Add support for OCI registries through ORAS #863
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches: | |
- master | |
- v1 | |
- v1-next | |
pull_request: | |
branches: | |
- master | |
- v1 | |
- v1-next | |
release: | |
types: | |
- released | |
jobs: | |
images: | |
uses: ./.github/workflows/images.yml | |
prepare: | |
runs-on: ubuntu-latest | |
needs: images | |
outputs: | |
images: ${{ needs.images.outputs.images }} | |
main: ${{ needs.images.outputs.main }} | |
version: ${{ steps.version.outputs.number }} | |
steps: | |
- uses: actions/checkout@master | |
- run: git fetch --depth=1 origin +refs/tags/*:refs/tags/* | |
- name: Setup version | |
id: version | |
run: | | |
VERSION=`grep -oPm1 "(?<=<Version>)[^<]+" module.xml | cut -d- -f1` | |
git tag -l | cat | |
[ $GITHUB_EVENT_NAME == 'release' ] && VERSION=${{ github.event.release.tag_name }} && VERSION=${VERSION/v/} | |
[ $GITHUB_EVENT_NAME == 'push' ] && VERSION+=-beta && VERSION+=.$(($(git tag -l "v$VERSION.*" | sort -nt. -k4 2>/dev/null | tail -1 | cut -d. -f4)+1)) | |
[ $GITHUB_EVENT_NAME == 'pull_request' ] && VERSION+=-dev.${{ github.event.pull_request.number }} && VERSION+=.$(($(git tag -l "v$VERSION.*" | sort -nt. -k4 2>/dev/null | tail -1 | cut -d. -f5)+1)) | |
echo number=${VERSION} >> $GITHUB_OUTPUT | |
build: | |
timeout-minutes: 20 | |
needs: | |
- prepare | |
strategy: | |
fail-fast: false | |
matrix: | |
image: ${{ fromJson(github.event.inputs.IMAGE || needs.prepare.outputs.images) }} | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@master | |
- name: Set image | |
id: image | |
run: | | |
IMAGE=containers.intersystems.com/intersystems/${{ matrix.image }} | |
echo name=${IMAGE} >> $GITHUB_OUTPUT | |
FLAGS= | |
[[ $IMAGE == *:2021.* ]] && FLAGS=' --check-caps false' | |
[[ $IMAGE == *:2022.1.* ]] && FLAGS=' --check-caps false' | |
echo flags=${FLAGS} >> $GITHUB_OUTPUT | |
- name: Setup version | |
id: version | |
env: | |
VERSION: ${{ needs.prepare.outputs.version }} | |
run: | | |
sed -i -E "s/<Version>(.*)<\/Version>/<Version>${VERSION}<\/Version>/" module.xml | |
cat module.xml | |
echo number=${VERSION} >> $GITHUB_OUTPUT | |
- name: Build | |
uses: docker/build-push-action@v4 | |
with: | |
context: . | |
push: false | |
load: true | |
tags: zpm | |
build-args: BASE=${{ steps.image.outputs.name }} | |
- name: Run temporary registry | |
timeout-minutes: 15 | |
run: | | |
echo ${{ secrets.GITHUB_TOKEN }} | docker login docker.pkg.github.com --username ${{ github.actor }} --password-stdin | |
docker pull docker.pkg.github.com/intersystems-community/zpm-registry/zpm-registry | |
docker network create zpm | |
REGISTRY=$(docker run --rm -d \ | |
--network zpm \ | |
--name registry \ | |
-p 52773:52773 \ | |
--network-alias registry \ | |
docker.pkg.github.com/intersystems-community/zpm-registry/zpm-registry \ | |
-a "iris session iris -U%SYS '##class(Security.Users).UnExpireUserPasswords(\"*\")'") | |
sleep 5; docker exec $REGISTRY /usr/irissys/dev/Cloud/ICM/waitISC.sh | |
docker logs $REGISTRY | |
- name: Run ORAS registry | |
timeout-minutes: 5 | |
