Update for prod

Signed-off-by: Francesco Torchia <[email protected]> (cherry picked from commit 4654aff)
harvester · Jun 3, 2024 · 0e7c210 · 0e7c210
1 parent 6a5d553
commit 0e7c210
Show file tree

Hide file tree

Showing 5 changed files with 108 additions and 145 deletions.
diff --git a/.github/workflows/build-and-upload-branch.yaml b/.github/workflows/build-and-upload-branch.yaml
@@ -3,8 +3,6 @@ name: Build Dashboard (Branch)
 on:
   push:
     branches:
-      # dev-only to remove drone-migration
-      - drone-migration
       - master
       - 'release-harvester-v*'
       - '*-dev'

diff --git a/.github/workflows/build-and-upload.yaml b/.github/workflows/build-and-upload.yaml
@@ -11,15 +11,14 @@ on:
         type: string
 
 env:
+  GOOGLE_AUTH: ''
+  DOCKER_USERNAME: ''
+  DOCKER_PASSWORD: ''
   CI_BUILD_TAG: ${{inputs.CI_BUILD_TAG}}
   CI_BRANCH: ${{inputs.CI_BRANCH}}
   GIT_REPO: ${{github.repository}}
   GIT_COMMIT: ${{github.sha}}
   REPO: ${{github.event.repository.name || ''}}
-  # dev-only, to remove registry (use docker hub)
-  REGISTRY: ghcr.io
-  # dev-only, test directory name to upload mock test's artifacts; We will remove it from prod urls aftewards
-  TEST_DIR_NAME: test-drone-migration
 
 jobs:
   build-and-upload-docker-image:
@@ -38,27 +37,29 @@ jobs:
         name: Upload Gate
         run: ./scripts/build-upload-gate
 
+      - id: read-docker-secrets
+        name: Read Docker Secrets
+        uses: rancher-eio/read-vault-secrets@main
+        with:
+          secrets: |
+            secret/data/github/repo/${{ github.repository }}/dockerhub/harvester/credentials username | DOCKER_USERNAME ;
+            secret/data/github/repo/${{ github.repository }}/dockerhub/harvester/credentials password | DOCKER_PASSWORD ;
+
       - id: login-docker
         name: Docker Log in
         uses: docker/login-action@v3
         with:
-          # dev-only, to remove registry
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      ## dev-only disabled
-      # - id: push-docker
-      #   name: Docker Build
-      #   uses: docker/build-push-action@v5
-      #   with:
-      #     provenance: false
-      #     context: .
-      #     push: true
-      #     # dev-only
-      #     tags: ${{ env.GIT_REPO }}/${{ env.TEST_DIR_NAME }}:${{ github.ref_name }}
-      #     # prod
-      #     tags: ${{ env.GIT_REPO }}:${{ github.ref_name }}
+          username: ${{ env.DOCKER_USERNAME }}
+          password: ${{ env.DOCKER_PASSWORD }}
+
+      - id: push-docker
+        name: Docker Build
+        uses: docker/build-push-action@v5
+        with:
+          provenance: false
+          context: .
+          push: true
+          tags: rancher/harvester-ui:${{ github.ref_name }}
 
   build-and-upload-hosted:
     name: Build & Upload Hosted
@@ -83,36 +84,28 @@ jobs:
         name: Upload Gate (superseded by a newer build?)
         run: ./scripts/build-upload-gate
 
-  ## dev-only disabled
-  #     - name: Get gcs auth
-  #       uses: rancher-eio/read-vault-secrets@main
-  #       with:
-  #         secrets: |
-  #           secret/data/github/repo/${{ github.repository }}/google-auth/rancher/credentials token | GOOGLE_AUTH
-
-  #     - name: Apply gcs auth
-  #       # https://github.com/google-github-actions/auth
-  #       uses: 'google-github-actions/auth@v2'
-  #       with:
-  #         credentials_json: "${{ env.GOOGLE_AUTH }}"
-
-  #     - name: Upload build
-  #       uses: 'google-github-actions/upload-cloud-storage@v2'
-  #       # https://github.com/google-github-actions/upload-cloud-storage
-  #       with:
-  #         path: ${{steps.build-hosted.outputs.BUILD_HOSTED_DIR}}
-  #         # dev-only
-  #         destination: releases.rancher.com/harvester-ui/${{ env.REPO }}/${{ env.TEST_DIR_NAME }}/${{ steps.build-hosted.outputs.BUILD_HOSTED_LOCATION }}
-  #         # prod
-  #         destination: releases.rancher.com/harvester-ui/${{ env.REPO }}/${{ steps.build-hosted.outputs.BUILD_HOSTED_LOCATION }}
-  #         parent: false
-  #         headers: |-
-  #           cache-control: no-cache,must-revalidate
-  #         process_gcloudignore: false
-
-  # dev-only
-  # BUILD_HOSTED_LOCATION
-  # - should test for 'latest'
+      - name: Get gcs auth
+        uses: rancher-eio/read-vault-secrets@main
+        with:
+          secrets: |
+            secret/data/github/repo/${{ github.repository }}/googleauthkey/harvester/credentials credential | GOOGLE_AUTH ;
+
+      - name: Apply gcs auth
+        # https://github.com/google-github-actions/auth
+        uses: 'google-github-actions/auth@v2'
+        with:
+          credentials_json: "${{ env.GOOGLE_AUTH }}"
+
+      - name: Upload build
+        uses: 'google-github-actions/upload-cloud-storage@v2'
+        # https://github.com/google-github-actions/upload-cloud-storage
+        with:
+          path: ${{steps.build-hosted.outputs.BUILD_HOSTED_DIR}}
+          destination: releases.rancher.com/harvester-ui/dashboard/${{ steps.build-hosted.outputs.BUILD_HOSTED_LOCATION }}
+          parent: false
+          headers: |-
+            cache-control: no-cache,must-revalidate
+          process_gcloudignore: false
 
