Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update README.md #62

Closed
wants to merge 11 commits into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 9 additions & 7 deletions .github/workflows/e2e_libvirt.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ name: (Callable) libvirt e2e tests
on:
workflow_call:
inputs:
qcow2_artifact:
podvm_image:
required: true
type: string
install_directory_artifact:
Expand All @@ -27,7 +27,7 @@ env:

jobs:
test:
runs-on: az-ubuntu-2204
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v3
Expand All @@ -46,10 +46,12 @@ jobs:
with:
go-version: ${{ env.GO_VERSION }}

- uses: actions/download-artifact@v3
with:
name: ${{ inputs.qcow2_artifact }}
path: podvm
- name: Extract qcow2 from ${{ inputs.podvm_image }}
run: |
qcow2=$(echo ${{ inputs.podvm_image }} | sed -e "s#.*/\(.*\):.*#\1.qcow2#")
./hack/download-image.sh ${{ inputs.podvm_image }} . -o ${qcow2}
echo "PODVM_QCOW2=$(pwd)/${qcow2}" >> "$GITHUB_ENV"
working-directory: podvm

- name: Get the install directory
if: ${{ inputs.install_directory_artifact != '' }}
Expand Down Expand Up @@ -154,7 +156,7 @@ jobs:
export TEST_PROVISION="yes"
export TEST_TEARDOWN="no"
export TEST_PROVISION_FILE="$PWD/libvirt.properties"
export TEST_PODVM_IMAGE="${PWD}/podvm/${{ inputs.qcow2_artifact }}"
export TEST_PODVM_IMAGE="${{ env.PODVM_QCOW2 }}"
export TEST_E2E_TIMEOUT="50m"

make test-e2e
Expand Down
59 changes: 24 additions & 35 deletions .github/workflows/e2e_on_pull.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -43,43 +43,32 @@ jobs:

# Build the podvm images.
#
# Currently it will not build the podvm, instead it downloads the qcow2 file
# from the built image. The file will be archived so that downstream jobs can
# just download the file on their runners.
podvm:
name: podvm
podvm_builder:
needs: [authorize]
runs-on: ubuntu-latest
strategy:
fail-fast: true
matrix:
os:
- centos
- ubuntu
provider:
- generic
arch:
- amd64
env:
registry: quay.io/confidential-containers
podvm_image: podvm-${{ matrix.provider }}-${{ matrix.os }}-${{ matrix.arch }}
qcow2: podvm-${{ matrix.provider }}-${{ matrix.os }}-${{ matrix.arch }}.qcow2
steps:
- name: Checkout Code
uses: actions/checkout@v3
with:
fetch-depth: 0
ref: ${{ github.event.pull_request.head.sha }}
uses: ./.github/workflows/podvm_builder.yaml
with:
caa_src_ref: ${{ github.event.pull_request.head.sha }}
registry: ghcr.io/${{ github.repository_owner }}
secrets: inherit

- name: Extract the podvm qcow2
run: ./hack/download-image.sh ${{ env.registry }}/${{ env.podvm_image }} . -o ${{ env.qcow2 }}
working-directory: podvm
podvm_binaries:
needs: [podvm_builder]
uses: ./.github/workflows/podvm_binaries.yaml
with:
caa_src_ref: ${{ github.event.pull_request.head.sha }}
registry: ghcr.io/${{ github.repository_owner }}
builder_img_tag: ci-pr${{ github.event.number }}
secrets: inherit

- uses: actions/upload-artifact@v3
with:
name: ${{ env.qcow2 }}
path: podvm/${{ env.qcow2 }}
retention-days: 1
podvm:
needs: [podvm_binaries]
uses: ./.github/workflows/podvm.yaml
with:
caa_src_ref: ${{ github.event.pull_request.head.sha }}
registry: ghcr.io/${{ github.repository_owner }}
binaries_img_tag: ci-pr${{ github.event.number }}
builder_img_tag: ci-pr${{ github.event.number }}
secrets: inherit

