From b24ea86a1c8f6fbeabe14fa1c4bbbc7aae4e0e3c Mon Sep 17 00:00:00 2001 From: framework-automation <41898282+framework-automation[bot]@users.noreply.github.com> Date: Tue, 2 Apr 2024 12:24:23 +0000 Subject: [PATCH] Upgrade CI (02 Apr 2024 12:24:23) --- .github/workflows/command_merge.yaml | 2 +- .github/workflows/command_retest.yaml | 2 +- .github/workflows/dco_test.yaml | 4 +- .github/workflows/dco_workflow_complete.yaml | 2 +- .github/workflows/documentation.yaml | 2 +- .github/workflows/operator_ci.yaml | 4 +- .github/workflows/operator_ci_approved.yaml | 4 +- .github/workflows/operator_ci_index_sha.yaml | 10 +- .github/workflows/operator_ci_labels.yaml | 2 +- .github/workflows/operator_convert.yaml | 2 +- .github/workflows/operator_release.yaml | 192 ++++-------------- .../workflows/operator_release_manual.yaml | 191 ++++------------- .github/workflows/operator_test.yaml | 94 +++------ ...operator_test_report_openshift_status.yaml | 12 +- .github/workflows/operator_verify.yaml | 4 +- .../workflows/operator_workflow_complete.yaml | 33 ++- .github/workflows/prepare_test_index.yaml | 4 +- .github/workflows/stale_issues.yaml | 2 +- .github/workflows/upgrade.yaml | 2 +- config.yaml | 1 + 20 files changed, 163 insertions(+), 406 deletions(-) diff --git a/.github/workflows/command_merge.yaml b/.github/workflows/command_merge.yaml index 20b48fb83..d8d93e515 100644 --- a/.github/workflows/command_merge.yaml +++ b/.github/workflows/command_merge.yaml @@ -2,7 +2,7 @@ on: issue_comment name: Issue Comments - merge env: - OPP_PRODUCTION_TYPE: "ocp" + OPP_PRODUCTION_TYPE: "k8s" OPP_THIS_REPO_NAME: "community-operators-pipeline" OPP_THIS_REPO_ORG: "redhat-openshift-ecosystem" diff --git a/.github/workflows/command_retest.yaml b/.github/workflows/command_retest.yaml index 89d728cb6..e1b73df0d 100644 --- a/.github/workflows/command_retest.yaml +++ b/.github/workflows/command_retest.yaml @@ -2,7 +2,7 @@ on: issue_comment name: Issue Comments - retest env: - OPP_PRODUCTION_TYPE: "ocp" + OPP_PRODUCTION_TYPE: "k8s" jobs: handle_comments: diff --git a/.github/workflows/dco_test.yaml b/.github/workflows/dco_test.yaml index 9f3244062..b0eb7d01d 100644 --- a/.github/workflows/dco_test.yaml +++ b/.github/workflows/dco_test.yaml @@ -20,8 +20,8 @@ env: OPP_THIS_BRANCH: "main" OPP_PROD: 0 OPP_DRY_RUN: 0 - KIND_KUBE_VERSION: "v1.27.2" - OPP_PRODUCTION_TYPE: "ocp" + KIND_KUBE_VERSION: "v1.26.3" + OPP_PRODUCTION_TYPE: "k8s" OPP_REVIEWERS_ENABLED: 0 diff --git a/.github/workflows/dco_workflow_complete.yaml b/.github/workflows/dco_workflow_complete.yaml index 2552975e1..d083c2bb4 100644 --- a/.github/workflows/dco_workflow_complete.yaml +++ b/.github/workflows/dco_workflow_complete.yaml @@ -7,7 +7,7 @@ on: types: [completed] env: - OPP_PRODUCTION_TYPE: "ocp" + OPP_PRODUCTION_TYPE: "k8s" jobs: diff --git a/.github/workflows/documentation.yaml b/.github/workflows/documentation.yaml index b27b9f13c..cd721b2ea 100644 --- a/.github/workflows/documentation.yaml +++ b/.github/workflows/documentation.yaml @@ -27,7 +27,7 @@ jobs: OPP_THIS_REPO_SED=${OPP_THIS_REPO_SED//\//\\/} sed -i 's/repo_url.*/repo_url: '$OPP_THIS_REPO_SED'/g' mkdocs.yml - sed -i 's/ cluster_type:.*/ cluster_type: ocp/g' mkdocs.yml + sed -i 's/ cluster_type:.*/ cluster_type: k8s/g' mkdocs.yml cat mkdocs.yml diff --git a/.github/workflows/operator_ci.yaml b/.github/workflows/operator_ci.yaml index 2712ad7d0..07b5c4008 100644 --- a/.github/workflows/operator_ci.yaml +++ b/.github/workflows/operator_ci.yaml @@ -7,7 +7,7 @@ on: env: AUTOMERGE_ENABLED: "1" - OPP_PRODUCTION_TYPE: "ocp" + OPP_PRODUCTION_TYPE: "k8s" OPP_SCRIPT_URL: "https://raw.githubusercontent.com/redhat-openshift-ecosystem/community-operators-pipeline/ci/dev/ci/scripts/opp.sh" OPP_SCRIPT_ENV_OPRT_URL: "https://raw.githubusercontent.com/redhat-openshift-ecosystem/community-operators-pipeline/ci/dev/ci/scripts/opp-oprt.sh" OPP_SCRIPT_ENV_URL: "https://raw.githubusercontent.com/redhat-openshift-ecosystem/community-operators-pipeline/ci/dev/ci/scripts/opp-env.sh" @@ -120,7 +120,7 @@ jobs: with: github-token: ${{secrets.GITHUB_TOKEN}} script: | - const arr = ['installation-validated', 'installation-validated-4.10', 'installation-validated-4.11', 'installation-validated-4.12', 'installation-validated-4.13', ]; + const arr = ['installation-validated', 'installation-validated-atest', ]; for (let label of arr) { github.rest.issues.removeLabel({ diff --git a/.github/workflows/operator_ci_approved.yaml b/.github/workflows/operator_ci_approved.yaml index 6bde5d655..ff3739bd6 100644 --- a/.github/workflows/operator_ci_approved.yaml +++ b/.github/workflows/operator_ci_approved.yaml @@ -22,8 +22,8 @@ env: OPP_THIS_BRANCH: "main" OPP_PROD: 0 OPP_DRY_RUN: 0 - KIND_KUBE_VERSION: "v1.27.2" - OPP_PRODUCTION_TYPE: "ocp" + KIND_KUBE_VERSION: "v1.26.3" + OPP_PRODUCTION_TYPE: "k8s" OPP_REVIEWERS_ENABLED: 0 jobs: diff --git a/.github/workflows/operator_ci_index_sha.yaml b/.github/workflows/operator_ci_index_sha.yaml index 89952b186..892a98aed 100644 --- a/.github/workflows/operator_ci_index_sha.yaml +++ b/.github/workflows/operator_ci_index_sha.yaml @@ -19,14 +19,14 @@ env: GODEBUG: x509ignoreCN=0 OPP_INDEX_MIRROR: 1 OPP_MIRROR_LATEST_TAG: "" - OPP_PRODUCTION_TYPE: "ocp" - OPP_MIRROR_INDEX_MULTIARCH_BASE: "registry.redhat.io/openshift4/ose-operator-registry" - OPP_MULTIARCH_SUPPORTED_VERSIONS: "v4.5 v4.6 v4.7 v4.8 v4.9 v4.10 v4.11 v4.12 v4.13" + OPP_PRODUCTION_TYPE: "k8s" + OPP_MIRROR_INDEX_MULTIARCH_BASE: "quay.io/operator-framework/opm" + OPP_MULTIARCH_SUPPORTED_VERSIONS: "latest" OPP_MIRROR_INDEX_MULTIARCH_POSTFIX: "s" OPP_MIRROR_INDEX_REGISTRY: "quay.io" OPP_MIRROR_INDEX_ORGANIZATION: "community-operators-pipeline" OPP_MIRROR_INDEX_NAME: "catalog" - IIB_INPUT_REGISTRY_USER: "12742415|community-operators-pipeline" + IIB_INPUT_REGISTRY_USER: "framework_automation" OPP_REGISTRY_MIRROR_USER: "framework_automation" #QUAY_API_TOKEN_OPENSHIFT_COMMUNITY_OP: ${{ secrets.QUAY_API_TOKEN_OPENSHIFT_COMMUNITY_OP }} @@ -51,7 +51,7 @@ jobs: timeout-minutes: 3600 strategy: matrix: - index-tag: [ v4.10-db, v4.11, v4.12, v4.13, v4.14-rc, v4.15-rc ] + index-tag: [ latest ] fail-fast: false steps: diff --git a/.github/workflows/operator_ci_labels.yaml b/.github/workflows/operator_ci_labels.yaml index 04c4e4c37..22291676d 100644 --- a/.github/workflows/operator_ci_labels.yaml +++ b/.github/workflows/operator_ci_labels.yaml @@ -6,7 +6,7 @@ on: types: [labeled] env: - OPP_PRODUCTION_TYPE: "ocp" + OPP_PRODUCTION_TYPE: "k8s" jobs: diff --git a/.github/workflows/operator_convert.yaml b/.github/workflows/operator_convert.yaml index 921e4aff8..06ae6595c 100644 --- a/.github/workflows/operator_convert.yaml +++ b/.github/workflows/operator_convert.yaml @@ -28,7 +28,7 @@ env: ANSIBLE_DISPLAY_SKIPPED_HOSTS: 0 ANSIBLE_STDOUT_CALLBACK: "yaml" OPP_TARGET_BRANCH: "${{ github.event.inputs.target_branch }}" - OPP_PRODUCTION_TYPE: "ocp" + OPP_PRODUCTION_TYPE: "k8s" jobs: diff --git a/.github/workflows/operator_release.yaml b/.github/workflows/operator_release.yaml index 2122815ea..a70531949 100644 --- a/.github/workflows/operator_release.yaml +++ b/.github/workflows/operator_release.yaml @@ -29,7 +29,7 @@ env: OPP_ANSIBLE_PULL_BRANCH: "upstream-community-dev" OPP_PROD: 1 OPP_MIRROR_LATEST_TAG: "" - OPP_PRODUCTION_TYPE: "ocp" + OPP_PRODUCTION_TYPE: "k8s" OPP_RELEASE_BUNDLE_REGISTRY: "quay.io" OPP_RELEASE_BUNDLE_ORGANIZATION: "community-operators-pipeline" OPP_RELEASE_INDEX_REGISTRY: "quay.io" @@ -38,17 +38,17 @@ env: OPP_MIRROR_INDEX_REGISTRY: "quay.io" OPP_MIRROR_INDEX_ORGANIZATION: "community-operators-pipeline" OPP_MIRROR_INDEX_NAME: "catalog" - OPP_MIRROR_INDEX_ENABLED: "0" - OPP_MIRROR_INDEX_MULTIARCH_BASE: "registry.redhat.io/openshift4/ose-operator-registry" - OPP_MULTIARCH_SUPPORTED_VERSIONS: "v4.5 v4.6 v4.7 v4.8 v4.9 v4.10 v4.11 v4.12 v4.13" + OPP_MIRROR_INDEX_ENABLED: "1" + OPP_MIRROR_INDEX_MULTIARCH_BASE: "quay.io/operator-framework/opm" + OPP_MULTIARCH_SUPPORTED_VERSIONS: "latest" OPP_MIRROR_INDEX_MULTIARCH_POSTFIX: "s" - IIB_INPUT_REGISTRY_USER: "12742415|community-operators-pipeline" + IIB_INPUT_REGISTRY_USER: "framework_automation" OPP_REGISTRY_MIRROR_USER: "framework_automation" OPP_THIS_REPO_BASE: "https://github.com" OPP_THIS_REPO: "redhat-openshift-ecosystem/community-operators-pipeline" OPP_THIS_BRANCH: "main" - INDEX_PATH_TO_SIGN: "quay.io/community-operators-pipeline/catalog" - SIGNATURE_ENDPOINT: "https://community-signing-pipeline-dev.apps.pipelines-stage.0ce8.p1.openshiftapps.com" + INDEX_PATH_TO_SIGN: "not-defined" + SIGNATURE_ENDPOINT: "https://not-defined" OPP_REVIEWERS_ENABLED: 0 @@ -144,15 +144,15 @@ jobs: opp_release_delete_appreg: "${{ steps.op-traffic-light.outputs.opp_release_delete_appreg }}" opp_pr_title: "${{ steps.op-traffic-light.outputs.opp_pr_title }}" opp_auto_packagemanifest_cluster_version_label: "${{ steps.op-traffic-light.outputs.opp_auto_packagemanifest_cluster_version_label }}" - remove-ocp: - name: "Remove / ocp" + remove-k8s: + name: "Remove / k8s" needs: pr-check if: needs.pr-check.outputs.opp_release_ready == '1' runs-on: ubuntu-latest strategy: matrix: - index-tag: ['v4.10-db', 'v4.11', 'v4.12', 'v4.13', 'v4.14-rc', 'v4.15-rc'] + index-tag: ['latest'] fail-fast: false steps: @@ -175,7 +175,6 @@ jobs: OPP_LABELS: "${{ needs.pr-check.outputs.opp_labels }}" OPP_AUTO_PACKAGEMANIFEST_CLUSTER_VERSION_LABEL: "${{ needs.pr-check.outputs.opp_auto_packagemanifest_cluster_version_label }}" OPP_IIB_INSTALL: 0 - IIB_INPUT_REGISTRY_TOKEN: ${{ secrets.IIB_INPUT_REGISTRY_TOKEN }} OPERATOR_INDEX_TAG: ${{ matrix.index-tag }} run: | echo "OPP_LABELS=$OPP_LABELS" @@ -187,9 +186,9 @@ jobs: echo "op_delete_${OPERATOR_INDEX_TAG} operators/${{ needs.pr-check.outputs.opp_name }}/${{ needs.pr-check.outputs.opp_version }} $OPP_THIS_REPO $OPP_THIS_BRANCH" bash <(curl -sL $OPP_SCRIPT_URL) op_delete_${OPERATOR_INDEX_TAG} operators/${{ needs.pr-check.outputs.opp_name }}/${{ needs.pr-check.outputs.opp_version }} $OPP_THIS_REPO $OPP_THIS_BRANCH || $FAKE_RC - operators-ocp: - name: "Index check / ocp" - needs: [pr-check, remove-ocp ] + operators-k8s: + name: "Index check / k8s" + needs: [pr-check, remove-k8s ] if: needs.pr-check.outputs.opp_release_ready == '1' && (needs.pr-check.outputs.opp_op_delete == '0' || needs.pr-check.outputs.opp_is_new_operatror == '1' || needs.pr-check.outputs.opp_recreate == '1' ) runs-on: ubuntu-latest @@ -201,7 +200,7 @@ jobs: OPP_AUTO_PACKAGEMANIFEST_CLUSTER_VERSION_LABEL: "${{ needs.pr-check.outputs.opp_auto_packagemanifest_cluster_version_label }}" OPP_IIB_INSTALL: 0 IIB_INPUT_REGISTRY_TOKEN: ${{ secrets.IIB_INPUT_REGISTRY_TOKEN }} - OPERATOR_INDEX_TAG: "orange_v4.10 orange_v4.11 orange_v4.12 orange_v4.13 orange_v4.14 orange_v4.15" + OPERATOR_INDEX_TAG: "orange_latest" OPP_INDEX_CHECK_ONLY: 1 run: | @@ -213,12 +212,7 @@ jobs: - name: Index check run: | echo "Operators : ${{ steps.operators.outputs.opp_uncomplete_operators }}" - echo "Operators (v4.10) : ${{ steps.operators.outputs.opp_uncomplete_operators_v4_10 }}" - echo "Operators (v4.11) : ${{ steps.operators.outputs.opp_uncomplete_operators_v4_11 }}" - echo "Operators (v4.12) : ${{ steps.operators.outputs.opp_uncomplete_operators_v4_12 }}" - echo "Operators (v4.13) : ${{ steps.operators.outputs.opp_uncomplete_operators_v4_13 }}" - echo "Operators (v4.14) : ${{ steps.operators.outputs.opp_uncomplete_operators_v4_14 }}" - echo "Operators (v4.15) : ${{ steps.operators.outputs.opp_uncomplete_operators_v4_15 }}" + echo "Operators (latest) : ${{ steps.operators.outputs.opp_uncomplete_operators_latest }}" - name: Operator info id: op-info @@ -249,8 +243,7 @@ jobs: echo $ANSIBLE_ARGS git clone $OPP_ANSIBLE_PULL_REPO -b $OPP_ANSIBLE_PULL_BRANCH operator-test-playbooks cd operator-test-playbooks - ansible-playbook -i localhost, -e ansible_connection=local -e run_upstream=true -e run_prepare_catalog_repo_upstream=true -e catalog_repo=$OPP_THIS_REPO_BASE/$OPP_THIS_REPO -e catalog_repo_branch=$OPP_THIS_BRANCH upstream/local.yml --tags reset_tools,operator_info -e operator_base_dir=/tmp/community-operators-for-catalog/operators -e operators=$OPP_FORCE_OPERATORS -e cluster_type=$OPP_PRODUCTION_TYPE -e strict_cluster_version_labels=true -e stream_kind=openshift_upstream -e production_registry_namespace=$OPP_RELEASE_BUNDLE_REGISTRY/$OPP_RELEASE_BUNDLE_ORGANIZATION $ANSIBLE_ARGS - + ansible-playbook -i localhost, -e ansible_connection=local -e run_upstream=true -e run_prepare_catalog_repo_upstream=true -e catalog_repo=$OPP_THIS_REPO_BASE/$OPP_THIS_REPO -e catalog_repo_branch=$OPP_THIS_BRANCH upstream/local.yml --tags reset_tools,operator_info -e operator_base_dir=/tmp/community-operators-for-catalog/operators -e operators=$OPP_FORCE_OPERATORS -e cluster_type=$OPP_PRODUCTION_TYPE -e strict_cluster_version_labels=true -e production_registry_namespace=$OPP_RELEASE_BUNDLE_REGISTRY/$OPP_RELEASE_BUNDLE_ORGANIZATION $ANSIBLE_ARGS - name: Upload operator_info uses: actions/upload-artifact@v2 with: @@ -263,20 +256,14 @@ jobs: path: "/tmp/operator-test/operators" - shell: bash run: | - [ -f /tmp/operator-test/op_info.yaml ] && cat /tmp/operator-test/op_info.yaml || echo "opp_uncomplete_operators=" >> $GITHUB_OUTPUT + [ -f /tmp/operator-test/op_info.yaml ] && cat /tmp/operator-test/op_info.yaml || echo "opp_uncomplete_operators=" >> $GITHUB_OUTPUT outputs: opp_uncomplete_operators: "${{ steps.operators.outputs.opp_uncomplete_operators }}" - opp_uncomplete_operators_v4_10: "${{ steps.operators.outputs.opp_uncomplete_operators_v4_10 }}" - opp_uncomplete_operators_v4_11: "${{ steps.operators.outputs.opp_uncomplete_operators_v4_11 }}" - opp_uncomplete_operators_v4_12: "${{ steps.operators.outputs.opp_uncomplete_operators_v4_12 }}" - opp_uncomplete_operators_v4_13: "${{ steps.operators.outputs.opp_uncomplete_operators_v4_13 }}" - opp_uncomplete_operators_v4_14: "${{ steps.operators.outputs.opp_uncomplete_operators_v4_14 }}" - opp_uncomplete_operators_v4_15: "${{ steps.operators.outputs.opp_uncomplete_operators_v4_15 }}" - - bundles-ocp: - name: "Bundles / ocp" - needs: [ pr-check, remove-ocp, operators-ocp ] - if: needs.pr-check.outputs.opp_release_ready == '1' && needs.operators-ocp.outputs.opp_uncomplete_operators != '' + opp_uncomplete_operators_latest: "${{ steps.operators.outputs.opp_uncomplete_operators_latest }}" + bundles-k8s: + name: "Bundles / k8s" + needs: [ pr-check, remove-k8s, operators-k8s ] + if: needs.pr-check.outputs.opp_release_ready == '1' && needs.operators-k8s.outputs.opp_uncomplete_operators != '' runs-on: ubuntu-latest steps: @@ -295,11 +282,10 @@ jobs: OPP_LABELS: "${{ needs.pr-check.outputs.opp_labels }}" OPP_AUTO_PACKAGEMANIFEST_CLUSTER_VERSION_LABEL: "${{ needs.pr-check.outputs.opp_auto_packagemanifest_cluster_version_label }}" OPP_IIB_INSTALL: 0 - IIB_INPUT_REGISTRY_TOKEN: ${{ secrets.IIB_INPUT_REGISTRY_TOKEN }} OPERATOR_INDEX_TAG: latest OPP_SKIP_INDEX: 1 OPP_SKIP_BUNDLES: 0 - OPP_FORCE_OPERATORS: "${{ needs.operators-ocp.outputs.opp_uncomplete_operators }}" + OPP_FORCE_OPERATORS: "${{ needs.operators-k8s.outputs.opp_uncomplete_operators }}" run: | echo "OPP_LABELS=$OPP_LABELS" @@ -312,15 +298,15 @@ jobs: echo "orange_${OPERATOR_INDEX_TAG} operators/sync $OPP_THIS_REPO $OPP_THIS_BRANCH" bash <(curl -sL $OPP_SCRIPT_URL) orange_${OPERATOR_INDEX_TAG} operators/sync $OPP_THIS_REPO $OPP_THIS_BRANCH || $FAKE_RC - release-ocp: - name: "Index / ocp" - needs: [ pr-check, operators-ocp, bundles-ocp ] - if: needs.pr-check.outputs.opp_release_ready == '1' && needs.operators-ocp.outputs.opp_uncomplete_operators != '' + release-k8s: + name: "Index / k8s" + needs: [ pr-check, operators-k8s, bundles-k8s ] + if: needs.pr-check.outputs.opp_release_ready == '1' && needs.operators-k8s.outputs.opp_uncomplete_operators != '' runs-on: ubuntu-latest strategy: matrix: - index-tag: ['v4.10-db', 'v4.11', 'v4.12', 'v4.13', 'v4.14-rc', 'v4.15-rc'] + index-tag: ['latest'] fail-fast: false steps: @@ -344,21 +330,15 @@ jobs: env: OPP_LABELS: "${{ needs.pr-check.outputs.opp_labels }}" OPP_AUTO_PACKAGEMANIFEST_CLUSTER_VERSION_LABEL: "${{ needs.pr-check.outputs.opp_auto_packagemanifest_cluster_version_label }}" - OPP_IIB_INSTALL: 1 - + OPP_IIB_INSTALL: 0 + #OPP_MIRROR_INDEX_ENABLED: 0 OPP_FORCE_INDEX_UPDATE: 1 OPP_SKIP_BUNDLES: 1 IIB_INPUT_REGISTRY_TOKEN: ${{ secrets.IIB_INPUT_REGISTRY_TOKEN }} - IIB_OUTPUT_REGISTRY_TOKEN: ${{ secrets.IIB_OUTPUT_REGISTRY_TOKEN }} OPERATOR_INDEX_TAG: ${{ matrix.index-tag }} - # OPP_FORCE_OPERATORS: "${{ needs.operators-ocp.outputs.opp_uncomplete_operators }}" + # OPP_FORCE_OPERATORS: "${{ needs.operators-k8s.outputs.opp_uncomplete_operators }}" OPP_FORCE_OPERATORS: "" - OPP_FORCE_OPERATORS_v4_10: "${{ needs.operators-ocp.outputs.opp_uncomplete_operators_v4_10 }}" - OPP_FORCE_OPERATORS_v4_11: "${{ needs.operators-ocp.outputs.opp_uncomplete_operators_v4_11 }}" - OPP_FORCE_OPERATORS_v4_12: "${{ needs.operators-ocp.outputs.opp_uncomplete_operators_v4_12 }}" - OPP_FORCE_OPERATORS_v4_13: "${{ needs.operators-ocp.outputs.opp_uncomplete_operators_v4_13 }}" - OPP_FORCE_OPERATORS_v4_14: "${{ needs.operators-ocp.outputs.opp_uncomplete_operators_v4_14 }}" - OPP_FORCE_OPERATORS_v4_15: "${{ needs.operators-ocp.outputs.opp_uncomplete_operators_v4_15 }}" + OPP_FORCE_OPERATORS_latest: "${{ needs.operators-k8s.outputs.opp_uncomplete_operators_latest }}" run: | echo "OPP_LABELS=$OPP_LABELS" @@ -378,57 +358,15 @@ jobs: docker exec -t op-test /bin/bash -c "podman images ; df -h" || true echo "local df:" df -h - - - name: Sign index - id: openshift-vars - env: - OPERATOR_INDEX_TAG_RAW: ${{ matrix.index-tag }} - OPP_AUTO_PACKAGEMANIFEST_CLUSTER_VERSION_LABEL: "${{ needs.pr-check.outputs.opp_auto_packagemanifest_cluster_version_label }}" - run: | - docker login ${OPP_MIRROR_INDEX_REGISTRY} -u $OPP_REGISTRY_MIRROR_USER -p $REGISTRY_MIRROR_PW - OPERATOR_INDEX_TAG=$(echo ${OPERATOR_INDEX_TAG_RAW} |cut -d'-' -f1) - echo "OPERATOR_INDEX_TAG=$OPERATOR_INDEX_TAG" - OPERATOR_INDEX="${INDEX_PATH_TO_SIGN}:${OPERATOR_INDEX_TAG}" - MANIFEST_LIST=${OPP_MIRROR_INDEX_REGISTRY}/${OPP_MIRROR_INDEX_ORGANIZATION}/${OPP_MIRROR_INDEX_NAME}:${OPERATOR_INDEX_TAG} - echo "MANIFEST_LIST=$MANIFEST_LIST" - - SIGNATURE_PAYLOAD=$( - docker manifest inspect ${MANIFEST_LIST} | jq -r '.manifests[]|.digest' \ - | awk -v pullspec=${OPERATOR_INDEX} \ - -v requester=${{ secrets.SIGNATURE_WEBHOOK_REQUESTER_EMAIL }} \ - -v 'body={"manifest_digest": "@DIGESTS@", "reference": "@REFERENCES@", "requester": "@REQUESTER@"}' \ - ' - /^sha/ { - digests=digests "," $1; - references=references "," pullspec - } - END { - sub(/^,/, "", digests); - sub(/^,/, "", references); - sub(/@DIGESTS@/, digests, body); - sub(/@REFERENCES@/, references, body); - sub(/@REQUESTER@/, requester, body); - print body - } - ' - ) - echo "SIGNATURE_PAYLOAD=$SIGNATURE_PAYLOAD" - - curl --connect-timeout 10 --max-time 20 --fail --retry-all-errors --retry 5 --retry-delay 3 \ - ${SIGNATURE_ENDPOINT} -d "${SIGNATURE_PAYLOAD}" -u "community-op-cert:${{ secrets.SIGNATURE_WEBHOOK_PASSWD }}" - - # skopeo inspect docker://$MANIFEST_LIST > /dev/null # error out if needed - # OPERATOR_INDEX_DIGEST=$(skopeo inspect docker://$MANIFEST_LIST | jq -r ".Digest") - #OPERATOR_INDEX_RESOLVED="${OPP_MIRROR_INDEX_REGISTRY}/${OPP_MIRROR_INDEX_ORGANIZATION}/${OPP_MIRROR_INDEX_NAME}@${OPERATOR_INDEX_DIGEST}" - index-verify-ocp: - name: "Index Verify / ocp" - needs: [ pr-check, operators-ocp, bundles-ocp, release-ocp] - if: