github/open-cluster-management
1
0
Fork 0
mirror of https://github.com/open-cluster-management-io/ocm.git synced 2026-02-14 10:00:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
f01915afb470b87dd27091447f728dc089dbf662
open-cluster-management/.github/workflows/releaseimage.yml
Qing Hao f01915afb4
Some checks failed
Scorecard supply-chain security / Scorecard analysis (push) Failing after 1s
Post / images (amd64, addon-manager) (push) Failing after 1s
Post / images (amd64, placement) (push) Failing after 1s
Post / images (amd64, registration) (push) Failing after 1s
Post / images (amd64, registration-operator) (push) Failing after 1s
Post / images (amd64, work) (push) Failing after 1s
Post / images (arm64, addon-manager) (push) Failing after 1s
Post / images (arm64, placement) (push) Failing after 1s
Post / images (arm64, registration) (push) Failing after 1s
Post / images (arm64, registration-operator) (push) Failing after 1s
Post / images (arm64, work) (push) Failing after 1s
Post / image manifest (addon-manager) (push) Has been skipped
Post / image manifest (placement) (push) Has been skipped
Post / image manifest (registration) (push) Has been skipped
Post / image manifest (registration-operator) (push) Has been skipped
Post / image manifest (work) (push) Has been skipped
Post / trigger clusteradm e2e (push) Has been skipped
Post / coverage (push) Failing after 18m26s
Close stale issues and PRs / stale (push) Failing after 1s
Upgrade to Go 1.25.0 (#1296) 
🤖 Generated with [Claude Code](https://claude.com/claude-code)

Signed-off-by: Qing Hao <qhao@redhat.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
2025-12-16 20:11:32 +00:00

