diff --git a/.github/workflows/nightly-test-release.yaml b/.github/workflows/nightly-test-release.yaml new file mode 100644 index 00000000..2a368f28 --- /dev/null +++ b/.github/workflows/nightly-test-release.yaml @@ -0,0 +1,158 @@ +name: Test release process nightly + +on: + schedule: + - cron: "0 0 * * *" # Run every day at midnight (UTC) + workflow_dispatch: # Allow running manually on demand + +env: + RELEASE_TAG: t9.9.9-fake + +jobs: + nightly-test-release: + name: Tag current version for testing + runs-on: ubuntu-latest + permissions: + contents: write + steps: + - uses: actions/checkout@v4 + with: + ref: main + fetch-depth: 0 + - name: Set and push fake tag for release + run: | + git tag ${{ env.RELEASE_TAG }} + - name: Push changes + uses: ad-m/github-push-action@master + with: + tags: true + github_token: ${{ secrets.GITHUB_TOKEN }} + + build-push-services: + name: Build, sign and provenance + needs: [nightly-test-release] + permissions: + actions: read + contents: write + packages: write + id-token: write + strategy: + matrix: + destination: [ghcr] + arch: [amd64, arm64, s390x] + include: + - destination: ghcr + registry: ghcr.io + username: ${{ github.actor }} + password: GITHUB_TOKEN + image: GHCR_IMAGE + secret_registry: false + uses: ./.github/workflows/release-workflow.yml + with: + password: ${{ matrix.password }} + username: ${{ matrix.username }} + registry: ${{ matrix.registry }} + tag: t9.9.9-fake + arch: ${{ matrix.arch }} + image: ${{ matrix.image }} + secret_registry: ${{ matrix.secret_registry }} + secrets: inherit + + multiarch: + name: Publish multiarch image + needs: [build-push-services] + runs-on: ubuntu-latest + permissions: + packages: write + contents: read + strategy: + matrix: + destination: [ghcr] + include: + - destination: ghcr + registry: ghcr.io + username: ${{ github.actor }} + password: GITHUB_TOKEN + image: GHCR_IMAGE + secret_registry: false + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + ref: ${{ env.RELEASE_TAG }} + fetch-depth: 0 + - name: Docker login + uses: docker/login-action@v3 + with: + registry: ${{ matrix.secret_registry && secrets[matrix.registry] || matrix.registry }} + username: ${{ matrix.secret_registry && secrets[matrix.username] || matrix.username }} + password: ${{ secrets[matrix.password] }} + - name: Publish multiarch + run: CONTROLLER_IMG=${{ vars[matrix.image] }} TAG=${{ env.RELEASE_TAG }} make docker-push-manifest-rancher-turtles + + release: + name: Create helm release + needs: [build-push-services] + runs-on: ubuntu-latest + env: + PROD_REGISTRY: ${{ secrets.REGISTRY_ENDPOINT }} + PROD_ORG: rancher-sandbox + RELEASE_DIR: .cr-release-packages + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + ref: ${{ env.RELEASE_TAG }} + fetch-depth: 0 + - name: Package operator chart + run: RELEASE_TAG=${{ env.RELEASE_TAG }} CHART_PACKAGE_DIR=${RELEASE_DIR} REGISTRY=${{ env.PROD_REGISTRY }} ORG=${{ env.PROD_ORG }} make release + + notify-failure: + name: Notify failure in Slack + needs: [release] + if: failure() + runs-on: ubuntu-latest + steps: + - uses: slackapi/slack-github-action@v1.24.0 + with: + payload: | + { + "blocks": [ + { + "type": "section", + "text": { + "type": "mrkdwn", + "text": "Rancher turtles RELEASE test failed." + }, + "accessory": { + "type": "button", + "text": { + "type": "plain_text", + "text": ":github:", + "emoji": true + }, + "url": "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" + } + } + ] + } + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK + + clean-up: + name: Release testing clean up + needs: [release] + if: always() + runs-on: ubuntu-latest + permissions: + contents: write + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - uses: dev-drprasad/delete-tag-and-release@v1.0 + with: + tag_name: ${{ env.RELEASE_TAG }} + github_token: ${{ secrets.GITHUB_TOKEN }} + delete_release: false