From 9184454bddd173e8a62646cb50859fd3373d7e00 Mon Sep 17 00:00:00 2001 From: Dana Halperin Date: Mon, 23 Dec 2024 15:41:11 +0200 Subject: [PATCH 1/2] chore: CI - OCP bundle for push Signed-off-by: Dana Halperin --- .github/workflows/ci.yaml | 73 +++++++++++++++++++++++++++------------ Makefile | 2 +- 2 files changed, 51 insertions(+), 24 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index ec80db1e2..a176e33a9 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -11,7 +11,7 @@ on: # note: various environment variable names are set to match expectation from the Makefile; do not change without comparing env: DEFAULT_BRANCH: master - REGISTRY: nvcr.io/nvstaging/mellanox + REGISTRY: quay.io/dahalperin # TO DO - Change to the right registry IMAGE_NAME: network-operator jobs: @@ -92,35 +92,49 @@ jobs: make chart-build chart-push ocp-bundle: - if: github.ref_type == 'tag' needs: - docker-build-push runs-on: ubuntu-latest env: - GH_TOKEN: ${{ secrets.GH_TOKEN_NVIDIA_CI_CD }} + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} DOWNSTREAM_REPO_OWNER: nvidia-ci-cd UPSTREAM_REPO_OWNER: redhat-openshift-ecosystem steps: - uses: actions/checkout@v4 with: - token: ${{ secrets.GH_TOKEN_NVIDIA_CI_CD }} # token must be explicitly set here for push to work in following step + token: ${{ secrets.GITHUB_TOKEN }} # token must be explicitly set here for push to work in following step + - name: Set is_push flag + id: set-is-push + run: | + if [[ "${{ github.event_name }}" == "push" && "${{ github.ref_type }}" == "tag" ]]; then + echo "is_push=false" >> $GITHUB_ENV + else + echo "is_push=true" >> $GITHUB_ENV + fi + - name: Determine version, tag, and base branch - Process based on is_push flag + run: | + if [[ "$is_push" == "true" ]]; then + echo "Setting VERSION_WITH_PREFIX to git commit hash." + VERSION_WITH_PREFIX=$(git rev-parse --short HEAD) + echo VERSION_WITH_PREFIX=$VERSION_WITH_PREFIX >> $GITHUB_ENV + else + git_tag=${{ github.ref_name }} + echo VERSION_WITH_PREFIX=$git_tag >> $GITHUB_ENV + echo VERSION_WITHOUT_PREFIX=${git_tag:1} >> $GITHUB_ENV # without the 'v' prefix + if echo $git_tag | grep beta; then + base_branch=$DEFAULT_BRANCH + else + v_major_minor=$(echo $git_tag | grep -Eo '^v[0-9]+\.[0-9]+') + base_branch=$v_major_minor.x + fi + echo BASE_BRANCH=$base_branch >> $GITHUB_ENV + fi - uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ secrets.NVCR_USERNAME }} password: ${{ secrets.NVCR_TOKEN }} - - name: Determine version, tag, and base branch - run: | - git_tag=${{ github.ref_name }} - echo VERSION_WITH_PREFIX=$git_tag >> $GITHUB_ENV - echo VERSION_WITHOUT_PREFIX=${git_tag:1} >> $GITHUB_ENV # without the 'v' prefix - if echo $git_tag | grep beta; then - base_branch=$DEFAULT_BRANCH - else - v_major_minor=$(echo $git_tag | grep -Eo '^v[0-9]+\.[0-9]+') - base_branch=$v_major_minor.x - fi - echo BASE_BRANCH=$base_branch >> $GITHUB_ENV + - name: Lookup image digest run: | network_operator_digest=$(skopeo inspect docker://$REGISTRY/$IMAGE_NAME:$VERSION_WITH_PREFIX | jq -r .Digest) @@ -130,14 +144,26 @@ jobs: env: TAG: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@${{ env.NETWORK_OPERATOR_DIGEST }} BUNDLE_IMG: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-bundle:${{ env.VERSION_WITH_PREFIX }} - VERSION: ${{ env.VERSION_WITHOUT_PREFIX }} NGC_CLI_API_KEY: ${{ secrets.NVCR_TOKEN }} run: | - version_major_minor=$(echo $VERSION_WITH_PREFIX | grep -Eo 'v[0-9]+\.