Update release workflows post-migration (#2120)

* Fix to trigger extracted release workflows * Fix input descriptions * Add tool installation steps * Fix indentation * Fix token passing * Fix release tag name reference * Fix release tag name reference * Fix release tag name * Update publish-canary workflow * Update workflows * Fix target org * Add push to registries flag * Update publish-chart * Add job summary to publish-arc * Enhance summary message * Add publish canary workflow * Remove backticks * Fix variable * Fix index.yaml location and add job summary * Fix publish chart workflow * Enhance job summary for publish-chart * Enhance chart version identification and fix chart upload * Fix cr index * Fix cr index and add comments * Fix comment * Pin marketplace actions * Remove 3rd party action * Add comments, parametrise where needed * Add release process brief * Change target repo * Removing failsafe * Removing failsafe * Replace DOCKER_USER with DOCKERHUB_USERNAME
2025-12-15 22:47:13 +00:00 · 2023-01-11 09:34:54 +01:00
parent 45ebcb1c0a
commit 4aadc7d128
5 changed files with 202 additions and 146 deletions
--- a/.github/workflows/publish-canary.yaml
+++ b/.github/workflows/publish-canary.yaml
@@ -1,5 +1,7 @@
 name: Publish Canary Image

+# Revert to https://github.com/actions-runner-controller/releases#releases
+# for details on why we use this approach
 on:
  push:
    branches:
@@ -19,41 +21,50 @@ on:
      - 'LICENSE'
      - 'Makefile'

+env:
+  # Safeguard to prevent pushing images to registeries after build
+  PUSH_TO_REGISTRIES: true
+  TARGET_ORG: actions-runner-controller
+  TARGET_REPO: actions-runner-controller
+
 # https://docs.github.com/en/rest/overview/permissions-required-for-github-apps
 permissions:
  contents: read
-  packages: write

 jobs:
  canary-build:
    name: Build and Publish Canary Image
    runs-on: ubuntu-latest
    env:
-      DOCKERHUB_USERNAME: ${{ secrets.DOCKER_USER }}
+      DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
    steps:
      - name: Checkout
        uses: actions/checkout@v3

-      - name: Setup Docker Environment
-        id: vars
-        uses: ./.github/actions/setup-docker-environment
+      - name: Get Token
+        id: get_workflow_token
+        uses: peter-murray/workflow-application-token-action@8e1ba3bf1619726336414f1014e37f17fbadf1db
        with:
-          username: ${{ env.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKER_ACCESS_TOKEN }}
-          ghcr_username: ${{ github.actor }}
-          ghcr_password: ${{ secrets.GITHUB_TOKEN }}
+          application_id: ${{ secrets.ACTIONS_ACCESS_APP_ID }}
+          application_private_key: ${{ secrets.ACTIONS_ACCESS_PK }}
+          organization: ${{ env.TARGET_ORG }}

-      # Considered unstable builds
-      # See Issue #285, PR #286, and PR #323 for more information
-      - name: Build and Push
-        uses: docker/build-push-action@v3
-        with:
-          file: Dockerfile
-          platforms: linux/amd64,linux/arm64
-          build-args: VERSION=canary-${{ github.sha }}
-          push: true
-          tags: |
-            ${{ env.DOCKERHUB_USERNAME }}/actions-runner-controller:canary
-            ghcr.io/${{ github.repository }}:canary
-          cache-from: type=gha,scope=arc-canary
-          cache-to: type=gha,mode=max,scope=arc-canary
+      - name: Trigger Build And Push Images To Registries
+        run: |
+          # Authenticate
+          gh auth login --with-token <<< ${{ steps.get_workflow_token.outputs.token }}
+
+          # Trigger the workflow run
+          jq -n '{"event_type": "canary", "client_payload": {"sha": "${{ github.sha }}", "push_to_registries": ${{ env.PUSH_TO_REGISTRIES }}}}' \
+            | gh api -X POST /repos/actions-runner-controller/releases/dispatches --input -
+
+      - name: Job summary
+        run: |
+          echo "The [publish-canary](https://github.com/actions-runner-controller/releases/blob/main/.github/workflows/publish-canary.yaml) workflow has been triggered!" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "**Parameters:**" >> $GITHUB_STEP_SUMMARY
+          echo "- sha: ${{ github.sha }}" >> $GITHUB_STEP_SUMMARY
+          echo "- Push to registries: ${{ env.PUSH_TO_REGISTRIES }}" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "**Status:**" >> $GITHUB_STEP_SUMMARY
+          echo "[https://github.com/actions-runner-controller/releases/actions/workflows/publish-canary.yaml](https://github.com/actions-runner-controller/releases/actions/workflows/publish-canary.yaml)" >> $GITHUB_STEP_SUMMARY