Skip to content

Commit

Permalink
Migrate to GHCR (#36)
Browse files Browse the repository at this point in the history 
* Publish to ghcr

(cherry picked from commit d132a45)
  • Loading branch information
@willdavsmith
willdavsmith committed Oct 18, 2023
1 parent 5140866 commit ed7baaa
Show file tree
Hide file tree
Showing 3 changed files with 83 additions and 69 deletions.
25 changes: 14 additions & 11 deletions .github/scripts/delete-recipes.sh
View file
Original file line number Diff line number Diff line change
@@ -1,37 +1,40 @@
#! /bin/bash

# Fail immedietly if any command fails
# Fail immediately if any command fails
set -e

# Get command line arguments
ACR_HOST=$1
GHCR_ORG=$1
GHCR_PATH=$2
RECIPE_VERSION=$2

# Print usage information
function print_usage() {
echo "Usage: $0 <ACR_HOST> <RECIPE_VERSION>"
echo " Deletes all recipes in the repository from the Azure Container Registry. Requires you to be logged into Azure via az login."
echo " ACR_HOST: Host name of the Azure Container Registry. For example, myregistry.azurecr.io."
echo "Usage: $0 <GHCR_ORG> <RECIPE_VERSION>"
echo " Deletes all recipes in the repository from the GitHub Container Registry. Requires you to be logged into GitHub."
echo " GHCR_ORG: Organization name of the GitHub Container Registry. For example, radius-project"
echo " GHCR_PATH: Path name for Recipe storage. For example, recipes"
echo " RECIPE_VERSION: Version of the recipe to publish. For example, 1.0"
}

# Verify that the required arguments are present
if [ -z "$ACR_HOST" ] || [ -z "$RECIPE_VERSION" ]; then
if [ -z "$GHCR_ORG" ] || [ -z "$GHCR_PATH" ] || [ -z "$RECIPE_VERSION" ]; then
echo "Missing required arguments"
print_usage
exit 1
fi

# Login to Azure Container Registry
az acr login --name $ACR_HOST

for RECIPE in $(find . -type f -name "*.bicep")
do
# Get the recipe name and directory name
# ./azure/redis-azure.bicep -> redis-azure and azure, respectively
export FILE_NAME=$(basename $RECIPE | cut -d. -f1)
export DIR_NAME=$(dirname $RECIPE | cut -d/ -f2)

echo "Deleting $ACR_HOST/recipes/$DIR_NAME/$FILE_NAME:1.0"
az acr repository delete --name $ACR_HOST --image "recipes/$DIR_NAME/$FILE_NAME:$RECIPE_VERSION" --yes
echo "Deleting ghcr.io/$GHCR_ORG/$GHCR_PATH/$DIR_NAME/$FILE_NAME:$RECIPE_VERSION"
gh api \
--method DELETE \
-H "Accept: application/vnd.github+json" \
-H "X-GitHub-Api-Version: 2022-11-28" \
/orgs/$GHCR_ORG/packages/container/$GHCR_PATH/$DIR_NAME/$FILE_NAME:$RECIPE_VERSION
done
32 changes: 18 additions & 14 deletions .github/scripts/publish-recipes.sh
View file
Original file line number Diff line number Diff line change
@@ -1,39 +1,43 @@
#! /bin/bash

# Fail immedietly if any command fails
# Fail immediately if any command fails
set -e

# Get command line arguments
BICEP_PATH=$1
ACR_HOST=$2
GHCR_ORG=$1
GHCR_PATH=$2
RECIPE_VERSION=$3

BICEP_EXECUTABLE="$BICEP_PATH/rad-bicep"

