@@ -12,29 +12,36 @@ jobs:
1212 runs-on : ubuntu-latest
1313
1414 steps :
15- - name : ' Checkout'
16- uses : actions/checkout@v3
15+ - name : " Checkout"
16+ uses : actions/checkout@v4
1717
18- - name : ' Setup buildx'
19- uses : docker/setup-buildx-action@v2
18+ - name : " Setup buildx"
19+ uses : docker/setup-buildx-action@v3
2020 with :
2121 install : true
2222
23- - name : ' Docker login'
24- uses : docker/login-action@v2
23+ - name : " Docker login docker.io "
24+ uses : docker/login-action@v3
2525 with :
2626 username : kbstci
2727 password : ${{ secrets.DOCKER_AUTH }}
2828
29- - name : ' Build artifacts'
29+ - name : " Docker login ghcr.io"
30+ uses : docker/login-action@v3
31+ with :
32+ registry : ghcr.io
33+ username : ${{ github.actor }}
34+ password : ${{ secrets.GITHUB_TOKEN }}
35+
36+ - name : " Build artifacts"
3037 env :
3138 DOCKER_PUSH : true
3239 GIT_SHA : ${{ github.sha }}
3340 GIT_REF : ${{ github.ref }}
3441 run : make dist
3542
36- - name : ' Upload artifacts'
37- uses : actions/upload-artifact@v3
43+ - name : " Upload artifacts"
44+ uses : actions/upload-artifact@v4
3845 with :
3946 name : test-artifacts
4047 path : ./quickstart/_dist
@@ -44,95 +51,109 @@ jobs:
4451 needs : [build-test-artifacts]
4552 strategy :
4653 matrix :
47- starter : ["multi-cloud", "aks", "eks", "gke" , "kind"]
54+ starter : ["multi-cloud", "aks", "eks", "gke", "kind"]
4855
4956 permissions :
5057 id-token : write # needed for keyless signing
5158
5259 steps :
53- - name : ' Free disk space'
60+ - name : " Free disk space"
5461 # https://github.com/actions/runner-images/issues/2840#issuecomment-790492173
5562 run : |
5663 sudo rm -rf /usr/share/dotnet
5764 sudo rm -rf /opt/ghc
5865 sudo rm -rf /usr/local/share/boost
5966 sudo rm -rf $AGENT_TOOLSDIRECTORY
6067
61- name : ' Checkout'
62- uses : actions/checkout@v3
68+ name : " Checkout"
69+ uses : actions/checkout@v4
6370
64- - name : ' Download test-artifacts'
65- uses : actions/download-artifact@v3
71+ - name : " Download test-artifacts"
72+ uses : actions/download-artifact@v4
6673 with :
6774 name : test-artifacts
6875 path : ./quickstart/_dist
6976
7077 - name : Install Cosign
71- uses : sigstore/cosign-installer@9614fae9e5c5eddabb09f90a270fcb487c9f7149 # v3.3 .0
78+ uses : sigstore/cosign-installer@9614fae9e5c5eddabb09f90a270fcb487c9f7149 # v3.7 .0
7279
73- - name : ' Setup buildx'
74- uses : docker/setup-buildx-action@v2
80+ - name : " Setup buildx"
81+ uses : docker/setup-buildx-action@v3
7582 with :
7683 install : true
7784
78- - name : ' Docker login'
79- uses : docker/login-action@v2
85+ - name : " Docker login docker.io "
86+ uses : docker/login-action@v3
8087 with :
8188 username : kbstci
8289 password : ${{ secrets.DOCKER_AUTH }}
8390
91+ - name : " Docker login ghcr.io"
92+ uses : docker/login-action@v3
93+ with :
94+ registry : ghcr.io
95+ username : ${{ github.actor }}
96+ password : ${{ secrets.GITHUB_TOKEN }}
97+
8498 - name : Build ${{ matrix.starter }} image
8599 env :
86100 DOCKER_PUSH : true
87101 DOCKER_TARGET : ${{ matrix.starter }}
88102 run : make build
89103
90- - name : ' Sign Images'
104+ - name : " Sign Images"
91105 env :
92106 COSIGN_EXPERIMENTAL : true
93107 run : |
94- cosign sign --yes -a GIT_HASH=${{ github.sha }} -a GIT_REF=${{ github.ref }} kubestack/framework- dev:test-${{ github.sha }}-${{ matrix.starter }}
