Skip to content

Add terminal auth secret (#5170) #2474

Add terminal auth secret (#5170)

Add terminal auth secret (#5170) #2474

Workflow file for this run

name: Build Controllers image
on:
create:
tags:
workflow_call:
inputs:
push_image:
description: "Push image"
required: false
type: boolean
default: false
push_image_tag:
description: "Push image tag"
default: "latest"
required: false
type: string
workflow_dispatch:
inputs:
push_image:
description: "Push image"
required: false
type: boolean
default: false
push_image_tag:
description: "Push image tag"
default: "latest"
required: false
type: string
push:
branches: [ "main" ]
paths:
- "controllers/**"
- ".github/workflows/controllers.yml"
- "!**/*.md"
- "!**/*.yaml"
pull_request:
branches: [ "*" ]
paths:
- "controllers/**"
- ".github/workflows/controllers.yml"
- "!**/*.md"
- "!**/*.yaml"
env:
# Common versions
GO_VERSION: "1.22"
DEFAULT_OWNER: "labring"
CRYPTOKEY: ${{ secrets.CONTROLLER_BUILD_CRYPTOKEY }}
LICENSE_KEY: ${{ secrets.LICENSE_KEY }}
jobs:
resolve-modules:
runs-on: ubuntu-20.04
outputs:
matrix: ${{ steps.set-matrix.outputs.matrix }}
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Resolve Modules
id: set-matrix
run: bash ./scripts/resolve-modules.sh ./controllers
golangci-lint:
if: ${{ github.event_name }} == 'push' || ${{ github.event_name }} == 'pull_request'
needs: [ resolve-modules ]
runs-on: ubuntu-20.04
strategy:
matrix: ${{ fromJson(needs.resolve-modules.outputs.matrix) }}
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Setup Golang with cache
uses: magnetikonline/action-golang-cache@v3
with:
go-version: ${{ env.GO_VERSION }}
- name: Install Dependencies
run: sudo apt update && sudo apt install -y libgpgme-dev libbtrfs-dev libdevmapper-dev
- name: Run Linter
uses: golangci/golangci-lint-action@v3
with:
version: v1.54.2
working-directory: ${{ matrix.workdir }}
args: "--out-${NO_FUTURE}format colored-line-number"
image-build:
runs-on: ubuntu-latest
strategy:
matrix:
module:
- { name: user, path: user }
- { name: terminal, path: terminal }
- { name: account, path: account }
- { name: app, path: app }
- { name: db-adminer, path: db/adminer }
- { name: license, path: license }
- { name: job-init, path: job/init }
- { name: job-heartbeat, path: job/heartbeat }
- { name: resources, path: resources }
- { name: node, path: node }
- { name: devbox, path: devbox}
- { name: objectstorage, path: objectstorage }
steps:
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Setup Golang with cache
uses: magnetikonline/action-golang-cache@v3
with:
go-version: ${{ env.GO_VERSION }}
- name: Install Dependencies
run: sudo apt update && sudo apt install -y libgpgme-dev libbtrfs-dev libdevmapper-dev
- name: Build ${{ matrix.module.name }} amd64
working-directory: controllers/${{ matrix.module.path }}
run: |
GOARCH=amd64 TARGETARCH=amd64 make build
mv bin/manager bin/controller-${{ matrix.module.name }}-amd64
chmod +x bin/controller-${{ matrix.module.name }}-amd64
- name: Build ${{ matrix.module.name }} arm64
working-directory: controllers/${{ matrix.module.path }}
run: |
GOARCH=arm64 TARGETARCH=arm64 make build
mv bin/manager bin/controller-${{ matrix.module.name }}-arm64
