Skip to content

Add support for OCI registries through ORAS #852

Add support for OCI registries through ORAS

Add support for OCI registries through ORAS #852

Workflow file for this run

name: CI
on:
push:
branches:
- master
- v1
- v1-next
pull_request:
branches:
- master
- v1
- v1-next
release:
types:
- released
jobs:
images:
uses: ./.github/workflows/images.yml
prepare:
runs-on: ubuntu-latest
needs: images
outputs:
images: ${{ needs.images.outputs.images }}
main: ${{ needs.images.outputs.main }}
version: ${{ steps.version.outputs.number }}
steps:
- uses: actions/checkout@master
- run: git fetch --depth=1 origin +refs/tags/*:refs/tags/*
- name: Setup version
id: version
run: |
VERSION=`grep -oPm1 "(?<=<Version>)[^<]+" module.xml | cut -d- -f1`
git tag -l | cat
[ $GITHUB_EVENT_NAME == 'release' ] && VERSION=${{ github.event.release.tag_name }} && VERSION=${VERSION/v/}
[ $GITHUB_EVENT_NAME == 'push' ] && VERSION+=-beta && VERSION+=.$(($(git tag -l "v$VERSION.*" | sort -nt. -k4 2>/dev/null | tail -1 | cut -d. -f4)+1))
[ $GITHUB_EVENT_NAME == 'pull_request' ] && VERSION+=-dev.${{ github.event.pull_request.number }} && VERSION+=.$(($(git tag -l "v$VERSION.*" | sort -nt. -k4 2>/dev/null | tail -1 | cut -d. -f5)+1))
echo number=${VERSION} >> $GITHUB_OUTPUT
build:
timeout-minutes: 20
needs:
- prepare
strategy:
fail-fast: false
matrix:
image: ${{ fromJson(github.event.inputs.IMAGE || needs.prepare.outputs.images) }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@master
- name: Set image
id: image
run: |
IMAGE=containers.intersystems.com/intersystems/${{ matrix.image }}
echo name=${IMAGE} >> $GITHUB_OUTPUT
FLAGS=
[[ $IMAGE == *:2021.* ]] && FLAGS=' --check-caps false'
[[ $IMAGE == *:2022.1.* ]] && FLAGS=' --check-caps false'
echo flags=${FLAGS} >> $GITHUB_OUTPUT
- name: Setup version
id: version
env:
VERSION: ${{ needs.prepare.outputs.version }}
run: |
sed -i -E "s/<Version>(.*)<\/Version>/<Version>${VERSION}<\/Version>/" module.xml
cat module.xml
echo number=${VERSION} >> $GITHUB_OUTPUT
- name: Build
uses: docker/build-push-action@v4
with:
context: .
push: false
load: true
tags: zpm
build-args: BASE=${{ steps.image.outputs.name }}
- name: Run temporary registry
timeout-minutes: 15
run: |
echo ${{ secrets.GITHUB_TOKEN }} | docker login docker.pkg.github.com --username ${{ github.actor }} --password-stdin
docker pull docker.pkg.github.com/intersystems-community/zpm-registry/zpm-registry
docker network create zpm
REGISTRY=$(docker run --rm -d \
--network zpm \
--name registry \
-p 52773:52773 \
--network-alias registry \
docker.pkg.github.com/intersystems-community/zpm-registry/zpm-registry \
-a "iris session iris -U%SYS '##class(Security.Users).UnExpireUserPasswords(\"*\")'")
sleep 5; docker exec $REGISTRY /usr/irissys/dev/Cloud/ICM/waitISC.sh
docker logs $REGISTRY
- name: Run ORAS registry
timeout-minutes: 5
run: |
ORAS_IMAGE=ghcr.io/project-zot/zot-linux-amd64:latest
docker pull $ORAS_IMAGE
ORAS=$(docker run --rm -d \
--network zpm \
--name oras \
-p 5000:5000 \
--network-alias oras \
$ORAS_IMAGE)
sleep 5
docker logs $ORAS
- name: Test and Verify
timeout-minutes: 15
run: |
CONTAINER=$(docker run --network zpm -d --rm \
-e TEST_REGISTRY=http://registry:52773/registry/ \
-e TEST_REGISTRY_USER=admin \
-e TEST_REGISTRY_PASSWORD=SYS \
zpm ${{ steps.image.outputs.flags }})
sleep 5; docker exec $CONTAINER /usr/irissys/dev/Cloud/ICM/waitISC.sh
docker cp . $CONTAINER:/home/irisowner/zpm/
echo `docker exec -i --workdir /home/irisowner/zpm/ $CONTAINER ls -rtl`
docker exec -i $CONTAINER iris session iris -UUSER << EOF
zpm "list":1
zpm "test zpm -v -only":1
zpm "verify zpm -v -only":1
halt
EOF
docker stop $CONTAINER
- name: Restart temporary registry
timeout-minutes: 15
