Skip to content

[TLS] TLS for public endpoints terminated at a route #279

[TLS] TLS for public endpoints terminated at a route

[TLS] TLS for public endpoints terminated at a route #279

name: OpenStack Operator image builder
on:
push:
branches:
- '*'
env:
imageregistry: 'quay.io'
imagenamespace: ${{ secrets.IMAGENAMESPACE || secrets.QUAY_USERNAME }}
latesttag: latest
jobs:
check-secrets:
runs-on: ubuntu-latest
steps:
- name: Check secrets are set
id: have-secrets
if: "${{ env.imagenamespace != '' }}"
run: echo "::set-output name=ok::true"
outputs:
have-secrets: ${{ steps.have-secrets.outputs.ok }}
build-openstack-operator:
name: Build openstack-operator image using buildah
runs-on: ubuntu-latest
needs: [check-secrets]
if: needs.check-secrets.outputs.have-secrets == 'true'
steps:
- uses: actions/checkout@v2
- name: Get branch name
id: branch-name
uses: tj-actions/branch-names@v5
- name: Set latest tag for non main branch
if: "${{ steps.branch-name.outputs.current_branch != 'main' }}"
run: |
echo "latesttag=${{ steps.branch-name.outputs.current_branch }}-latest" >> $GITHUB_ENV
- name: Buildah Action
id: build-openstack-operator
uses: redhat-actions/buildah-build@v2
with:
image: openstack-operator
tags: ${{ env.latesttag }} ${{ github.sha }}
containerfiles: |
./Dockerfile
- name: Push openstack-operator To ${{ env.imageregistry }}
uses: redhat-actions/push-to-registry@v2
with:
image: ${{ steps.build-openstack-operator.outputs.image }}
tags: ${{ steps.build-openstack-operator.outputs.tags }}
registry: ${{ env.imageregistry }}/${{ env.imagenamespace }}
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_PASSWORD }}
build-openstack-operator-bundle:
needs: [ check-secrets, build-openstack-operator ]
name: openstack-operator-bundle
runs-on: ubuntu-latest
if: needs.check-secrets.outputs.have-secrets == 'true'
steps:
- name: Install Go
uses: actions/setup-go@v2
with:
go-version: 1.19.x
- name: Checkout openstack-operator repository
uses: actions/checkout@v2
- name: Install operator-sdk
uses: redhat-actions/openshift-tools-installer@v1
with:
source: github
operator-sdk: '1.26.0'
- name: Log in to Quay Registry
uses: redhat-actions/podman-login@v1
with:
registry: ${{ env.imageregistry }}
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_PASSWORD }}
- name: Log in to Red Hat Registry
uses: redhat-actions/podman-login@v1
with:
registry: registry.redhat.io
username: ${{ secrets.REDHATIO_USERNAME }}
password: ${{ secrets.REDHATIO_PASSWORD }}
- name: Create bundle image
run: |
pushd "${GITHUB_WORKSPACE}"/.github/
chmod +x "create_bundle.sh"
"./create_bundle.sh"
popd
env:
REGISTRY: ${{ env.imageregistry }}/${{ env.imagenamespace }}
GITHUB_SHA: ${{ github.sha }}
BASE_IMAGE: openstack-operator
IMAGENAMESPACE: ${{ secrets.IMAGENAMESPACE || secrets.QUAY_USERNAME }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Get branch name
id: branch-name
uses: tj-actions/branch-names@v5
- name: Set latest tag for non main branch
if: "${{ steps.branch-name.outputs.current_branch != 'main' }}"
run: |
echo "latesttag=${{ steps.branch-name.outputs.current_branch }}-latest" >> $GITHUB_ENV
- name: Build openstack-operator-bundle using buildah
id: build-openstack-operator-bundle
uses: redhat-actions/buildah-build@v2
with:
image: openstack-operator-bundle
tags: ${{ env.latesttag }} ${{ github.sha }}
containerfiles: |
./custom-bundle.Dockerfile.pinned
- name: Push openstack-operator-bundle To ${{ env.imageregistry }}
uses: redhat-actions/push-to-registry@v2
with:
image: ${{ steps.build-openstack-operator-bundle.outputs.image }}
tags: ${{ steps.build-openstack-operator-bundle.outputs.tags }}
registry: ${{ env.imageregistry }}/${{ env.imagenamespace }}
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_PASSWORD }}
build-openstack-operator-index:
needs: [ check-secrets, build-openstack-operator-bundle ]
name: openstack-operator-index
runs-on: ubuntu-latest
if: needs.check-secrets.outputs.have-secrets == 'true'
steps:
- name: Checkout openstack-operator repository
uses: actions/checkout@v2
- name: Get branch name
id: branch-name
uses: tj-actions/branch-names@v5
- name: Set latest tag for non main branch
if: "${{ steps.branch-name.outputs.current_branch != 'main' }}"
run: |
echo "latesttag=${{ steps.branch-name.outputs.current_branch }}-latest" >> $GITHUB_ENV
- name: Install opm
uses: redhat-actions/openshift-tools-installer@v1
with:
source: github
opm: 'latest'
- name: Log in to Red Hat Registry
uses: redhat-actions/podman-login@v1
with:
registry: ${{ env.imageregistry }}
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_PASSWORD }}
- name: Create index image
run: |
pushd "${GITHUB_WORKSPACE}"/.github/
chmod +x "create_opm_index.sh"
"./create_opm_index.sh"
popd
env:
REGISTRY: ${{ env.imageregistry }}/${{ env.imagenamespace }}
GITHUB_SHA: ${{ github.sha }}
BUNDLE_IMAGE: openstack-operator-bundle
INDEX_IMAGE_TAG: ${{ env.latesttag }}
INDEX_IMAGE: openstack-operator-index
- name: Push openstack-operator-index To ${{ env.imageregistry }}
uses: redhat-actions/push-to-registry@v2
with:
image: openstack-operator-index
tags: ${{ env.latesttag }} ${{ github.sha }}
registry: ${{ env.imageregistry }}/${{ env.imagenamespace }}
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_PASSWORD }}