ci: add image build jobs (#1051) Signed-off-by: Mohammed Naser <mnaser@vexxhost.com>

commit: 3769438f19efc6d335b34d3fb78075bf297e3da4 [log] [tgz]
author: Mohammed Naser <mnaser@vexxhost.com> Tue Apr 02 21:11:31 2024 -0400
committer: GitHub <noreply@github.com> Tue Apr 02 21:11:31 2024 -0400
tree: 4d1a2c684490e310a1b7e3da32fb1a35d90707f2
parent: d206f5d201688ab3ea96c8a4b8331a58e3986769 [diff]
diff --git a/zuul.d/jobs.yaml b/zuul.d/jobs.yaml
index 30f6b93..8130aa7 100644
--- a/zuul.d/jobs.yaml
+++ b/zuul.d/jobs.yaml

@@ -13,6 +13,17 @@
 # under the License.
 
 - job:
+    name: atmosphere-build-images
+    pre-run: zuul.d/playbooks/build-images/pre.yml
+    run: zuul.d/playbooks/build-images/run.yml
+
+- job:
+    name: atmosphere-upload-images
+    parent: atmosphere-build-images
+    secrets:
+      - registry_credentials
+
+- job:
     name: atmosphere-molecule
     parent: tox
     abstract: true

diff --git a/zuul.d/playbooks/build-images/pre.yml b/zuul.d/playbooks/build-images/pre.yml
new file mode 100644
index 0000000..ab0c6e1
--- /dev/null
+++ b/zuul.d/playbooks/build-images/pre.yml

@@ -0,0 +1,18 @@
+# Copyright (c) 2024 VEXXHOST, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+- name: Prepare host for Keycloak tests
+  hosts: all
+  roles:
+    - ensure-docker

diff --git a/zuul.d/playbooks/build-images/run.yml b/zuul.d/playbooks/build-images/run.yml
new file mode 100644
index 0000000..c82be02
--- /dev/null
+++ b/zuul.d/playbooks/build-images/run.yml

@@ -0,0 +1,33 @@
+# Copyright (c) 2024 VEXXHOST, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+- name: Build images
+  hosts: all
+  tasks:
+    - name: Create builder
+      ansible.builtin.shell: docker buildx create --name=atmosphere --driver=docker-container
+
+    - name: Login to registry
+      when: zuul.pipeline == 'post'
+      no_log: true
+      ansible.builtin.shell: |
+        docker login -u '{{ registry_credentials.username }}' -p '{{ registry_credentials.password }}' registry.atmosphere.dev
+
+    - name: Build images
+      ansible.builtin.shell: |
+        docker buildx bake --builder=atmosphere --provenance --sbom=true {% if zuul.pipeline == 'post' %}--push{% endif %}
+      args:
+        chdir: "{{ zuul.project.src_dir }}"
+      environment:
+        PUSH_TO_CACHE: "{{ zuul.pipeline == 'post' }}"

diff --git a/zuul.d/project.yaml b/zuul.d/project.yaml
index a94f6dc..6f3f0a9 100644
--- a/zuul.d/project.yaml
+++ b/zuul.d/project.yaml

@@ -15,8 +15,12 @@
 - project:
     check:
       jobs:
+        - atmosphere-build-images
         - atmosphere-molecule-aio-openvswitch
         - atmosphere-molecule-aio-ovn
         - atmosphere-molecule-csi-local-path-provisioner
         - atmosphere-molecule-csi-rbd
         - atmosphere-molecule-keycloak
+    post:
+      jobs:
+        - atmosphere-upload-images

diff --git a/zuul.d/secrets.yaml b/zuul.d/secrets.yaml
new file mode 100644
index 0000000..232d7d5
--- /dev/null
+++ b/zuul.d/secrets.yaml

@@ -0,0 +1,29 @@
+# Copyright (c) 2024 VEXXHOST, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+- secret:
+    name: registry_credentials
+    data:
+      username: robot$zuul
+      password: !encrypted/pkcs1-oaep
+        - OOykjodZE21qsYYLpzplp+PV0QbsKQ1B3+kI7bY97VQI/d5RlewqlNABc10eQnyYFSDvq
+          z2gSigSHxaVcV5qKJLTNVDgzSBHBj349OaTh6dXsxplvoArehfYMMZGuNmFlucoeN8K6w
+          yLRViN7tCS39CAYdjeNX1X7mQ7gBC61jUQ++JB+R5MhXmALJxzPfQRl9jsYmjx9ZXjEwE
+          tjKLSyQifQU20eXbhZOUW2nr+ItTikS3AOSo6Ja6jCI1c9lj6mJtUOorGsuxfdhEigPws
+          Qnz539imGcyqySSxvbJvgoEYxhE3dHFV5cJkomoHHHwLH0wbjAgBQtCMX3CvpxNX8sBfJ
+          MxvUkxY8VWt3CtJkdq+/eaCovCRn6GN5enI5tlUJgpAyV+PO6PvkTan6yC8lHMM5pD4jX
+          Hdo6gt6m9WyA5VxUHdoYYMaDO/rvCxxrUevzPn8do5I96madr9S9lFARqw74mgXG5I6pZ
+          M7zDXnorUFyv9dUIB2rOZrp7o0OC2thujjDTKXb4qfmfXGOwlkNmtCLo6BaDo9pSdRN8p
+          k0YnUAItZ64qUR7paEUKGy4rzsZjDYvIj7DrCFvLL2CXcyjPGcmcblpSHe5vJ15CFVH8X
+          o39FIIhSmehvrYJziGYUgf4JY1B6ktBtFc9l78WeoJRHNce+viSSkBj1fhbUaI=
commit	3769438f19efc6d335b34d3fb78075bf297e3da4	[log] [tgz]
author	Mohammed Naser <mnaser@vexxhost.com>	Tue Apr 02 21:11:31 2024 -0400
committer	GitHub <noreply@github.com>	Tue Apr 02 21:11:31 2024 -0400
tree	4d1a2c684490e310a1b7e3da32fb1a35d90707f2
parent	d206f5d201688ab3ea96c8a4b8331a58e3986769 [diff]