Add terminal auth secret (#5170) #2474
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build Controllers image | |
on: | |
create: | |
tags: | |
workflow_call: | |
inputs: | |
push_image: | |
description: "Push image" | |
required: false | |
type: boolean | |
default: false | |
push_image_tag: | |
description: "Push image tag" | |
default: "latest" | |
required: false | |
type: string | |
workflow_dispatch: | |
inputs: | |
push_image: | |
description: "Push image" | |
required: false | |
type: boolean | |
default: false | |
push_image_tag: | |
description: "Push image tag" | |
default: "latest" | |
required: false | |
type: string | |
push: | |
branches: [ "main" ] | |
paths: | |
- "controllers/**" | |
- ".github/workflows/controllers.yml" | |
- "!**/*.md" | |
- "!**/*.yaml" | |
pull_request: | |
branches: [ "*" ] | |
paths: | |
- "controllers/**" | |
- ".github/workflows/controllers.yml" | |
- "!**/*.md" | |
- "!**/*.yaml" | |
env: | |
# Common versions | |
GO_VERSION: "1.22" | |
DEFAULT_OWNER: "labring" | |
CRYPTOKEY: ${{ secrets.CONTROLLER_BUILD_CRYPTOKEY }} | |
LICENSE_KEY: ${{ secrets.LICENSE_KEY }} | |
jobs: | |
resolve-modules: | |
runs-on: ubuntu-20.04 | |
outputs: | |
matrix: ${{ steps.set-matrix.outputs.matrix }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Resolve Modules | |
id: set-matrix | |
run: bash ./scripts/resolve-modules.sh ./controllers | |
golangci-lint: | |
if: ${{ github.event_name }} == 'push' || ${{ github.event_name }} == 'pull_request' | |
needs: [ resolve-modules ] | |
runs-on: ubuntu-20.04 | |
strategy: | |
matrix: ${{ fromJson(needs.resolve-modules.outputs.matrix) }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Setup Golang with cache | |
uses: magnetikonline/action-golang-cache@v3 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
- name: Install Dependencies | |
run: sudo apt update && sudo apt install -y libgpgme-dev libbtrfs-dev libdevmapper-dev | |
- name: Run Linter | |
uses: golangci/golangci-lint-action@v3 | |
with: | |
version: v1.54.2 | |
working-directory: ${{ matrix.workdir }} | |
args: "--out-${NO_FUTURE}format colored-line-number" | |
image-build: | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
module: | |
- { name: user, path: user } | |
- { name: terminal, path: terminal } | |
- { name: account, path: account } | |
- { name: app, path: app } | |
- { name: db-adminer, path: db/adminer } | |
- { name: license, path: license } | |
- { name: job-init, path: job/init } | |
- { name: job-heartbeat, path: job/heartbeat } | |
- { name: resources, path: resources } | |
- { name: node, path: node } | |
- { name: devbox, path: devbox} | |
- { name: objectstorage, path: objectstorage } | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Setup Golang with cache | |
uses: magnetikonline/action-golang-cache@v3 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
- name: Install Dependencies | |
run: sudo apt update && sudo apt install -y libgpgme-dev libbtrfs-dev libdevmapper-dev | |
- name: Build ${{ matrix.module.name }} amd64 | |
working-directory: controllers/${{ matrix.module.path }} | |
run: | | |
GOARCH=amd64 TARGETARCH=amd64 make build | |
mv bin/manager bin/controller-${{ matrix.module.name }}-amd64 | |
chmod +x bin/controller-${{ matrix.module.name }}-amd64 | |
- name: Build ${{ matrix.module.name }} arm64 | |
working-directory: controllers/${{ matrix.module.path }} | |
run: | | |
GOARCH=arm64 TARGETARCH=arm64 make build | |
mv bin/manager bin/controller-${{ matrix.module.name }}-arm64 | |
