diff --git a/.github/actions/build-push-kotsadm-migrations-image/action.yml b/.github/actions/build-push-kotsadm-migrations-image/action.yml new file mode 100644 index 0000000000..a0f80311c9 --- /dev/null +++ b/.github/actions/build-push-kotsadm-migrations-image/action.yml @@ -0,0 +1,62 @@ +name: 'Build and push kurl-proxy image' +description: 'Composite action for building and pushing kurl-proxy image' +inputs: + image-name: + description: 'Full destination kurl-proxy image name' + required: true + + git-tag: + description: 'Git tag' + required: true + + registry-username: + description: 'Username to login to registry' + default: '' + required: false + + registry-password: + description: 'Password to login to registry' + default: '' + required: false + +runs: + using: "composite" + steps: + - name: load environment variables from .image.env + uses: falti/dotenv-action@v1 + id: dotenv + with: + path: .image.env + + - uses: shrink/actions-docker-extract@v3 + with: + image: schemahero/schemahero:${{ steps.dotenv.outputs.SCHEMAHERO_TAG }} + path: /schemahero + destination: migrations + + - name: template melange and apko configs + shell: bash + run: | + export GIT_TAG=${{ inputs.git-tag }} + envsubst '${GIT_TAG}' < migrations/deploy/melange.yaml.tmpl > migrations/deploy/melange.yaml + envsubst '${GIT_TAG}' < migrations/deploy/apko.yaml.tmpl > migrations/deploy/apko.yaml + + - id: cache-dir + shell: bash + run: echo "cache_dir=$(go env GOMODCACHE)" >> "$GITHUB_OUTPUT" + + - uses: chainguard-dev/actions/melange-build@main + with: + config: migrations/deploy/melange.yaml + archs: x86_64 + sign-with-temporary-key: true + cache-dir: ${{ steps.cache-dir.outputs.cache_dir }} + + - uses: chainguard-images/actions/apko-publish@main + with: + config: migrations/deploy/apko.yaml + archs: x86_64 + tag: ${{ inputs.image-name }} + vcs-url: true + generic-user: ${{ inputs.registry-username }} + generic-pass: ${{ inputs.registry-password }} diff --git a/.github/workflows/build-test.yaml b/.github/workflows/build-test.yaml index 17074b7728..d1ac754246 100644 --- a/.github/workflows/build-test.yaml +++ b/.github/workflows/build-test.yaml @@ -383,7 +383,7 @@ jobs: build-migrations: runs-on: ubuntu-20.04 - needs: [ can-run-ci ] + needs: [ can-run-ci, generate-tag ] steps: - name: setup env run: | @@ -399,20 +399,10 @@ jobs: ref: ${{github.event.pull_request.head.ref}} repository: ${{github.event.pull_request.head.repo.full_name}} - - name: load environment variables from .image.env - uses: falti/dotenv-action@v1 - id: dotenv + - uses: ./.github/actions/build-push-kotsadm-migrations-image with: - path: .image.env - - - name: build and push migrations for e2e - uses: docker/build-push-action@v5 - with: - tags: ttl.sh/automated-${{ github.run_id }}/kotsadm-migrations:24h - context: ./migrations - file: ./migrations/deploy/Dockerfile - push: true - build-args: SCHEMAHERO_TAG=${{ steps.dotenv.outputs.schemahero_tag }} + image-name: ttl.sh/automated-${{ github.run_id }}/kotsadm-migrations:24h + git-tag: ${{ needs.generate-tag.outputs.tag }} push-minio: diff --git a/migrations/deploy/apko.yaml.tmpl b/migrations/deploy/apko.yaml.tmpl new file mode 100644 index 0000000000..fb1796b3b3 --- /dev/null +++ b/migrations/deploy/apko.yaml.tmpl @@ -0,0 +1,36 @@ +contents: + repositories: + - https://packages.wolfi.dev/os + - ./packages/ + keyring: + - https://packages.wolfi.dev/os/wolfi-signing.rsa.pub + - ./melange.rsa.pub + packages: + - kotsadm-migrations-head # This is expected to be built locally by `melange`. + - bash + - busybox + - curl + - git + - wolfi-baselayout + +accounts: + groups: + - groupname: schemahero + gid: 1001 + users: + - username: schemahero + uid: 1001 + gid: 1001 + run-as: schemahero + +environment: + VERSION: ${GIT_TAG} + +entrypoint: + command: /schemahero + +cmd: apply + +archs: + - x86_64 + - aarch64 diff --git a/migrations/deploy/melange.yaml.tmpl b/migrations/deploy/melange.yaml.tmpl new file mode 100644 index 0000000000..6ed4ad5a30 --- /dev/null +++ b/migrations/deploy/melange.yaml.tmpl @@ -0,0 +1,32 @@ +package: + name: kotsadm-migrations-head + version: ${GIT_TAG} + epoch: 0 + description: kotsadm-migrations package + copyright: + - license: Apache-2.0 + +environment: + contents: + repositories: + - https://packages.wolfi.dev/os + keyring: + - https://packages.wolfi.dev/os/wolfi-signing.rsa.pub + packages: + - ca-certificates-bundle + - busybox + - git + - go + environment: + GOMODCACHE: '/var/cache/melange' + +pipeline: + - runs: | + set -x + export DESTDIR="${{targets.destdir}}" + mkdir -p "${DESTDIR}" + + mv migrations/tables "${DESTDIR}/tables" + + # expected to have already beeen extracted from the schemahero image + mv migrations/schemahero "${DESTDIR}/schemahero"