Skip to content

Merge pull request #1473 from rabbitmq/dependabot/go_modules/golang.o… #438

Merge pull request #1473 from rabbitmq/dependabot/go_modules/golang.o…

Merge pull request #1473 from rabbitmq/dependabot/go_modules/golang.o… #438

name: Build, Test, Publish Image & Manifest
on:
push:
branches: [ "main" ]
paths-ignore:
- 'docs/**'
- '*.md'
- 'LICENSE.txt'
- 'PROJECT'
tags: [ "v*" ]
pull_request:
branches: [ "main" ]
env:
GO_VERSION: ~1.20
# Taken from https://github.com/kubernetes-sigs/kind/releases/tag/v0.18.0
# The image here should be listed under 'Images built for this release' for the version of kind in go.mod
KIND_NODE_IMAGE: "kindest/node:v1.26.3@sha256:61b92f38dff6ccc29969e7aa154d34e38b89443af1a2c14e6cfbd2df6419c66f"
KIND_OLDEST_NODE_IMAGE: "kindest/node:v1.19.16@sha256:81f552397c1e6c1f293f967ecb1344d8857613fb978f963c30e907c32f598467"
BASELINE_UPGRADE_VERSION: v2.1.0
jobs:
kubectl_tests:
name: kubectl rabbitmq tests
runs-on: ubuntu-latest
steps:
- name: Install Go
uses: actions/setup-go@v4
with:
go-version: ${{ env.GO_VERSION }}
check-latest: true
- name: Install Bats
run: |
git clone https://github.com/bats-core/bats-core.git "$HOME"/bats-core
cd "$HOME"/bats-core
sudo ./install.sh /usr/local
- name: Check out code into the Go module directory
uses: actions/checkout@v4
- name: kubectl rabbitmq tests
run: |
make install-tools
kind create cluster --image "${{ env.KIND_NODE_IMAGE }}"
DOCKER_REGISTRY_SERVER=local-server OPERATOR_IMAGE=local-operator make deploy-kind kubectl-plugin-tests
unit_integration_tests:
name: unit and integration tests
runs-on: ubuntu-latest
container: us.gcr.io/cf-rabbitmq-for-k8s-bunny/rabbitmq-for-kubernetes-ci
steps:
- name: Install Go
uses: actions/setup-go@v4
with:
go-version: ${{ env.GO_VERSION }}
check-latest: true
- name: Check out code into the Go module directory
uses: actions/checkout@v4
- name: Unit tests
run: make unit-tests
- name: Integration tests
run: make integration-tests
build_operator:
runs-on: ubuntu-latest
needs: unit_integration_tests
permissions:
contents: 'write'
id-token: 'write'
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Install Go
uses: actions/setup-go@v4
with:
go-version: ${{ env.GO_VERSION }}
check-latest: true
- name: OCI Metadata for multi-arch image
id: meta
uses: docker/metadata-action@v5
with:
# list of Docker images to use as base name for tags
images: |
rabbitmqoperator/cluster-operator
quay.io/rabbitmqoperator/cluster-operator
# generate Docker tags based on the following events/attributes
tags: |
type=sha
type=ref,event=pr
type=semver,pattern={{version}}
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Docker Hub
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to Quay.io
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: quay.io
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_ROBOT_TOKEN }}
- name: Build and push
uses: docker/build-push-action@v5
with:
context: .
platforms: linux/amd64, linux/arm64, linux/ppc64le, linux/s390x
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
- name: OCI Metadata for single-arch amd64 image
if: github.event_name != 'pull_request'
#if: startsWith(github.ref, 'refs/tags/v')
id: single-arch-meta-amd64
uses: docker/metadata-action@v5
with:
# list of Docker images to use as base name for tags
images: |
rabbitmqoperator/cluster-operator
flavor: |
latest=false
# generate Docker tags based on the following events/attributes
tags: |
type=semver,pattern={{version}},suffix=-amd64,latest=false
type=sha,suffix=-amd64,latest=false
- name: Build and push single-arch amd64 image
if: github.event_name != 'pull_request'
#if: startsWith(github.ref, 'refs/tags/v')
uses: docker/build-push-action@v5
with:
context: .
