flightctl-ui/.github/workflows/push-to-main.yaml at main · flightctl/flightctl-ui · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
name: Push to main

on:
  push:
    branches:
      - main
    tags:
      - '**'
env:
  QUAY_ORG: quay.io/flightctl
  QUAY_CHARTS: quay.io/flightctl/charts
  QUAY_STANDALONE_REPO: flightctl-ui
  QUAY_OCP_REPO: flightctl-ocp-ui

jobs:
  generate-tags:
    runs-on: ubuntu-latest
    outputs:
      image_tags: ${{ steps.get-tags.outputs.image_tags }}
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0
          fetch-tags: true

      - name: Generate image tags
        id: get-tags
        run: |
          if ${{ github.ref_type == 'tag' }}; then
            # The images tags will match the Release tag
            image_tags=( ${{ github.ref_name }} )
            image_tags=${image_tags#v} # remove the leading v prefix for version

            echo "image_tags=${image_tags[@]}" >> $GITHUB_OUTPUT
            echo "image_tags=${image_tags[@]}"

          else
            version=$(git describe --long --tags --exclude latest)
            version=${version#v} # remove the leading v prefix for version
            # The images tags are taken from git
            image_tags=( latest-${GITHUB_SHA} latest ${version} )
            echo "image_tags=${image_tags[@]}" >> $GITHUB_OUTPUT
            echo "image_tags=${image_tags[@]}"
          fi

  publish-flightctl-ui:
    runs-on: ubuntu-latest
    needs: [generate-tags]
    strategy:
      matrix:
        os: [el9, el10]
    steps:
      - uses: actions/checkout@v4

      - name: Generate OS-specific image name
        id: os-image
        run: |
          echo "image_name=${{ env.QUAY_STANDALONE_REPO }}-${{ matrix.os }}" >> $GITHUB_OUTPUT
          echo "Generated image name: ${{ env.QUAY_STANDALONE_REPO }}-${{ matrix.os }}"

      - name: Build
        id: build
        uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2
        with:
          image: ${{ steps.os-image.outputs.image_name }}
          tags: ${{ needs.generate-tags.outputs.image_tags }}
          labels: |
            org.flightctl.flightctl-ui.github.repository=${{ github.repository }}
            org.flightctl.flightctl-ui.github.actor=${{ github.actor }}
            org.flightctl.flightctl-ui.github.run_id=${{ github.run_id }}
            org.flightctl.flightctl-ui.github.sha=${{ github.sha }}
            org.flightctl.flightctl-ui.github.ref_name=${{ github.ref_name }}
          extra-args: |
            --ulimit nofile=10000:10000
          containerfiles: packaging/images/${{ matrix.os }}/Containerfile
          context: .

      - name: Validate FIPS
        id: fips
        run: |
          go install github.com/flightctl/fips-validator@latest
          TAGS=(${{ needs.generate-tags.outputs.image_tags }})
          podman unshare -- $HOME/go/bin/fips-validator image ${{ steps.build.outputs.image }}:${TAGS[0]}

      - name: Push to Quay.io
        id: push
        uses: redhat-actions/push-to-registry@9986a6552bc4571882a4a67e016b17361412b4df # v2.7
        with:
          image: ${{ steps.build.outputs.image }}
          tags: ${{ needs.generate-tags.outputs.image_tags }}
          registry: ${{ env.QUAY_ORG }}
          username: ${{ secrets.QUAY_FLIGHTCTL_INFRA_ROBOT_USERNAME }}
          password: ${{ secrets.QUAY_FLIGHTCTL_INFRA_ROBOT_PASSWORD }}

  publish-flightctl-ocp-ui:
    runs-on: ubuntu-latest
    needs: [generate-tags]
    strategy:
      matrix:
        os: [el9, el10]
    steps:
      - uses: actions/checkout@v4

      - name: Generate OS-specific image name
        id: os-image
        run: |
          echo "image_name=${{ env.QUAY_OCP_REPO }}-${{ matrix.os }}" >> $GITHUB_OUTPUT
          echo "Generated image name: ${{ env.QUAY_OCP_REPO }}-${{ matrix.os }}"

      - name: Build
        id: build
        uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2
        with:
          image: ${{ steps.os-image.outputs.image_name }}
          tags: ${{ needs.generate-tags.outputs.image_tags }}
          labels: |
            org.flightctl.flightctl-ui.github.repository=${{ github.repository }}
            org.flightctl.flightctl-ui.github.actor=${{ github.actor }}
            org.flightctl.flightctl-ui.github.run_id=${{ github.run_id }}
            org.flightctl.flightctl-ui.github.sha=${{ github.sha }}
            org.flightctl.flightctl-ui.github.ref_name=${{ github.ref_name }}
          extra-args: |
            --ulimit nofile=10000:10000
          containerfiles: packaging/images/${{ matrix.os }}/Containerfile.ocp
          context: .

      - name: Validate FIPS
        id: fips
        run: |
          go install github.com/flightctl/fips-validator@latest
          TAGS=(${{ needs.generate-tags.outputs.image_tags }})
          podman unshare -- $HOME/go/bin/fips-validator image ${{ steps.build.outputs.image }}:${TAGS[0]}

      - name: Push to Quay.io
        id: push
        uses: redhat-actions/push-to-registry@9986a6552bc4571882a4a67e016b17361412b4df # v2.7
        with:
          image: ${{ steps.build.outputs.image }}
          tags: ${{ needs.generate-tags.outputs.image_tags }}
          registry: ${{ env.QUAY_ORG }}
          username: ${{ secrets.QUAY_FLIGHTCTL_INFRA_ROBOT_USERNAME }}
          password: ${{ secrets.QUAY_FLIGHTCTL_INFRA_ROBOT_PASSWORD }}