feat: prepare release 2.5.0-beta1 #21
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: release-pullrequest-OpenShift | |
| on: | |
| pull_request: | |
| branches: | |
| - main | |
| jobs: | |
| install-OpenShift: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| k8s_version: [ "4.16.30" ] | |
| steps: | |
| - name: Extract and Store Trimmed Repository Name | |
| run: | | |
| REPO_CHART_NAME="${{ github.repository }}" | |
| REPO_APP_NAME=$(echo "$REPO_CHART_NAME" | sed 's/-chart$//') # Remove "-chart" suffix if present | |
| # Check if the trimmed repo exists | |
| HTTP_STATUS=$(curl -s -o /dev/null -w "%{http_code}" \ | |
| -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \ | |
| "https://api.github.com/repos/$REPO_APP_NAME") | |
| if [[ "$HTTP_STATUS" -eq 200 ]]; then | |
| echo "Using trimmed repository name: $REPO_APP_NAME" | |
| echo "REPO_APP_NAME=$REPO_APP_NAME" >> $GITHUB_ENV | |
| else | |
| echo "Trimmed repository not found. Falling back to original repository name." | |
| echo "REPO_APP_NAME=$REPO_CHART_NAME" >> $GITHUB_ENV | |
| fi | |
| - name: Use the Stored Variable | |
| run: | | |
| echo "Trimmed Repository Name: ${{ env.REPO_APP_NAME }}" | |
| - name: Authenticate with GitHub App | |
| id: authenticate | |
| uses: tibdex/github-app-token@v1 | |
| with: | |
| app_id: ${{ secrets.APP_ID }} | |
| private_key: ${{ secrets.PRIVATE_KEY }} | |
| - name: Extract latest App Version | |
| uses: tdemin/find-latest-tag@v1 | |
| id: app_version | |
| with: | |
| repo: https://${{ steps.authenticate.outputs.token }}@github.com/${{ env.REPO_APP_NAME }}.git | |
| - name: Extract latest Chart Version | |
| uses: tdemin/find-latest-tag@v1 | |
| id: chart_version | |
| with: | |
| repo: https://${{ steps.authenticate.outputs.token }}@github.com/${{ github.repository }}.git | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Print Version | |
| run: | | |
| echo APP_VERSION:${{steps.app_version.outputs.tag}} | |
| echo CHART_VERSION:${{steps.chart_version.outputs.tag}} | |
| - name: Replace Version in Chart.yaml | |
| run: sed -i 's/CHART_VERSION/${{ steps.chart_version.outputs.tag }}/g' ./chart/Chart.yaml | |
| - name: Print latest App Version | |
| run: echo ${{ steps.app_version.outputs.tag }} | |
| - name: Replace App Version in Chart.yaml | |
| run: sed -i 's/APP_VERSION/${{ steps.app_version.outputs.tag }}/g' ./chart/Chart.yaml | |
| - name: Set up Helm | |
| uses: azure/[email protected] | |
| - name: Helm lint | |
| run: helm lint ./chart | |
| - name: Create k8s Kind Cluster | |
| uses: helm/kind-action@v1 | |
| # Create the aso-credential secret to be used by Azure Service Operator. | |
| - name: Create ASO Credential Secret | |
| run: | | |
| cat <<EOF | kubectl apply -f - | |
| apiVersion: v1 | |
| kind: Secret | |
| metadata: | |
| name: aso-credential | |
| namespace: default | |
| stringData: | |
| AZURE_SUBSCRIPTION_ID: "${{ secrets.AZURE_SUBSCRIPTION_ID }}" | |
| AZURE_TENANT_ID: "${{ secrets.AZURE_TENANT_ID }}" | |
| AZURE_CLIENT_ID: "${{ secrets.AZURE_CLIENT_ID }}" | |
| AZURE_CLIENT_SECRET: "${{ secrets.AZURE_CLIENT_SECRET }}" | |
| EOF | |
| - name: Install cert-manager using Helm | |
| run: | | |
| helm repo add jetstack https://charts.jetstack.io | |
| helm repo update | |
| helm install cert-manager jetstack/cert-manager --namespace cert-manager --set crds.enabled=true --wait --create-namespace --version=v1.17.1 | |
| - name: Install Azure Service Operator on Kind using Helm | |
| run: | | |
| helm repo add aso2 https://raw.githubusercontent.com/Azure/azure-service-operator/main/v2/charts | |
| helm repo update | |