run: | | |
ORAS_IMAGE=ghcr.io/project-zot/zot-linux-amd64:latest | |
docker pull $ORAS_IMAGE | |
ORAS=$(docker run --rm -d \ | |
--network zpm \ | |
--name oras \ | |
-p 5000:5000 \ | |
--network-alias oras \ | |
$ORAS_IMAGE) | |
sleep 5 | |
docker logs $ORAS | |
- name: Test and Verify | |
timeout-minutes: 15 | |
run: | | |
CONTAINER=$(docker run --network zpm -d --rm \ | |
-e TEST_REGISTRY=http://registry:52773/registry/ \ | |
-e TEST_REGISTRY_USER=admin \ | |
-e TEST_REGISTRY_PASSWORD=SYS \ | |
zpm ${{ steps.image.outputs.flags }}) | |
sleep 5; docker exec $CONTAINER /usr/irissys/dev/Cloud/ICM/waitISC.sh | |
docker cp . $CONTAINER:/home/irisowner/zpm/ | |
echo `docker exec -i --workdir /home/irisowner/zpm/ $CONTAINER ls -rtl` | |
docker exec -i $CONTAINER iris session iris -UUSER << EOF | |
zpm "list":1 | |
zpm "test zpm -v -only":1 | |
zpm "verify zpm -v -only":1 | |
halt | |
EOF | |
docker stop $CONTAINER | |
- name: Restart temporary registry | |
timeout-minutes: 15 | |
run: | | |
docker rm -f registry || true | |
docker run --rm -d \ | |
--network zpm \ | |
--name registry \ | |
-p 52773:52773 \ | |
--network-alias registry \ | |
docker.pkg.github.com/intersystems-community/zpm-registry/zpm-registry \ | |
-a "iris session iris -U%SYS '##class(Security.Users).UnExpireUserPasswords(\"*\")'" | |
REGISTRY=`docker ps -lq` | |
sleep 5; docker exec $REGISTRY /usr/irissys/dev/Cloud/ICM/waitISC.sh | |
docker logs $REGISTRY | |
- name: Test and publish to temporary registry | |
timeout-minutes: 15 | |
run: | | |
CONTAINER=$(docker run --network zpm -d --rm zpm ${{ steps.image.outputs.flags }}) | |
sleep 5; docker exec $CONTAINER /usr/irissys/dev/Cloud/ICM/waitISC.sh | |
docker cp . $CONTAINER:/home/irisowner/zpm/ | |
docker exec -i $CONTAINER iris session iris -UUSER << EOF | |
zpm "repo -r -name registry -url https://pm.community.intersystems.com/":1 | |
zpm "repo -list":1 | |
zpm "install dsw":1 | |
zpm "install sslclient":1 | |
zpm "list":1 | |
zpm "repo -r -name registry -url ""http://registry:52773/registry/"" -username admin -password SYS":1 | |
zpm "publish zpm -v":1 | |
zpm "publish sslclient -v":1 | |
zpm "search":1 | |
halt | |
EOF | |
docker logs $CONTAINER | |
docker stop $CONTAINER | |
# NOTE: commented out until 0.7.1 is released. | |
# - name: Clean install current version and test new one. | |
# timeout-minutes: 15 | |
# run: | | |
# curl http://localhost:52773/registry/packages/-/all | jq | |
# curl http://localhost:52773/registry/packages/zpm/ | jq | |
# wget https://pm.community.intersystems.com/packages/zpm/latest/installer -O /tmp/zpm.xml | |
# docker run --network zpm --rm -d -v /tmp/zpm.xml:/home/irisowner/zpm.xml ${{ steps.image.outputs.name }} ${{ steps.image.outputs.flags }} | |
# CONTAINER=`docker ps -lq` | |
# sleep 5; docker exec $CONTAINER /usr/irissys/dev/Cloud/ICM/waitISC.sh | |
# /bin/echo -e '' \ | |
# 'set sc = ##class(%SYSTEM.OBJ).Load("/home/irisowner/zpm.xml", "ck")\n' \ | |
# 'zpm "list":1\n' \ | |
# 'zpm "repo -r -name registry -url ""http://registry:52773/registry/"" -username admin -password SYS":1\n' \ | |
# 'zpm "repo -list"\n' \ | |
# 'zpm "search":1\n' \ | |
# 'zpm "install sslclient":1\n' \ | |
# 'zpm "install zpm -v":1\n' \ | |
# 'zpm "list":1\n' \ | |
# 'zpm "version":1\n' \ | |
# 'halt\n' \ | |
# | docker exec -i $CONTAINER iris session iris -UUSER | |
# docker stop $CONTAINER | |
- name: Clean install v0.7.x and test migration to latest. | |
