Fix fork build pipeline

otterize · Oct 6, 2023 · f184a44 · f184a44
1 parent d5d5108
commit f184a44
Show file tree

Hide file tree

Showing 3 changed files with 122 additions and 16 deletions.
diff --git a/.github/workflows/build-fork.yaml b/.github/workflows/build-fork.yaml
@@ -0,0 +1,81 @@
+name: Build
+concurrency:
+  group: "${{ github.repository }}${{ github.ref }}buildfork"
+  cancel-in-progress: true
+on:
+  pull_request:
+    types:
+      - opened
+      - synchronize
+  push:
+    branches:
+      - main
+      - develop
+
+env:
+  REGISTRY: "ghcr.io"
+
+jobs:
+
+  build:
+    name: Build
+    if: github.repository != 'otterize/network-mapper' || (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != 'otterize/network-mapper')
+    runs-on: ubuntu-latest
+    outputs:
+      registry: ${{ steps.registry.outputs.registry }} # workaround since env is not available outside of steps, i.e. in calling external workflows like we later do in e2e-test
+    strategy:
+      matrix:
+        service:
+          - mapper
+          - sniffer
+          - kafka-watcher
+          - istio-watcher
+
+    steps:
+      - id: registry
+        run: echo "registry=${{ env.REGISTRY }}" >> "$GITHUB_OUTPUT"
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          submodules: recursive
+
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@master
+        with:
+          driver-opts: network=host
+
+      - name: Log in to the Container registry
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Test & Build production image
+        uses: docker/build-push-action@v2
+        with:
+          context: src/
+          file: build/${{ matrix.service }}.Dockerfile
+          tags: ${{ env.REGISTRY }}/${{ github.repository }}:${{ matrix.service }}-${{ github.sha }}
+          push: true
+          network: host
+          platforms: linux/amd64,linux/arm64
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          build-args: |
+            "VERSION=${{ github.run_id }}"
+
+  e2e-test:
+    uses: ./.github/workflows/e2e-test.yaml
+    name: Trigger e2e tests
+    # Must pass the secrets as the called workflow does not have access to the same context
+    with:
+      registry: ${{ needs.build.outputs.registry }}
+      mapper-tag: mapper-${{ github.sha }}
+      sniffer-tag: sniffer-${{ github.sha }}
+      mapper-image: ${{ github.repository }}
+      sniffer-image: ${{ github.repository }}
+
+    needs:
+      - build
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
@@ -18,8 +18,11 @@ env:
 jobs:
 
   build:
+    if: (github.event_name == 'push' && github.repository == 'otterize/network-mapper') || github.event.pull_request.head.repo.full_name == 'otterize/network-mapper'
     name: Build
     runs-on: ubuntu-latest
+    outputs:
+      registry: ${{ steps.registry.outputs.registry }} # workaround since env is not available outside of steps, i.e. in calling external workflows like we later do in e2e-test
     strategy:
       matrix:
         service:
@@ -29,11 +32,13 @@ jobs:
           - istio-watcher
 
     steps:
+      - id: registry
+        run: echo "registry=${{ env.REGISTRY }}" >> "$GITHUB_OUTPUT"
+
       - name: Checkout
         uses: actions/checkout@v2
         with:
           submodules: recursive
-          token: ${{ secrets.OTTERIZEBOT_GITHUB_TOKEN }} # required for checking out submodules
 
       - name: Set up Docker Buildx
         id: buildx
@@ -73,11 +78,13 @@ jobs:
     name: Trigger e2e tests
     # Must pass the secrets as the called workflow does not have access to the same context
     secrets:
-      OTTERIZEBOT_GITHUB_TOKEN: ${{ secrets.OTTERIZEBOT_GITHUB_TOKEN }}
       B64_GCLOUD_SERVICE_ACCOUNT_JSON: ${{ secrets.B64_GCLOUD_SERVICE_ACCOUNT_JSON }}
     with:
+      registry: ${{ needs.build.outputs.registry }}
       mapper-tag: ${{ github.sha }}
       sniffer-tag: ${{ github.sha }}
+      mapper-image: mapper
+      sniffer-image: sniffer
 
     needs:
       - build

diff --git a/.github/workflows/e2e-test.yaml b/.github/workflows/e2e-test.yaml
@@ -4,10 +4,8 @@ on:
     # When triggering a workflow from another workflow the triggered workflow does not have access to any secrets,
     # and they must be passed from the caller
     secrets:
-      OTTERIZEBOT_GITHUB_TOKEN:
-        required: true
       B64_GCLOUD_SERVICE_ACCOUNT_JSON:
-        required: true
+        required: false
 
