diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 30199b6a5..0bf666e8e 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -173,42 +173,6 @@ build_bundle_image: - if [ -n "$CI_COMMIT_TAG" ]; then docker buildx imagetools create $TARGET_IMAGE --tag $RELEASE_IMAGE; fi -preflight_redhat_image_amd64: - stage: test-image - rules: - - if: $CI_COMMIT_TAG - when: on_success - - when: never - tags: - - "arch:amd64" - image: $JOB_DOCKER_IMAGE - variables: - IMG: $BUILD_DOCKER_REGISTRY/$PROJECTNAME:v${CI_PIPELINE_ID}-${CI_COMMIT_SHORT_SHA}-amd64 - script: - - DOCKER_REGISTRY_LOGIN=$(aws ssm get-parameter --region us-east-1 --name ci.datadog-operator.$DOCKER_REGISTRY_LOGIN_SSM_KEY --with-decryption --query "Parameter.Value" --out text) - - aws ssm get-parameter --region us-east-1 --name ci.datadog-operator.$DOCKER_REGISTRY_PWD_SSM_KEY --with-decryption --query "Parameter.Value" --out text | docker login --username "$DOCKER_REGISTRY_LOGIN" --password-stdin "$DOCKER_REGISTRY_URL" - - export IMG_PLATFORM=linux/amd64 - - make preflight-redhat-container - - -preflight_redhat_image_arm64: - stage: test-image - rules: - - if: $CI_COMMIT_TAG - when: on_success - - when: never - tags: - - "arch:amd64" - image: $JOB_DOCKER_IMAGE - variables: - IMG: $BUILD_DOCKER_REGISTRY/$PROJECTNAME:v${CI_PIPELINE_ID}-${CI_COMMIT_SHORT_SHA}-arm64 - script: - - DOCKER_REGISTRY_LOGIN=$(aws ssm get-parameter --region us-east-1 --name ci.datadog-operator.$DOCKER_REGISTRY_LOGIN_SSM_KEY --with-decryption --query "Parameter.Value" --out text) - - aws ssm get-parameter --region us-east-1 --name ci.datadog-operator.$DOCKER_REGISTRY_PWD_SSM_KEY --with-decryption --query "Parameter.Value" --out text | docker login --username "$DOCKER_REGISTRY_LOGIN" --password-stdin "$DOCKER_REGISTRY_URL" - - export IMG_PLATFORM=linux/arm64 - - make preflight-redhat-container - - publish_public_main: stage: release rules: @@ -247,9 +211,6 @@ publish_redhat_public_tag: - if: $CI_COMMIT_TAG when: manual - when: never - needs: - - "preflight_redhat_image_amd64" - - "preflight_redhat_image_arm64" trigger: project: DataDog/public-images branch: main @@ -283,9 +244,6 @@ publish_redhat_public_latest: - if: $CI_COMMIT_TAG when: manual - when: never - needs: - - "preflight_redhat_image_amd64" - - "preflight_redhat_image_arm64" trigger: project: DataDog/public-images branch: main @@ -439,25 +397,8 @@ e2e: - IMAGE_PULL_PASSWORD=$(aws ecr get-login-password) IMG=$TARGET_IMAGE make e2e-tests -submit_preflight_redhat_image_amd64: - stage: post-release - rules: - - if: $CI_COMMIT_TAG - when: manual - - when: never - needs: - - "publish_redhat_public_tag" - tags: ["runner:docker", "size:large"] - image: $JOB_DOCKER_IMAGE - script: - - apt-get update && apt-get -y install --no-install-recommends build-essential git awscli && apt-get -y clean && rm -rf /var/lib/apt/lists/* - - aws ssm get-parameter --region us-east-1 --name ci.datadog-operator.$RH_PARTNER_REGISTRY_KEY_SSM_KEY --with-decryption --query "Parameter.Value" --out text | docker login --username "$RH_PARTNER_REGISTRY_USER" --password-stdin "$RH_PARTNER_REGISTRY" - - export RH_PARTNER_API_TOKEN=$(aws ssm get-parameter --region us-east-1 --name ci.datadog-operator.$RH_PARTNER_API_KEY_SSM_KEY --with-decryption --query "Parameter.Value" --out text) - - export IMG=$RH_PARTNER_REGISTRY/$RH_PARTNER_PROJECT_ID:${CI_COMMIT_TAG:1} - - export IMG_PLATFORM=linux/amd64 - - make preflight-redhat-container-submit - -submit_preflight_redhat_image_arm64: +# Preflight now supports multiarch image checks +submit_preflight_redhat_image: stage: post-release rules: - if: $CI_COMMIT_TAG @@ -472,7 +413,6 @@ submit_preflight_redhat_image_arm64: - aws ssm get-parameter --region us-east-1 --name ci.datadog-operator.$RH_PARTNER_REGISTRY_KEY_SSM_KEY --with-decryption --query "Parameter.Value" --out text | docker login --username "$RH_PARTNER_REGISTRY_USER" --password-stdin "$RH_PARTNER_REGISTRY" - export RH_PARTNER_API_TOKEN=$(aws ssm get-parameter --region us-east-1 --name ci.datadog-operator.$RH_PARTNER_API_KEY_SSM_KEY --with-decryption --query "Parameter.Value" --out text) - export IMG=$RH_PARTNER_REGISTRY/$RH_PARTNER_PROJECT_ID:${CI_COMMIT_TAG:1} - - export IMG_PLATFORM=linux/arm64 - make preflight-redhat-container-submit publish_community_operators: @@ -482,8 +422,7 @@ publish_community_operators: when: manual - when: never needs: - - "submit_preflight_redhat_image_amd64" - - "submit_preflight_redhat_image_arm64" + - "submit_preflight_redhat_image" tags: [ "runner:docker", "size:large" ] image: $JOB_DOCKER_IMAGE before_script: diff --git a/Makefile b/Makefile index 4a1229df3..1c4b75c78 100644 --- a/Makefile +++ b/Makefile @@ -294,12 +294,12 @@ generate-openapi: bin/$(PLATFORM)/openapi-gen .PHONY: preflight-redhat-container preflight-redhat-container: bin/$(PLATFORM)/preflight - bin/$(PLATFORM)/preflight check container ${IMG} --platform=${IMG_PLATFORM} -d ~/.docker/config.json + bin/$(PLATFORM)/preflight check container ${IMG} -d ~/.docker/config.json # Runs only on Linux and requires `docker login` to scan.connect.redhat.com .PHONY: preflight-redhat-container-submit preflight-redhat-container-submit: bin/$(PLATFORM)/preflight - bin/$(PLATFORM)/preflight check container ${IMG} --platform=${IMG_PLATFORM} --submit --pyxis-api-token=${RH_PARTNER_API_TOKEN} --certification-project-id=${RH_PARTNER_PROJECT_ID} -d ~/.docker/config.json + bin/$(PLATFORM)/preflight check container ${IMG} --submit --pyxis-api-token=${RH_PARTNER_API_TOKEN} --certification-project-id=${RH_PARTNER_PROJECT_ID} -d ~/.docker/config.json .PHONY: patch-crds patch-crds: bin/$(PLATFORM)/yq ## Patch-crds @@ -349,7 +349,7 @@ bin/$(PLATFORM)/operator-manifest-tools: Makefile hack/install-operator-manifest-tools.sh 0.6.0 bin/$(PLATFORM)/preflight: Makefile - hack/install-openshift-preflight.sh 1.9.4 + hack/install-openshift-preflight.sh 1.9.9 bin/$(PLATFORM)/openapi-gen: mkdir -p $(ROOT)/bin/$(PLATFORM)