run: |
docker rm -f registry || true
docker run --rm -d \
--network zpm \
--name registry \
-p 52773:52773 \
--network-alias registry \
docker.pkg.github.com/intersystems-community/zpm-registry/zpm-registry \
-a "iris session iris -U%SYS '##class(Security.Users).UnExpireUserPasswords(\"*\")'"
REGISTRY=`docker ps -lq`
sleep 5; docker exec $REGISTRY /usr/irissys/dev/Cloud/ICM/waitISC.sh
docker logs $REGISTRY
- name: Test and publish to temporary registry
timeout-minutes: 15
run: |
CONTAINER=$(docker run --network zpm -d --rm zpm ${{ steps.image.outputs.flags }})
sleep 5; docker exec $CONTAINER /usr/irissys/dev/Cloud/ICM/waitISC.sh
docker cp . $CONTAINER:/home/irisowner/zpm/
docker exec -i $CONTAINER iris session iris -UUSER << EOF
zpm "repo -r -name registry -url https://pm.community.intersystems.com/":1
zpm "repo -list":1
zpm "install dsw":1
zpm "install sslclient":1
zpm "list":1
zpm "repo -r -name registry -url ""http://registry:52773/registry/"" -username admin -password SYS":1
zpm "publish zpm -v":1
zpm "publish sslclient -v":1
zpm "search":1
halt
EOF
docker logs $CONTAINER
docker stop $CONTAINER
# NOTE: commented out until 0.7.1 is released.
# - name: Clean install current version and test new one.
# timeout-minutes: 15
# run: |
# curl http://localhost:52773/registry/packages/-/all | jq
# curl http://localhost:52773/registry/packages/zpm/ | jq
# wget https://pm.community.intersystems.com/packages/zpm/latest/installer -O /tmp/zpm.xml
# docker run --network zpm --rm -d -v /tmp/zpm.xml:/home/irisowner/zpm.xml ${{ steps.image.outputs.name }} ${{ steps.image.outputs.flags }}
# CONTAINER=`docker ps -lq`
# sleep 5; docker exec $CONTAINER /usr/irissys/dev/Cloud/ICM/waitISC.sh
# /bin/echo -e '' \
# 'set sc = ##class(%SYSTEM.OBJ).Load("/home/irisowner/zpm.xml", "ck")\n' \
# 'zpm "list":1\n' \
# 'zpm "repo -r -name registry -url ""http://registry:52773/registry/"" -username admin -password SYS":1\n' \
# 'zpm "repo -list"\n' \
# 'zpm "search":1\n' \
# 'zpm "install sslclient":1\n' \
# 'zpm "install zpm -v":1\n' \
# 'zpm "list":1\n' \
# 'zpm "version":1\n' \
# 'halt\n' \
# | docker exec -i $CONTAINER iris session iris -UUSER
# docker stop $CONTAINER
- name: Clean install v0.7.x and test migration to latest.
timeout-minutes: 15
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
curl http://localhost:52773/registry/packages/-/all | jq
curl http://localhost:52773/registry/packages/zpm/ | jq
ASSET_NAME='zpm-0.7.2.xml'
ASSET_URL=`wget --header "Authorization: token ${GITHUB_TOKEN}" -qO- https://api.github.com/repos/intersystems/ipm/releases | jq -r ".[].assets[] | select(.name == \"${ASSET_NAME}\") | .browser_download_url"`
wget $ASSET_URL -O /tmp/zpm.xml
CONTAINER=$(docker run --network zpm --rm -d ${{ steps.image.outputs.name }} ${{ steps.image.outputs.flags }})
docker cp /tmp/zpm.xml $CONTAINER:/home/irisowner/zpm.xml
docker cp tests/migration/v0.7-to-v0.9/. $CONTAINER:/tmp/test-package/
sleep 5; docker exec $CONTAINER /usr/irissys/dev/Cloud/ICM/waitISC.sh
docker exec -i $CONTAINER iris session iris -UUSER << EOF
set sc = ##class(%SYSTEM.OBJ).Load("/home/irisowner/zpm.xml", "ck")
zpm "list":1
zpm "install dsw":1
zpm "repo -r -name registry -url ""http://registry:52773/registry/"" -username admin -password SYS":1
zpm "repo -list"
zpm "search":1
zpm "install sslclient":1
zpm "install zpm -v":1
zpm "load -dev /tmp/test-package/":1
zpm "test ipm-migration-v0.7-to-v0.9 -only -verbose":1
halt
EOF
docker logs $CONTAINER
docker stop $CONTAINER
- name: Clean install and test
timeout-minutes: 15
run: |
wget http://localhost:52773/registry/packages/zpm/latest/installer -O /tmp/zpm.xml
CONTAINER=$(docker run --network zpm --rm -d ${{ steps.image.outputs.name }} ${{ steps.image.outputs.flags }})
