From d74711a61302927df59449b886eae06d04d18416 Mon Sep 17 00:00:00 2001 From: Michael Zeevi Date: Wed, 3 Jul 2024 21:26:37 +0300 Subject: [PATCH 1/3] feat: add CI for our fork --- .github/workflows/fork-ci.yaml | 106 +++++++++++++++++++++++++++++++++ 1 file changed, 106 insertions(+) create mode 100644 .github/workflows/fork-ci.yaml diff --git a/.github/workflows/fork-ci.yaml b/.github/workflows/fork-ci.yaml new file mode 100644 index 000000000..8cf1f35a1 --- /dev/null +++ b/.github/workflows/fork-ci.yaml @@ -0,0 +1,106 @@ +name: Fork Docker CI + +on: + push: + branches: + - network-operator-* + tags: + - network-operator-* + +jobs: + determine_docker_registry_and_tag: + runs-on: ubuntu-latest + env: + REGISTRY_INTERNAL: nvcr.io/nvstaging/mellanox + REGISTRY_PUBLIC: nvcr.io/nvidia/cloud-native + steps: + - uses: actions/checkout@v4 + with: + sparse-checkout: . + - if: github.ref_type == 'branch' + name: Determine docker registry and tag (when git branch) + run: | + echo DOCKER_REGISTRY=$REGISTRY_INTERNAL >> $GITHUB_ENV + echo DOCKER_TAG=$(git rev-parse --short HEAD) >> $GITHUB_ENV # short git commit hash + - if: github.ref_type == 'tag' + name: Determine docker registry and tag (when git tag) + run: | + echo DOCKER_REGISTRY=$(echo ${{ github.ref_name }} | sed 's/network-operator-//' | grep -q '-' && echo $REGISTRY_INTERNAL || echo $REGISTRY_PUBLIC) >> $GITHUB_ENV # use public registry only when release tag has no '-beta*' or '-rc*' suffix + echo DOCKER_TAG=${{ github.ref_name }} >> $GITHUB_ENV + - name: Store docker registry and tag for following jobs + id: store-docker-registry-and-tag + run: | + echo DOCKER_REGISTRY=$DOCKER_REGISTRY >> $GITHUB_OUTPUT + echo DOCKER_TAG=$DOCKER_TAG >> $GITHUB_OUTPUT + outputs: + docker_registry: ${{ steps.store-docker-registry-and-tag.outputs.DOCKER_REGISTRY }} + docker_tag: ${{ steps.store-docker-registry-and-tag.outputs.DOCKER_TAG }} + + build_and_push_images: + needs: determine_docker_registry_and_tag + runs-on: ubuntu-latest + env: + BUILD_PLATFORMS: linux/amd64,linux/arm64,linux/ppc64le + DOCKER_REGISTRY: ${{ needs.determine_docker_registry_and_tag.outputs.docker_registry }} + DOCKER_TAG: ${{ needs.determine_docker_registry_and_tag.outputs.docker_tag }} + strategy: + matrix: + include: + - component: operator + image_name: ${{ github.event.repository.name }} + dockerfile: Dockerfile + - component: config-daemon + image_name: ${{ github.event.repository.name }}-config-daemon + dockerfile: Dockerfile.sriov-network-config-daemon + - component: webhook + image_name: ${{ github.event.repository.name }}-webhook + dockerfile: Dockerfile.webhook + steps: + - uses: actions/checkout@v4 + - uses: docker/setup-qemu-action@v3 + - uses: docker/setup-buildx-action@v3 + - uses: docker/login-action@v3 + with: + registry: ${{ env.DOCKER_REGISTRY }} + username: ${{ secrets.NVCR_USERNAME }} + password: ${{ secrets.NVCR_TOKEN }} + - uses: docker/build-push-action@v4 + with: + platforms: ${{ env.BUILD_PLATFORMS }} + context: . + file: ${{ matrix.dockerfile }} + tags: ${{ env.DOCKER_REGISTRY }}/${{ matrix.image_name }}:${{ env.DOCKER_TAG }} + push: true + + update_network_operator_values: + needs: + - determine_docker_registry_and_tag + - build_and_push_images + runs-on: ubuntu-latest + env: + DOCKER_TAG: ${{ needs.determine_docker_registry_and_tag.outputs.docker_tag }} + GH_TOKEN: ${{ secrets.GH_TOKEN_NVIDIA_CI_CD }} + steps: + - uses: actions/checkout@v4 + with: + token: ${{ secrets.GH_TOKEN_NVIDIA_CI_CD }} + repository: ${{ github.repository_owner }}/network-operator + - name: Create PR to update image tags in network-operator values + run: | + git config user.name nvidia-ci-cd + git config user.email svc-cloud-orch-gh@nvidia.com + + git checkout -b feature/update-sriov-tags-to-$DOCKER_TAG + sed -Ei "s/(version: )network-operator-.