-
Notifications
You must be signed in to change notification settings - Fork 2
141 lines (119 loc) · 4.67 KB
/
schemas.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
---
name: "Publish Kubernetes Schemas"
on:
workflow_dispatch:
schedule:
- cron: "0 0 * * 0"
push:
branches: ["main"]
paths: [".github/workflows/publish-kubernetes-schemas.yaml"]
jobs:
publish-manifests:
name: Publish Manifests
runs-on: ["arc-runner-set-k8s-home-ops"]
steps:
- name: Generate Token
uses: actions/create-github-app-token@v1
id: app-token
with:
app-id: "${{ secrets.BOT_APP_ID }}"
private-key: "${{ secrets.BOT_APP_PRIVATE_KEY }}"
- name: Checkout
uses: actions/checkout@v4
with:
token: "${{ steps.app-token.outputs.token }}"
- name: Setup System Tools
shell: bash
run: sudo apt-get -qq update && sudo apt-get -qq install --no-install-recommends -y curl git unzip
# - name: Install Homebrew
# shell: bash
# run: $(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)
- name: Setup Homebrew
uses: Homebrew/actions/setup-homebrew@master
- name: Setup Workflow Tools
shell: bash
run: brew install kubernetes-cli
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: 3.x
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: 18.x
- name: Install Flux
uses: fluxcd/flux2/action@534684601ec8888beb0cc4f51117b59e97606c4d # v2.2.3
- name: Write kubeconfig
id: kubeconfig
uses: timheuer/base64-to-file@v1
with:
encodedString: "${{ secrets.KUBECONFIG }}"
fileName: kubeconfig
- name: Download and run crd-extractor
env:
KUBECONFIG: "${{ steps.kubeconfig.outputs.filePath }}"
shell: bash
run: |
curl -fsSL -o $GITHUB_WORKSPACE/crd-extractor.sh \
https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/Utilities/crd-extractor.sh
chmod +x $GITHUB_WORKSPACE/crd-extractor.sh
bash $GITHUB_WORKSPACE/crd-extractor.sh
- name: Generate tag
id: generate-tag
shell: bash
run: echo "tag=ghcr.io/${{ github.repository_owner }}/manifests/kubernetes-schemas:$(git rev-parse --short HEAD)" >> "${GITHUB_OUTPUT}"
- name: Publish manifests
shell: bash
run: |
flux push artifact oci://${{ steps.generate-tag.outputs.tag }} \
--path="/home/runner/.datree/crdSchemas" \
--source="${{ github.repositoryUrl }}" \
--revision="${{ github.ref_name }}@sha1:$(git rev-parse HEAD)"
- name: Tag manifests
shell: bash
run: flux tag artifact oci://${{ steps.generate-tag.outputs.tag }} --tag main
publish-web:
name: Publish Web
runs-on: ubuntu-latest
needs: ["publish-manifests"]
steps:
- name: Setup Flux
uses: fluxcd/flux2/action@534684601ec8888beb0cc4f51117b59e97606c4d # v2.2.3
- name: Setup QEMU
uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0
- name: Setup Docker Buildx
id: buildx
uses: docker/setup-buildx-action@2b51285047da1547ffb1b2203d8be4c0af6b1f20 # v3.2.0
- name: Login to GitHub Container Registry
uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3.1.0
with:
registry: ghcr.io
username: "${{ github.actor }}"
password: "${{ secrets.GITHUB_TOKEN }}"
- name: Pull manifests
shell: bash
run: |
mkdir -p /home/runner/crdSchemas
flux pull artifact oci://ghcr.io/${{ github.repository_owner }}/manifests/kubernetes-schemas:$(git rev-parse --short HEAD) --output /home/runner/crdSchemas
- name: Write nginx-unprivileged Dockerfile
shell: bash
run: |
cat <<EOF > /home/runner/crdSchemas/Dockerfile
FROM docker.io/nginxinc/nginx-unprivileged:latest
COPY --chown=nginx:nginx --chmod=755 . /usr/share/nginx/html
USER nginx
EOF
- name: Publish web container
uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0
with:
context: /home/runner/crdSchemas
platforms: linux/amd64,linux/arm64
file: /home/runner/crdSchemas/Dockerfile
push: true
tags: |
ghcr.io/${{ github.repository_owner }}/kubernetes-schemas:latest
cache-from: type=gha
cache-to: type=gha,mode=max
labels: |
org.opencontainers.image.source="${{ github.repositoryUrl }}"
org.opencontainers.image.authors="Christopher Conroy <[email protected]>"