chmod +x bin/controller-${{ matrix.module.name }}-arm64 | |
- name: Expose git commit data | |
uses: rlespinasse/git-commit-data-action@v1 | |
- name: Check if tag | |
id: check_tag | |
run: | | |
if [[ "${{ github.ref }}" == refs/tags/* ]]; then | |
echo "isTag=true" >> "$GITHUB_OUTPUT" | |
else | |
echo "isTag=false" >> "$GITHUB_OUTPUT" | |
fi | |
- name: Prepare | |
id: prepare | |
run: | | |
bash ./scripts/resolve-tag-image.sh "${{ inputs.push_image }}" "${{ steps.check_tag.outputs.isTag }}" "${{ inputs.push_image_tag }}" | |
echo docker_repo=ghcr.io/${{ github.repository_owner }}/sealos-${{ matrix.module.name }}-controller >> $GITHUB_OUTPUT | |
- # Add support for more platforms with QEMU (optional) | |
# https://github.com/docker/setup-qemu-action | |
name: Set up QEMU | |
uses: docker/setup-qemu-action@v2 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
with: | |
driver-opts: network=host | |
- name: Login to Docker Hub | |
uses: docker/login-action@v2 | |
if: ${{ (github.event_name == 'push') ||(github.event_name == 'create') || (inputs.push_image == true) }} | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GH_PAT }} | |
- name: Docker meta | |
id: meta | |
uses: docker/metadata-action@v4 | |
with: | |
images: | | |
ghcr.io/${{ github.repository_owner }}/sealos-${{ matrix.module.name }}-controller | |
tags: | | |
type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'main') }} | |
type=raw,value=${{ steps.prepare.outputs.tag_name }},enable=true | |
- name: build (and publish) ${{ matrix.module.name }} main image | |
uses: docker/build-push-action@v4 | |
with: | |
context: ./controllers/${{ matrix.module.path }} | |
file: ./controllers/${{ matrix.module.path }}/Dockerfile | |
# Push if it's a push event or if push_image is true | |
push: ${{ (github.event_name == 'push')||(github.event_name == 'create') || (inputs.push_image == true) }} | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
platforms: linux/amd64,linux/arm64 | |
save-sealos: | |
uses: ./.github/workflows/import-save-sealos.yml | |
build-cluster-image: | |
if: ${{ (github.event_name == 'push') ||(github.event_name == 'create') || (inputs.push_image == true) }} | |
needs: | |
- image-build | |
- save-sealos | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
module: | |
- { name: user, path: user } | |
- { name: terminal, path: terminal } | |
- { name: account, path: account } | |
- { name: app, path: app } | |
- { name: db-adminer, path: db/adminer } | |
- { name: license, path: license } | |
- { name: job-init, path: job/init } | |
- { name: job-heartbeat, path: job/heartbeat } | |
- { name: resources, path: resources } | |
- { name: node, path: node } | |
- { name: devbox, path: devbox } | |
- { name: objectstorage, path: objectstorage } | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Expose git commit data | |
uses: rlespinasse/git-commit-data-action@v1 | |
- name: Check if tag | |
id: check_tag | |
run: | | |
if [[ "${{ github.ref }}" == refs/tags/* ]]; then | |
echo "isTag=true" >> "$GITHUB_OUTPUT" | |
else | |
echo "isTag=false" >> "$GITHUB_OUTPUT" | |
fi | |
- name: Prepare | |
id: prepare | |
run: | | |
tag_name=$(bash ./scripts/resolve-tag-image.sh "${{ inputs.push_image }}" "${{ steps.check_tag.outputs.isTag }}" "${{ inputs.push_image_tag }}") | |
echo old_docker_repo=ghcr.io/labring/sealos-${{ matrix.module.name }}-controller >> $GITHUB_OUTPUT | |
echo new_docker_repo=ghcr.io/${{ github.repository_owner }}/sealos-${{ matrix.module.name }}-controller >> $GITHUB_OUTPUT | |