+/\\1$DOCKER_TAG/g" hack/release.yaml + make release-build + + if ! git diff --color --unified=0 --exit-code; then + git commit -sam "task: update SR-IOV images tags to $DOCKER_TAG in chart values" + git push -u origin feature/update-sriov-tags-to-$DOCKER_TAG + gh pr create \ + --repo ${{ github.repository_owner }}/network-operator \ + --base master \ + --head $(git branch --show-current) \ + --fill \ + --body "Created by the *${{ github.job }}* job in [${{ github.repository }} CI](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }})." + fi # TODO: double check with ivan about freddy's question: should we push to master or to a release branch? From d9e7d235771c4cea790b40425ae0d51f4402e299 Mon Sep 17 00:00:00 2001 From: Michael Zeevi Date: Mon, 15 Jul 2024 14:18:53 +0300 Subject: [PATCH 2/3] feat: add github action to sync mellanox fork from k8swg upstream Signed-off-by: Michael Zeevi --- .github/workflows/fork-ci.yaml | 12 +++++----- .github/workflows/fork-sync.yaml | 39 ++++++++++++++++++++++++++++++++ 2 files changed, 45 insertions(+), 6 deletions(-) create mode 100644 .github/workflows/fork-sync.yaml diff --git a/.github/workflows/fork-ci.yaml b/.github/workflows/fork-ci.yaml index 8cf1f35a1..770a01c8d 100644 --- a/.github/workflows/fork-ci.yaml +++ b/.github/workflows/fork-ci.yaml @@ -1,11 +1,11 @@ name: Fork Docker CI -on: - push: - branches: - - network-operator-* - tags: - - network-operator-* +# on: +# push: +# branches: +# - network-operator-* +# tags: +# - network-operator-* jobs: determine_docker_registry_and_tag: diff --git a/.github/workflows/fork-sync.yaml b/.github/workflows/fork-sync.yaml new file mode 100644 index 000000000..4d1b48b7b --- /dev/null +++ b/.github/workflows/fork-sync.yaml @@ -0,0 +1,39 @@ +name: Fork Sync + +on: + schedule: + - cron: '0 0 * * *' # nightly + workflow_dispatch: # enable manual trigger + +jobs: + lookup-most-recent-release-branch: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Lookup most recent release branch + id: lookup-most-recent-release-branch + run: | + git fetch --all + echo most_recent_release_branch=$(git branch --remotes --sort refname | grep network-operator- | tail -n 1 | cut -d '/' -f 2-) >> $GITHUB_OUTPUT + outputs: + most_recent_release_branch: ${{ steps.lookup-most-recent-release-branch.outputs.most_recent_release_branch }} + + sync-fork: + runs-on: ubuntu-latest + needs: lookup-most-recent-release-branch + strategy: + fail-fast: false + matrix: + branch: + - master + - ${{ needs.lookup-most-recent-release-branch.outputs.most_recent_release_branch }} + steps: + - uses: actions/checkout@v4 + if: ${{ matrix.branch != '' }} + - name: Sync + if: ${{ matrix.branch != '' }} + env: + GH_TOKEN: ${{ secrets.GH_TOKEN_NVIDIA_CI_CD }} # classic personal access token permissions: `repo:*,workflow:*` + run: | + gh repo sync ${{ github.repository }} --source k8snetworkplumbingwg/${{ github.event.repository.name }} --branch ${{ matrix.branch }} +# TODO: uncomment triggers for sr-iov fork-ci workflow after fork-sync works From ecce1ee9f1485f32c204dbb47433dd530c0a4107 Mon Sep 17 00:00:00 2001 From: Michael Zeevi Date: Wed, 21 Aug 2024 11:42:32 +0300 Subject: [PATCH 3/3] chore: test change Signed-off-by: Michael Zeevi --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 9759b0574..17b1d0265 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,5 @@ # sriov-network-operator +I'm testing something; it's safe to delete this mock PR! The Sriov Network Operator is designed to help the user to provision and configure SR-IOV CNI plugin and Device plugin in the Openshift cluster.