github/kata-containers
1
0
Fork 2
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-09-16 22:39:01 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #6596 from fidencio/topic/gha-only-push-to-registry-when-merging-content

Browse Source 
gha: Only push images to registry after merging a PR
This commit is contained in:
Fabiano Fidêncio
2023-04-05 22:07:13 +02:00
committed by GitHub
parent 2c38e17ef0 2550d4462d
commit ae488cc09f
10 changed files with 90 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
.github/workflows/build-kata-static-tarball-amd64.yaml vendored
View File

@@ -2,9 +2,17 @@ name: CI | Build kata-static tarball for amd64
on:
workflow_call:
inputs:
checkout-ref:
required: false
type: string
default: ${{ github.sha }}
tarball-suffix:
required: false
type: string
push-to-registry:
required: false
type: string
default: no
jobs:
build-asset:
@@ -25,6 +33,7 @@ jobs:
steps:
- uses: actions/checkout@v3
with:
ref: ${{ inputs.checkout-ref }}
fetch-depth: 0 # This is needed in order to keep the commit ids history
- name: Build ${{ matrix.asset }}
run: |
@@ -35,7 +44,7 @@ jobs:
env:
KATA_ASSET: ${{ matrix.asset }}
TAR_OUTPUT: ${{ matrix.asset }}.tar.gz
PUSH_TO_REGISTRY: yes
PUSH_TO_REGISTRY: ${{ inputs.push-to-registry }}
- name: store-artifact ${{ matrix.asset }}
uses: actions/upload-artifact@v3
@@ -50,6 +59,8 @@ jobs:
needs: build-asset
steps:
- uses: actions/checkout@v3
with:
ref: ${{ inputs.checkout-ref }}
- name: get-artifacts
uses: actions/download-artifact@v3
with:

13
.github/workflows/build-kata-static-tarball-arm64.yaml vendored
View File

@@ -2,9 +2,17 @@ name: CI | Build kata-static tarball for arm64
on:
workflow_call:
inputs:
checkout-ref:
required: false
type: string
default: ${{ github.sha }}
tarball-suffix:
required: false
type: string
push-to-registry:
required: false
type: string
default: no
jobs:
build-asset:
@@ -29,6 +37,7 @@ jobs:
- uses: actions/checkout@v3
with:
ref: ${{ inputs.checkout-ref }}
fetch-depth: 0 # This is needed in order to keep the commit ids history
- name: Build ${{ matrix.asset }}
run: |
@@ -39,7 +48,7 @@ jobs:
env:
KATA_ASSET: ${{ matrix.asset }}
TAR_OUTPUT: ${{ matrix.asset }}.tar.gz
PUSH_TO_REGISTRY: yes
PUSH_TO_REGISTRY: ${{ inputs.push-to-registry }}
- name: store-artifact ${{ matrix.asset }}
uses: actions/upload-artifact@v3
@@ -58,6 +67,8 @@ jobs:
sudo chown -R $USER:$USER $GITHUB_WORKSPACE
- uses: actions/checkout@v3
with:
ref: ${{ inputs.checkout-ref }}
- name: get-artifacts
uses: actions/download-artifact@v3
with:

13
.github/workflows/build-kata-static-tarball-s390x.yaml vendored
View File

@@ -2,9 +2,17 @@ name: CI | Build kata-static tarball for s390x
on:
workflow_call:
inputs:
checkout-ref:
required: false
type: string
default: ${{ github.sha }}
tarball-suffix:
required: false
type: string
push-to-registry:
required: false
type: string
default: no
jobs:
build-asset:
@@ -25,6 +33,7 @@ jobs:
- uses: actions/checkout@v3
with:
ref: ${{ inputs.checkout-ref }}
fetch-depth: 0 # This is needed in order to keep the commit ids history
- name: Build ${{ matrix.asset }}
run: |
@@ -36,7 +45,7 @@ jobs:
env:
KATA_ASSET: ${{ matrix.asset }}
TAR_OUTPUT: ${{ matrix.asset }}.tar.gz
PUSH_TO_REGISTRY: yes
PUSH_TO_REGISTRY: ${{ inputs.push-to-registry }}
- name: store-artifact ${{ matrix.asset }}
uses: actions/upload-artifact@v3
@@ -55,6 +64,8 @@ jobs:
sudo chown -R $USER:$USER $GITHUB_WORKSPACE
- uses: actions/checkout@v3
with:
ref: ${{ inputs.checkout-ref }}
- name: get-artifacts
uses: actions/download-artifact@v3
with:

25
.github/workflows/ci-on-push.yaml vendored
View File

@@ -1,37 +1,36 @@
name: Kata Containers CI
on:
pull_request_target:
workflow_run:
workflows:
- Commit Message Check
types:
- opened
- reopened
- labeled
- synchronize
- completed
jobs:
build-kata-static-tarball-amd64:
if: contains(github.event.pull_request.labels.*.name, 'ok-to-test')
if: ${{ github.event.workflow_run.conclusion == 'success' }}
uses: ./.github/workflows/build-kata-static-tarball-amd64.yaml
with:
tarball-suffix: -${{ github.event.pull_request.number}}-${{ github.sha }}
checkout-ref: ${{ github.event.workflow_run.head_sha }}
tarball-suffix: -${{ github.event.workflow_run.head_sha }}
publish-kata-deploy-payload-amd64:
if: contains(github.event.pull_request.labels.*.name, 'ok-to-test')
needs: build-kata-static-tarball-amd64
uses: ./.github/workflows/publish-kata-deploy-payload-amd64.yaml
with:
tarball-suffix: -${{ github.event.pull_request.number}}-${{ github.sha }}
checkout-ref: ${{ github.event.workflow_run.head_sha }}
tarball-suffix: -${{ github.event.workflow_run.head_sha }}
registry: ghcr.io
repo: ${{ github.repository_owner }}/kata-deploy-ci
tag: ${{ github.event.pull_request.number }}-${{ github.sha }}-amd64
quay-io-login-continue-on-error: true
tag: ${{ github.event.workflow_run.head_sha }}-amd64
secrets: inherit
run-k8s-tests-on-aks:
if: contains(github.event.pull_request.labels.*.name, 'ok-to-test')
needs: publish-kata-deploy-payload-amd64
uses: ./.github/workflows/run-k8s-tests-on-aks.yaml
with:
checkout-ref: ${{ github.event.workflow_run.head_sha }}
registry: ghcr.io
repo: ${{ github.repository_owner }}/kata-deploy-ci
tag: ${{ github.event.pull_request.number }}-${{ github.sha }}-amd64
tag: ${{ github.event.workflow_run.head_sha }}-amd64
secrets: inherit

12
.github/workflows/payload-after-push.yaml vendored
View File

@@ -8,12 +8,18 @@ on:
jobs:
build-assets-amd64:
uses: ./.github/workflows/build-kata-static-tarball-amd64.yaml
with:
push-to-registry: yes
build-assets-arm64:
uses: ./.github/workflows/build-kata-static-tarball-arm64.yaml
with:
push-to-registry: yes
build-assets-s390x:
uses: ./.github/workflows/build-kata-static-tarball-s390x.yaml
with:
push-to-registry: yes
publish-kata-deploy-payload-amd64:
needs: build-assets-amd64
@@ -28,7 +34,8 @@ jobs:
needs: build-assets-arm64
uses: ./.github/workflows/publish-kata-deploy-payload-arm64.yaml
with:
registry: quay.io/kata-containers/kata-deploy-ci
registry: quay.io
repo: kata-containers/kata-deploy-ci
tag: kata-containers-arm64
secrets: inherit
@@ -36,7 +43,8 @@ jobs:
needs: build-assets-s390x
uses: ./.github/workflows/publish-kata-deploy-payload-s390x.yaml
with:
registry: quay.io/kata-containers/kata-deploy-ci
registry: quay.io
repo: kata-containers/kata-deploy-ci
tag: kata-containers-s390x
secrets: inherit

