RF Runtime Release publish #21
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: RF Runtime Release publish | |
| # Controls when the workflow will run | |
| on: | |
| # Allows you to run this workflow manually from the Actions tab | |
| workflow_dispatch: | |
| inputs: | |
| patch-version: | |
| description: 'Patch Version Number (1.0.XX)' | |
| required: true | |
| default: '22' | |
| type: string | |
| build-number: | |
| description: 'Patch Version Number (1.0.22-XX)' | |
| required: true | |
| default: '1' | |
| type: string | |
| jobs: | |
| publish-release: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Clone runtime repo | |
| uses: actions/checkout@v4 | |
| - name: Download release | |
| env: | |
| PATCH_VERSION: ${{ inputs.patch-version }} | |
| BUILD_NUMBER: ${{ inputs.build-number }} | |
| run: | | |
| REVISION="1.0.$PATCH_VERSION-$BUILD_NUMBER" | |
| az storage blob download --account-name ${{ secrets.PRODMON_STORAGE_ACCOUNT }} --account-key ${{ secrets.PRODMON_STORAGE_KEY }} --container-name "releases" --name rfcmd-$REVISION.tar.gz --file rfcmd-$REVISION.tar.gz | |
| tar xvzf rfcmd-$REVISION.tar.gz | |
| - name: Make Release | |
| uses: softprops/action-gh-release@v1 | |
| with: | |
| name: 1.0.${{ inputs.patch-version }} | |
| tag_name: 1.0.${{ inputs.patch-version }} | |
| body_path: CHANGELOG.md | |
| files: | | |
| rf-cmd-darwin-arm64 | |
| rf-cmd-linux-amd64 | |
| - name: Update latest Release | |
| uses: softprops/action-gh-release@v1 | |
| with: | |
| name: latest | |
| tag_name: latest | |
| body_path: CHANGELOG.md | |
| files: | | |
| rf-cmd-darwin-arm64 | |
| rf-cmd-linux-amd64 | |
| - name: Install crane | |
| run: | | |
| VERSION=$(curl -s "https://api.github.com/repos/google/go-containerregistry/releases/latest" | jq -r '.tag_name') | |
| OS=Linux | |
| ARCH=x86_64 | |
| curl -sL "https://github.com/google/go-containerregistry/releases/download/${VERSION}/go-containerregistry_${OS}_${ARCH}.tar.gz" > go-containerregistry.tar.gz | |
| tar -zxvf go-containerregistry.tar.gz -C /usr/local/bin/ crane | |
| crane version | |
| - name: crane login to quay | |
| run: crane auth login quay.io -u ${{ secrets.RF_QUAY_USERNAME }} -p ${{ secrets.RF_QUAY_PASSWORD }} | |
| - name: crane login to rfruntimeoffer | |
| run: crane auth login rfruntimeoffer.azurecr.io -u ${{ secrets.RF_AZURE_RUNTIMEOFFER_USERNAME }} -p ${{ secrets.RF_AZURE_RUNTIMEOFFER_PASSWORD }} | |
| - name: download CNAB bundle | |
| run: | | |
| REVISION=1.0.${{ inputs.patch-version }}-${{ inputs.build-number }} | |
| az storage blob download --account-name ${{ secrets.PRODMON_STORAGE_ACCOUNT }} --account-key ${{ secrets.PRODMON_STORAGE_KEY }} --container-name "releases" --name cnab-$REVISION.tar.gz --file cnab-$REVISION.tar.gz | |
| rm -rf $GITHUB_WORKSPACE/cnab_bundle | |
| mkdir -p $GITHUB_WORKSPACE/cnab_bundle | |
| tar -xvzf cnab-$REVISION.tar.gz -C $GITHUB_WORKSPACE/cnab_bundle | |
| - name: download yq | |
| run: | | |
| yq_url=https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 | |
| wget -q "$yq_url" -O /usr/local/bin/yq | |
| yq --version | |
| - name: copy quay to rfruntime | |
| run: | | |
| image_keys=$(yq eval '.global.azure.images | keys ' $GITHUB_WORKSPACE/cnab_bundle/k8s-scanner/values.yaml) | |
| # Iterate over the images using a Bash for loop | |
| while IFS= read -r image_key; do | |
| # Remove "-" and extra space from the image | |
| image_key=${image_key//- /} | |
| echo "fetching details for ${image_key}" | |
| image=$(yq eval ".global.azure.images.${image_key}.image" $GITHUB_WORKSPACE/cnab_bundle/k8s-scanner/values.yaml) | |
| registry=$(yq eval ".global.azure.images.${image_key}.registry" $GITHUB_WORKSPACE/cnab_bundle/k8s-scanner/values.yaml) | |
| tag=$(yq eval ".global.azure.images.${image_key}.tag" $GITHUB_WORKSPACE/cnab_bundle/k8s-scanner/values.yaml) | |
| crane copy "${registry}/${image}:${tag}" rfruntimeoffer.azurecr.io/"${image}:${tag}" | |
| done <<< "$image_keys" | |
| - name: modify registry to azure registry | |
| run: | | |
| image_keys=$(yq eval '.global.azure.images | keys ' $GITHUB_WORKSPACE/cnab_bundle/k8s-scanner/values.yaml) | |
| # Iterate over the images using a Bash for loop | |
| while IFS= read -r image_key; do | |
| # Remove "-" and extra space from the image | |
| image_key=${image_key//- /} | |
| echo "updating registry for ${image_key}" | |
| yq eval -i ".global.azure.images.${image_key}.registry = \"rfruntimeoffer.azurecr.io\"" $GITHUB_WORKSPACE/cnab_bundle/k8s-scanner/values.yaml | |
| done <<< "$image_keys" | |
| echo """ ***** dumping $GITHUB_WORKSPACE/cnab_bundle/k8s-scanner/values.yaml ****" | |
| cat $GITHUB_WORKSPACE/cnab_bundle/k8s-scanner/values.yaml | |
| - name: publish cnab bundle | |
| run: | | |
| docker pull mcr.microsoft.com/container-package-app:latest | |
| cat cnab_publish.sh | |
| echo """ running docker now for cnab publishing""" | |
| docker run -i -v /var/run/docker.sock:/var/run/docker.sock -v $GITHUB_WORKSPACE/cnab_bundle:/data -v $GITHUB_WORKSPACE/cnab_publish.sh:/scripts/cnab_publish.sh -eAZURE_TENANT_ID=${{ secrets.AZURE_TENANT_ID }} -eAZURE_CLIENT_ID=${{ secrets.AZURE_CLIENT_ID }} -eAZURE_CLIENT_SECRET=${{ secrets.AZURE_CLIENT_SECRET }} -eREGISTRY_NAME=rfruntimeoffer --entrypoint "/scripts/cnab_publish.sh" mcr.microsoft.com/container-package-app:latest |