echo cluster_repo=ghcr.io/${{ github.repository_owner }}/sealos-cloud-${{ matrix.module.name }}-controller >> $GITHUB_OUTPUT | |
echo cluster_image=ghcr.io/${{ github.repository_owner }}/sealos-cloud-${{ matrix.module.name }}-controller:${tag_name} >> $GITHUB_OUTPUT | |
echo latest_cluster_image=ghcr.io/${{ github.repository_owner }}/sealos-cloud-${{ matrix.module.name }}-controller:latest >> $GITHUB_OUTPUT | |
- name: Download sealos | |
uses: actions/download-artifact@v3 | |
with: | |
name: sealos | |
path: /tmp/ | |
- name: Verify sealos | |
run: | | |
sudo chmod a+x /tmp/sealos | |
sudo mv /tmp/sealos /usr/bin/sealos | |
sudo sealos version | |
- name: Mutate image tag in deploy files | |
working-directory: controllers/${{ matrix.module.path }}/deploy | |
run: | | |
OLD_DOCKER_IMAGE_NAME=${{ steps.prepare.outputs.old_docker_repo }}:latest | |
NEW_DOCKER_IMAGE_NAME=${{ steps.prepare.outputs.new_docker_repo }}:${{ steps.prepare.outputs.tag_name }} | |
sudo sed -i "s;${OLD_DOCKER_IMAGE_NAME};${NEW_DOCKER_IMAGE_NAME};" manifests/* | |
- name: Sealos login to ghcr.io | |
# if push to master, then login to ghcr.io | |
run: | | |
sudo sealos login -u ${{ github.repository_owner }} -p ${{ secrets.GH_PAT }} --debug ghcr.io | |
- name: Build ${{ matrix.module.name }}-controller cluster image | |
working-directory: controllers/${{ matrix.module.path }}/deploy | |
run: | | |
sudo sealos build -t ${{ steps.prepare.outputs.cluster_image }}-amd64 --platform linux/amd64 -f Kubefile | |
sudo sealos build -t ${{ steps.prepare.outputs.latest_cluster_image }}-amd64 --platform linux/amd64 -f Kubefile | |
# delete old registry cache | |
sudo rm -rf registry | |
sudo sealos build -t ${{ steps.prepare.outputs.cluster_image }}-arm64 --platform linux/arm64 -f Kubefile | |
sudo sealos build -t ${{ steps.prepare.outputs.latest_cluster_image }}-arm64 --platform linux/arm64 -f Kubefile | |
- name: Manifest Cluster Images | |
# if push to master, then patch images to ghcr.io | |
run: | | |
sudo sealos images | |
bash docker/patch/manifest-cluster-images.sh ${{ steps.prepare.outputs.cluster_image }} | |
bash docker/patch/manifest-cluster-images.sh ${{ steps.prepare.outputs.latest_cluster_image }} | |
env: | |
OWNER: ${{ github.repository_owner }} | |
- name: Renew issue and Sync Images for ${{ steps.prepare.outputs.cluster_image }} | |
uses: labring/[email protected] | |
if: ${{ github.repository_owner == env.DEFAULT_OWNER }} | |
with: | |
version: v0.0.8-rc1 | |
env: | |
GH_TOKEN: "${{ secrets.GH_PAT }}" | |
SEALOS_TYPE: "issue_renew" | |
SEALOS_ISSUE_TITLE: "[DaylyReport] Auto build for sealos" | |
SEALOS_ISSUE_BODYFILE: "scripts/ISSUE_RENEW.md" | |
SEALOS_ISSUE_LABEL: "dayly-report" | |
SEALOS_ISSUE_TYPE: "day" | |
SEALOS_ISSUE_REPO: "labring-actions/cluster-image" | |
SEALOS_COMMENT_BODY: "/imagesync ${{ steps.prepare.outputs.cluster_image }}" | |
- name: Renew issue and Sync Images for ${{ steps.prepare.outputs.latest_cluster_image }} | |
uses: labring/[email protected] | |
if: ${{ github.repository_owner == env.DEFAULT_OWNER }} | |
with: | |
version: v0.0.8-rc1 | |
env: | |
GH_TOKEN: "${{ secrets.GH_PAT }}" | |
SEALOS_TYPE: "issue_renew" | |
SEALOS_ISSUE_TITLE: "[DaylyReport] Auto build for sealos" | |
SEALOS_ISSUE_BODYFILE: "scripts/ISSUE_RENEW.md" | |
SEALOS_ISSUE_LABEL: "dayly-report" | |
SEALOS_ISSUE_TYPE: "day" | |
SEALOS_ISSUE_REPO: "labring-actions/cluster-image" | |
SEALOS_COMMENT_BODY: "/imagesync ${{ steps.prepare.outputs.latest_cluster_image }}" |