feat(account): add manager workspace subscription api #3101
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build Controllers image | |
| on: | |
| workflow_call: | |
| inputs: | |
| push_image: | |
| description: "Push image" | |
| required: false | |
| type: boolean | |
| default: false | |
| push_image_tag: | |
| description: "Push image tag" | |
| default: "latest" | |
| required: false | |
| type: string | |
| disable_cilint: | |
| description: "Disable golangci-lint" | |
| default: false | |
| required: false | |
| type: boolean | |
| workflow_dispatch: | |
| inputs: | |
| push_image: | |
| description: "Push image" | |
| required: false | |
| type: boolean | |
| default: false | |
| push_image_tag: | |
| description: "Push image tag" | |
| default: "latest" | |
| required: false | |
| type: string | |
| disable_cilint: | |
| description: "Disable golangci-lint" | |
| default: false | |
| required: false | |
| type: boolean | |
| push: | |
| branches: ["main"] | |
| paths: | |
| - "controllers/**" | |
| - ".github/workflows/controllers.yml" | |
| - "!**/*.md" | |
| - "!**/*.yaml" | |
| pull_request: | |
| branches: ["*"] | |
| paths: | |
| - "controllers/**" | |
| - ".github/workflows/controllers.yml" | |
| - "!**/*.md" | |
| - "!**/*.yaml" | |
| env: | |
| # Common versions | |
| GO_VERSION: "1.24" | |
| DEFAULT_OWNER: "labring" | |
| CRYPTOKEY: ${{ secrets.CONTROLLER_BUILD_CRYPTOKEY }} | |
| LICENSE_KEY: ${{ secrets.LICENSE_KEY }} | |
| ALIYUN_REGISTRY: ${{ secrets.ALIYUN_REGISTRY }} | |
| ALIYUN_REPO_PREFIX: ${{ secrets.ALIYUN_REPO_PREFIX && secrets.ALIYUN_REPO_PREFIX || secrets.ALIYUN_USERNAME && format('{0}/{1}', secrets.ALIYUN_REGISTRY, secrets.ALIYUN_USERNAME) || '' }} | |
| jobs: | |
| resolve-modules: | |
| runs-on: ubuntu-24.04 | |
| outputs: | |
| matrix: ${{ steps.set-matrix.outputs.matrix }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Resolve Modules | |
| id: set-matrix | |
| run: bash scripts/resolve-modules.sh ./controllers | |
| golangci-lint: | |
| if: ${{ !inputs.disable_cilint && (github.event_name == 'push' || github.event_name == 'pull_request') }} | |
| needs: [resolve-modules] | |
| runs-on: ubuntu-24.04 | |
| strategy: | |
| fail-fast: false | |
| matrix: ${{ fromJson(needs.resolve-modules.outputs.matrix) }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Golang with cache | |
| uses: magnetikonline/action-golang-cache@v5 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| - name: Install Dependencies | |
| run: sudo apt update && sudo apt install -y libgpgme-dev libbtrfs-dev libdevmapper-dev | |
| - name: Run Linter | |
| uses: golangci/golangci-lint-action@v8 | |
| with: | |
| version: v2.5.0 | |
| working-directory: ${{ matrix.workdir }} | |
| # args between =, not space | |
| args: --color=always --config=${{ github.workspace }}/.golangci.yml | |
| image-build: | |
| runs-on: ubuntu-24.04 | |
| permissions: | |
| contents: read | |
| packages: write | |
| strategy: | |
| matrix: | |
| module: | |
| - { name: user, path: user } | |
| - { name: terminal, path: terminal } | |
| - { name: account, path: account } | |
| - { name: app, path: app } | |
| - { name: db-adminer, path: db/adminer } | |
| - { name: license, path: license } | |
| - { name: job-init, path: job/init } | |
| - { name: job-heartbeat, path: job/heartbeat } | |
| - { name: resources, path: resources } | |
