ci: Introduce job to publish CSI driver image

This adds a new job to build and publish the CSI driver Docker image. Of course this job will fail after we merge this PR because the CSI driver compilation job hasn't been implemented yet. However that will be implemented directly after in #10561. Signed-off-by: Aurélien Bombo <abombo@microsoft.com>
2025-08-30 14:25:43 +00:00 · 2024-11-21 16:07:59 -06:00 · 2024-11-21 16:07:59 -06:00 · 893f6a4ca0
commit 893f6a4ca0
parent e43c59a2c6
2 changed files with 77 additions and 0 deletions
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@ -135,6 +135,17 @@ jobs:
          platforms: linux/amd64, linux/s390x
          file: tests/integration/kubernetes/runtimeclass_workloads/confidential/unencrypted/Dockerfile

+  publish-csi-driver-amd64:
+    needs: publish-kata-deploy-payload-amd64
+    uses: ./.github/workflows/publish-csi-driver-amd64.yaml
+    with:
+      commit-hash: ${{ inputs.commit-hash }}
+      pr-number: ${{ inputs.pr-number }}
+      registry: ghcr.io
+      tarball-suffix: -${{ inputs.tag }}
+      target-branch: ${{ inputs.target-branch }}
+    secrets: inherit
+
  run-kata-monitor-tests:
    if: ${{ inputs.skip-test != 'yes' }}
    needs: build-kata-static-tarball-amd64
--- a/.github/workflows/publish-csi-driver-amd64.yaml
+++ b/.github/workflows/publish-csi-driver-amd64.yaml
@ -0,0 +1,66 @@
+name: CI | Publish CSI driver for amd64
+on:
+  workflow_call:
+    inputs:
+      pr-number:
+        required: true
+        type: string
+      tarball-suffix:
+        required: false
+        type: string
+      registry:
+        required: true
+        type: string
+      commit-hash:
+        required: false
+        type: string
+      target-branch:
+        required: false
+        type: string
+        default: ""
+
+jobs:
+  publish-csi-driver:
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          ref: ${{ inputs.commit-hash }}
+          fetch-depth: 0
+
+      - name: Rebase atop of the latest target branch
+        run: |
+          ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch"
+        env:
+          TARGET_BRANCH: ${{ inputs.target-branch }}
+
+      - name: get-kata-tarball
+        uses: actions/download-artifact@v4
+        with:
+          name: kata-static-tarball-amd64${{ inputs.tarball-suffix }}
+          path: kata-artifacts
+
+      - name: Install tools
+        run: bash tests/integration/kubernetes/gha-run.sh install-kata-tools kata-artifacts
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to Kata Containers ghcr.io
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ inputs.registry }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Docker build and push
+        uses: docker/build-push-action@v5
+        with:
+          tags: ghcr.io/kata-containers/csi-kata-directvolume:${{ inputs.pr-number }}
+          push: true
+          context: src/tools/csi-kata-directvolume/
+          platforms: linux/amd64
+          file: src/tools/csi-kata-directvolume/Dockerfile
+          build-args: |
+            binary=/opt/kata/bin/csi-kata-directvolume