Skip to content

Commit

Permalink
Merge pull request #10 from ZEISS/task/fix-docker-tags
Browse files Browse the repository at this point in the history
fix docker tag
  • Loading branch information
felixZdi authored Apr 11, 2024
2 parents 270a240 + bbd63b3 commit 4e9b76e
Show file tree
Hide file tree
Showing 5 changed files with 136 additions and 27 deletions.
38 changes: 38 additions & 0 deletions .github/workflows/app_release.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
name: Tag

on:
pull_request:
branches:
- 'main'
types:
- closed
paths:
- 'charts/ca-injector/Chart.yaml'

jobs:
create_tag:
if: |
(github.event.pull_request.merged == true) &&
contains(github.event.pull_request.labels.*.name, 'helm_app_version_update')
runs-on: ubuntu-latest
outputs:
new_tag: ${{ steps.tag_version.outputs.new_tag }}
steps:
- uses: actions/checkout@v4
- name: Receive version
run: |
new_app_version=$(sed -n -e 's/^.*appVersion: //p' charts/ca-injector/Chart.yaml)
echo "new_app_version=${new_app_version}" >> $GITHUB_ENV
- name: create git tag
id: tag_version
uses: mathieudutour/github-tag-action@v6.1
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
custom_tag: ${{ env.new_app_version }}
tag_prefix: ''
trigger_docker_build:
needs: [create_tag]
uses: ./.github/workflows/docker.yml
secrets: inherit
with:
tag: ${{ needs.create_tag.outputs.new_tag }}
35 changes: 18 additions & 17 deletions .github/workflows/docker.yml
Original file line number Diff line number Diff line change
@@ -1,13 +1,16 @@
name: Docker Build
on:
schedule:
- cron: "0 22 * * 0" # every sunday at 10pm
- cron: '0 22 * * 0' # every sunday at 10pm
push:
branches:
- "main"
tags:
- "v?[0-9]+.[0-9]+.[0-9]+*"
- 'main'
pull_request:
workflow_call:
inputs:
tag:
type: string
required: true

jobs:
build:
Expand All @@ -24,8 +27,8 @@ jobs:
VERSION=noop
if [ "${{ github.event_name }}" = "schedule" ]; then
VERSION=edge
elif [[ $GITHUB_REF == refs/tags/* ]]; then
VERSION=${GITHUB_REF#refs/tags/}
elif [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then
VERSION=${{ inputs.tag }}
elif [[ $GITHUB_REF == refs/heads/* ]]; then
VERSION=$(echo ${GITHUB_REF#refs/heads/} | sed -r 's#/+#-#g')
if [ "${{ github.event.repository.default_branch }}" = "$VERSION" ]; then
Expand All @@ -35,13 +38,11 @@ jobs:
VERSION=pr-${{ github.event.number }}
fi
TAGS="${REGISTRY}${IMAGE}:${VERSION}"
if [[ $VERSION =~ ^v?[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
VERSION_STRIP=${VERSION#v}
MINOR=${VERSION_STRIP%.*}
if [[ $VERSION =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
TAGS="${REGISTRY}${IMAGE}:${VERSION}"
MINOR=${VERSION%.*}
MAJOR=${MINOR%.*}
TAGS="$TAGS,${REGISTRY}${IMAGE}:${MINOR},${REGISTRY}${IMAGE}:${MAJOR},${REGISTRY}${IMAGE}:latest"
# elif [ "${{ github.event_name }}" = "push" ]; then
# TAGS="$TAGS,${REGISTRY}${IMAGE}:sha-${GITHUB_SHA::8}"
TAGS="$TAGS,${REGISTRY}${IMAGE}:${MINOR},${REGISTRY}${IMAGE}:${MAJOR}"
fi
echo "version=${VERSION}" >> $GITHUB_OUTPUT
echo "tags=${TAGS}" >> $GITHUB_OUTPUT
Expand All @@ -50,7 +51,7 @@ jobs:
- name: Set up GO
uses: actions/setup-go@v5
with:
go-version: "1.21"
go-version: '1.21'
- name: Build GO app
run: |
GOOS=linux CGO_ENABLED=0 go build -o app
Expand Down Expand Up @@ -99,8 +100,8 @@ jobs:
if: ${{ github.event_name != 'pull_request' }}
with:
image-ref: ${{ steps.env.outputs.tags }}
format: "table"
exit-code: "1"
format: 'table'
exit-code: '1'
ignore-unfixed: true
vuln-type: "os,library"
severity: "CRITICAL,HIGH"
vuln-type: 'os,library'
severity: 'CRITICAL,HIGH'
59 changes: 51 additions & 8 deletions .github/workflows/version_bump.yml
Original file line number Diff line number Diff line change
@@ -1,9 +1,12 @@
name: Bump helm app version
name: Bump version

