From 89b62350d2a435381101b00d23633fcab177050b Mon Sep 17 00:00:00 2001 From: Sarath Chandra <39090092+sarathchandra24@users.noreply.github.com> Date: Sun, 26 May 2024 20:14:49 -0400 Subject: [PATCH 1/2] Fix fluentbit fluentd image tags (#5) * manual Fluent bit image tag * manual Fluent bit image tag Signed-off-by: Sarath Chandra Oruganti --- .github/workflows/build-fb-image.yaml | 67 ++++--- .github/workflows/check-fb.yaml | 251 ++++++++++++++++++++++++++ 2 files changed, 289 insertions(+), 29 deletions(-) create mode 100644 .github/workflows/check-fb.yaml diff --git a/.github/workflows/build-fb-image.yaml b/.github/workflows/build-fb-image.yaml index 0ad4f58b3..b3f73fd69 100644 --- a/.github/workflows/build-fb-image.yaml +++ b/.github/workflows/build-fb-image.yaml @@ -1,24 +1,12 @@ name: Building Fluent Bit image on: - push: - branches: - - 'master' - tags: - - 'v*' - paths: - - ".github/workflows/build-fb-image.yaml" - - "cmd/fluent-watcher/fluentbit/**" - - "cmd/fluent-watcher/hooks/**" - - "pkg/filenotify/**" - pull_request: - branches: - - "master" - paths: - - ".github/workflows/build-fb-image.yaml" - - "cmd/fluent-watcher/fluentbit/**" - - "cmd/fluent-watcher/hooks/**" - - "pkg/filenotify/**" + workflow_dispatch: + inputs: + docker_tag_version: + description: 'Docker tag version' + required: true + default: '3.0.4' env: DOCKER_REPO: 'kubesphere' @@ -42,6 +30,16 @@ jobs: steps: - name: Checkout code uses: actions/checkout@v4 + + - name: Extract version parts + id: extract_version + run: | + VERSION=${{ github.event.inputs.docker_tag_version }} + VERSION_WITHOUT_V=${VERSION#v} + MAJOR_MINOR=$(echo $VERSION_WITHOUT_V | cut -d. -f1-2) + + echo "VERSION_WITHOUT_V=$VERSION_WITHOUT_V" >> $GITHUB_ENV + echo "MAJOR_MINOR=$MAJOR_MINOR" >> $GITHUB_ENV - name: docker metadata for building id: image-metadata @@ -50,11 +48,12 @@ jobs: images: "ghcr.io/${{ env.GITHUB_IMAGE }}" tags: | raw,latest - type=ref,event=branch - type=ref,event=pr - type=ref,event=tag - type=semver,pattern={{version}} - type=semver,pattern={{major}}.{{minor}} + type=raw,value=${{ github.event.inputs.docker_tag_version }} + type=raw,value=v${{ github.event.inputs.docker_tag_version }} + type=raw,value=${{ env.MAJOR_MINOR }} + type=raw,value=v${{ env.MAJOR_MINOR }} + env: + MAJOR_MINOR: ${{ env.MAJOR_MINOR }} - name: Set outputs id: set-outputs @@ -75,6 +74,16 @@ jobs: - name: Checkout code uses: actions/checkout@v4 + - name: Extract version parts + id: extract_version + run: | + VERSION=${{ github.event.inputs.docker_tag_version }} + VERSION_WITHOUT_V=${VERSION#v} + MAJOR_MINOR=$(echo $VERSION_WITHOUT_V | cut -d. -f1-2) + + echo "VERSION_WITHOUT_V=$VERSION_WITHOUT_V" >> $GITHUB_ENV + echo "MAJOR_MINOR=$MAJOR_MINOR" >> $GITHUB_ENV + - name: docker metadata id: image-metadata uses: docker/metadata-action@v5 @@ -84,12 +93,12 @@ jobs: latest=false suffix=-debug tags: | - raw,latest - type=ref,event=branch - type=ref,event=pr - type=ref,event=tag - type=semver,pattern={{version}} - type=semver,pattern={{major}}.{{minor}} + type=raw,value=${{ github.event.inputs.docker_tag_version }} + type=raw,value=v${{ github.event.inputs.docker_tag_version }} + type=raw,value=${{ env.MAJOR_MINOR }} + type=raw,value=v${{ env.MAJOR_MINOR }} + env: + MAJOR_MINOR: ${{ env.MAJOR_MINOR }} - name: Set outputs id: set-outputs diff --git a/.github/workflows/check-fb.yaml b/.github/workflows/check-fb.yaml new file mode 100644 index 000000000..08e9c72d4 --- /dev/null +++ b/.github/workflows/check-fb.yaml @@ -0,0 +1,251 @@ +name: Check Building Fluent Bit image + +on: + workflow_dispatch: + inputs: + docker_tag_version: + description: 'Docker tag version' + required: true + default: '3.0.4' + +env: + DOCKER_REPO: 'kubesphere' + DOCKER_IMAGE: 'fluent-bit' + GITHUB_IMAGE: '${{ github.repository }}/fluent-bit' + +permissions: + contents: read + packages: write + +jobs: + build-prod-image-metadata: + runs-on: ubuntu-latest + name: Build prod image metadata + outputs: + IMG_NAME: ${{ steps.set-outputs.outputs.IMAGE_NAME }} + DOCKER_IMG_NAME: ${{ steps.set-outputs.outputs.DOCKER_IMG_NAME }} + version: ${{ steps.image-metadata.outputs.version }} + tags: ${{ steps.image-metadata.outputs.tags }} + labels: ${{ steps.image-metadata.outputs.labels }} + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Extract version parts + id: extract_version + run: | + VERSION=${{ github.event.inputs.docker_tag_version }} + VERSION_WITHOUT_V=${VERSION#v} + MAJOR_MINOR=$(echo $VERSION_WITHOUT_V | cut -d. -f1-2) + + echo "VERSION_WITHOUT_V=$VERSION_WITHOUT_V" >> $GITHUB_ENV + echo "MAJOR_MINOR=$MAJOR_MINOR" >> $GITHUB_ENV + + - name: docker metadata for building + id: image-metadata + uses: docker/metadata-action@v5 + with: + images: "ghcr.io/${{ env.GITHUB_IMAGE }}" + tags: | + raw,latest + type=raw,value=${{ github.event.inputs.docker_tag_version }} + type=raw,value=v${{ github.event.inputs.docker_tag_version }} + type=raw,value=${{ env.MAJOR_MINOR }} + type=raw,value=v${{ env.MAJOR_MINOR }} + env: + MAJOR_MINOR: ${{ env.MAJOR_MINOR }} + + - name: Set outputs + id: set-outputs + run: | + echo "IMAGE_NAME=${{ env.GITHUB_IMAGE }}" >> $GITHUB_OUTPUT + echo "DOCKER_IMG_NAME=${{env.DOCKER_REPO}}/${{ env.DOCKER_IMAGE }}" >> $GITHUB_OUTPUT + + build-debug-image-metadata: + runs-on: ubuntu-latest + name: Build debug image metadata + outputs: + IMG_NAME: ${{ steps.set-outputs.outputs.IMAGE_NAME }} + DOCKER_IMG_NAME: ${{ steps.set-outputs.outputs.DOCKER_IMG_NAME }} + version: ${{ steps.image-metadata.outputs.version }} + tags: ${{ steps.image-metadata.outputs.tags }} + labels: ${{ steps.image-metadata.outputs.labels }} + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Extract version parts + id: extract_version + run: | + VERSION=${{ github.event.inputs.docker_tag_version }} + VERSION_WITHOUT_V=${VERSION#v} + MAJOR_MINOR=$(echo $VERSION_WITHOUT_V | cut -d. -f1-2) + + echo "VERSION_WITHOUT_V=$VERSION_WITHOUT_V" >> $GITHUB_ENV + echo "MAJOR_MINOR=$MAJOR_MINOR" >> $GITHUB_ENV + + - name: docker metadata + id: image-metadata + uses: docker/metadata-action@v5 + with: + images: "ghcr.io/${{ env.GITHUB_IMAGE }}" + flavor: | + latest=false + suffix=-debug + tags: | + type=raw,value=${{ github.event.inputs.docker_tag_version }} + type=raw,value=v${{ github.event.inputs.docker_tag_version }} + type=raw,value=${{ env.MAJOR_MINOR }} + type=raw,value=v${{ env.MAJOR_MINOR }} + env: + MAJOR_MINOR: ${{ env.MAJOR_MINOR }} + + - name: Set outputs + id: set-outputs + run: | + echo "IMAGE_NAME=${{ env.GITHUB_IMAGE }}" >> $GITHUB_OUTPUT + echo "DOCKER_IMG_NAME=${{env.DOCKER_REPO}}/${{ env.DOCKER_IMAGE }}" >> $GITHUB_OUTPUT + + build-FluentBit-prod-image: + needs: + - build-prod-image-metadata + runs-on: ubuntu-latest + timeout-minutes: 30 + name: Build Fluent Bit prod image + steps: + - name: Install Go + uses: actions/setup-go@v5 + with: + go-version: 1.21 + + - uses: actions/cache@v4 + with: + path: ~/go/pkg/mod + key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} + + - name: Checkout code + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Set up Docker Buildx + id: buildx + uses: docker/setup-buildx-action@v3 + + - name: Build and Push Image for Fluent Bit + id: docker-build + uses: docker/build-push-action@v5 + with: + context: . + file: ./cmd/fluent-watcher/fluentbit/Dockerfile + push: true + platforms: linux/amd64,linux/arm64 + tags: ${{ needs.build-prod-image-metadata.outputs.tags }} + labels: ${{ needs.build-prod-image-metadata.outputs.labels }} + + build-FluentBit-debug-image: + needs: + - build-debug-image-metadata + runs-on: ubuntu-latest + timeout-minutes: 30 + name: Build Fluent Bit debug image + steps: + - name: Install