| helm install aso2 aso2/azure-service-operator --create-namespace --wait --version=2.13.0 --namespace=azureserviceoperator-system --set crdPattern='resources.azure.com/*;network.azure.com/*;redhatopenshift.azure.com/*;authorization.azure.com/*' --set replicaCount=1 | |
| # Prepare a sanitized version string (replace '.' with '-') and store it in K8S_VERSION_NODOT | |
| - name: Prepare version variable | |
| run: echo "K8S_VERSION_NODOT=$(echo '${{ matrix.k8s_version }}' | tr '.' '-')" >> $GITHUB_ENV | |
| # Prepare a sanitized version string (remove '.' entirely) and store it in K8S_VERSION_NODOT2 | |
| - name: Prepare version variable | |
| run: echo "K8S_VERSION_NODOT2=$(echo '${{ matrix.k8s_version }}' | tr -d '.')" >> $GITHUB_ENV | |
| # Create a ResourceGroup CR that will serve as the owner for the OpenShiftCluster. | |
| - name: Deploy ResourceGroup CR via ASO | |
| run: | | |
| echo "Deploying ResourceGroup openshiftcluster-$K8S_VERSION_NODOT for Kubernetes version ${{ matrix.k8s_version }}..." | |
| cat <<EOF | kubectl apply -f - | |
| apiVersion: resources.azure.com/v1api20200601 | |
| kind: ResourceGroup | |
| metadata: | |
| name: openshiftcluster-$K8S_VERSION_NODOT | |
| namespace: default | |
| spec: | |
| location: northeurope | |
| EOF | |
| - name: Wait for ResourceGroup Provisioning | |
| run: | | |
| echo "Waiting for ResourceGroup openshiftcluster-$K8S_VERSION_NODOT to become Ready..." | |
| kubectl wait --for=condition=Ready --timeout=600s resourcegroup/openshiftcluster-$K8S_VERSION_NODOT | |
| - name: Deploy VirtualNetwork CR via ASO | |
| run: | | |
| echo "Deploying VirtualNetwork openshiftcluster-$K8S_VERSION_NODOT for Kubernetes version ${{ matrix.k8s_version }}..." | |
| cat <<EOF | kubectl apply -f - | |
| apiVersion: network.azure.com/v1api20240301 | |
| kind: VirtualNetwork | |
| metadata: | |
| name: openshiftcluster-$K8S_VERSION_NODOT | |
| namespace: default | |
| spec: | |
| location: northeurope | |
| owner: | |
| name: openshiftcluster-$K8S_VERSION_NODOT | |
| addressSpace: | |
| addressPrefixes: | |
| - 10.0.0.0/22 | |
| EOF | |
| - name: Wait for VirtualNetwork Provisioning | |
| run: | | |
| echo "Waiting for VirtualNetwork openshiftcluster-$K8S_VERSION_NODOT to become Ready..." | |
| kubectl wait --for=condition=Ready --timeout=600s virtualnetwork/openshiftcluster-$K8S_VERSION_NODOT | |
| - name: Deploy VirtualNetworksSubnet CR via ASO | |
| run: | | |
| echo "Deploying VirtualNetworksSubnet openshiftcluster-$K8S_VERSION_NODOT-master for Kubernetes version ${{ matrix.k8s_version }}..." | |
| cat <<EOF | kubectl apply -f - | |
| apiVersion: network.azure.com/v1api20240301 | |
| kind: VirtualNetworksSubnet | |
| metadata: | |
| name: openshiftcluster-$K8S_VERSION_NODOT-master | |
| namespace: default | |
| spec: | |
| owner: | |
| name: openshiftcluster-$K8S_VERSION_NODOT | |
| addressPrefix: 10.0.0.0/23 | |
| EOF | |
| - name: Wait for VirtualNetworksSubnet Provisioning | |
| run: | | |
| echo "Waiting for VirtualNetworksSubnet openshiftcluster-$K8S_VERSION_NODOT-master to become Ready..." | |
| kubectl wait --for=condition=Ready --timeout=600s virtualnetworkssubnet/openshiftcluster-$K8S_VERSION_NODOT-master | |
| - name: Deploy VirtualNetworksSubnet CR via ASO | |
| run: | | |
| echo "Deploying VirtualNetworksSubnet openshiftcluster-$K8S_VERSION_NODOT-worker for Kubernetes version ${{ matrix.k8s_version }}..." | |
| cat <<EOF | kubectl apply -f - | |
| apiVersion: network.azure.com/v1api20240301 | |
| kind: VirtualNetworksSubnet | |
| metadata: | |
| name: openshiftcluster-$K8S_VERSION_NODOT-worker | |
| namespace: default | |
| spec: | |
| owner: | |
| name: openshiftcluster-$K8S_VERSION_NODOT | |
| addressPrefix: 10.0.2.0/23 | |
| EOF | |
| - name: Wait for VirtualNetworksSubnet Provisioning | |
