Merge pull request #1473 from rabbitmq/dependabot/go_modules/golang.o… #438
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build, Test, Publish Image & Manifest | |
on: | |
push: | |
branches: [ "main" ] | |
paths-ignore: | |
- 'docs/**' | |
- '*.md' | |
- 'LICENSE.txt' | |
- 'PROJECT' | |
tags: [ "v*" ] | |
pull_request: | |
branches: [ "main" ] | |
env: | |
GO_VERSION: ~1.20 | |
# Taken from https://github.com/kubernetes-sigs/kind/releases/tag/v0.18.0 | |
# The image here should be listed under 'Images built for this release' for the version of kind in go.mod | |
KIND_NODE_IMAGE: "kindest/node:v1.26.3@sha256:61b92f38dff6ccc29969e7aa154d34e38b89443af1a2c14e6cfbd2df6419c66f" | |
KIND_OLDEST_NODE_IMAGE: "kindest/node:v1.19.16@sha256:81f552397c1e6c1f293f967ecb1344d8857613fb978f963c30e907c32f598467" | |
BASELINE_UPGRADE_VERSION: v2.1.0 | |
jobs: | |
kubectl_tests: | |
name: kubectl rabbitmq tests | |
runs-on: ubuntu-latest | |
steps: | |
- name: Install Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
check-latest: true | |
- name: Install Bats | |
run: | | |
git clone https://github.com/bats-core/bats-core.git "$HOME"/bats-core | |
cd "$HOME"/bats-core | |
sudo ./install.sh /usr/local | |
- name: Check out code into the Go module directory | |
uses: actions/checkout@v4 | |
- name: kubectl rabbitmq tests | |
run: | | |
make install-tools | |
kind create cluster --image "${{ env.KIND_NODE_IMAGE }}" | |
DOCKER_REGISTRY_SERVER=local-server OPERATOR_IMAGE=local-operator make deploy-kind kubectl-plugin-tests | |
unit_integration_tests: | |
name: unit and integration tests | |
runs-on: ubuntu-latest | |
container: us.gcr.io/cf-rabbitmq-for-k8s-bunny/rabbitmq-for-kubernetes-ci | |
steps: | |
- name: Install Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
check-latest: true | |
- name: Check out code into the Go module directory | |
uses: actions/checkout@v4 | |
- name: Unit tests | |
run: make unit-tests | |
- name: Integration tests | |
run: make integration-tests | |
build_operator: | |
runs-on: ubuntu-latest | |
needs: unit_integration_tests | |
permissions: | |
contents: 'write' | |
id-token: 'write' | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Install Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
check-latest: true | |
- name: OCI Metadata for multi-arch image | |
id: meta | |
uses: docker/metadata-action@v5 | |
with: | |
# list of Docker images to use as base name for tags | |
images: | | |
rabbitmqoperator/cluster-operator | |
quay.io/rabbitmqoperator/cluster-operator | |
# generate Docker tags based on the following events/attributes | |
tags: | | |
type=sha | |
type=ref,event=pr | |
type=semver,pattern={{version}} | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Login to Docker Hub | |
if: github.event_name != 'pull_request' | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: Login to Quay.io | |
if: github.event_name != 'pull_request' | |
uses: docker/login-action@v3 | |
with: | |
registry: quay.io | |
username: ${{ secrets.QUAY_USERNAME }} | |
password: ${{ secrets.QUAY_ROBOT_TOKEN }} | |
- name: Build and push | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
platforms: linux/amd64, linux/arm64, linux/ppc64le, linux/s390x | |
push: ${{ github.event_name != 'pull_request' }} | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
- name: OCI Metadata for single-arch amd64 image | |
if: github.event_name != 'pull_request' | |
#if: startsWith(github.ref, 'refs/tags/v') | |
id: single-arch-meta-amd64 | |
uses: docker/metadata-action@v5 | |
with: | |
# list of Docker images to use as base name for tags | |
images: | | |
rabbitmqoperator/cluster-operator | |
