Merge branch 'w/7.70/improvement/PTFE-1339' into w/8.6/improvement/PTFE-1339

Merge branch 'improvement/PTFE-1339' into w/7.70/improvement/PTFE-1339
Use official docker build steps
2024-04-09 22:54:18 +02:00 · 2024-04-09 22:28:11 +02:00 · 2024-04-09 22:06:23 +02:00 · 2024-04-09 22:06:21 +02:00 · 2024-04-09 22:05:56 +02:00 · 2024-04-09 22:05:54 +02:00
7 changed files with 86 additions and 72 deletions
--- a/.github/actions/setup-ci/action.yaml
+++ b/.github/actions/setup-ci/action.yaml
@ -16,7 +16,7 @@ runs:
      run: |-
        set -exu;
        mkdir -p /tmp/artifacts/${JOB_NAME}/;
-    - uses: actions/setup-node@v2
+    - uses: actions/setup-node@v4
      with:
        node-version: '16'
        cache: 'yarn'
--- a/.github/docker/docker-compose.yaml
+++ b/.github/docker/docker-compose.yaml
@ -67,7 +67,7 @@ services:
  pykmip:
    network_mode: "host"
    profiles: ['pykmip']
-    image: registry.scality.com/cloudserver-dev/pykmip
+    image: ${PYKMIP_IMAGE:-ghcr.io/scality/cloudserver/pykmip}
    volumes:
      - /tmp/artifacts/${JOB_NAME}:/artifacts
  mongo:
--- a/.github/workflows/codeql.yaml
+++ b/.github/workflows/codeql.yaml
@ -14,12 +14,12 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
      - name: Initialize CodeQL
-        uses: github/codeql-action/init@v2
+        uses: github/codeql-action/init@v3
        with:
          languages: javascript, python, ruby
      - name: Build and analyze
-        uses: github/codeql-action/analyze@v2
+        uses: github/codeql-action/analyze@v3
--- a/.github/workflows/dependency-review.yaml
+++ b/.github/workflows/dependency-review.yaml
@ -10,7 +10,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: 'Checkout Repository'
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
      - name: 'Dependency Review'
-        uses: actions/dependency-review-action@v3
+        uses: actions/dependency-review-action@v4
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@ -10,58 +10,69 @@ on:
        required: true
 env:
  REGISTRY_NAME: registry.scality.com
  PROJECT_NAME: ${{ github.event.repository.name }}
 jobs:
  build-federation-image:
-    uses: scality/workflows/.github/workflows/docker-build.yaml@v1
+    runs-on: ubuntu-latest
-    secrets: inherit
+    steps:
-    with:
+      - name: Checkout
-      push: true
+        uses: actions/checkout@v4
-      registry: registry.scality.com
+      - name: Set up Docker Buildx
-      namespace: ${{ github.event.repository.name }}
+        uses: docker/setup-buildx-action@v3
-      name: ${{ github.event.repository.name }}
+      - name: Login to GitHub Registry
-      context: .
+        uses: docker/login-action@v3
-      file: images/svc-base/Dockerfile
+        with:
-      tag: ${{ github.event.inputs.tag }}-svc-base
+          registry: ghcr.io
          username: ${{ github.repository_owner }}
          password: ${{ github.token }}
      - name: Build and push image for federation
        uses: docker/build-push-action@v5
        with:
          push: true
          context: .
          file: images/svc-base/Dockerfile
          tags: |
            ghcr.io/${{ github.repository }}:${{ github.event.inputs.tag }}-svc-base
          cache-from: type=gha,scope=federation
          cache-to: type=gha,mode=max,scope=federation
  release:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
      - name: Set up Docker Buildk
-        uses: docker/setup-buildx-action@v1
+        uses: docker/setup-buildx-action@v3
      - name: Login to Registry
-        uses: docker/login-action@v1
+        uses: docker/login-action@v3
        with:
-          registry: ${{ env.REGISTRY_NAME }}
+          registry: ghcr.io
-          username: ${{ secrets.REGISTRY_LOGIN }}
+          username: ${{ github.repository_owner }}
-          password: ${{ secrets.REGISTRY_PASSWORD }}
+          password: ${{ github.token }}
      - name: Push dashboards into the production namespace
        run: |
-          oras push ${{ env.REGISTRY_NAME }}/${{ env.PROJECT_NAME }}/${{ env.PROJECT_NAME }}-dashboards:${{ github.event.inputs.tag }} \
+          oras push ghcr.io/${{ github.repository }}/${{ env.PROJECT_NAME }}-dashboards:${{ github.event.inputs.tag }} \
            dashboard.json:application/grafana-dashboard+json \
            alerts.yaml:application/prometheus-alerts+yaml
        working-directory: monitoring
      - name: Build and push
-        uses: docker/build-push-action@v2
+        uses: docker/build-push-action@v5
        with:
          context: .