# Build and push the cloud-api-adaptor image
#
Expand Down Expand Up @@ -175,6 +164,6 @@ jobs:
- amd64
uses: ./.github/workflows/e2e_libvirt.yaml
with:
qcow2_artifact: podvm-${{ matrix.provider }}-${{ matrix.os }}-${{ matrix.arch }}.qcow2
podvm_image: ghcr.io/${{ github.repository_owner }}/podvm-${{ matrix.provider }}-${{ matrix.os }}-${{ matrix.arch }}:ci-pr${{ github.event.number }}
install_directory_artifact: install_directory
git_ref: ${{ github.event.pull_request.head.sha }}
68 changes: 59 additions & 9 deletions .github/workflows/podvm.yaml
Original file line number Diff line number Diff line change
@@ -1,14 +1,27 @@
name: Create Pod VM Image
on:
workflow_run:
workflows: ["Create Pod VM Binaries Image"]
types:
- completed
workflow_call:
inputs:
builder_img_tag:
default: 'latest'
required: false
type: string
binaries_img_tag:
default: 'latest'
required: false
type: string
caa_src_ref:
default: ''
required: false
type: string
registry:
default: 'quay.io/confidential-containers'
required: false
type: string

jobs:
build:
name: Create pod vm image
if: ${{ github.event_name == 'workflow_dispatch' || github.event.workflow_run.conclusion == 'success' }}
runs-on: ubuntu-latest
strategy:
fail-fast: false
Expand All @@ -31,6 +44,19 @@ jobs:
steps:
- name: Checkout Code
uses: actions/checkout@v3
with:
fetch-depth: 0
ref: ${{ inputs.caa_src_ref }}

- name: Read properties from versions.yaml
run: |
# There reference to CAA sources will honored if passed to this
# workflow via inputs.
caa_src_ref="${{ inputs.caa_src_ref }}"
[ -n "$caa_src_ref" ] || \
caa_src_ref="$(yq '.git.cloud-api-adaptor.reference' versions.yaml)"
[ -n "$caa_src_ref" ]
echo "CAA_SRC_REF=${caa_src_ref}" >> $GITHUB_ENV

#- name: Set up QEMU
# uses: docker/setup-qemu-action@v2
Expand All @@ -40,17 +66,39 @@ jobs:

- name: Login to Quay container Registry
uses: docker/login-action@v2
if: ${{ startsWith(inputs.registry, 'quay.io') }}
with:
registry: quay.io
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_PASSWORD }}

- name: Login to Github Container Registry
if: ${{ startsWith(inputs.registry, 'ghcr.io') }}
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Determine image tags
run: |
event_name=${{ github.event_name }}
img="${{ inputs.registry }}/podvm-${{ matrix.provider }}-${{ matrix.os }}-${{ matrix.arch }}"
tags=""

case "$event_name" in
release)
tags="${img}:latest,${img}:${{ github.sha }}" ;;
pull_request|pull_request_target)
tags="${img}:ci-pr${{ github.event.number }}" ;;
esac

echo "IMG_TAGS=$tags" >> "$GITHUB_ENV"

