From 0129ca1e95fb0f6c3b428d2a2da3ba60c9ff75db Mon Sep 17 00:00:00 2001 From: sikehish Date: Thu, 17 Oct 2024 23:35:17 +0530 Subject: [PATCH 01/10] github/workflows: Created ci-build-and-push.yml --- .github/workflows/ci-build-and-push.yml | 45 +++++++++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 .github/workflows/ci-build-and-push.yml diff --git a/.github/workflows/ci-build-and-push.yml b/.github/workflows/ci-build-and-push.yml new file mode 100644 index 000000000..3d2d4f502 --- /dev/null +++ b/.github/workflows/ci-build-and-push.yml @@ -0,0 +1,45 @@ +name: ci-build-and-push + +on: + push: + branches: + - main + pull_request: + branches: + - main + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - name: Checkout Repository + uses: actions/checkout@v3 + with: + submodules: true + + - name: Set up QEMU for multi-architecture builds + uses: docker/setup-qemu-action@v2 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + with: + platforms: linux/amd64,linux/arm64/v8 + + - name: Log in to Docker Hub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_AUTHTOK }} + + - name: Build and push multi-architecture image + uses: docker/build-push-action@v6 + with: + context: . + file: examples/multiubuntu/build/Dockerfile + push: true + tags: ${{ secrets.DOCKER_USERNAME }}/multiubuntu:latest correctly + platforms: linux/amd64,linux/arm64/v8 + + - name: Logout from Docker Hub + run: docker logout From 317dd204dc9a3083706ddb13cbf7b63a24ba4430 Mon Sep 17 00:00:00 2001 From: sikehish Date: Thu, 17 Oct 2024 23:41:13 +0530 Subject: [PATCH 02/10] Revert "github/workflows: Created ci-build-and-push.yml" This reverts commit 0129ca1e95fb0f6c3b428d2a2da3ba60c9ff75db. --- .github/workflows/ci-build-and-push.yml | 45 ------------------------- 1 file changed, 45 deletions(-) delete mode 100644 .github/workflows/ci-build-and-push.yml diff --git a/.github/workflows/ci-build-and-push.yml b/.github/workflows/ci-build-and-push.yml deleted file mode 100644 index 3d2d4f502..000000000 --- a/.github/workflows/ci-build-and-push.yml +++ /dev/null @@ -1,45 +0,0 @@ -name: ci-build-and-push - -on: - push: - branches: - - main - pull_request: - branches: - - main - -jobs: - build: - runs-on: ubuntu-latest - - steps: - - name: Checkout Repository - uses: actions/checkout@v3 - with: - submodules: true - - - name: Set up QEMU for multi-architecture builds - uses: docker/setup-qemu-action@v2 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - with: - platforms: linux/amd64,linux/arm64/v8 - - - name: Log in to Docker Hub - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_AUTHTOK }} - - - name: Build and push multi-architecture image - uses: docker/build-push-action@v6 - with: - context: . - file: examples/multiubuntu/build/Dockerfile - push: true - tags: ${{ secrets.DOCKER_USERNAME }}/multiubuntu:latest correctly - platforms: linux/amd64,linux/arm64/v8 - - - name: Logout from Docker Hub - run: docker logout From 033e3186d7cf2f6aac895bcd9eec3d6ad530177f Mon Sep 17 00:00:00 2001 From: sikehish Date: Thu, 17 Oct 2024 23:42:03 +0530 Subject: [PATCH 03/10] github/workflows: Created ci-build-and-push.yml --- .github/workflows/ci-build-and-push.yml | 45 +++++++++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 .github/workflows/ci-build-and-push.yml diff --git a/.github/workflows/ci-build-and-push.yml b/.github/workflows/ci-build-and-push.yml new file mode 100644 index 000000000..3c7af3efa --- /dev/null +++ b/.github/workflows/ci-build-and-push.yml @@ -0,0 +1,45 @@ +name: ci-build-and-push + +on: + push: + branches: + - main + pull_request: + branches: + - main + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - name: Checkout Repository + uses: actions/checkout@v3 + with: + submodules: true + + - name: Set up QEMU for multi-architecture builds + uses: docker/setup-qemu-action@v2 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + with: + platforms: linux/amd64,linux/arm64/v8 + + - name: Log in to Docker Hub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_AUTHTOK }} + + - name: Build and push multi-architecture image + uses: docker/build-push-action@v6 + with: + context: . + file: examples/multiubuntu/build/Dockerfile + push: true + tags: ${{ secrets.DOCKER_USERNAME }}/multiubuntu:latest + platforms: linux/amd64,linux/arm64/v8 + + - name: Logout from Docker Hub + run: docker logout From 99a0838bd8c9f07788a9323e557711379d36b43b Mon Sep 17 00:00:00 2001 From: sikehish Date: Fri, 18 Oct 2024 00:26:00 +0530 Subject: [PATCH 04/10] github/workflows: Testing change in context in ci-build-and-push.yml --- .github/workflows/ci-build-and-push.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci-build-and-push.yml b/.github/workflows/ci-build-and-push.yml index 3c7af3efa..7df82c984 100644 --- a/.github/workflows/ci-build-and-push.yml +++ b/.github/workflows/ci-build-and-push.yml @@ -35,8 +35,8 @@ jobs: - name: Build and push multi-architecture image uses: docker/build-push-action@v6 with: - context: . - file: examples/multiubuntu/build/Dockerfile + context: examples/multiubuntu/build + file: examples/multiubuntu/build/Dockerfile push: true tags: ${{ secrets.DOCKER_USERNAME }}/multiubuntu:latest platforms: linux/amd64,linux/arm64/v8 From fd5ac14e28849d6722ebdb90281d0ecdf9c56601 Mon Sep 17 00:00:00 2001 From: sikehish Date: Fri, 18 Oct 2024 19:31:31 +0530 Subject: [PATCH 05/10] ci-build-and-push-ubuntu.yml: Renamed the workflow and added an if condition in build stage. --- .github/workflows/ci-build-and-push.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci-build-and-push.yml b/.github/workflows/ci-build-and-push.yml index 7df82c984..00ec4742e 100644 --- a/.github/workflows/ci-build-and-push.yml +++ b/.github/workflows/ci-build-and-push.yml @@ -1,15 +1,13 @@ -name: ci-build-and-push +name: ci-build-and-push-ubuntu on: push: branches: - main - pull_request: - branches: - - main jobs: build: + if: github.repository == 'kubearmor/kubearmor' runs-on: ubuntu-latest steps: From 8c96ba24f74f421937547d56bd9fe38273052e99 Mon Sep 17 00:00:00 2001 From: sikehish Date: Fri, 18 Oct 2024 19:31:50 +0530 Subject: [PATCH 06/10] ci-build-and-push-ubuntu.yml: Renamed the workflow and added an if condition in build stage. --- .../{ci-build-and-push.yml => ci-build-and-push-ubuntu.yml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .github/workflows/{ci-build-and-push.yml => ci-build-and-push-ubuntu.yml} (100%) diff --git a/.github/workflows/ci-build-and-push.yml b/.github/workflows/ci-build-and-push-ubuntu.yml similarity index 100% rename from .github/workflows/ci-build-and-push.yml rename to .github/workflows/ci-build-and-push-ubuntu.yml From 33d96c2d4c103256a22d3ea1126ecc55f13d236a Mon Sep 17 00:00:00 2001 From: sikehish Date: Mon, 21 Oct 2024 14:45:48 +0530 Subject: [PATCH 07/10] ci-build-and-push-ubuntu.yml: Changed image tag to kubearmor/ubuntu-w-utils:latest --- .github/workflows/ci-build-and-push-ubuntu.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci-build-and-push-ubuntu.yml b/.github/workflows/ci-build-and-push-ubuntu.yml index 00ec4742e..e129ef8c5 100644 --- a/.github/workflows/ci-build-and-push-ubuntu.yml +++ b/.github/workflows/ci-build-and-push-ubuntu.yml @@ -36,7 +36,7 @@ jobs: context: examples/multiubuntu/build file: examples/multiubuntu/build/Dockerfile push: true - tags: ${{ secrets.DOCKER_USERNAME }}/multiubuntu:latest + tags: kubearmor/ubuntu-w-utils:latest platforms: linux/amd64,linux/arm64/v8 - name: Logout from Docker Hub From 649a4169f9ab6bcfa5b9580fb31368f6c381adad Mon Sep 17 00:00:00 2001 From: sikehish Date: Tue, 22 Oct 2024 13:58:30 +0530 Subject: [PATCH 08/10] chore(ci): add multiubuntu build path for e2e tests Added examples/multiubuntu/build path in the CI workflow to run end-to-end tests for any changes. --- .github/workflows/ci-test-ginkgo.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ci-test-ginkgo.yml b/.github/workflows/ci-test-ginkgo.yml index 553b5e68f..f698bea2a 100644 --- a/.github/workflows/ci-test-ginkgo.yml +++ b/.github/workflows/ci-test-ginkgo.yml @@ -10,6 +10,7 @@ on: - ".github/workflows/ci-test-ginkgo.yml" - "pkg/KubeArmorOperator/**" - "deployments/helm/**" + - "examples/multiubuntu/build/**" pull_request: branches: [main] paths: From 2501d777de5f23d790a4aace61558c7b9aa808b5 Mon Sep 17 00:00:00 2001 From: sikehish Date: Wed, 4 Dec 2024 20:20:03 +0530 Subject: [PATCH 09/10] ci-test-gingko.yml: Added functionality to build multiubuntu image locally for testing Signed-off-by: sikehish --- .github/workflows/ci-test-ginkgo.