needs.pr-check.outputs.opp_release_ready == '1' && needs.operators-ocp.outputs.opp_uncomplete_operators != '' + index-verify-k8s: + name: "Index Verify / k8s" + needs: [ pr-check, operators-k8s, bundles-k8s, release-k8s] + if: needs.pr-check.outputs.opp_release_ready == '1' && needs.operators-k8s.outputs.opp_uncomplete_operators != '' runs-on: ubuntu-latest strategy: matrix: - index-tag: ['v4.10-db', 'v4.11', 'v4.12', 'v4.13', 'v4.14-rc', 'v4.15-rc'] + index-tag: ['latest'] fail-fast: false steps: @@ -452,59 +390,3 @@ jobs: echo "MY_INDEXES=$MY_INDEXES" echo "$REGISTRY_MIRROR_PW" | $OPP_CONTAINER_TOOL login $OPP_MIRROR_INDEX_REGISTRY -u $OPP_REGISTRY_MIRROR_USER --password-stdin || { echo "Problem to login to '$OPP_MIRROR_INDEX_REGISTRY' !!!"; exit 1; } ansible-pull -U $OPP_ANSIBLE_PULL_REPO -C $OPP_ANSIBLE_PULL_BRANCH -i localhost, -e run_upstream=true -e run_prepare_catalog_repo_upstream=false -e container_tool=$OPP_CONTAINER_TOOL upstream/local.yml --tags reset_tools,index_verify -e iv_indexes="$MY_INDEXES" - - slack-notification: - name: "Monitoring notification" - needs: [ pr-check, remove-ocp, operators-ocp, bundles-ocp, release-ocp , index-verify-ocp ] - - if: failure() - runs-on: ubuntu-latest - steps: - - name: Report Status to a Slack - uses: ravsamhq/notify-slack-action@master - with: - notification_title: 'Release pipeline failed: ${{ needs.pr-check.outputs.opp_pr_title }}' - footer: 'monitoring' -# status: ${{ needs.pr-check.result }} - status: 'failure' - notify_when: 'failure' - env: - SLACK_WEBHOOK_URL: ${{ secrets.ACTION_MONITORING_SLACK }} - continue-on-error: true - - - name: Google Chat Notification - run: | - echo "title: Release pipeline failed: ${{ needs.pr-check.outputs.opp_pr_title }}" - echo "subtitle: failure" - curl --location --request POST '${{ secrets.GCHAT_WEBHOOK }}' \ - --header 'Content-Type: application/json' \ - --data-raw '{ - "cards": [ - { - "header": { - "title": "Release pipeline failed: ${{ needs.pr-check.outputs.opp_pr_title }}", - "subtitle": "failure" - }, - "sections": [ - { - "widgets": [ - { - "buttons": [ - { - "textButton": { - "text": "Open the release queue", - "onClick": { - "openLink": { - "url": "https://github.com/${{ github.repository }}/actions/workflows/operator_release.yaml" - } - } - } - } - ] - } - ] - } - ] - } - ] - }' diff --git a/.github/workflows/operator_release_manual.yaml b/.github/workflows/operator_release_manual.yaml index 46582a863..6a26bd0b5 100644 --- a/.github/workflows/operator_release_manual.yaml +++ b/.github/workflows/operator_release_manual.yaml @@ -19,19 +19,15 @@ on: index: - description: 'Target index (as a JSON list, e.g. ["v4.10-db", "v4.11"])' + description: 'Target index (as a JSON list, e.g. ["latest", "latest-db"])' required: true - default: '["v4.10-db", "v4.11", "v4.12", "v4.13", "v4.14-rc", "v4.15-rc"]' + default: '["latest"]' list_of_operators: description: 'List of operators to be synced in the index, list has to be devided by spaces (e.g. aqua ripsaw)' required: true default: '' - mirror_index_to_final_location: - description: 'Push final index to production' - required: true - default: '0' env: OPP_DEBUG: 1 @@ -46,7 +42,7 @@ env: OPP_ANSIBLE_PULL_BRANCH: "upstream-community-dev" OPP_PROD: 1 OPP_MIRROR_LATEST_TAG: "" - OPP_PRODUCTION_TYPE: "ocp" + OPP_PRODUCTION_TYPE: "k8s" OPP_RELEASE_BUNDLE_REGISTRY: "quay.io" OPP_RELEASE_BUNDLE_ORGANIZATION: "community-operators-pipeline" OPP_RELEASE_INDEX_REGISTRY: "quay.io" @@ -55,17 +51,17 @@ env: OPP_MIRROR_INDEX_REGISTRY: "quay.io" OPP_MIRROR_INDEX_ORGANIZATION: "community-operators-pipeline" OPP_MIRROR_INDEX_NAME: "catalog" - OPP_MIRROR_INDEX_ENABLED: "0" - OPP_MIRROR_INDEX_MULTIARCH_BASE: "registry.redhat.io/openshift4/ose-operator-registry" - OPP_MULTIARCH_SUPPORTED_VERSIONS: "v4.5 v4.6 v4.7 v4.8 v4.9 v4.10 v4.11 v4.12 v4.13" + OPP_MIRROR_INDEX_ENABLED: "1" + OPP_MIRROR_INDEX_MULTIARCH_BASE: "quay.io/operator-framework/opm" + OPP_MULTIARCH_SUPPORTED_VERSIONS: "latest" OPP_MIRROR_INDEX_MULTIARCH_POSTFIX: "s" - IIB_INPUT_REGISTRY_USER: "12742415|community-operators-pipeline" + IIB_INPUT_REGISTRY_USER: "framework_automation" OPP_REGISTRY_MIRROR_USER: "framework_automation" OPP_THIS_REPO_BASE: "https://github.com" OPP_THIS_REPO: "redhat-openshift-ecosystem/community-operators-pipeline" OPP_THIS_BRANCH: "main" - INDEX_PATH_TO_SIGN: "quay.io/community-operators-pipeline/catalog" - SIGNATURE_ENDPOINT: "https://community-signing-pipeline-dev.apps.pipelines-stage.0ce8.p1.openshiftapps.com" + INDEX_PATH_TO_SIGN: "not-defined" + SIGNATURE_ENDPOINT: "https://not-defined" OPP_REVIEWERS_ENABLED: 0 @@ -149,8 +145,8 @@ jobs: opp_release_delete_appreg: "${{ steps.op-traffic-light.outputs.opp_release_delete_appreg }}" opp_pr_title: "${{ steps.op-traffic-light.outputs.opp_pr_title }}" opp_auto_packagemanifest_cluster_version_label: "${{ steps.op-traffic-light.outputs.opp_auto_packagemanifest_cluster_version_label }}" - remove-ocp: - name: "Remove / ocp" + remove-k8s: + name: "Remove / k8s" needs: pr-check if: needs.pr-check.outputs.opp_release_ready == '1' @@ -184,7 +180,6 @@ jobs: OPP_LABELS: "${{ needs.pr-check.outputs.opp_labels }}" OPP_AUTO_PACKAGEMANIFEST_CLUSTER_VERSION_LABEL: "${{ needs.pr-check.outputs.opp_auto_packagemanifest_cluster_version_label }}" OPP_IIB_INSTALL: 0 - IIB_INPUT_REGISTRY_TOKEN: ${{ secrets.IIB_INPUT_REGISTRY_TOKEN }} OPERATOR_INDEX_TAG: ${{ matrix.index-tag }} run: | echo "OPP_LABELS=$OPP_LABELS" @@ -194,9 +189,9 @@ jobs: echo "op_delete_${OPERATOR_INDEX_TAG} operators/${{ needs.pr-check.outputs.opp_name }}/${{ needs.pr-check.outputs.opp_version }} $OPP_THIS_REPO $OPP_THIS_BRANCH" bash <(curl -sL $OPP_SCRIPT_URL) op_delete_${OPERATOR_INDEX_TAG} operators/${{ needs.pr-check.outputs.opp_name }}/${{ needs.pr-check.outputs.opp_version }} $OPP_THIS_REPO $OPP_THIS_BRANCH || $FAKE_RC - operators-ocp: - name: "Index check / ocp" - needs: [pr-check, remove-ocp ] + operators-k8s: + name: "Index check / k8s" + needs: [pr-check, remove-k8s ] if: needs.pr-check.outputs.opp_release_ready == '1' && (needs.pr-check.outputs.opp_op_delete == '0' || needs.pr-check.outputs.opp_is_new_operatror == '1' || needs.pr-check.outputs.opp_recreate == '1' ) runs-on: ubuntu-latest @@ -208,7 +203,7 @@ jobs: OPP_AUTO_PACKAGEMANIFEST_CLUSTER_VERSION_LABEL: "${{ needs.pr-check.outputs.opp_auto_packagemanifest_cluster_version_label }}" OPP_IIB_INSTALL: 0 IIB_INPUT_REGISTRY_TOKEN: ${{ secrets.IIB_INPUT_REGISTRY_TOKEN }} - OPERATOR_INDEX_TAG: "orange_v4.10 orange_v4.11 orange_v4.12 orange_v4.13 orange_v4.14 orange_v4.15" + OPERATOR_INDEX_TAG: "orange_latest" OPP_INDEX_CHECK_ONLY: 1 run: | @@ -219,17 +214,12 @@ jobs: export OPP_FORCE_OPERATORS_$TARGET_INDEX_UNDERLINE="${{ github.event.inputs.list_of_operators }}" echo "opp_uncomplete_operators_$TARGET_INDEX_UNDERLINE=${{ github.event.inputs.list_of_operators }}" >> $GITHUB_OUTPUT done - echo "opp_uncomplete_operators=${{ github.event.inputs.list_of_operators }}" >> $GITHUB_OUTPUT + echo "opp_uncomplete_operators=${{ github.event.inputs.list_of_operators }}" >> $GITHUB_OUTPUT - name: Index check run: | echo "Operators : ${{ steps.operators.outputs.opp_uncomplete_operators }}" - echo "Operators (v4.10) : ${{ steps.operators.outputs.opp_uncomplete_operators_v4_10 }}" - echo "Operators (v4.11) : ${{ steps.operators.outputs.opp_uncomplete_operators_v4_11 }}" - echo "Operators (v4.12) : ${{ steps.operators.outputs.opp_uncomplete_operators_v4_12 }}" - echo "Operators (v4.13) : ${{ steps.operators.outputs.opp_uncomplete_operators_v4_13 }}" - echo "Operators (v4.14) : ${{ steps.operators.outputs.opp_uncomplete_operators_v4_14 }}" - echo "Operators (v4.15) : ${{ steps.operators.outputs.opp_uncomplete_operators_v4_15 }}" + echo "Operators (latest) : ${{ steps.operators.outputs.opp_uncomplete_operators_latest }}" - name: Operator info id: op-info @@ -254,8 +244,7 @@ jobs: echo $ANSIBLE_ARGS git clone $OPP_ANSIBLE_PULL_REPO -b $OPP_ANSIBLE_PULL_BRANCH operator-test-playbooks cd operator-test-playbooks - ansible-playbook -i localhost, -e ansible_connection=local -e run_upstream=true -e run_prepare_catalog_repo_upstream=true -e catalog_repo=$OPP_THIS_REPO_BASE/$OPP_THIS_REPO -e catalog_repo_branch=$OPP_THIS_BRANCH upstream/local.yml --tags reset_tools,operator_info -e operator_base_dir=/tmp/community-operators-for-catalog/operators -e operators=$OPP_FORCE_OPERATORS -e cluster_type=$OPP_PRODUCTION_TYPE -e strict_cluster_version_labels=true -e stream_kind=openshift_upstream -e production_registry_namespace=$OPP_RELEASE_BUNDLE_REGISTRY/$OPP_RELEASE_BUNDLE_ORGANIZATION $ANSIBLE_ARGS - + ansible-playbook -i localhost, -e ansible_connection=local -e run_upstream=true -e run_prepare_catalog_repo_upstream=true -e catalog_repo=$OPP_THIS_REPO_BASE/$OPP_THIS_REPO -e catalog_repo_branch=$OPP_THIS_BRANCH upstream/local.yml --tags reset_tools,operator_info -e operator_base_dir=/tmp/community-operators-for-catalog/operators -e operators=$OPP_FORCE_OPERATORS -e cluster_type=$OPP_PRODUCTION_TYPE -e strict_cluster_version_labels=true -e production_registry_namespace=$OPP_RELEASE_BUNDLE_REGISTRY/$OPP_RELEASE_BUNDLE_ORGANIZATION $ANSIBLE_ARGS - name: Upload operator_info uses: actions/upload-artifact@v2 with: @@ -268,20 +257,14 @@ jobs: path: "/tmp/operator-test/operators" - shell: bash run: | - [ -f /tmp/operator-test/op_info.yaml ] && cat /tmp/operator-test/op_info.yaml || echo "opp_uncomplete_operators=" >> $GITHUB_OUTPUT + [ -f /tmp/operator-test/op_info.yaml ] && cat /tmp/operator-test/op_info.yaml || echo "opp_uncomplete_operators=" >> $GITHUB_OUTPUT outputs: opp_uncomplete_operators: "${{ steps.operators.outputs.opp_uncomplete_operators }}" - opp_uncomplete_operators_v4_10: "${{ steps.operators.outputs.opp_uncomplete_operators_v4_10 }}" - opp_uncomplete_operators_v4_11: "${{ steps.operators.outputs.opp_uncomplete_operators_v4_11 }}" - opp_uncomplete_operators_v4_12: "${{ steps.operators.outputs.opp_uncomplete_operators_v4_12 }}" - opp_uncomplete_operators_v4_13: "${{ steps.operators.outputs.opp_uncomplete_operators_v4_13 }}" - opp_uncomplete_operators_v4_14: "${{ steps.operators.outputs.opp_uncomplete_operators_v4_14 }}" - opp_uncomplete_operators_v4_15: "${{ steps.operators.outputs.opp_uncomplete_operators_v4_15 }}" - - bundles-ocp: - name: "Bundles / ocp" - needs: [ pr-check, remove-ocp, operators-ocp ] - if: needs.pr-check.outputs.opp_release_ready == '1' && needs.operators-ocp.outputs.opp_uncomplete_operators != '' + opp_uncomplete_operators_latest: "${{ steps.operators.outputs.opp_uncomplete_operators_latest }}" + bundles-k8s: + name: "Bundles / k8s" + needs: [ pr-check, remove-k8s, operators-k8s ] + if: needs.pr-check.outputs.opp_release_ready == '1' && needs.operators-k8s.outputs.opp_uncomplete_operators != '' runs-on: ubuntu-latest steps: @@ -300,11 +283,10 @@ jobs: OPP_LABELS: "${{ needs.pr-check.outputs.opp_labels }}" OPP_AUTO_PACKAGEMANIFEST_CLUSTER_VERSION_LABEL: "${{ needs.pr-check.outputs.opp_auto_packagemanifest_cluster_version_label }}" OPP_IIB_INSTALL: 0 - IIB_INPUT_REGISTRY_TOKEN: ${{ secrets.IIB_INPUT_REGISTRY_TOKEN }} OPERATOR_INDEX_TAG: latest OPP_SKIP_INDEX: 1 OPP_SKIP_BUNDLES: 0 - OPP_FORCE_OPERATORS: "${{ needs.operators-ocp.outputs.opp_uncomplete_operators }}" + OPP_FORCE_OPERATORS: "${{ needs.operators-k8s.outputs.opp_uncomplete_operators }}" run: | echo "OPP_LABELS=$OPP_LABELS" @@ -315,10 +297,10 @@ jobs: echo "orange_${OPERATOR_INDEX_TAG} operators/sync $OPP_THIS_REPO $OPP_THIS_BRANCH" bash <(curl -sL $OPP_SCRIPT_URL) orange_${OPERATOR_INDEX_TAG} operators/sync $OPP_THIS_REPO $OPP_THIS_BRANCH || $FAKE_RC - release-ocp: - name: "Index / ocp" - needs: [ pr-check, operators-ocp, bundles-ocp ] - if: needs.pr-check.outputs.opp_release_ready == '1' && needs.operators-ocp.outputs.opp_uncomplete_operators != '' + release-k8s: + name: "Index / k8s" + needs: [ pr-check, operators-k8s, bundles-k8s ] + if: needs.pr-check.outputs.opp_release_ready == '1' && needs.operators-k8s.outputs.opp_uncomplete_operators != '' runs-on: ubuntu-latest strategy: @@ -348,16 +330,13 @@ jobs: env: OPP_LABELS: "${{ needs.pr-check.outputs.opp_labels }}" OPP_AUTO_PACKAGEMANIFEST_CLUSTER_VERSION_LABEL: "${{ needs.pr-check.outputs.opp_auto_packagemanifest_cluster_version_label }}" - OPP_IIB_INSTALL: 1 - - OPP_MIRROR_INDEX_ENABLED: ${{ github.event.inputs.mirror_index_to_final_location }} - + OPP_IIB_INSTALL: 0 + #OPP_MIRROR_INDEX_ENABLED: 0 OPP_FORCE_INDEX_UPDATE: 1 OPP_SKIP_BUNDLES: 1 IIB_INPUT_REGISTRY_TOKEN: ${{ secrets.IIB_INPUT_REGISTRY_TOKEN }} - IIB_OUTPUT_REGISTRY_TOKEN: ${{ secrets.IIB_OUTPUT_REGISTRY_TOKEN }} OPERATOR_INDEX_TAG: ${{ matrix.index-tag }} - # OPP_FORCE_OPERATORS: "${{ needs.operators-ocp.outputs.opp_uncomplete_operators }}" + # OPP_FORCE_OPERATORS: "${{ needs.operators-k8s.outputs.opp_uncomplete_operators }}" OPP_FORCE_OPERATORS: "" run: | @@ -382,52 +361,10 @@ jobs: docker exec -t op-test /bin/bash -c "podman images ; df -h" || true echo "local df:" df -h - - - name: Sign index - id: openshift-vars - env: - OPERATOR_INDEX_TAG_RAW: ${{ matrix.index-tag }} - OPP_AUTO_PACKAGEMANIFEST_CLUSTER_VERSION_LABEL: "${{ needs.pr-check.outputs.opp_auto_packagemanifest_cluster_version_label }}" - run: | - docker login ${OPP_MIRROR_INDEX_REGISTRY} -u $OPP_REGISTRY_MIRROR_USER -p $REGISTRY_MIRROR_PW - OPERATOR_INDEX_TAG=$(echo ${OPERATOR_INDEX_TAG_RAW} |cut -d'-' -f1) - echo "OPERATOR_INDEX_TAG=$OPERATOR_INDEX_TAG" - OPERATOR_INDEX="${INDEX_PATH_TO_SIGN}:${OPERATOR_INDEX_TAG}" - MANIFEST_LIST=${OPP_MIRROR_INDEX_REGISTRY}/${OPP_MIRROR_INDEX_ORGANIZATION}/${OPP_MIRROR_INDEX_NAME}:${OPERATOR_INDEX_TAG} - echo "MANIFEST_LIST=$MANIFEST_LIST" - - SIGNATURE_PAYLOAD=$( - docker manifest inspect ${MANIFEST_LIST} | jq -r '.manifests[]|.digest' \ - | awk -v pullspec=${OPERATOR_INDEX} \ - -v requester=${{ secrets.SIGNATURE_WEBHOOK_REQUESTER_EMAIL }} \ - -v 'body={"manifest_digest": "@DIGESTS@", "reference": "@REFERENCES@", "requester": "@REQUESTER@"}' \ - ' - /^sha/ { - digests=digests "," $1; - references=references "," pullspec - } - END { - sub(/^,/, "", digests); - sub(/^,/, "", references); - sub(/@DIGESTS@/, digests, body); - sub(/@REFERENCES@/, references, body); - sub(/@REQUESTER@/, requester, body); - print body - } - ' - ) - echo "SIGNATURE_PAYLOAD=$SIGNATURE_PAYLOAD" - - curl --connect-timeout 10 --max-time 20 --fail --retry-all-errors --retry 5 --retry-delay 3 \ - ${SIGNATURE_ENDPOINT} -d "${SIGNATURE_PAYLOAD}" -u "community-op-cert:${{ secrets.SIGNATURE_WEBHOOK_PASSWD }}" - - # skopeo inspect docker://$MANIFEST_LIST > /dev/null # error out if needed - # OPERATOR_INDEX_DIGEST=$(skopeo inspect docker://$MANIFEST_LIST | jq -r ".Digest") - #OPERATOR_INDEX_RESOLVED="${OPP_MIRROR_INDEX_REGISTRY}/${OPP_MIRROR_INDEX_ORGANIZATION}/${OPP_MIRROR_INDEX_NAME}@${OPERATOR_INDEX_DIGEST}" - index-verify-ocp: - name: "Index Verify / ocp" - needs: [ pr-check, operators-ocp, bundles-ocp, release-ocp] - if: needs.pr-check.outputs.opp_release_ready == '1' && needs.operators-ocp.outputs.opp_uncomplete_operators != '' + index-verify-k8s: + name: "Index Verify / k8s" + needs: [ pr-check, operators-k8s, bundles-k8s, release-k8s] + if: needs.pr-check.outputs.opp_release_ready == '1' && needs.operators-k8s.outputs.opp_uncomplete_operators != '' runs-on: ubuntu-latest strategy: @@ -457,59 +394,3 @@ jobs: echo "MY_INDEXES=$MY_INDEXES" echo "$REGISTRY_MIRROR_PW" | $OPP_CONTAINER_TOOL login $OPP_MIRROR_INDEX_REGISTRY -u $OPP_REGISTRY_MIRROR_USER --password-stdin || { echo "Problem to login to '$OPP_MIRROR_INDEX_REGISTRY' !!!"; exit 1; } ansible-pull -U $OPP_ANSIBLE_PULL_REPO -C $OPP_ANSIBLE_PULL_BRANCH -i localhost, -e run_upstream=true -e run_prepare_catalog_repo_upstream=false -e container_tool=$OPP_CONTAINER_TOOL upstream/local.yml --tags reset_tools,index_verify -e iv_indexes="$MY_INDEXES" - - slack-notification: - name: "Monitoring notification" - needs: [ pr-check, remove-ocp, operators-ocp, bundles-ocp, release-ocp , index-verify-ocp ] - - if: failure() - runs-on: ubuntu-latest - steps: - - name: Report Status to a Slack - uses: ravsamhq/notify-slack-action@master - with: - notification_title: 'Release pipeline failed: ${{ needs.pr-check.outputs.opp_pr_title }}' - footer: 'monitoring' -# status: ${{ needs.pr-check.result }} - status: 'failure' - notify_when: 'failure' - env: - SLACK_WEBHOOK_URL: ${{ secrets.ACTION_MONITORING_SLACK }} - continue-on-error: true - - - name: Google Chat Notification - run: | - echo "title: Release pipeline failed: ${{ needs.pr-check.outputs.opp_pr_title }}" - echo "subtitle: failure" - curl --location --request POST '${{ secrets.GCHAT_WEBHOOK }}' \ - --header 'Content-Type: application/json' \ - --data-raw '{ - "cards": [ - { - "header": { - "title": "Release pipeline failed: ${{ needs.pr-check.outputs.opp_pr_title }}", - "subtitle": "failure" - }, - "sections": [ - { - "widgets": [ - { - "buttons": [ - { - "textButton": { - "text": "Open the release queue", - "onClick": { - "openLink": { - "url": "https://github.com/${{ github.repository }}/actions/workflows/operator_release.yaml" - } - } - } - } - ] - } - ] - } - ] - } - ] - }' diff --git a/.github/workflows/operator_test.yaml b/.github/workflows/operator_test.yaml index b04a2d05b..39f8d9981 100644 --- a/.github/workflows/operator_test.yaml +++ b/.github/workflows/operator_test.yaml @@ -28,17 +28,17 @@ env: OPP_RELEASE_INDEX_REGISTRY: "quay.io" OPP_RELEASE_INDEX_ORGANIZATION: "community-operators-pipeline" OPP_RELEASE_INDEX_NAME: "catalog_tmp" - OPP_MIRROR_INDEX_MULTIARCH_BASE: "registry.redhat.io/openshift4/ose-operator-registry" - OPP_MULTIARCH_SUPPORTED_VERSIONS: "v4.5 v4.6 v4.7 v4.8 v4.9 v4.10 v4.11 v4.12 v4.13" + OPP_MIRROR_INDEX_MULTIARCH_BASE: "quay.io/operator-framework/opm" + OPP_MULTIARCH_SUPPORTED_VERSIONS: "latest" OPP_MIRROR_INDEX_MULTIARCH_POSTFIX: "s" - IIB_INPUT_REGISTRY_USER: "12742415|community-operators-pipeline" + IIB_INPUT_REGISTRY_USER: "framework_automation" OPP_PROD: 0 OPP_DRY_RUN: 0 # TODO handle config OPP_PACKAGEMANIFEST_DISABLED: "0" - KIND_VERSION: "v0.20.0" - KIND_KUBE_VERSION_LATEST: "v1.27.2" - OPP_PRODUCTION_TYPE: "ocp" + KIND_VERSION: "v0.18.0" + KIND_KUBE_VERSION_LATEST: "v1.26.3" + OPP_PRODUCTION_TYPE: "k8s" OPP_REVIEWERS_ENABLED: 0 OPP_FORCE_DEPLOY_ON_K8S_OPENSHIFT_VERSION: 4.10 # ARTEFACT_PATH: "/tmp/operator-test" #hardcoded for now @@ -121,8 +121,6 @@ jobs: [ "$OPP_AUTO_LABEL" = '1' ] && ANSIBLE_ARGS="-e automatic_cluster_version_label=true" || ANSIBLE_ARGS="-e automatic_cluster_version_label=false" [ "$OPP_PACKAGEMANIFEST_DISABLED" = '1' ] && ANSIBLE_ARGS="-e manifest_format_disabled=true" || ANSIBLE_ARGS="$ANSIBLE_ARGS --e manifest_format_disabled=false" - ANSIBLE_ARGS="$ANSIBLE_ARGS -e stream_kind=openshift_upstream" - echo $ANSIBLE_ARGS ansible-pull -U $OPP_ANSIBLE_PULL_REPO -C $OPP_ANSIBLE_PULL_BRANCH -i localhost, -e run_upstream=true -e run_prepare_catalog_repo_upstream=false -e run_remove_catalog_repo=false upstream/local.yml --tags reset_tools,operator_info -e operator_dir=$PWD/operators/operators/${{ steps.op-traffic-light.outputs.opp_name }} -e cluster_type=$OPP_PRODUCTION_TYPE -e strict_cluster_version_labels=true -e strict_k8s_bundles=true -e production_registry_namespace=$OPP_RELEASE_BUNDLE_REGISTRY/$OPP_RELEASE_BUNDLE_ORGANIZATION $ANSIBLE_ARGS @@ -130,11 +128,14 @@ jobs: id: op-info-result if: always() && (steps.op-traffic-light.outputs.opp_op_delete == '0' || steps.op-traffic-light.outputs.opp_is_new_operatror == '1' || steps.op-traffic-light.outputs.opp_recreate == '1' ) && (steps.op-traffic-light.outputs.opp_ci_yaml_only == '0') run: | - echo "opp_check_err_cluster_version_autolabel=0" >> $GITHUB_OUTPUT + echo "opp_check_err_k8s_bundles=0" >> $GITHUB_OUTPUT + echo "opp_check_err_k8s_bundles_value=" >> $GITHUB_OUTPUT echo "opp_check_err_package_manifest=" >> $GITHUB_OUTPUT - [ -f /tmp/operator-test/op_auto_labels.yaml ] && echo "opp_check_err_cluster_version_autolabel=1" >> $GITHUB_OUTPUT || true + [ -f /tmp/operator-test/op_failed_k8s_bundles.yaml ] && echo "opp_check_err_k8s_bundles=1" >> $GITHUB_OUTPUT || true + [ -f /tmp/operator-test/op_failed_k8s_bundles.yaml ] && echo "opp_check_err_k8s_bundles_value=$(cat /tmp/operator-test/op_failed_k8s_bundles.yaml | yq -r '.operators | @csv' | tr -d '"')" >> $GITHUB_OUTPUT || true [ -f /tmp/operator-test/format_failed ] && echo "opp_check_err_package_manifest=1" >> $GITHUB_OUTPUT || true - + + - name: Operator info (packagemanifest format failed) id: op-info-comment-format if: always() && steps.op-info-result.outputs.opp_check_err_package_manifest == '1' && (steps.op-traffic-light.outputs.opp_op_delete == '0' || steps.op-traffic-light.outputs.opp_is_new_operatror == '1' || steps.op-traffic-light.outputs.opp_recreate == '1' ) && (steps.op-traffic-light.outputs.opp_ci_yaml_only == '0') @@ -149,21 +150,16 @@ jobs: - name: Operator info (comment) id: op-info-comment - if: always() && steps.op-info-result.outputs.opp_check_err_cluster_version_autolabel == '1' && (steps.op-traffic-light.outputs.opp_op_delete == '0' || steps.op-traffic-light.outputs.opp_is_new_operatror == '1' ) + if: always() && steps.op-info-result.outputs.opp_check_err_k8s_bundles == '1' && (steps.op-traffic-light.outputs.opp_op_delete == '0' || steps.op-traffic-light.outputs.opp_is_new_operatror == '1' || steps.op-traffic-light.outputs.opp_recreate == '1' ) && (steps.op-traffic-light.outputs.opp_ci_yaml_only == '0') uses: mshick/add-pr-comment@v1 with: message: | - ## Automatic Cluster Version Label (OCP) - packagemanifest only - - Starting OCP v4.9 (based on k8s 1.22) some old API were deprecated([Deprecated API Migration Guide from v1.22](https://kubernetes.io/docs/reference/using-api/deprecation-guide/#v1-22), [OKD/OpenShift Catalogs criteria and options](./packaging-required-criteria-ocp.md)). User can set `com.redhat.openshift.versions: `in its bundle `annotations.yaml` file to limit specific operator version to be visible on certain cluster. - Users can set label only when the operator is in bundle format. For packagemanifest format it is not possible to set this lablel, but community-operators pipeline can automatically set such label to the bundle. User have to allow it by putting packagemanifestClusterVersionLabel: auto in ci.yaml file - - ``` - $ cat /ci.yaml - packagemanifestClusterVersionLabel: auto - ``` - More info [here](https://${OPP_THIS_REPO_ORG}.github.io/${OPP_THIS_REPO_NAME}/operator-ci-yaml/#automatic-cluster-version-label-ocp-packagemanifest-only). - + Dear @${{ github.event.pull_request.user.login }}, + There are some operators version that are using **deprecated api** and kubernetes max versions (`operatorhub.io/ui-metadata-max-k8s-version`) is **NOT** set correctly under annotation field in CSV file. + + Affected versions : `${{ steps.op-info-result.outputs.opp_check_err_k8s_bundles_value }}` + + More info in 'Kubernetes max version in CSV' section [here](https://${OPP_THIS_REPO_ORG}.github.io/${OPP_THIS_REPO_NAME}/operator-ci-yaml/#kubernetes-max-version-in-csv). repo-token: ${{ secrets.GITHUB_TOKEN }} repo-token-user-login: 'github-actions[bot]' # The user.login for temporary GitHub tokens allow-repeats: true @@ -322,14 +318,14 @@ jobs: allow-repeats: true - test-lemon-openshift: + test-lemon: name: "lemon / Deploy from scratch" needs: pr-check if: needs.pr-check.outputs.opp_test_ready == '1' && (needs.pr-check.outputs.opp_op_delete == '0' || needs.pr-check.outputs.opp_is_new_operatror == '1' || needs.pr-check.outputs.opp_recreate == '1') && needs.pr-check.outputs.opp_ci_yaml_only == '0' runs-on: ubuntu-latest strategy: matrix: - index-tag: ['v4.10-db', 'v4.11', 'v4.12', 'v4.13', 'v4.14-rc', 'v4.15-rc'] + index-tag: ['latest'] fail-fast: false steps: @@ -337,26 +333,12 @@ jobs: uses: actions/checkout@v3 with: ref: ${{ github.event.pull_request.head.sha }} - - name: Download operator_info - uses: actions/download-artifact@v2 - with: - name: operator_info - path: /tmp/operator-test/ - - name: Download converted operators - uses: actions/download-artifact@v2 - with: - name: operators_converted - path: /tmp/operator-test/operators - - name: Debug artefacts - shell: bash - run: | - ls /tmp/operator-test/operators - head /tmp/operator-test/op_info.yaml - name: Operator test env: OPP_LABELS: "${{ join(github.event.pull_request.labels.*.name, ' ') }}" OPP_AUTO_PACKAGEMANIFEST_CLUSTER_VERSION_LABEL: "${{ needs.pr-check.outputs.opp_auto_packagemanifest_cluster_version_label }}" OPERATOR_INDEX_TAG: ${{ matrix.index-tag }} + KIND_KUBE_VERSION: "${{ needs.pr-check.outputs.kind_kube_version }}" run: | bash <(curl -sL $OPP_SCRIPT_CLEANUP_URL) echo "lemon_${OPERATOR_INDEX_TAG} operators/${{ needs.pr-check.outputs.opp_name }}/${{ needs.pr-check.outputs.opp_version }}" @@ -364,14 +346,14 @@ jobs: - test-orange-openshift: - name: "orange / Deploy o7t" + test-orange-latest: + name: "orange / Deploy k8s" needs: pr-check - if: needs.pr-check.outputs.opp_test_ready == '1' && (needs.pr-check.outputs.opp_op_delete == '0' || needs.pr-check.outputs.opp_is_new_operatror == '1' || needs.pr-check.outputs.opp_recreate == '1') && needs.pr-check.outputs.opp_ci_yaml_only == '0' + if: needs.pr-check.outputs.opp_test_ready == '1' && (needs.pr-check.outputs.opp_op_delete == '0' || needs.pr-check.outputs.opp_is_new_operatror == '1' || needs.pr-check.outputs.opp_recreate == '1' ) && needs.pr-check.outputs.opp_ci_yaml_only == '0' runs-on: ubuntu-latest strategy: matrix: - index-tag: ['v4.10-db', 'v4.11', 'v4.12', 'v4.13', 'v4.14-rc', 'v4.15-rc'] + index-tag: ['latest'] fail-fast: false steps: @@ -379,30 +361,16 @@ jobs: uses: actions/checkout@v3 with: ref: ${{ github.event.pull_request.head.sha }} - - name: Download operator_info - uses: actions/download-artifact@v2 - with: - name: operator_info - path: /tmp/operator-test/ - - name: Download converted operators - uses: actions/download-artifact@v2 - with: - name: operators_converted - path: /tmp/operator-test/operators - - name: Debug artefacts - shell: bash - run: | - ls /tmp/operator-test/operators - head /tmp/operator-test/op_info.yaml - name: Operator test env: OPP_LABELS: "${{ join(github.event.pull_request.labels.