chmod +x bin/controller-${{ matrix.module.name }}-arm64
- name: Expose git commit data
uses: rlespinasse/git-commit-data-action@v1
- name: Check if tag
id: check_tag
run: |
if [[ "${{ github.ref }}" == refs/tags/* ]]; then
echo "isTag=true" >> "$GITHUB_OUTPUT"
else
echo "isTag=false" >> "$GITHUB_OUTPUT"
fi
- name: Prepare
id: prepare
run: |
bash ./scripts/resolve-tag-image.sh "${{ inputs.push_image }}" "${{ steps.check_tag.outputs.isTag }}" "${{ inputs.push_image_tag }}"
echo docker_repo=ghcr.io/${{ github.repository_owner }}/sealos-${{ matrix.module.name }}-controller >> $GITHUB_OUTPUT
- # Add support for more platforms with QEMU (optional)
# https://github.com/docker/setup-qemu-action
name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
driver-opts: network=host
- name: Login to Docker Hub
uses: docker/login-action@v2
if: ${{ (github.event_name == 'push') ||(github.event_name == 'create') || (inputs.push_image == true) }}
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GH_PAT }}
- name: Docker meta
id: meta
uses: docker/metadata-action@v4
with:
images: |
ghcr.io/${{ github.repository_owner }}/sealos-${{ matrix.module.name }}-controller
tags: |
type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'main') }}
type=raw,value=${{ steps.prepare.outputs.tag_name }},enable=true
- name: build (and publish) ${{ matrix.module.name }} main image
uses: docker/build-push-action@v4
with:
context: ./controllers/${{ matrix.module.path }}
file: ./controllers/${{ matrix.module.path }}/Dockerfile
# Push if it's a push event or if push_image is true
push: ${{ (github.event_name == 'push')||(github.event_name == 'create') || (inputs.push_image == true) }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
platforms: linux/amd64,linux/arm64
save-sealos:
uses: ./.github/workflows/import-save-sealos.yml
build-cluster-image:
if: ${{ (github.event_name == 'push') ||(github.event_name == 'create') || (inputs.push_image == true) }}
needs:
- image-build
- save-sealos
runs-on: ubuntu-latest
strategy:
matrix:
module:
- { name: user, path: user }
- { name: terminal, path: terminal }
- { name: account, path: account }
- { name: app, path: app }
- { name: db-adminer, path: db/adminer }
- { name: license, path: license }
- { name: job-init, path: job/init }
- { name: job-heartbeat, path: job/heartbeat }
- { name: resources, path: resources }
- { name: node, path: node }
- { name: devbox, path: devbox }
- { name: objectstorage, path: objectstorage }
steps:
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Expose git commit data
uses: rlespinasse/git-commit-data-action@v1
- name: Check if tag
id: check_tag
run: |
if [[ "${{ github.ref }}" == refs/tags/* ]]; then
echo "isTag=true" >> "$GITHUB_OUTPUT"
else
echo "isTag=false" >> "$GITHUB_OUTPUT"
fi
- name: Prepare
id: prepare
run: |
tag_name=$(bash ./scripts/resolve-tag-image.sh "${{ inputs.push_image }}" "${{ steps.check_tag.outputs.isTag }}" "${{ inputs.push_image_tag }}")
echo old_docker_repo=ghcr.io/labring/sealos-${{ matrix.module.name }}-controller >> $GITHUB_OUTPUT
echo new_docker_repo=ghcr.io/${{ github.repository_owner }}/sealos-${{ matrix.module.name }}-controller >> $GITHUB_OUTPUT