   build-and-upload-embedded:
     name: Build & Upload Embedded
@@ -135,40 +128,30 @@ jobs:
         env:
           DISABLED_EMBED_PKG: https://releases.rancher.com/harvester-ui/plugin/harvester-1.0.3.tar.gz
 
-  ## dev-only disabled
-  #     - name: Get gcs auth
-  #       uses: rancher-eio/read-vault-secrets@main
-  #       with:
-  #         secrets: |
-  #           secret/data/github/repo/${{ github.repository }}/google-auth/rancher/credentials token | GOOGLE_AUTH
-
-  #     - name: Apply gcs auth
-  #       # https://github.com/google-github-actions/auth
-  #       uses: 'google-github-actions/auth@v2'
-  #       with:
-  #         credentials_json: "${{ env.GOOGLE_AUTH }}"
-
-  #     - name: Upload tar
-  #       uses: 'google-github-actions/upload-cloud-storage@v2'
-  #       with:
-  #         path: ${{steps.build-embedded.outputs.BUILD_EMBEDED_TGZ}}
-  #         # dev-only
-  #         destination: releases.rancher.com/harvester-ui/${{ env.TEST_DIR_NAME }}/${{ env.REPO }}
-  #         # prod
-  #         destination: releases.rancher.com/harvester-ui/${{ env.REPO }}
-  #         parent: false
-  #         headers: |-
-  #           cache-control: no-cache,must-revalidate
-  #         process_gcloudignore: false
-
-  # dev-only
-  # BUILD_EMBEDED_TGZ
-  # - should test for 'latest', tags, and branches
-  # env.REPO
-  # - should test for 'latest', tags, and branches
+      - name: Get gcs auth
+        uses: rancher-eio/read-vault-secrets@main
+        with:
+          secrets: |
+            secret/data/github/repo/${{ github.repository }}/googleauthkey/harvester/credentials credential | GOOGLE_AUTH ;
+
+      - name: Apply gcs auth
+        # https://github.com/google-github-actions/auth
+        uses: 'google-github-actions/auth@v2'
+        with:
+          credentials_json: "${{ env.GOOGLE_AUTH }}"
+
+      - name: Upload tar
+        uses: 'google-github-actions/upload-cloud-storage@v2'
+        with:
+          path: ${{steps.build-embedded.outputs.BUILD_EMBEDED_TGZ}}
+          destination: releases.rancher.com/harvester-ui/${{ env.REPO }}
+          parent: false
+          headers: |-
+            cache-control: no-cache,must-revalidate
+          process_gcloudignore: false
 
   build-and-upload-harvester-plugin:
-    name: Build & Upload Harvester Plugin
+    name: Build & Upload Plugin
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
@@ -189,50 +172,34 @@ jobs:
         name: Upload Gate
         run: ./scripts/build-upload-gate
 