Go + uses: actions/setup-go@v5 + with: + go-version: 1.21 + + - uses: actions/cache@v4 + with: + path: ~/go/pkg/mod + key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} + + - name: Checkout code + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Set up Docker Buildx + id: buildx + uses: docker/setup-buildx-action@v3 + + - name: Build and Push Fluent Bit Debug Image + id: docker-build-debug + uses: docker/build-push-action@v5 + with: + context: . + file: ./cmd/fluent-watcher/fluentbit/Dockerfile.debug + push: true + platforms: linux/amd64,linux/arm64 + tags: ${{ needs.build-debug-image-metadata.outputs.tags }} + labels: ${{ needs.build-debug-image-metadata.outputs.labels }} + + scan-FluentBit-image: + name: Scan prod image + needs: + - build-prod-image-metadata + - build-FluentBit-prod-image + uses: ./.github/workflows/scan-docker-image-action.yaml + with: + source_image: "${{ needs.build-prod-image-metadata.outputs.IMG_NAME }}:${{ needs.build-prod-image-metadata.outputs.version }}" + source_registry: ghcr.io + platforms: "['linux/arm64', 'linux/amd64']" + secrets: + registry_username: ${{ github.actor }} + registry_password: ${{ secrets.GITHUB_TOKEN }} + + release-prod-image-to-docker-hub: + if: ${{ github.event_name != 'pull_request' }} + name: Release prod image to Docker Hub + uses: ./.github/workflows/clone-docker-image-action.yaml + needs: + - build-FluentBit-prod-image + - scan-FluentBit-image + - build-prod-image-metadata + with: + source_image: "${{ needs.build-prod-image-metadata.outputs.IMG_NAME }}:${{ needs.build-prod-image-metadata.outputs.version }}" + source_registry: ghcr.io + target_image: "${{ needs.build-prod-image-metadata.outputs.DOCKER_IMG_NAME }}" + target_registry: docker.io + platforms: "['linux/arm64', 'linux/amd64']" + is_latest: true + secrets: + source_registry_username: ${{ github.actor }} + source_registry_token: ${{ secrets.GITHUB_TOKEN }} + target_registry_username: ${{ secrets.REGISTRY_USER }} + target_registry_token: ${{ secrets.REGISTRY_PASSWORD }} + + release-debug-image-to-docker-hub: + if: ${{ github.event_name != 'pull_request' }} + name: Release debug image to Docker Hub + uses: ./.github/workflows/clone-docker-image-action.yaml + needs: + - build-FluentBit-debug-image + - build-debug-image-metadata + with: + source_image: "${{ needs.build-debug-image-metadata.outputs.IMG_NAME }}:${{ needs.build-debug-image-metadata.outputs.version }}" + source_registry: ghcr.io + target_image: "${{ needs.build-debug-image-metadata.outputs.DOCKER_IMG_NAME }}" + target_registry: docker.io + platforms: "['linux/arm64', 'linux/amd64']" + is_latest: false + suffix: "-debug" + secrets: + source_registry_username: ${{ github.actor }} + source_registry_token: ${{ secrets.GITHUB_TOKEN }} + target_registry_username: ${{ secrets.REGISTRY_USER }} + target_registry_token: ${{ secrets.REGISTRY_PASSWORD }} From 1c7e78c19801c199829c5bb6382a6fd2eae132cd Mon Sep 17 00:00:00 2001 From: Sarath Chandra Oruganti Date: Sun, 26 May 2024 20:09:23 -0400 Subject: [PATCH 2/2] Fluent bit & fluentd image tag Signed-off-by: Sarath Chandra Oruganti --- .github/workflows/build-fb-image.yaml | 37 ++- .github/workflows/build-fd-image.yaml | 136 +++++++--- .github/workflows/build-op-image.yaml | 14 + .github/workflows/check-fb.yaml | 251 ------------------ .../workflows/clone-docker-image-action.yaml | 37 +-- 5 files changed, 159 insertions(+), 316 deletions(-) delete mode 100644 .github/workflows/check-fb.yaml diff --git a/.github/workflows/build-fb-image.yaml b/.github/workflows/build-fb-image.yaml index b3f73fd69..7da1199e5 100644 --- a/.github/workflows/build-fb-image.yaml +++ b/.github/workflows/build-fb-image.yaml @@ -4,7 +4,7 @@ on: workflow_dispatch: inputs: docker_tag_version: - description: 'Docker tag version' + description: 'Fluent Bit image release