*.name, ' ') }}" OPP_AUTO_PACKAGEMANIFEST_CLUSTER_VERSION_LABEL: "${{ needs.pr-check.outputs.opp_auto_packagemanifest_cluster_version_label }}" - OPERATOR_INDEX_TAG: ${{ matrix.index-tag }} OPP_MIRROR_INDEX_ENABLED: 1 - OPP_IIB_INSTALL: 1 + OPP_IIB_INSTALL: 0 IIB_INPUT_REGISTRY_TOKEN: ${{ secrets.IIB_INPUT_REGISTRY_TOKEN }} + OPERATOR_INDEX_TAG: ${{ matrix.index-tag }} OPP_INSTALLATION_SKIP: "${{ needs.pr-check.outputs.opp_installation_skipped }}" + KIND_KUBE_VERSION: "${{ needs.pr-check.outputs.kind_kube_version }}" run: | bash <(curl -sL $OPP_SCRIPT_CLEANUP_URL) echo "orange_${OPERATOR_INDEX_TAG} operators/${{ needs.pr-check.outputs.opp_name }}/${{ needs.pr-check.outputs.opp_version }}" @@ -411,8 +379,8 @@ jobs: test-summary: name: "Summary" - - needs: [ pr-check, test-kiwi, test-lemon-openshift, test-orange-openshift ] + + needs: [ pr-check, test-kiwi, test-lemon, test-orange-latest] if: always() runs-on: ubuntu-latest diff --git a/.github/workflows/operator_test_report_openshift_status.yaml b/.github/workflows/operator_test_report_openshift_status.yaml index b220b0622..03e49d883 100644 --- a/.github/workflows/operator_test_report_openshift_status.yaml +++ b/.github/workflows/operator_test_report_openshift_status.yaml @@ -8,7 +8,7 @@ on: - openshift-test-status env: - OPP_PRODUCTION_TYPE: "ocp" + OPP_PRODUCTION_TYPE: "k8s" jobs: @@ -72,15 +72,9 @@ jobs: uses: actions/github-script@v6 if: | - (!contains(fromJSON(steps.labels.outputs.result).*.name, 'installation-failed-4.10')) && - (!contains(fromJSON(steps.labels.outputs.result).*.name, 'installation-failed-4.11')) && - (!contains(fromJSON(steps.labels.outputs.result).*.name, 'installation-failed-4.12')) && - (!contains(fromJSON(steps.labels.outputs.result).*.name, 'installation-failed-4.13')) && + (!contains(fromJSON(steps.labels.outputs.result).*.name, 'installation-failed-atest')) && - (contains(fromJSON(steps.labels.outputs.result).*.name, 'installation-validated-4.10')) && - (contains(fromJSON(steps.labels.outputs.result).*.name, 'installation-validated-4.11')) && - (contains(fromJSON(steps.labels.outputs.result).*.name, 'installation-validated-4.12')) && - (contains(fromJSON(steps.labels.outputs.result).*.name, 'installation-validated-4.13')) + (contains(fromJSON(steps.labels.outputs.result).*.name, 'installation-validated-atest')) continue-on-error: true with: diff --git a/.github/workflows/operator_verify.yaml b/.github/workflows/operator_verify.yaml index 848eb03e2..ff2749639 100644 --- a/.github/workflows/operator_verify.yaml +++ b/.github/workflows/operator_verify.yaml @@ -12,7 +12,7 @@ on: tags: description: 'List of tags' required: true - default: 'v4.11 v4.11s' + default: 'latest latests' image_prod_base: description: 'Base production image' @@ -22,7 +22,7 @@ on: tags_prod: required: false default: '' - description: 'List of prod tags (eg. v4.11)' + description: 'List of prod tags (eg. latest)' repo: description: 'Source repsitory' diff --git a/.github/workflows/operator_workflow_complete.yaml b/.github/workflows/operator_workflow_complete.yaml index 38bbcd487..b4be87443 100644 --- a/.github/workflows/operator_workflow_complete.yaml +++ b/.github/workflows/operator_workflow_complete.yaml @@ -7,7 +7,7 @@ on: types: [completed] env: - OPP_PRODUCTION_TYPE: "ocp" + OPP_PRODUCTION_TYPE: "k8s" jobs: @@ -117,6 +117,37 @@ jobs: body: '/merge possible' }) + - name: "Set installation-validated" + uses: actions/github-script@v6 + continue-on-error: true + env: + PR: "${{ needs.pr.outputs.pr }}" + with: + github-token: ${{secrets.GITHUB_TOKEN}} + script: | + github.rest.issues.addLabels({ + issue_number: process.env.PR, + owner: context.repo.owner, + repo: context.repo.repo, + labels: ['installation-validated'] + }) + - uses: actions/github-script@v6 + if: | + (!contains(fromJson(steps.pr-labels.outputs.result).*.name, 'do-not-merge/work-in-progress')) && + (!contains(fromJson(steps.pr-labels.outputs.result).*.name, 'do-not-merge/hold')) + continue-on-error: true + env: + PR: "${{ needs.pr.outputs.pr }}" + with: + github-token: ${{ secrets.FRAMEWORK_MERGE }} + script: | + github.rest.issues.createComment({ + issue_number: process.env.PR, + owner: context.repo.owner, + repo: context.repo.repo, + body: '/merge possible' + }) + on-failure: runs-on: ubuntu-latest if: github.event.workflow_run.conclusion == 'failure' diff --git a/.github/workflows/prepare_test_index.yaml b/.github/workflows/prepare_test_index.yaml index c1b7434a7..e7013efd8 100644 --- a/.github/workflows/prepare_test_index.yaml +++ b/.github/workflows/prepare_test_index.yaml @@ -8,7 +8,7 @@ on: - index-for-openshift-test env: - OPP_PRODUCTION_TYPE: "ocp" + OPP_PRODUCTION_TYPE: "k8s" OPP_IMAGE: "quay.io/operator_testing/operator-test-playbooks:dev" @@ -58,7 +58,7 @@ jobs: OPP_OPRT_REPO: ${{ steps.variables.outputs.opp_repo }} OPP_OPRT_SHA: ${{ steps.variables.outputs.opp_commit }} IIB_INPUT_REGISTRY_TOKEN: ${{ secrets.IIB_INPUT_REGISTRY_TOKEN }} - IIB_INPUT_REGISTRY_USER: "12742415|community-operators-pipeline" + IIB_INPUT_REGISTRY_USER: "framework_automation" OPP_MIRROR_INDEX_MULTIARCH_IMAGE: "quay.io/operator-framework/opm:latest" OPP_SCRIPT_ENV_URL: "https://raw.githubusercontent.com/redhat-openshift-ecosystem/community-operators-pipeline/ci/dev/ci/scripts/opp-osr-run.sh" OPP_OPRT_SRC_BASE: "https://github.com" diff --git a/.github/workflows/stale_issues.yaml b/.github/workflows/stale_issues.yaml index 0f56c8eb8..2c12666ba 100644 --- a/.github/workflows/stale_issues.yaml +++ b/.github/workflows/stale_issues.yaml @@ -6,7 +6,7 @@ on: - cron: "30 1 * * *" env: - OPP_PRODUCTION_TYPE: "ocp" + OPP_PRODUCTION_TYPE: "k8s" jobs: diff --git a/.github/workflows/upgrade.yaml b/.github/workflows/upgrade.yaml index d1221947a..29ce0ccd6 100644 --- a/.github/workflows/upgrade.yaml +++ b/.github/workflows/upgrade.yaml @@ -22,7 +22,7 @@ on: cluster: description: 'Cluster type (k8s, ocp)' required: true - default: 'ocp' + default: 'k8s' index_from: description: 'From index (quay.io/operator_testing/index_empty:latest)' diff --git a/config.yaml b/config.yaml index 3835a4139..1d82ecf05 100644 --- a/config.yaml +++ b/config.yaml @@ -1 +1,2 @@ organization: community-operators +cluster: k8s