Added a docs agent and area-related docs #1468
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Apply PR Image Expiry Label | |
| on: | |
| # Use pull_request_target to access secrets for PRs from forks | |
| # This is safe because we only label existing images, not run untrusted PR code | |
| pull_request_target: | |
| types: [closed] | |
| workflow_dispatch: {} | |
| permissions: | |
| contents: read | |
| concurrency: | |
| group: pr-image-expiry-${{ github.event.pull_request.number || github.ref }} | |
| cancel-in-progress: true | |
| env: | |
| # Default Quay image repo; can be overridden by secret if provided | |
| QUAY_ODH_DASHBOARD_IMAGE_REPO: ${{ secrets.QUAY_ODH_DASHBOARD_IMAGE_REPO || 'quay.io/opendatahub/odh-dashboard' }} | |
| EXPIRES_AFTER: ${{ secrets.QUAY_ODH_DASHBOARD_IMAGE_EXPIRES_AFTER || '21d' }} | |
| jobs: | |
| apply-expiry-label: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Install crane | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| # Get the latest release version | |
| LATEST_VERSION=$(curl -fsSL https://api.github.com/repos/google/go-containerregistry/releases/latest | jq -r '.tag_name') | |
| echo "Installing crane version: $LATEST_VERSION" | |
| # Download and install crane (tarball name changed from crane_* to go-containerregistry_*) | |
| TARBALL="go-containerregistry_Linux_x86_64.tar.gz" | |
| curl -fsSL -o "$TARBALL" "https://github.com/google/go-containerregistry/releases/download/${LATEST_VERSION}/${TARBALL}" | |
| sudo tar -xzf "$TARBALL" -C /usr/local/bin crane | |
| rm -f "$TARBALL" | |
| crane version | |
| - name: Login to Quay | |
| id: quay-login | |
| env: | |
| QUAY_TOKEN: ${{ secrets.QUAY_ROBOT_TOKEN }} | |
| QUAY_ROBOT_USERNAME: ${{ secrets.QUAY_ROBOT_USERNAME }} | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| if [[ -z "${QUAY_ROBOT_USERNAME:-}" || -z "${QUAY_TOKEN:-}" ]]; then | |
| echo "Quay credentials not available; skipping label application." | |
| echo "logged_in=false" >> "$GITHUB_OUTPUT" | |
| exit 0 | |
| fi | |
| crane auth login quay.io -u "$QUAY_ROBOT_USERNAME" -p "$QUAY_TOKEN" | |
| echo "logged_in=true" >> "$GITHUB_OUTPUT" | |
| - name: Apply expiry label to PR image (best-effort) | |
| if: steps.quay-login.outputs.logged_in == 'true' | |
| env: | |
| PR_NUMBER: ${{ github.event.pull_request.number }} | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| if [[ -z "${PR_NUMBER:-}" ]]; then | |
| echo "Not a pull_request event; nothing to do." && exit 0 | |
| fi | |
| IMAGE_REF="${QUAY_ODH_DASHBOARD_IMAGE_REPO}:pr-${PR_NUMBER}" | |
| echo "Target image: $IMAGE_REF" | |
| # Wait for the PR image to exist (Konflux/AppStudio push) up to ~2 minutes | |
| image_found=false | |
| for i in {1..12}; do | |
| if crane manifest "$IMAGE_REF" >/dev/null 2>&1; then | |
| echo "Found image $IMAGE_REF" | |
| image_found=true | |
| break | |
| fi | |
| echo "Image not found yet. Retry $i/12 ..." | |
| sleep 10 | |
| done | |
| if [[ "$image_found" != "true" ]]; then | |
| echo "PR image not available; skipping label application." | |
| exit 0 | |
| fi | |
| echo "Applying label quay.expires-after=${EXPIRES_AFTER} to $IMAGE_REF" | |
| crane mutate --label "quay.expires-after=${EXPIRES_AFTER}" "$IMAGE_REF" | |
| echo "Label applied." |