Add cifmw client container

This patch adds a new containerfile defining the container we will use with the upcoming CLI, maybe in CI jobs soon as well. With every merge into the ci-framework repo the container will be build using the ref content and tagged with the Git SHA. If the PR is merged into the main branch the "latest" tag will be updated. Jira: https://issues.redhat.com/browse/OSPRH-9458
lewisdenny · Aug 27, 2024 · 43e3be1 · 43e3be1
1 parent f57f048
commit 43e3be1
Show file tree

Hide file tree

Showing 9 changed files with 135 additions and 0 deletions.
diff --git a/.ansible-lint b/.ansible-lint
@@ -4,6 +4,7 @@ exclude_paths:
   - ../
   - .cache/
   - .venv/
+  - .github/ # Not Ansible, just YAML
   - build/
   - containerfiles/
   - docs/

diff --git a/.github/workflows/build-and-push-client-container.yml b/.github/workflows/build-and-push-client-container.yml
@@ -0,0 +1,49 @@
+name: Build and Push Image
+on: [ push ]
+env:
+    IMAGE_NAME: cifmw-client
+    IMAGE_REGISTRY: quay.rdoproject.org/ci-framework
+    REGISTRY_USER: ${{ secrets.QUAY_RDO_CI_FRAMEWORK_USERNAME }}
+    REGISTRY_PASSWORD: ${{ secrets.QUAY_RDO_CI_FRAMEWORK_PASSWORD }}
+
+jobs:
+  build:
+    name: Build and push image
+    runs-on: ubuntu-22.04
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Get branch name
+      id: branch-name
+      uses: tj-actions/branch-names@v7
+
+    # Overriding the LATEST_TAG var allows us to track latest
+    # tags for other branches, "latest" won't move unless code
+    # is merged into the main branch.
+    - name: Set latest tag for non main branch
+      if: "${{ steps.branch-name.outputs.current_branch != 'main' }}"
+      run: |
+        echo "LATEST_TAG=${{ steps.branch-name.outputs.current_branch }}-latest" >> $GITHUB_ENV
+
+    - name: Build Image
+      id: build-image
+      uses: redhat-actions/buildah-build@v2
+      with:
+        image: ${{ env.IMAGE_NAME }}
+        tags: ${{ env.LATEST_TAG }} ${{ github.sha }}
+        containerfiles: |
+          containerfiles/Containerfile.client
+
+    - name: Push To quay.rdoproject.org
+      id: push-to-quay
+      uses: redhat-actions/push-to-registry@v2
+      with:
+        image: ${{ steps.build-image.outputs.image }}
+        tags: ${{ steps.build-image.outputs.tags }}
+        registry: ${{ env.IMAGE_REGISTRY }}
+        username: ${{ env.REGISTRY_USER }}
+        password: ${{ env.REGISTRY_PASSWORD }}
+
+    - name: Print image url
+      run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}"
diff --git a/Makefile b/Makefile
@@ -248,3 +248,7 @@ plugin-development-disable: # Revert all changes and delete .env if no longer ne
 	grep -lEr --include=\*.py --exclude-dir=.venv 'from (?:plugins|tests)' | xargs gsed -i -e 's/from plugins/from ansible_collections\.cifmw\.general\.plugins/g' -e 's/from tests/from ansible_collections\.cifmw\.general\.tests/g'
 	gsed -i '/PYTHONPATH=/d' .env
 	[ -s .env ] || rm .env
+
+.PHONY: build-cifmw-client-container
+build-cifmw-client-container: # Locally build cifmw-client container
+		podman build --security-opt label=disable -t localhost/cifmw-client:latest -f containerfiles/Containerfile.client .
diff --git a/ci/playbooks/build_push_container.yml b/ci/playbooks/build_push_container.yml
@@ -0,0 +1,7 @@
+---
+- name: Run build_push_container role
+  hosts: "{{ cifmw_target_host | default('localhost') }}"
+  tasks:
+    - name: Run build_push_container role
+      ansible.builtin.include_role:
+        name: build_push_container
diff --git a/ci/playbooks/build_push_container_runner.yml b/ci/playbooks/build_push_container_runner.yml
@@ -0,0 +1,13 @@
+---
+- name: Run build_push_container role
+  hosts: "controller"
+  tasks:
+    - name: Run build_push_container role
+      vars:
+        ci_framework_src_dir: "{{ ansible_user_dir }}/src/github.com/openstack-k8s-operators/ci-framework"
+      ansible.builtin.command:
+        chdir: "{{ ci_framework_src_dir }}"
+        cmd: >-
+          ~/test-python/bin/ansible-playbook ci/playbooks/build_push_container.yml
+          -i {{ ansible_user_dir }}/ci-framework-data/artifacts/zuul_inventory.yml
+          -e "@{{ ansible_user_dir }}/ci-framework-data/artifacts/parameters/zuul-params.yml"
diff --git a/ci/templates/projects.yaml b/ci/templates/projects.yaml
@@ -24,4 +24,8 @@
         - cifmw-tcib
         - cifmw-architecture-validate-hci
         - ci-framework-openstack-meta-content-provider
+        - cifmw-client-build-push-container-ci-framework
+    github-post:
+      jobs:
+        - cifmw-client-build-push-container-ci-framework
 # Start generated content
diff --git a/containerfiles/Containerfile.client b/containerfiles/Containerfile.client
@@ -0,0 +1,26 @@
+FROM quay.io/centos/centos:stream9
+
+LABEL summary="CI-Framework client image" \
+    maintainer="CI Framework"
+
+# USER root
+RUN dnf update -y && \
+    dnf install -y git python3.11 python3.11-pip \
+    python3-netaddr make gcc sudo rsync vim && \
+    dnf clean all
+
+RUN adduser cifmw
+
+RUN echo "cifmw ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/cifmw
+
+ENV PATH="/home/cifmw/test-python/bin:$PATH:/home/cifmw/.local/bin"
+
+USER cifmw
+
+COPY --chown=cifmw:cifmw . /home/cifmw/ci-framework
+
+WORKDIR /home/cifmw/ci-framework
+
+RUN /usr/bin/make -C /home/cifmw/ci-framework setup_molecule USE_VENV=yes
+
+RUN /home/cifmw/test-python/bin/pre-commit install --install-hooks
diff --git a/zuul.d/pods.yaml b/zuul.d/pods.yaml
@@ -38,3 +38,30 @@
       run_test: "check_k8s_snippets_comment"
     files:
       - ^roles/ci_gen_kustomize_values/templates/.*
+
+- job:
+    name: cifmw-client-build-push-container-build
+    description: |
+      Build cifmw-client container
+    parent: build-push-container-base
+    nodeset: centos-stream-9
+    pre-run:
+      - ci/playbooks/molecule-prepare.yml
+      - ci/playbooks/dump_zuul_data.yml
+    run: ci/playbooks/build_push_container_runner.yml
+    vars:
+     cifmw_zuul_target_host: controller
+
+- job:
+    name: cifmw-client-build-push-container-ci-framework
+    description: |
+      Build and push cifmw-client container to
+      quay.rdoproject.com registry
+    parent: cifmw-client-build-push-container-build
+    vars:
+      ansible_user_dir: "{{ lookup('env', 'HOME') }}"
+      cifmw_ci_framework_src: "{{ ansible_user_dir }}/src/github.com/openstack-k8s-operators/ci-framework"
+      cifmw_build_push_container_push: true
+      cifmw_build_push_container_name: cifmw-client
+      cifmw_build_push_container_containerfile_path: "{{ (cifmw_ci_framework_src, 'containerfiles', 'Containerfile.client') | ansible.builtin.path_join }}"
+      cifmw_build_push_container_registry_name: quay.rdoproject.org/ci-framework/cifmw-client
diff --git a/zuul.d/projects.yaml b/zuul.d/projects.yaml
@@ -12,6 +12,7 @@
       - cifmw-tcib
       - cifmw-architecture-validate-hci
       - ci-framework-openstack-meta-content-provider
+      - cifmw-client-build-push-container-ci-framework
       - cifmw-molecule-artifacts
       - cifmw-molecule-build_containers
       - cifmw-molecule-build_openstack_packages
@@ -93,6 +94,9 @@
     github-experimental-trigger:
       jobs:
       - downstream-va-hci-trigger-job
+    github-post:
+      jobs:
+      - cifmw-client-build-push-container-ci-framework
     name: openstack-k8s-operators/ci-framework
     templates:
     - podified-multinode-edpm-ci-framework-pipeline