ci: Introduce job to publish CSI driver image

This adds a new job to build and publish the CSI driver Docker image. Of course this job will fail after we merge this PR because the CSI driver compilation job hasn't been implemented yet. However that will be implemented directly after in #10561. Signed-off-by: Aurélien Bombo <abombo@microsoft.com>
2025-08-31 08:28:34 +00:00 · 2024-11-21 16:07:59 -06:00
parent e43c59a2c6
commit 893f6a4ca0
2 changed files with 77 additions and 0 deletions
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -135,6 +135,17 @@ jobs:
          platforms: linux/amd64, linux/s390x
          file: tests/integration/kubernetes/runtimeclass_workloads/confidential/unencrypted/Dockerfile

+  publish-csi-driver-amd64:
+    needs: publish-kata-deploy-payload-amd64
+    uses: ./.github/workflows/publish-csi-driver-amd64.yaml
+    with:
+      commit-hash: ${{ inputs.commit-hash }}
+      pr-number: ${{ inputs.pr-number }}
+      registry: ghcr.io
+      tarball-suffix: -${{ inputs.tag }}
+      target-branch: ${{ inputs.target-branch }}
+    secrets: inherit
+
  run-kata-monitor-tests:
    if: ${{ inputs.skip-test != 'yes' }}
    needs: build-kata-static-tarball-amd64
--- a/.github/workflows/publish-csi-driver-amd64.yaml
+++ b/.github/workflows/publish-csi-driver-amd64.yaml
@@ -0,0 +1,66 @@
+name: CI | Publish CSI driver for amd64
+on:
+  workflow_call:
+    inputs:
+      pr-number:
+        required: true
+        type: string
+      tarball-suffix:
+        required: false
+        type: string
+      registry:
+        required: true
+        type: string
+      commit-hash:
+        required: false
+        type: string
+      target-branch:
+        required: false
+        type: string
+        default: ""
+
+jobs:
+  publish-csi-driver:
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          ref: ${{ inputs.commit-hash }}
+          fetch-depth: 0
+
+      - name: Rebase atop of the latest target branch
+        run: |
+          ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch"
+        env:
+          TARGET_BRANCH: ${{ inputs.target-branch }}
+
+      - name: get-kata-tarball
+        uses: actions/download-artifact@v4
+        with:
+          name: kata-static-tarball-amd64${{ inputs.tarball-suffix }}
+          path: kata-artifacts
+
+      - name: Install tools
+        run: bash tests/integration/kubernetes/gha-run.sh install-kata-tools kata-artifacts
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to Kata Containers ghcr.io
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ inputs.registry }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Docker build and push
+        uses: docker/build-push-action@v5
+        with:
+          tags: ghcr.io/kata-containers/csi-kata-directvolume:${{ inputs.pr-number }}
+          push: true
+          context: src/tools/csi-kata-directvolume/
+          platforms: linux/amd64
+          file: src/tools/csi-kata-directvolume/Dockerfile
+          build-args: |
+            binary=/opt/kata/bin/csi-kata-directvolume