13
.github/workflows/publish-kata-deploy-payload-amd64.yaml vendored
View File

@@ -2,6 +2,10 @@ name: CI | Publish kata-deploy payload for amd64
on:
workflow_call:
inputs:
checkout-ref:
required: false
type: string
default: ${{ github.sha }}
tarball-suffix:
required: false
type: string
@@ -14,16 +18,14 @@ on:
tag:
required: true
type: string
quay-io-login-continue-on-error:
required: false
type: boolean
default: false
jobs:
kata-payload:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
ref: ${{ inputs.checkout-ref }}
- name: get-kata-tarball
uses: actions/download-artifact@v3
@@ -31,14 +33,15 @@ jobs:
name: kata-static-tarball-amd64${{ inputs.tarball-suffix }}
- name: Login to Kata Containers quay.io
if: ${{ inputs.registry == 'quay.io' }}
uses: docker/login-action@v2
with:
registry: quay.io
username: ${{ secrets.QUAY_DEPLOYER_USERNAME }}
password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}
continue-on-error: ${{ inputs.quay-io-login-continue-on-error }}
- name: Login to Kata Containers ghcr.io
if: ${{ inputs.registry == 'ghcr.io' }}
uses: docker/login-action@v2
with:
registry: ghcr.io

13
.github/workflows/publish-kata-deploy-payload-arm64.yaml vendored
View File

@@ -2,6 +2,10 @@ name: CI | Publish kata-deploy payload for arm64
on:
workflow_call:
inputs:
checkout-ref:
required: false
type: string
default: ${{ github.sha }}
tarball-suffix:
required: false
type: string
@@ -14,10 +18,6 @@ on:
tag:
required: true
type: string
quay-io-login-continue-on-error:
required: false
type: boolean
default: false
jobs:
kata-payload:
@@ -28,6 +28,8 @@ jobs:
sudo chown -R $USER:$USER $GITHUB_WORKSPACE
- uses: actions/checkout@v3
with:
ref: ${{ inputs.checkout-ref }}
- name: get-kata-tarball
uses: actions/download-artifact@v3
@@ -35,14 +37,15 @@ jobs:
name: kata-static-tarball-arm64${{ inputs.tarball-suffix }}
- name: Login to Kata Containers quay.io
if: ${{ inputs.registry == 'quay.io' }}
uses: docker/login-action@v2
with:
registry: quay.io
username: ${{ secrets.QUAY_DEPLOYER_USERNAME }}
password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}
continue-on-error: ${{ inputs.quay-io-login-continue-on-error }}
- name: Login to Kata Containers ghcr.io
if: ${{ inputs.registry == 'ghcr.io' }}
uses: docker/login-action@v2
with:
registry: ghcr.io

13
.github/workflows/publish-kata-deploy-payload-s390x.yaml vendored
View File

@@ -2,6 +2,10 @@ name: CI | Publish kata-deploy payload for s390x
on:
workflow_call:
inputs:
checkout-ref:
required: false
type: string
default: ${{ github.sha }}
tarball-suffix:
required: false
type: string
@@ -14,10 +18,6 @@ on:
tag:
required: true
type: string
quay-io-login-continue-on-error:
required: false
type: boolean
default: false
jobs:
kata-payload:
@@ -28,6 +28,8 @@ jobs:
sudo chown -R $USER:$USER $GITHUB_WORKSPACE
- uses: actions/checkout@v3
with:
ref: ${{ inputs.checkout-ref }}
- name: get-kata-tarball
uses: actions/download-artifact@v3
@@ -35,14 +37,15 @@ jobs:
name: kata-static-tarball-s390x${{ inputs.tarball-suffix }}
- name: Login to Kata Containers quay.io
if: ${{ inputs.registry == 'quay.io' }}
uses: docker/login-action@v2
with:
registry: quay.io
username: ${{ secrets.QUAY_DEPLOYER_USERNAME }}
password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}
continue-on-error: ${{ inputs.quay-io-login-continue-on-error }}
- name: Login to Kata Containers ghcr.io
if: ${{ inputs.registry == 'ghcr.io' }}
uses: docker/login-action@v2
with:
registry: ghcr.io

6
.github/workflows/run-k8s-tests-on-aks.yaml vendored
View File

@@ -2,6 +2,10 @@ name: CI | Run kubernetes tests on AKS
on:
workflow_call:
inputs:
checkout-ref:
required: false
type: string
default: ${{ github.sha }}
registry:
required: true
type: string
@@ -35,6 +39,8 @@ jobs:
needs: create-aks
steps:
- uses: actions/checkout@v3
with:
ref: ${{ inputs.checkout-ref }}
- name: Install `bats`
run: |
sudo apt-get update