platforms: linux/amd64
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.single-arch-meta-amd64.outputs.tags }}
labels: ${{ steps.single-arch-meta-amd64.outputs.labels }}
- name: OCI Metadata for single-arch arm64 image
if: github.event_name != 'pull_request'
#if: startsWith(github.ref, 'refs/tags/v')
id: single-arch-meta-arm64
uses: docker/metadata-action@v5
with:
# list of Docker images to use as base name for tags
images: |
rabbitmqoperator/cluster-operator
flavor: |
latest=false
# generate Docker tags based on the following events/attributes
tags: |
type=semver,pattern={{version}},suffix=-arm64,latest=false
type=sha,suffix=-arm64,latest=false
- name: Build and push single-arch arm64 image
if: github.event_name != 'pull_request'
#if: startsWith(github.ref, 'refs/tags/v')
uses: docker/build-push-action@v5
with:
context: .
platforms: linux/arm64
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.single-arch-meta-arm64.outputs.tags }}
labels: ${{ steps.single-arch-meta-arm64.outputs.labels }}
- name: Build manifest
if: github.event_name != 'pull_request'
env:
RELEASE_VERSION: ${{ steps.meta.outputs.version }}
run: |
make install-tools
pushd config/installation
kustomize edit set image rabbitmqoperator/cluster-operator-dev=rabbitmqoperator/cluster-operator:"${RELEASE_VERSION}"
popd
make generate-installation-manifest QUAY_IO_OPERATOR_IMAGE=quay.io/rabbitmqoperator/cluster-operator:"${RELEASE_VERSION}"
- name: Upload operator manifests
if: github.event_name != 'pull_request'
uses: actions/upload-artifact@v3
with:
name: operator-manifests
path: releases/cluster-operator*.yml
retention-days: 2
if-no-files-found: error
- name: Rename manifest for GCS
if: github.event_name != 'pull_request'
run: mv releases/cluster-operator.yml cluster-operator-${{ steps.meta.outputs.version }}.yml
- id: 'auth'
name: Auth to Google Cloud
if: github.event_name != 'pull_request'
uses: 'google-github-actions/auth@v1'
with:
workload_identity_provider: ${{ secrets.GCP_IDENTITY_PROVIDER }}
service_account: ${{ secrets.GCP_SA }}
- name: Upload manifests to GCS
if: github.event_name != 'pull_request'
uses: 'google-github-actions/upload-cloud-storage@v1'
with:
path: cluster-operator-${{ steps.meta.outputs.version }}.yml
destination: operator-manifests-dev
system_tests_local:
name: Local system tests (using KinD)
runs-on: ubuntu-latest
if: ${{ github.event_name == 'pull_request' }}
needs: build_operator
strategy:
matrix:
rabbitmq-image:
- rabbitmq:3.9.9-management
- rabbitmq:management
- pivotalrabbitmq/rabbitmq:main-otp-min-bazel
- pivotalrabbitmq/rabbitmq:main-otp-max-bazel
steps:
- name: Install Go
uses: actions/setup-go@v4
with:
go-version: ${{ env.GO_VERSION }}
check-latest: true
- name: Check out code into the Go module directory
uses: actions/checkout@v4
- name: System tests
env:
KIND_NODE_IMAGE: ${{ env.KIND_NODE_IMAGE }}
RABBITMQ_IMAGE: ${{ matrix.rabbitmq-image }}
run: |
make install-tools
kind create cluster --image "$KIND_NODE_IMAGE"
DOCKER_REGISTRY_SERVER=local-server OPERATOR_IMAGE=local-operator make deploy-kind