| - { name: node, path: node } | |
| - { name: devbox, path: devbox } | |
| - { name: objectstorage, path: objectstorage } | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Setup Golang with cache | |
| uses: magnetikonline/action-golang-cache@v5 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| - name: Install Dependencies | |
| run: sudo apt update && sudo apt install -y libgpgme-dev libbtrfs-dev libdevmapper-dev | |
| - name: Build ${{ matrix.module.name }} amd64 | |
| working-directory: controllers/${{ matrix.module.path }} | |
| env: | |
| MODULE_NAME: ${{ matrix.module.name }} | |
| MODULE_PATH: ${{ matrix.module.path }} | |
| run: | | |
| GOARCH=amd64 TARGETARCH=amd64 make build | |
| mv bin/manager "bin/controller-${MODULE_NAME}-amd64" | |
| chmod +x "bin/controller-${MODULE_NAME}-amd64" | |
| - name: Build ${{ matrix.module.name }} arm64 | |
| working-directory: controllers/${{ matrix.module.path }} | |
| env: | |
| MODULE_NAME: ${{ matrix.module.name }} | |
| MODULE_PATH: ${{ matrix.module.path }} | |
| run: | | |
| GOARCH=arm64 TARGETARCH=arm64 make build | |
| mv bin/manager "bin/controller-${MODULE_NAME}-arm64" | |
| chmod +x "bin/controller-${MODULE_NAME}-arm64" | |
| - name: Expose git commit data | |
| uses: rlespinasse/git-commit-data-action@v1 | |
| - name: Check if tag | |
| id: check_tag | |
| env: | |
| REF: ${{ github.ref }} | |
| run: | | |
| if [[ "$REF" == refs/tags/* ]]; then | |
| echo "isTag=true" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "isTag=false" >> "$GITHUB_OUTPUT" | |
| fi | |
| - name: Prepare | |
| id: prepare | |
| env: | |
| PUSH_IMAGE: ${{ inputs.push_image }} | |
| IS_TAG: ${{ steps.check_tag.outputs.isTag }} | |
| PUSH_IMAGE_TAG: ${{ inputs.push_image_tag }} | |
| REPO_OWNER: ${{ github.repository_owner }} | |
| MODULE_NAME: ${{ matrix.module.name }} | |
| run: | | |
| bash scripts/resolve-tag-image.sh "$PUSH_IMAGE" "$IS_TAG" "$PUSH_IMAGE_TAG" | |
| echo "docker_repo=ghcr.io/${REPO_OWNER}/sealos-${MODULE_NAME}-controller" >> $GITHUB_OUTPUT | |
| if [[ -n "${{ env.ALIYUN_REPO_PREFIX }}" ]]; then | |
| echo "aliyun_docker_repo=${{ env.ALIYUN_REPO_PREFIX }}/sealos-${MODULE_NAME}-controller" >> $GITHUB_OUTPUT | |
| fi | |
| - # Add support for more platforms with QEMU (optional) | |
| # https://github.com/docker/setup-qemu-action | |
| name: Set up QEMU | |
| uses: docker/setup-qemu-action@v2 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| driver-opts: network=host | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@v3 | |
| if: ${{ (github.event_name == 'push') ||(github.event_name == 'create') || (inputs.push_image == true) }} | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GHCR_TOKEN || secrets.GITHUB_TOKEN }} | |
| - name: Login to Aliyun Registry | |
| uses: docker/login-action@v3 | |
| if: ${{ ((github.event_name == 'push') ||(github.event_name == 'create') || (inputs.push_image == true)) && env.ALIYUN_REGISTRY }} | |
| with: | |
| registry: ${{ env.ALIYUN_REGISTRY }} | |
| username: ${{ secrets.ALIYUN_USERNAME }} | |
| password: ${{ secrets.ALIYUN_PASSWORD }} | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: | | |
| ${{ steps.prepare.outputs.docker_repo }} | |
| ${{ steps.prepare.outputs.aliyun_docker_repo }} | |
| tags: | | |
| type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'main') }} | |
