openstack/magnum-capi-helm-charts
Code Issues Proposed changes

Use a dependencies file (#55)

Browse Source 
* First pass at reading dependencies from file

* Write to a file first

* Add manifest fetch

* Check manifest download

* See if job outputs support fromJSON

* Try again

* Try download from manifest

* Use explicit skip steps

* Use explicit image output name for curl

* See if complex matrix values work

* Re-enable tests in PR workflow

* Use deps file in tests

* Debug outputs

* Use toJSON

* Extract matrix outputs properly

* Reinstate tests

* Remove debug statements

* [skip ci] don't run CI on edited PRs

* [skip ci] Remove edited trigger from PR workflow
This commit is contained in:
Matt Pryor
2023-07-26 15:37:54 +01:00
committed by GitHub
parent 86cc717bec
commit 413957e36c
6 changed files with 118 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
.github/actions/ensure-image/action.yml vendored
View File

@@ -12,13 +12,12 @@ inputs:
description: The name of the cloud within the OpenStack clouds file description: The name of the cloud within the OpenStack clouds file
required: true required: true
default: openstack default: openstack
images-base-url:
description: The base URL to use for downloading images
required: true
default: https://object.arcus.openstack.hpc.cam.ac.uk/swift/v1/AUTH_f0dc9cb312144d0aa44037c9149d2513/azimuth-images-prerelease/
image-name: image-name:
description: The name of the image to use description: The name of the image to use
required: true required: true
image-url:
description: The URL of the image
required: true
outputs: outputs:
image-id: image-id:
@@ -34,5 +33,5 @@ runs:
env: env:
OS_CLIENT_CONFIG_FILE: ${{ inputs.os-client-config-file }} OS_CLIENT_CONFIG_FILE: ${{ inputs.os-client-config-file }}
OS_CLOUD: ${{ inputs.os-cloud }} OS_CLOUD: ${{ inputs.os-cloud }}
IMAGES_BASE_URL: ${{ inputs.images-base-url }}
IMAGE_NAME: ${{ inputs.image-name }} IMAGE_NAME: ${{ inputs.image-name }}
IMAGE_URL: ${{ inputs.image-url }}

