From f71831c63e22129ac89ad6091abda7abe7c37477 Mon Sep 17 00:00:00 2001 From: Techassi Date: Fri, 10 Apr 2026 16:43:07 +0200 Subject: [PATCH 1/2] feat(template): Support registry-specific Helm values --- template/Makefile.j2 | 60 ++++++++++--------- .../values/oci.stackable.tech.yaml | 5 ++ 2 files changed, 38 insertions(+), 27 deletions(-) create mode 100644 template/deploy/helm/[[operator]]/values/oci.stackable.tech.yaml diff --git a/template/Makefile.j2 b/template/Makefile.j2 index c256e735..38ee5361 100644 --- a/template/Makefile.j2 +++ b/template/Makefile.j2 @@ -10,7 +10,8 @@ .PHONY: build publish OPERATOR_NAME := {[ operator.name }] -VERSION := $(shell cargo metadata --format-version 1 | jq -r '.packages[] | select(.name=="stackable-${OPERATOR_NAME}") | .version') +VERSION := $(shell cargo metadata --format-version 1 | jq -r '.packages[] | select(.name=="stackable-${OPERATOR_NAME}") +| .version') OCI_REGISTRY_HOSTNAME := oci.stackable.tech OCI_REGISTRY_PROJECT_IMAGES := sdp @@ -18,67 +19,72 @@ OCI_REGISTRY_PROJECT_IMAGES := sdp SHELL=/usr/bin/env bash -euo pipefail render-readme: - scripts/render_readme.sh +scripts/render_readme.sh render-docs: - scripts/docs_templating.sh +scripts/docs_templating.sh ## Docker related targets docker-build: - docker build --force-rm --build-arg VERSION=${VERSION} -t "${OCI_REGISTRY_HOSTNAME}/${OCI_REGISTRY_PROJECT_IMAGES}/${OPERATOR_NAME}:${VERSION}-${ARCH}" -f docker/Dockerfile . +docker build --force-rm --build-arg VERSION=${VERSION} -t +"${OCI_REGISTRY_HOSTNAME}/${OCI_REGISTRY_PROJECT_IMAGES}/${OPERATOR_NAME}:${VERSION}-${ARCH}" -f docker/Dockerfile . ## Chart related targets compile-chart: version crds config chart-clean: - rm -rf "deploy/helm/${OPERATOR_NAME}/configs" - rm -rf "deploy/helm/${OPERATOR_NAME}/crds" +rm -rf "deploy/helm/${OPERATOR_NAME}/configs" +rm -rf "deploy/helm/${OPERATOR_NAME}/crds" version: - cat "deploy/helm/${OPERATOR_NAME}/Chart.yaml" | yq ".version = \"${VERSION}\" | .appVersion = \"${VERSION}\"" > "deploy/helm/${OPERATOR_NAME}/Chart.yaml.new" - mv "deploy/helm/${OPERATOR_NAME}/Chart.yaml.new" "deploy/helm/${OPERATOR_NAME}/Chart.yaml" +cat "deploy/helm/${OPERATOR_NAME}/Chart.yaml" | yq ".version = \"${VERSION}\" | .appVersion = \"${VERSION}\"" > +"deploy/helm/${OPERATOR_NAME}/Chart.yaml.new" +mv "deploy/helm/${OPERATOR_NAME}/Chart.yaml.new" "deploy/helm/${OPERATOR_NAME}/Chart.yaml" config: - if [ -d "deploy/config-spec/" ]; then\ - mkdir -p "deploy/helm/${OPERATOR_NAME}/configs";\ - cp -r deploy/config-spec/* "deploy/helm/${OPERATOR_NAME}/configs";\ - fi +if [ -d "deploy/config-spec/" ]; then\ +mkdir -p "deploy/helm/${OPERATOR_NAME}/configs";\ +cp -r deploy/config-spec/* "deploy/helm/${OPERATOR_NAME}/configs";\ +fi # We generate a crds.yaml, so that the effect of code changes are visible. # The operator will take care of the CRD rollout itself. crds: - mkdir -p extra - cargo run --bin stackable-"${OPERATOR_NAME}" -- crd > extra/crds.yaml +mkdir -p extra +cargo run --bin stackable-"${OPERATOR_NAME}" -- crd > extra/crds.yaml chart-lint: compile-chart - docker run -it -v $(shell pwd):/build/helm-charts -w /build/helm-charts quay.io/helmpack/chart-testing:v3.5.0 ct lint --config deploy/helm/ct.yaml +docker run -it -v $(shell pwd):/build/helm-charts -w /build/helm-charts quay.io/helmpack/chart-testing:v3.5.0 ct lint +--config deploy/helm/ct.yaml clean: chart-clean - cargo clean - docker rmi --force '${OCI_REGISTRY_HOSTNAME}/${OCI_REGISTRY_PROJECT_IMAGES}/${OPERATOR_NAME}:${VERSION}' +cargo