on:
push:
tags:
- "v?[0-9]+.[0-9]+.[0-9]+*"
pull_request:
branches:
- 'main'

types:
- closed

permissions:
contents: write
Expand All @@ -13,12 +16,52 @@ jobs:
bump_version:
runs-on: ubuntu-latest
steps:
- name: Install semver
run: |
pip install semver
- uses: actions/checkout@v4
- name: Bump appVersion
- name: Bump helm version
if: |
(github.event.pull_request.merged == true) &&
(contains(github.event.pull_request.labels.*.name, 'helm-patch') ||
contains(github.event.pull_request.labels.*.name, 'helm-minor') ||
contains(github.event.pull_request.labels.*.name, 'helm-major'))
run: |
label_names='${{ toJSON(github.event.pull_request.labels) }}'
relevant_labels=$(echo $label_names | jq '[.[] | select((.name == "helm-patch") or (.name == "helm-minor") or (.name == "helm-major"))]')
length=$(echo $relevant_labels | jq 'length')
if [ $length != 1 ]; then echo "More than one or none label has been defined. Exiting." && exit 1;fi
version_bump_type=$(echo $relevant_labels | jq -r '.[] | .name')
version_bump_type=${version_bump_type#"helm-"}
current_version=$(sed -n -e 's/^.*version: //p' charts/ca-injector/Chart.yaml)
new_version=$(python -m semver bump $version_bump_type $current_version)
sed -i "s/version:.*/version: $new_version/g" charts/ca-injector/Chart.yaml
- name: Bump App version
if: |
(github.event.pull_request.merged == true) &&
(contains(github.event.pull_request.labels.*.name, 'app-patch') ||
contains(github.event.pull_request.labels.*.name, 'app-minor') ||
contains(github.event.pull_request.labels.*.name, 'app-major'))
run: |
sed -i 's/appVersion:.*/appVersion: ${{ github.ref_name }}/g' charts/ca-injector/Chart.yaml
label_names='${{ toJSON(github.event.pull_request.labels) }}'
relevant_labels=$(echo $label_names | jq '[.[] | select((.name == "app-patch") or (.name == "app-minor") or (.name == "app-major"))]')
length=$(echo $relevant_labels | jq 'length')
if [ $length != 1 ]; then echo "More than one or none label has been defined. Exiting." && exit 1;fi
version_bump_type=$(echo $relevant_labels | jq -r '.[] | .name')
version_bump_type=${version_bump_type#"app-"}
current_version=$(sed -n -e 's/^.*appVersion: //p' charts/ca-injector/Chart.yaml)
new_version=$(python -m semver bump $version_bump_type $current_version)
sed -i "s/appVersion:.*/appVersion: $new_version/g" charts/ca-injector/Chart.yaml
echo "PR_LABELS=helm_app_version_update" >> $GITHUB_ENV
- name: Create Pull Request
uses: peter-evans/create-pull-request@v6
with:
title: "Add app version ${{ github.ref_name }}"
base: main
title: 'Bump Helm Chart versions'
labels: ${{ env.PR_LABELS }}
27 changes: 27 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -67,3 +67,30 @@ in your helm chart's appropriate annotations section.
`ca.crt` can be changed by configuration `caBundle.crt` in any of the typical
ways (config files at `/etc/ca-injector.yaml`, `$HOME/.config/ca-injector.yaml`,
or environment variable `CAINJECTOR_CABUNDLE_CRT`).


## Release

### App
To trigger a new tagged docker build, create a PR with label 'helm_app_version_update'. The app Version within the helm chart will be used as reference for the container tag.
This will be done automatically by below mentioned workflow.

### Helm
In case the appVersion is increased, the helm Chart version should also be increased.
In case the helm Chart version is increased, the appVersion does not have to be increased as well.


Option 1:
Manually set version and/or appVersion within Helm Chart. The Helm release workflow will create a new release in case the helm Chart version has changed.

Option 2:
Add one or two(app and helm) of the following labels to your PR:
- app-major
- app-minor
- app-patch
- helm-major
- helm-minor
- helm-patch

According to the label, appVersion and/or helm version will be bumped and a PullRequest will be created. The Pull request will include label 'helm_app_version_update' to trigger above mentioned workflow. After this PR has benn closed, the Helm release workflow will create a new release in case the helm Chart version has changed.

4 changes: 2 additions & 2 deletions charts/ca-injector/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,10 +15,10 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.1.0
version: 0.1.1

# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
# It is recommended to use it with quotes.
appVersion: v0.1.11
appVersion: 0.1.12

0 comments on commit 4e9b76e

Please sign in to comment.