: slsa
env:
Expand All @@ -330,7 +334,7 @@ jobs:
hashes=$(echo -E $ARTIFACTS | jq --raw-output '.[] | {name, "digest": (.extra.Digest // .extra.Checksum)} | select(.digest) | {digest} + {name} | join(" ") | sub("^sha256:";"")' | base64 -w0)
echo "hashes=$hashes" >> $GITHUB_OUTPUT
image_url=ghcr.io/weaveworks/flux-cli:$GITHUB_REF_NAME
image_url=ghcr.io/weaveworks/flux-cli:${{ steps.patch.outputs.version }}
echo "image_url=$image_url" >> $GITHUB_OUTPUT
image_digest=$(docker buildx imagetools inspect ${image_url} --format '{{json .}}' | jq -r .manifest.digest)
Expand All @@ -351,8 +355,8 @@ jobs:
shell: bash
run: |
sudo apt-get install -y stgit
git config user.name "${GITHUB_ACTOR}"
git config user.email "${GITHUB_ACTOR}@users.noreply.github.com"
git config --global user.name "Soule BA"
git config --global user.email "[email protected]"
- name: Clone and patch repo
id: patch
run: |
Expand All @@ -364,7 +368,7 @@ jobs:
else
VERSION=${FLUX2_BASE_VERSION}-wa
fi
if [[ "${{ steps.nightly-tag.outputs.nightly }}" == "true" ]]; then
if [[ "${{ needs.nightly-tag.outputs.nightly }}" == "true" ]]; then
VERSION=${VERSION}-nightly.$(date +%y%m%d%H%M%S)
else
VERSION=${VERSION}.$(date +%y%m%d%H%M%S)
Expand Down
6 changes: 3 additions & 3 deletions .goreleaser.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -126,9 +126,9 @@ dockers:
docker_manifests:
- name_template: 'ghcr.io/weaveworks/flux-cli:{{ .Env.BUILD_VERSION }}'
image_templates:
- 'ghcr.io/weaveworks/flux-cli:{{ .Tag }}-amd64'
- 'ghcr.io/weaveworks/flux-cli:{{ .Tag }}-arm64'
- 'ghcr.io/weaveworks/flux-cli:{{ .Tag }}-arm'
- 'ghcr.io/weaveworks/flux-cli:{{ .Env.BUILD_VERSION }}-amd64'
- 'ghcr.io/weaveworks/flux-cli:{{ .Env.BUILD_VERSION }}-arm64'
- 'ghcr.io/weaveworks/flux-cli:{{ .Env.BUILD_VERSION }}-arm'
docker_signs:
- cmd: cosign
env:
Expand Down
8 changes: 4 additions & 4 deletions patches-flux-v21/VERSION
View file
Original file line number Diff line number Diff line change
@@ -1,14 +1,14 @@
SOURCE_CONTROLLER_BASE_VERSION=v1.1.1
SOURCE_CONTROLLER_BASE_VERSION=v1.1.2
SOURCE_CONTROLLER_SUFFIX_VERSION=wa.$((10#$(cat patches-flux/source-controller/series | cut -d- -f1 | tail -1)))
KUSTOMIZE_CONTROLLER_BASE_VERSION=v1.1.0
KUSTOMIZE_CONTROLLER_BASE_VERSION=v1.1.1
KUSTOMIZE_CONTROLLER_SUFFIX_VERSION=wa.$((10#$(cat patches-flux/kustomize-controller/series | cut -d- -f1 | tail -1)))
HELM_CONTROLLER_BASE_VERSION=v0.36.1
HELM_CONTROLLER_BASE_VERSION=v0.36.2
HELM_CONTROLLER_SUFFIX_VERSION=wa.$((10#$(cat patches-flux/helm-controller/series | cut -d- -f1 | tail -1)))
NOTIFICATION_CONTROLLER_BASE_VERSION=v1.1.0
NOTIFICATION_CONTROLLER_SUFFIX_VERSION=wa.$((10#$(cat patches-flux/notification-controller/series | cut -d- -f1 | tail -1)))
IMAGE_REFLECTOR_CONTROLLER_BASE_VERSION=v0.30.0
IMAGE_REFLECTOR_CONTROLLER_SUFFIX_VERSION=wa.$((10#$(cat patches-flux/image-reflector-controller/series | cut -d- -f1 | tail -1)))
IMAGE_AUTOMATION_CONTROLLER_BASE_VERSION=v0.36.1
IMAGE_AUTOMATION_CONTROLLER_SUFFIX_VERSION=wa.$((10#$(cat patches-flux/image-automation-controller/series | cut -d- -f1 | tail -1)))
FLUX2_BASE_VERSION=v2.1.1
FLUX2_BASE_VERSION=v2.1.2
FLUX2_SUFFIX_VERSION=wa.$((10#$(cat patches-flux/flux2/series | cut -d- -f1 | tail -1)))
Loading

0 comments on commit 18d85fe

Please sign in to comment.