94
.github/workflows/ensure-capi-images.yaml vendored
View File

@@ -3,64 +3,104 @@ on:
workflow_call: workflow_call:
outputs: outputs:
kube-1-25-image: kube-1-25-image:
value: ${{ jobs.ensure-capi-images.outputs.kube-1-25-image }} value: ${{ jobs.produce_outputs.outputs.kube-1-25-image }}
kube-1-25-version: kube-1-25-version:
value: ${{ jobs.ensure-capi-images.outputs.kube-1-25-version }} value: ${{ jobs.produce_outputs.outputs.kube-1-25-version }}
kube-1-26-image: kube-1-26-image:
value: ${{ jobs.ensure-capi-images.outputs.kube-1-26-image }} value: ${{ jobs.produce_outputs.outputs.kube-1-26-image }}
kube-1-26-version: kube-1-26-version:
value: ${{ jobs.ensure-capi-images.outputs.kube-1-26-version }} value: ${{ jobs.produce_outputs.outputs.kube-1-26-version }}
kube-1-27-image: kube-1-27-image:
value: ${{ jobs.ensure-capi-images.outputs.kube-1-27-image }} value: ${{ jobs.produce_outputs.outputs.kube-1-27-image }}
kube-1-27-version: kube-1-27-version:
value: ${{ jobs.ensure-capi-images.outputs.kube-1-27-version }} value: ${{ jobs.produce_outputs.outputs.kube-1-27-version }}
jobs: jobs:
ensure-capi-images: image_manifest:
runs-on: ubuntu-latest runs-on: ubuntu-latest
# We output the image IDs for each image
outputs: outputs:
kube-1-25-image: ${{ steps.kube-1-25.outputs.image-id }} manifest: ${{ steps.images.outputs.manifest }}
kube-1-25-version: 1.25.10
kube-1-26-image: ${{ steps.kube-1-26.outputs.image-id }}
kube-1-26-version: 1.26.5
kube-1-27-image: ${{ steps.kube-1-27.outputs.image-id }}
kube-1-27-version: 1.27.2
steps: steps:
- name: Checkout - name: Checkout
uses: actions/checkout@v3 uses: actions/checkout@v3
- name: Fetch image details
id: images
run: |
VN="$(jq -r '.["azimuth-images"]' ./dependencies.json)"
MANIFEST="$(curl -fsSL "https://github.com/stackhpc/azimuth-images/releases/download/${VN}/manifest.json")"
echo "manifest=$(jq -c . <<< "$MANIFEST")" >> $GITHUB_OUTPUT
ensure_image:
runs-on: ubuntu-latest
needs: [image_manifest]
strategy:
fail-fast: false
matrix:
include:
- name: kube-1-25
image: ${{ fromJSON(needs.image_manifest.outputs.manifest).kubernetes-1-25-jammy }}
skip: ${{ github.event.pull_request.draft }}
- name: kube-1-26
image: ${{ fromJSON(needs.image_manifest.outputs.manifest).kubernetes-1-26-jammy }}
skip: ${{ github.event.pull_request.draft }}
- name: kube-1-27
image: ${{ fromJSON(needs.image_manifest.outputs.manifest).kubernetes-1-27-jammy }}
skip: false
steps:
- name: Checkout
uses: actions/checkout@v3
if: ${{ !matrix.skip }}
- name: Write cloud credential - name: Write cloud credential
run: > run: >
echo "$CLOUD" > clouds.yml echo "$CLOUD" > clouds.yml
shell: bash shell: bash
env: env:
CLOUD: ${{ secrets.CLOUD }} CLOUD: ${{ secrets.CLOUD }}
if: ${{ !matrix.skip }}
- uses: actions/setup-python@v4 - uses: actions/setup-python@v4
with: with:
python-version: '3.9' python-version: '3.9'
check-latest: true check-latest: true
if: ${{ !matrix.skip }}
- name: Install OpenStack CLI - name: Install OpenStack CLI
run: pip install python-openstackclient run: pip install python-openstackclient
if: ${{ !matrix.skip }}
- name: Ensure Kubernetes 1.25 image - name: Ensure Kubernetes image
id: kube-1-25 id: ensure-image
uses: ./.github/actions/ensure-image uses: ./.github/actions/ensure-image
with: with:
image-name: ubuntu-focal-kube-v1.25.10-230602-1732 image-name: ${{ matrix.image.name }}
if: ${{ !github.event.pull_request.draft }} image-url: ${{ matrix.image.url }}
if: ${{ !matrix.skip }}
- name: Ensure Kubernetes 1.26 image - name: Write matrix outputs
id: kube-1-26 uses: cloudposse/github-action-matrix-outputs-write@main
uses: ./.github/actions/ensure-image
with: with:
image-name: ubuntu-focal-kube-v1.26.5-230602-1757 matrix-step-name: ${{ github.job }}
if: ${{ !github.event.pull_request.draft }} matrix-key: ${{ matrix.name }}
outputs: |-
image-id: ${{ steps.ensure-image.outputs.image-id }}
kube-version: ${{ matrix.image.kubernetes_version }}
if: ${{ !matrix.skip }}
- name: Ensure Kubernetes 1.27 image produce_outputs:
id: kube-1-27 runs-on: ubuntu-latest
uses: ./.github/actions/ensure-image needs: [ensure_image]
outputs:
kube-1-25-image: ${{ fromJSON(steps.matrix-outputs.outputs.result).image-id.kube-1-25 }}
kube-1-25-version: ${{ fromJSON(steps.matrix-outputs.outputs.result).kube-version.kube-1-25 }}
kube-1-26-image: ${{ fromJSON(steps.matrix-outputs.outputs.result).image-id.kube-1-26 }}
kube-1-26-version: ${{ fromJSON(steps.matrix-outputs.outputs.result).kube-version.kube-1-26 }}
kube-1-27-image: ${{ fromJSON(steps.matrix-outputs.outputs.result).image-id.kube-1-27 }}
kube-1-27-version: ${{ fromJSON(steps.matrix-outputs.outputs.result).kube-version.kube-1-27 }}
steps:
- name: Read matrix outputs
id: matrix-outputs
uses: cloudposse/github-action-matrix-outputs-read@main
with: with:
image-name: ubuntu-focal-kube-v1.27.2-230602-1824 matrix-step-name: ensure_image

