[#1033] Mount manager container's root filesystem as read-only #189
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
env: | |
IMAGE_NAME: activemq-artemis-operator | |
on: | |
push: | |
branches: [ main ] | |
pull_request: | |
branches: [ main ] | |
schedule: | |
- cron: '0 0 * * 0' | |
workflow_dispatch: | |
inputs: | |
skipTests: | |
description: 'Skip Tests' | |
required: false | |
default: false | |
type: boolean | |
skipDOTests: | |
description: 'Skip DO Tests' | |
required: false | |
default: false | |
type: boolean | |
skipTutorials: | |
description: 'Skip Tutorials' | |
required: false | |
default: false | |
type: boolean | |
jobs: | |
build: | |
name: Build | |
runs-on: ubuntu-latest | |
steps: | |
- name: Set up Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: '1.21.11' | |
cache: true | |
- name: Checkout the repo | |
uses: actions/checkout@v4 | |
- name: Start minikube | |
id: minikube | |
uses: medyagh/setup-minikube@master | |
with: | |
cpus: 2 | |
memory: 4g | |
addons: ingress | |
- name: Enable minikube ingress-nginx ssl-passthrough | |
run: > | |
minikube kubectl -- patch deployment -n ingress-nginx ingress-nginx-controller --type='json' -p='[{"op": "add", "path": "/spec/template/spec/containers/0/args/-", "value":"--enable-ssl-passthrough"}]' | |
- name: Check go.mod and go.sum files | |
run: go mod tidy && git status && git diff-index --quiet HEAD -- | |
- name: Check generate files | |
run: make build && make generate-deploy && make bundle && git status && git diff-index --quiet HEAD -- | |
- name: Build the image | |
run: | | |
podman build --build-arg TARGETOS=linux --build-arg TARGETARCH=amd64 --label quay.expires-after=90d --label git-sha=$GITHUB_SHA --no-cache --platform linux/amd64 --manifest $IMAGE_NAME:dev.latest . | |
- name: Push the image into minikube | |
run: | | |
export SHELL=/bin/bash | |
eval $(minikube -p minikube docker-env) | |
docker image list | |
export OPERATOR_IMAGE=$(grep -Po '(?<=image: ).*' ./deploy/operator.yaml) | |
podman tag $IMAGE_NAME:dev.latest $OPERATOR_IMAGE | |
podman save --output activemq-artemis-operator-image.tar --format docker-archive $OPERATOR_IMAGE | |
docker image load --input activemq-artemis-operator-image.tar | |
docker image list | |
- name: Execute tests | |
if: ${{ github.event_name == 'schedule' || github.event_name == 'workflow_dispatch' && !inputs.skipTests }} | |
run: make test-mk-v | |
- name: Execute do tests | |
if: ${{ github.event_name != 'workflow_dispatch' || !inputs.skipDOTests }} | |
run: make test-mk-do-v | |
- name: Run scorecard tests | |
run: make scorecard | tee scorecard.log && ! grep 'Suggestions' scorecard.log | |
- name: Run the tutorials | |
if: ${{ github.event_name == 'schedule' || github.event_name == 'workflow_dispatch' && !inputs.skipTutorials }} | |
run: minikube delete && minikube start && go run test/utils/tutorials/tester.go | |
- name: Set up Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 18.x | |
- name: Checkout artemiscloud.github.io | |
uses: actions/checkout@v4 | |
with: | |
repository: artemiscloud/artemiscloud.github.io | |
path: artemiscloud.github.io | |
- name: Build the docs | |
run: > | |
rm -rf artemiscloud.github.io/content/en/docs && | |
cp -r docs artemiscloud.github.io/content/en && | |
cd artemiscloud.github.io && | |
npm install && npm run build | |
- name: Set up QEMU | |
if: ${{ github.event_name == 'push' }} | |
uses: docker/setup-qemu-action@v3 | |
- name: Build the image for arm64 | |
if: ${{ github.event_name == 'push' }} | |
run: | | |
podman build --build-arg TARGETOS=linux --build-arg TARGETARCH=arm64 --label quay.expires-after=90d --label git-sha=$GITHUB_SHA --no-cache --platform linux/arm64 --manifest $IMAGE_NAME:dev.latest . | |
- name: Push the dev image | |
if: ${{ github.event_name == 'push' }} | |
run: | | |
COMMIT_TAG=dev.$(date +%Y%m%d).$(git rev-parse --short "$GITHUB_SHA") | |
podman login --username=${{ secrets.QUAY_USERNAME }} --password=${{ secrets.QUAY_PASSWORD }} quay.io | |
podman manifest push $IMAGE_NAME:dev.latest docker://quay.io/${{ secrets.QUAY_NAMESPACE }}/$IMAGE_NAME:$COMMIT_TAG | |
podman manifest push $IMAGE_NAME:dev.latest docker://quay.io/${{ secrets.QUAY_NAMESPACE }}/$IMAGE_NAME:dev.latest | |
- name: Build the bundle image | |
run: podman build --file bundle.Dockerfile --label quay.expires-after=90d --label git-sha=$GITHUB_SHA --tag $IMAGE_NAME-bundle:dev.latest . | |
- name: Push the bundle image | |
if: ${{ github.event_name == 'push' }} | |
run: | | |
COMMIT_TAG=dev.$(date +%Y%m%d).$(git rev-parse --short "$GITHUB_SHA") | |
podman login --username=${{ secrets.QUAY_USERNAME }} --password=${{ secrets.QUAY_PASSWORD }} quay.io | |
podman tag $IMAGE_NAME-bundle:dev.latest quay.io/${{ secrets.QUAY_NAMESPACE }}/$IMAGE_NAME-bundle:$COMMIT_TAG | |
podman push quay.io/${{ secrets.QUAY_NAMESPACE }}/$IMAGE_NAME-bundle:$COMMIT_TAG | |
podman tag $IMAGE_NAME-bundle:dev.latest quay.io/${{ secrets.QUAY_NAMESPACE }}/$IMAGE_NAME-bundle:dev.latest | |
podman push quay.io/${{ secrets.QUAY_NAMESPACE }}/$IMAGE_NAME-bundle:dev.latest |