diff --git a/.github/workflows/build_and_test.yaml b/.github/workflows/build_and_test.yaml index 993a8ffc..834fd416 100644 --- a/.github/workflows/build_and_test.yaml +++ b/.github/workflows/build_and_test.yaml @@ -7,11 +7,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Build sidecar - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v6 with: push: false outputs: type=docker,dest=/tmp/k8s-sidecar.tar @@ -20,14 +20,14 @@ jobs: run: | cp test/kubelogo.png test/server/static/ - name: Build dummy server - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v6 with: context: "test/server" push: false outputs: type=docker,dest=/tmp/dummy-server.tar tags: "dummy-server:1.0.0" - name: Upload artifacts - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: images path: /tmp/*.tar @@ -49,9 +49,9 @@ jobs: - maj_min: v1.25 digest: sha256:9d0a62b55d4fe1e262953be8d406689b947668626a357b5f9d0cfbddbebbc727 - maj_min: v1.26 - digest: sha256:15ae92d507b7d4aec6e8920d358fc63d3b980493db191d7327541fbaaed1f789 + digest: sha256:5d548739ddef37b9318c70cb977f57bf3e5015e4552be4e27e57280a8cbb8e4f - maj_min: v1.27 - digest: sha256:3700c811144e24a6c6181065265f69b9bf0b437c45741017182d7c82b908918f + digest: sha256:681253009e68069b8e01aad36a1e0fa8cf18bb0ab3e5c4069b2e65cafdd70843 - maj_min: v1.28 digest: sha256:b7e1cf6b2b729f604133c667a6be8aab6f4dde5bb042c1891ae248d9154f665b - maj_min: v1.29 @@ -60,7 +60,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Create k8s Kind Cluster # make sure the k8s versions match the kind version of the action version 🤯 uses: helm/kind-action@v1.10.0 @@ -70,7 +70,7 @@ jobs: cluster_name: sidecar-testing wait: 5m - name: Download artifact - uses: actions/download-artifact@v3 + uses: actions/download-artifact@v4 with: name: images path: /tmp @@ -128,7 +128,7 @@ jobs: kubectl logs sidecar-pythonscript-logfile > /tmp/logs/sidecar-pythonscript-logfile.log kubectl logs dummy-server-pod > /tmp/logs/dummy-server.log - name: Upload artifacts (pod logs) - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: pod-logs_${{ matrix.k8s.maj_min }} path: /tmp/logs/* @@ -151,10 +151,10 @@ jobs: kubectl cp sidecar:/tmp/secured.txt /tmp/sidecar/secured.txt kubectl cp sidecar:/tmp/similar-configmap.txt /tmp/sidecar/similar-configmap.txt kubectl cp sidecar:/tmp/similar-secret.txt /tmp/sidecar/similar-secret.txt - + echo "Downloading resource files from sidecar-basicauth-args pod" kubectl cp sidecar-basicauth-args:/tmp/secured.txt /tmp/sidecar-basicauth-args/secured.txt - + echo "Downloading resource files from sidecar-5xx..." kubectl cp sidecar-5xx:/tmp-5xx/hello.world /tmp/sidecar-5xx/hello.world kubectl cp sidecar-5xx:/tmp-5xx/cm-kubelogo.png /tmp/sidecar-5xx/cm-kubelogo.png @@ -171,7 +171,7 @@ jobs: kubectl cp sidecar-5xx:/tmp-5xx/similar-configmap.txt /tmp/sidecar-5xx/similar-configmap.txt kubectl cp sidecar-5xx:/tmp-5xx/similar-secret.txt /tmp/sidecar-5xx/similar-secret.txt - name: Upload artifacts (expected files from cluster) - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: expected-files_${{ matrix.k8s.maj_min }} path: | @@ -212,7 +212,7 @@ jobs: ls /tmp/sidecar/script_result - name: Verify sidecar-basicauth-args pod file after initial sync run: | - echo -n "allowed" | diff - /tmp/sidecar-basicauth-args/secured.txt + echo -n "allowed" | diff - /tmp/sidecar-basicauth-args/secured.txt - name: Verify sidecar-5xx files after initial sync run: | echo -n '{"detail":"Not authenticated"}' | diff - /tmp/sidecar-5xx/secured.txt && diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index dc20f1a6..ef1d9f5f 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -7,12 +7,12 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: fetch-depth: '0' - name: Bump version and push tag id: tagging - uses: anothrNick/github-tag-action@1.55.0 + uses: anothrNick/github-tag-action@1.59.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} INITIAL_VERSION: 1.0.0 @@ -23,7 +23,7 @@ jobs: uses: docker/setup-qemu-action@v2 - name: "Set up Docker Buildx" if: steps.tagging.outputs.part - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: "Login to DockerHub" if: steps.tagging.outputs.part uses: docker/login-action@v2 @@ -47,7 +47,7 @@ jobs: - name: "Build and push" if: steps.tagging.outputs.part id: docker_build - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v6 with: push: true platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/ppc64le,linux/s390x diff --git a/.github/workflows/release_test.yaml b/.github/workflows/release_test.yaml new file mode 100644 index 00000000..812ad2dd --- /dev/null +++ b/.github/workflows/release_test.yaml @@ -0,0 +1,83 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json +name: Release Workflow Tests +# This workflow tests the tag and changelog action and can be used to detect (some) breaking changes. +on: + workflow_dispatch: + +env: + TEST_TAG: testing + +jobs: + build-test: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: '0' + - name: Bump version and push tag + id: tagging + uses: anothrNick/github-tag-action@1.59.0 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + INITIAL_VERSION: 1.0.0 + DEFAULT_BUMP: none + BRANCH_HISTORY: last + DRY_RUN: true + - name: "Set up QEMU" + if: steps.tagging.outputs.part + uses: docker/setup-qemu-action@v2 + - name: "Set up Docker Buildx" + if: steps.tagging.outputs.part + uses: docker/setup-buildx-action@v3 + - name: "Login to DockerHub" + if: steps.tagging.outputs.part + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + - name: "Login to Quay.io" + if: steps.tagging.outputs.part + uses: docker/login-action@v2 + with: + registry: quay.io + username: ${{ secrets.QUAY_BOT_USERNAME }} + password: ${{ secrets.QUAY_BOT_PASSWORD }} + - name: "Login to ghcr.io" + if: steps.tagging.outputs.part + uses: docker/login-action@v2 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: "Build and push" + if: steps.tagging.outputs.part + id: docker_build + uses: docker/build-push-action@v6 + with: + push: true + platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/ppc64le,linux/s390x + tags: | + docker.io/kiwigrid/k8s-sidecar:${{ steps.tagging.outputs.tag }}-${{ env.TEST_TAG }} + quay.io/kiwigrid/k8s-sidecar:${{ steps.tagging.outputs.tag }}-${{ env.TEST_TAG }} + ghcr.io/kiwigrid/k8s-sidecar:${{ steps.tagging.outputs.tag }}-${{ env.TEST_TAG }} + - name: "Build Changelog" + if: steps.tagging.outputs.part + id: build_changelog + uses: mikepenz/release-changelog-builder-action@v4 + with: + configuration: ".github/workflows/release-notes-config.json" + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + - name: "Create Github Release" + if: steps.tagging.outputs.part + uses: actions/create-release@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token + with: + tag_name: ${{ steps.tagging.outputs.tag }}-${{ env.TEST_TAG }} + release_name: v${{ steps.tagging.outputs.tag }}-${{ env.TEST_TAG }} + body: ${{ steps.build_changelog.outputs.changelog }} + draft: true + prerelease: false