version' required: true default: '3.0.4' @@ -26,6 +26,7 @@ jobs: DOCKER_IMG_NAME: ${{ steps.set-outputs.outputs.DOCKER_IMG_NAME }} version: ${{ steps.image-metadata.outputs.version }} tags: ${{ steps.image-metadata.outputs.tags }} + release_tags: ${{ steps.image-tags.outputs.tags }} labels: ${{ steps.image-metadata.outputs.labels }} steps: - name: Checkout code @@ -55,6 +56,19 @@ jobs: env: MAJOR_MINOR: ${{ env.MAJOR_MINOR }} + - name: docker tags for cloning + id: image-tags + uses: docker/metadata-action@v5 + with: + tags: | + raw,latest + type=raw,value=${{ github.event.inputs.docker_tag_version }} + type=raw,value=v${{ github.event.inputs.docker_tag_version }} + type=raw,value=${{ env.MAJOR_MINOR }} + type=raw,value=v${{ env.MAJOR_MINOR }} + env: + MAJOR_MINOR: ${{ env.MAJOR_MINOR }} + - name: Set outputs id: set-outputs run: | @@ -70,6 +84,7 @@ jobs: version: ${{ steps.image-metadata.outputs.version }} tags: ${{ steps.image-metadata.outputs.tags }} labels: ${{ steps.image-metadata.outputs.labels }} + release_tags: ${{ steps.image-tags.outputs.tags }} steps: - name: Checkout code uses: actions/checkout@v4 @@ -99,6 +114,21 @@ jobs: type=raw,value=v${{ env.MAJOR_MINOR }} env: MAJOR_MINOR: ${{ env.MAJOR_MINOR }} + + - name: docker tags for cloning + id: image-tags + uses: docker/metadata-action@v5 + with: + flavor: | + latest=false + suffix=-debug + tags: | + type=raw,value=${{ github.event.inputs.docker_tag_version }} + type=raw,value=v${{ github.event.inputs.docker_tag_version }} + type=raw,value=${{ env.MAJOR_MINOR }} + type=raw,value=v${{ env.MAJOR_MINOR }} + env: + MAJOR_MINOR: ${{ env.MAJOR_MINOR }} - name: Set outputs id: set-outputs @@ -222,7 +252,7 @@ jobs: target_image: "${{ needs.build-prod-image-metadata.outputs.DOCKER_IMG_NAME }}" target_registry: docker.io platforms: "['linux/arm64', 'linux/amd64']" - is_latest: true + tags: ${{ needs.build-prod-image-metadata.outputs.release_tags }} secrets: source_registry_username: ${{ github.actor }} source_registry_token: ${{ secrets.GITHUB_TOKEN }} @@ -242,8 +272,7 @@ jobs: target_image: "${{ needs.build-debug-image-metadata.outputs.DOCKER_IMG_NAME }}" target_registry: docker.io platforms: "['linux/arm64', 'linux/amd64']" - is_latest: false - suffix: "-debug" + tags: ${{ needs.build-debug-image-metadata.outputs.release_tags }} secrets: source_registry_username: ${{ github.actor }} source_registry_token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/build-fd-image.yaml b/.github/workflows/build-fd-image.yaml index cb5f7d4cd..6e3275f7d 100644 --- a/.github/workflows/build-fd-image.yaml +++ b/.github/workflows/build-fd-image.yaml @@ -1,16 +1,12 @@ name: Building Fluentd image on: - push: - branches: - - 'master' - tags: - - 'v*' - paths: - - ".github/workflows/build-fd-image.yaml" - - "cmd/fluent-watcher/fluentd/**" - - "cmd/fluent-watcher/hooks/**" - - "pkg/filenotify/**" + workflow_dispatch: + inputs: + docker_tag_version: + description: 'Fluentd image release version' + required: true + default: '1.15.3' env: DOCKER_REPO: 'kubesphere' @@ -34,6 +30,16 @@ jobs: steps: - name: Checkout code uses: actions/checkout@v4 + + - name: Extract version parts + id: extract_version + run: | + VERSION=${{ github.event.inputs.docker_tag_version }} + VERSION_WITHOUT_V=${VERSION#v} + MAJOR_MINOR=$(echo $VERSION_WITHOUT_V | cut -d. -f1-2) + + echo "VERSION_WITHOUT_V=$VERSION_WITHOUT_V" >> $GITHUB_ENV + echo "MAJOR_MINOR=$MAJOR_MINOR" >> $GITHUB_ENV - name: docker metadata for amd64 id: image-metadata @@ -45,11 +51,12 @@ jobs: suffix=-amd64 tags: | raw,latest - type=ref,event=branch - type=ref,event=pr - type=ref,event=tag - type=semver,pattern={{version}} - type=semver,pattern={{major}}.