[0-9]+') - export CHANNELS=stable,$version_major_minor - export DEFAULT_CHANNEL=$version_major_minor + if [[ "$is_push" == "false" ]]; then + export VERSION=${{ env.VERSION_WITHOUT_PREFIX }} + version_major_minor=$(echo $VERSION_WITH_PREFIX | grep -Eo 'v[0-9]+\.[0-9]+') + export CHANNELS=stable,$version_major_minor + export DEFAULT_CHANNEL=$version_major_minor + else + export DEFAULT_CHANNEL=v1.1 # hard coded + export CHANNELS=stable,v1.1 # hard coded + export VERSION=1.1.0-${{ env.VERSION_WITH_PREFIX }} # using the commit hash + fi make bundle bundle-build bundle-push + if [[ "$is_push" == "true" ]]; then + export BUNDLE_IMG=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-bundle:latest # hard coded + make bundle-build bundle-push + fi + - name: Create PR with bundle to Network Operator + if: github.ref_type == 'tag' env: FEATURE_BRANCH: update-ocp-bundle-to-${{ env.VERSION_WITH_PREFIX }} run: | @@ -157,15 +183,16 @@ jobs: --title "task: update bundle to $VERSION_WITH_PREFIX" \ --body "Created by the *${{ github.job }}* job in [${{ github.repository }} OCP bundle CI](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }})." - name: Determine if to send bundle to RedHat + if: github.ref_type == 'tag' run: | echo SEND_BUNDLE_TO_REDHAT=$(echo ${{ github.ref_name}} | grep -qE "v[0-9]+.[0-9]+.[0-9]+$" && echo true || echo false) >> $GITHUB_ENV - - if: ${{ env.SEND_BUNDLE_TO_REDHAT == 'true' }} + - if: ${{ github.ref_type == 'tag' && env.SEND_BUNDLE_TO_REDHAT == 'true' }} uses: actions/checkout@v4 with: - token: ${{ secrets.GH_TOKEN_NVIDIA_CI_CD }} # token must be explicitly set here for push to work in following step + token: ${{ secrets.GITHUB_TOKEN }} # token must be explicitly set here for push to work in following step repository: ${{ env.UPSTREAM_REPO_OWNER }}/certified-operators path: certified-operators - - if: ${{ env.SEND_BUNDLE_TO_REDHAT == 'true' }} + - if: ${{ github.ref_type == 'tag' && env.SEND_BUNDLE_TO_REDHAT == 'true' }} name: Create PR with bundle to RedHat env: UPSTREAM_DEFAULT_BRANCH: main diff --git a/Makefile b/Makefile index 4cfdcde25..a0ce409d9 100644 --- a/Makefile +++ b/Makefile @@ -395,7 +395,7 @@ bundle: $(OPERATOR_SDK) $(KUSTOMIZE) manifests ## Generate bundle manifests and cd config/manager && $(KUSTOMIZE) edit set image controller=$(TAG) $(KUSTOMIZE) build config/manifests | $(OPERATOR_SDK) generate bundle $(BUNDLE_GEN_FLAGS) git checkout -- config/manager/kustomization.yaml - GO=$(GO) BUNDLE_OCP_VERSIONS=$(BUNDLE_OCP_VERSIONS) TAG=$(TAG) hack/scripts/ocp-bundle-postprocess.sh + ## GO=$(GO) BUNDLE_OCP_VERSIONS=$(BUNDLE_OCP_VERSIONS) TAG=$(TAG) hack/scripts/ocp-bundle-postprocess.sh $(OPERATOR_SDK) bundle validate ./bundle .PHONY: bundle-build From a9e876ad18eab846d1326bd73ed97517eb42a773 Mon Sep 17 00:00:00 2001 From: nvidia-ci-cd Date: Tue, 24 Dec 2024 13:11:45 +0000 Subject: [PATCH 2/2] task: update bundle to v1.1.0-beta Signed-off-by: nvidia-ci-cd --- bundle.Dockerfile | 4 +- ...etwork-operator.clusterserviceversion.yaml | 40 +++---------------- bundle/metadata/annotations.yaml | 5 +-- 3 files changed, 10 insertions(+), 39 deletions(-) diff --git a/bundle.Dockerfile b/bundle.Dockerfile index 57feb2413..c28e3d2df 100644 --- a/bundle.Dockerfile +++ b/bundle.Dockerfile @@ -5,8 +5,8 @@ LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1 LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/ LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/ LABEL operators.operatorframework.io.bundle.package.v1=nvidia-network-operator -LABEL operators.operatorframework.io.bundle.channels.v1=stable,v24.10 -LABEL operators.operatorframework.io.bundle.channel.default.v1=v24.10 +LABEL operators.operatorframework.io.bundle.channels.v1=stable,v1.1 +LABEL operators.operatorframework.io.bundle.channel.default.v1=v1.1 LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.33.0 LABEL operators.operatorframework.io.metrics.mediatype.v1=metrics+v1 LABEL operators.operatorframework.io.metrics.project_layout=go.kubebuilder.io/v3 diff --git a/bundle/manifests/nvidia-network-operator.clusterserviceversion.yaml b/bundle/manifests/nvidia-network-operator.clusterserviceversion.yaml index 18db0e2d3..2b7041243 100644 --- a/bundle/manifests/nvidia-network-operator.clusterserviceversion.yaml +++ b/bundle/manifests/nvidia-network-operator.clusterserviceversion.yaml @@ -2,7 +2,6 @@ apiVersion: operators.coreos.com/v1alpha1 kind: ClusterServiceVersion metadata: annotations: - containerImage: nvcr.io/nvidia/cloud-native/network-operator@sha256:f258e8665d094c09159654759bc9ae41fbe0f7fffe95139ec02964759c3d8a87 alm-examples: |- [ { @@ -60,7 +59,7 @@ metadata: "initialDelaySeconds": 10, "periodSeconds": 30 }, - "repository": "nvcr.io/nvidia/mellanox", + "repository": "nvcr.io/nvstaging/mellanox", "startupProbe": { "initialDelaySeconds": 10, "periodSeconds": 20 @@ -77,7 +76,7 @@ metadata: }, "maxParallelUpgrades": 1 }, - "version": "24.10-0.7.0.0-0" + "version": "25.01-0.1.6.0-0" }, "rdmaSharedDevicePlugin": { "config": "{\n \"configList\": [\n {\n \"resourceName\": \"rdma_shared_device_a\",\n \"rdmaHcaMax\": 63,\n \"selectors\": {\n \"vendors\": [\"15b3\"]\n }\n }\n ]\n}\n", @@ -89,7 +88,7 @@ metadata: } ] capabilities: Basic Install - createdAt: "2024-12-08T12:15:11Z" + createdAt: "2024-12-24T13:11:38Z" description: Deploy and manage NVIDIA networking resources in Kubernetes features.operators.openshift.io/cnf: "false" features.operators.openshift.io/cni: "true" @@ -110,7 +109,7 @@ metadata: labels: operatorframework.io/arch.amd64: supported operatorframework.io/arch.arm64: supported - name: nvidia-network-operator.v24.10.0 + name: nvidia-network-operator.v1.1.0-beta namespace: placeholder spec: apiservicedefinitions: {} @@ -456,7 +455,7 @@ spec: value: "true" - name: OFED_INIT_CONTAINER_IMAGE value: ghcr.io/mellanox/network-operator-init-container:v0.0.2 - image: nvcr.io/nvidia/cloud-native/network-operator@sha256:f258e8665d094c09159654759bc9ae41fbe0f7fffe95139ec02964759c3d8a87 + image: quay.io/dahalperin/network-operator@sha256:d1deba560807acf7f0fcedaf4b020a525451e31dc10f3ac79e540d4354e7301d imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -563,7 +562,7 @@ spec: provider: name: NVIDIA url: https://github.com/Mellanox/network-operator/ - version: 24.10.0 + version: 1.1.0-beta webhookdefinitions: - admissionReviewVersions: - v1 @@ -605,30 +604,3 @@ spec: targetPort: 9443 type: ValidatingAdmissionWebhook webhookPath: /validate-mellanox-com-v1alpha1-nicclusterpolicy - relatedImages: - - name: nvidia-network-operator - image: nvcr.io/nvidia/cloud-native/network-operator@sha256:f258e8665d094c09159654759bc9ae41fbe0f7fffe95139ec02964759c3d8a87 - - name: nvidia-network-operator-init-container - image: ghcr.io/mellanox/network-operator-init-container@sha256:1699d23027ea30c9fa59575a914114bdfd5a87a359caf8c0a9b16d409ec0d068 - - name: rdma-shared-device-plugin - image: ghcr.io/mellanox/k8s-rdma-shared-dev-plugin@sha256:9f468fdc4449e65e4772575f83aa85840a00f97165f9a00ba34695c91d610fbd - - name: sriov-network-device-plugin - image: ghcr.io/k8snetworkplumbingwg/sriov-network-device-plugin@sha256:77e3b946c20f45728dfa6dd1d115356de5ea317f91cddfd1540b7121550f66dc - - name: ib-kubernetes - image: ghcr.io/mellanox/ib-kubernetes@sha256:100e6addf99d5b44e81cb3aa8d2fc892fced1de3183190931961b92ee924207b - - name: ipoib-cni - image: ghcr.io/mellanox/ipoib-cni@sha256:81646c07e27ce1df2603050a75dd267f264685fdc64c285eca3925ae98ed5392 - - name: nv-ipam - image: ghcr.io/mellanox/nvidia-k8s-ipam@sha256:47e1bb84ac97f9af49f97b49c2de44b4ba82b890b487880edc5c9adf86a176f7 - - name: nic-feature-discovery - image: ghcr.io/mellanox/nic-feature-discovery@sha256:92dda9434519de39be0f94c80787766e3399e8b238d14839360aff4d6232a09b - - name: doca-telemetry-service - image: nvcr.io/nvidia/doca/doca_telemetry@sha256:866971717cb2683f2742d265c9793f93242f55b6e8bd9a0a88a558869f9b9cd7 - - name: doca-driver-0 - image: nvcr.io/nvidia/mellanox/doca-driver@sha256:e36c46cf2c813c081bf7cc22b47fb4cf391a3d91804e47a6ce87f31d62f42535 - - name: doca-driver-1 - image: nvcr.io/nvidia/mellanox/doca-driver@sha256:5a87d04872d5d4530cab3cbb3db528722fa24435f3375debd8ed102b04e631c2 - - name: doca-driver-2 - image: nvcr.io/nvidia/mellanox/doca-driver@sha256:ecb2cfdc510b7ed09a59daed4817ee353e83a94d2d8581c3c052f4fa4b990574 - - name: doca-driver-3 - image: nvcr.io/nvidia/mellanox/doca-driver@sha256:db5797121735eeb935d8f11e305b50c80ba07aa83c291d76d05dea7e303bc740 diff --git a/bundle/metadata/annotations.yaml b/bundle/metadata/annotations.yaml index fa11b26e6..b53dfefdb 100644 --- a/bundle/metadata/annotations.yaml +++ b/bundle/metadata/annotations.yaml @@ -4,8 +4,8 @@ annotations: operators.operatorframework.io.bundle.manifests.v1: manifests/ operators.operatorframework.io.bundle.metadata.v1: metadata/ operators.operatorframework.io.bundle.package.v1: nvidia-network-operator - operators.operatorframework.io.bundle.channels.v1: stable,v24.10 - operators.operatorframework.io.bundle.channel.default.v1: v24.10 + operators.operatorframework.io.bundle.channels.v1: stable,v1.1 + operators.operatorframework.io.bundle.channel.default.v1: v1.1 operators.operatorframework.io.metrics.builder: operator-sdk-v1.33.0 operators.operatorframework.io.metrics.mediatype.v1: metrics+v1 operators.operatorframework.io.metrics.project_layout: go.kubebuilder.io/v3 @@ -13,4 +13,3 @@ annotations: # Annotations for testing. operators.operatorframework.io.test.mediatype.v1: scorecard+v1 operators.operatorframework.io.test.config.v1: tests/scorecard/ - com.redhat.openshift.versions: v4.14-v4.16