diff --git a/.github/workflows/testing-and-publishing-OLM-bundle.yml b/.github/workflows/testing-and-publishing-OLM-bundle.yml new file mode 100644 index 00000000..26cdf10c --- /dev/null +++ b/.github/workflows/testing-and-publishing-OLM-bundle.yml @@ -0,0 +1,260 @@ +# action to test our operator lifecycle manager bundle +# See https://github.com/rabbitmq/OLM-Package-Repo for more info. +name: Test & Publish OLM bundle + +on: + release: + types: [published] + + workflow_dispatch: + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true +env: + # registry information where we want to store the operator image and the operator index image + DOCKER_REGISTRY_SERVER: quay.io/rabbitmqoperator + OLM_IMAGE: rabbitmq-for-kubernetes-olm-messaging-topology-operator + OLM_INDEX_IMAGE: rabbitmq-for-kubernetes-olm-messaging-topology-operator-index + +jobs: + create-olm-package: + name: Create the OLM Packaging + runs-on: ubuntu-latest + permissions: + contents: 'write' + id-token: 'write' + outputs: + olm_package_version: ${{ steps.set_bundle_version.outputs.BUNDLE_VERSION }} + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Checkout OLM-Package-Repo + uses: actions/checkout@v4 + with: + repository: rabbitmq/OLM-Package-Repo + path: ./OLM-Package-Repo + + - name: Set image tag to tagged release + id: set_bundle_version + run: scripts/print-tag-version.bash >> "$GITHUB_OUTPUT" + shell: bash + + - name: Install and configure Poetry + uses: snok/install-poetry@v1 + with: + virtualenvs-create: true + virtualenvs-in-project: false + + - name: OpenShift Tools Installer + uses: redhat-actions/openshift-tools-installer@v1 + with: + # Using GitHub source because the Openshift mirror source binary file does not match the expected name + # pattern. In the mirror, the filename is opm-rhel8, and the Action is expecting the name as opm-${OS}-${ARCH} + source: github + github_pat: ${{ github.token }} + opm: "latest" + + - name: Install Carvel tooling + uses: carvel-dev/setup-action@v2.0.1 + with: + token: ${{ github.token }} + only: ytt, kbld + + - name: Podman Login + uses: redhat-actions/podman-login@v1 + with: + registry: ${{ env.DOCKER_REGISTRY_SERVER }} + username: ${{ secrets.QUAY_USERNAME }} + password: ${{ secrets.QUAY_ROBOT_TOKEN }} + + # TODO: Set auto-expiry in DEV images: https://idbs-engineering.com/containers/2019/08/27/auto-expiry-quayio-tags.html + - name: Create OLM package + env: + DOCKER_REGISTRY_SERVER: ${{ env.DOCKER_REGISTRY_SERVER }} + OLM_IMAGE: ${{ env.OLM_IMAGE }} + OLM_INDEX_IMAGE: ${{ env.OLM_INDEX_IMAGE }} + BUNDLE_VERSION: ${{ steps.set_bundle_version.outputs.BUNDLE_VERSION }} + run: | + make generate-manifests + cp ./config/crd/bases/*.yaml ./OLM-Package-Repo/rabbitmq_olm_package_repo/manifests_crds_messaging_topology_operator/crds + cd ./OLM-Package-Repo + poetry run generate_bundle ./../releases/messaging-topology-operator-with-certmanager.yaml $BUNDLE_VERSION ./ + + opm alpha bundle build -c stable -d ./$BUNDLE_VERSION/manifests -t $DOCKER_REGISTRY_SERVER/$OLM_IMAGE:$BUNDLE_VERSION -p rabbitmq-messaging-topology-operator --image-builder podman + opm index