          push: true
-          tags: ${{ env.REGISTRY_NAME }}/${{ env.PROJECT_NAME }}/${{ env.PROJECT_NAME }}:${{ github.event.inputs.tag }}
+          tags: ghcr.io/${{ github.repository }}:${{ github.event.inputs.tag }}
          cache-from: type=gha
          cache-to: type=gha,mode=max
      - name: Create Release
-        uses: softprops/action-gh-release@v1
+        uses: softprops/action-gh-release@v2
        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ github.token }}
        with:
          name: Release ${{ github.event.inputs.tag }}
          tag_name: ${{ github.event.inputs.tag }}
--- a/.github/workflows/tests.yaml
+++ b/.github/workflows/tests.yaml
@ -71,17 +71,17 @@ jobs:
    runs-on: ubuntu-latest
    steps:
    - name: Checkout
-      uses: actions/checkout@v2
+      uses: actions/checkout@v4
-    - uses: actions/setup-node@v2
+    - uses: actions/setup-node@v4
      with:
        node-version: '16'
        cache: yarn
    - name: install dependencies
      run: yarn install --frozen-lockfile --network-concurrency 1
-    - uses: actions/setup-python@v4
+    - uses: actions/setup-python@v5
      with:
        python-version: '3.9'
-    - uses: actions/cache@v2
+    - uses: actions/cache@v4
      with:
        path: ~/.cache/pip
        key: ${{ runner.os }}-pip
@ -114,7 +114,7 @@ jobs:
        find . -name "*junit*.xml" -exec cp {} artifacts/junit/ ";"
      if: always()
    - name: Upload files to artifacts
-      uses: scality/action-artifacts@v2
+      uses: scality/action-artifacts@v4
      with:
        method: upload
        url: https://artifacts.scality.net
@ -127,45 +127,47 @@ jobs:
    runs-on: ubuntu-20.04
    steps:
      - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1.6.0
+        uses: docker/setup-buildx-action@v3
      - name: Login to GitHub Registry
-        uses: docker/login-action@v1.10.0
+        uses: docker/login-action@v3
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
+          password: ${{ github.token }}
      - name: Login to Registry
        uses: docker/login-action@v1
        with:
          registry: registry.scality.com
          username: ${{ secrets.REGISTRY_LOGIN }}
          password: ${{ secrets.REGISTRY_PASSWORD }}
      - name: Build and push cloudserver image
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v5
        with:
          push: true
          context: .
          provenance: false
          tags: |
-            ghcr.io/${{ github.repository }}/cloudserver:${{ github.sha }}
+            ghcr.io/${{ github.repository }}:${{ github.sha }}
            registry.scality.com/cloudserver-dev/cloudserver:${{ github.sha }}
          cache-from: type=gha,scope=cloudserver
          cache-to: type=gha,mode=max,scope=cloudserver
      - name: Build and push pykmip image
        uses: docker/build-push-action@v5
        with:
          push: true
          context: .github/pykmip
          tags: |
            ghcr.io/${{ github.repository }}/pykmip:${{ github.sha }}
          cache-from: type=gha,scope=pykmip
          cache-to: type=gha,mode=max,scope=pykmip
  multiple-backend:
    runs-on: ubuntu-latest
    needs: build
    env:
-      CLOUDSERVER_IMAGE: ghcr.io/${{ github.repository }}/cloudserver:${{ github.sha }}
+      CLOUDSERVER_IMAGE: ghcr.io/${{ github.repository }}:${{ github.sha }}
      S3BACKEND: mem
      S3_LOCATION_FILE: /usr/src/app/tests/locationConfig/locationConfigTests.json
      S3DATA: multiple
      JOB_NAME: ${{ github.job }}
    steps:
    - name: Checkout
