velero/.github/workflows/push.yml

name: Main CI

on:
  push:
    branches: [ main ]
    tags:
      - '*'

jobs:

  build:
    name: Build
    runs-on: ubuntu-latest
    steps:

    - name: Set up Go
      uses: actions/setup-go@v2
      with:
        go-version: 1.17
      id: go

    - name: Check out code into the Go module directory
      uses: actions/checkout@v2

    - name: Set up QEMU
      id: qemu
      uses: docker/setup-qemu-action@v1
      with:
        platforms: all

    - name: Set up Docker Buildx
      id: buildx
      uses: docker/setup-buildx-action@v1
      with:
        version: latest

    - name: Build
      run: make local

    - name: Test
      run: make test

    # Only try to publish the container image from the root repo; forks don't have permission to do so and will always get failures.
    - name: Publish container image
      if: github.repository == 'vmware-tanzu/velero'
      run: |
        docker login -u ${{ secrets.DOCKER_USER }} -p ${{ secrets.DOCKER_PASSWORD }}
        ./hack/docker-push.sh

    # actions/checkout MUST come before auth
    - uses: 'actions/checkout@v2'

    # auth to GCP with OIDC token from GCP Workload Identity Provider. Output auth result to access token.
    - id: 'auth'
      name: 'Authenticate to Google Cloud'
      uses: 'google-github-actions/auth@v0.6.0'
      with:
        credentials_json: '${{ secrets.GCR_SA_KEY }}'
        token_format: 'access_token'

    # Use access_token generated above to login gcr.io
    - uses: 'docker/login-action@v1'
      with:
        registry: 'gcr.io' # or REGION.docker.pkg.dev
        username: 'oauth2accesstoken'
        password: '${{ steps.auth.outputs.access_token }}'

    # Push image to GCR to facilitate some environments that have rate limitation to docker hub, e.g. vSphere.
    - name: Publish container image to GCR
      if: github.repository == 'vmware-tanzu/velero'
      run: |
        REGISTRY=gcr.io/velero-gcp ./hack/docker-push.sh
Address insensitive language (#2677) * Change master to main in most uses Signed-off-by: Nolan Brubaker <brubakern@vmware.com> 2020-07-17 21:59:51 +00:00			`name: Main CI`
setup ci in github actions Signed-off-by: Ashish Amarnath <ashisham@vmware.com> 2020-05-27 23:34:12 +00:00
			`on:`
			`push:`
Address insensitive language (#2677) * Change master to main in most uses Signed-off-by: Nolan Brubaker <brubakern@vmware.com> 2020-07-17 21:59:51 +00:00			`branches: [ main ]`
setup ci in github actions Signed-off-by: Ashish Amarnath <ashisham@vmware.com> 2020-05-27 23:34:12 +00:00			`tags:`
			`- '*'`

			`jobs:`

			`build:`
			`name: Build`
			`runs-on: ubuntu-latest`
			`steps:`

Bump Go to 1.15 (#2974) Signed-off-by: Gábor Lipták <gliptak@gmail.com> 2020-10-13 19:42:06 +00:00			`- name: Set up Go`
setup ci in github actions Signed-off-by: Ashish Amarnath <ashisham@vmware.com> 2020-05-27 23:34:12 +00:00			`uses: actions/setup-go@v2`
			`with:`
Bump up Go to 1.17 Signed-off-by: Daniel Jiang <jiangd@vmware.com> 2021-12-06 12:10:20 +00:00			`go-version: 1.17`
setup ci in github actions Signed-off-by: Ashish Amarnath <ashisham@vmware.com> 2020-05-27 23:34:12 +00:00			`id: go`

			`- name: Check out code into the Go module directory`
			`uses: actions/checkout@v2`

Upgrade to Docker provided buildx action for CI (#3110) The previous buildx action that we were using has been archived and users are recommended to switch to the new action provided by Docker. The previous action also included setting up QEMU. This is now provided as a separate action which needs to be run separately. This change also replaces the direct use of `docker login` with the new `login-action`. This new action also handles logging out once the build is complete. Signed-off-by: Bridget McErlean <bmcerlean@vmware.com> 2020-11-30 19:19:07 +00:00			`- name: Set up QEMU`
			`id: qemu`
			`uses: docker/setup-qemu-action@v1`
			`with:`
			`platforms: all`