timeout-minutes: 15 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: | | |
curl http://localhost:52773/registry/packages/-/all | jq | |
curl http://localhost:52773/registry/packages/zpm/ | jq | |
ASSET_NAME='zpm-0.7.2.xml' | |
ASSET_URL=`wget --header "Authorization: token ${GITHUB_TOKEN}" -qO- https://api.github.com/repos/intersystems/ipm/releases | jq -r ".[].assets[] | select(.name == \"${ASSET_NAME}\") | .browser_download_url"` | |
wget $ASSET_URL -O /tmp/zpm.xml | |
CONTAINER=$(docker run --network zpm --rm -d ${{ steps.image.outputs.name }} ${{ steps.image.outputs.flags }}) | |
docker cp /tmp/zpm.xml $CONTAINER:/home/irisowner/zpm.xml | |
docker cp tests/migration/v0.7-to-v0.9/. $CONTAINER:/tmp/test-package/ | |
sleep 5; docker exec $CONTAINER /usr/irissys/dev/Cloud/ICM/waitISC.sh | |
docker exec -i $CONTAINER iris session iris -UUSER << EOF | |
set sc = ##class(%SYSTEM.OBJ).Load("/home/irisowner/zpm.xml", "ck") | |
zpm "list":1 | |
zpm "install dsw":1 | |
zpm "repo -r -name registry -url ""http://registry:52773/registry/"" -username admin -password SYS":1 | |
zpm "repo -list" | |
zpm "search":1 | |
zpm "install sslclient":1 | |
zpm "install zpm -v":1 | |
zpm "load -dev /tmp/test-package/":1 | |
zpm "test ipm-migration-v0.7-to-v0.9 -only -verbose":1 | |
halt | |
EOF | |
docker logs $CONTAINER | |
docker stop $CONTAINER | |
- name: Clean install and test | |
timeout-minutes: 15 | |
run: | | |
wget http://localhost:52773/registry/packages/zpm/latest/installer -O /tmp/zpm.xml | |
CONTAINER=$(docker run --network zpm --rm -d ${{ steps.image.outputs.name }} ${{ steps.image.outputs.flags }}) | |
docker cp /tmp/zpm.xml $CONTAINER:/home/irisowner/zpm.xml | |
sleep 5; docker exec $CONTAINER /usr/irissys/dev/Cloud/ICM/waitISC.sh | |
docker exec -i $CONTAINER iris session iris -U%SYS << EOF | |
set sc = ##class(%SYSTEM.OBJ).Load("/home/irisowner/zpm.xml", "ck") | |
if +sc=0 do ##class(%SYSTEM.Process).Terminate(,1) | |
zpm "list":1 | |
zpm "repo -r -name registry -url https://pm.community.intersystems.com/":1 | |
zpm "install dsw":1 | |
zpm "list":1 | |
halt | |
EOF | |
docker logs $CONTAINER | |
docker stop $CONTAINER | |
- name: Prepare XML Installer | |
timeout-minutes: 15 | |
run: | | |
wget http://localhost:52773/registry/packages/zpm/latest/installer -O zpm-${{ needs.prepare.outputs.version }}.xml | |
- name: Stop ORAS regsitry | |
if: always() | |
run: | | |
docker stop oras | |
- name: Stop temporary registry | |
if: always() | |
run: | | |
CONTAINER=`docker ps -lq` | |
docker stop $CONTAINER | |
docker stop registry | |
docker network rm zpm | |
- uses: actions/upload-artifact@v3 | |
if: matrix.image == ${{ needs.prepare.outputs.main }} | |