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
    - name: Setup CI environment
      uses: ./.github/actions/setup-ci
    - name: Setup CI services
@ -179,7 +181,7 @@ jobs:
      env:
        S3_LOCATION_FILE: tests/locationConfig/locationConfigTests.json
    - name: Upload logs to artifacts
-      uses: scality/action-artifacts@v3
+      uses: scality/action-artifacts@v4
      with:
        method: upload
        url: https://artifacts.scality.net
@ -198,11 +200,11 @@ jobs:
      S3KMS: file
      S3_LOCATION_FILE: /usr/src/app/tests/locationConfig/locationConfigTests.json
      DEFAULT_BUCKET_KEY_FORMAT: v0
-      CLOUDSERVER_IMAGE: ghcr.io/${{ github.repository }}/cloudserver:${{ github.sha }}
+      CLOUDSERVER_IMAGE: ghcr.io/${{ github.repository }}:${{ github.sha }}
      JOB_NAME: ${{ github.job }}
    steps:
    - name: Checkout
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
    - name: Setup CI environment
      uses: ./.github/actions/setup-ci
    - name: Setup CI services
@ -216,7 +218,7 @@ jobs:
      env:
        S3_LOCATION_FILE: tests/locationConfig/locationConfigTests.json
    - name: Upload logs to artifacts
-      uses: scality/action-artifacts@v3
+      uses: scality/action-artifacts@v4
      with:
        method: upload
        url: https://artifacts.scality.net
@ -236,11 +238,11 @@ jobs:
      S3_LOCATION_FILE: /usr/src/app/tests/locationConfig/locationConfigTests.json
      DEFAULT_BUCKET_KEY_FORMAT: v1
      METADATA_MAX_CACHED_BUCKETS: 1
-      CLOUDSERVER_IMAGE: ghcr.io/${{ github.repository }}/cloudserver:${{ github.sha }}
+      CLOUDSERVER_IMAGE: ghcr.io/${{ github.repository }}:${{ github.sha }}
      JOB_NAME: ${{ github.job }}
    steps:
    - name: Checkout
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
    - name: Setup CI environment
      uses: ./.github/actions/setup-ci
    - name: Setup CI services
@ -255,7 +257,7 @@ jobs:
      env:
        S3_LOCATION_FILE: tests/locationConfig/locationConfigTests.json
    - name: Upload logs to artifacts
-      uses: scality/action-artifacts@v3
+      uses: scality/action-artifacts@v4
      with:
        method: upload
        url: https://artifacts.scality.net
@ -275,12 +277,12 @@ jobs:
    env:
      S3BACKEND: file
      S3VAULT: mem
-      CLOUDSERVER_IMAGE: ghcr.io/${{ github.repository }}/cloudserver:${{ github.sha }}
+      CLOUDSERVER_IMAGE: ghcr.io/${{ github.repository }}:${{ github.sha }}
      MPU_TESTING: "yes"
      JOB_NAME: ${{ matrix.job-name }}
    steps:
    - name: Checkout
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
    - name: Setup CI environment
      uses: ./.github/actions/setup-ci
    - name: Setup matrix job artifacts directory
@ -297,7 +299,7 @@ jobs:
        bash wait_for_local_port.bash 8000 40
        yarn run ft_test | tee /tmp/artifacts/${{ matrix.job-name }}/tests.log
    - name: Upload logs to artifacts
-      uses: scality/action-artifacts@v3
+      uses: scality/action-artifacts@v4
      with:
        method: upload
        url: https://artifacts.scality.net
@ -313,11 +315,11 @@ jobs:
      ENABLE_UTAPI_V2: t
      S3BACKEND: mem 
      BUCKET_DENY_FILTER: utapi-event-filter-deny-bucket
-      CLOUDSERVER_IMAGE: ghcr.io/${{ github.repository }}/cloudserver:${{ github.sha }}
+      CLOUDSERVER_IMAGE: ghcr.io/${{ github.repository }}:${{ github.sha }}
      JOB_NAME: ${{ github.job }}
    steps:
    - name: Checkout
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
    - name: Setup CI environment
      uses: ./.github/actions/setup-ci
    - name: Setup CI services