clean +docker rmi --force '${OCI_REGISTRY_HOSTNAME}/${OCI_REGISTRY_PROJECT_IMAGES}/${OPERATOR_NAME}:${VERSION}' regenerate-charts: chart-clean compile-chart regenerate-nix: - nix run --extra-experimental-features "nix-command flakes" -f . regenerateNixLockfiles +nix run --extra-experimental-features "nix-command flakes" -f . regenerateNixLockfiles build: regenerate-charts regenerate-nix docker-build check-nix: - @which nix || (echo "Error: 'nix' is not installed. Please install it to proceed."; exit 1) +@which nix || (echo "Error: 'nix' is not installed. Please install it to proceed."; exit 1) check-kubernetes: - @kubectl cluster-info > /dev/null 2>&1 || (echo "Error: Kubernetes is not running or kubectl is not properly configured."; exit 1) +@kubectl cluster-info > /dev/null 2>&1 || (echo "Error: Kubernetes is not running or kubectl is not properly +configured."; exit 1) run-dev: check-nix check-kubernetes - kubectl apply -f deploy/stackable-operators-ns.yaml - nix run --extra-experimental-features "nix-command flakes" -f. tilt -- up --port {[5430 + operator_index}] --namespace stackable-operators +kubectl apply -f deploy/stackable-operators-ns.yaml +nix run --extra-experimental-features "nix-command flakes" -f. tilt -- up --port {[5430 + operator_index}] --namespace +stackable-operators stop-dev: check-nix check-kubernetes - nix run --extra-experimental-features "nix-command flakes" -f. tilt -- down +nix run --extra-experimental-features "nix-command flakes" -f. tilt -- down helm-install: - helm install \ - --values deploy/helm/${OPERATOR_NAME}/values.yaml \ - --values deploy/helm/${OPERATOR_NAME}/values/$(OCI_REGISTRY_HOSTNAME).yaml \ - ${OPERATOR_NAME} deploy/helm/${OPERATOR_NAME} +helm install \ +--values deploy/helm/${OPERATOR_NAME}/values.yaml \ +--values deploy/helm/${OPERATOR_NAME}/values/$(OCI_REGISTRY_HOSTNAME).yaml \ +${OPERATOR_NAME} deploy/helm/${OPERATOR_NAME} \ No newline at end of file diff --git a/template/deploy/helm/[[operator]]/values/oci.stackable.tech.yaml b/template/deploy/helm/[[operator]]/values/oci.stackable.tech.yaml new file mode 100644 index 00000000..06f5dd12 --- /dev/null +++ b/template/deploy/helm/[[operator]]/values/oci.stackable.tech.yaml @@ -0,0 +1,5 @@ +--- +# Values overlay for chart packages published to oci.stackable.tech. +image: + registry: oci.stackable.tech + repository: sdp/airflow-operator From b738ac08404b9509b55e69f566e1af0e2291e002 Mon Sep 17 00:00:00 2001 From: Techassi Date: Fri, 10 Apr 2026 16:47:43 +0200 Subject: [PATCH 2/2] ci(template): Publish to quay.io --- template/.github/workflows/build.yaml.j2 | 46 ++++++++++++-- template/Makefile.j2 | 60 +++++++++---------- .../values/oci.stackable.tech.yaml | 5 -- .../helm/[[operator]]/values/quay.io.yaml.j2 | 5 ++ 4 files changed, 74 insertions(+), 42 deletions(-) delete mode 100644 template/deploy/helm/[[operator]]/values/oci.stackable.tech.yaml create mode 100644 template/deploy/helm/[[operator]]/values/quay.io.yaml.j2 diff --git a/template/.github/workflows/build.yaml.j2 b/template/.github/workflows/build.yaml.j2 index a954ac7e..1657745a 100644 --- a/template/.github/workflows/build.yaml.j2 +++ b/template/.github/workflows/build.yaml.j2 @@ -173,7 +173,7 @@ jobs: build-arguments: VERSION=${{ steps.version.outputs.OPERATOR_VERSION }} container-file: docker/Dockerfile - - name: Publish Container Image + - name: Publish Container Image (oci.stackable.tech) if: ${{ !github.event.pull_request.head.repo.fork }} uses: stackabletech/actions/publish-image@ac6f1d3b87f68826b9a5838d13864ef8e88dcf40 # v0.14.0 with: @@ -184,6 +184,17 @@ jobs: image-manifest-tag: ${{ steps.build.outputs.image-manifest-tag }} source-image-uri: ${{ steps.build.outputs.image-manifest-uri }} + - name: Publish Container Image (quay.io) + if: ${{ !github.event.pull_request.head.repo.fork }} + uses: stackabletech/actions/publish-image@ac6f1d3b87f68826b9a5838d13864ef8e88dcf40 # v0.14.0 + with: + image-registry-uri: quay.io + image-registry-username: stackable+robot_sdp_github_action_build # Doesn't exist yet + image-registry-password: ${{ secrets.QUAY_ROBOT_SDP_GITHUB_ACTION_BUILD_SECRET }} # Doesn't exist yet + image-repository: stackable/sdp/${{ env.OPERATOR_NAME }} + image-manifest-tag: ${{ steps.build.outputs.image-manifest-tag }} + source-image-uri: ${{ steps.build.outputs.image-manifest-uri }} + publish-index-manifest: name: Publish/Sign ${{ needs.build-container-image.outputs.operator-version }} Index if: | @@ -202,7 +213,7 @@ jobs: with: persist-credentials: false - - name: Publish and Sign Image Index + - name: Publish and Sign Image Index (oci.stackable.tech) uses: stackabletech/actions/publish-image-index-manifest@ac6f1d3b87f68826b9a5838d13864ef8e88dcf40 # v0.14.0 with: image-registry-uri: oci.stackable.tech @@ -211,6 +222,15 @@ jobs: image-repository: sdp/${{ env.OPERATOR_NAME }} image-index-manifest-tag: ${{ needs.build-container-image.outputs.operator-version }} + - name: Publish and Sign Image Index (quay.io) + uses: stackabletech/actions/publish-image-index-manifest@ac6f1d3b87f68826b9a5838d13864ef8e88dcf40 # v0.14.0 + with: + image-registry-uri: quay.io + image-registry-username: stackable+robot_sdp_github_action_build # Doesn't exist yet + image-registry-password: ${{ secrets.QUAY_ROBOT_SDP_GITHUB_ACTION_BUILD_SECRET }} # Doesn't exist yet + image-repository: stackable/sdp/${{ env.OPERATOR_NAME }} + image-index-manifest-tag: ${{ needs.build-container-image.outputs.operator-version }} + publish-helm-chart: name: Package/Publish ${{ needs.build-container-image.outputs.operator-version }} Helm Chart if: | @@ -229,7 +249,7 @@ jobs: persist-credentials: false submodules: recursive - - name: Package, Publish, and Sign Helm Chart + - name: Package, Publish, and Sign Helm Chart (coi.stackable.tech) uses: stackabletech/actions/publish-helm-chart@ac6f1d3b87f68826b9a5838d13864ef8e88dcf40 # v0.14.0 with: chart-registry-uri: oci.stackable.tech @@ -241,6 +261,18 @@ jobs: app-version: ${{ needs.build-container-image.outputs.operator-version }} publish-and-sign: ${{ !github.event.pull_request.head.repo.fork }} + - name: Package, Publish, and Sign Helm Chart (quay.io) + uses: stackabletech/actions/publish-helm-chart@ac6f1d3b87f68826b9a5838d13864ef8e88dcf40 # v0.14.0 + with: + chart-registry-uri: quay.io + chart-registry-username: stackable+robot_sdp_charts_github_action_build # Doesn't exist yet + chart-registry-password: ${{ secrets.QUAY_ROBOT_SDP_CHARTS_GITHUB_ACTION_BUILD_SECRET }} # Doesn't exist yet + chart-repository: stackable/sdp-charts + chart-directory: deploy/helm/${{ env.OPERATOR_NAME }} + chart-version: ${{ needs.build-container-image.outputs.operator-version }} + app-version: ${{ needs.build-container-image.outputs.operator-version }} + publish-and-sign: ${{ !github.event.pull_request.head.repo.fork }} + openshift-preflight-check: name: Run OpenShift Preflight Check for ${{ needs.build-container-image.outputs.operator-version }}-${{ matrix.arch }} if: | @@ -259,12 +291,18 @@ jobs: - arm64 runs-on: ubuntu-latest steps: - - name: Run OpenShift Preflight Check + - name: Run OpenShift Preflight Check (oci.stackable.tech) uses: stackabletech/actions/run-openshift-preflight@ac6f1d3b87f68826b9a5838d13864ef8e88dcf40 # v0.14.0 with: image-index-uri: oci.stackable.tech/sdp/${{ env.OPERATOR_NAME }}:${{ needs.build-container-image.outputs.operator-version }} image-architecture: ${{ matrix.arch }} + - name: Run OpenShift Preflight Check (quay.io) + uses: stackabletech/actions/run-openshift-preflight@ac6f1d3b87f68826b9a5838d13864ef8e88dcf40 # v0.14.0 + with: + image-index-uri: quay.io/stackable/sdp/${{ env.OPERATOR_NAME }}:${{ needs.build-container-image.outputs.operator-version }} + image-architecture: ${{ matrix.arch }} + # This job is a required check in GitHub Settings for this repository. # It saves us having to list many required jobs, or work around dynamically # named jobs (since there is no concept of required settings). diff --git a/template/Makefile.j2 b/template/Makefile.j2 index 38ee5361..c256e735 100644 --- a/template/Makefile.j2 +++ b/template/Makefile.j2 @@ -10,8 +10,7 @@ .PHONY: build publish OPERATOR_NAME := {[ operator.name }] -VERSION := $(shell cargo metadata --format-version 1 | jq -r '.packages[] | select(.name=="stackable-${OPERATOR_NAME}") -| .version') +VERSION := $(shell cargo metadata --format-version 1 | jq -r '.packages[] | select(.name=="stackable-${OPERATOR_NAME}") | .version') OCI_REGISTRY_HOSTNAME := oci.stackable.tech OCI_REGISTRY_PROJECT_IMAGES := sdp @@ -19,72 +18,67 @@ OCI_REGISTRY_PROJECT_IMAGES := sdp SHELL=/usr/bin/env bash -euo pipefail render-readme: -scripts/render_readme.sh + scripts/render_readme.sh render-docs: -scripts/docs_templating.sh + scripts/docs_templating.sh ## Docker related targets docker-build: -docker build --force-rm --build-arg VERSION=${VERSION} -t -"${OCI_REGISTRY_HOSTNAME}/${OCI_REGISTRY_PROJECT_IMAGES}/${OPERATOR_NAME}:${VERSION}-${ARCH}" -f docker/Dockerfile . + docker build --force-rm --build-arg VERSION=${VERSION} -t "${OCI_REGISTRY_HOSTNAME}/${OCI_REGISTRY_PROJECT_IMAGES}/${OPERATOR_NAME}:${VERSION}-${ARCH}" -f docker/Dockerfile . ## Chart related targets compile-chart: version crds config chart-clean: -rm -rf "deploy/helm/${OPERATOR_NAME}/configs" -rm -rf "deploy/helm/${OPERATOR_NAME}/crds" + rm -rf "deploy/helm/${OPERATOR_NAME}/configs" + rm -rf "deploy/helm/${OPERATOR_NAME}/crds" version: -cat "deploy/helm/${OPERATOR_NAME}/Chart.yaml" | yq ".version = \"${VERSION}\" | .appVersion = \"${VERSION}\"" > -"deploy/helm/${OPERATOR_NAME}/Chart.yaml.new" -mv "deploy/helm/${OPERATOR_NAME}/Chart.yaml.new" "deploy/helm/${OPERATOR_NAME}/Chart.yaml" + cat "deploy/helm/${OPERATOR_NAME}/Chart.yaml" | yq ".version = \"${VERSION}\" | .appVersion = \"${VERSION}\"" > "deploy/helm/${OPERATOR_NAME}/Chart.yaml.new" + mv "deploy/helm/${OPERATOR_NAME}/Chart.yaml.new" "deploy/helm/${OPERATOR_NAME}/Chart.yaml" config: -if [ -d "deploy/config-spec/" ]; then\ -mkdir -p "deploy/helm/${OPERATOR_NAME}/configs";\ -cp -r deploy/config-spec/* "deploy/helm/${OPERATOR_NAME}/configs";\ -fi + if [ -d "deploy/config-spec/" ]; then\ + mkdir -p "deploy/helm/${OPERATOR_NAME}/configs";\ + cp -r deploy/config-spec/* "deploy/helm/${OPERATOR_NAME}/configs";\ + fi # We generate a crds.yaml, so that the effect of code changes are visible. # The operator will take care of the CRD