     inputs:
       mapper-tag:
@@ -16,10 +14,21 @@ on:
       sniffer-tag:
         required: true
         type: string
+      mapper-image:
+        required: true
+        type: string
+      sniffer-image:
+        required: true
+        type: string
+      registry:
+        required: true
+        type: string
+        default: us-central1-docker.pkg.dev/main-383408/otterize
+
 
 
 env:
-  REGISTRY: us-central1-docker.pkg.dev/main-383408/otterize
+  REGISTRY: ${{ inputs.registry }}
 
 jobs:
   e2e-test:
@@ -33,14 +42,23 @@ jobs:
         uses: actions/checkout@v2
         with:
           submodules: recursive
-          token: ${{ secrets.OTTERIZEBOT_GITHUB_TOKEN }} # required for checking out submodules
+
+      - name: Log in to the Container registry
+        if: github.repository != 'otterize/network-mapper' || (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != 'otterize/network-mapper')
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Login to GCR
+        if: (github.event_name == 'push' && github.repository == 'otterize/network-mapper') || github.event.pull_request.head.repo.full_name == 'otterize/network-mapper'
         uses: docker/login-action@v2
         with:
           registry: ${{ env.REGISTRY }}
           username: _json_key_base64
-          password: ${{ secrets.B64_GCLOUD_SERVICE_ACCOUNT_JSON}}
+          password: ${{ secrets.B64_GCLOUD_SERVICE_ACCOUNT_JSON }}
+
 
       - name: Set up Helm
         uses: azure/setup-helm@v3
@@ -58,21 +76,21 @@ jobs:
 
       - name: Deploy Network Mapper
         run: |-
-          docker pull ${{ env.REGISTRY }}/mapper:${{ inputs.mapper-tag }}
-          minikube image load ${{ env.REGISTRY }}/mapper:${{ inputs.mapper-tag }}
-          docker pull ${{ env.REGISTRY }}/sniffer:${{ inputs.sniffer-tag }}
-          minikube image load  ${{ env.REGISTRY }}/sniffer:${{ inputs.sniffer-tag }}
+          docker pull ${{ env.REGISTRY }}/${{ inputs.mapper-image }}:${{ inputs.mapper-tag }}
+          minikube image load ${{ env.REGISTRY }}/${{ inputs.mapper-image }}:${{ inputs.mapper-tag }}
+          docker pull ${{ env.REGISTRY }}/${{ inputs.sniffer-image }}:${{ inputs.sniffer-tag }}
+          minikube image load  ${{ env.REGISTRY }}/${{ inputs.sniffer-image }}:${{ inputs.sniffer-tag }}
           
-          MAPPER_FLAGS="--set-string networkMapper.mapper.repository=${{ env.REGISTRY }} --set-string networkMapper.mapper.image=mapper --set-string networkMapper.mapper.tag=${{ inputs.mapper-tag }} --set-string networkMapper.mapper.pullPolicy=Never"
-          SNIFFER_FLAGS="--set-string networkMapper.sniffer.repository=${{ env.REGISTRY }} --set-string networkMapper.sniffer.image=sniffer --set-string networkMapper.sniffer.tag=${{ inputs.sniffer-tag }} --set-string networkMapper.sniffer.pullPolicy=Never"
+          MAPPER_FLAGS="--set-string networkMapper.mapper.repository=${{ env.REGISTRY }} --set-string networkMapper.mapper.image=${{ inputs.mapper-image }} --set-string networkMapper.mapper.tag=${{ inputs.mapper-tag }} --set-string networkMapper.mapper.pullPolicy=Never"
+          SNIFFER_FLAGS="--set-string networkMapper.sniffer.repository=${{ env.REGISTRY }} --set-string networkMapper.sniffer.image=${{ inputs.sniffer-image }} --set-string networkMapper.sniffer.tag=${{ inputs.sniffer-tag }} --set-string networkMapper.sniffer.pullPolicy=Never"
           TELEMETRY_FLAG="--set global.telemetry.enabled=false"
           helm dep up ./helm-charts/otterize-kubernetes
           helm install otterize ./helm-charts/otterize-kubernetes -n otterize-system --create-namespace --set networkMapper.debug=true $MAPPER_FLAGS $SNIFFER_FLAGS $TELEMETRY_FLAG
 
       - name: Install CLI
         run: |-
-          wget --header="X-Otterize-Test: true" https://get.otterize.com/otterize-cli/v0.1.26/otterize_Linux_x86_64.tar.gz
-          tar xf otterize_Linux_x86_64.tar.gz
+          wget --header="X-Otterize-Test: true" https://get.otterize.com/otterize-cli/v0.1.30/otterize_linux_x86_64.tar.gz
+          tar xf otterize_linux_x86_64.tar.gz
           sudo cp otterize /usr/local/bin
 
       - name: Deploy Tutorial services