-
Notifications
You must be signed in to change notification settings - Fork 22
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
chore: setup release to reuse CTF from components workflow (#1077)
<!-- markdownlint-disable MD041 --> #### What this PR does / why we need it This makes sure that the CTF is only built once in the release flow (during the components build) and then reused across the release. For this it needs to be built with the correct version during release (e.g. v0.18.0-rc.1) which we now pass via `EFFECTIVE_VERSION` into the Makefiles in the repo. This allows us to get rid of the `make CTF_TYPE=directory ctf` step in the goreleaser configuration so we now no longer need to build the ctf twice. #### Which issue(s) this PR fixes <!-- Usage: `Fixes #<issue number>`, or `Fixes (paste link of issue)`. --> Part of the release candidate transparency rework in #995 as it allows us to prepare the release to only use the binaries from the CTFs. --------- Co-authored-by: Hilmar Falkenberg <[email protected]>
- Loading branch information
1 parent
10f26eb
commit ecd46ec
Showing
12 changed files
with
130 additions
and
32 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -8,7 +8,6 @@ release: | |
before: | ||
hooks: | ||
- go mod tidy | ||
- make CTF_TYPE=directory ctf | ||
|
||
builds: | ||
- <<: &build_defaults | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -3,6 +3,22 @@ name: Components | |
on: | ||
pull_request: | ||
workflow_call: | ||
inputs: | ||
effective-version: | ||
type: string | ||
required: false | ||
description: "The version to use for the build" | ||
default: "" | ||
upload-ctf: | ||
type: boolean | ||
required: false | ||
description: "Whether to upload the final CTF" | ||
default: false | ||
ref: | ||
type: string | ||
description: "The ref to use for the component build, defaults to the ref where the workflow was triggered from" | ||
required: false | ||
default: "" | ||
push: | ||
branches: | ||
- main | ||
|
@@ -12,8 +28,11 @@ permissions: | |
pull-requests: read | ||
|
||
env: | ||
REF: ${{ inputs.ref == '' && github.ref || inputs.ref }} | ||
CTF_TYPE: directory | ||
components: '["ocmcli", "helminstaller", "helmdemo", "subchartsdemo", "ecrplugin"]' | ||
IMAGE_PLATFORMS: 'linux/amd64 linux/arm64' | ||
PLATFORMS: 'windows/amd64 darwin/arm64 darwin/amd64 linux/amd64 linux/arm64' | ||
|
||
jobs: | ||
define-matrix: | ||
|
@@ -40,6 +59,8 @@ jobs: | |
uses: TooMuch4U/[email protected] | ||
- name: Checkout | ||
uses: actions/checkout@v4 | ||
with: | ||
ref: ${{ env.REF }} | ||
- name: Setup Go | ||
uses: actions/setup-go@v5 | ||
with: | ||
|
@@ -68,7 +89,14 @@ jobs: | |
- name: CTF | ||
run: | | ||
cd components/${{ matrix.component }} | ||
PATH=$PATH:$(go env GOPATH)/bin CTF_TYPE=${{ env.CTF_TYPE }} make ctf descriptor describe | ||
PATH=$PATH:$(go env GOPATH)/bin \ | ||
CTF_TYPE=${{ env.CTF_TYPE }} \ | ||
EFFECTIVE_VERSION=${{ inputs.effective-version }} \ | ||
PLATFORMS="${{ env.PLATFORMS }}" \ | ||
IMAGE_PLATFORMS="${{ env.IMAGE_PLATFORMS }}" \ | ||
make \ | ||
ctf descriptor describe | ||
- name: Upload CTF | ||
uses: actions/upload-artifact@v4 | ||
with: | ||
|
@@ -89,15 +117,16 @@ jobs: | |
uses: TooMuch4U/[email protected] | ||
- name: Checkout | ||
uses: actions/checkout@v4 | ||
with: | ||
ref: ${{ env.REF }} | ||
- name: Download CTFs | ||
uses: actions/download-artifact@v4 | ||
with: | ||
pattern: 'ctf-component-*' | ||
path: gen/downloaded-ctfs | ||
- name: Move CTFs into correct directory for aggregation | ||
run: | | ||