| run: | | |
| echo "Waiting for VirtualNetworksSubnet openshiftcluster-$K8S_VERSION_NODOT-worker to become Ready..." | |
| kubectl wait --for=condition=Ready --timeout=600s virtualnetworkssubnet/openshiftcluster-$K8S_VERSION_NODOT-worker | |
| - name: Deploy RoleAssignment CR via ASO | |
| run: | | |
| echo "Deploying RoleAssignment openshiftcluster-$K8S_VERSION_NODOT for Kubernetes version ${{ matrix.k8s_version }}..." | |
| cat <<EOF | kubectl apply -f - | |
| apiVersion: authorization.azure.com/v1api20220401 | |
| kind: RoleAssignment | |
| metadata: | |
| name: openshiftcluster-$K8S_VERSION_NODOT | |
| namespace: default | |
| spec: | |
| # This resource can be owner by any resource. In this example we've chosen a resource group for simplicity | |
| owner: | |
| name: openshiftcluster-$K8S_VERSION_NODOT | |
| group: network.azure.com | |
| kind: VirtualNetwork | |
| # This is the Principal ID of the AAD identity to which the role will be assigned | |
| principalId: ${{ secrets.AZURE_PRINCIPAL_ID }} | |
| principalType: ServicePrincipal | |
| roleDefinitionReference: | |
| # This ARM ID represents "Contributor" - you can read about other built in roles here: https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles | |
| armId: /subscriptions/${{ secrets.AZURE_SUBSCRIPTION_ID }}/providers/Microsoft.Authorization/roleDefinitions/4d97b98b-1d4f-4787-a291-c67834d212e7 | |
| EOF | |
| - name: Wait for RoleAssignment Provisioning | |
| run: | | |
| echo "Waiting for RoleAssignment openshiftcluster-$K8S_VERSION_NODOT to become Ready..." | |
| kubectl wait --for=condition=Ready --timeout=600s roleassignment/openshiftcluster-$K8S_VERSION_NODOT | |
| - name: Deploy OpenShiftCluster CR via ASO | |
| run: | | |
| echo "Deploying OpenShiftCluster openshiftcluster-$K8S_VERSION_NODOT with Kubernetes version ${{ matrix.k8s_version }}..." | |
| cat <<EOF | kubectl apply -f - | |
| apiVersion: redhatopenshift.azure.com/v1api20231122 | |
| kind: OpenShiftCluster | |
| metadata: | |
| name: openshiftcluster-$K8S_VERSION_NODOT | |
| spec: | |
| owner: | |
| name: openshiftcluster-$K8S_VERSION_NODOT | |
| location: "northeurope" | |
| clusterProfile: | |
| domain: openshiftcluster$K8S_VERSION_NODOT2 | |
| version: "${{ matrix.k8s_version }}" | |
| resourceGroupId: /subscriptions/${{ secrets.AZURE_SUBSCRIPTION_ID }}/resourceGroups/openshiftcluster-$K8S_VERSION_NODOT-cluster | |
| fipsValidatedModules: Disabled | |
| ingressProfiles: | |
| - name: default | |
| visibility: Public | |
| masterProfile: | |
| vmSize: Standard_D8s_v3 | |
| encryptionAtHost: Disabled | |
| subnetReference: | |
| group: network.azure.com | |
| kind: VirtualNetworksSubnet | |
| name: openshiftcluster-$K8S_VERSION_NODOT-master | |
| workerProfiles: | |
| - count: 3 | |
| diskSizeGB: 128 | |
| name: worker | |
| vmSize: Standard_D4s_v3 | |
| encryptionAtHost: Disabled | |
| subnetReference: | |
| group: network.azure.com | |
| kind: VirtualNetworksSubnet | |
| name: openshiftcluster-$K8S_VERSION_NODOT-worker | |
| servicePrincipalProfile: | |
| clientId: ${{ secrets.AZURE_CLIENT_ID }} | |
| clientSecret: | |
| key: AZURE_CLIENT_SECRET | |
| name: aso-credential | |
| networkProfile: | |
| podCidr: 10.128.0.0/14 | |
| serviceCidr: 172.30.0.0/16 | |
| apiserverProfile: | |
| visibility: Public | |
| operatorSpec: | |
| secrets: | |
| adminCredentials: | |
| name: adminCredentials | |
| key: adminCredentials | |
| username: | |
| name: credentials | |
| key: username | |
| password: | |
| name: credentials | |
| key: password | |
| EOF | |
| - name: Wait for OpenShiftCluster Provisioning | |
| run: | | |
| kubectl get openshiftcluster/openshiftcluster-$K8S_VERSION_NODOT -o yaml | |
