From 5c34be0b610823e5ea101bc075c839ca73ab5917 Mon Sep 17 00:00:00 2001 From: Leif Madsen Date: Fri, 13 Oct 2023 10:27:20 -0400 Subject: [PATCH] Fix up nightly release-automation (#10) * Login to the infrawatch quay registry Created organization secrets in GitHub with the infrawatch+release_automation robot account so that the release automation script (for nightly builds) can now push to the infrawatch registry. Previously the release automation script only needed to access the infrawatch-operators registry to push the bundles and index image, but with the recent changes to tag and push the latest into the nightly builds, access to the infrawatch repo is also necessary. Related: STF-1559 * Add access to new secrets Add access to the new secrets to the releaser.sh script in GitHub Actions. * Move container registry logins around It looks like docker login might be getting overridden so move the logins around so that login to infrawatch repo happens, followed by appropriate actions, and then login to infrawatch-operators prior to the bundle and index image operations. --- .github/workflows/nightly.yml | 4 ++++ releaser.sh | 9 ++++++--- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 51db01b..8248a05 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -58,6 +58,8 @@ jobs: GITHUB_WORKSPACE: ${{ github.workspace }} QUAY_INFRAWATCH_OPERATORS_USERNAME: ${{ secrets.QUAY_INFRAWATCH_OPERATORS_USERNAME }} QUAY_INFRAWATCH_OPERATORS_PASSWORD: ${{ secrets.QUAY_INFRAWATCH_OPERATORS_PASSWORD }} + QUAY_INFRAWATCH_USERNAME: ${{ secrets.QUAY_INFRAWATCH_USERNAME }} + QUAY_INFRAWATCH_PASSWORD: ${{ secrets.QUAY_INFRAWATCH_PASSWORD }} periodic_release_1_5: name: Periodic Release for STF 1.5 @@ -114,6 +116,8 @@ jobs: GITHUB_WORKSPACE: ${{ github.workspace }} QUAY_INFRAWATCH_OPERATORS_USERNAME: ${{ secrets.QUAY_INFRAWATCH_OPERATORS_USERNAME }} QUAY_INFRAWATCH_OPERATORS_PASSWORD: ${{ secrets.QUAY_INFRAWATCH_OPERATORS_PASSWORD }} + QUAY_INFRAWATCH_USERNAME: ${{ secrets.QUAY_INFRAWATCH_USERNAME }} + QUAY_INFRAWATCH_PASSWORD: ${{ secrets.QUAY_INFRAWATCH_PASSWORD }} BUNDLE_TAG: "stable-1.5" INSPECTION_TAG: "stable-1.5" INDEX_IMAGE_TAG: "nightly-1.5" diff --git a/releaser.sh b/releaser.sh index 41d8d51..8edb917 100755 --- a/releaser.sh +++ b/releaser.sh @@ -18,14 +18,17 @@ ARTIFACT_IMAGES=${ARTIFACT_IMAGES:-"sg-core sg-bridge prometheus-webhook-snmp se echo "SGO result dir: ${SGO_BUNDLE_RESULT_DIR}" echo "STO result dir: ${STO_BUNDLE_RESULT_DIR}" -# login to quay.io registry so we can push bundles to infrawatch-operators organization -echo "${QUAY_INFRAWATCH_OPERATORS_PASSWORD}" | docker login -u="${QUAY_INFRAWATCH_OPERATORS_USERNAME}" --password-stdin quay.io || exit +# login to quay.io registry so we can push bundles to infrawatch organization +echo "${QUAY_INFRAWATCH_PASSWORD}" | docker login -u="${QUAY_INFRAWATCH_USERNAME}" --password-stdin quay.io || exit # tag existing artifacts for nightly reference for IMAGE in ${ARTIFACT_IMAGES}; do skopeo copy "docker://quay.io/infrawatch/${IMAGE}:${IMAGE_TAG}" "docker://quay.io/infrawatch/${IMAGE}:${INSPECTION_TAG}" done +# login to quay.io registry so we can push bundles to infrawatch-operators organization +echo "${QUAY_INFRAWATCH_OPERATORS_PASSWORD}" | docker login -u="${QUAY_INFRAWATCH_OPERATORS_USERNAME}" --password-stdin quay.io || exit + # Smart Gateway Operator bundle creation # -- Get hashes for images so they can be replaced in the bundle manifest for relatedImages @@ -39,7 +42,7 @@ echo "## sg-core image hash: ${SG_CORE_IMAGE_HASH}" echo "-- Get sg-bridge image hash" SG_BRIDGE_IMAGE_HASH=$(skopeo inspect docker://quay.io/infrawatch/sg-bridge:"${INSPECTION_TAG}" | jq -c '.Digest' | sed -e 's/^"//' -e 's/"$//' -) -echo "## sg-bridge image hhash: ${SG_BRIDGE_IMAGE_HASH}" +echo "## sg-bridge image hash: ${SG_BRIDGE_IMAGE_HASH}" echo "-- Create Smart Gateway Operator bundle" pushd "${GITHUB_WORKSPACE}/smart-gateway-operator/" || exit