name: Publish Kata 2.x release artifacts on: push: tags: - '2.*' jobs: build-asset: runs-on: ubuntu-latest strategy: matrix: asset: - cloud-hypervisor - firecracker - kernel - qemu - rootfs-image - rootfs-initrd - shim-v2 steps: - uses: actions/checkout@v2 - name: Install docker run: | curl -fsSL https://test.docker.com -o test-docker.sh sh test-docker.sh - name: Build ${{ matrix.asset }} run: | ./tools/packaging/kata-deploy/local-build/kata-deploy-binaries-in-docker.sh --build="${KATA_ASSET}" build_dir=$(readlink -f build) # store-artifact does not work with symlink sudo cp -r "${build_dir}" "kata-build" env: KATA_ASSET: ${{ matrix.asset }} TAR_OUTPUT: ${{ matrix.asset }}.tar.gz - name: store-artifact ${{ matrix.asset }} uses: actions/upload-artifact@v2 with: name: kata-artifacts path: kata-build/kata-static-${{ matrix.asset }}.tar.xz if-no-files-found: error create-kata-tarball: runs-on: ubuntu-latest needs: build-asset steps: - uses: actions/checkout@v2 - name: get-artifacts uses: actions/download-artifact@v2 with: name: kata-artifacts path: kata-artifacts - name: merge-artifacts run: | ./tools/packaging/kata-deploy/local-build/kata-deploy-merge-builds.sh kata-artifacts - name: store-artifacts uses: actions/upload-artifact@v2 with: name: kata-static-tarball path: kata-static.tar.xz kata-deploy: needs: create-kata-tarball runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - name: get-kata-tarball uses: actions/download-artifact@v2 with: name: kata-static-tarball - name: build-and-push-kata-deploy-ci id: build-and-push-kata-deploy-ci run: | tag=$(echo $GITHUB_REF | cut -d/ -f3-) pushd $GITHUB_WORKSPACE git checkout $tag pkg_sha=$(git rev-parse HEAD) popd mv kata-static.tar.xz $GITHUB_WORKSPACE/tools/packaging/kata-deploy/kata-static.tar.xz docker build --build-arg KATA_ARTIFACTS=kata-static.tar.xz -t katadocker/kata-deploy-ci:$pkg_sha -t quay.io/kata-containers/kata-deploy-ci:$pkg_sha $GITHUB_WORKSPACE/tools/packaging/kata-deploy docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }} docker push katadocker/kata-deploy-ci:$pkg_sha docker login -u ${{ secrets.QUAY_DEPLOYER_USERNAME }} -p ${{ secrets.QUAY_DEPLOYER_PASSWORD }} quay.io docker push quay.io/kata-containers/kata-deploy-ci:$pkg_sha mkdir -p packaging/kata-deploy ln -s $GITHUB_WORKSPACE/tools/packaging/kata-deploy/action packaging/kata-deploy/action echo "::set-output name=PKG_SHA::${pkg_sha}" - name: test-kata-deploy-ci-in-aks uses: ./packaging/kata-deploy/action with: packaging-sha: ${{steps.build-and-push-kata-deploy-ci.outputs.PKG_SHA}} env: PKG_SHA: ${{steps.build-and-push-kata-deploy-ci.outputs.PKG_SHA}} AZ_APPID: ${{ secrets.AZ_APPID }} AZ_PASSWORD: ${{ secrets.AZ_PASSWORD }} AZ_SUBSCRIPTION_ID: ${{ secrets.AZ_SUBSCRIPTION_ID }} AZ_TENANT_ID: ${{ secrets.AZ_TENANT_ID }} - name: push-tarball run: | # tag the container image we created and push to DockerHub tag=$(echo $GITHUB_REF | cut -d/ -f3-) tags=($tag) tags+=($([[ "$tag" =~ "alpha"|"rc" ]] && echo "latest" || echo "stable")) for tag in ${tags[@]}; do \ docker tag katadocker/kata-deploy-ci:${{steps.build-and-push-kata-deploy-ci.outputs.PKG_SHA}} katadocker/kata-deploy:${tag} && \ docker tag quay.io/kata-containers/kata-deploy-ci:${{steps.build-and-push-kata-deploy-ci.outputs.PKG_SHA}} quay.io/kata-containers/kata-deploy:${tag} && \ docker push katadocker/kata-deploy:${tag} && \ docker push quay.io/kata-containers/kata-deploy:${tag}; \ done upload-static-tarball: needs: kata-deploy runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - name: download-artifacts uses: actions/download-artifact@v2 with: name: kata-static-tarball - name: install hub run: | HUB_VER=$(curl -s "https://api.github.com/repos/github/hub/releases/latest" | jq -r .tag_name | sed 's/^v//') wget -q -O- https://github.com/github/hub/releases/download/v$HUB_VER/hub-linux-amd64-$HUB_VER.tgz | \ tar xz --strip-components=2 --wildcards '*/bin/hub' && sudo mv hub /usr/local/bin/hub - name: push static tarball to github run: | tag=$(echo $GITHUB_REF | cut -d/ -f3-) tarball="kata-static-$tag-x86_64.tar.xz" mv kata-static.tar.xz "$GITHUB_WORKSPACE/${tarball}" pushd $GITHUB_WORKSPACE echo "uploading asset '${tarball}' for tag: ${tag}" GITHUB_TOKEN=${{ secrets.GIT_UPLOAD_TOKEN }} hub release edit -m "" -a "${tarball}" "${tag}" popd upload-cargo-vendored-tarball: needs: upload-static-tarball runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - name: generate-and-upload-tarball run: | pushd $GITHUB_WORKSPACE/src/agent cargo vendor >> .cargo/config popd tag=$(echo $GITHUB_REF | cut -d/ -f3-) tarball="kata-containers-$tag-vendor.tar.gz" pushd $GITHUB_WORKSPACE tar -cvzf "${tarball}" src/agent/.cargo/config src/agent/vendor GITHUB_TOKEN=${{ secrets.GIT_UPLOAD_TOKEN }} hub release edit -m "" -a "${tarball}" "${tag}" popd upload-libseccomp-tarball: needs: upload-cargo-vendored-tarball runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - name: download-and-upload-tarball env: GITHUB_TOKEN: ${{ secrets.GIT_UPLOAD_TOKEN }} GOPATH: ${HOME}/go run: | pushd $GITHUB_WORKSPACE ./ci/install_yq.sh tag=$(echo $GITHUB_REF | cut -d/ -f3-) versions_yaml="versions.yaml" version=$(${GOPATH}/bin/yq read ${versions_yaml} "externals.libseccomp.version") repo_url=$(${GOPATH}/bin/yq read ${versions_yaml} "externals.libseccomp.url") download_url="${repo_url}/releases/download/v${version}" tarball="libseccomp-${version}.tar.gz" asc="${tarball}.asc" curl -sSLO "${download_url}/${tarball}" curl -sSLO "${download_url}/${asc}" # "-m" option should be empty to re-use the existing release title # without opening a text editor. # For the details, check https://hub.github.com/hub-release.1.html. hub release edit -m "" -a "${tarball}" "${tag}" hub release edit -m "" -a "${asc}" "${tag}" popd