Skip to content

add volume/mount capability and set readOnlyRootFileSystem=true #291

add volume/mount capability and set readOnlyRootFileSystem=true

add volume/mount capability and set readOnlyRootFileSystem=true #291

Workflow file for this run

name: Pipeline
on:
push:
paths:
- "src/**"
- ".github/workflows/**"
pull_request:
paths:
- "src/**"
- ".github/workflows/**"
env:
version: 7.1.${{github.run_number}}
imageRepository: "emberstack/kubernetes-reflector"
DOCKER_CLI_EXPERIMENTAL: "enabled"
jobs:
ci:
name: CI
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: artifacts - prepare directories
run: |
mkdir -p .artifacts/helm
mkdir -p .artifacts/kubectl
- name: helm - import README
run: cp README.md src/helm/reflector/README.md
- name: helm - package chart
run: helm package --destination .artifacts/helm --version ${{env.version}} --app-version ${{env.version}} src/helm/reflector
- name: helm - template chart
run: helm template --namespace kube-system reflector .artifacts/helm/reflector-${{env.version}}.tgz > .artifacts/kubectl/reflector-${{env.version}}.yaml
- name: "artifacts - upload - helm chart"
uses: actions/upload-artifact@v4
with:
name: helm
path: .artifacts/helm
- name: "artifacts - upload - kubectl manifests"
uses: actions/upload-artifact@v4
with:
name: kubectl
path: .artifacts/kubectl
- name: "docker - build PR"
if: github.event_name == 'pull_request'
run: |
docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
docker buildx create --name builder --driver docker-container --use
docker buildx inspect --bootstrap
docker buildx build --platform linux/amd64 -t ${{env.imageRepository}}:build-${{env.version}}-amd64 -f src/ES.Kubernetes.Reflector/Dockerfile src/
docker buildx build --platform linux/arm -t ${{env.imageRepository}}:build-${{env.version}}-arm32v7 -f src/ES.Kubernetes.Reflector/Dockerfile src/
docker buildx build --platform linux/arm64 -t ${{env.imageRepository}}:build-${{env.version}}-arm64v8 -f src/ES.Kubernetes.Reflector/Dockerfile src/
- name: tools - docker - login
if: github.event_name == 'push' && github.actor != 'dependabot[bot]'
uses: docker/login-action@v3
with:
username: ${{ secrets.ES_DOCKERHUB_USERNAME }}
password: ${{ secrets.ES_DOCKERHUB_PAT }}
- name: "docker - build and publish"
if: github.event_name == 'push' && github.actor != 'dependabot[bot]'
run: |
docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
docker buildx create --name builder --driver docker-container --use
docker buildx inspect --bootstrap
docker buildx build --push --platform linux/amd64 --provenance=false -t ${{env.imageRepository}}:build-${{env.version}}-amd64 -f src/ES.Kubernetes.Reflector/Dockerfile src/
docker buildx build --push --platform linux/arm --provenance=false -t ${{env.imageRepository}}:build-${{env.version}}-arm32v7 -f src/ES.Kubernetes.Reflector/Dockerfile src/
docker buildx build --push --platform linux/arm64 --provenance=false -t ${{env.imageRepository}}:build-${{env.version}}-arm64v8 -f src/ES.Kubernetes.Reflector/Dockerfile src/
docker pull --platform linux/amd64 ${{env.imageRepository}}:build-${{env.version}}-amd64
docker pull --platform linux/arm/v7 ${{env.imageRepository}}:build-${{env.version}}-arm32v7
docker pull --platform linux/arm64 ${{env.imageRepository}}:build-${{env.version}}-arm64v8
docker manifest create ${{env.imageRepository}}:build-${{env.version}} ${{env.imageRepository}}:build-${{env.version}}-amd64 ${{env.imageRepository}}:build-${{env.version}}-arm32v7 ${{env.imageRepository}}:build-${{env.version}}-arm64v8
docker manifest inspect ${{env.imageRepository}}:build-${{env.version}}
docker manifest push ${{env.imageRepository}}:build-${{env.version}}
cd:
name: CD
needs: ci
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
runs-on: ubuntu-latest
steps:
- name: tools - docker - login
uses: docker/login-action@v3
with:
username: ${{ secrets.ES_DOCKERHUB_USERNAME }}
password: ${{ secrets.ES_DOCKERHUB_PAT }}
- name: artifacts - download - helm chart
uses: actions/download-artifact@v4
with:
name: helm
path: .artifacts/helm
- name: artifacts - download - kubectl manifests
uses: actions/download-artifact@v4
with:
name: kubectl
path: .artifacts/kubectl
- name: "docker - tag and push"
run: |
docker pull ${{env.imageRepository}}:build-${{env.version}}-amd64
docker pull ${{env.imageRepository}}:build-${{env.version}}-arm32v7
docker pull ${{env.imageRepository}}:build-${{env.version}}-arm64v8
docker manifest create ${{env.imageRepository}}:${{env.version}} ${{env.imageRepository}}:build-${{env.version}}-amd64 ${{env.imageRepository}}:build-${{env.version}}-arm32v7 ${{env.imageRepository}}:build-${{env.version}}-arm64v8
docker manifest create ${{env.imageRepository}}:latest ${{env.imageRepository}}:build-${{env.version}}-amd64 ${{env.imageRepository}}:build-${{env.version}}-arm32v7 ${{env.imageRepository}}:build-${{env.version}}-arm64v8
docker manifest push ${{env.imageRepository}}:${{env.version}}
docker manifest push ${{env.imageRepository}}:latest
docker manifest push ${{env.imageRepository}}:${{env.version}}
docker manifest push ${{env.imageRepository}}:latest
docker tag ${{env.imageRepository}}:build-${{env.version}}-amd64 ${{env.imageRepository}}:${{env.version}}-amd64
docker tag ${{env.imageRepository}}:build-${{env.version}}-arm32v7 ${{env.imageRepository}}:${{env.version}}-arm32v7
docker tag ${{env.imageRepository}}:build-${{env.version}}-arm64v8 ${{env.imageRepository}}:${{env.version}}-arm64v8
docker push ${{env.imageRepository}}:${{env.version}}-amd64
docker push ${{env.imageRepository}}:${{env.version}}-arm32v7
docker push ${{env.imageRepository}}:${{env.version}}-arm64v8
- name: github - checkout - helm-charts
uses: actions/checkout@v4
with:
repository: emberstack/helm-charts
token: ${{ secrets.ES_GITHUB_PAT }}
path: helm-charts
ref: main
- name: github - publish - chart
run: |
mkdir -p helm-charts/repository/reflector
cp .artifacts/helm/reflector-${{env.version}}.tgz helm-charts/repository/reflector
cd helm-charts
git config user.name "Romeo Dumitrescu"
git config user.email "5931333+winromulus@users.noreply.github.com"
git add .
git status
git commit -m "Added reflector-${{env.version}}.tgz"
git push
- name: github - release - set manifest name
run: |
mkdir -p github
cp .artifacts/kubectl/reflector-${{env.version}}.yaml github/reflector.yaml
- name: github - create release
uses: softprops/action-gh-release@v2
with:
repository: emberstack/kubernetes-reflector
tag_name: v${{env.version}}
body: The release process is automated.
generate_release_notes: true
token: ${{ secrets.ES_GITHUB_PAT }}
files: |
github/reflector.yaml