flavor: | | |
latest=false | |
# generate Docker tags based on the following events/attributes | |
tags: | | |
type=semver,pattern={{version}},suffix=-amd64,latest=false | |
type=sha,suffix=-amd64,latest=false | |
- name: Build and push single-arch amd64 image | |
if: github.event_name != 'pull_request' | |
#if: startsWith(github.ref, 'refs/tags/v') | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
platforms: linux/amd64 | |
push: ${{ github.event_name != 'pull_request' }} | |
tags: ${{ steps.single-arch-meta-amd64.outputs.tags }} | |
labels: ${{ steps.single-arch-meta-amd64.outputs.labels }} | |
- name: OCI Metadata for single-arch arm64 image | |
if: github.event_name != 'pull_request' | |
#if: startsWith(github.ref, 'refs/tags/v') | |
id: single-arch-meta-arm64 | |
uses: docker/metadata-action@v5 | |
with: | |
# list of Docker images to use as base name for tags | |
images: | | |
rabbitmqoperator/cluster-operator | |
flavor: | | |
latest=false | |
# generate Docker tags based on the following events/attributes | |
tags: | | |
type=semver,pattern={{version}},suffix=-arm64,latest=false | |
type=sha,suffix=-arm64,latest=false | |
- name: Build and push single-arch arm64 image | |
if: github.event_name != 'pull_request' | |
#if: startsWith(github.ref, 'refs/tags/v') | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
platforms: linux/arm64 | |
push: ${{ github.event_name != 'pull_request' }} | |
tags: ${{ steps.single-arch-meta-arm64.outputs.tags }} | |
labels: ${{ steps.single-arch-meta-arm64.outputs.labels }} | |
- name: Build manifest | |
if: github.event_name != 'pull_request' | |
env: | |
RELEASE_VERSION: ${{ steps.meta.outputs.version }} | |
run: | | |
make install-tools | |
pushd config/installation | |
kustomize edit set image rabbitmqoperator/cluster-operator-dev=rabbitmqoperator/cluster-operator:"${RELEASE_VERSION}" | |
popd | |
make generate-installation-manifest QUAY_IO_OPERATOR_IMAGE=quay.io/rabbitmqoperator/cluster-operator:"${RELEASE_VERSION}" | |
- name: Upload operator manifests | |
if: github.event_name != 'pull_request' | |
uses: actions/upload-artifact@v3 | |
with: | |
name: operator-manifests | |
path: releases/cluster-operator*.yml | |
retention-days: 2 | |
if-no-files-found: error | |
- name: Rename manifest for GCS | |
if: github.event_name != 'pull_request' | |
run: mv releases/cluster-operator.yml cluster-operator-${{ steps.meta.outputs.version }}.yml | |
- id: 'auth' | |
name: Auth to Google Cloud | |
if: github.event_name != 'pull_request' | |
uses: 'google-github-actions/auth@v1' | |
with: | |
workload_identity_provider: ${{ secrets.GCP_IDENTITY_PROVIDER }} | |
service_account: ${{ secrets.GCP_SA }} | |
- name: Upload manifests to GCS | |
if: github.event_name != 'pull_request' | |
uses: 'google-github-actions/upload-cloud-storage@v1' | |
with: | |
path: cluster-operator-${{ steps.meta.outputs.version }}.yml | |
destination: operator-manifests-dev | |
system_tests_local: | |
name: Local system tests (using KinD) | |
runs-on: ubuntu-latest | |
if: ${{ github.event_name == 'pull_request' }} | |
needs: build_operator | |
strategy: | |
matrix: | |
rabbitmq-image: | |
- rabbitmq:3.9.9-management | |
- rabbitmq:management | |
- pivotalrabbitmq/rabbitmq:main-otp-min-bazel | |
- pivotalrabbitmq/rabbitmq:main-otp-max-bazel | |
steps: | |
- name: Install Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
check-latest: true | |
- name: Check out code into the Go module directory | |
uses: actions/checkout@v4 | |
- name: System tests | |
env: | |
KIND_NODE_IMAGE: ${{ env.KIND_NODE_IMAGE }} | |
RABBITMQ_IMAGE: ${{ matrix.rabbitmq-image }} | |
run: | | |