rollout itself. crds: -mkdir -p extra -cargo run --bin stackable-"${OPERATOR_NAME}" -- crd > extra/crds.yaml + mkdir -p extra + cargo run --bin stackable-"${OPERATOR_NAME}" -- crd > extra/crds.yaml chart-lint: compile-chart -docker run -it -v $(shell pwd):/build/helm-charts -w /build/helm-charts quay.io/helmpack/chart-testing:v3.5.0 ct lint ---config deploy/helm/ct.yaml + docker run -it -v $(shell pwd):/build/helm-charts -w /build/helm-charts quay.io/helmpack/chart-testing:v3.5.0 ct lint --config deploy/helm/ct.yaml clean: chart-clean -cargo clean -docker rmi --force '${OCI_REGISTRY_HOSTNAME}/${OCI_REGISTRY_PROJECT_IMAGES}/${OPERATOR_NAME}:${VERSION}' + cargo clean + docker rmi --force '${OCI_REGISTRY_HOSTNAME}/${OCI_REGISTRY_PROJECT_IMAGES}/${OPERATOR_NAME}:${VERSION}' regenerate-charts: chart-clean compile-chart regenerate-nix: -nix run --extra-experimental-features "nix-command flakes" -f . regenerateNixLockfiles + nix run --extra-experimental-features "nix-command flakes" -f . regenerateNixLockfiles build: regenerate-charts regenerate-nix docker-build check-nix: -@which nix || (echo "Error: 'nix' is not installed. Please install it to proceed."; exit 1) + @which nix || (echo "Error: 'nix' is not installed. Please install it to proceed."; exit 1) check-kubernetes: -@kubectl cluster-info > /dev/null 2>&1 || (echo "Error: Kubernetes is not running or kubectl is not properly -configured."; exit 1) + @kubectl cluster-info > /dev/null 2>&1 || (echo "Error: Kubernetes is not running or kubectl is not properly configured."; exit 1) run-dev: check-nix check-kubernetes -kubectl apply -f deploy/stackable-operators-ns.yaml -nix run --extra-experimental-features "nix-command flakes" -f. tilt -- up --port {[5430 + operator_index}] --namespace -stackable-operators + kubectl apply -f deploy/stackable-operators-ns.yaml + nix run --extra-experimental-features "nix-command flakes" -f. tilt -- up --port {[5430 + operator_index}] --namespace stackable-operators stop-dev: check-nix check-kubernetes -nix run --extra-experimental-features "nix-command flakes" -f. tilt -- down + nix run --extra-experimental-features "nix-command flakes" -f. tilt -- down helm-install: -helm install \ ---values deploy/helm/${OPERATOR_NAME}/values.yaml \ ---values deploy/helm/${OPERATOR_NAME}/values/$(OCI_REGISTRY_HOSTNAME).yaml \ -${OPERATOR_NAME} deploy/helm/${OPERATOR_NAME} \ No newline at end of file + helm install \ + --values deploy/helm/${OPERATOR_NAME}/values.yaml \ + --values deploy/helm/${OPERATOR_NAME}/values/$(OCI_REGISTRY_HOSTNAME).yaml \ + ${OPERATOR_NAME} deploy/helm/${OPERATOR_NAME} diff --git a/template/deploy/helm/[[operator]]/values/oci.stackable.tech.yaml b/template/deploy/helm/[[operator]]/values/oci.stackable.tech.yaml deleted file mode 100644 index 06f5dd12..00000000 --- a/template/deploy/helm/[[operator]]/values/oci.stackable.tech.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -# Values overlay for chart packages published to oci.stackable.tech. -image: - registry: oci.stackable.tech - repository: sdp/airflow-operator diff --git a/template/deploy/helm/[[operator]]/values/quay.io.yaml.j2 b/template/deploy/helm/[[operator]]/values/quay.io.yaml.j2 new file mode 100644 index 00000000..d2dabe23 --- /dev/null +++ b/template/deploy/helm/[[operator]]/values/quay.io.yaml.j2 @@ -0,0 +1,5 @@ +--- +# Values overlay for chart packages published to quay.io. +image: + registry: quay.io + repository: stackable/sdp/{[ operator.name }]