echo cluster_repo=ghcr.io/${{ github.repository_owner }}/sealos-cloud-${{ matrix.module.name }}-controller >> $GITHUB_OUTPUT
echo cluster_image=ghcr.io/${{ github.repository_owner }}/sealos-cloud-${{ matrix.module.name }}-controller:${tag_name} >> $GITHUB_OUTPUT
echo latest_cluster_image=ghcr.io/${{ github.repository_owner }}/sealos-cloud-${{ matrix.module.name }}-controller:latest >> $GITHUB_OUTPUT
- name: Download sealos
uses: actions/download-artifact@v3
with:
name: sealos
path: /tmp/
- name: Verify sealos
run: |
sudo chmod a+x /tmp/sealos
sudo mv /tmp/sealos /usr/bin/sealos
sudo sealos version
- name: Mutate image tag in deploy files
working-directory: controllers/${{ matrix.module.path }}/deploy
run: |
OLD_DOCKER_IMAGE_NAME=${{ steps.prepare.outputs.old_docker_repo }}:latest
NEW_DOCKER_IMAGE_NAME=${{ steps.prepare.outputs.new_docker_repo }}:${{ steps.prepare.outputs.tag_name }}
sudo sed -i "s;${OLD_DOCKER_IMAGE_NAME};${NEW_DOCKER_IMAGE_NAME};" manifests/*
- name: Sealos login to ghcr.io
# if push to master, then login to ghcr.io
run: |
sudo sealos login -u ${{ github.repository_owner }} -p ${{ secrets.GH_PAT }} --debug ghcr.io
- name: Build ${{ matrix.module.name }}-controller cluster image
working-directory: controllers/${{ matrix.module.path }}/deploy
run: |
sudo sealos build -t ${{ steps.prepare.outputs.cluster_image }}-amd64 --platform linux/amd64 -f Kubefile
sudo sealos build -t ${{ steps.prepare.outputs.latest_cluster_image }}-amd64 --platform linux/amd64 -f Kubefile
# delete old registry cache
sudo rm -rf registry
sudo sealos build -t ${{ steps.prepare.outputs.cluster_image }}-arm64 --platform linux/arm64 -f Kubefile
sudo sealos build -t ${{ steps.prepare.outputs.latest_cluster_image }}-arm64 --platform linux/arm64 -f Kubefile
- name: Manifest Cluster Images
# if push to master, then patch images to ghcr.io
run: |
sudo sealos images
bash docker/patch/manifest-cluster-images.sh ${{ steps.prepare.outputs.cluster_image }}
bash docker/patch/manifest-cluster-images.sh ${{ steps.prepare.outputs.latest_cluster_image }}
env:
OWNER: ${{ github.repository_owner }}
- name: Renew issue and Sync Images for ${{ steps.prepare.outputs.cluster_image }}
uses: labring/[email protected]
if: ${{ github.repository_owner == env.DEFAULT_OWNER }}
with:
version: v0.0.8-rc1
env:
GH_TOKEN: "${{ secrets.GH_PAT }}"
SEALOS_TYPE: "issue_renew"
SEALOS_ISSUE_TITLE: "[DaylyReport] Auto build for sealos"
SEALOS_ISSUE_BODYFILE: "scripts/ISSUE_RENEW.md"
SEALOS_ISSUE_LABEL: "dayly-report"
SEALOS_ISSUE_TYPE: "day"
SEALOS_ISSUE_REPO: "labring-actions/cluster-image"
SEALOS_COMMENT_BODY: "/imagesync ${{ steps.prepare.outputs.cluster_image }}"
- name: Renew issue and Sync Images for ${{ steps.prepare.outputs.latest_cluster_image }}
uses: labring/[email protected]
if: ${{ github.repository_owner == env.DEFAULT_OWNER }}
with:
version: v0.0.8-rc1
env:
GH_TOKEN: "${{ secrets.GH_PAT }}"
SEALOS_TYPE: "issue_renew"
SEALOS_ISSUE_TITLE: "[DaylyReport] Auto build for sealos"
SEALOS_ISSUE_BODYFILE: "scripts/ISSUE_RENEW.md"
SEALOS_ISSUE_LABEL: "dayly-report"
SEALOS_ISSUE_TYPE: "day"
SEALOS_ISSUE_REPO: "labring-actions/cluster-image"
SEALOS_COMMENT_BODY: "/imagesync ${{ steps.prepare.outputs.latest_cluster_image }}"