142 lines
5.9 KiB
YAML
Raw Blame History

name: ImageRelease
on:
push:
tags:
- 'v*.*.*'
env:
# Common versions
GO_VERSION: '1.25'
GO_REQUIRED_MIN_VERSION: ''
GOPATH: '/home/runner/work/ocm/ocm/go'
GITHUB_REF: ${{ github.ref }}
defaults:
run:
working-directory: go/src/open-cluster-management.io/ocm
permissions:
contents: read
id-token: write
attestations: write
jobs:
env:
name: prepare release env
runs-on: ubuntu-latest
steps:
- name: checkout code
uses: actions/checkout@v6.0.1
with:
fetch-depth: 1
path: go/src/open-cluster-management.io/ocm
- name: get release version
run: |
echo "RELEASE_VERSION=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV
- name: get major release version
run: |
echo "MAJOR_RELEASE_VERSION=${RELEASE_VERSION%.*}" >> $GITHUB_ENV
echo "TRIMMED_RELEASE_VERSION=${RELEASE_VERSION#v}" >> $GITHUB_ENV
outputs:
MAJOR_RELEASE_VERSION: ${{ env.MAJOR_RELEASE_VERSION }}
RELEASE_VERSION: ${{ env.RELEASE_VERSION }}
images:
name: images
runs-on: ubuntu-latest
needs: [ env ]
strategy:
matrix:
arch: [ amd64, arm64 ]
image-name: [ registration-operator, registration, work, placement, addon-manager ]
steps:
- name: checkout code
uses: actions/checkout@v6.0.1
with:
fetch-depth: 1
path: go/src/open-cluster-management.io/ocm
- name: install Go
uses: actions/setup-go@v6
with:
go-version: ${{ env.GO_VERSION }}
- name: install imagebuilder
run: go install github.com/openshift/imagebuilder/cmd/imagebuilder@v1.2.3
- name: pull base image
run: docker pull registry.access.redhat.com/ubi9/ubi-minimal:latest --platform=linux/${{ matrix.arch }}
- name: images
run: |
IMAGE_TAG=${{ needs.env.outputs.RELEASE_VERSION }}-${{ matrix.arch }} \
IMAGE_REGISTRY=quay.io/open-cluster-management \
IMAGE_BUILD_EXTRA_FLAGS="--build-arg OS=linux --build-arg ARCH=${{ matrix.arch }}" \
make image-${{ matrix.image-name }}
- name: push
run: |
echo ${{ secrets.DOCKER_PASSWORD }} | docker login quay.io --username ${{ secrets.DOCKER_USER }} --password-stdin
docker push quay.io/open-cluster-management/${{ matrix.image-name }}:${{ needs.env.outputs.RELEASE_VERSION }}-${{ matrix.arch }}
image_digest=$(docker inspect --format='{{index .RepoDigests 0}}' "quay.io/open-cluster-management/${{ matrix.image-name }}:${{ needs.env.outputs.RELEASE_VERSION }}-${{ matrix.arch }}" | cut -d'@' -f2)
echo "IMAGE_DIGEST=${image_digest}" >> $GITHUB_ENV
- name: Generate SBOM
uses: anchore/sbom-action@v0
with:
image: quay.io/open-cluster-management/${{ matrix.image-name }}:${{ needs.env.outputs.RELEASE_VERSION }}-${{ matrix.arch }}
format: 'spdx-json'
output-file: 'sbom.spdx.json'
upload-release-assets: false # disable uploading SBOM to release assets for images
- name: Attest
uses: actions/attest-sbom@v3
id: attest
with:
subject-name: quay.io/open-cluster-management/${{ matrix.image-name }}
subject-digest: ${{ env.IMAGE_DIGEST }}
sbom-path: 'sbom.spdx.json'
push-to-registry: true
image-manifest:
name: image manifest
runs-on: ubuntu-latest
strategy:
matrix:
image-name: [ registration-operator, registration, work, placement, addon-manager ]
needs: [ env, images ]
steps:
- name: checkout code
uses: actions/checkout@v6.0.1
with:
fetch-depth: 1
path: go/src/open-cluster-management.io/ocm
# Step to install Skopeo
- name: Install Skopeo and jq
run: |
sudo apt-get update
sudo apt-get install -y skopeo jq
- name: create
run: |
echo ${{ secrets.DOCKER_PASSWORD }} | docker login quay.io --username ${{ secrets.DOCKER_USER }} --password-stdin
docker manifest create quay.io/open-cluster-management/${{ matrix.image-name }}:${{ needs.env.outputs.RELEASE_VERSION }} \
quay.io/open-cluster-management/${{ matrix.image-name }}:${{ needs.env.outputs.RELEASE_VERSION }}-amd64 \
quay.io/open-cluster-management/${{ matrix.image-name }}:${{ needs.env.outputs.RELEASE_VERSION }}-arm64
- name: annotate
run: |
docker manifest annotate quay.io/open-cluster-management/${{ matrix.image-name }}:${{ needs.env.outputs.RELEASE_VERSION }} \
quay.io/open-cluster-management/${{ matrix.image-name }}:${{ needs.env.outputs.RELEASE_VERSION }}-amd64 --arch amd64
docker manifest annotate quay.io/open-cluster-management/${{ matrix.image-name }}:${{ needs.env.outputs.RELEASE_VERSION }} \
quay.io/open-cluster-management/${{ matrix.image-name }}:${{ needs.env.outputs.RELEASE_VERSION }}-arm64 --arch arm64
- name: push
run: |
docker manifest push quay.io/open-cluster-management/${{ matrix.image-name }}:${{ needs.env.outputs.RELEASE_VERSION }}
image_digest_release=$(skopeo inspect docker://quay.io/open-cluster-management/${{ matrix.image-name }}:${{ needs.env.outputs.RELEASE_VERSION }} | jq -r '.Digest')
echo "IMAGE_DIGEST_RELEASE=${image_digest_release}" >> $GITHUB_ENV
- name: Generate SBOM
uses: anchore/sbom-action@v0
with:
image: quay.io/open-cluster-management/${{ matrix.image-name }}:${{ needs.env.outputs.RELEASE_VERSION }}
format: 'spdx-json'
output-file: 'sbom.spdx.json'
upload-release-assets: false # disable uploading SBOM to release assets for images
- name: Attest
uses: actions/attest-sbom@v3
id: attest
with:
subject-name: quay.io/open-cluster-management/${{ matrix.image-name }}
subject-digest: ${{ env.IMAGE_DIGEST_RELEASE }}
sbom-path: 'sbom.spdx.json'
push-to-registry: true
Reference in New Issue View Git Blame Copy Permalink