Refactor image builds to use buildx for multi arch image building (#2754) * Refactor image builds to use buildx for multi arch image building Signed-off-by: Rob Reus <rob@devrobs.nl> * Adding image build sanity checks to Makefile Signed-off-by: Rob Reus <rob@devrobs.nl> * Making locally building of docker images possible Signed-off-by: Rob Reus <rob@devrobs.nl> * Adding docs on building container images using buildx Signed-off-by: Rob Reus <rob@devrobs.nl> * Adding changelog and implementing feedback from PR Signed-off-by: Rob Reus <rob@devrobs.nl> * Making GOPROXY used in the build containers configurable Signed-off-by: Rob Reus <rob@devrobs.nl> 2020-08-04 18:40:05 +00:00			`- name: Set up Docker Buildx`
			`id: buildx`
Upgrade to Docker provided buildx action for CI (#3110) The previous buildx action that we were using has been archived and users are recommended to switch to the new action provided by Docker. The previous action also included setting up QEMU. This is now provided as a separate action which needs to be run separately. This change also replaces the direct use of `docker login` with the new `login-action`. This new action also handles logging out once the build is complete. Signed-off-by: Bridget McErlean <bmcerlean@vmware.com> 2020-11-30 19:19:07 +00:00			`uses: docker/setup-buildx-action@v1`
Refactor image builds to use buildx for multi arch image building (#2754) * Refactor image builds to use buildx for multi arch image building Signed-off-by: Rob Reus <rob@devrobs.nl> * Adding image build sanity checks to Makefile Signed-off-by: Rob Reus <rob@devrobs.nl> * Making locally building of docker images possible Signed-off-by: Rob Reus <rob@devrobs.nl> * Adding docs on building container images using buildx Signed-off-by: Rob Reus <rob@devrobs.nl> * Adding changelog and implementing feedback from PR Signed-off-by: Rob Reus <rob@devrobs.nl> * Making GOPROXY used in the build containers configurable Signed-off-by: Rob Reus <rob@devrobs.nl> 2020-08-04 18:40:05 +00:00			`with:`
Upgrade to Docker provided buildx action for CI (#3110) The previous buildx action that we were using has been archived and users are recommended to switch to the new action provided by Docker. The previous action also included setting up QEMU. This is now provided as a separate action which needs to be run separately. This change also replaces the direct use of `docker login` with the new `login-action`. This new action also handles logging out once the build is complete. Signed-off-by: Bridget McErlean <bmcerlean@vmware.com> 2020-11-30 19:19:07 +00:00			`version: latest`
Refactor image builds to use buildx for multi arch image building (#2754) * Refactor image builds to use buildx for multi arch image building Signed-off-by: Rob Reus <rob@devrobs.nl> * Adding image build sanity checks to Makefile Signed-off-by: Rob Reus <rob@devrobs.nl> * Making locally building of docker images possible Signed-off-by: Rob Reus <rob@devrobs.nl> * Adding docs on building container images using buildx Signed-off-by: Rob Reus <rob@devrobs.nl> * Adding changelog and implementing feedback from PR Signed-off-by: Rob Reus <rob@devrobs.nl> * Making GOPROXY used in the build containers configurable Signed-off-by: Rob Reus <rob@devrobs.nl> 2020-08-04 18:40:05 +00:00
setup ci in github actions Signed-off-by: Ashish Amarnath <ashisham@vmware.com> 2020-05-27 23:34:12 +00:00			`- name: Build`
			`run: make local`