add -b $DOCKER_REGISTRY_SERVER/$OLM_IMAGE:$BUNDLE_VERSION -t $DOCKER_REGISTRY_SERVER/$OLM_INDEX_IMAGE:$BUNDLE_VERSION -c podman + + mkdir upload + mv "$BUNDLE_VERSION" ./upload + cp ./rabbitmq_olm_package_repo/generators/messaging_topology_operator_generators/topology-service-version-generator-openshift.yml ./rabbitmq_olm_package_repo/generators/messaging_topology_operator_generators/topology-service-version-generator.yml + poetry run generate_bundle ./../releases/messaging-topology-operator-with-certmanager.yaml $BUNDLE_VERSION ./ + mv "$BUNDLE_VERSION" ./upload/$BUNDLE_VERSION-openshift + + - name: Push OLM Package to Registry + uses: redhat-actions/push-to-registry@v2 + with: + registry: ${{ env.DOCKER_REGISTRY_SERVER }} + image: ${{ env.OLM_IMAGE }} + tags: ${{ steps.set_bundle_version.outputs.BUNDLE_VERSION }} + + - name: Push OLM Package to Registry + uses: redhat-actions/push-to-registry@v2 + with: + registry: ${{ env.DOCKER_REGISTRY_SERVER }} + image: ${{ env.OLM_INDEX_IMAGE }} + tags: ${{ steps.set_bundle_version.outputs.BUNDLE_VERSION }} + + - name: upload-olm-package + uses: actions/upload-artifact@v4 + with: + name: olm-artifact + path: OLM-Package-Repo/upload/ + retention-days: 2 + + test-olm-package: + name: Tests the OLM packaging + runs-on: ubuntu-latest + needs: create-olm-package + outputs: + # Required to pass on the OLM bundle version to publish job + olm_package_version: ${{ needs.create-olm-package.outputs.olm_package_version }} + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Checkout infrastructure repo + uses: actions/checkout@v4 + with: + repository: rabbitmq/infrastructure + token: ${{ secrets.GIT_HUB_ACCESS_INFRA_REPO_TOKEN }} + path: ./infrastructure + + - name: Checkout OLM-Package-Repo + uses: actions/checkout@v4 + with: + repository: rabbitmq/OLM-Package-Repo + path: ./OLM-Package-Repo + + - name: Install Go + uses: actions/setup-go@v5 + with: + go-version-file: "go.mod" + + - name: Setup Ginkgo CLI + uses: ci-tasks/setup-ginkgo@main + + - name: Install Carvel tooling + uses: carvel-dev/setup-action@v2.0.1 + with: + token: ${{ github.token }} + only: ytt, kbld + + - name: Protect access to the cluster with a mutex + uses: ben-z/gh-action-mutex@v1.0.0-alpha.9 + with: + repo-token: ${{ secrets.CLUSTER_OPERATOR_ACCESS_TOKEN }} + repository: rabbitmq/cluster-operator + branch: openshift-lock + + - name: Connect to the Openshift cluster and deploy the operators through OLM + id: connect-and-deploy + env: + TOKEN: ${{ secrets.OPERATORHUB_TOKEN }} + BUNDLE_VERSION: ${{ needs.create-olm-package.outputs.olm_package_version }} + ENVIRONMENT: openshift + run: | + mkdir $HOME/.kube + cp ./infrastructure/k8s/okd/admin-kubeconfig.yaml $HOME/.kube/config + export KUBECONFIG=$HOME/.kube/config + kubectl config use-context admin + ./OLM-Package-Repo/testfiles/install-rabbitmq-messaging-topology-operator.sh $BUNDLE_VERSION + + - name: Run Operator System Tests + env: + ENVIRONMENT: "openshift" + K8S_OPERATOR_NAMESPACE: rabbitmq-system-olm + SYSTEM_TEST_NAMESPACE: rabbitmq-system-olm + NAMESPACE: rabbitmq-system-olm + run: | + kubectl wait -n "$K8S_OPERATOR_NAMESPACE" sub --all --for=jsonpath='{.status.state}'=AtLatestKnown --timeout=2m + ginkgo --randomize-all -r --skip "RabbitMQ Cluster with TLS enabled" system_tests/ + + - name: Clean up + env: + OLM_INDEX_TAG: ${{ needs.create-olm-package.outputs.olm_package_version }} + if: ${{ !cancelled() && steps.connect-and-deploy.conclusion == 'success' }} + run: | + export KUBECONFIG=./infrastructure/k8s/okd/admin-kubeconfig.yaml + kubectl config use-context admin + ./OLM-Package-Repo/testfiles/uninstall-rabbitmq-messaging-topology-operator.sh $BUNDLE_VERSION + + publish-bundle-operatorhub: + name: Create branch for OperatorHub PR + runs-on: ubuntu-latest + needs: test-olm-package + if: ${{ startsWith(github.ref, 'refs/tags/v') }} + steps: + - name: Checkout community-operators fork (OperatorHub) + uses: actions/checkout@v4 + with: + repository: rabbitmq/community-operators + # secret_rabbitmq/kv/Shared-Shared-RabbitMQ%2Frabbitmq-ci/details + token: ${{ secrets.RABBITMQ_CI_TOKEN }} + + - name: Download OLM artifact + uses: actions/download-artifact@v4 + with: + name: olm-artifact + path: olm-package-ci + + - name: Create branch for OperatorHub PR + env: + BUNDLE_VERSION: ${{ needs.test-olm-package.outputs.olm_package_version }} + run: | + mkdir -pv operators/rabbitmq-messaging-topology-operator + git config user.name "rabbitmq-ci" + git config user.email ${{ secrets.RABBITMQ_CI_EMAIL }} + git branch rabbitmq-messaging-topology-operator-$BUNDLE_VERSION + git checkout rabbitmq-messaging-topology-operator-$BUNDLE_VERSION + + cp -v -fR ./olm-package-ci/"$BUNDLE_VERSION" ./operators/rabbitmq-messaging-topology-operator/ + sed -i -e "s/latest/$BUNDLE_VERSION/g" ./operators/rabbitmq-messaging-topology-operator/"$BUNDLE_VERSION"/manifests/rabbitmq.clusterserviceversion.yaml + git add operators/rabbitmq-messaging-topology-operator + git commit -s -m "RabbitMQ Topology Operator release $BUNDLE_VERSION" + git push --set-upstream origin "rabbitmq-messaging-topology-operator-$BUNDLE_VERSION" + + publish-bundle-redhat-marketplace: + name: Create branch for Openshift Marketplace PR + runs-on: ubuntu-latest + needs: test-olm-package + if: ${{ startsWith(github.ref, 'refs/tags/v') }} + steps: + - name: Checkout community-operators-prod fork (Openshift Ecosystem) + uses: actions/checkout@v4 + with: + repository: rabbitmq/community-operators-prod + # secret_rabbitmq/kv/Shared-Shared-RabbitMQ%2Frabbitmq-ci/details + token: ${{ secrets.RABBITMQ_CI_TOKEN }} + + - name: Download OLM artifact + uses: actions/download-artifact@v4 + with: + name: olm-artifact + path: olm-package-ci + + - name: Create branch for Openshift Ecosystem PR + env: + BUNDLE_VERSION: ${{ needs.test-olm-package.outputs.olm_package_version }} + run: | + mkdir -pv operators/rabbitmq-messaging-topology-operator + git config user.name "rabbitmq-ci" + git config user.email ${{ secrets.RABBITMQ_CI_EMAIL }} + git branch rabbitmq-messaging-topology-operator-$BUNDLE_VERSION + git checkout rabbitmq-messaging-topology-operator-$BUNDLE_VERSION + + cp -v -fR ./olm-package-ci/"$BUNDLE_VERSION-openshift" ./operators/rabbitmq-messaging-topology-operator/"$BUNDLE_VERSION" + sed -i -e "s/latest/$BUNDLE_VERSION/g" ./operators/rabbitmq-messaging-topology-operator/"$BUNDLE_VERSION"/manifests/rabbitmq.clusterserviceversion.yaml + git add operators/rabbitmq-messaging-topology-operator + git commit -s -m "RabbitMQ Topology Operator release $BUNDLE_VERSION" + git push --set-upstream origin "rabbitmq-messaging-topology-operator-$BUNDLE_VERSION" diff --git a/.github/workflows/testing_and_publishing_OLM_bundle.yml b/.github/workflows/testing_and_publishing_OLM_bundle.yml deleted file mode 100644 index 1f5aa9d2..00000000 --- a/.github/workflows/testing_and_publishing_OLM_bundle.yml +++ /dev/null @@ -1,214 +0,0 @@ -# action to test our operator lifecycle manager bundle -# See https://github.com/rabbitmq/OLM-Package-Repo for more info. -name: test-and-publish-OLM-bundle - -on: - release: - types: [published] - - workflow_dispatch: - -concurrency: - group: ${{ github.workflow }}-${{ github.ref }} - cancel-in-progress: true -env: - # registry information where we want to store the operator image and the operator index image - DOCKER_REGISTRY_SERVER: quay.io/rabbitmqoperator - OLM_IMAGE: rabbitmq-for-kubernetes-olm-messaging-topology-operator - OLM_INDEX_IMAGE: rabbitmq-for-kubernetes-olm-messaging-topology-operator-index - -jobs: - create-olm-package: - name: Create the OLM Packaging - runs-on: ubuntu-latest - container: - image: us.gcr.io/cf-rabbitmq-for-k8s-bunny/rabbitmq-for-kubernetes-ci-olm - options: --privileged - permissions: - contents: 'write' - id-token: 'write' - steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Checkout OLM-Package-Repo - uses: actions/checkout@v4 - with: - repository: rabbitmq/OLM-Package-Repo - path: ./OLM-Package-Repo - - - name: Set tag image for tagged version - if: startsWith(github.ref, 'refs/tags/v') - run: | - BUNDLE_VERSION=${GITHUB_REF#refs/*/} - echo "BUNDLE_VERSION=${BUNDLE_VERSION:1}" >> $GITHUB_ENV - shell: bash - - - name: Set tag image for test version - if: startsWith(github.ref, 'refs/tags/v') == false - run: | - echo "BUNDLE_VERSION=0.0.0" >> $GITHUB_ENV - - - name: Install and configure Poetry - uses: snok/install-poetry@v1 - with: - version: 1.4.2 - virtualenvs-create: true - virtualenvs-in-project: false - - - name: create-olm-package - env: - username: ${{ secrets.QUAY_USERNAME }} - password: ${{ secrets.QUAY_ROBOT_TOKEN }} - DOCKER_REGISTRY_SERVER: ${{ env.DOCKER_REGISTRY_SERVER }} - OLM_IMAGE: ${{ env.OLM_IMAGE }} - OLM_INDEX_IMAGE: ${{ env.OLM_INDEX_IMAGE }} - BUNDLE_VERSION: ${{ env.BUNDLE_VERSION }} - run: | - sed '/mount_program =/s/^#//' -i /etc/containers/storage.conf - podman login quay.io -u $username -p $password - make generate-manifests - cp ./config/crd/bases/*.yaml ./OLM-Package-Repo/rabbitmq_olm_package_repo/manifests_crds_messaging_topology_operator/crds - cd ./OLM-Package-Repo - poetry run generate_bundle ./../releases/messaging-topology-operator-with-certmanager.yaml $BUNDLE_VERSION ./ - opm alpha bundle build -c stable -d ./$BUNDLE_VERSION/manifests -t $DOCKER_REGISTRY_SERVER/$OLM_IMAGE:$BUNDLE_VERSION -p rabbitmq-messaging-topology-operator --image-builder podman - podman push $DOCKER_REGISTRY_SERVER/$OLM_IMAGE:$BUNDLE_VERSION - opm index add -b $DOCKER_REGISTRY_SERVER/$OLM_IMAGE:$BUNDLE_VERSION -t $DOCKER_REGISTRY_SERVER/$OLM_INDEX_IMAGE:$BUNDLE_VERSION -c podman - podman push $DOCKER_REGISTRY_SERVER/$OLM_INDEX_IMAGE:$BUNDLE_VERSION - mkdir upload - mv "$BUNDLE_VERSION" ./upload - cp ./rabbitmq_olm_package_repo/generators/messaging_topology_operator_generators/topology-service-version-generator-openshift.yml ./rabbitmq_olm_package_repo/generators/messaging_topology_operator_generators/topology-service-version-generator.yml - poetry run generate_bundle ./../releases/messaging-topology-operator-with-certmanager.yaml $BUNDLE_VERSION ./ - mv "$BUNDLE_VERSION" ./upload/$BUNDLE_VERSION-openshift - - name: upload-olm-package - uses: actions/upload-artifact@master - with: - name: olm-artifact - path: "/home/runner/work/messaging-topology-operator/messaging-topology-operator/OLM-Package-Repo/upload/" - retention-days: 2 - - test-olm-package: - name: Tests the OLM packaging - runs-on: ubuntu-latest - needs: create-olm-package - container: us.gcr.io/cf-rabbitmq-for-k8s-bunny/rabbitmq-for-kubernetes-ci-olm - - steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Checkout infrastructure repo - uses: actions/checkout@v4 - with: - repository: rabbitmq/infrastructure - token: ${{ secrets.GIT_HUB_ACCESS_INFRA_REPO_TOKEN }} - path: ./infrastructure - - - name: Checkout OLM-Package-Repo - uses: actions/checkout@v4 - with: - repository: rabbitmq/OLM-Package-Repo - path: ./OLM-Package-Repo - - - name: Protect access to the cluster with a mutex - uses: ben-z/gh-action-mutex@v1.0.0-alpha.9 - with: - repo-token: ${{ secrets.CLUSTER_OPERATOR_ACCESS_TOKEN }} - repository: rabbitmq/cluster-operator - branch: openshift-lock - - - name: Connect to the Openshift cluster and deploy the operators through OLM - env: - TOKEN: ${{ secrets.OPERATORHUB_TOKEN }} - BUNDLE_VERSION: ${{ env.BUNDLE_VERSION }} - run: | - mkdir $HOME/.kube - cp ./infrastructure/k8s/okd/admin-kubeconfig.yaml $HOME/.kube/config - export KUBECONFIG=$HOME/.kube/config - export ENVIRONMENT=openshift - kubectl config use-context admin - ./OLM-Package-Repo/testfiles/install-rabbitmq-messaging-topology-operator.sh $BUNDLE_VERSION - rm ./system_tests/tls_system_test.go - export K8S_OPERATOR_NAMESPACE=rabbitmq-system-olm - make install-tools - NAMESPACE="rabbitmq-system-olm" ginkgo --randomize-all -r $(GINKGO_EXTRA) system_tests/ - - name: Clean up - env: - OLM_INDEX_TAG: ${{ env.BUNDLE_VERSION }} - if: always() - run: | - export KUBECONFIG=./infrastructure/k8s/okd/admin-kubeconfig.yaml - kubectl config use-context admin - ./OLM-Package-Repo/testfiles/uninstall-rabbitmq-messaging-topology-operator.sh $BUNDLE_VERSION - - publish-bundle: - name: Publish on OperatorHub and Openshift market-place - runs-on: ubuntu-latest - needs: test-olm-package - container: us.gcr.io/cf-rabbitmq-for-k8s-bunny/rabbitmq-for-kubernetes-ci-olm - # Create the PR to OperatorHUB - steps: - - name: Checkout - uses: actions/checkout@v4 - - name: Checkout community-operators repo - uses: actions/checkout@v4 - with: - repository: rabbitmq/community-operators - path: ./community-operators - token: ${{ secrets.OPERATORHUB_TOKEN }} - - name: Checkout community-operators-prod repo - uses: actions/checkout@v4 - with: - repository: rabbitmq/community-operators-prod - path: ./community-operators-prod - token: ${{ secrets.OPERATORHUB_TOKEN }} - - name: Set tag image for tagged version - if: startsWith(github.ref, 'refs/tags/v') - run: | - BUNDLE_VERSION=${GITHUB_REF#refs/*/} - echo "BUNDLE_VERSION=${BUNDLE_VERSION:1}" >> $GITHUB_ENV - shell: bash - - name: Set tag image for test version - if: startsWith(github.ref, 'refs/tags/v') == false - run: | - echo "BUNDLE_VERSION=0.0.0" >> $GITHUB_ENV - - name: download olm-artifact from previous step - uses: actions/download-artifact@master - with: - name: olm-artifact - - name: CreateOperatorHubPR - env: - TOKEN: ${{ secrets.OPERATORHUB_TOKEN }} - BUNDLE_VERSION: ${{ env.BUNDLE_VERSION }} - run: | - git config --global user.name "DanielePalaia" - git config --global user.email "dpalaia@vmware.com" - cd community-operators/operators/rabbitmq-messaging-topology-operator/ - git branch rabbitmq-messaging-topology-operator-$BUNDLE_VERSION - git checkout rabbitmq-messaging-topology-operator-$BUNDLE_VERSION - REPLACE_VERSION=$(ls -1v | tail -2 | head -1) - cp -fR ./../../../$BUNDLE_VERSION . - sed -i -e "s/replaces: null/replaces: rabbitmq-messaging-topology-operator.v$REPLACE_VERSION/g" ./$BUNDLE_VERSION/manifests/rabbitmq.clusterserviceversion.yaml - sed -i -e "s/latest/$BUNDLE_VERSION/g" ./$BUNDLE_VERSION/manifests/rabbitmq.clusterserviceversion.yaml - git add . - git commit -s -m "RabbitMQ operator new release" - git push https://DanielePalaia:"$TOKEN"@github.com/rabbitmq/community-operators - cd ./../../.. - - # Create the PR to redhat openshift ecosystem - - name: CreateOpenshiftEcosystemPR - env: - TOKEN: ${{ secrets.OPERATORHUB_TOKEN }} - BUNDLE_VERSION: ${{ env.BUNDLE_VERSION }} - run: | - cd community-operators-prod/operators/rabbitmq-messaging-topology-operator/ - git branch rabbitmq-messaging-topology-operator-$BUNDLE_VERSION - git checkout rabbitmq-messaging-topology-operator-$BUNDLE_VERSION - REPLACE_VERSION=$(ls -1v | tail -2 | head -1) - cp -fR ./../../../$BUNDLE_VERSION-openshift . - mv $BUNDLE_VERSION-openshift $BUNDLE_VERSION - sed -i -e "s/replaces: null/replaces: rabbitmq-messaging-topology-operator.v$REPLACE_VERSION/g" ./$BUNDLE_VERSION/manifests/rabbitmq.clusterserviceversion.yaml - sed -i -e "s/latest/$BUNDLE_VERSION/g" ./$BUNDLE_VERSION/manifests/rabbitmq.clusterserviceversion.yaml - git add . - git commit -s -m "RabbitMQ operator new release" - git push https://DanielePalaia:"$TOKEN"@github.com/rabbitmq/community-operators-prod \ No newline at end of file diff --git a/scripts/print-tag-version.bash b/scripts/print-tag-version.bash new file mode 100755 index 00000000..207f80c0 --- /dev/null +++ b/scripts/print-tag-version.bash @@ -0,0 +1,8 @@ +#!/usr/bin/env bash + +if [ "$GITHUB_REF_TYPE" != "tag" ]; then + echo "BUNDLE_VERSION=0.0.0" + exit 0 +fi + +printf "BUNDLE_VERSION=%s\n" "${GITHUB_REF_NAME:1}"