Skip to content

Test and Promote KMIs #1656

Test and Promote KMIs

Test and Promote KMIs #1656

Workflow file for this run

name: Test and Promote KMIs
on:
pull_request:
workflow_dispatch:
inputs:
flavor:
description: "Image Flavor to test (ex. ubuntu-22.04)"
required: true
env:
FLAVOR: ${{ github.event.inputs.flavor || 'ubuntu-22.04' }}
jobs:
test:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Install bats
run: npm install -g bats
- name: Create kind cluster
uses: helm/[email protected]
with:
config: .github/workflows/kind/config.yml
- name: Deploy and test ${{ env.FLAVOR }}
run: |
bats tests/run.bats --show-output-of-passing-tests --timing --verbose-run
- name: Archive test logs
uses: actions/upload-artifact@v3
if: always()
with:
name: ${{ env.FLAVOR }}-logs
path: |
${{ github.workspace }}/logs/*
promote:
runs-on: ubuntu-latest
if: github.event_name != 'pull_request'
needs: test
permissions:
id-token: write
env:
COSIGN_EXPERIMENTAL: 1
steps:
- name: Setup cosign
uses: sigstore/cosign-installer@main
- name: Login Docker Hub
uses: redhat-actions/podman-login@v1
with:
logout: false
registry: docker.io
username: ${{ secrets.DOCKERHUB_USER }}
password: ${{ secrets.DOCKERHUB_PASSWD }}
- name: Login Docker Hub
uses: docker/[email protected]
with:
logout: false
registry: docker.io
username: ${{ secrets.DOCKERHUB_USER }}
password: ${{ secrets.DOCKERHUB_PASSWD }}
# - name: Login Quay.io
# uses: docker/[email protected]
# with:
# logout: false
# registry: quay.io
# username: ${{ secrets.QUAY_USER }}
# password: ${{ secrets.QUAY_PASSWD }}
- name: Copy the manifest to product tag
run: |
skopeo copy --all \
docker://docker.io/containercraft/${FLAVOR//-/:}-dev \
docker://docker.io/containercraft/${FLAVOR//-/:}
- name: Sign the image
run: cosign sign --recursive docker.io/containercraft/${FLAVOR//-/:}
- name: Verify the image
run: cosign verify docker.io/containercraft/${FLAVOR//-/:}