Skip to content

Commit

Permalink
updated upload/download to v4
Browse files Browse the repository at this point in the history
  • Loading branch information
@garethahealy
garethahealy committed Nov 29, 2024
1 parent f6e4663 commit 8271d7b
Show file tree
Hide file tree
Showing 2 changed files with 105 additions and 35 deletions.
82 changes: 62 additions & 20 deletions .github/workflows/pr-operator.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -161,10 +161,11 @@ jobs:
make controller-gen
- name: Upload Support Binaries
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4
with:
name: support-binaries
path: ${{ steps.set-variables.outputs.bin_dir }}
retention-days: 1

outputs:
repository_name: ${{ steps.set-variables.outputs.repository_name }}
Expand Down Expand Up @@ -223,7 +224,7 @@ jobs:
key: ${{ runner.os }}-go-mod-${{ hashFiles('**/go.sum') }}

- name: Download Support Binaries
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4
with:
name: support-binaries
path: ${{ needs.setup.outputs.bin_dir }}
Expand Down Expand Up @@ -281,15 +282,15 @@ jobs:
scan-type: image
image-ref: ${{ env.OPERATOR_IMAGE_REPOSITORY }}:latest-${{ steps.setup-build-step.outputs.platform_os }}-${{ steps.setup-build-step.outputs.platform_arch }}
format: "cosign-vuln"
output: "operator-cosignvuln.json"
output: "operator-${{ steps.setup-build-step.outputs.platform_os }}-${{ steps.setup-build-step.outputs.platform_arch }}-cosignvuln.json"

- name: Run Trivy SBOM generator
uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0 # 0.29.0
with:
scan-type: image
image-ref: ${{ env.OPERATOR_IMAGE_REPOSITORY }}:latest-${{ steps.setup-build-step.outputs.platform_os }}-${{ steps.setup-build-step.outputs.platform_arch }}
format: "spdx-json"
output: "operator-spdxjson.json"
output: "operator-${{ steps.setup-build-step.outputs.platform_os }}-${{ steps.setup-build-step.outputs.platform_arch }}-spdxjson.json"

- name: Prepare Distribution Artifacts
shell: bash
Expand All @@ -304,16 +305,18 @@ jobs:
mv operator-*.json attestation
- name: Upload Dist
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4
with:
name: dist
name: dist-manager-${{ steps.setup-build-step.outputs.platform_os }}-${{ steps.setup-build-step.outputs.platform_arch }}
path: dist
retention-days: 1

- name: Upload attestation
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4
with:
name: attestation
name: attestation-manager-${{ steps.setup-build-step.outputs.platform_os }}-${{ steps.setup-build-step.outputs.platform_arch }}
path: attestation
retention-days: 1

build-bundle:
runs-on: ubuntu-latest
Expand Down Expand Up @@ -355,7 +358,7 @@ jobs:
key: ${{ runner.os }}-go-mod-${{ hashFiles('**/go.sum') }}

- name: Download Binaries
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4
with:
name: support-binaries
path: ${{ needs.setup.outputs.bin_dir }}
Expand Down Expand Up @@ -408,15 +411,15 @@ jobs:
scan-type: image
image-ref: ${{ env.BUNDLE_IMAGE_REPOSITORY }}:latest-${{ steps.setup-build-step.outputs.platform_os }}-${{ steps.setup-build-step.outputs.platform_arch }}
format: "cosign-vuln"
output: "bundle-cosignvuln.json"
output: "bundle-${{ steps.setup-build-step.outputs.platform_os }}-${{ steps.setup-build-step.outputs.platform_arch }}-cosignvuln.json"

- name: Run Trivy SBOM generator
uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0 # 0.29.0
with:
scan-type: image
image-ref: ${{ env.BUNDLE_IMAGE_REPOSITORY }}:latest-${{ steps.setup-build-step.outputs.platform_os }}-${{ steps.setup-build-step.outputs.platform_arch }}
format: "spdx-json"
output: "bundle-spdxjson.json"
output: "bundle-${{ steps.setup-build-step.outputs.platform_os }}-${{ steps.setup-build-step.outputs.platform_arch }}-spdxjson.json"

- name: Prepare Distribution Artifacts
shell: bash
Expand All @@ -434,16 +437,18 @@ jobs:
mv bundle-*.json attestation
- name: Upload Dist
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4
with:
name: dist
name: dist-bundle-${{ steps.setup-build-step.outputs.platform_os }}-${{ steps.setup-build-step.outputs.platform_arch }}
path: dist
retention-days: 1

- name: Upload attestation
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4
with:
name: attestation
name: attestation-bundle-${{ steps.setup-build-step.outputs.platform_os }}-${{ steps.setup-build-step.outputs.platform_arch }}
path: attestation
retention-days: 1

package-helm:
runs-on: ubuntu-latest
Expand Down Expand Up @@ -479,7 +484,7 @@ jobs:
key: ${{ runner.os }}-go-mod-${{ hashFiles('**/go.sum') }}

- name: Download Binaries
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4
with:
name: support-binaries
path: ${{ needs.setup.outputs.bin_dir }}
Expand All @@ -504,10 +509,11 @@ jobs:
helm package -d dist ./charts/${{ env.REPOSITORY_NAME }}
- name: Upload Dist
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4
with:
name: dist
name: dist-charts
path: dist
retention-days: 1

test-operator:
runs-on: ubuntu-latest
Expand Down Expand Up @@ -541,7 +547,7 @@ jobs:
key: ${{ runner.os }}-go-mod-${{ hashFiles('**/go.sum') }}

- name: Download Binaries
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4
with:
name: support-binaries
path: ${{ needs.setup.outputs.bin_dir }}
Expand Down Expand Up @@ -600,7 +606,7 @@ jobs:
key: ${{ runner.os }}-go-mod-${{ hashFiles('**/go.sum') }}