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/.github/workflows/ci-test-ginkgo.yml b/.github/workflows/ci-test-ginkgo.yml index f698bea2a..4b1652605 100644 --- a/.github/workflows/ci-test-ginkgo.yml +++ b/.github/workflows/ci-test-ginkgo.yml @@ -20,6 +20,7 @@ on: - ".github/workflows/ci-test-ginkgo.yml" - "pkg/KubeArmorOperator/**" - "deployments/helm/**" + - "examples/multiubuntu/build/**" # Declare default permissions as read only. permissions: read-all @@ -75,6 +76,11 @@ jobs: - name: Build KubeArmorController if: steps.filter.outputs.controller == 'true' run: make -C pkg/KubeArmorController/ docker-build TAG=latest + + - name: Build multiubuntu image + run: | + cd examples/multiubuntu/build + docker build -t kubearmor/multiubuntu:latest . - name: deploy pre existing pod run: | @@ -84,6 +90,12 @@ jobs: - name: Run KubeArmor run: | + if [[ ${{ matrix.runtime }} == "containerd" ]]; then + docker save kubearmor/multiubuntu:latest | sudo k3s ctr images import - + else + docker save kubearmor/multiubuntu:latest | sudo podman load + sudo podman tag localhost/latest:latest docker.io/kubearmor/multiubuntu:latest + fi if [[ ${{ matrix.runtime }} == "containerd" ]]; then docker save kubearmor/kubearmor-test-init:latest | sudo k3s ctr images import - docker save kubearmor/kubearmor-test:latest | sudo k3s ctr images import - From 1b3cdb92b11decb2924f2dae6445cd107a9116d0 Mon Sep 17 00:00:00 2001 From: sikehish Date: Thu, 5 Dec 2024 00:43:07 +0530 Subject: [PATCH 10/10] ci-test-ginkgo.yml: Made minor refactoring related changes Signed-off-by: sikehish --- .github/workflows/ci-test-ginkgo.yml | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/.github/workflows/ci-test-ginkgo.yml b/.github/workflows/ci-test-ginkgo.yml index f544e5202..c326c833e 100644 --- a/.github/workflows/ci-test-ginkgo.yml +++ b/.github/workflows/ci-test-ginkgo.yml @@ -18,7 +18,6 @@ on: - "tests/**" - "protobuf/**" - ".github/workflows/ci-test-ginkgo.yml" - - "examples/multiubuntu/build/**" - "pkg/KubeArmorOperator/**" - "deployments/helm/**" - "examples/multiubuntu/build/**" @@ -81,7 +80,7 @@ jobs: - name: Build multiubuntu image run: | cd examples/multiubuntu/build - docker build -t kubearmor/multiubuntu:latest . + docker build -t kubearmor/ubuntu-w-utils:latest . - name: deploy pre existing pod run: | @@ -91,18 +90,13 @@ jobs: - name: Run KubeArmor run: | - if [[ ${{ matrix.runtime }} == "containerd" ]]; then - docker save kubearmor/multiubuntu:latest | sudo k3s ctr images import - - else - docker save kubearmor/multiubuntu:latest | sudo podman load - sudo podman tag localhost/latest:latest docker.io/kubearmor/multiubuntu:latest - fi if [[ ${{ matrix.runtime }} == "containerd" ]]; then docker save kubearmor/kubearmor-test-init:latest | sudo k3s ctr images import - docker save kubearmor/kubearmor-test:latest | sudo k3s ctr images import - docker save kubearmor/kubearmor-operator:latest | sudo k3s ctr images import - docker save kubearmor/kubearmor-snitch:latest | sudo k3s ctr images import - - + docker save kubearmor/ubuntu-w-utils:latest | sudo k3s ctr images import - + if [[ ${{ steps.filter.outputs.controller }} == 'true' ]]; then docker save kubearmor/kubearmor-controller:latest | sudo k3s ctr images import - fi @@ -116,6 +110,9 @@ jobs: sudo podman tag localhost/latest:latest docker.io/kubearmor/kubearmor-operator:latest docker save kubearmor/kubearmor-snitch:latest | sudo podman load sudo podman tag localhost/latest:latest docker.io/kubearmor/kubearmor-snitch:latest + docker save kubearmor/ubuntu-w-utils:latest | sudo podman load + sudo podman tag localhost/latest:latest docker.io/kubearmor/ubuntu-w-utils:latest + if [ ${{ steps.filter.outputs.controller }} == 'true' ]; then docker save kubearmor/kubearmor-controller:latest | sudo podman load sudo podman tag localhost/latest:latest docker.io/kubearmor/kubearmor-controller:latest