Skip to content

ROX-33792: extract operator bundle build to separate job #19656

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
janisz merged 1 commit into from
Mar 31, 2026
+49 −28
Merged

ROX-33792: extract operator bundle build to separate job #19656

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
77 changes: 49 additions & 28 deletions .github/workflows/build.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -324,6 +324,54 @@ jobs:
path: |
image/rhel/docs

build-operator-bundle:
runs-on: ubuntu-latest
env:
QUAY_ORG: rhacs-eng
QUAY_RHACS_ENG_RW_PASSWORD: ${{ secrets.QUAY_RHACS_ENG_RW_PASSWORD }}
QUAY_RHACS_ENG_RW_USERNAME: ${{ secrets.QUAY_RHACS_ENG_RW_USERNAME }}
ROX_OPERATOR_SKIP_PROTO_GENERATED_SRCS: true
ROX_PRODUCT_BRANDING: RHACS_BRANDING
steps:
- name: Checkout
uses: actions/checkout@v6
with:
fetch-depth: 0
ref: ${{ inputs.commit || github.event.pull_request.head.sha }}

- uses: ./.github/actions/job-preamble
with:
gcp-account: ${{ secrets.GCP_SERVICE_ACCOUNT_STACKROX_CI }}

- name: Set up Go
uses: actions/setup-go@v5
with:
go-version-file: go.mod
cache: false

- name: Cache Go dependencies
uses: ./.github/actions/cache-go-dependencies

- uses: ./.github/actions/handle-tagged-build

- name: Set up Python
uses: actions/setup-python@v5
with:
python-version-file: operator/bundle_helpers/.python-version

- name: Build Operator Bundle
run: make -C operator/ bundle bundle-build

- name: Push Operator Bundle and Index
# Skip for external contributions.
if: |
github.event_name == 'push' || !github.event.pull_request.head.repo.fork
run: |
./scripts/ci/lib.sh registry_rw_login "quay.io/${QUAY_ORG}"
make -C operator/ docker-push-bundle | cat
make -C operator/ index-build
make -C operator/ docker-push-index | cat

build-and-push-main:
runs-on: ubuntu-latest
needs:
Expand Down Expand Up @@ -692,12 +740,6 @@ jobs:
run: |
./scripts/ci/lib.sh registry_rw_login "quay.io/${QUAY_ORG}"

- name: Build Operator Bundle image
if: |
matrix.name != 'STACKROX_BRANDING'
run: |
make -C operator/ bundle bundle-build

- name: Build Operator image
run: |
# The first invocation builds native architecture dependencies, which helps avoid the following error,
Expand Down Expand Up @@ -745,28 +787,6 @@ jobs:
fi
echo "Operator image push completed successfully"

- name: Push bundle image
# Skip for external contributions, and for upstream.
if: |
matrix.name != 'STACKROX_BRANDING' && (github.event_name == 'push' || !github.event.pull_request.head.repo.fork)
run: |
make -C operator/ docker-push-bundle | cat

# Index image can only be built once bundle was pushed
- name: Build index
# Skip for external contributions and for upstream, as the build relies on the previous image to be pushed.
if: |
matrix.name != 'STACKROX_BRANDING' && (github.event_name == 'push' || !github.event.pull_request.head.repo.fork)
run: |
make -C operator/ index-build

- name: Push index image
# Skip for external contributions, and for upstream.
if: |
matrix.name != 'STACKROX_BRANDING' && (github.event_name == 'push' || !github.event.pull_request.head.repo.fork)
run: |
make -C operator/ docker-push-index | cat

push-operator-manifests:
runs-on: ubuntu-latest
needs:
Expand Down Expand Up @@ -960,6 +980,7 @@ jobs:
- pre-build-cli
- pre-build-go-binaries
- pre-build-docs
- build-operator-bundle
- build-and-push-main
- build-and-push-operator
- scan-images-with-roxctl
Expand Down
Loading