Skip to content
This repository has been archived by the owner on Nov 27, 2024. It is now read-only.

rest: ensure update/patch workspace requests are performed by owner #1046

rest: ensure update/patch workspace requests are performed by owner

rest: ensure update/patch workspace requests are performed by owner #1046

Workflow file for this run

name: Build container images
on: # yamllint disable-line rule:truthy
push:
branches: [main]
pull_request_target:
types: [opened, synchronize, reopened, ready_for_review]
workflow_dispatch:
inputs:
version:
required: true
type: string
env:
QUAY_NAMESPACE: ${{ vars.QUAY_NAMESPACE || 'konflux-workspaces' }}
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
build-workspaces:
name: Build workspace images
runs-on: ubuntu-22.04
strategy:
matrix:
include:
- directory: server
image_base: workspaces-server
- directory: operator
image_base: workspaces-operator
env:
GO_VERSION: 1.22
steps:
- name: Checkout Git Repository
uses: actions/checkout@v4
if: ${{ github.event_name == 'pull_request_target' }}
with:
ref: ${{ github.event.pull_request.head.ref }}
repository: ${{ github.event.pull_request.head.repo.full_name }}
- name: Checkout Git Repository
uses: actions/checkout@v4
if: ${{ github.event_name != 'pull_request_target' }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
cache: false
- name: Compute base image
id: img
run: |
IMG="quay.io/${{ env.QUAY_NAMESPACE }}/${{ matrix.image_base }}"
echo "base=${IMG}" >> ${GITHUB_OUTPUT}
- name: Build image
id: tag
run: |
if [[ "${GITHUB_EVENT_NAME}" = "pull_request_target" ]]; then
export PR_SHA=${{ github.event.pull_request.head.sha }}
export IMG="${{ steps.img.outputs.base }}:pr-${{ github.event.pull_request.number }}-${PR_SHA:0:8}"
elif [[ "${GITHUB_EVENT_NAME}" = "push" ]]; then
export IMG="${{ steps.img.outputs.base }}:${GITHUB_SHA:0:8}"
else
export IMG="${{ steps.img.outputs.base }}:${{ inputs.version }}"
fi
echo "tag=${IMG}" >> ${GITHUB_OUTPUT}
make -C "${{ matrix.directory }}" docker-build
- name: Tag image with :latest
if: ${{ github.event_name == 'push' }}
env:
LATEST: ${{ matrix.image_base }}:latest
IMG: ${{ steps.tag.outputs.tag }}
run: docker tag "${IMG}" "${LATEST}"
- name: Login to Quay
uses: docker/login-action@v3
with:
registry: quay.io
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_TOKEN }}
- name: Push images
run: docker push -a "${{ steps.img.outputs.base }}"
build-kubesaw:
name: Build kubesaw components
runs-on: ubuntu-22.04
if: ${{ github.event_name == 'pull_request_target' }}
env:
GO_VERSION: 1.20.8
steps:
- name: Checkout Git Repository
uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.ref }}
repository: ${{ github.event.pull_request.head.repo.full_name }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
cache: false
- name: Prepare tools
uses: codeready-toolchain/toolchain-cicd/prepare-tools-action@master
- name: Login to Quay
uses: docker/login-action@v3
with:
registry: quay.io
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_TOKEN }}
- name: Build and push images
env:
PR_SHA: ${{ github.event.pull_request.head.sha }}
IMAGE_BUILDER: docker
run: |
export TAG=pr-${{ github.event.pull_request.number }}-${PR_SHA:0:8}
ci/toolchain_manager.sh publish "${TAG}"
package:
permissions:
contents: write
name: Create draft release
needs: build-workspaces
if: ${{ github.event_name == 'workflow_dispatch' }}
runs-on: ubuntu-22.04
steps:
- name: Checkout Git Repository
uses: actions/checkout@v4
- name: Package manifests for server
env:
IMG: quay.io/${{ env.QUAY_NAMESPACE }}/workspaces-server:${{ inputs.version }}
run: make -C server package
- name: Package manifests for operator
env:
IMG: quay.io/${{ env.QUAY_NAMESPACE }}/workspaces-operator:${{ inputs.version }}
run: make -C operator package
- name: Make a draft release
uses: ncipollo/release-action@v1
with:
artifacts: "operator/out/operator.tar.gz,server/out/server.tar.gz"
tag: ${{ inputs.version }}
commit: main
draft: true
generateReleaseNotes: true