Enroll without nautobot #4035
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: container builds | |
| on: | |
| push: | |
| tags: | |
| - v* | |
| branches: | |
| - main | |
| paths: | |
| - "ansible/**" | |
| - "containers/**" | |
| - ".github/workflows/containers.yaml" | |
| - "python/**" | |
| pull_request: | |
| types: [opened, synchronize, reopened, closed] | |
| paths: | |
| - "ansible/**" | |
| - "containers/**" | |
| - ".github/workflows/containers.yaml" | |
| - "python/**" | |
| workflow_dispatch: | |
| merge_group: | |
| types: [checks_requested] | |
| env: | |
| OPENSTACK_VERSION: 2025.1 | |
| jobs: | |
| openstack: | |
| if: github.event_name != 'pull_request' || (github.event_name == 'pull_request' && github.event.action != 'closed') | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| # if you add a container here, add it to the 'clean_containers' job below | |
| project: [ironic, neutron, keystone, nova, openstack-client, cinder, octavia] | |
| steps: | |
| - name: setup docker buildx | |
| uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3 | |
| - name: login to ghcr.io | |
| uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: image metadata | |
| id: meta | |
| uses: docker/metadata-action@318604b99e75e41977312d83839a89be02ca4893 # v5 | |
| with: | |
| images: ghcr.io/${{ github.repository }}/${{ matrix.project }} | |
| tags: | | |
| type=raw,value=${{ env.OPENSTACK_VERSION }}-ubuntu_jammy,enable={{is_default_branch}} | |
| type=raw,value=${{ env.OPENSTACK_VERSION }}-ubuntu_jammy,enable=${{ github.event_name == 'workflow_dispatch' }} | |
| type=ref,event=tag | |
| type=ref,event=pr | |
| env: | |
| # Create the annotations at the index as well since this | |
| # defaults to manifest only and we have to manually merge | |
| # the container is multi-arch because of provenance creating | |
| # an 'unknown/unknown' arch with data. We've got no annotations | |
| # that are arch specific so populate them at the index as well. | |
| DOCKER_METADATA_ANNOTATIONS_LEVELS: manifest,index | |
| - name: build and deploy openstack container image to registry | |
| uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6 | |
| with: | |
| file: containers/${{ matrix.project }}/Dockerfile | |
| build-args: OPENSTACK_VERSION=${{ env.OPENSTACK_VERSION }} | |
| pull: true # ensure we always have an up to date source | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| annotations: ${{ steps.meta.outputs.annotations }} | |
| dnsmasq: | |
| if: github.event_name != 'pull_request' || (github.event_name == 'pull_request' && github.event.action != 'closed') | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: setup docker buildx | |
| uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3 | |
| - name: login to ghcr.io | |
| uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: image metadata | |
| id: meta | |
| uses: docker/metadata-action@318604b99e75e41977312d83839a89be02ca4893 # v5 | |
| with: | |
| images: ghcr.io/${{ github.repository }}/dnsmasq | |
| tags: | | |
| type=raw,value=latest,enable={{is_default_branch}} | |
| type=raw,value=latest,enable=${{ github.event_name == 'workflow_dispatch' }} | |
| type=ref,event=tag | |
| type=ref,event=pr | |
| env: | |
| # Create the annotations at the index as well since this | |
| # defaults to manifest only and we have to manually merge | |
| # the container is multi-arch because of provenance creating | |
| # an 'unknown/unknown' arch with data. We've got no annotations | |
| # that are arch specific so populate them at the index as well. | |
| DOCKER_METADATA_ANNOTATIONS_LEVELS: manifest,index | |
| - name: build and deploy dnsmasq container to registry | |
| uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6 | |
| with: | |
| context: "{{defaultContext}}:containers/dnsmasq" | |
| file: Dockerfile | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| workflows: | |
| if: github.event_name != 'pull_request' || (github.event_name == 'pull_request' && github.event.action != 'closed') | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| # if you add a container here, add it to the 'clean_containers' job below | |
| container: | |
| - name: ironic-nautobot-client | |
| - name: ansible | |
| - name: understack-tests | |
| steps: | |
| - name: setup docker buildx | |
| uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3 | |
| - name: login to ghcr.io | |
| uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: image metadata | |
| id: meta | |
| uses: docker/metadata-action@318604b99e75e41977312d83839a89be02ca4893 # v5 | |
| with: | |
| images: ghcr.io/${{ github.repository }}/${{ matrix.container.name }} | |
| tags: | | |
| type=raw,value=latest,enable={{is_default_branch}} | |
| type=raw,value=latest,enable=${{ github.event_name == 'workflow_dispatch' }} | |
| type=ref,event=tag | |
| type=ref,event=pr | |
| env: | |
| # Create the annotations at the index as well since this | |
| # defaults to manifest only and we have to manually merge | |
| # the container is multi-arch because of provenance creating | |
| # an 'unknown/unknown' arch with data. We've got no annotations | |
| # that are arch specific so populate them at the index as well. | |
| DOCKER_METADATA_ANNOTATIONS_LEVELS: manifest,index | |
| - name: build and deploy container image to registry | |
| uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6 | |
| with: | |
| file: containers/${{ matrix.container.name }}/Dockerfile | |
| pull: true # ensure we always have an up to date source | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| annotations: ${{ steps.meta.outputs.annotations }} | |
| # prod is the target that has the code installed | |
| target: prod | |
| clean_containers: | |
| if: github.event_name == 'pull_request' && github.event.action == 'closed' | |
| runs-on: ubuntu-latest | |
| permissions: | |
| packages: write | |
| strategy: | |
| matrix: | |
| container: | |
| - ironic | |
| - neutron | |
| - keystone | |
| - nova | |
| - octavia | |
| - openstack-client | |
| - dnsmasq | |
| - ironic-nautobot-client | |
| - ansible | |
| - understack-tests | |
| steps: | |
| - name: clean up PR container | |
| uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 | |
| env: | |
| CONTAINER_NAME: '${{ matrix.container }}' | |
| with: | |
| script: | | |
| const container_name = `${context.repo.repo}/${process.env.CONTAINER_NAME}`; | |
| const response = await github.rest.packages.getAllPackageVersionsForPackageOwnedByOrg({ | |
| package_type: "container", | |
| package_name: container_name, | |
| org: context.repo.owner, | |
| }); | |
| const target_tag = `pr-${context.payload.pull_request.number}`; | |
| console.log(`Looking for tag ${target_tag} for container ${container_name}`); | |
| const versions = response.data || []; | |
| const matchingVersion = versions.find(version => | |
| version.metadata.container.tags.includes(target_tag) | |
| ); | |
| if (matchingVersion) { | |
| console.log(`Found tag to delete "${target_tag}":`, matchingVersion.html_url); | |
| await github.rest.packages.deletePackageVersionForOrg({ | |
| package_type: "container", | |
| package_name: container_name, | |
| org: context.repo.owner, | |
| package_version_id: matchingVersion.id, | |
| }); | |
| console.log("Tag deleted"); | |
| } else { | |
| console.log(`No package version found with the tag "${target_tag}".`); | |
| } |