{{minor}} + type=raw,value=${{ github.event.inputs.docker_tag_version }} + type=raw,value=v${{ github.event.inputs.docker_tag_version }} + type=raw,value=${{ env.MAJOR_MINOR }} + type=raw,value=v${{ env.MAJOR_MINOR }} + env: + MAJOR_MINOR: ${{ env.MAJOR_MINOR }} - name: Set outputs id: set-outputs @@ -67,6 +74,16 @@ jobs: steps: - name: Checkout code uses: actions/checkout@v4 + + - name: Extract version parts + id: extract_version + run: | + VERSION=${{ github.event.inputs.docker_tag_version }} + VERSION_WITHOUT_V=${VERSION#v} + MAJOR_MINOR=$(echo $VERSION_WITHOUT_V | cut -d. -f1-2) + + echo "VERSION_WITHOUT_V=$VERSION_WITHOUT_V" >> $GITHUB_ENV + echo "MAJOR_MINOR=$MAJOR_MINOR" >> $GITHUB_ENV - name: docker metadata for arm64 id: image-metadata @@ -78,11 +95,12 @@ jobs: suffix=-arm64 tags: | raw,latest - type=ref,event=branch - type=ref,event=pr - type=ref,event=tag - type=semver,pattern={{version}} - type=semver,pattern={{major}}.{{minor}} + type=raw,value=${{ github.event.inputs.docker_tag_version }} + type=raw,value=v${{ github.event.inputs.docker_tag_version }} + type=raw,value=${{ env.MAJOR_MINOR }} + type=raw,value=v${{ env.MAJOR_MINOR }} + env: + MAJOR_MINOR: ${{ env.MAJOR_MINOR }} - name: Set outputs id: set-outputs @@ -98,9 +116,20 @@ jobs: version: ${{ steps.image-metadata.outputs.version }} tags: ${{ steps.image-metadata.outputs.tags }} labels: ${{ steps.image-metadata.outputs.labels }} + release_tags: ${{ steps.image-tags.outputs.tags }} steps: - name: Checkout code uses: actions/checkout@v4 + + - name: Extract version parts + id: extract_version + run: | + VERSION=${{ github.event.inputs.docker_tag_version }} + VERSION_WITHOUT_V=${VERSION#v} + MAJOR_MINOR=$(echo $VERSION_WITHOUT_V | cut -d. -f1-2) + + echo "VERSION_WITHOUT_V=$VERSION_WITHOUT_V" >> $GITHUB_ENV + echo "MAJOR_MINOR=$MAJOR_MINOR" >> $GITHUB_ENV - name: docker metadata for arm64 base image id: image-metadata @@ -111,12 +140,26 @@ jobs: latest=false suffix=-arm64-base tags: | - raw,latest - type=ref,event=branch - type=ref,event=pr - type=ref,event=tag - type=semver,pattern={{version}} - type=semver,pattern={{major}}.{{minor}} + type=raw,value=${{ github.event.inputs.docker_tag_version }} + type=raw,value=v${{ github.event.inputs.docker_tag_version }} + type=raw,value=${{ env.MAJOR_MINOR }} + type=raw,value=v${{ env.MAJOR_MINOR }} + env: + MAJOR_MINOR: ${{ env.MAJOR_MINOR }} + - name: docker metadata for arm64 base image + id: image-tags + uses: docker/metadata-action@v5 + with: + flavor: | + latest=false + suffix=-arm64-base + tags: | + type=raw,value=${{ github.event.inputs.docker_tag_version }} + type=raw,value=v${{ github.event.inputs.docker_tag_version }} + type=raw,value=${{ env.MAJOR_MINOR }} + type=raw,value=v${{ env.MAJOR_MINOR }} + env: + MAJOR_MINOR: ${{ env.MAJOR_MINOR }} - name: Set outputs id: set-outputs @@ -221,8 +264,7 @@ jobs: target_image: "${{ needs.build-arm64-base-image-metadata.outputs.DOCKER_IMG_NAME }}" target_registry: docker.io platforms: "['linux/arm64']" - is_latest: false - suffix: "-arm64-base" + tags: ${{ needs.build-arm64-base-image-metadata.outputs.release_tags }} secrets: source_registry_username: ${{ github.actor }} source_registry_token: ${{ secrets.GITHUB_TOKEN }} @@ -291,12 +333,24 @@ jobs: version: ${{ steps.image-metadata.outputs.version }} tags: ${{ steps.image-metadata.outputs.tags }} labels: ${{ steps.image-metadata.outputs.labels }} + release_tags: ${{ steps.image-tags.outputs.tags }} + steps: - uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract version parts + id: extract_version + run: | + VERSION=${{ github.event.inputs.docker_tag_version }} + VERSION_WITHOUT_V=${VERSION#v} + MAJOR_MINOR=$(echo $VERSION_WITHOUT_V | cut -d. -f1-2) + + echo "VERSION_WITHOUT_V=$VERSION_WITHOUT_V" >> $GITHUB_ENV + echo "MAJOR_MINOR=$MAJOR_MINOR" >> $GITHUB_ENV - name: docker metadata for manifest id: image-metadata @@ -304,12 +358,24 @@ jobs: with: images: "ghcr.io/${{ env.GITHUB_IMAGE }}" tags: | - raw,latest - type=ref,event=branch - type=ref,event=pr - type=ref,event=tag - type=semver,pattern={{version}} - type=semver,pattern={{major}}.