From c29fb76828e6200c3f8ce196ee441619ecab9496 Mon Sep 17 00:00:00 2001 From: John Riebold Date: Wed, 9 Aug 2023 15:26:12 -0700 Subject: [PATCH] chore: Refactors CI, removes Dockerhub release --- .github/workflows/build.yaml | 31 +++++-- .github/workflows/code-quality.yaml | 48 ++++++++-- .github/workflows/release-chart.yaml | 63 ------------- .github/workflows/release.yaml | 107 ++++++++++++++-------- chart/sqs-prometheus-exporter/values.yaml | 2 +- 5 files changed, 132 insertions(+), 119 deletions(-) delete mode 100644 .github/workflows/release-chart.yaml diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index eac68a2..cacd720 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -1,20 +1,25 @@ -on: push name: Build +on: push + jobs: build-go: + name: Build Go + + runs-on: ${{ matrix.os }} + strategy: matrix: go-version: [1.21.x] os: [ubuntu-latest, macos-latest, windows-latest] - runs-on: ${{ matrix.os }} + steps: - - name: Install Go + - name: Set up Go uses: actions/setup-go@v4 with: go-version: ${{ matrix.go-version }} - - name: Create Cache + - name: Create cache uses: actions/cache@v3 with: path: ~/go/pkg/mod @@ -22,32 +27,38 @@ jobs: restore-keys: | ${{ runner.os }}-go- - - name: Checkout code + - name: Checkout uses: actions/checkout@v3 - - - name: build + + - name: Build run: go build if: steps.cache.outputs.cache-hit != 'true' build-docker: + name: Build Docker + runs-on: ubuntu-latest + steps: - name: Checkout uses: actions/checkout@v3 - - name: Set up Docker Buildx + + - name: Set up Buildx uses: docker/setup-buildx-action@v2 - - name: Cache Docker layers + + - name: Populate cache uses: actions/cache@v3 with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-${{ github.sha }} restore-keys: | ${{ runner.os }}-buildx- + - name: Build id: docker_build uses: docker/build-push-action@v4 with: push: false - tags: jmriebold/sqs-prometheus-exporter:latest + tags: ghcr.io/${{ github.repository }}:latest cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache diff --git a/.github/workflows/code-quality.yaml b/.github/workflows/code-quality.yaml index c142dfb..b1ddcd9 100644 --- a/.github/workflows/code-quality.yaml +++ b/.github/workflows/code-quality.yaml @@ -1,4 +1,5 @@ -name: code-quality +name: Lint + on: push: @@ -6,16 +7,49 @@ permissions: contents: read jobs: - golangci: - name: lint + lint-go: + name: Lint code + runs-on: ubuntu-latest + steps: - - uses: actions/checkout@v3 - - uses: actions/setup-go@v4 + - name: Checkout + uses: actions/checkout@v3 + + - name: Set up Go + uses: actions/setup-go@v4 with: go-version: '1.21' cache: false - - name: golangci-lint + + - name: Lint uses: golangci/golangci-lint-action@v3 with: - version: latest \ No newline at end of file + version: latest + + lint-chart: + name: Lint chart + + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + fetch-depth: 0 + + - name: Set up Helm + uses: azure/setup-helm@v3 + with: + version: v3.12.1 + + - name: Set up chart-testing + uses: helm/chart-testing-action@v2 + + - name: Test chart + id: list-changed + run: | + changed=$(ct list-changed --target-branch ${{ github.event.repository.default_branch }}) + if [[ -n "$changed" ]]; then + echo "changed=true" >> "$GITHUB_OUTPUT" + fi diff --git a/.github/workflows/release-chart.yaml b/.github/workflows/release-chart.yaml deleted file mode 100644 index 356bfd9..0000000 --- a/.github/workflows/release-chart.yaml +++ /dev/null @@ -1,63 +0,0 @@ -name: Release Charts - -on: - push: - tags: - - '*' - -jobs: - release: - permissions: - contents: write # to push chart release and create a release (helm/chart-releaser-action) - packages: write # needed for ghcr access - id-token: write # needed for keyless signing - - runs-on: ubuntu-latest - steps: - - name: Checkout Code - uses: actions/checkout@v3 - - - name: Fetch history - run: git fetch --prune --unshallow - - - name: Configure Git - run: | - git config user.name "$GITHUB_ACTOR" - git config user.email "$GITHUB_ACTOR@users.noreply.github.com" - - - name: Set up Helm - uses: azure/setup-helm@v3 - with: - version: v3.9.2 - - - name: Run chart-releaser - uses: helm/chart-releaser-action@v1 - with: - charts_dir: chart - env: - CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" - - - - name: Login to GitHub Container Registry - uses: docker/login-action@v2 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - uses: sigstore/cosign-installer@v3 - - name: Push charts to GHCR and sign - env: - COSIGN_EXPERIMENTAL: 1 - run: | - shopt -s nullglob - for pkg in .cr-release-packages/*; do - if [ -z "${pkg:-}" ]; then - break - fi - helm push "${pkg}" oci://ghcr.io/"${GITHUB_REPOSITORY_OWNER}"/charts > .digest - file=${pkg##*/} # extracts file name from full directory path - name=${file%-*} # extracts chart name from filename - digest=$(awk -F "[, ]+" '/Digest/{print $NF}' < .digest) - cosign sign ghcr.io/"${GITHUB_REPOSITORY_OWNER}"/charts/"${name}"@"${digest}" - done \ No newline at end of file diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 5fbe0b0..e97bd41 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -1,54 +1,73 @@ +name: Release + on: release: types: [published] -name: Build Release jobs: release-bins: - name: Release Go Binary + name: Release Go + runs-on: ubuntu-latest + strategy: matrix: goos: [linux, windows, darwin] goarch: [amd64] + steps: - - uses: actions/checkout@v3 - - uses: wangyoucao577/go-release-action@v1 + - name: Checkout + uses: actions/checkout@v3 + + - name: Release + uses: wangyoucao577/go-release-action@v1 with: github_token: ${{ secrets.GITHUB_TOKEN }} goos: ${{ matrix.goos }} goarch: ${{ matrix.goarch }} - goversion: "1.21" + goversion: "1.21.0" extra_files: LICENSE README.md release-docker: + name: Release Docker + runs-on: ubuntu-latest + + permissions: + contents: read + packages: write + steps: - name: Checkout uses: actions/checkout@v3 - - name: Prepare - id: prep - run: | - DOCKER_IMAGE=jmriebold/sqs-prometheus-exporter - VERSION=${GITHUB_REF#refs/tags/v} - TAGS="${DOCKER_IMAGE}:${VERSION},${DOCKER_IMAGE}:latest" - echo ::set-output name=tags::${TAGS} + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - - name: Cache Docker layers + + - name: Populate cache uses: actions/cache@v3 with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-${{ github.sha }} restore-keys: | ${{ runner.os }}-buildx- - - name: Login to DockerHub + + - name: Prepare + id: prep + run: | + DOCKER_IMAGE=ghcr.io/${GITHUB_REPOSITORY} + VERSION=${GITHUB_REF#refs/tags/v} + TAGS="${DOCKER_IMAGE}:${VERSION},${DOCKER_IMAGE}:latest" + echo ::set-output name=tags::${TAGS} + + - name: Log in uses: docker/login-action@v2 with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: Build and push - id: docker_build + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Release uses: docker/build-push-action@v4 with: push: true @@ -56,35 +75,47 @@ jobs: cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache - name: Create and publish a Docker image + release-chart: + name: Release chart - release-docker-gh: runs-on: ubuntu-latest + permissions: - contents: read - packages: write + contents: write # to push chart release and create a release (helm/chart-releaser-action) + packages: write # needed for ghcr access + id-token: write # needed for keyless signing steps: - - name: Checkout repository + - name: Checkout uses: actions/checkout@v3 - - name: Log in to the Container registry + - name: Fetch + run: git fetch --prune --unshallow + + - name: Configure Git + run: | + git config user.name "${GITHUB_ACTOR}" + git config user.email "${GITHUB_ACTOR}@users.noreply.github.com" + + - name: Set up Helm + uses: azure/setup-helm@v3 + with: + version: v3.9.2 + + - name: Set up cosign-installer + uses: sigstore/cosign-installer@v3 + + - name: Log in uses: docker/login-action@v2 with: - registry: ${{ env.REGISTRY }} + registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - name: Extract metadata (tags, labels) for Docker - id: meta - uses: docker/metadata-action@v4 - with: - images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - - - name: Build and push Docker image - uses: docker/build-push-action@v4 - with: - context: . - push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} + - name: Release + env: + REPO_NAME: ${{ github.event.repository.name }} + run: | + cd chart + helm package ${REPO_NAME} + helm push *.tgz "oci://ghcr.io/${GITHUB_REPOSITORY_OWNER}/charts" diff --git a/chart/sqs-prometheus-exporter/values.yaml b/chart/sqs-prometheus-exporter/values.yaml index 14ca689..2be7deb 100644 --- a/chart/sqs-prometheus-exporter/values.yaml +++ b/chart/sqs-prometheus-exporter/values.yaml @@ -2,7 +2,7 @@ app: name: sqs-prometheus-exporter image: - repository: jmriebold/sqs-prometheus-exporter + repository: ghcr.io/jmriebold/sqs-prometheus-exporter tag: 1.0.5 deployment: