From 2d8166c4b95fbfa119a1f9a2b2f9030959eb658e Mon Sep 17 00:00:00 2001 From: CrazyMax Date: Fri, 10 Feb 2023 04:45:25 +0100 Subject: [PATCH] e2e: local harbor Signed-off-by: CrazyMax --- .github/e2e/harbor/env | 8 ++++ .github/e2e/harbor/install.sh | 79 +++++++++++++++++++++++++++++++++++ .github/workflows/e2e.yml | 74 ++++++++++++++++++++++++++------ 3 files changed, 149 insertions(+), 12 deletions(-) create mode 100644 .github/e2e/harbor/env create mode 100755 .github/e2e/harbor/install.sh diff --git a/.github/e2e/harbor/env b/.github/e2e/harbor/env new file mode 100644 index 0000000..05ec459 --- /dev/null +++ b/.github/e2e/harbor/env @@ -0,0 +1,8 @@ +REGISTRY_FQDN=localhost:8081 +REGISTRY_USER=admin +REGISTRY_PASSWORD=Harbor12345 +REGISTRY_SLUG=localhost:8081/test-docker-action/test-docker-action + +HARBOR_HOST=localhost +HARBOR_PORT=8081 +HARBOR_PROJECT=test-docker-action diff --git a/.github/e2e/harbor/install.sh b/.github/e2e/harbor/install.sh new file mode 100755 index 0000000..d0a6af2 --- /dev/null +++ b/.github/e2e/harbor/install.sh @@ -0,0 +1,79 @@ +#!/usr/bin/env bash +set -eu + +: "${HARBOR_VERSION:=v2.7.0}" +: "${HARBOR_HOST:=localhost}" +: "${HARBOR_PORT:=49154}" +: "${REGISTRY_USER:=admin}" +: "${REGISTRY_PASSWORD:=Harbor12345}" + +: "${HARBOR_PROJECT:=test-docker-action}" + +project_post_data() { + cat </dev/null + yq --no-colors harbor.yml +) +echo "::endgroup::" + +# install and start +echo "::group::Installing Harbor" +( + cd /tmp/harbor + set -x + ./install.sh + sleep 10 + netstat -aptn +) +echo "::endgroup::" + +# compose config +echo "::group::Compose config" +( + cd /tmp/harbor + set -x + docker compose config +) +echo "::endgroup::" + +# create project +echo "::group::Creating project" +( + set -x + curl --fail -v -k --max-time 10 -u "$REGISTRY_USER:$REGISTRY_PASSWORD" -X POST -H "Content-Type: application/json" -d "$(project_post_data)" "http://$HARBOR_HOST:$HARBOR_PORT/api/v2.0/projects" +) +echo "::endgroup::" + +# list projects +echo "::group::List projects" +( + set -x + curl --fail -s -k --max-time 10 -u "$REGISTRY_USER:$REGISTRY_PASSWORD" -H "Content-Type: application/json" "http://$HARBOR_HOST:$HARBOR_PORT/api/v2.0/projects" | jq +) +echo "::endgroup::" diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml index c249ccd..027cd4a 100644 --- a/.github/workflows/e2e.yml +++ b/.github/workflows/e2e.yml @@ -25,69 +25,119 @@ on: env: BUILDX_VERSION: latest BUILDKIT_IMAGE: moby/buildkit:buildx-stable-1 + HARBOR_VERSION: v2.7.0 jobs: - docker: + build: runs-on: ubuntu-latest strategy: fail-fast: false matrix: include: - + name: Docker Hub registry: '' slug: ghactionstest/ghactionstest username_secret: DOCKERHUB_USERNAME password_secret: DOCKERHUB_TOKEN + type: remote - + name: GitHub registry: ghcr.io slug: ghcr.io/docker-ghactiontest/test username_secret: GHCR_USERNAME password_secret: GHCR_PAT + type: remote - + name: GitLab registry: registry.gitlab.com slug: registry.gitlab.com/test1716/test username_secret: GITLAB_USERNAME password_secret: GITLAB_TOKEN + type: remote - + name: AWS ECR registry: 175142243308.dkr.ecr.us-east-2.amazonaws.com slug: 175142243308.dkr.ecr.us-east-2.amazonaws.com/sandbox/test-docker-action username_secret: AWS_ACCESS_KEY_ID password_secret: AWS_SECRET_ACCESS_KEY + type: remote - + name: AWS ECR Public registry: public.ecr.aws slug: public.ecr.aws/q3b5f1u4/test-docker-action username_secret: AWS_ACCESS_KEY_ID password_secret: AWS_SECRET_ACCESS_KEY + type: remote - + name: Google Artifact Registry registry: us-east4-docker.pkg.dev slug: us-east4-docker.pkg.dev/sandbox-298914/docker-official-github-actions/test-docker-action username_secret: GAR_USERNAME password_secret: GAR_JSON_KEY + type: remote - + name: Google Container Registry registry: gcr.io slug: gcr.io/sandbox-298914/test-docker-action username_secret: GCR_USERNAME password_secret: GCR_JSON_KEY + type: remote - + name: Azure Container Registry registry: officialgithubactions.azurecr.io slug: officialgithubactions.azurecr.io/test-docker-action username_secret: AZURE_CLIENT_ID password_secret: AZURE_CLIENT_SECRET + type: remote - + name: Quay registry: quay.io slug: quay.io/crazymax/build-push-action username_secret: QUAY_USERNAME password_secret: QUAY_TOKEN + type: remote + - + name: Harbor + id: harbor + type: local steps: - name: Checkout uses: actions/checkout@v3 + - + name: Set up env + if: matrix.type == 'local' + run: | + cat ./.github/e2e/${{ matrix.id }}/env >> $GITHUB_ENV + - + name: Set up BuildKit config + run: | + touch /tmp/buildkitd.toml + if [ "${{ matrix.type }}" = "local" ]; then + echo -e "[registry.\"${{ env.REGISTRY_FQDN }}\"]\nhttp = true\ninsecure = true" > /tmp/buildkitd.toml + fi + - + name: Set up Docker daemon + if: matrix.type == 'local' + run: | + if [ ! -e /etc/docker/daemon.json ]; then + echo '{}' | tee /etc/docker/daemon.json >/dev/null + fi + DOCKERD_CONFIG=$(jq '.+{"insecure-registries":["http://${{ env.REGISTRY_FQDN }}"]}' /etc/docker/daemon.json) + sudo tee /etc/docker/daemon.json <<<"$DOCKERD_CONFIG" >/dev/null + sudo service docker restart + - + name: Install ${{ matrix.name }} + if: matrix.type == 'local' + run: | + sudo -E bash ./.github/e2e/${{ matrix.id }}/install.sh - name: Docker meta id: meta uses: docker/metadata-action@v4 with: - images: ${{ matrix.slug }} + images: ${{ env.REGISTRY_SLUG || matrix.slug }} tags: | type=ref,event=branch type=ref,event=tag @@ -100,17 +150,19 @@ jobs: uses: docker/setup-buildx-action@v2 with: version: ${{ inputs.buildx-version || env.BUILDX_VERSION }} - buildkitd-flags: --debug + config: /tmp/buildkitd.toml + buildkitd-flags: --debug --allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host driver-opts: | image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }} + network=host - name: Login to Registry if: github.event_name != 'pull_request' uses: docker/login-action@v2 with: - registry: ${{ matrix.registry }} - username: ${{ secrets[matrix.username_secret] }} - password: ${{ secrets[matrix.password_secret] }} + registry: ${{ env.REGISTRY_FQDN || matrix.registry }} + username: ${{ env.REGISTRY_USER || secrets[matrix.username_secret] }} + password: ${{ env.REGISTRY_PASSWORD || secrets[matrix.password_secret] }} - name: Build and push uses: ./ @@ -121,16 +173,14 @@ jobs: push: ${{ github.event_name != 'pull_request' }} tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} - cache-from: type=registry,ref=${{ matrix.slug }}:master + cache-from: type=registry,ref=${{ env.REGISTRY_SLUG || matrix.slug }}:master cache-to: type=inline - name: Inspect image - if: github.event_name != 'pull_request' run: | - docker pull ${{ matrix.slug }}:${{ steps.meta.outputs.version }} - docker image inspect ${{ matrix.slug }}:${{ steps.meta.outputs.version }} + docker pull ${{ env.REGISTRY_SLUG || matrix.slug }}:${{ steps.meta.outputs.version }} + docker image inspect ${{ env.REGISTRY_SLUG || matrix.slug }}:${{ steps.meta.outputs.version }} - name: Check manifest - if: github.event_name != 'pull_request' run: | - docker buildx imagetools inspect ${{ matrix.slug }}:${{ steps.meta.outputs.version }} --format '{{json .}}' + docker buildx imagetools inspect ${{ env.REGISTRY_SLUG || matrix.slug }}:${{ steps.meta.outputs.version }} --format '{{json .}}'