diff --git a/.ansible-lint b/.ansible-lint index bd1400abf5..bba0013e10 100644 --- a/.ansible-lint +++ b/.ansible-lint @@ -4,6 +4,7 @@ exclude_paths: - ../ - .cache/ - .venv/ + - .github/ # Not Ansible, just YAML - build/ - containerfiles/ - docs/ diff --git a/.github/workflows/build-and-push-client-container.yml b/.github/workflows/build-and-push-client-container.yml new file mode 100644 index 0000000000..96e03554c2 --- /dev/null +++ b/.github/workflows/build-and-push-client-container.yml @@ -0,0 +1,49 @@ +name: Build and Push Image +on: [ push ] +env: + IMAGE_NAME: cifmw-client + IMAGE_REGISTRY: quay.rdoproject.org/ci-framework + REGISTRY_USER: ${{ secrets.QUAY_RDO_CI_FRAMEWORK_USERNAME }} + REGISTRY_PASSWORD: ${{ secrets.QUAY_RDO_CI_FRAMEWORK_PASSWORD }} + +jobs: + build: + name: Build and push image + runs-on: ubuntu-22.04 + + steps: + - uses: actions/checkout@v4 + + - name: Get branch name + id: branch-name + uses: tj-actions/branch-names@v7 + + # Overriding the LATEST_TAG var allows us to track latest + # tags for other branches, "latest" won't move unless code + # is merged into the main branch. + - name: Set latest tag for non main branch + if: "${{ steps.branch-name.outputs.current_branch != 'main' }}" + run: | + echo "LATEST_TAG=${{ steps.branch-name.outputs.current_branch }}-latest" >> $GITHUB_ENV + + - name: Build Image + id: build-image + uses: redhat-actions/buildah-build@v2 + with: + image: ${{ env.IMAGE_NAME }} + tags: ${{ env.LATEST_TAG }} ${{ github.sha }} + containerfiles: | + containerfiles/Containerfile.client + + - name: Push To quay.rdoproject.org + id: push-to-quay + uses: redhat-actions/push-to-registry@v2 + with: + image: ${{ steps.build-image.outputs.image }} + tags: ${{ steps.build-image.outputs.tags }} + registry: ${{ env.IMAGE_REGISTRY }} + username: ${{ env.REGISTRY_USER }} + password: ${{ env.REGISTRY_PASSWORD }} + + - name: Print image url + run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}" diff --git a/Makefile b/Makefile index a85ec9e668..239e8631c9 100644 --- a/Makefile +++ b/Makefile @@ -248,3 +248,7 @@ plugin-development-disable: # Revert all changes and delete .env if no longer ne grep -lEr --include=\*.py --exclude-dir=.venv 'from (?:plugins|tests)' | xargs gsed -i -e 's/from plugins/from ansible_collections\.cifmw\.general\.plugins/g' -e 's/from tests/from ansible_collections\.cifmw\.general\.tests/g' gsed -i '/PYTHONPATH=/d' .env [ -s .env ] || rm .env + +.PHONY: build-cifmw-client-container +build-cifmw-client-container: # Locally build cifmw-client container + podman build --security-opt label=disable -t localhost/cifmw-client:latest -f containerfiles/Containerfile.client . diff --git a/ci/playbooks/build_push_container.yml b/ci/playbooks/build_push_container.yml new file mode 100644 index 0000000000..8fa125c03f --- /dev/null +++ b/ci/playbooks/build_push_container.yml @@ -0,0 +1,13 @@ +--- +- name: Run build_push_container role + hosts: "{{ cifmw_zuul_target_host | default('all') }}" + tasks: + - name: Run build_push_container role + vars: + cifmw_build_push_container_info: + name: cifmw-client + containerfile_path: "{{ (zuul.build_refs.src_dir, 'containerfiles', 'Containerfile.client') | ansible.builtin.path_join }}" + cifmw_build_push_container_registry: + name: quay.rdoproject.org/ci-framework/cifmw-client + ansible.builtin.include_role: + name: build_push_container diff --git a/ci/playbooks/build_push_container_runner.yml b/ci/playbooks/build_push_container_runner.yml new file mode 100644 index 0000000000..fc7e4faf4a --- /dev/null +++ b/ci/playbooks/build_push_container_runner.yml @@ -0,0 +1,20 @@ +--- +- name: Run build_push_container role + hosts: "controller" + tasks: + - name: Clone repos in the job workspace + ansible.builtin.include_role: + name: prepare-workspace + + - name: Run build_push_container role + vars: + ci_framework_src_dir: "{{ ansible_user_dir }}/src/github.com/openstack-k8s-operators/ci-framework" + ansible.builtin.command: + chdir: "{{ ci_framework_src_dir }}" + cmd: >- + ansible-playbook playbook/build_push_container.yml + -i {{ ansible_user_dir }}/ci-framework-data/artifacts/zuul_inventory.yml + -e "@{{ ansible_user_dir }}/ci-framework-data/artifacts/parameters/zuul-params.yml" + {% if nodepool is defined %} + -e "@{{ ansible_user_dir }}/ci-framework-data/artifacts/nodepool_params.yml" + {% endif %} diff --git a/ci/templates/projects.yaml b/ci/templates/projects.yaml index 44d5c0b266..e88d47df93 100644 --- a/ci/templates/projects.yaml +++ b/ci/templates/projects.yaml @@ -24,4 +24,8 @@ - cifmw-tcib - cifmw-architecture-validate-hci - ci-framework-openstack-meta-content-provider + - cifmw-client-build-push-container-ci-framework + github-post: + jobs: + - cifmw-client-build-push-container-ci-framework # Start generated content diff --git a/containerfiles/Containerfile.client b/containerfiles/Containerfile.client new file mode 100644 index 0000000000..ec4aedf6bc --- /dev/null +++ b/containerfiles/Containerfile.client @@ -0,0 +1,26 @@ +FROM quay.io/centos/centos:stream9 + +LABEL summary="CI-Framework client image" \ + maintainer="CI Framework" + +# USER root +RUN dnf update -y && \ + dnf install -y git python3.11 python3.11-pip \ + python3-netaddr make gcc sudo rsync vim && \ + dnf clean all + +RUN adduser cifmw + +RUN echo "cifmw ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/cifmw + +ENV PATH="/home/cifmw/test-python/bin:$PATH:/home/cifmw/.local/bin" + +USER cifmw + +COPY --chown=cifmw:cifmw . /home/cifmw/ci-framework + +WORKDIR /home/cifmw/ci-framework + +RUN /usr/bin/make -C /home/cifmw/ci-framework setup_molecule USE_VENV=yes + +RUN /home/cifmw/test-python/bin/pre-commit install --install-hooks diff --git a/zuul.d/pods.yaml b/zuul.d/pods.yaml index ff47e07869..462778c7e3 100644 --- a/zuul.d/pods.yaml +++ b/zuul.d/pods.yaml @@ -38,3 +38,31 @@ run_test: "check_k8s_snippets_comment" files: - ^roles/ci_gen_kustomize_values/templates/.* + +- job: + name: cifmw-client-build-push-container-build + description: | + Build cifmw-client container + parent: build-push-container-base + nodeset: centos-stream-9 + pre-run: + - ci/playbooks/dump_zuul_data.yml + run: ci/playbooks/build_push_container_runner.yml + vars: + cifmw_zuul_target_host: controller + +- job: + name: cifmw-client-build-push-container-ci-framework + description: | + Build and push cifmw-client container to + quay.rdoproject.com registry + parent: cifmw-client-build-push-container-build + vars: + ansible_user_dir: "{{ lookup('env', 'HOME') }}" + cifmw_ci_framework_src: "{{ ansible_user_dir }}/src/github.com/openstack-k8s-operators/ci-framework" + cifmw_build_push_container_push: true + cifmw_build_push_container_info: + name: cifmw-client + containerfile_path: "{{ (cifmw_ci_framework_src, 'containerfiles', 'Containerfile.client') | ansible.builtin.path_join }}" + cifmw_build_push_container_registry: + name: quay.rdoproject.org/ci-framework/cifmw-client diff --git a/zuul.d/projects.yaml b/zuul.d/projects.yaml index 775596265d..35da3fa0f7 100644 --- a/zuul.d/projects.yaml +++ b/zuul.d/projects.yaml @@ -12,6 +12,7 @@ - cifmw-tcib - cifmw-architecture-validate-hci - ci-framework-openstack-meta-content-provider + - cifmw-client-build-push-container-ci-framework - cifmw-molecule-artifacts - cifmw-molecule-build_containers - cifmw-molecule-build_openstack_packages @@ -93,6 +94,9 @@ github-experimental-trigger: jobs: - downstream-va-hci-trigger-job + github-post: + jobs: + - cifmw-client-build-push-container-ci-framework name: openstack-k8s-operators/ci-framework templates: - podified-multinode-edpm-ci-framework-pipeline