| type=raw,value=${{ steps.prepare.outputs.tag_name }},enable=true | |
| type=ref,event=tag | |
| type=sha | |
| env: | |
| DOCKER_METADATA_SHORT_SHA_LENGTH: 9 | |
| - name: build (and publish) ${{ matrix.module.name }} main image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: ./controllers/${{ matrix.module.path }} | |
| file: ./controllers/${{ matrix.module.path }}/Dockerfile | |
| # Push if it's a push event or if push_image is true | |
| push: ${{ (github.event_name == 'push')||(github.event_name == 'create') || (inputs.push_image == true) }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| platforms: linux/amd64,linux/arm64 | |
| build-cluster-image: | |
| if: ${{ (github.event_name == 'push') ||(github.event_name == 'create') || (inputs.push_image == true) }} | |
| needs: | |
| - image-build | |
| runs-on: ubuntu-24.04 | |
| permissions: | |
| contents: read | |
| packages: write | |
| strategy: | |
| matrix: | |
| module: | |
| - { name: user, path: user } | |
| - { name: terminal, path: terminal } | |
| - { name: account, path: account } | |
| - { name: app, path: app } | |
| - { name: db-adminer, path: db/adminer } | |
| - { name: license, path: license } | |
| - { name: job-init, path: job/init } | |
| - { name: job-heartbeat, path: job/heartbeat } | |
| - { name: resources, path: resources } | |
| - { name: node, path: node } | |
| - { name: devbox, path: devbox } | |
| - { name: objectstorage, path: objectstorage } | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Expose git commit data | |
| uses: rlespinasse/git-commit-data-action@v1 | |
| - name: Check if tag | |
| id: check_tag | |
| env: | |
| REF: ${{ github.ref }} | |
| run: | | |
| if [[ "$REF" == refs/tags/* ]]; then | |
| echo "isTag=true" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "isTag=false" >> "$GITHUB_OUTPUT" | |
| fi | |
| - name: Prepare | |
| id: prepare | |
| env: | |
| PUSH_IMAGE: ${{ inputs.push_image }} | |
| IS_TAG: ${{ steps.check_tag.outputs.isTag }} | |
| PUSH_IMAGE_TAG: ${{ inputs.push_image_tag }} | |
| REPO_OWNER: ${{ github.repository_owner }} | |
| MODULE_NAME: ${{ matrix.module.name }} | |
| run: | | |
| tag_name=$(bash scripts/resolve-tag-image.sh "$PUSH_IMAGE" "$IS_TAG" "$PUSH_IMAGE_TAG") | |
| echo "old_docker_repo=ghcr.io/labring/sealos-${MODULE_NAME}-controller" >> $GITHUB_OUTPUT | |
| echo "new_docker_repo=ghcr.io/${REPO_OWNER}/sealos-${MODULE_NAME}-controller" >> $GITHUB_OUTPUT | |
| echo "cluster_repo=ghcr.io/${REPO_OWNER}/sealos-cloud-${MODULE_NAME}-controller" >> $GITHUB_OUTPUT | |
| echo "cluster_image=ghcr.io/${REPO_OWNER}/sealos-cloud-${MODULE_NAME}-controller:$tag_name" >> $GITHUB_OUTPUT | |
| echo "latest_cluster_image=ghcr.io/${REPO_OWNER}/sealos-cloud-${MODULE_NAME}-controller:latest" >> $GITHUB_OUTPUT | |
| if [[ -n "${{ env.ALIYUN_REPO_PREFIX }}" ]]; then | |
| echo "aliyun_cluster_repo=${{ env.ALIYUN_REPO_PREFIX }}/sealos-cloud-${MODULE_NAME}-controller" >> $GITHUB_OUTPUT | |
| echo "aliyun_cluster_image=${{ env.ALIYUN_REPO_PREFIX }}/sealos-cloud-${MODULE_NAME}-controller:$tag_name" >> $GITHUB_OUTPUT | |
| echo "aliyun_latest_cluster_image=${{ env.ALIYUN_REPO_PREFIX }}/sealos-cloud-${MODULE_NAME}-controller:latest" >> $GITHUB_OUTPUT | |
| fi | |
| - name: Install sealos | |
| run: | | |
| sudo bash ./.github/scripts/install.sh | |
| - name: Mutate image tag in deploy files | |