# Print usage information
function print_usage() {
echo "Usage: $0 <BICEP_PATH> <ACR_HOST> <RECIPE_VERSION>"
echo " Publishes all recipes in the repository to the Azure Container Registry. Requires you to be logged into Azure via az login."
echo " BICEP_PATH: Path to the bicep executable. For example, ~/.rad/bin"
echo " ACR_HOST: Host name of the Azure Container Registry. For example, myregistry.azurecr.io."
echo "Usage: $0 <GHCR_ORG> <RECIPE_VERSION>"
echo " Publishes all recipes in the repository to the GitHub Container Registry. Requires you to be logged into GitHub"
echo " GHCR_ORG: Organization name of the GitHub Container Registry. For example, radius-project"
echo " GHCR_PATH: Path name for Recipe storage. For example, recipes"
echo " RECIPE_VERSION: Version of the recipe to publish. For example, 1.0"
}

# Verify that the required arguments are present
if [ -z "$BICEP_PATH" ] || [ -z "$ACR_HOST" ] || [ -z "$RECIPE_VERSION" ]; then
if [ -z "$GHCR_ORG" ] || [ -z "$GHCR_PATH" ] || [ -z "$RECIPE_VERSION" ]; then
echo "Missing required arguments"
print_usage
exit 1
fi

echo "## Recipes published to $ACR_HOST" >> $GITHUB_STEP_SUMMARY
# We create output that's intended to be consumed by the GitHub Action summary. If we're
# not running in a GitHub Action, we'll just silence the output.
if [[ -z "$GITHUB_STEP_SUMMARY" ]]; then
GITHUB_STEP_SUMMARY=/dev/null
fi

echo "## Recipes published to ghcr.io/$GHCR_ORG/$GHCR_PATH" >> $GITHUB_STEP_SUMMARY
for RECIPE in $(find . -type f -name "*.bicep")
do
# Get the platform (file) name and resource (directory) name
export FILE_NAME=$(basename $RECIPE | cut -d. -f1) # rediscaches
export DIR_NAME=$(dirname $RECIPE | cut -d/ -f2) # dev

echo "Publishing $DIR_NAME/$FILE_NAME to $ACR_HOST from $RECIPE"
echo "- $ACR_HOST/recipes/$DIR_NAME/$FILE_NAME:$RECIPE_VERSION" >> $GITHUB_STEP_SUMMARY
$BICEP_EXECUTABLE publish $RECIPE --target "br:$ACR_HOST/recipes/$DIR_NAME/$FILE_NAME:$RECIPE_VERSION"
echo "Publishing $DIR_NAME/$FILE_NAME to ghcr.io/$GHCR_ORG/$GHCR_PATH from $RECIPE"
echo "- ghcr.io/$GHCR_ORG/$GHCR_PATH/$DIR_NAME/$FILE_NAME:$RECIPE_VERSION" >> $GITHUB_STEP_SUMMARY
rad bicep publish --file $RECIPE --target "br:ghcr.io/$GHCR_ORG/$GHCR_PATH/$DIR_NAME/$FILE_NAME:$RECIPE_VERSION"
done
95 changes: 51 additions & 44 deletions .github/workflows/publish-recipes.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,83 +30,90 @@ concurrency:
group: publish-${{ github.event.pull_request.number || github.sha }}
cancel-in-progress: true

env:
RAD_CLI_URL: https://get.radapp.dev/tools/rad/install.sh

jobs:
publish-dev:
name: Publish Recipes to Dev ACR
runs-on: ubuntu-latest
name: Publish Recipes to GHCR - Dev
if: github.event_name == 'pull_request' && github.event.action != 'closed'
env:
ACR_HOST: radiusdev.azurecr.io
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Check out repo
uses: actions/checkout@v3
- name: az CLI login
run: |
az login --service-principal \
--username ${{ secrets.AZURE_SP_TESTS_APPID }} \
--password ${{ secrets.AZURE_SP_TESTS_PASSWORD }} \
--tenant ${{ secrets.AZURE_SP_TESTS_TENANTID }}
- name: Parse release version and set environment variables
run: python ./.github/scripts/get_release_version.py
- name: Download rad-bicep
- name: Download rad CLI
run: |
./.github/scripts/curl-with-retries.sh https://get.radapp.dev/tools/bicep-extensibility/${{ env.REL_CHANNEL }}/linux-x64/rad-bicep --output rad-bicep
chmod +x rad-bicep
./rad-bicep --version
- name: Publish Recipes to Dev ACRs
echo "Downloading edge rad CLI"
wget -q "${{ env.RAD_CLI_URL }}" -O - | /bin/bash -s edge
- name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Publish Recipes to GHCR
# Uses REL_VERSION as the recipe version so PR builds result in a `pr-<pr number>` tag
run: ./.github/scripts/publish-recipes.sh . radiusdev.azurecr.io ${{ env.REL_VERSION }}
run: ./.github/scripts/publish-recipes.sh radius-project dev/recipes ${{ env.REL_VERSION }}