108+ cosign sign --yes -a GIT_HASH=${{ github.sha }} -a GIT_REF=${{ github.ref }} ghcr.io/kbst/terraform-kubestack/ dev:test-${{ github.sha }}-${{ matrix.starter }}
95109
96110test :
97111 runs-on : ubuntu-latest
98112 needs : [build-test-artifacts, build-image]
99113 strategy :
100114 fail-fast : false
101115 matrix :
102- starter : ["multi-cloud", "aks", "eks", "gke" , "kind"]
116+ starter : ["multi-cloud", "aks", "eks", "gke", "kind"]
103117
104118 steps :
105- - name : ' Download test-artifacts'
106- uses : actions/download-artifact@v3
119+ - name : " Download test-artifacts"
120+ uses : actions/download-artifact@v4
107121 with :
108122 name : test-artifacts
109123 path : ./quickstart/_dist
110124
111- - name : ' Unzip ${{ matrix.starter }} quickstart'
125+ - name : " Unzip ${{ matrix.starter }} quickstart"
112126 run : |
113127 unzip quickstart/_dist/kubestack-starter-${{ matrix.starter }}-*.zip
114128
115- name : ' Docker login'
116- uses : docker/login-action@v2
129+ name : " Docker login docker.io "
130+ uses : docker/login-action@v3
117131 with :
118132 username : kbstci
119133 password : ${{ secrets.DOCKER_AUTH }}
120134
121- - name : ' Docker build'
135+ - name : " Docker login ghcr.io"
136+ uses : docker/login-action@v3
137+ with :
138+ registry : ghcr.io
139+ username : ${{ github.actor }}
140+ password : ${{ secrets.GITHUB_TOKEN }}
141+
142+ - name : " Docker build"
122143 env :
123144 DOCKER_BUILDKIT : 1
124145 working-directory : ./kubestack-starter-${{ matrix.starter }}
125146 # retagging here is necessary because we only push images
126147 # to kubestack/framework after they have been tested
127148 # but the Dockerfiles in the artifact have the target image name
128149 run : |
129- SOURCE_IMAGE=kubestack/framework- dev:test-${{ github.sha }}-${{ matrix.starter }}
150+ SOURCE_IMAGE=ghcr.io/kbst/terraform-kubestack/ dev:test-${{ github.sha }}-${{ matrix.starter }}
130151 docker pull $SOURCE_IMAGE
131152 TARGET_IMAGE=$(cat Dockerfile | sed 's/FROM //')
132153 docker tag $SOURCE_IMAGE $TARGET_IMAGE
133154 docker build -t test-image:${{ github.sha }} .
134155
135- name : ' Configure Kubestack for ${{ matrix.starter }}'
156+ name : " Configure Kubestack for ${{ matrix.starter }}"
136157 working-directory : ./kubestack-starter-${{ matrix.starter }}
137158 run : |
138159 # ALL: set name_prefix
@@ -159,31 +180,31 @@ jobs:
159180 # GKE: set cluster_node_locations
160181 sed -i 's/cluster_node_locations = ""/cluster_node_locations = "europe-west1-b,europe-west1-c,europe-west1-d"/g' gke_zero_cluster.tf || true
161182
162- name : ' Terraform init'
183+ name : " Terraform init"
163184 working-directory : ./kubestack-starter-${{ matrix.starter }}
164185 run : |
165186 docker run --rm \
166187 -v `pwd`:/infra \
167188 test-image:${{ github.sha }} \
168189 terraform init
169190
170- name : ' Terraform workspace new ops'
191+ name : " Terraform workspace new ops"
171192 working-directory : ./kubestack-starter-${{ matrix.starter }}
172193 run : |
173194 docker run --rm \
174195 -v `pwd`:/infra \
175196 test-image:${{ github.sha }} \
176197 terraform workspace new ops
177198
178- name : ' Terraform validate'
199+ name : " Terraform validate"
179200 working-directory : ./kubestack-starter-${{ matrix.starter }}
180201 run : |
181202 docker run --rm \
182203 -v `pwd`:/infra \