| working-directory: controllers/${{ matrix.module.path }}/deploy | |
| env: | |
| OLD_DOCKER_REPO: ${{ steps.prepare.outputs.old_docker_repo }} | |
| NEW_DOCKER_REPO: ${{ steps.prepare.outputs.new_docker_repo }} | |
| TAG_NAME: ${{ steps.prepare.outputs.tag_name }} | |
| run: | | |
| OLD_DOCKER_IMAGE_NAME="${OLD_DOCKER_REPO}:latest" | |
| NEW_DOCKER_IMAGE_NAME="${NEW_DOCKER_REPO}:${TAG_NAME}" | |
| sudo sed -i "s;${OLD_DOCKER_IMAGE_NAME};${NEW_DOCKER_IMAGE_NAME};" manifests/* | |
| - name: Build ${{ matrix.module.name }}-controller cluster image | |
| working-directory: controllers/${{ matrix.module.path }}/deploy | |
| env: | |
| CLUSTER_IMAGE: ${{ steps.prepare.outputs.cluster_image }} | |
| LATEST_CLUSTER_IMAGE: ${{ steps.prepare.outputs.latest_cluster_image }} | |
| ALIYUN_CLUSTER_IMAGE: ${{ steps.prepare.outputs.aliyun_cluster_image }} | |
| ALIYUN_LATEST_CLUSTER_IMAGE: ${{ steps.prepare.outputs.aliyun_latest_cluster_image }} | |
| run: | | |
| # Build for GHCR | |
| sudo sealos build -t "${CLUSTER_IMAGE}-amd64" --platform linux/amd64 -f Kubefile | |
| sudo sealos build -t "${LATEST_CLUSTER_IMAGE}-amd64" --platform linux/amd64 -f Kubefile | |
| # delete old registry cache | |
| sudo rm -rf registry | |
| sudo sealos build -t "${CLUSTER_IMAGE}-arm64" --platform linux/arm64 -f Kubefile | |
| sudo sealos build -t "${LATEST_CLUSTER_IMAGE}-arm64" --platform linux/arm64 -f Kubefile | |
| # Build for Aliyun if enabled | |
| if [[ -n "${ALIYUN_CLUSTER_IMAGE}" ]]; then | |
| sudo rm -rf registry | |
| sudo sealos build -t "${ALIYUN_CLUSTER_IMAGE}-amd64" --platform linux/amd64 -f Kubefile | |
| sudo sealos build -t "${ALIYUN_LATEST_CLUSTER_IMAGE}-amd64" --platform linux/amd64 -f Kubefile | |
| sudo rm -rf registry | |
| sudo sealos build -t "${ALIYUN_CLUSTER_IMAGE}-arm64" --platform linux/arm64 -f Kubefile | |
| sudo sealos build -t "${ALIYUN_LATEST_CLUSTER_IMAGE}-arm64" --platform linux/arm64 -f Kubefile | |
| fi | |
| - name: Sealos login to ghcr.io | |
| # if push to master, then login to ghcr.io | |
| env: | |
| REPOSITORY_OWNER: ${{ github.repository_owner }} | |
| GH_PAT: ${{ secrets.GHCR_TOKEN || secrets.GITHUB_TOKEN }} | |
| run: | | |
| sudo sealos login -u "${REPOSITORY_OWNER}" -p "${GH_PAT}" --debug ghcr.io | |
| - name: Sealos login to Aliyun Registry | |
| if: ${{ env.ALIYUN_REGISTRY }} | |
| env: | |
| ALIYUN_USERNAME: ${{ secrets.ALIYUN_USERNAME }} | |
| ALIYUN_PASSWORD: ${{ secrets.ALIYUN_PASSWORD }} | |
| run: | | |
| sudo sealos login -u "$ALIYUN_USERNAME" -p "$ALIYUN_PASSWORD" --debug ${{ env.ALIYUN_REGISTRY }} | |
| - name: Manifest Cluster Images | |
| # if push to master, then patch images to ghcr.io | |
| env: | |
| OWNER: ${{ github.repository_owner }} | |
| CLUSTER_IMAGE: ${{ steps.prepare.outputs.cluster_image }} | |
| LATEST_CLUSTER_IMAGE: ${{ steps.prepare.outputs.latest_cluster_image }} | |
| ALIYUN_CLUSTER_IMAGE: ${{ steps.prepare.outputs.aliyun_cluster_image }} | |
| ALIYUN_LATEST_CLUSTER_IMAGE: ${{ steps.prepare.outputs.aliyun_latest_cluster_image }} | |
| run: | | |
| sudo sealos images | |
| bash scripts/manifest-cluster-images.sh "$CLUSTER_IMAGE" | |
| bash scripts/manifest-cluster-images.sh "$LATEST_CLUSTER_IMAGE" | |
| if [[ -n "${ALIYUN_CLUSTER_IMAGE}" ]]; then | |
| bash scripts/manifest-cluster-images.sh "$ALIYUN_CLUSTER_IMAGE" | |
| bash scripts/manifest-cluster-images.sh "$ALIYUN_LATEST_CLUSTER_IMAGE" | |
| fi |