{{minor}} + type=raw,value=${{ github.event.inputs.docker_tag_version }} + type=raw,value=v${{ github.event.inputs.docker_tag_version }} + type=raw,value=${{ env.MAJOR_MINOR }} + type=raw,value=v${{ env.MAJOR_MINOR }} + env: + MAJOR_MINOR: ${{ env.MAJOR_MINOR }} + + - name: docker tags for cloning + id: image-tags + uses: docker/metadata-action@v5 + with: + tags: | + type=raw,value=${{ github.event.inputs.docker_tag_version }} + type=raw,value=v${{ github.event.inputs.docker_tag_version }} + type=raw,value=${{ env.MAJOR_MINOR }} + type=raw,value=v${{ env.MAJOR_MINOR }} + env: + MAJOR_MINOR: ${{ env.MAJOR_MINOR }} - name: Set outputs id: set-outputs @@ -352,7 +418,7 @@ jobs: target_image: "${{ needs.prod-image-manifest.outputs.DOCKER_IMG_NAME }}" target_registry: docker.io platforms: "['linux/arm64', 'linux/amd64']" - is_latest: true + tags: ${{ needs.prod-image-manifest.outputs.release_tags }} secrets: source_registry_username: ${{ github.actor }} source_registry_token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/build-op-image.yaml b/.github/workflows/build-op-image.yaml index ed497f5ab..41cb5237e 100644 --- a/.github/workflows/build-op-image.yaml +++ b/.github/workflows/build-op-image.yaml @@ -53,6 +53,7 @@ jobs: version: ${{ steps.image-metadata.outputs.version }} tags: ${{ steps.image-metadata.outputs.tags }} labels: ${{ steps.image-metadata.outputs.labels }} + release_tags: ${{ steps.image-tags.outputs.tags }} steps: - name: Checkout code @@ -71,6 +72,18 @@ jobs: type=semver,pattern={{version}} type=semver,pattern={{major}}.{{minor}} + - name: docker tags for cloning + id: image-tags + uses: docker/metadata-action@v5 + with: + tags: | + raw,latest + type=ref,event=branch + type=ref,event=pr + type=ref,event=tag + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} + - name: Set outputs id: set-outputs run: | @@ -140,6 +153,7 @@ jobs: target_image: "${{ needs.build-image-metadata.outputs.DOCKER_IMG_NAME }}" target_registry: docker.io platforms: "['linux/arm64', 'linux/amd64']" + tags: ${{ needs.build-image-metadata.outputs.release_tags }} secrets: source_registry_username: ${{ github.actor }} source_registry_token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/check-fb.yaml b/.github/workflows/check-fb.yaml deleted file mode 100644 index 08e9c72d4..000000000 --- a/.github/workflows/check-fb.yaml +++ /dev/null @@ -1,251 +0,0 @@ -name: Check Building Fluent Bit image - -on: - workflow_dispatch: - inputs: - docker_tag_version: - description: 'Docker tag version' - required: true - default: '3.0.4' - -env: - DOCKER_REPO: 'kubesphere' - DOCKER_IMAGE: 'fluent-bit' - GITHUB_IMAGE: '${{ github.repository }}/fluent-bit' - -permissions: - contents: read - packages: write - -jobs: - build-prod-image-metadata: - runs-on: ubuntu-latest - name: Build prod image metadata - outputs: - IMG_NAME: ${{ steps.set-outputs.outputs.IMAGE_NAME }} - DOCKER_IMG_NAME: ${{ steps.set-outputs.outputs.DOCKER_IMG_NAME }} - version: ${{ steps.image-metadata.outputs.version }} - tags: ${{ steps.image-metadata.outputs.tags }} - labels: ${{ steps.image-metadata.outputs.labels }} - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Extract version parts - id: extract_version - run: | - VERSION=${{ github.event.inputs.docker_tag_version }} - VERSION_WITHOUT_V=${VERSION#v} - MAJOR_MINOR=$(echo $VERSION_WITHOUT_V | cut -d. -f1-2) - - echo "VERSION_WITHOUT_V=$VERSION_WITHOUT_V" >> $GITHUB_ENV - echo "MAJOR_MINOR=$MAJOR_MINOR" >> $GITHUB_ENV - - - name: docker metadata for building - id: image-metadata - uses: docker/metadata-action@v5 - with: - images: "ghcr.io/${{ env.GITHUB_IMAGE }}" - tags: | - raw,latest - type=raw,value=${{ github.event.inputs.docker_tag_version }} - type=raw,value=v${{ github.event.inputs.docker_tag_version }} - type=raw,value=${{ env.MAJOR_MINOR }} - type=raw,value=v${{ env.MAJOR_MINOR }} - env: - MAJOR_MINOR: ${{ env.MAJOR_MINOR }} - - - name: Set outputs - id: set-outputs - run: | - echo "IMAGE_NAME=${{ env.GITHUB_IMAGE }}" >> $GITHUB_OUTPUT - echo "DOCKER_IMG_NAME=${{env.DOCKER_REPO}}/${{ env.DOCKER_IMAGE }}" >> $GITHUB_OUTPUT - - build-debug-image-metadata: - runs-on: ubuntu-latest - name: Build debug image metadata - outputs: - IMG_NAME: ${{ steps.set-outputs.outputs.IMAGE_NAME }} - DOCKER_IMG_NAME: ${{ steps.set-outputs.outputs.DOCKER_IMG_NAME }} - version: ${{ steps.image-metadata.outputs.version }} - tags: ${{ steps.image-metadata.outputs.tags }} - labels: ${{ steps.image-metadata.outputs.labels }} - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Extract version parts - id: extract_version - run: | - VERSION=${{ github.event.inputs.docker_tag_version }} - VERSION_WITHOUT_V=${VERSION#v} - MAJOR_MINOR=$(echo $VERSION_WITHOUT_V | cut -d. -f1-2) - - echo "VERSION_WITHOUT_V=$VERSION_WITHOUT_V" >> $GITHUB_ENV - echo "MAJOR_MINOR=$MAJOR_MINOR" >> $GITHUB_ENV - - - name: docker metadata - id: image-metadata - uses: docker/metadata-action@v5 - with: - images: "ghcr.io/${{ env.GITHUB_IMAGE }}" - flavor: | - latest=false - suffix=-debug - tags: | - type=raw,value=${{ github.event.inputs.docker_tag_version }} - type=raw,value=v${{ github.event.inputs.docker_tag_version }} - type=raw,value=${{ env.MAJOR_MINOR }} - type=raw,value=v${{ env.MAJOR_MINOR }} - env: - MAJOR_MINOR: ${{ env.MAJOR_MINOR }} - - - name: Set outputs - id: set-outputs - run: | - echo "IMAGE_NAME=${{ env.GITHUB_IMAGE }}" >> $GITHUB_OUTPUT - echo "DOCKER_IMG_NAME=${{env.DOCKER_REPO}}/${{ env.DOCKER_IMAGE }}" >> $GITHUB_OUTPUT - - build-FluentBit-prod-image: - needs: - - build-prod-image-metadata - runs-on: ubuntu-latest - timeout-minutes: 30 - name: Build Fluent Bit prod image - steps: - - name: Install Go - uses: actions/setup-go@v5 - with: - go-version: 1.21 - - - uses: actions/cache@v4 - with: - path: ~/go/pkg/mod - key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} - - - name: Checkout code - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Login to GitHub Container Registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Set up Docker Buildx - id: buildx - uses: docker/setup-buildx-action@v3 - - - name: Build and Push Image for Fluent Bit - id: docker-build - uses: docker/build-push-action@v5 - with: - context: . - file: ./cmd/fluent-watcher/fluentbit/Dockerfile - push: true - platforms: linux/amd64,linux/arm64 - tags: ${{ needs.build-prod-image-metadata.outputs.tags }} - labels: ${{ needs.build-prod-image-metadata.outputs.labels }} - - build-FluentBit-debug-image: - needs: - - build-debug-image-metadata - runs-on: ubuntu-latest - timeout-minutes: 30 - name: Build Fluent Bit debug image - steps: - - name: Install Go - uses: actions/setup-go@v5 - with: - go-version: 1.21 - - - uses: actions/cache@v4 - with: - path: ~/go/pkg/mod - key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} - - - name: Checkout code - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Login to GitHub Container Registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Set up Docker Buildx - id: buildx - uses: docker/setup-buildx-action@v3 - - - name: Build and Push Fluent Bit Debug Image - id: docker-build-debug - uses: docker/build-push-action@v5 - with: - context: . - file: ./cmd/fluent-watcher/fluentbit/Dockerfile.debug - push: true - platforms: linux/amd64,linux/arm64 - tags: ${{ needs.build-debug-image-metadata.outputs.tags }} - labels: ${{ needs.build-debug-image-metadata.outputs.labels }} - - scan-FluentBit-image: - name: Scan prod image - needs: - - build-prod-image-metadata - - build-FluentBit-prod-image - uses: ./.github/workflows/scan-docker-image-action.yaml - with: - source_image: "${{ needs.build-prod-image-metadata.outputs.IMG_NAME }}:${{ needs.build-prod-image-metadata.outputs.version }}" - source_registry: ghcr.io - platforms: "['linux/arm64', 'linux/amd64']" - secrets: - registry_username: ${{ github.actor }} - registry_password: ${{ secrets.GITHUB_TOKEN }} - - release-prod-image-to-docker-hub: - if: ${{ github.event_name != 'pull_request' }} - name: Release prod image to Docker Hub - uses: ./.github/workflows/clone-docker-image-action.yaml - needs: - - build-FluentBit-prod-image - - scan-FluentBit-image - - build-prod-image-metadata - with: - source_image: "${{ needs.build-prod-image-metadata.outputs.IMG_NAME }}:${{ needs.build-prod-image-metadata.outputs.version }}" - source_registry: ghcr.io - target_image: "${{ needs.build-prod-image-metadata.outputs.DOCKER_IMG_NAME }}" - target_registry: docker.io - platforms: "['linux/arm64', 'linux/amd64']" - is_latest: true - secrets: - source_registry_username: ${{ github.actor }} - source_registry_token: ${{ secrets.GITHUB_TOKEN }} - target_registry_username: ${{ secrets.REGISTRY_USER }} - target_registry_token: ${{ secrets.REGISTRY_PASSWORD }} - - release-debug-image-to-docker-hub: - if: ${{ github.event_name != 'pull_request' }} - name: Release debug image to Docker Hub - uses: ./.github/workflows/clone-docker-image-action.yaml - needs: - - build-FluentBit-debug-image - - build-debug-image-metadata - with: - source_image: "${{ needs.build-debug-image-metadata.outputs.IMG_NAME }}:${{ needs.build-debug-image-metadata.outputs.version }}" - source_registry: ghcr.io - target_image: "${{ needs.build-debug-image-metadata.outputs.DOCKER_IMG_NAME }}" - target_registry: docker.io - platforms: "['linux/arm64', 'linux/amd64']" - is_latest: false - suffix: "-debug" - secrets: - source_registry_username: ${{ github.actor }} - source_registry_token: ${{ secrets.GITHUB_TOKEN }} - target_registry_username: ${{ secrets.REGISTRY_USER }} - target_registry_token: ${{ secrets.REGISTRY_PASSWORD }} diff --git a/.github/workflows/clone-docker-image-action.yaml b/.github/workflows/clone-docker-image-action.yaml index 5547eb3c2..2f769e283 100644 --- a/.github/workflows/clone-docker-image-action.yaml +++ b/.github/workflows/clone-docker-image-action.yaml @@ -24,16 +24,10 @@ required: false type: string default: '["linux/arm64", "linux/amd64"]' - suffix: - description: 'The suffix to append to the target image' + tags: + description: 'The tags to apply to the target image' required: false type: string - default: '' - is_latest: - description: 'Whether to tag the image as latest' - required: false - type: boolean - default: false secrets: source_registry_token: description: The Github token or similar to authenticate with for the registry. @@ -73,27 +67,17 @@ outputs: tags: ${{ steps.tags-converter.outputs.TAGS }} steps: - - name: docker metadata for tags - id: tags-metadata - uses: docker/metadata-action@v5 - with: - flavor: | - latest=${{ inputs.is_latest }} - suffix=${{ inputs.suffix }} - tags: | - raw,latest - type=ref,event=branch - type=ref,event=pr - type=ref,event=tag - type=semver,pattern={{version}} - type=semver,pattern={{major}}.{{minor}} + - name: determine tags + id: display-tags + run: | + echo "input tags: ${{ inputs.tags }}" - name: Convert tags to JSON array id: tags-converter run: | # Get the line-separated list of tags - TAGS="${{ steps.tags-metadata.outputs.tags }}" + TAGS="${{ inputs.tags }}" # Initialize an empty array JSON_TAGS="[" @@ -103,11 +87,12 @@ JSON_TAGS+="\"$tag\"," done <<< "$TAGS" - # print the JSON array - echo "TAGS=$JSON_TAGS" - # Remove the trailing comma and close the array JSON_TAGS="${JSON_TAGS%,}]" + + # print the JSON array + echo "TAGS=$JSON_TAGS" + # Output the JSON array echo "TAGS=$JSON_TAGS" >> $GITHUB_OUTPUT