IFS=" " read -a COMPONENTS <<< "${{ env.components }}" | ||
for i in "${COMPONENTS[@]}"; do | ||
for i in ${{ env.components }}; do | ||
mkdir -p ${{ github.workspace }}/gen/${i} | ||
mv ${{ github.workspace }}/gen/downloaded-ctfs/ctf-component-${i} ${{ github.workspace }}/gen/${i}/ctf | ||
ls -R ${{ github.workspace }}/gen/${i} | ||
|
@@ -130,14 +159,13 @@ jobs: | |
${{ github.workspace }}/gen/ctf | ||
done | ||
- name: Upload aggregated CTF | ||
# TODO This is currently permanently disabled, | ||
# until we integrate it with the release build, in which it would be reused | ||
if: false | ||
# only upload the artifact if we are not on a PR | ||
if: inputs.upload-ctf | ||
uses: actions/upload-artifact@v4 | ||
with: | ||
if-no-files-found: error | ||
overwrite: true | ||
retention-days: 60 | ||
retention-days: 30 | ||
name: ctf-aggregated | ||
path: gen/ctf | ||
- name: Delete old CTFs that lead up to aggregation | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -81,18 +81,22 @@ jobs: | |
components: | ||
name: Component CTF Builds | ||
uses: ./.github/workflows/components.yaml | ||
needs: check | ||
needs: [check,release-version] | ||
with: | ||
effective-version: ${{ needs.release-version.outputs.version_no_prefix }} | ||
upload-ctf: true | ||
ref: ${{ github.ref }} | ||
permissions: | ||
contents: read | ||
pull-requests: read | ||
|
||
|
||
release: | ||
needs: | ||
# run check before actual release to make sure we succeed | ||
# they will be skipped from the needs check | ||
- check | ||
- release-version | ||
- components | ||
name: Release Build | ||
runs-on: large_runner | ||
permissions: | ||
|
@@ -124,6 +128,45 @@ jobs: | |
- name: Setup Cosign | ||
uses: sigstore/[email protected] | ||
|
||
- name: Download CTF | ||
uses: actions/download-artifact@v4 | ||
with: | ||
pattern: 'ctf-aggregated' | ||
path: gen/downloaded-ctfs | ||
- name: Move CTF into correct directory to be recognized by the release process | ||
run: | | ||
mv \ | ||
${{ github.workspace }}/gen/downloaded-ctfs/ctf-aggregated \ | ||
${{ github.workspace }}/gen/ctf | ||
# TODO: Remove Go setup once binaries no longer need to be built by goreleaser. | ||
- name: Setup Go | ||
uses: actions/setup-go@v5 | ||
with: | ||
go-version-file: '${{ github.workspace }}/go.mod' | ||
check-latest: false | ||
cache: false | ||
- name: Get go environment for use with cache | ||
run: | | ||
echo "go_cache=$(go env GOCACHE)" >> $GITHUB_ENV | ||
echo "go_modcache=$(go env GOMODCACHE)" >> $GITHUB_ENV | ||
# This step will only reuse the go mod and build cache from main made during the Build, | ||
# see push_ocm.yaml => "ocm-cli-latest" Job | ||
# This means it never caches by itself and PRs cannot cause cache pollution / thrashing | ||
# This is because we have huge storage requirements for our cache because of the mass of dependencies | ||
- name: Restore / Reuse Cache from central build | ||
id: cache-golang-restore | ||
uses: actions/cache/restore@v4 # Only Restore, not build another cache (too big) | ||
with: | ||
path: | | ||
${{ env.go_cache }} | ||
${{ env.go_modcache }} | ||
key: ${{ env.cache_name }}-${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}-${{ hashFiles('**/go.mod') }} | ||
restore-keys: | | ||
${{ env.cache_name }}-${{ runner.os }}-go- | ||
env: | ||
cache_name: ocm-cli-latest-go-cache # needs to be the same key in the end as in the build step | ||
|
||
- name: Setup git config | ||
run: | | ||
git config user.name "GitHub Actions Bot" | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters