diff --git a/.github/actions/setup-ci/action.yaml b/.github/actions/setup-ci/action.yaml index d9024d5925..43eeb26c7c 100644 --- a/.github/actions/setup-ci/action.yaml +++ b/.github/actions/setup-ci/action.yaml @@ -16,7 +16,7 @@ runs: run: |- set -exu; mkdir -p /tmp/artifacts/${JOB_NAME}/; - - uses: actions/setup-node@v2 + - uses: actions/setup-node@v4 with: node-version: '16' cache: 'yarn' diff --git a/.github/docker/docker-compose.yaml b/.github/docker/docker-compose.yaml index 2075539116..41c654274d 100644 --- a/.github/docker/docker-compose.yaml +++ b/.github/docker/docker-compose.yaml @@ -67,7 +67,7 @@ services: pykmip: network_mode: "host" profiles: ['pykmip'] - image: registry.scality.com/cloudserver-dev/pykmip + image: ${PYKMIP_IMAGE:-ghcr.io/scality/cloudserver/pykmip} volumes: - /tmp/artifacts/${JOB_NAME}:/artifacts mongo: diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index e9db9373c6..b414ee4330 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -14,12 +14,12 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v3 with: languages: javascript, python, ruby - name: Build and analyze - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@v3 diff --git a/.github/workflows/dependency-review.yaml b/.github/workflows/dependency-review.yaml index 4716cdfd1f..91f040631a 100644 --- a/.github/workflows/dependency-review.yaml +++ b/.github/workflows/dependency-review.yaml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest steps: - name: 'Checkout Repository' - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: 'Dependency Review' - uses: actions/dependency-review-action@v3 + uses: actions/dependency-review-action@v4 diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 1250616439..d3df6fe089 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -10,58 +10,69 @@ on: required: true env: - REGISTRY_NAME: registry.scality.com PROJECT_NAME: ${{ github.event.repository.name }} jobs: build-federation-image: - uses: scality/workflows/.github/workflows/docker-build.yaml@v1 - secrets: inherit - with: - push: true - registry: registry.scality.com - namespace: ${{ github.event.repository.name }} - name: ${{ github.event.repository.name }} - context: . - file: images/svc-base/Dockerfile - tag: ${{ github.event.inputs.tag }}-svc-base + runs-on: ubuntu-20.04 + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Login to GitHub Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ github.token }} + - name: Build and push image for federation + uses: docker/build-push-action@v5 + with: + push: true + context: . + file: images/svc-base/Dockerfile + tags: | + ghcr.io/${{ github.repository }}:${{ github.event.inputs.tag }}-svc-base + cache-from: type=gha,scope=federation + cache-to: type=gha,mode=max,scope=federation release: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Set up Docker Buildk - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Login to Registry - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: - registry: ${{ env.REGISTRY_NAME }} - username: ${{ secrets.REGISTRY_LOGIN }} - password: ${{ secrets.REGISTRY_PASSWORD }} + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ github.token }} - name: Push dashboards into the production namespace run: | - oras push ${{ env.REGISTRY_NAME }}/${{ env.PROJECT_NAME }}/${{ env.PROJECT_NAME }}-dashboards:${{ github.event.inputs.tag }} \ + oras push ghcr.io/${{ github.repository }}/${{ env.PROJECT_NAME }}-dashboards:${{ github.event.inputs.tag }} \ dashboard.json:application/grafana-dashboard+json \ alerts.yaml:application/prometheus-alerts+yaml working-directory: monitoring - name: Build and push - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: context: . push: true - tags: ${{ env.REGISTRY_NAME }}/${{ env.PROJECT_NAME }}/${{ env.PROJECT_NAME }}:${{ github.event.inputs.tag }} + tags: ghcr.io/${{ github.repository }}:${{ github.event.inputs.tag }} cache-from: type=gha cache-to: type=gha,mode=max - name: Create Release - uses: softprops/action-gh-release@v1 + uses: softprops/action-gh-release@v2 env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GITHUB_TOKEN: ${{ github.token }} with: name: Release ${{ github.event.inputs.tag }} tag_name: ${{ github.event.inputs.tag }} diff --git a/.github/workflows/tests.yaml b/.github/workflows/tests.yaml index 41570fd13c..5d5365412a 100644 --- a/.github/workflows/tests.yaml +++ b/.github/workflows/tests.yaml @@ -73,17 +73,17 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 - - uses: actions/setup-node@v2 + uses: actions/checkout@v4 + - uses: actions/setup-node@v4 with: node-version: '16' cache: yarn - name: install dependencies run: yarn install --frozen-lockfile --network-concurrency 1 - - uses: actions/setup-python@v4 + - uses: actions/setup-python@v5 with: python-version: '3.9' - - uses: actions/cache@v3 + - uses: actions/cache@v4 with: path: ~/.cache/pip key: ${{ runner.os }}-pip @@ -116,7 +116,7 @@ jobs: find . -name "*junit*.xml" -exec cp {} artifacts/junit/ ";" if: always() - name: Upload files to artifacts - uses: scality/action-artifacts@v2 + uses: scality/action-artifacts@v4 with: method: upload url: https://artifacts.scality.net @@ -132,46 +132,48 @@ jobs: packages: write steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Login to GitHub Registry - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.repository_owner }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Login to Registry - uses: docker/login-action@v2 - with: - registry: registry.scality.com - username: ${{ secrets.REGISTRY_LOGIN }} - password: ${{ secrets.REGISTRY_PASSWORD }} + password: ${{ github.token }} - name: Build and push cloudserver image - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: push: true context: . provenance: false tags: | - ghcr.io/${{ github.repository }}/cloudserver:${{ github.sha }} - registry.scality.com/cloudserver-dev/cloudserver:${{ github.sha }} + ghcr.io/${{ github.repository }}:${{ github.sha }} cache-from: type=gha,scope=cloudserver cache-to: type=gha,mode=max,scope=cloudserver + - name: Build and push pykmip image + uses: docker/build-push-action@v5 + with: + push: true + context: .github/pykmip + tags: | + ghcr.io/${{ github.repository }}/pykmip:${{ github.sha }} + cache-from: type=gha,scope=pykmip + cache-to: type=gha,mode=max,scope=pykmip - name: Build and push MongoDB - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: push: true context: .github/docker/mongodb tags: ghcr.io/${{ github.repository }}/ci-mongodb:${{ github.sha }} - cache-from: type=gha - cache-to: type=gha,mode=max + cache-from: type=gha,scope=mongodb + cache-to: type=gha,mode=max,scope=mongodb multiple-backend: runs-on: ubuntu-latest needs: build env: - CLOUDSERVER_IMAGE: ghcr.io/${{ github.repository }}/cloudserver:${{ github.sha }} + CLOUDSERVER_IMAGE: ghcr.io/${{ github.repository }}:${{ github.sha }} MONGODB_IMAGE: ghcr.io/${{ github.repository }}/ci-mongodb:${{ github.sha }} S3BACKEND: mem S3_LOCATION_FILE: /usr/src/app/tests/locationConfig/locationConfigTests.json @@ -179,7 +181,7 @@ jobs: JOB_NAME: ${{ github.job }} steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Setup CI environment uses: ./.github/actions/setup-ci - name: Setup CI services @@ -193,7 +195,7 @@ jobs: env: S3_LOCATION_FILE: tests/locationConfig/locationConfigTests.json - name: Upload logs to artifacts - uses: scality/action-artifacts@v3 + uses: scality/action-artifacts@v4 with: method: upload url: https://artifacts.scality.net @@ -213,11 +215,11 @@ jobs: S3_LOCATION_FILE: /usr/src/app/tests/locationConfig/locationConfigTests.json DEFAULT_BUCKET_KEY_FORMAT: v0 MONGODB_IMAGE: ghcr.io/${{ github.repository }}/ci-mongodb:${{ github.sha }} - CLOUDSERVER_IMAGE: ghcr.io/${{ github.repository }}/cloudserver:${{ github.sha }} + CLOUDSERVER_IMAGE: ghcr.io/${{ github.repository }}:${{ github.sha }} JOB_NAME: ${{ github.job }} steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Setup CI environment uses: ./.github/actions/setup-ci - name: Setup CI services @@ -231,7 +233,7 @@ jobs: env: S3_LOCATION_FILE: tests/locationConfig/locationConfigTests.json - name: Upload logs to artifacts - uses: scality/action-artifacts@v3 + uses: scality/action-artifacts@v4 with: method: upload url: https://artifacts.scality.net @@ -252,11 +254,11 @@ jobs: DEFAULT_BUCKET_KEY_FORMAT: v1 METADATA_MAX_CACHED_BUCKETS: 1 MONGODB_IMAGE: ghcr.io/${{ github.repository }}/ci-mongodb:${{ github.sha }} - CLOUDSERVER_IMAGE: ghcr.io/${{ github.repository }}/cloudserver:${{ github.sha }} + CLOUDSERVER_IMAGE: ghcr.io/${{ github.repository }}:${{ github.sha }} JOB_NAME: ${{ github.job }} steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Setup CI environment uses: ./.github/actions/setup-ci - name: Setup CI services @@ -271,7 +273,7 @@ jobs: env: S3_LOCATION_FILE: tests/locationConfig/locationConfigTests.json - name: Upload logs to artifacts - uses: scality/action-artifacts@v3 + uses: scality/action-artifacts@v4 with: method: upload url: https://artifacts.scality.net @@ -291,13 +293,13 @@ jobs: env: S3BACKEND: file S3VAULT: mem - CLOUDSERVER_IMAGE: ghcr.io/${{ github.repository }}/cloudserver:${{ github.sha }} + CLOUDSERVER_IMAGE: ghcr.io/${{ github.repository }}:${{ github.sha }} MONGODB_IMAGE: ghcr.io/${{ github.repository }}/ci-mongodb:${{ github.sha }} MPU_TESTING: "yes" JOB_NAME: ${{ matrix.job-name }} steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Setup CI environment uses: ./.github/actions/setup-ci - name: Setup matrix job artifacts directory @@ -314,7 +316,7 @@ jobs: bash wait_for_local_port.bash 8000 40 yarn run ft_test | tee /tmp/artifacts/${{ matrix.job-name }}/tests.log - name: Upload logs to artifacts - uses: scality/action-artifacts@v3 + uses: scality/action-artifacts@v4 with: method: upload url: https://artifacts.scality.net @@ -330,12 +332,12 @@ jobs: ENABLE_UTAPI_V2: t S3BACKEND: mem BUCKET_DENY_FILTER: utapi-event-filter-deny-bucket - CLOUDSERVER_IMAGE: ghcr.io/${{ github.repository }}/cloudserver:${{ github.sha }} + CLOUDSERVER_IMAGE: ghcr.io/${{ github.repository }}:${{ github.sha }} MONGODB_IMAGE: ghcr.io/${{ github.repository }}/ci-mongodb:${{ github.sha }} JOB_NAME: ${{ github.job }} steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Setup CI environment uses: ./.github/actions/setup-ci - name: Setup CI services @@ -347,7 +349,7 @@ jobs: bash wait_for_local_port.bash 8000 40 yarn run test_utapi_v2 | tee /tmp/artifacts/${{ github.job }}/tests.log - name: Upload logs to artifacts - uses: scality/action-artifacts@v3 + uses: scality/action-artifacts@v4 with: method: upload url: https://artifacts.scality.net @@ -363,12 +365,13 @@ jobs: S3BACKEND: file S3VAULT: mem MPU_TESTING: "yes" - CLOUDSERVER_IMAGE: ghcr.io/${{ github.repository }}/cloudserver:${{ github.sha }} + CLOUDSERVER_IMAGE: ghcr.io/${{ github.repository }}:${{ github.sha }} + PYKMIP_IMAGE: ghcr.io/${{ github.repository }}/pykmip:${{ github.sha }} MONGODB_IMAGE: ghcr.io/${{ github.repository }}/ci-mongodb:${{ github.sha }} JOB_NAME: ${{ github.job }} steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Setup CI environment uses: ./.github/actions/setup-ci - name: Copy KMIP certs @@ -384,7 +387,7 @@ jobs: bash wait_for_local_port.bash 5696 40 yarn run ft_kmip | tee /tmp/artifacts/${{ github.job }}/tests.log - name: Upload logs to artifacts - uses: scality/action-artifacts@v3 + uses: scality/action-artifacts@v4 with: method: upload url: https://artifacts.scality.net @@ -392,7 +395,7 @@ jobs: password: ${{ secrets.ARTIFACTS_PASSWORD }} source: /tmp/artifacts if: always() - + ceph-backend-test: runs-on: ubuntu-latest needs: build @@ -404,17 +407,17 @@ jobs: MPU_TESTING: "yes" S3_LOCATION_FILE: /usr/src/app/tests/locationConfig/locationConfigCeph.json MONGODB_IMAGE: ghcr.io/${{ github.repository }}/ci-mongodb:${{ github.sha }} - CLOUDSERVER_IMAGE: ghcr.io/${{ github.repository }}/cloudserver:${{ github.sha }} + CLOUDSERVER_IMAGE: ghcr.io/${{ github.repository }}:${{ github.sha }} JOB_NAME: ${{ github.job }} steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Login to GitHub Registry - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.repository_owner }} - password: ${{ secrets.GITHUB_TOKEN }} + password: ${{ github.token }} - name: Setup CI environment uses: ./.github/actions/setup-ci - uses: ruby/setup-ruby@v1 @@ -462,7 +465,7 @@ jobs: S3VAULT: mem S3METADATA: mongodb - name: Upload logs to artifacts - uses: scality/action-artifacts@v3 + uses: scality/action-artifacts@v4 with: method: upload url: https://artifacts.scality.net diff --git a/docs/RELEASE.md b/docs/RELEASE.md index 4602b3b8a6..10424e1b10 100644 --- a/docs/RELEASE.md +++ b/docs/RELEASE.md @@ -2,11 +2,12 @@ ## Docker Image Generation -Docker images are hosted on [registry.scality.com](registry.scality.com). -CloudServer has two namespaces there: +Docker images are hosted on [ghcri.io](https://github.com/orgs/scality/packages). +CloudServer has a few images there: -* Production Namespace: registry.scality.com/cloudserver -* Dev Namespace: registry.scality.com/cloudserver-dev +* Cloudserver container image: ghcr.io/scality/cloudserver +* Dashboard oras image: ghcr.io/scality/cloudserver/cloudser-dashboard +* Policies oras image: ghcr.io/scality/cloudserver/cloudser-dashboard With every CI build, the CI will push images, tagging the content with the developer branch's short SHA-1 commit hash. @@ -18,8 +19,8 @@ Tagged versions of cloudserver will be stored in the production namespace. ## How to Pull Docker Images ```sh -docker pull registry.scality.com/cloudserver-dev/cloudserver: -docker pull registry.scality.com/cloudserver/cloudserver: +docker pull ghcr.io/scality/cloudserver: +docker pull ghcr.io/scality/cloudserver: ``` ## Release Process diff --git a/images/svc-base/Dockerfile b/images/svc-base/Dockerfile index 68eb4ad87b..c571a32e3d 100644 --- a/images/svc-base/Dockerfile +++ b/images/svc-base/Dockerfile @@ -1,4 +1,4 @@ -FROM registry.scality.com/federation/nodesvc-base:7.10.6.0 +FROM ghcr.io/scality/federation/nodesvc-base:7.10.6.0 ENV S3_CONFIG_FILE=${CONF_DIR}/config.json ENV S3_LOCATION_FILE=${CONF_DIR}/locationConfig.json diff --git a/monitoring/push-to-registry.sh b/monitoring/push-to-registry.sh index 1176905b47..9fbd5180cd 100755 --- a/monitoring/push-to-registry.sh +++ b/monitoring/push-to-registry.sh @@ -45,8 +45,8 @@ then exit 1 fi -REGISTRY=${REGISTRY:-"registry.scality.com"} -PROJECT=${PROJECT:-"cloudserver-dev"} +REGISTRY=${REGISTRY:-"ghcr.io/scality"} +PROJECT=${PROJECT:-"cloudserver"} set -x ${ORAS} push "${REGISTRY}/${PROJECT}/${NAME_TAG}" "${INPUT_FILE}:${MIME_TYPE}"