Fix up nightly release-automation (#10)

* Login to the infrawatch quay registry Created organization secrets in GitHub with the infrawatch+release_automation robot account so that the release automation script (for nightly builds) can now push to the infrawatch registry. Previously the release automation script only needed to access the infrawatch-operators registry to push the bundles and index image, but with the recent changes to tag and push the latest into the nightly builds, access to the infrawatch repo is also necessary. Related: STF-1559 * Add access to new secrets Add access to the new secrets to the releaser.sh script in GitHub Actions. * Move container registry logins around It looks like docker login might be getting overridden so move the logins around so that login to infrawatch repo happens, followed by appropriate actions, and then login to infrawatch-operators prior to the bundle and index image operations.
infrawatch · Oct 13, 2023 · 5c34be0 · 5c34be0
1 parent ad2fc83
commit 5c34be0
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 3 deletions.
diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml
@@ -58,6 +58,8 @@ jobs:
           GITHUB_WORKSPACE: ${{ github.workspace }}
           QUAY_INFRAWATCH_OPERATORS_USERNAME: ${{ secrets.QUAY_INFRAWATCH_OPERATORS_USERNAME }}
           QUAY_INFRAWATCH_OPERATORS_PASSWORD: ${{ secrets.QUAY_INFRAWATCH_OPERATORS_PASSWORD }}
+          QUAY_INFRAWATCH_USERNAME: ${{ secrets.QUAY_INFRAWATCH_USERNAME }}
+          QUAY_INFRAWATCH_PASSWORD: ${{ secrets.QUAY_INFRAWATCH_PASSWORD }}
 
   periodic_release_1_5:
     name: Periodic Release for STF 1.5
@@ -114,6 +116,8 @@ jobs:
           GITHUB_WORKSPACE: ${{ github.workspace }}
           QUAY_INFRAWATCH_OPERATORS_USERNAME: ${{ secrets.QUAY_INFRAWATCH_OPERATORS_USERNAME }}
           QUAY_INFRAWATCH_OPERATORS_PASSWORD: ${{ secrets.QUAY_INFRAWATCH_OPERATORS_PASSWORD }}
+          QUAY_INFRAWATCH_USERNAME: ${{ secrets.QUAY_INFRAWATCH_USERNAME }}
+          QUAY_INFRAWATCH_PASSWORD: ${{ secrets.QUAY_INFRAWATCH_PASSWORD }}
           BUNDLE_TAG: "stable-1.5"
           INSPECTION_TAG: "stable-1.5"
           INDEX_IMAGE_TAG: "nightly-1.5"
diff --git a/releaser.sh b/releaser.sh
@@ -18,14 +18,17 @@ ARTIFACT_IMAGES=${ARTIFACT_IMAGES:-"sg-core sg-bridge prometheus-webhook-snmp se
 echo "SGO result dir: ${SGO_BUNDLE_RESULT_DIR}"
 echo "STO result dir: ${STO_BUNDLE_RESULT_DIR}"
 
-# login to quay.io registry so we can push bundles to infrawatch-operators organization
-echo "${QUAY_INFRAWATCH_OPERATORS_PASSWORD}" | docker login -u="${QUAY_INFRAWATCH_OPERATORS_USERNAME}" --password-stdin quay.io || exit
+# login to quay.io registry so we can push bundles to infrawatch organization
+echo "${QUAY_INFRAWATCH_PASSWORD}" | docker login -u="${QUAY_INFRAWATCH_USERNAME}" --password-stdin quay.io || exit
 
 # tag existing artifacts for nightly reference
 for IMAGE in ${ARTIFACT_IMAGES}; do
     skopeo copy "docker://quay.io/infrawatch/${IMAGE}:${IMAGE_TAG}" "docker://quay.io/infrawatch/${IMAGE}:${INSPECTION_TAG}"
 done
 
+# login to quay.io registry so we can push bundles to infrawatch-operators organization
+echo "${QUAY_INFRAWATCH_OPERATORS_PASSWORD}" | docker login -u="${QUAY_INFRAWATCH_OPERATORS_USERNAME}" --password-stdin quay.io || exit
+
 # Smart Gateway Operator bundle creation
 
 # -- Get hashes for images so they can be replaced in the bundle manifest for relatedImages
@@ -39,7 +42,7 @@ echo "## sg-core image hash: ${SG_CORE_IMAGE_HASH}"
 
 echo "-- Get sg-bridge image hash"
 SG_BRIDGE_IMAGE_HASH=$(skopeo inspect docker://quay.io/infrawatch/sg-bridge:"${INSPECTION_TAG}" | jq -c '.Digest' | sed -e 's/^"//' -e 's/"$//' -)
-echo "## sg-bridge image hhash: ${SG_BRIDGE_IMAGE_HASH}"
+echo "## sg-bridge image hash: ${SG_BRIDGE_IMAGE_HASH}"
 
 echo "-- Create Smart Gateway Operator bundle"
 pushd "${GITHUB_WORKSPACE}/smart-gateway-operator/" || exit