Docker push and generate manifest workflow update

.github/workflows/docker-push.yml

@@ -1,129 +1,58 @@
-name: Docker image build and push; Generate Manifest; Create release tag
+name: Docker push
 
 on:
-  workflow_dispatch
+  push:
+    tags: 
+      - manager/v[0-9]+.[0-9]+.[0-9]+
+
+concurrency: release-${{ github.event.release.tag_name }}
 
 env:
-    REGISTRY: ghcr.io
+  REGISTRY: ghcr.io
 
 defaults:
   run:
     shell: bash
 
-jobs:
-  compare_image_versions:
-    name: Compare image versions
+jobs:            
+  docker_build_and_push:
+    name: Docker build and push
     runs-on: ubuntu-22.04
     outputs:
-      proceed_with_module_creation: ${{ steps.compare_versions.outputs.proceed }}
-      module_path: ${{ steps.get_current_docker_version.outputs.module_path }}
-      version: ${{ steps.get_current_docker_version.outputs.version }}
+      version: ${{ steps.extract-metadata.outputs.version }}
     permissions:
       contents: read
       packages: write
 
     steps:
     - name: Checkout
       uses: actions/checkout@v3
-
+    
     - name: Setup Docker Buildx
       uses: docker/setup-buildx-action@v2
-
+        
     - name: Log in to the Container registry
       uses: docker/login-action@v2
       with:
         registry: ${{ env.REGISTRY }}
         username: ${{ github.actor }}
         password: ${{ github.token }}
-    
+
     - name: Prepare repository name
       id: prepare-repository-name
       run: |
-        repository=$REGISTRY/${{ github.repository }}
+        repository=$REGISTRY/${{ github.repository }}/cap-operator-manager
         echo "repository=${repository,,}" >> $GITHUB_OUTPUT
-
-    - name: Get docker version from container registry
-      id: get_version_from_container_reg
-      run: |
-        export GHCR_TOKEN=$(echo ${{ github.token }} | base64)
-        echo "version=$(curl -H "Authorization: Bearer $GHCR_TOKEN" https://ghcr.io/v2/${{ github.repository }}/cap-operator-manager/tags/list | jq '.tags[]' | sort -V | tail -n 2 | head -n 1)" >> $GITHUB_OUTPUT
-
-    - name: Print docker version from container registry
-      run: "echo ${{ steps.get_version_from_container_reg.outputs.version }}"
-
-    - name: Get current docker version
-      id: get_current_docker_version
-      run: |
-          echo "version=$(yq eval '.images[0].newTag' config/default/kustomization.yaml)" >> $GITHUB_OUTPUT
-          echo "module_path=$(yq eval '.images[0].newName' config/default/kustomization.yaml)" >> $GITHUB_OUTPUT
-
-    - name: Print current docker module path and version
-      run: |
-          echo ${{ steps.get_current_docker_version.outputs.module_path }}
-          echo ${{ steps.get_current_docker_version.outputs.version }}
-
-    - name: Download semver tool
-      run: |
-        wget https://raw.githubusercontent.com/fsaintjacques/semver-tool/master/src/semver && \
-        chmod +x semver
-
-    - name: Compare versions
-      id: compare_versions
-      run: |
-        if [[ '${{ steps.get_version_from_container_reg.outputs.version }}' -eq '' ]]
-        then
-          echo "No version available in artifactory, we can proceed."
-          echo "proceed=true" >> $GITHUB_OUTPUT
-        else
-          case $(./semver compare ${{ steps.get_version_from_container_reg.outputs.version }} ${{ steps.get_current_docker_version.outputs.version }}) in
-          -1)
-            echo "Current version is higher than artifactory version, we can proceed."
-            echo "proceed=true" >> $GITHUB_OUTPUT
-            ;;
-          0)
-            echo "Current version is same as the artifactory version, we won't proceed."
-            echo "proceed=false" >> $GITHUB_OUTPUT
-            ;;
-          1)
-            echo "Current version is lower than artifactory version, we won't proceed."
-            echo "proceed=false" >> $GITHUB_OUTPUT
-            ;;
-          esac
-        fi
-
-  docker_build_and_push:
-    name: Docker build and push
-    runs-on: ubuntu-22.04
-    needs: [compare_image_versions]
-    if: needs.compare_image_versions.outputs.proceed_with_module_creation == 'true'
-    permissions:
-      contents: read
-      packages: write
 