- name: Download Binaries
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4
with:
name: support-binaries
path: ${{ needs.setup.outputs.bin_dir }}
Expand All @@ -617,3 +623,39 @@ jobs:
- name: Test Helm Chart Deployment
shell: bash
run: make helmchart-test OPERATOR_NAME=${{ env.REPOSITORY_NAME }}

recombine-dist:
runs-on: ubuntu-latest
name: recombine-dist
needs: ["setup", "build-operator", "build-bundle", "package-helm" ]
steps:
- name: Prepare download
run: |
mkdir -p dist
mkdir -p attestation
- name: Download all dist artifacts
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4
with:
pattern: dist-*
merge-multiple: true
path: dist

- name: Download all attestation artifacts
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4
with:
pattern: attestation-*
merge-multiple: true
path: attestation

- name: Upload Dist
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4
with:
name: dist
path: dist

- name: Upload Attestation
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4
with:
name: attestation
path: attestation
58 changes: 43 additions & 15 deletions .github/workflows/release-operator.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -192,10 +192,12 @@ jobs:
make kustomize
- name: Upload Support Binaries
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4
with:
name: support-binaries
path: ${{ steps.set-variables.outputs.bin_dir }}
retention-days: 1

outputs:
repository_name: ${{ steps.set-variables.outputs.repository_name }}
bin_dir: ${{ steps.set-variables.outputs.bin_dir }}
Expand Down Expand Up @@ -267,7 +269,7 @@ jobs:
key: ${{ runner.os }}-go-mod-${{ hashFiles('**/go.sum') }}

- name: Download Support Binaries
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4
with:
name: support-binaries
path: ${{ needs.setup.outputs.bin_dir }}
Expand Down Expand Up @@ -375,10 +377,11 @@ jobs:
mv bin/manager dist/${{ env.REPOSITORY_NAME }}-manager-${{ env.OPERATOR_VERSION }}-${{ steps.setup-build-step.outputs.platform_os }}-${{ steps.setup-build-step.outputs.platform_arch }}
- name: Upload Dist
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4
with:
name: dist
name: dist-manager-${{ steps.setup-build-step.outputs.platform_os }}-${{ steps.setup-build-step.outputs.platform_arch }}
path: dist
retention-days: 1

- name: Output digests
id: digests
Expand Down Expand Up @@ -497,7 +500,7 @@ jobs:
key: ${{ runner.os }}-go-mod-${{ hashFiles('**/go.sum') }}

- name: Download Binaries
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4
with:
name: support-binaries
path: ${{ needs.setup.outputs.bin_dir }}
Expand Down Expand Up @@ -609,10 +612,11 @@ jobs:
rm -Rf ${{ env.REPOSITORY_NAME }}-bundle-${{ env.OPERATOR_VERSION }}-${{ steps.setup-build-step.outputs.platform_os }}-${{ steps.setup-build-step.outputs.platform_arch }}
- name: Upload Dist
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4
with:
name: dist
name: dist-bundle-${{ steps.setup-build-step.outputs.platform_os }}-${{ steps.setup-build-step.outputs.platform_arch }}
path: dist
retention-days: 1

- name: Output digests
id: digests
Expand Down Expand Up @@ -718,7 +722,7 @@ jobs:
key: ${{ runner.os }}-go-mod-${{ hashFiles('**/go.sum') }}

- name: Download Binaries
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4
with:
name: support-binaries
path: ${{ needs.setup.outputs.bin_dir }}
Expand All @@ -743,7 +747,30 @@ jobs:
helm package -d dist ./charts/${{ env.REPOSITORY_NAME }}
- name: Upload Dist
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4
with:
name: dist-charts
path: dist
retention-days: 1

recombine-dist:
runs-on: ubuntu-latest
name: recombine-dist
needs: [ "setup", "build-operator", "build-bundle", "package-helm" ]
steps:
- name: Prepare download
run: |
mkdir -p dist
- name: Download all dist artifacts
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4
with:
pattern: dist-*
merge-multiple: true
path: dist

- name: Upload Dist
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4
with:
name: dist
path: dist
Expand All @@ -761,6 +788,7 @@ jobs:
"package-helm",
"process-bundle-image-manifest",
"process-operator-image-manifest",
"recombine-dist"
]
env:
OPERATOR_VERSION: ${{ needs.setup.outputs.operator_version }}
Expand All @@ -773,7 +801,7 @@ jobs:
git fetch --prune --unshallow
- name: Download Dist Directory
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4
with:
name: dist
path: dist
Expand Down Expand Up @@ -820,13 +848,13 @@ jobs:
ref: gh-pages

- name: Download Workspace Binaries
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4
with:
name: support-binaries
path: bin

- name: Download Dist Directory
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4
with:
name: dist
path: dist
Expand Down Expand Up @@ -890,7 +918,7 @@ jobs:
echo "pull-request-body="$(echo $PR_REQUEST_BODY)"" >> $GITHUB_OUTPUT
- name: Download Dist Directory
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4
with:
name: dist
path: dist
Expand Down Expand Up @@ -1053,7 +1081,7 @@ jobs:
key: ${{ runner.os }}-go-mod-${{ hashFiles('**/go.sum') }}

- name: Download Binaries
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4
with:
name: support-binaries
path: ${{ needs.setup.outputs.bin_dir }}
Expand Down Expand Up @@ -1110,7 +1138,7 @@ jobs:
key: ${{ runner.os }}-go-mod-${{ hashFiles('**/go.sum') }}

- name: Download Binaries
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4
with:
name: support-binaries
path: ${{ needs.setup.outputs.bin_dir }}
Expand Down

0 comments on commit 8271d7b

Please sign in to comment.