6
.github/workflows/pr.yaml vendored
View File

@@ -1,7 +1,11 @@
name: test pr name: test pr
on: on:
pull_request: pull_request:
types: [opened,synchronize,ready_for_review,edited,reopened] types:
- opened
- synchronize
- ready_for_review
- reopened
branches: branches:
- main - main

48
.github/workflows/test.yaml vendored
View File

@@ -12,58 +12,62 @@ on:
required: true required: true
default: false default: false
env:
HELM_VERSION: v3.11.3
CAPI_VERSION: v1.4.3
CAPO_VERSION: v0.7.3
ADDON_PROVIDER_VERSION: 0.1.0-dev.0.main.26
SONOBUOY_VERSION: 0.56.16
CERTMANAGER_VERSION: v1.12.1
jobs: jobs:
test-chart: test-chart:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Checkout - name: Checkout
uses: actions/checkout@v3 uses: actions/checkout@v3
- name: Read dependencies
id: deps
run: |
echo "addon-provider=$(jq -r '.["addon-provider"]' ./dependencies.json)" >> $GITHUB_OUTPUT
echo "cluster-api=$(jq -r '.["cluster-api"]' ./dependencies.json)" >> $GITHUB_OUTPUT
echo "cluster-api-provider-openstack=$(jq -r '.["cluster-api-provider-openstack"]' ./dependencies.json)" >> $GITHUB_OUTPUT
echo "cert-manager=$(jq -r '.["cert-manager"]' ./dependencies.json)" >> $GITHUB_OUTPUT
echo "helm=$(jq -r '.["helm"]' ./dependencies.json)" >> $GITHUB_OUTPUT
echo "sonobuoy=$(jq -r '.["sonobuoy"]' ./dependencies.json)" >> $GITHUB_OUTPUT
- name: Install tools - name: Install tools
run: sudo apt install -y zip unzip run: sudo apt install -y zip unzip
- name: Install sonobuoy - name: Install sonobuoy
run: > run: >
wget https://github.com/vmware-tanzu/sonobuoy/releases/download/v${SONOBUOY_VERSION}/sonobuoy_${SONOBUOY_VERSION}_linux_amd64.tar.gz && wget https://github.com/vmware-tanzu/sonobuoy/releases/download/v${SONOBUOY_VERSION}/sonobuoy_${SONOBUOY_VERSION}_linux_amd64.tar.gz &&
tar -xf sonobuoy_${SONOBUOY_VERSION}_linux_amd64.tar.gz && tar -xf sonobuoy_${SONOBUOY_VERSION}_linux_amd64.tar.gz &&
sudo mv -n sonobuoy /usr/bin/ sudo mv -n sonobuoy /usr/bin/
env:
SONOBUOY_VERSION: ${{ steps.deps.outputs.sonobuoy }}
- uses: actions/setup-python@v4 - uses: actions/setup-python@v4
with: with:
python-version: '3.9' python-version: '3.9'
check-latest: true check-latest: true
- name: Set up Helm - name: Set up Helm
uses: azure/setup-helm@v3 uses: azure/setup-helm@v3
with: with:
version: ${{ env.HELM_VERSION }} version: ${{ steps.deps.outputs.helm }}
- name: Create k8s Kind Cluster - name: Create k8s Kind Cluster
uses: helm/kind-action@v1.5.0 uses: helm/kind-action@v1.5.0
- name: Install cert-manager - name: Install cert-manager
run: |- run: |-
helm upgrade cert-manager cert-manager \ helm upgrade cert-manager cert-manager \
--repo https://charts.jetstack.io \ --repo https://charts.jetstack.io \
--version ${CERTMANAGER_VERSION} \ --version ${{ steps.deps.outputs.cert-manager }} \
--namespace cert-manager \ --namespace cert-manager \
--create-namespace \ --create-namespace \
--install \ --install \
--set installCRDs=true \ --set installCRDs=true \
--wait \ --wait \
--timeout 10m --timeout 10m
- name: Ensure Cluster API kustomization directory exists - name: Ensure Cluster API kustomization directory exists
run: mkdir -p clusterapi run: mkdir -p clusterapi
# From here: https://github.com/stackhpc/ansible-collection-azimuth-ops/blob/main/roles/clusterapi/defaults/main.yml # From here: https://github.com/stackhpc/ansible-collection-azimuth-ops/blob/main/roles/clusterapi/defaults/main.yml
- name: Write Cluster API kustomization file - name: Write Cluster API kustomization file
uses: DamianReeves/write-file-action@master uses: DamianReeves/write-file-action@master
@@ -72,8 +76,8 @@ jobs:
write-mode: overwrite write-mode: overwrite
contents: | contents: |
resources: resources:
- https://github.com/kubernetes-sigs/cluster-api/releases/download/${{ env.CAPI_VERSION }}/cluster-api-components.yaml - https://github.com/kubernetes-sigs/cluster-api/releases/download/${{ steps.deps.outputs.cluster-api }}/cluster-api-components.yaml
- https://github.com/kubernetes-sigs/cluster-api-provider-openstack/releases/download/${{ env.CAPO_VERSION }}/infrastructure-components.yaml - https://github.com/kubernetes-sigs/cluster-api-provider-openstack/releases/download/${{ steps.deps.outputs.cluster-api-provider-openstack }}/infrastructure-components.yaml
patches: patches:
- patch: |- - patch: |-
- op: replace - op: replace
@@ -105,7 +109,7 @@ jobs:
kind: Deployment kind: Deployment
namespace: capi-kubeadm-control-plane-system namespace: capi-kubeadm-control-plane-system
name: capi-kubeadm-control-plane-controller-manager name: capi-kubeadm-control-plane-controller-manager
- name: Install Cluster API resources - name: Install Cluster API resources
run: kubectl apply -k clusterapi/ run: kubectl apply -k clusterapi/
@@ -131,13 +135,13 @@ jobs:
run: |- run: |-
helm upgrade cluster-api-addon-provider cluster-api-addon-provider \ helm upgrade cluster-api-addon-provider cluster-api-addon-provider \
--repo https://stackhpc.github.io/cluster-api-addon-provider \ --repo https://stackhpc.github.io/cluster-api-addon-provider \
--version ${ADDON_PROVIDER_VERSION} \ --version ${{ steps.deps.outputs.addon-provider }} \
--namespace capi-addon-system \ --namespace capi-addon-system \
--create-namespace \ --create-namespace \
--install \ --install \
--wait \ --wait \
--timeout 10m --timeout 10m
- name: Write cloud credential - name: Write cloud credential
run: > run: >
echo "$CLOUD" > clouds.yml echo "$CLOUD" > clouds.yml