- name: Build and push
uses: docker/build-push-action@v3
with:
tags: |
quay.io/confidential-containers/podvm-${{ matrix.provider }}-${{ matrix.os }}-${{ matrix.arch }}:latest
quay.io/confidential-containers/podvm-${{ matrix.provider }}-${{ matrix.os }}-${{ matrix.arch }}:${{ github.sha }}
tags: ${{ env.IMG_TAGS }}
push: true
context: podvm
platforms: linux/amd64
Expand All @@ -61,4 +109,6 @@ jobs:
"ARCH=${{ matrix.arch }}"
"UBUNTU_IMAGE_URL="
"UBUNTU_IMAGE_CHECKSUM="
"BINARIES_IMG=quay.io/confidential-containers/podvm-binaries-${{ matrix.os }}-${{ matrix.arch }}"
"BINARIES_IMG=${{ inputs.registry }}/podvm-binaries-${{ matrix.os }}-${{ matrix.arch }}:${{ inputs.binaries_img_tag }}"
"BUILDER_IMG=${{ inputs.registry }}/podvm-builder-${{ matrix.os }}:${{ inputs.builder_img_tag }}"
"CAA_SRC_REF=${{ env.CAA_SRC_REF }}"
62 changes: 54 additions & 8 deletions .github/workflows/podvm_binaries.yaml
Original file line number Diff line number Diff line change
@@ -1,14 +1,23 @@
name: Create Pod VM Binaries Image
on:
workflow_run:
workflows: ["Create Pod VM Builder Image"]
types:
- completed
workflow_call:
inputs:
builder_img_tag:
default: 'latest'
required: false
type: string
caa_src_ref:
default: ''
required: false
type: string
registry:
default: 'quay.io/confidential-containers'
required: false
type: string

jobs:
build:
name: Create pod vm binaries image
if: ${{ github.event_name == 'workflow_dispatch' || github.event.workflow_run.conclusion == 'success' }}
runs-on: ubuntu-latest
strategy:
fail-fast: false
Expand All @@ -26,6 +35,19 @@ jobs:
steps:
- name: Checkout Code
uses: actions/checkout@v3
with:
fetch-depth: 0
ref: ${{ inputs.caa_src_ref }}

- name: Read properties from versions.yaml
run: |
# There reference to CAA sources will honored if passed to this
# workflow via inputs.
caa_src_ref="${{ inputs.caa_src_ref }}"
[ -n "$caa_src_ref" ] || \
caa_src_ref="$(yq '.git.cloud-api-adaptor.reference' versions.yaml)"
[ -n "$caa_src_ref" ]
echo "CAA_SRC_REF=${caa_src_ref}" >> $GITHUB_ENV

#- name: Set up QEMU
# uses: docker/setup-qemu-action@v2
Expand All @@ -41,24 +63,48 @@ jobs:
password: ${{ secrets.DOCKER_PASSWORD }}

- name: Login to Quay container Registry
if: ${{ startsWith(inputs.registry, 'quay.io') }}
uses: docker/login-action@v2
with:
registry: quay.io
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_PASSWORD }}

- name: Login to Github Container Registry
if: ${{ startsWith(inputs.registry, 'ghcr.io') }}
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Determine image tags
run: |
event_name=${{ github.event_name }}
img="${{ inputs.registry }}/podvm-binaries-${{ matrix.os }}-${{ matrix.arch }}"
tags=""

case "$event_name" in
release)
tags="${img}:latest,${img}:${{ github.sha }}" ;;
pull_request|pull_request_target)
tags="${img}:ci-pr${{ github.event.number }}" ;;
esac

echo "IMG_TAGS=$tags" >> "$GITHUB_ENV"

- name: Build and push
uses: docker/build-push-action@v3
with:
tags: |
quay.io/confidential-containers/podvm-binaries-${{ matrix.os }}-${{ matrix.arch }}:latest
quay.io/confidential-containers/podvm-binaries-${{ matrix.os }}-${{ matrix.arch }}:${{ github.sha }}
tags: ${{ env.IMG_TAGS }}
push: true
context: podvm
platforms: linux/amd64
file: |
podvm/${{ matrix.dockerfile }}
build-args: |
"ARCH=${{ matrix.arch }}"
"BUILDER_IMG=${{ inputs.registry }}/podvm-builder-${{ matrix.os }}:${{ inputs.builder_img_tag }}"
"CAA_SRC_REF=${{ env.CAA_SRC_REF }}"
"UBUNTU_IMAGE_URL="
"UBUNTU_IMAGE_CHECKSUM="
Loading
Loading