make install-tools | |
kind create cluster --image "$KIND_NODE_IMAGE" | |
DOCKER_REGISTRY_SERVER=local-server OPERATOR_IMAGE=local-operator make deploy-kind | |
make cert-manager | |
SUPPORT_VOLUME_EXPANSION=false make system-tests | |
- name: Dry-run example YAMLs | |
run: | | |
for a in docs/examples/*/*.y*ml; do | |
manifest_path="$manifest_path -f $a" | |
done | |
# The examples are assumed to run in the 'examples' namespace, create if it doesn't exist | |
kubectl create namespace examples --dry-run=client -o yaml | kubectl apply -f - | |
kubectl --namespace=examples apply --dry-run=server $manifest_path | |
system_tests_119: | |
name: Local system tests (using KinD) | |
runs-on: ubuntu-latest | |
if: ${{ github.event_name == 'pull_request' }} | |
needs: build_operator | |
strategy: | |
matrix: | |
rabbitmq-image: | |
- rabbitmq:3.9.9-management | |
- rabbitmq:management | |
steps: | |
- name: Install Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
check-latest: true | |
- name: Check out code into the Go module directory | |
uses: actions/checkout@v4 | |
- name: System tests | |
env: | |
KIND_NODE_IMAGE: ${{ env.KIND_OLDEST_NODE_IMAGE }} | |
RABBITMQ_IMAGE: ${{ matrix.rabbitmq-image }} | |
run: | | |
make install-tools | |
kind create cluster --image "$KIND_NODE_IMAGE" | |
DOCKER_REGISTRY_SERVER=local-server OPERATOR_IMAGE=local-operator make deploy-kind | |
make cert-manager | |
SUPPORT_VOLUME_EXPANSION=false make system-tests | |
system_tests: | |
name: System tests | |
runs-on: ubuntu-latest | |
container: us.gcr.io/cf-rabbitmq-for-k8s-bunny/rabbitmq-for-kubernetes-ci | |
if: ${{ github.event_name != 'pull_request' }} | |
# Add "id-token" with the intended permissions. | |
permissions: | |
contents: 'write' | |
id-token: 'write' | |
needs: build_operator | |
strategy: | |
matrix: | |
rabbitmq-image: | |
- rabbitmq:3.9.9-management | |
- rabbitmq:management | |
- pivotalrabbitmq/rabbitmq:main-otp-min-bazel | |
- pivotalrabbitmq/rabbitmq:main-otp-max-bazel | |
include: | |
- rabbitmq-image: rabbitmq:3.9.9-management | |
gke-cluster: ci-bunny-1 | |
- rabbitmq-image: rabbitmq:management | |
gke-cluster: ci-bunny-1 | |
- rabbitmq-image: pivotalrabbitmq/rabbitmq:main-otp-min-bazel | |
gke-cluster: ci-bunny-2 | |
- rabbitmq-image: pivotalrabbitmq/rabbitmq:main-otp-max-bazel | |
gke-cluster: ci-bunny-2 | |
steps: | |
- name: Install Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
check-latest: true | |
- name: Check out code into the Go module directory | |
uses: actions/checkout@v4 | |
- name: Acquire lock for ${{ matrix.gke-cluster }} | |
uses: ben-z/gh-action-mutex@9709ba4d8596ad4f9f8bbe8e0f626ae249b1b3ac | |
with: | |
branch: lock-${{ matrix.gke-cluster }} | |
- id: 'auth' | |
uses: 'google-github-actions/auth@v1' | |
with: | |
workload_identity_provider: ${{ secrets.GCP_IDENTITY_PROVIDER }} | |
service_account: ${{ secrets.GCP_SA }} | |
- id: 'get-credentials' | |
uses: 'google-github-actions/get-gke-credentials@v1' | |
with: | |
cluster_name: ${{ matrix.gke-cluster }} | |
location: europe-west1 | |
- name: Get operator manifest | |
uses: actions/download-artifact@v3 | |
with: | |
name: operator-manifests | |
- name: Install Operator build | |
run: | | |
make install-tools | |
make destroy | |
kubectl apply -f cluster-operator.yml | |
kubectl --namespace=rabbitmq-system wait --for=condition=Available deployment/rabbitmq-cluster-operator | |
- name: System tests | |
env: | |
RABBITMQ_IMAGE: ${{ matrix.rabbitmq-image }} | |
run: | | |
make system-tests | |
test_doc_examples: | |
name: Documented example tests | |
runs-on: ubuntu-latest | |
container: us.gcr.io/cf-rabbitmq-for-k8s-bunny/rabbitmq-for-kubernetes-ci | |