9
dependencies.json Normal file
View File

@@ -0,0 +1,9 @@
{
"addon-provider": "0.1.0-dev.0.main.26",
"azimuth-images": "0.1.2",
"cluster-api": "v1.4.4",
"cluster-api-provider-openstack": "v0.7.3",
"cert-manager": "v1.12.2",
"helm": "v3.12.2",
"sonobuoy": "0.56.16"
}

10
scripts/ensure-image.sh
View File

@@ -2,8 +2,13 @@
set -ex set -ex
[ -z "$IMAGES_BASE_URL" ] && echo "IMAGES_BASE_URL is required" >&2 && exit 1 #####
# This script uploads an image to OpenStack unless already present
#####
[ -z "$IMAGE_NAME" ] && echo "IMAGE_NAME is required" >&2 && exit 1 [ -z "$IMAGE_NAME" ] && echo "IMAGE_NAME is required" >&2 && exit 1
[ -z "$IMAGE_URL" ] && echo "IMAGE_URL is required" >&2 && exit 1
# Default the GITHUB_OUTPUT to stdout # Default the GITHUB_OUTPUT to stdout
GITHUB_OUTPUT="${GITHUB_OUTPUT:-/dev/stdout}" GITHUB_OUTPUT="${GITHUB_OUTPUT:-/dev/stdout}"
@@ -20,8 +25,7 @@ fi
# If not, download the image and upload it to Glance # If not, download the image and upload it to Glance
IMAGE_FNAME="${IMAGE_NAME}.${IMAGE_DISK_FORMAT:-qcow2}" IMAGE_FNAME="${IMAGE_NAME}.${IMAGE_DISK_FORMAT:-qcow2}"
IMAGE_URL="${IMAGES_BASE_URL}${IMAGE_FNAME}" curl -Lo "$IMAGE_FNAME" --progress-bar "$IMAGE_URL"
curl -LO --progress-bar "$IMAGE_URL"
IMAGE_ID="$( IMAGE_ID="$(
openstack image create \ openstack image create \
--progress \ --progress \