From 81db3fa932ac815fdc091a81670f1f4cee2d02ca Mon Sep 17 00:00:00 2001 From: "aravind.est" Date: Thu, 14 Aug 2025 16:02:00 +0100 Subject: [PATCH] Initial Github workflow for CI Github workflow added to run the CI jobs. Issue-ID: NONRTRIC-1082 Change-Id: I1cc4b9958528e06899d55c6796d5d15c90be3844 Signed-off-by: aravind.est --- .github/workflows/ci-verify.yaml | 212 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 212 insertions(+) create mode 100644 .github/workflows/ci-verify.yaml diff --git a/.github/workflows/ci-verify.yaml b/.github/workflows/ci-verify.yaml new file mode 100644 index 00000000..c737e00b --- /dev/null +++ b/.github/workflows/ci-verify.yaml @@ -0,0 +1,212 @@ +--- +# SPDX-License-Identifier: Apache-2.0 +# SPDX-FileCopyrightText: 2023 The Linux Foundation, 2025 OpenInfra Foundation Europe + +name: Helm CI Verification + +# yamllint disable-line rule:truthy +on: + workflow_dispatch: + inputs: + # Mandatory Gerrit inputs + GERRIT_BRANCH: + description: "Branch that change is against" + required: true + type: string + GERRIT_CHANGE_ID: + description: "The ID for the change" + required: true + type: string + GERRIT_CHANGE_NUMBER: + description: "The Gerrit number" + required: true + type: string + GERRIT_CHANGE_URL: + description: "URL to the change" + required: true + type: string + GERRIT_EVENT_TYPE: + description: "Type of Gerrit event" + required: true + type: string + GERRIT_PATCHSET_NUMBER: + description: "The patch number for the change" + required: true + type: string + GERRIT_PATCHSET_REVISION: + description: "The revision sha" + required: true + type: string + GERRIT_PROJECT: + description: "Project in Gerrit" + required: true + type: string + GERRIT_REFSPEC: + description: "Gerrit refspec of change" + required: true + type: string + + # When converted to a reusable, environment variables will become inputs + + # When converted to a reusable, secrets must be explicitly referenced, e.g. + # secrets: + # NEXUS3_PASSWORD: + # description: "Nexus3 organization user's password" + # required: true + +concurrency: + # yamllint disable-line rule:line-length + group: composed-gradle-verify-clm${{ github.workflow }}-${{ github.event.inputs.GERRIT_CHANGE_ID || github.run_id }} + cancel-in-progress: true + +# Parameters used during workflow test/development +env: + # Inherited from build-publish.yaml + CHARTS_SOURCE_DIR: 'charts' + CHART_ARTIFACT_NAME: 'helm-charts' + CHARTMUSEUM_STORAGE_DIR: './chartmuseum-storage' + CHARTS_BUILD_DIR: './chartmuseum-storage' + + # Inherited from jenkins verify job + RIC_DEP_CI_DOCKER_FILE: 'ci/Dockerfile' + + +jobs: + notify: + runs-on: ubuntu-latest + steps: + - name: Allow replication + run: sleep 10s + + - name: Notify job start + # yamllint disable-line rule:line-length + uses: lfit/gerrit-review-action@9627b9a144f2a2cad70707ddfae87c87dce60729 # v0.8 + with: + host: ${{ vars.GERRIT_SERVER }} + username: ${{ vars.GERRIT_SSH_USER }} + key: ${{ secrets.GERRIT_SSH_PRIVKEY }} + known_hosts: ${{ vars.GERRIT_KNOWN_HOSTS }} + gerrit-change-number: ${{ inputs.GERRIT_CHANGE_NUMBER }} + gerrit-patchset-number: ${{ inputs.GERRIT_PATCHSET_NUMBER }} + vote-type: clear + + # ToDo: convert main job to callable/reusable workflow + # Call to reusable workflow will eventually replace code below + verify: + name: 'Build/Verify Helm Charts' + runs-on: 'ubuntu-latest' + outputs: + charts_build_dir: "${{ env.CHARTS_BUILD_DIR }}" + chart_artifact_name: "${{ env.CHART_ARTIFACT_NAME }}" + permissions: + contents: read + timeout-minutes: 15 + steps: + # yamllint disable-line rule:line-length + - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 + with: + egress-policy: audit + + - name: 'Checkout Gerrit change' + # yamllint disable-line rule:line-length + uses: lfit/checkout-gerrit-change-action@54d751e8bd167bc91f7d665dabe33fae87aaaa63 # v0.9 + with: + gerrit-project: ${{ inputs.GERRIT_PROJECT }} + gerrit-refspec: ${{ inputs.GERRIT_REFSPEC }} + delay: "0s" + + - name: 'Display workflow environment' + shell: bash + run: | + # Display workflow environment + echo "RIC_DEP_CI_DOCKER_FILE: $RIC_DEP_CI_DOCKER_FILE" + + - name: 'Setup Helm' + # yamllint disable-line rule:line-length + uses: azure/setup-helm@b9e51907a09c216f16ebe8536097933489208112 # v4.3.0 + # Not explicitly used while testing updated Helm + # with: + # version: ${{ env.HELM_VERSION }} + + - name: 'Set up Docker Buildx' + # yamllint disable-line rule:line-length + uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + + - name: 'Build pre-requisites, install Helm plugins' + id: pre-requisites + shell: bash + run: | + # Build pre-requisites + echo 'Running: git submodule update --init 💬' + git submodule update --init + echo 'Running: helm plugin installs 💬' + plugin_dir='smo-install/onap_oom/kubernetes/helm/plugins/' + helm plugin install "$plugin_dir/undeploy/" + helm plugin install "$plugin_dir/deploy/" + # Installation of helm-push fixes the error below + # Error: unknown command "cm-push" for "helm" + # yamllint disable-line rule:line-length + helm plugin install https://github.com/chartmuseum/helm-push + echo 'Listing Helm plugins 💬' + helm plugin list + + - name: 'Start ChartMuseum' + id: chartmuseum + # yamllint disable-line rule:line-length + uses: lfreleng-actions/chartmuseum-action@4fb530a2cc2b2b46c0ea48ba11445c01247aba2a # v0.1.2 + with: + username: 'chartmuseum' + password: "${{ secrets.GITHUB_TOKEN }}" + exit: false + directory: "${{ env.CHARTMUSEUM_STORAGE_DIR }}" + helm_repo_name: 'local' + + # Makefiles publish to Chartmeusem service locally + - name: 'Build onap_oom' + # yamllint disable-line rule:line-length + uses: lfreleng-actions/make-action@361e48884a6b7d7b5fcfcb38f399aa14e45127dc # v0.1.1 + with: + make_args: "-C smo-install/onap_oom/kubernetes -e SKIP_LINT=TRUE" + + # Makefiles publish to Chartmeusem service locally + - name: 'Build oran_oom' + # yamllint disable-line rule:line-length + uses: lfreleng-actions/make-action@361e48884a6b7d7b5fcfcb38f399aa14e45127dc # v0.1.1 + with: + make_args: "-C smo-install/oran_oom" + + # Makefiles publish to Chartmeusem service locally + - name: 'Build oran_oom/smo' + # yamllint disable-line rule:line-length + uses: lfreleng-actions/make-action@361e48884a6b7d7b5fcfcb38f399aa14e45127dc # v0.1.1 + with: + make_args: "-C smo-install/oran_oom/smo" + + - name: Build ric-aux and ric-dep + uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0 + with: + context: . + file: ${{ env.RIC_DEP_CI_DOCKER_FILE }} + push: false + tags: "" + + report-status: + if: ${{ always() }} + needs: [notify, verify] + runs-on: ubuntu-latest + steps: + - name: Get conclusion + # yamllint disable-line rule:line-length + uses: im-open/workflow-conclusion@e4f7c4980600fbe0818173e30931d3550801b992 # v2.2.3 + + - name: Report workflow conclusion + # yamllint disable-line rule:line-length + uses: lfit/gerrit-review-action@9627b9a144f2a2cad70707ddfae87c87dce60729 # v0.8 + with: + host: ${{ vars.GERRIT_SERVER }} + username: ${{ vars.GERRIT_SSH_USER }} + key: ${{ secrets.GERRIT_SSH_PRIVKEY }} + known_hosts: ${{ vars.GERRIT_KNOWN_HOSTS }} + gerrit-change-number: ${{ inputs.GERRIT_CHANGE_NUMBER }} + gerrit-patchset-number: ${{ inputs.GERRIT_PATCHSET_NUMBER }} + vote-type: ${{ env.WORKFLOW_CONCLUSION }} -- 2.16.6