delete-dev:
name: Delete Dev ACR Images
name: Delete GHCR recipes - Dev
if: github.event_name == 'pull_request' && github.event.action == 'closed'
runs-on: ubuntu-latest
needs: publish-dev
if: github.event_name == 'pull_request' && github.event.action == 'closed'
env:
ACR_HOST: radiusdev.azurecr.io
permissions:
contents: read
packages: write
steps:
- name: Check out repo
uses: actions/checkout@v3
- name: az CLI login
run: |
az login --service-principal \
--username ${{ secrets.AZURE_SP_TESTS_APPID }} \
--password ${{ secrets.AZURE_SP_TESTS_PASSWORD }} \
--tenant ${{ secrets.AZURE_SP_TESTS_TENANTID }}
- name: Parse release version and set environment variables
run: python ./.github/scripts/get_release_version.py
- name: Delete Dev ACR Images
run: ./.github/scripts/delete-recipes.sh radiusdev.azurecr.io ${{ env.REL_VERSION }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Delete Recipes from GHCR
# Uses REL_VERSION as the recipe version so PR builds result in a `pr-<pr number>` tag
run: ./.github/scripts/delete-recipes.sh radius-project dev/recipes ${{ env.REL_VERSION }}

# This is where we can add integration tests in the future

publish-public:
name: Publish Recipes to Public ACR
runs-on: ubuntu-latest
if: github.event_name != 'pull_request'
name: Publish Recipes to GHCR - Public
runs-on: ubuntu-latest
environment:
name: Public
env:
ACR_HOST: radius.azurecr.io
permissions:
contents: read
packages: write
steps:
- name: Check out repo
uses: actions/checkout@v3
- name: az CLI login
run: |
az login --service-principal \
--username ${{ secrets.AZURE_SP_TESTS_APPID }} \
--password ${{ secrets.AZURE_SP_TESTS_PASSWORD }} \
--tenant ${{ secrets.AZURE_SP_TESTS_TENANTID }}
- name: Parse release version and set environment variables
run: python ./.github/scripts/get_release_version.py
- name: Download rad-bicep
- name: Download rad CLI
run: |
./.github/scripts/curl-with-retries.sh https://get.radapp.dev/tools/bicep-extensibility/edge/linux-x64/rad-bicep --output rad-bicep
echo "Downloading edge rad CLI"
wget -q "${{ env.RAD_CLI_URL }}" -O - | /bin/bash -s edge
chmod +x rad-bicep
./rad-bicep --version
- name: Publish Recipes to Prod ACR
run: |
./.github/scripts/publish-recipes.sh . radius.azurecr.io ${{ env.REL_CHANNEL }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Publish Recipes to GHCR
run: |
./.github/scripts/publish-recipes.sh radius-project recipes ${{ env.REL_CHANNEL }}
if [ "${{ env.REL_TAG }}" != "${{ env.REL_CHANNEL }}" ]; then
./.github/scripts/publish-recipes.sh . radius.azurecr.io ${{ env.REL_TAG }}
./.github/scripts/publish-recipes.sh radius-project recipes ${{ env.REL_TAG }}
fi

0 comments on commit ed7baaa

Please sign in to comment.