if: ${{ github.event_name != 'pull_request' }} | |
# Add "id-token" with the intended permissions. | |
permissions: | |
contents: 'write' | |
id-token: 'write' | |
needs: build_operator | |
steps: | |
- name: Install Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
check-latest: true | |
- name: Check out code into the Go module directory | |
uses: actions/checkout@v4 | |
- name: Acquire lock for ci-bunny-2 | |
uses: ben-z/gh-action-mutex@9709ba4d8596ad4f9f8bbe8e0f626ae249b1b3ac | |
with: | |
branch: lock-ci-bunny-2 | |
- id: 'auth' | |
uses: 'google-github-actions/auth@v1' | |
with: | |
workload_identity_provider: ${{ secrets.GCP_IDENTITY_PROVIDER }} | |
service_account: ${{ secrets.GCP_SA }} | |
- id: 'get-credentials' | |
uses: 'google-github-actions/get-gke-credentials@v1' | |
with: | |
cluster_name: ci-bunny-2 | |
location: europe-west1 | |
- name: Get operator manifest | |
uses: actions/download-artifact@v3 | |
with: | |
name: operator-manifests | |
- name: Install Operator build | |
run: | | |
make install-tools | |
make destroy | |
kubectl apply -f cluster-operator.yml | |
kubectl --namespace=rabbitmq-system wait --for=condition=Available deployment/rabbitmq-cluster-operator | |
- name: Documented example tests | |
run: docs/examples/test.sh | |
test_upgrade: | |
name: Test upgrade of the operator | |
runs-on: ubuntu-latest | |
container: us.gcr.io/cf-rabbitmq-for-k8s-bunny/rabbitmq-for-kubernetes-ci | |
if: ${{ github.event_name != 'pull_request' }} | |
# Add "id-token" with the intended permissions. | |
permissions: | |
contents: 'write' | |
id-token: 'write' | |
needs: build_operator | |
steps: | |
- name: Install Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
check-latest: true | |
- name: Check out code into the Go module directory | |
uses: actions/checkout@v4 | |
- name: Acquire lock for ci-bunny-1 | |
uses: ben-z/gh-action-mutex@9709ba4d8596ad4f9f8bbe8e0f626ae249b1b3ac | |
with: | |
branch: lock-ci-bunny-1 | |
- id: 'auth' | |
uses: 'google-github-actions/auth@v1' | |
with: | |
workload_identity_provider: ${{ secrets.GCP_IDENTITY_PROVIDER }} | |
service_account: ${{ secrets.GCP_SA }} | |
- id: 'get-credentials' | |
uses: 'google-github-actions/get-gke-credentials@v1' | |
with: | |
cluster_name: ci-bunny-1 | |
location: europe-west1 | |
- name: Get operator manifest | |
uses: actions/download-artifact@v3 | |
with: | |
name: operator-manifests | |
- name: Test upgrade rollout | |
run: hack/test-upgrade.sh https://github.com/rabbitmq/cluster-operator/releases/download/${{ env.BASELINE_UPGRADE_VERSION }}/cluster-operator.yml cluster-operator.yml release-header.md | |
- name: Upload release header | |
if: github.event_name != 'pull_request' | |
uses: actions/upload-artifact@v3 | |
with: | |
name: release-header | |
path: release-header.md | |
retention-days: 2 | |
if-no-files-found: error | |
release: | |
name: Release to GitHub Releases | |
runs-on: ubuntu-latest | |
if: startsWith(github.ref, 'refs/tags/v') | |
needs: [system_tests, test_doc_examples, test_upgrade] | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Get operator manifest | |
uses: actions/download-artifact@v3 | |
with: | |
name: operator-manifests | |
- name: Get release header | |
uses: actions/download-artifact@v3 | |
with: | |
name: release-header | |
- name: Release | |
uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 | |
if: startsWith(github.ref, 'refs/tags/') | |
with: | |
files: | | |
cluster-operator.yml | |
cluster-operator-quay-io.yml | |
generate_release_notes: true | |
draft: true | |
body_path: release-header.md | |
fail_on_unmatched_files: true |