-    steps:
-    - name: Checkout
-      uses: actions/checkout@v3
-
-    - name: Setup Docker Buildx
-      uses: docker/setup-buildx-action@v2
-
-    - name: Log in to the Container registry
-      uses: docker/login-action@v2
-      with:
-        registry: ${{ env.REGISTRY }}
-        username: ${{ github.actor }}
-        password: ${{ github.token }}
-
     - name: Extract metadata (tags, labels) for Docker
       id: extract-metadata
       uses: docker/metadata-action@v4
       with:
-        images: ${{ needs.compare_image_versions.outputs.module_path }}
+        images: ${{ steps.prepare-repository-name.outputs.repository }}
         tags: |
-          type=pep440,pattern={{version}},value=${{ needs.compare_image_versions.outputs.version }}
+          type=match,pattern=manager/v(\d.\d.\d),group=1,value=${{ github.event.release.tag_name }}
 
     - name: Build and push docker image
-      id: docker_build
       uses: docker/build-push-action@v4
       with:
         file: Dockerfile
@@ -143,46 +72,5 @@ jobs:
 
     - name: Print Outputs
       run: |
-        echo "Module path: ${{ needs.compare_image_versions.outputs.module_path }}"
         echo "Tags: ${{ steps.extract-metadata.outputs.tags }}"
-        echo "Labels: ${{ steps.extract-metadata.outputs.labels }}"
-
-  generate_manifests:
-    uses: ./.github/workflows/generate-manifest.yml
-    needs: [compare_image_versions, docker_build_and_push]
-    if: needs.compare_image_versions.outputs.proceed_with_module_creation == 'true'
-
-  create_release_tag:
-    name: Create release tag
-    runs-on: ubuntu-22.04
-    needs: [compare_image_versions, docker_build_and_push]
-    if: needs.compare_image_versions.outputs.proceed_with_module_creation == 'true'
-    steps:
-    - name: Checkout
-      uses: actions/checkout@v3
-
-    - name: Determine target commit
-      id: get_target_commit
-      run: |
-        sha=$(git rev-parse HEAD)
-        echo "Target commit: $sha"
-        echo "sha=$sha" >> $GITHUB_OUTPUT
-
-    - name: Wait for check suites to complete
-      uses: sap-contributions/await-check-suites@master
-      with:
-        ref: ${{ steps.get_target_commit.outputs.sha }}
-        intervalSeconds: 10
-        timeoutSeconds: 1800
-        failStepIfUnsuccessful: true
-        appSlugFilter: github-actions
-
-    - name: Create release
-      id: create_release
-      uses: ncipollo/release-action@v1
-      with:
-        tag: cap-operator-manager/v${{ needs.compare_image_versions.outputs.version }}
-        commit: ${{ steps.get_target_commit.outputs.sha }}
-        makeLatest: true
-        prerelease: false
-        allowUpdates: false
+        echo "Labels: ${{ steps.extract-metadata.outputs.labels }}"