-      ## dev-only disabled
-      # - name: Get gcs auth
-      #   uses: rancher-eio/read-vault-secrets@main
-      #   with:
-      #     secrets: |
-      #       secret/data/github/repo/${{ github.repository }}/google-auth/rancher/credentials token | GOOGLE_AUTH
-
-      # - name: Apply gcs auth
-      #   # https://github.com/google-github-actions/auth
-      #   uses: 'google-github-actions/auth@v2'
-      #   with:
-      #     credentials_json: "${{ env.GOOGLE_AUTH }}"
-
-      # - name: Upload plugin tar
-      #   uses: 'google-github-actions/upload-cloud-storage@v2'
-      #   with:
-      #     path: ${{steps.ci-build-pkg.outputs.PKG_TARBALL}}
-      #     # dev-only
-      #     destination: releases.rancher.com/harvester-ui/plugin/${{ env.TEST_DIR_NAME }}/${{steps.ci-build-pkg.outputs.PKG_TARBALL}}
-      #     # prod
-      #     destination: releases.rancher.com/harvester-ui/plugin/${{steps.ci-build-pkg.outputs.PKG_TARBALL}}
-      #     parent: false
-      #     headers: |-
-      #       cache-control: no-cache,must-revalidate
-      #     process_gcloudignore: false
-
-      # - name: Upload plugin directory
-      #   uses: 'google-github-actions/upload-cloud-storage@v2'
-      #   with:
-      #     path: ${{steps.ci-build-pkg.outputs.PKG_NAME}}
-      #     # dev-only
-      #     destination: releases.rancher.com/harvester-ui/plugin/${{ env.TEST_DIR_NAME }}/${{steps.ci-build-pkg.outputs.PKG_NAME}}
-      #     # prod
-      #     destination: releases.rancher.com/harvester-ui/plugin/${{steps.ci-build-pkg.outputs.PKG_NAME}}
-      #     parent: false
-      #     headers: |-
-      #       cache-control: no-cache,must-revalidate
-      #     process_gcloudignore: false
-
-  # dev-only
-  # PKG_TARBALL, PKG_NAME
-  # - should be tested for 'latest' and branches, and tags;
-  # - should contain branch name or tag name, depending on shell/scripts/ci-build-pkg.sh output
-
-  # PKG_TAG_TARBALL, PKG_TAG_VERSION
-  # - they are not used, based on shell/scripts/ci-build-pkg.sh output;
-  # - To be erified
+      - name: Get gcs auth
+        uses: rancher-eio/read-vault-secrets@main
+        with:
+          secrets: |
+            secret/data/github/repo/${{ github.repository }}/googleauthkey/harvester/credentials credential | GOOGLE_AUTH ;
+
+      - name: Apply gcs auth
+        # https://github.com/google-github-actions/auth
+        uses: 'google-github-actions/auth@v2'
+        with:
+          credentials_json: "${{ env.GOOGLE_AUTH }}"
+
+      - name: Upload plugin tar
+        uses: 'google-github-actions/upload-cloud-storage@v2'
+        with:
+          path: dist-pkg/${{steps.ci-build-pkg.outputs.PKG_TARBALL}}
+          destination: releases.rancher.com/harvester-ui/plugin
+          parent: false
+          headers: |-
+            cache-control: no-cache,must-revalidate
+          process_gcloudignore: false
+
+      - name: Upload plugin directory
+        uses: 'google-github-actions/upload-cloud-storage@v2'
+        with:
+          path: dist-pkg/${{steps.ci-build-pkg.outputs.PKG_NAME}}
+          destination: releases.rancher.com/harvester-ui/plugin/${{steps.ci-build-pkg.outputs.PKG_NAME}}
+          parent: false
+          headers: |-
+            cache-control: no-cache,must-revalidate
+          process_gcloudignore: false
diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml
@@ -2,14 +2,10 @@ name: Tests
 on:
   push:
     branches:
-      # dev-only to remove drone-migration
-      - drone-migration
       - master
       - 'release-*'
   pull_request:
     branches:
-      # dev-only to remove drone-migration
-      - drone-migration
       - master
       - 'release-*'
   workflow_dispatch:

diff --git a/scripts/build-hosted b/scripts/build-hosted
@@ -31,7 +31,4 @@ ENV_OUTPUT="${GITHUB_OUTPUT:-"temp-env"}"
 echo "BUILD_HOSTED_DIR=${OUTPUT_DIR}" >> "$ENV_OUTPUT"
 echo "BUILD_HOSTED_LOCATION=${DIR}" >> "$ENV_OUTPUT"
 
-# dev-only to remove after migration
-echo "OUTPUT_DIR=${OUTPUT_DIR}; BASE=${BASE}; BUILD_HOSTED_DIR=${OUTPUT_DIR}; BUILD_HOSTED_LOCATION=${DIR};" 
-
 COMMIT=${COMMIT} VERSION=${VERSION} OUTPUT_DIR=${OUTPUT_DIR} ROUTER_BASE="/dashboard/" RESOURCE_BASE="${BASE}" RANCHER_ENV=harvester yarn run build
diff --git a/shell/scripts/ci-build-pkg.sh b/shell/scripts/ci-build-pkg.sh
@@ -27,15 +27,20 @@ fi
 
 EXIT_CODE=$?
 
-export PKG_NAME=${1}-${VERSION}
-export PKG_TARBALL=${PKG_NAME}.tar.gz
-
-export PKG_TAG_VERSION=${1}-${TAG_VERSION}
-export PKG_TAG_TARBALL=${TAG_VERSION}.tar.gz
+if [ -n "$GIT_TAG" ]; then
+  export PKG_NAME=${1}-${CI_BUILD_TAG}
+  export PKG_TARBALL=${PKG_NAME}.tar.gz
+else
+  export PKG_NAME=${1}-${VERSION}
+  export PKG_TARBALL=${PKG_NAME}.tar.gz
+fi
 
 echo "CI Build Artefacts"
 echo "Package Directory: ${PKG_NAME}"
 echo "Package Tarball: ${PKG_TARBALL}"
-echo "Tag Package: ${PKG_TAG_VERSION} ${PKG_TAG_TARBALL}"
+
+ENV_OUTPUT="${GITHUB_OUTPUT:-"temp-env"}"
+echo "PKG_TARBALL=${PKG_TARBALL}" >> "$ENV_OUTPUT"
+echo "PKG_NAME=${PKG_NAME}" >> "$ENV_OUTPUT"
 
 exit $EXIT_CODE