docker cp /tmp/zpm.xml $CONTAINER:/home/irisowner/zpm.xml
sleep 5; docker exec $CONTAINER /usr/irissys/dev/Cloud/ICM/waitISC.sh
docker exec -i $CONTAINER iris session iris -U%SYS << EOF
set sc = ##class(%SYSTEM.OBJ).Load("/home/irisowner/zpm.xml", "ck")
if +sc=0 do ##class(%SYSTEM.Process).Terminate(,1)
zpm "list":1
zpm "repo -r -name registry -url https://pm.community.intersystems.com/":1
zpm "install dsw":1
zpm "list":1
halt
EOF
docker logs $CONTAINER
docker stop $CONTAINER
- name: Prepare XML Installer
timeout-minutes: 15
run: |
wget http://localhost:52773/registry/packages/zpm/latest/installer -O zpm-${{ needs.prepare.outputs.version }}.xml
- name: Stop ORAS regsitry
if: always()
run: |
docker stop oras
- name: Stop temporary registry
if: always()
run: |
CONTAINER=`docker ps -lq`
docker stop $CONTAINER
docker stop registry
docker network rm zpm
- uses: actions/upload-artifact@v3
if: matrix.image == ${{ needs.prepare.outputs.main }}
with:
name: zpm-${{ needs.prepare.outputs.version }}
path: zpm-${{ needs.prepare.outputs.version }}.xml
release:
runs-on: ubuntu-latest
if: github.event.repository.fork == false
needs:
- prepare
- build
steps:
- uses: actions/checkout@master
if: github.event_name == 'release'
with:
ref: master
- uses: actions/download-artifact@v3
with:
name: zpm-${{ needs.prepare.outputs.version }}
- name: Create Beta Release
id: create_release
uses: actions/create-release@v1
if: github.event_name == 'push'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: v${{ needs.prepare.outputs.version }}
release_name: v${{ needs.prepare.outputs.version }}
prerelease: ${{ github.event_name != 'release' }}
- name: Upload Beta Release Asset
uses: actions/upload-release-asset@v1
if: github.event_name == 'push'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.create_release.outputs.upload_url }}
asset_path: zpm-${{ needs.prepare.outputs.version }}.xml
asset_name: zpm-${{ needs.prepare.outputs.version }}.xml
asset_content_type: text/xml
- name: Publish release
if: github.event_name == 'release'
env:
VERSION: ${{ needs.prepare.outputs.version }}
run: |
sed -i -E "s/<Version>(.*)<\/Version>/<Version>${VERSION}<\/Version>/" module.xml
cat module.xml
CONTAINER=$(docker run -d --rm -v $(pwd):/home/irisowner/zpm/ containers.intersystems.com/intersystems/${{ needs.prepare.outputs.main }} --check-caps false)
sleep 5; docker exec $CONTAINER /usr/irissys/dev/Cloud/ICM/waitISC.sh
docker exec -i $CONTAINER iris session iris -UUSER << EOF
set sc=##class(%SYSTEM.OBJ).Load("/home/irisowner/zpm/Installer.cls","ck")
set sc=##class(IPM.Installer).setup("/home/irisowner/zpm/",3)
zpm "repo -r -name registry -url ""https://pm.community.intersystems.com/"" -username ${{ secrets.REGISTRY_USERNAME }} -password ${{ secrets.REGISTRY_PASSWORD }}":1
zpm "publish zpm -v":1
halt
EOF
docker stop $CONTAINER
- name: Upload Public Release Asset
uses: actions/upload-release-asset@v1
if: github.event_name == 'release'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ github.event.release.upload_url }}
asset_path: zpm-${{ needs.prepare.outputs.version }}.xml
asset_name: zpm-${{ needs.prepare.outputs.version }}.xml
asset_content_type: text/xml
- name: Bump Release number
if: github.event_name == 'release'
env:
VERSION: ${{ needs.prepare.outputs.version }}
run: |
NEXT_VERSION=`echo $VERSION | awk -F. '/[0-9]+\./{$NF++;print}' OFS=.`
[ $NEXT_VERSION != $VERSION ] && (
sed -i -E "s/<Version>(.*)<\/Version>/<Version>${NEXT_VERSION/v/}-SNAPSHOT<\/Version>/" module.xml
cat module.xml
git config --global user.name 'ProjectBot'
git config --global user.email '[email protected]'
git add module.xml
git commit -m 'auto bump version with release'
git push
)