plumbing icon indicating copy to clipboard operation
plumbing copied to clipboard
verified publisher icon tektoncd

[DO NOT MERGE-WIP] migrate nightly to github actions

Open anithapriyanatarajan opened this issue 5 months ago • 6 comments

Changes

Addresses the issue #2670 to migrate nightly release infrastructure from Azure to GHA with ephemeral clusters.

Core Infrastructure

  1. .github/actions/setup-tekton/ - Composite action that:

    • Creates Kind cluster
    • Installs Tekton Pipeline, Triggers, and Chains
    • Configures Chains for sigstore signing with GitHub OIDC
    • Sets up namespaces and RBAC

  2. .github/workflows/nightly-release-template.yml - Reusable workflow that:

    • Orchestrates the entire release process
    • Triggers existing Tekton pipelines without modification
    • Collects artifacts, logs, and execution history
    • Generates GitHub-native attestations

Project-Specific Workflows

Created individual workflows for the main projects:

  • nightly-pipeline.yml - Tekton Pipeline (5am UTC)
  • nightly-triggers.yml - Tekton Triggers (6am UTC)
  • nightly-dashboard.yml - Tekton Dashboard (7am UTC)
  • nightly-chains.yml - Tekton Chains (8am UTC)

Supporting Tools

  1. Test workflow (test-tekton-setup.yml) - Validates the setup
  2. Migration script (scripts/migrate-from-azure.sh) - Helps manage the transition

/kind feature

Submitter Checklist

These are the criteria that every PR should meet, please check them off as you review them:

See the contribution guide for more details.

anithapriyanatarajan avatar Jul 04 '25 07:07 anithapriyanatarajan

Skipping CI for Draft Pull Request. If you want CI signal for your change, please convert it to an actual PR. You can still manually trigger a test run with /test all

tekton-robot avatar Jul 04 '25 07:07 tekton-robot

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: To complete the pull request process, please assign jerop after the PR has been reviewed. You can assign the PR to them by writing /assign @jerop in a comment when ready.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment Approvers can cancel approval by writing /approve cancel in a comment

tekton-robot avatar Jul 04 '25 07:07 tekton-robot

Thanks @anithapriyanatarajan, let me know once this is ready for review

afrittoli avatar Jul 04 '25 09:07 afrittoli

I realise this PR isn't marked as ready for review yet, but I have a question about the project-specific workflows.

Would it make sense to add these to the individual project repos instead of having them all run centrally in plumbing? They can still use the composite action and reusable workflow from plumbing.

Having them in the individual project repos would provide better visibility on status to maintainers and users, as well as more direct control over the nightly release config etc.

AlanGreene avatar Jul 08 '25 15:07 AlanGreene

/test all

anithapriyanatarajan avatar Jul 16 '25 05:07 anithapriyanatarajan

@anithapriyanatarajan: No jobs can be run with /test all. The following commands are available to trigger required jobs:

  • /test pull-dogfooding-mario-test
  • /test pull-tekton-plumbing-check-testgrid-config

In response to this:

/test all

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

tekton-robot avatar Jul 16 '25 05:07 tekton-robot