mirror of
https://github.com/aljazceru/kata-containers.git
synced 2026-01-07 00:14:21 +01:00
fc64643437
The action used for testing kata-deploy is entirely based on the action used to build the kata-deploy tarball, but while the latter is able to use the correct branch, the former always uses `main`. This happens as the `issue_comment`, from GitHub actions, passed the "default branch" as the GITHUB_REF. As we're not the first ones to face such a issue, I've decided to take one of the approaches suggested at one of the checkout's issues, https://github.com/actions/checkout/issues/331, and take advantage of a new action provided by the community, which will get the PR where the comment was made, give us that ref, and that then can be used with the checkout action, resulting on what we originally wanted. Fixes: #3443 Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
158 lines
5.6 KiB
YAML
158 lines
5.6 KiB
YAML
on:
|
|
issue_comment:
|
|
types: [created, edited]
|
|
|
|
name: test-kata-deploy
|
|
|
|
jobs:
|
|
check-comment-and-membership:
|
|
runs-on: ubuntu-latest
|
|
if: |
|
|
github.event.issue.pull_request
|
|
&& github.event_name == 'issue_comment'
|
|
&& github.event.action == 'created'
|
|
&& startsWith(github.event.comment.body, '/test_kata_deploy')
|
|
steps:
|
|
- name: Check membership
|
|
uses: kata-containers/is-organization-member@1.0.1
|
|
id: is_organization_member
|
|
with:
|
|
organization: kata-containers
|
|
username: ${{ github.event.comment.user.login }}
|
|
token: ${{ secrets.GITHUB_TOKEN }}
|
|
- name: Fail if not member
|
|
run: |
|
|
result=${{ steps.is_organization_member.outputs.result }}
|
|
if [ $result == false ]; then
|
|
user=${{ github.event.comment.user.login }}
|
|
echo Either ${user} is not part of the kata-containers organization
|
|
echo or ${user} has its Organization Visibility set to Private at
|
|
echo https://github.com/orgs/kata-containers/people?query=${user}
|
|
echo
|
|
echo Ensure you change your Organization Visibility to Public and
|
|
echo trigger the test again.
|
|
exit 1
|
|
fi
|
|
|
|
build-asset:
|
|
runs-on: ubuntu-latest
|
|
needs: check-comment-and-membership
|
|
strategy:
|
|
matrix:
|
|
asset:
|
|
- cloud-hypervisor
|
|
- firecracker
|
|
- kernel
|
|
- qemu
|
|
- rootfs-image
|
|
- rootfs-initrd
|
|
- shim-v2
|
|
steps:
|
|
# As Github action event `issue_comment` does not provide the right ref
|
|
# (commit/branch) to be tested, let's use this third part action to work
|
|
# this limitation around.
|
|
- name: resolve pr refs
|
|
id: refs
|
|
uses: kata-containers/resolve-pr-refs@v0.0.3
|
|
with:
|
|
token: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
- uses: actions/checkout@v2
|
|
with:
|
|
ref: ${{ steps.refs.outputs.head_ref }}
|
|
- name: Install docker
|
|
run: |
|
|
curl -fsSL https://test.docker.com -o test-docker.sh
|
|
sh test-docker.sh
|
|
|
|
- name: Build ${{ matrix.asset }}
|
|
run: |
|
|
make "${KATA_ASSET}-tarball"
|
|
build_dir=$(readlink -f build)
|
|
# store-artifact does not work with symlink
|
|
sudo cp -r "${build_dir}" "kata-build"
|
|
env:
|
|
KATA_ASSET: ${{ matrix.asset }}
|
|
TAR_OUTPUT: ${{ matrix.asset }}.tar.gz
|
|
|
|
- name: store-artifact ${{ matrix.asset }}
|
|
uses: actions/upload-artifact@v2
|
|
with:
|
|
name: kata-artifacts
|
|
path: kata-build/kata-static-${{ matrix.asset }}.tar.xz
|
|
if-no-files-found: error
|
|
|
|
create-kata-tarball:
|
|
runs-on: ubuntu-latest
|
|
needs: build-asset
|
|
steps:
|
|
# As Github action event `issue_comment` does not provide the right ref
|
|
# (commit/branch) to be tested, let's use this third part action to work
|
|
# this limitation around.
|
|
- name: resolve pr refs
|
|
id: refs
|
|
uses: kata-containers/resolve-pr-refs@v0.0.3
|
|
with:
|
|
token: ${{ secrets.GITHUB_TOKEN }}
|
|
- uses: actions/checkout@v2
|
|
with:
|
|
ref: ${{ steps.refs.outputs.head_ref }}
|
|
- name: get-artifacts
|
|
uses: actions/download-artifact@v2
|
|
with:
|
|
name: kata-artifacts
|
|
path: kata-artifacts
|
|
- name: merge-artifacts
|
|
run: |
|
|
./tools/packaging/kata-deploy/local-build/kata-deploy-merge-builds.sh kata-artifacts
|
|
- name: store-artifacts
|
|
uses: actions/upload-artifact@v2
|
|
with:
|
|
name: kata-static-tarball
|
|
path: kata-static.tar.xz
|
|
|
|
kata-deploy:
|
|
needs: create-kata-tarball
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
# As Github action event `issue_comment` does not provide the right ref
|
|
# (commit/branch) to be tested, let's use this third part action to work
|
|
# this limitation around.
|
|
- name: resolve pr refs
|
|
id: refs
|
|
uses: kata-containers/resolve-pr-refs@v0.0.3
|
|
with:
|
|
token: ${{ secrets.GITHUB_TOKEN }}
|
|
- uses: actions/checkout@v2
|
|
with:
|
|
ref: ${{ steps.refs.outputs.head_ref }}
|
|
- name: get-kata-tarball
|
|
uses: actions/download-artifact@v2
|
|
with:
|
|
name: kata-static-tarball
|
|
- name: build-and-push-kata-deploy-ci
|
|
id: build-and-push-kata-deploy-ci
|
|
run: |
|
|
tag=$(echo $GITHUB_REF | cut -d/ -f3-)
|
|
pushd $GITHUB_WORKSPACE
|
|
git checkout $tag
|
|
pkg_sha=$(git rev-parse HEAD)
|
|
popd
|
|
mv kata-static.tar.xz $GITHUB_WORKSPACE/tools/packaging/kata-deploy/kata-static.tar.xz
|
|
docker build --build-arg KATA_ARTIFACTS=kata-static.tar.xz -t quay.io/kata-containers/kata-deploy-ci:$pkg_sha $GITHUB_WORKSPACE/tools/packaging/kata-deploy
|
|
docker login -u ${{ secrets.QUAY_DEPLOYER_USERNAME }} -p ${{ secrets.QUAY_DEPLOYER_PASSWORD }} quay.io
|
|
docker push quay.io/kata-containers/kata-deploy-ci:$pkg_sha
|
|
mkdir -p packaging/kata-deploy
|
|
ln -s $GITHUB_WORKSPACE/tools/packaging/kata-deploy/action packaging/kata-deploy/action
|
|
echo "::set-output name=PKG_SHA::${pkg_sha}"
|
|
- name: test-kata-deploy-ci-in-aks
|
|
uses: ./packaging/kata-deploy/action
|
|
with:
|
|
packaging-sha: ${{steps.build-and-push-kata-deploy-ci.outputs.PKG_SHA}}
|
|
env:
|
|
PKG_SHA: ${{steps.build-and-push-kata-deploy-ci.outputs.PKG_SHA}}
|
|
AZ_APPID: ${{ secrets.AZ_APPID }}
|
|
AZ_PASSWORD: ${{ secrets.AZ_PASSWORD }}
|
|
AZ_SUBSCRIPTION_ID: ${{ secrets.AZ_SUBSCRIPTION_ID }}
|
|
AZ_TENANT_ID: ${{ secrets.AZ_TENANT_ID }}
|