make cert-manager
SUPPORT_VOLUME_EXPANSION=false make system-tests
- name: Dry-run example YAMLs
run: |
for a in docs/examples/*/*.y*ml; do
manifest_path="$manifest_path -f $a"
done
# The examples are assumed to run in the 'examples' namespace, create if it doesn't exist
kubectl create namespace examples --dry-run=client -o yaml | kubectl apply -f -
kubectl --namespace=examples apply --dry-run=server $manifest_path
system_tests_119:
name: Local system tests (using KinD)
runs-on: ubuntu-latest
if: ${{ github.event_name == 'pull_request' }}
needs: build_operator
strategy:
matrix:
rabbitmq-image:
- rabbitmq:3.9.9-management
- rabbitmq:management
steps:
- name: Install Go
uses: actions/setup-go@v4
with:
go-version: ${{ env.GO_VERSION }}
check-latest: true
- name: Check out code into the Go module directory
uses: actions/checkout@v4
- name: System tests
env:
KIND_NODE_IMAGE: ${{ env.KIND_OLDEST_NODE_IMAGE }}
RABBITMQ_IMAGE: ${{ matrix.rabbitmq-image }}
run: |
make install-tools
kind create cluster --image "$KIND_NODE_IMAGE"
DOCKER_REGISTRY_SERVER=local-server OPERATOR_IMAGE=local-operator make deploy-kind
make cert-manager
SUPPORT_VOLUME_EXPANSION=false make system-tests
system_tests:
name: System tests
runs-on: ubuntu-latest
container: us.gcr.io/cf-rabbitmq-for-k8s-bunny/rabbitmq-for-kubernetes-ci
if: ${{ github.event_name != 'pull_request' }}
# Add "id-token" with the intended permissions.
permissions:
contents: 'write'
id-token: 'write'
needs: build_operator
strategy:
matrix:
rabbitmq-image:
- rabbitmq:3.9.9-management
- rabbitmq:management
- pivotalrabbitmq/rabbitmq:main-otp-min-bazel
- pivotalrabbitmq/rabbitmq:main-otp-max-bazel
include:
- rabbitmq-image: rabbitmq:3.9.9-management
gke-cluster: ci-bunny-1
- rabbitmq-image: rabbitmq:management
gke-cluster: ci-bunny-1
- rabbitmq-image: pivotalrabbitmq/rabbitmq:main-otp-min-bazel
gke-cluster: ci-bunny-2
- rabbitmq-image: pivotalrabbitmq/rabbitmq:main-otp-max-bazel
gke-cluster: ci-bunny-2
steps:
- name: Install Go
uses: actions/setup-go@v4
with:
go-version: ${{ env.GO_VERSION }}
check-latest: true
- name: Check out code into the Go module directory
uses: actions/checkout@v4
- name: Acquire lock for ${{ matrix.gke-cluster }}
uses: ben-z/gh-action-mutex@9709ba4d8596ad4f9f8bbe8e0f626ae249b1b3ac
with:
branch: lock-${{ matrix.gke-cluster }}
- id: 'auth'
uses: 'google-github-actions/auth@v1'
with:
workload_identity_provider: ${{ secrets.GCP_IDENTITY_PROVIDER }}
service_account: ${{ secrets.GCP_SA }}
- id: 'get-credentials'
uses: 'google-github-actions/get-gke-credentials@v1'
with:
cluster_name: ${{ matrix.gke-cluster }}
location: europe-west1
- name: Get operator manifest
uses: actions/download-artifact@v3
with:
name: operator-manifests
- name: Install Operator build
run: |
make install-tools
make destroy
kubectl apply -f cluster-operator.yml
kubectl --namespace=rabbitmq-system wait --for=condition=Available deployment/rabbitmq-cluster-operator
- name: System tests
env:
RABBITMQ_IMAGE: ${{ matrix.rabbitmq-image }}
run: |
make system-tests
test_doc_examples:
name: Documented example tests
runs-on: ubuntu-latest
container: us.gcr.io/cf-rabbitmq-for-k8s-bunny/rabbitmq-for-kubernetes-ci
if: ${{ github.event_name != 'pull_request' }}
# Add "id-token" with the intended permissions.
permissions:
contents: 'write'
id-token: 'write'
needs: build_operator
steps:
- name: Install Go
uses: actions/setup-go@v4
with:
go-version: ${{ env.GO_VERSION }}
check-latest: true
- name: Check out code into the Go module directory
uses: actions/checkout@v4
- name: Acquire lock for ci-bunny-2
uses: ben-z/gh-action-mutex@9709ba4d8596ad4f9f8bbe8e0f626ae249b1b3ac
with:
branch: lock-ci-bunny-2
- id: 'auth'
uses: 'google-github-actions/auth@v1'
with:
workload_identity_provider: ${{ secrets.GCP_IDENTITY_PROVIDER }}
service_account: ${{ secrets.GCP_SA }}
- id: 'get-credentials'
uses: 'google-github-actions/get-gke-credentials@v1'
with:
cluster_name: ci-bunny-2
location: europe-west1
- name: Get operator manifest
uses: actions/download-artifact@v3
with:
name: operator-manifests
- name: Install Operator build
run: |
make install-tools
make destroy
kubectl apply -f cluster-operator.yml
kubectl --namespace=rabbitmq-system wait --for=condition=Available deployment/rabbitmq-cluster-operator
- name: Documented example tests
run: docs/examples/test.sh
test_upgrade:
name: Test upgrade of the operator
runs-on: ubuntu-latest
container: us.gcr.io/cf-rabbitmq-for-k8s-bunny/rabbitmq-for-kubernetes-ci
if: ${{ github.event_name != 'pull_request' }}
# Add "id-token" with the intended permissions.
permissions:
contents: 'write'
id-token: 'write'
needs: build_operator
steps:
- name: Install Go
uses: actions/setup-go@v4
with:
go-version: ${{ env.GO_VERSION }}
check-latest: true
- name: Check out code into the Go module directory
uses: actions/checkout@v4
- name: Acquire lock for ci-bunny-1
uses: ben-z/gh-action-mutex@9709ba4d8596ad4f9f8bbe8e0f626ae249b1b3ac
with:
branch: lock-ci-bunny-1
- id: 'auth'
uses: 'google-github-actions/auth@v1'
with:
workload_identity_provider: ${{ secrets.GCP_IDENTITY_PROVIDER }}
service_account: ${{ secrets.GCP_SA }}
- id: 'get-credentials'
uses: 'google-github-actions/get-gke-credentials@v1'
with:
cluster_name: ci-bunny-1
location: europe-west1
- name: Get operator manifest
uses: actions/download-artifact@v3
with:
name: operator-manifests
- name: Test upgrade rollout
run: hack/test-upgrade.sh https://github.com/rabbitmq/cluster-operator/releases/download/${{ env.BASELINE_UPGRADE_VERSION }}/cluster-operator.yml cluster-operator.yml release-header.md
- name: Upload release header
if: github.event_name != 'pull_request'
uses: actions/upload-artifact@v3
with:
name: release-header
path: release-header.md
retention-days: 2
if-no-files-found: error
release:
name: Release to GitHub Releases
runs-on: ubuntu-latest
if: startsWith(github.ref, 'refs/tags/v')
needs: [system_tests, test_doc_examples, test_upgrade]
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Get operator manifest
uses: actions/download-artifact@v3
with:
name: operator-manifests
- name: Get release header
uses: actions/download-artifact@v3
with:
name: release-header
- name: Release
uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844
if: startsWith(github.ref, 'refs/tags/')
with:
files: |
cluster-operator.yml
cluster-operator-quay-io.yml
generate_release_notes: true
draft: true
body_path: release-header.md
fail_on_unmatched_files: true