@ -329,7 +331,7 @@ jobs:
        bash wait_for_local_port.bash 8000 40
        yarn run test_utapi_v2 | tee /tmp/artifacts/${{ github.job }}/tests.log
    - name: Upload logs to artifacts
-      uses: scality/action-artifacts@v3
+      uses: scality/action-artifacts@v4
      with:
        method: upload
        url: https://artifacts.scality.net
@ -345,11 +347,12 @@ jobs:
      S3BACKEND: file
      S3VAULT: mem
      MPU_TESTING: "yes" 
-      CLOUDSERVER_IMAGE: ghcr.io/${{ github.repository }}/cloudserver:${{ github.sha }}
+      CLOUDSERVER_IMAGE: ghcr.io/${{ github.repository }}:${{ github.sha }}
      PYKMIP_IMAGE: ghcr.io/${{ github.repository }}/pykmip:${{ github.sha }}
      JOB_NAME: ${{ github.job }}
    steps:
    - name: Checkout
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
    - name: Setup CI environment
      uses: ./.github/actions/setup-ci
    - name: Copy KMIP certs
@ -365,7 +368,7 @@ jobs:
        bash wait_for_local_port.bash 5696 40
        yarn run ft_kmip | tee /tmp/artifacts/${{ github.job }}/tests.log
    - name: Upload logs to artifacts
-      uses: scality/action-artifacts@v3
+      uses: scality/action-artifacts@v4
      with:
        method: upload
        url: https://artifacts.scality.net
@ -384,17 +387,17 @@ jobs:
      CI_CEPH: 'true'
      MPU_TESTING: "yes" 
      S3_LOCATION_FILE: /usr/src/app/tests/locationConfig/locationConfigCeph.json
-      CLOUDSERVER_IMAGE: ghcr.io/${{ github.repository }}/cloudserver:${{ github.sha }}
+      CLOUDSERVER_IMAGE: ghcr.io/${{ github.repository }}:${{ github.sha }}
      JOB_NAME: ${{ github.job }}
    steps:
    - name: Checkout
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
    - name: Login to GitHub Registry
-      uses: docker/login-action@v1.10.0
+      uses: docker/login-action@v3
      with:
        registry: ghcr.io
        username: ${{ github.repository_owner }}
-        password: ${{ secrets.GITHUB_TOKEN }}
+        password: ${{ github.token }}
    - name: Setup CI environment
      uses: ./.github/actions/setup-ci
    - uses: ruby/setup-ruby@v1
@ -442,7 +445,7 @@ jobs:
        S3VAULT: mem
        S3METADATA: mongodb
    - name: Upload logs to artifacts
-      uses: scality/action-artifacts@v3
+      uses: scality/action-artifacts@v4
      with:
        method: upload
        url: https://artifacts.scality.net
--- a/images/svc-base/Dockerfile
+++ b/images/svc-base/Dockerfile
@ -1,4 +1,4 @@
-FROM registry.scality.com/federation/nodesvc-base:7.10.6.0
+FROM ghcr.io/scality/federation/nodesvc-base:7.10.6.0
 ENV S3_CONFIG_FILE=${CONF_DIR}/config.json
 ENV S3_LOCATION_FILE=${CONF_DIR}/locationConfig.json
Author	SHA1	Message	Date
Francois Ferrand	0a1bbb95ec	Merge branch 'w/7.70/improvement/PTFE-1339' into w/8.6/improvement/PTFE-1339	2024-04-09 22:54:18 +02:00
Francois Ferrand	45262dfc30	Merge branch 'improvement/PTFE-1339' into w/7.70/improvement/PTFE-1339	2024-04-09 22:28:11 +02:00
Francois Ferrand	60c4469237	Use official docker build steps The docker-build step from `scality/workflows/` fails to login to ghcr, as it picks up the old registry creds. Issue: PTFE-1339	2024-04-09 22:06:23 +02:00
Francois Ferrand	483d19fce1	Build pykmip image Issue: PTFE-1339	2024-04-09 22:06:21 +02:00
Francois Ferrand	bfbf1c0fa0	Upgrade actions - artifacts@v4 - cache@v4 - checkout@v4 - codeql@v3 - dependency-review@v4 - login@v3 - setup-buildx@v3 - setup-node@v4 - setup-python@v5 Issue: PTFE-1339	2024-04-09 22:05:56 +02:00
Francois Ferrand	b5be74e6cc	Migrate to ghcr Issue: PTFE-1339	2024-04-09 22:05:54 +02:00