| - name: Wait for OpenShiftCluster Provisioning | |
| run: | | |
| echo "Waiting for OpenShiftCluster openshiftcluster-$K8S_VERSION_NODOT to become Ready..." | |
| kubectl wait --for=condition=Ready --timeout=3600s openshiftcluster/openshiftcluster-$K8S_VERSION_NODOT | |
| # TO DELETE | |
| - name: Get OpenShiftCluster YAML | |
| if: always() | |
| run: | | |
| kubectl get openshiftcluster/openshiftcluster-$K8S_VERSION_NODOT -o yaml | |
| # TO DELETE | |
| - name: Get secrets | |
| if: always() | |
| run: kubectl get secrets -A | |
| - name: Retrieve OpenShiftCluster Kubeconfig | |
| run: | | |
| echo "Extracting kubeconfig from secret..." | |
| kubectl get secret openshiftcluster-$K8S_VERSION_NODOT-kubeconfig -o jsonpath='{.data.kubeconfig}' | base64 -d > openshiftcluster-$K8S_VERSION_NODOT-kubeconfig.yaml | |
| - name: Install Krateo PlatformOps with standard configuration | |
| run: helm install installer-$K8S_VERSION_NODOT ./chart --create-namespace -n krateo-system-$K8S_VERSION_NODOT --wait --kubeconfig=openshiftcluster-$K8S_VERSION_NODOT-kubeconfig.yaml --set krateoplatformops.finopsoperatorcratedb.env.CRATEDB_OPERATOR_DEBUG_VOLUME_STORAGE_CLASS=default --set krateoplatformops.finopscratedbcustomresource.resources.disk.storageClass=default | |
| - name: Wait for krateoplatformops krateo to become ready | |
| run: kubectl wait krateoplatformops krateo --for condition=Ready=True --timeout=600s --namespace krateo-system-$K8S_VERSION_NODOT --kubeconfig=openshiftcluster-$K8S_VERSION_NODOT-kubeconfig.yaml | |
| - name: Get Krateo PlatformOps CR status on OpenShiftCluster | |
| if: always() | |
| run: kubectl get krateoplatformops krateo --namespace krateo-system-$K8S_VERSION_NODOT --kubeconfig=openshiftcluster-$K8S_VERSION_NODOT-kubeconfig.yaml -o yaml | |
| - name: Get events on OpenShiftCluster | |
| if: always() | |
| run: kubectl get events -A --sort-by='.lastTimestamp' --kubeconfig=openshiftcluster-$K8S_VERSION_NODOT-kubeconfig.yaml | |
| - name: Clean Up Krateo PlatformOps CR on OpenShiftCluster | |
| if: always() | |
| run: kubectl delete krateoplatformops krateo --namespace krateo-system-$K8S_VERSION_NODOT --kubeconfig=openshiftcluster-$K8S_VERSION_NODOT-kubeconfig.yaml | |
| - name: Clean Up Installer Helm Chart on OpenShiftCluster | |
| if: always() | |
| run: helm uninstall installer-$K8S_VERSION_NODOT --namespace krateo-system-$K8S_VERSION_NODOT --kubeconfig=openshiftcluster-$K8S_VERSION_NODOT-kubeconfig.yaml | |
| - name: Clean Up krateo-system namespace on OpenShiftCluster | |
| if: always() | |
| run: kubectl delete namespace krateo-system-$K8S_VERSION_NODOT --kubeconfig=openshiftcluster-$K8S_VERSION_NODOT-kubeconfig.yaml | |
| - name: Clean Up OpenShiftCluster Resource | |
| if: always() | |
| run: kubectl delete openshiftcluster/openshiftcluster-$K8S_VERSION_NODOT | |
| - name: Clean Up RoleAssignment Resource | |
| if: always() | |
| run: kubectl delete roleassignment/openshiftcluster-$K8S_VERSION_NODOT | |
| - name: Clean Up VirtualNetworksSubnet Resource | |
| if: always() | |
| run: kubectl delete virtualnetworkssubnet/openshiftcluster-$K8S_VERSION_NODOT-worker | |
| - name: Clean Up VirtualNetworksSubnet Resource | |
| if: always() | |
| run: kubectl delete virtualnetworkssubnet/openshiftcluster-$K8S_VERSION_NODOT-master | |
| - name: Clean Up VirtualNetwork Resource | |
| if: always() | |
| run: kubectl delete virtualnetwork/openshiftcluster-$K8S_VERSION_NODOT | |
| - name: Clean Up ResourceGroup CR | |
| if: always() | |
| run: kubectl delete resourcegroups/openshiftcluster-$K8S_VERSION_NODOT | |
| - name: Get events | |
| if: always() | |
| run: | | |
| kubectl get events -A --sort-by='.lastTimestamp' |