.github/workflows/generate-manifest.yml

@@ -2,20 +2,63 @@
 name: Generate Manifests
 
 on:
-  workflow_call:
+  release:
+    types: [published]
+
+  workflow_dispatch: 
+    inputs:
+      version:
+        type: string
+        required: true
+      upload_url:
+        type: string
+        required: false
+
+env:
+  MANIFEST_FILENAME: manager_manifest.yaml
+  CR_FILENAME: manager_default_CR.yaml
 
 defaults:
   run:
     shell: bash
 
 jobs:
-  generate-manifest:
+  generate_manifest:
     name: Generate manifest
     runs-on: ubuntu-22.04
 
     steps:
       - name: Checkout
         uses: actions/checkout@v3
+
+      - name: Get version and upload URL
+        id: get_version_upload_url
+        run: |
+          if [[ ! -z '${{ inputs.version }}' ]]
+          then
+            echo "version=${{ inputs.version }}" >> $GITHUB_OUTPUT
+          else
+            echo "version=$(echo ${{ github.event.release.tag_name }} | grep -oP '(?<=\/v)\d+\.\d+\.\d+' )" >> $GITHUB_OUTPUT
+          fi
+
+          if [[ ! -z '${{ inputs.upload_url }}' ]]
+          then
+            echo "upload_url=${{ inputs.upload_url }}" >> $GITHUB_OUTPUT
+          elif [[ ! -z '${{ github.event.release.upload_url }}' ]]
+          then
+            echo "upload_url=${{ github.event.release.upload_url }}" >> $GITHUB_OUTPUT
+          else
+            echo "upload_url=''" >> $GITHUB_OUTPUT
+          fi
+
+      - name: Print version and upload URL
+        run: |
+          echo "Version=${{ steps.get_version_upload_url.outputs.version }}"
+          echo "Upload URL=${{ steps.get_version_upload_url.outputs.upload_url }}"
+
+      - name: Update version in kustomization.yaml
+        run: |
+          yq -i '.images[0].newTag="${{ steps.get_version_upload_url.outputs.version }}"' config/default/kustomization.yaml
 
       - name: Download kustomize cli
         run: |
@@ -24,4 +67,46 @@
 
       - name: Generate Manifests
         run: |
-          ./kustomize build config/default/
+          ./kustomize build config/default/ > $MANIFEST_FILENAME
+          cat $MANIFEST_FILENAME
+          cat config/samples/operator_v1alpha1_capoperator.yaml > $CR_FILENAME
+
+      - name: Determine target commit
+        id: get_target_commit
+        run: |
+          sha=$(git rev-parse HEAD)
+          echo "Target commit: $sha"
+          echo "sha=$sha" >> $GITHUB_OUTPUT
+
+      - name: Wait for check suites to complete
+        uses: sap-contributions/await-check-suites@master
+        if: inputs.version == ''
+        with:
+          ref: ${{ steps.get_target_commit.outputs.sha }}
+          intervalSeconds: 10
+          timeoutSeconds: 1800
+          failStepIfUnsuccessful: true
+          appSlugFilter: github-actions
+
+      - name: Upload manifest & default CR to release
+        if: inputs.upload_url != '' || github.event.release.upload_url != ''
+        run: |
+          upload_url="${{ steps.get_version_upload_url.outputs.upload_url }}"
+          upload_url=${upload_url%%\{*\}}
+          file=$MANIFEST_FILENAME
+          echo "Uploading manifest $file to $upload_url ..."
+          curl -sSf \
+            -H "Accept: application/vnd.github+json" \
+            -H "Authorization: Bearer ${{ github.token }}" \
+            -H "Content-Type: $(file -b --mime-type $file)" \
+            --data-binary @$file \
+            "$upload_url?name=$(basename $file)"
+
+          file=$CR_FILENAME
+          echo "Uploading default CR $file to $upload_url ..."
+          curl -sSf \
+            -H "Accept: application/vnd.github+json" \
+            -H "Authorization: Bearer ${{ github.token }}" \
+            -H "Content-Type: $(file -b --mime-type $file)" \
+            --data-binary @$file \
+            "$upload_url?name=$(basename $file)"

config/default/kustomization.yaml

@@ -24,4 +24,4 @@ resources:
 images:
 - name: controller
   newName: ghcr.io/sap/cap-operator-lifecycle/cap-operator-manager
-  newTag: 0.0.1
+  newTag: latest