183204 test-image:${{ github.sha }} \
184205 terraform validate
185206
186- name : ' Terraform plan'
207+ name : " Terraform plan"
187208 working-directory : ./kubestack-starter-${{ matrix.starter }}
188209 env :
189210 KBST_AUTH_AWS : ${{ secrets.KBST_AUTH_AWS }}
@@ -203,34 +224,40 @@ jobs:
203224 runs-on : ubuntu-latest
204225 needs : [test]
205226
206-
207227 strategy :
208228 matrix :
209- starter : ["multi-cloud", "aks", "eks", "gke" , "kind"]
229+ starter : ["multi-cloud", "aks", "eks", "gke", "kind"]
210230
211231 steps :
212- - name : ' Download test-artifacts'
213- uses : actions/download-artifact@v3
232+ - name : " Download test-artifacts"
233+ uses : actions/download-artifact@v4
214234 with :
215235 name : test-artifacts
216236 path : ./quickstart/_dist
217237
218238 - name : Install Cosign
219- uses : sigstore/cosign-installer@9614fae9e5c5eddabb09f90a270fcb487c9f7149 # v3.3 .0
239+ uses : sigstore/cosign-installer@9614fae9e5c5eddabb09f90a270fcb487c9f7149 # v3.7 .0
220240
221- - name : ' Docker login'
222- uses : docker/login-action@v2
241+ - name : " Docker login docker.io "
242+ uses : docker/login-action@v3
223243 with :
224244 username : kbstci
225245 password : ${{ secrets.DOCKER_AUTH }}
226246
227- - name : ' Docker push'
247+ - name : " Docker login ghcr.io"
248+ uses : docker/login-action@v3
249+ with :
250+ registry : ghcr.io
251+ username : ${{ github.actor }}
252+ password : ${{ secrets.GITHUB_TOKEN }}
253+
254+ - name : " Docker push"
228255 # cosign copy copies the images and the signature from one place to another
229256 # then we dont need to sign again the same image
230257 env :
231258 COSIGN_EXPERIMENTAL : true
232259 run : |
233- SOURCE_IMAGE=kubestack/framework- dev:test-${{ github.sha }}-${{ matrix.starter }}
260+ SOURCE_IMAGE=ghcr.io/kbst/terraform-kubestack/ dev:test-${{ github.sha }}-${{ matrix.starter }}
234261 TARGET_IMAGE=$(cat quickstart/_dist/kubestack-starter-${{ matrix.starter }}/Dockerfile | sed 's/FROM //')
235262 echo "Source image $SOURCE_IMAGE will be pushed to $TARGET_IMAGE"
236263 cosign copy $SOURCE_IMAGE $TARGET_IMAGE
@@ -246,27 +273,27 @@ jobs:
246273
247274 strategy :
248275 matrix :
249- starter : ["multi-cloud", "aks", "eks", "gke" , "kind"]
276+ starter : ["multi-cloud", "aks", "eks", "gke", "kind"]
250277
251278 steps :
252- - name : ' Download test-artifacts'
253- uses : actions/download-artifact@v3
279+ - name : " Download test-artifacts"
280+ uses : actions/download-artifact@v4
254281 with :
255282 name : test-artifacts
256283 path : ./quickstart/_dist
257284
258285 - name : Install Cosign
259- uses : sigstore/cosign-installer@9614fae9e5c5eddabb09f90a270fcb487c9f7149 # v3.3 .0
286+ uses : sigstore/cosign-installer@9614fae9e5c5eddabb09f90a270fcb487c9f7149 # v3.7 .0
260287
261- - id : ' auth'
262- uses : ' google-github-actions/auth@v1 '
288+ - id : " auth"
289+ uses : google-github-actions/auth@v2
263290 with :
264291 credentials_json : ${{ secrets.GCLOUD_AUTH }}
265292
266- - name : ' Setup gcloud'
267- uses : google-github-actions/setup-gcloud@v1
293+ - name : " Setup gcloud"
294+ uses : google-github-actions/setup-gcloud@v2
268295
269- - name : ' Publish ${{ matrix.starter }} starter'
296+ - name : " Publish ${{ matrix.starter }} starter"
270297 env :
271298 COSIGN_EXPERIMENTAL : true
272299 run : |
0 commit comments