			`- name: Test`
			`run: make test`

Don't attempt to publish docker images on forks (#2953) * Don't attempt to publish docker images on forks When the Main CI workflow runs on a fork, the docker push step will always fail because the appropriate secrets are missing. This is annoying at best and causes CI on forks to be untrustworthy at worst. Signed-off-by: Nolan Brubaker <brubakern@vmware.com> * Use single quotes for string, as github expects Signed-off-by: Nolan Brubaker <brubakern@vmware.com> 2020-09-22 22:04:50 +00:00			`# Only try to publish the container image from the root repo; forks don't have permission to do so and will always get failures.`
setup ci in github actions Signed-off-by: Ashish Amarnath <ashisham@vmware.com> 2020-05-27 23:34:12 +00:00			`- name: Publish container image`
Don't attempt to publish docker images on forks (#2953) * Don't attempt to publish docker images on forks When the Main CI workflow runs on a fork, the docker push step will always fail because the appropriate secrets are missing. This is annoying at best and causes CI on forks to be untrustworthy at worst. Signed-off-by: Nolan Brubaker <brubakern@vmware.com> * Use single quotes for string, as github expects Signed-off-by: Nolan Brubaker <brubakern@vmware.com> 2020-09-22 22:04:50 +00:00			`if: github.repository == 'vmware-tanzu/velero'`
Fix broken docker login action (#3121) PR #3110 introduced a new action for performing the login to Dockerhub as part of image building and pushing however there is an error with the configuration and the credentials are not being passed through correctly. This change reverts to the previous log in approach. Signed-off-by: Bridget McErlean <bmcerlean@vmware.com> 2020-11-30 19:53:25 +00:00			`run: \|`
			`docker login -u ${{ secrets.DOCKER_USER }} -p ${{ secrets.DOCKER_PASSWORD }}`
			`./hack/docker-push.sh`
Add pushing image to GCR in github workflow Push to GCR in github workflow to faciliate some environments that have rate limitation to docker hub, e.g. vSphere. <root@jxun-jumpserver.c.velero-gcp.internal> Signed-off-by: Xun Jiang <jxun@vmware.com> 2022-02-08 12:32:52 +00:00
Add GCR login actions use google-github-actions/auth to login GCP. Login gcr.io with generated access token. Signed-off-by: Xun Jiang <jxun@vmware.com> 2022-02-10 07:40:31 +00:00			`# actions/checkout MUST come before auth`
			`- uses: 'actions/checkout@v2'`

			`# auth to GCP with OIDC token from GCP Workload Identity Provider. Output auth result to access token.`
Add pushing image to GCR in github workflow Push to GCR in github workflow to faciliate some environments that have rate limitation to docker hub, e.g. vSphere. <root@jxun-jumpserver.c.velero-gcp.internal> Signed-off-by: Xun Jiang <jxun@vmware.com> 2022-02-08 12:32:52 +00:00			`- id: 'auth'`
			`name: 'Authenticate to Google Cloud'`
			`uses: 'google-github-actions/auth@v0.6.0'`
			`with:`
Change authentication method from workload identity provider to service account key. Signed-off-by: Xun Jiang <jxun@vmware.com> 2022-03-01 02:59:39 +00:00			`credentials_json: '${{ secrets.GCR_SA_KEY }}'`
Add GCR login actions use google-github-actions/auth to login GCP. Login gcr.io with generated access token. Signed-off-by: Xun Jiang <jxun@vmware.com> 2022-02-10 07:40:31 +00:00			`token_format: 'access_token'`
Add pushing image to GCR in github workflow Push to GCR in github workflow to faciliate some environments that have rate limitation to docker hub, e.g. vSphere. <root@jxun-jumpserver.c.velero-gcp.internal> Signed-off-by: Xun Jiang <jxun@vmware.com> 2022-02-08 12:32:52 +00:00
Add GCR login actions use google-github-actions/auth to login GCP. Login gcr.io with generated access token. Signed-off-by: Xun Jiang <jxun@vmware.com> 2022-02-10 07:40:31 +00:00			`# Use access_token generated above to login gcr.io`
			`- uses: 'docker/login-action@v1'`
			`with:`
			`registry: 'gcr.io' # or REGION.docker.pkg.dev`
			`username: 'oauth2accesstoken'`
			`password: '${{ steps.auth.outputs.access_token }}'`
Add pushing image to GCR in github workflow Push to GCR in github workflow to faciliate some environments that have rate limitation to docker hub, e.g. vSphere. <root@jxun-jumpserver.c.velero-gcp.internal> Signed-off-by: Xun Jiang <jxun@vmware.com> 2022-02-08 12:32:52 +00:00
			`# Push image to GCR to facilitate some environments that have rate limitation to docker hub, e.g. vSphere.`
			`- name: Publish container image to GCR`
Add GCR login actions use google-github-actions/auth to login GCP. Login gcr.io with generated access token. Signed-off-by: Xun Jiang <jxun@vmware.com> 2022-02-10 07:40:31 +00:00			`if: github.repository == 'vmware-tanzu/velero'`
Add pushing image to GCR in github workflow Push to GCR in github workflow to faciliate some environments that have rate limitation to docker hub, e.g. vSphere. <root@jxun-jumpserver.c.velero-gcp.internal> Signed-off-by: Xun Jiang <jxun@vmware.com> 2022-02-08 12:32:52 +00:00			`run: \|`
			`REGISTRY=gcr.io/velero-gcp ./hack/docker-push.sh`