with: | |
name: zpm-${{ needs.prepare.outputs.version }} | |
path: zpm-${{ needs.prepare.outputs.version }}.xml | |
release: | |
runs-on: ubuntu-latest | |
if: github.event.repository.fork == false | |
needs: | |
- prepare | |
- build | |
steps: | |
- uses: actions/checkout@master | |
if: github.event_name == 'release' | |
with: | |
ref: master | |
- uses: actions/download-artifact@v3 | |
with: | |
name: zpm-${{ needs.prepare.outputs.version }} | |
- name: Create Beta Release | |
id: create_release | |
uses: actions/create-release@v1 | |
if: github.event_name == 'push' | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
with: | |
tag_name: v${{ needs.prepare.outputs.version }} | |
release_name: v${{ needs.prepare.outputs.version }} | |
prerelease: ${{ github.event_name != 'release' }} | |
- name: Upload Beta Release Asset | |
uses: actions/upload-release-asset@v1 | |
if: github.event_name == 'push' | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
with: | |
upload_url: ${{ steps.create_release.outputs.upload_url }} | |
asset_path: zpm-${{ needs.prepare.outputs.version }}.xml | |
asset_name: zpm-${{ needs.prepare.outputs.version }}.xml | |
asset_content_type: text/xml | |
- name: Publish release | |
if: github.event_name == 'release' | |
env: | |
VERSION: ${{ needs.prepare.outputs.version }} | |
run: | | |
sed -i -E "s/<Version>(.*)<\/Version>/<Version>${VERSION}<\/Version>/" module.xml | |
cat module.xml | |
CONTAINER=$(docker run -d --rm -v $(pwd):/home/irisowner/zpm/ containers.intersystems.com/intersystems/${{ needs.prepare.outputs.main }} --check-caps false) | |
sleep 5; docker exec $CONTAINER /usr/irissys/dev/Cloud/ICM/waitISC.sh | |
docker exec -i $CONTAINER iris session iris -UUSER << EOF | |
set sc=##class(%SYSTEM.OBJ).Load("/home/irisowner/zpm/Installer.cls","ck") | |
set sc=##class(IPM.Installer).setup("/home/irisowner/zpm/",3) | |
zpm "repo -r -name registry -url ""https://pm.community.intersystems.com/"" -username ${{ secrets.REGISTRY_USERNAME }} -password ${{ secrets.REGISTRY_PASSWORD }}":1 | |
zpm "publish zpm -v":1 | |
halt | |
EOF | |
docker stop $CONTAINER | |
- name: Upload Public Release Asset | |
uses: actions/upload-release-asset@v1 | |
if: github.event_name == 'release' | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
with: | |
upload_url: ${{ github.event.release.upload_url }} | |
asset_path: zpm-${{ needs.prepare.outputs.version }}.xml | |
asset_name: zpm-${{ needs.prepare.outputs.version }}.xml | |
asset_content_type: text/xml | |
- name: Bump Release number | |
if: github.event_name == 'release' | |
env: | |
VERSION: ${{ needs.prepare.outputs.version }} | |
run: | | |
NEXT_VERSION=`echo $VERSION | awk -F. '/[0-9]+\./{$NF++;print}' OFS=.` | |
[ $NEXT_VERSION != $VERSION ] && ( | |
sed -i -E "s/<Version>(.*)<\/Version>/<Version>${NEXT_VERSION/v/}-SNAPSHOT<\/Version>/" module.xml | |
cat module.xml | |
git config --global user.name 'ProjectBot' | |
git config --global user.email '[email protected]' | |
git add module.xml | |
git commit -m 'auto bump version with release' | |
git push | |
) |