diff --git a/.github/workflows/release-images.yml b/.github/workflows/release-images.yml index 01aa08d5..c8ffcfe1 100644 --- a/.github/workflows/release-images.yml +++ b/.github/workflows/release-images.yml @@ -5,10 +5,10 @@ on: env: GHCR_REGISTRY: ghcr.io - GHCR_UI_IMAGE_NAME: "${{ github.repository }}/ui" + GHCR_UI_IMAGE_NAME: ${{ github.repository }}/ui + GHCR_PS_IMAGE_NAME: ${{ github.repository }}/pathservice QUAY_REGISTRY: quay.io QUAY_UI_IMAGE_NAME: instructlab-ui/ui - GHCR_PS_IMAGE_NAME: "${{ github.repository }}/pathservice" QUAY_PS_IMAGE_NAME: instructlab-ui/pathservice jobs: @@ -23,31 +23,22 @@ jobs: id-token: write steps: - - name: Extract Release Tag - id: get_release_tag - run: |- - RELEASE_TAG="release-${{ github.event.release.tag_name }}" - echo "RELEASE_TAG=${RELEASE_TAG}" >> "$GITHUB_ENV" - - name: Check out the repo uses: actions/checkout@v4 - with: - token: ${{ secrets.BOT_PAT }} - ref: "${{ steps.get_release_tag.outputs.RELEASE_TAG }}" - name: Log in to the GHCR container image registry uses: docker/login-action@v3 with: - registry: "${{ env.GHCR_REGISTRY }}" - username: "${{ github.actor }}" - password: "${{ secrets.GITHUB_TOKEN }}" + registry: ${{ env.GHCR_REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} - name: Log in to the Quay container image registry uses: docker/login-action@v3 with: - registry: "${{ env.QUAY_REGISTRY }}" - username: "${{ secrets.QUAY_USERNAME }}" - password: "${{ secrets.QUAY_TOKEN }}" + registry: ${{ env.QUAY_REGISTRY }} + username: ${{ secrets.QUAY_USERNAME }} + password: ${{ secrets.QUAY_TOKEN }} - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 @@ -56,15 +47,15 @@ jobs: uses: actions/cache@v4 with: path: /tmp/.buildx-cache - key: "${{ runner.os }}-buildx-${{ github.sha }}" + key: ${{ runner.os }}-buildx-${{ github.sha }} restore-keys: |- - "${{ runner.os }}-buildx-" + ${{ runner.os }}-buildx- - name: Extract metadata (tags, labels) for UI image id: ghcr_ui_meta uses: docker/metadata-action@v5 with: - images: "${{ env.GHCR_REGISTRY }}/${{ env.GHCR_UI_IMAGE_NAME }}" + images: ${{ env.GHCR_REGISTRY }}/${{ env.GHCR_UI_IMAGE_NAME }} - name: Extract metadata (tags, labels) for UI image id: quay_ui_meta @@ -78,14 +69,12 @@ jobs: with: context: . push: true - tags: |- - "${{ steps.ghcr_ui_meta.outputs.tags }}" - "${{ env.GHCR_REGISTRY }}/${{ env.GHCR_UI_IMAGE_NAME }}:${{ steps.get_release_tag.outputs.RELEASE_TAG }}" + tags: ${{ steps.ghcr_ui_meta.outputs.tags }} labels: ${{ steps.ghcr_ui_meta.outputs.labels }} platforms: linux/amd64,linux/arm64 cache-from: type=gha cache-to: type=gha,mode=max - file: Containerfile + file: src/Containerfile - name: Generate Prod UI GHCR artifact attestation uses: actions/attest-build-provenance@v2 @@ -100,14 +89,12 @@ jobs: with: context: . push: true - tags: |- - "${{ steps.quay_ui_meta.outputs.tags }}" - "${{ env.QUAY_REGISTRY }}/${{ env.QUAY_UI_IMAGE_NAME }}:${{ steps.get_release_tag.outputs.RELEASE_TAG }}" + tags: ${{ steps.quay_ui_meta.outputs.tags }} labels: ${{ steps.quay_ui_meta.outputs.labels }} platforms: linux/amd64,linux/arm64 cache-from: type=gha cache-to: type=gha,mode=max - file: Containerfile + file: src/Containerfile - name: Generate PROD UI Quay artifact attestation uses: actions/attest-build-provenance@v2 @@ -115,12 +102,12 @@ jobs: subject-name: ${{ env.QUAY_REGISTRY }}/${{ env.QUAY_UI_IMAGE_NAME}} subject-digest: ${{ steps.push-ui-quay.outputs.digest }} push-to-registry: true - + - name: Re-Checkout main on the repo uses: actions/checkout@v4 with: - token: "${{ secrets.BOT_PAT }}" - ref: "main" + token: ${{ secrets.BOT_PAT }} + ref: main - name: Update coderefs before code changes run: |- @@ -129,7 +116,7 @@ jobs: - name: Update Prod Quay PS image id: update_prod_ui_manifest_image env: - RELEASE_TAG: ${{ steps.get_release_tag.outputs.RELEASE_TAG }} + RELEASE_TAG: ${{ github.event.release.tag_name }} run: |- sudo wget https://github.com/mikefarah/yq/releases/download/v4.34.1/yq_linux_amd64 -O /usr/local/bin/yq sudo chmod +x /usr/local/bin/yq @@ -142,7 +129,7 @@ jobs: git config user.name "platform-engineering-bot" git config user.email "platform-engineering@redhat.com" git add deploy/k8s/overlays/openshift/prod/kustomization.yaml - git commit -m "[CI AUTOMATION]: Bumping Prod UI image to tag: ${{ steps.get_release_tag.outputs.RELEASE_TAG }}" -s + git commit -m "[CI AUTOMATION]: Bumping Prod UI image to tag: ${{ github.event.release.tag_name }}" -s git push origin main build_and_publish_ps_prod_image: @@ -156,17 +143,8 @@ jobs: id-token: write steps: - - name: Extract Release Tag - id: get_release_tag - run: |- - RELEASE_TAG="release-${{ github.event.release.tag_name }}" - echo "RELEASE_TAG=${RELEASE_TAG}" >> "$GITHUB_ENV" - - name: Check out the repo uses: actions/checkout@v4 - with: - token: ${{ secrets.BOT_PAT }} - ref: "${{ steps.get_release_tag.outputs.RELEASE_TAG }}" - name: Log in to the GHCR container image registry uses: docker/login-action@v3 @@ -211,14 +189,12 @@ jobs: with: context: . push: true - tags: |- - "${{ steps.ghcr_ps_meta.outputs.tags }}" - "${{ env.GHCR_REGISTRY }}/${{ env.GHCR_PS_IMAGE_NAME }}:${{ steps.get_release_tag.outputs.RELEASE_TAG }}" + tags: ${{ steps.ghcr_ps_meta.outputs.tags }} labels: ${{ steps.ghcr_ps_meta.outputs.labels }} platforms: linux/amd64,linux/arm64 cache-from: type=gha cache-to: type=gha,mode=max - file: Containerfile + file: pathservice/Containerfile - name: Generate GHCR PS Image attestation uses: actions/attest-build-provenance@v2 @@ -233,14 +209,12 @@ jobs: with: context: . push: true - tags: |- - "${{ steps.quay_ps_meta.outputs.tags }}" - "${{ env.QUAY_REGISTRY }}/${{ env.QUAY_PS_IMAGE_NAME }}:${{ steps.get_release_tag.outputs.RELEASE_TAG }}" + tags: ${{ steps.quay_ps_meta.outputs.tags }} labels: ${{ steps.quay_ps_meta.outputs.labels }} platforms: linux/amd64,linux/arm64 cache-from: type=gha cache-to: type=gha,mode=max - file: Containerfile + file: pathservice/Containerfile - name: Generate Quay PS Image attestation uses: actions/attest-build-provenance@v2 @@ -252,17 +226,17 @@ jobs: - name: Checkout main on the repo uses: actions/checkout@v4 with: - token: "${{ secrets.BOT_PAT }}" - ref: "main" + token: ${{ secrets.BOT_PAT }} + ref: main - name: Update coderefs before code changes run: |- git pull --ff-only - + - name: Update Prod Quay PS image id: update_prod_ps_manifest_image env: - RELEASE_TAG: ${{ steps.get_release_tag.outputs.RELEASE_TAG }} + RELEASE_TAG: ${{ github.event.release.tag_name }} run: |- sudo wget https://github.com/mikefarah/yq/releases/download/v4.34.1/yq_linux_amd64 -O /usr/local/bin/yq sudo chmod +x /usr/local/bin/yq @@ -275,5 +249,5 @@ jobs: git config user.name "platform-engineering-bot" git config user.email "platform-engineering@redhat.com" git add deploy/k8s/overlays/openshift/prod/kustomization.yaml - git commit -m "[CI AUTOMATION]: Bumping Prod PS image to tag: ${{ steps.get_release_tag.outputs.RELEASE_TAG }}" -s + git commit -m "[CI AUTOMATION]: Bumping Prod PS image to tag: ${{ github.event.release.tag_name }}" -s git push origin main