Add tools image for CI runs

.github/workflows/ci.yaml

@@ -105,6 +105,15 @@ jobs:
           export PATH=${PATH}:$GOPATH/bin
           make verify binary test test/integration
         timeout-minutes: 14
+      - name: Build and publish fleet-manager-tools image to quay.io
+        if: github.event_name == 'push'
+        env:
+          QUAY_USER: ${{ secrets.QUAY_RHACS_ENG_FM_RW_USERNAME }}
+          QUAY_TOKEN: ${{ secrets.QUAY_RHACS_ENG_FM_RW_PASSWORD }}
+          QUAY_IMAGE_REPOSITORY: rhacs-eng/fleet-manager-tools
+        run: |
+          chmod +x ./build_push_fleet_manager_tools.sh
+          ./build_push_fleet_manager_tools.sh
       - name: Build and publish fleet* image to quay.io
         if: github.event_name == 'push'
         env:

Dockerfile.tools

@@ -0,0 +1,33 @@
+FROM registry.access.redhat.com/ubi8/ubi-minimal:8.8
+
+ENV KUBECTL_VERSION=v1.28.1
+
+COPY \
+    fleet-manager \
+    fleetshard-sync \
+    acsfleetctl \
+    /usr/local/bin/
+
+RUN microdnf install tar gzip
+
+# Install kubeval
+RUN curl -LO https://github.com/instrumenta/kubeval/releases/download/v0.16.1/kubeval-linux-amd64.tar.gz
+RUN curl -LO "https://github.com/instrumenta/kubeval/releases/download/v0.16.1/checksums.txt"
+RUN cat checksums.txt | grep linux-amd64 | sha256sum --check
+RUN tar -xf kubeval-linux-amd64.tar.gz
+
+RUN mv kubeval /usr/bin/kubeval
+RUN chmod +x /usr/bin/kubeval
+RUN rm kubeval-linux-amd64.tar.gz
+
+# Install kubeclt
+RUN curl -o /usr/bin/kubectl -LO "https://dl.k8s.io/release/$KUBECTL_VERSION/bin/linux/amd64/kubectl"
+RUN chmod +x /usr/bin/kubectl
+RUN curl -LO "https://dl.k8s.io/$KUBECTL_VERSION/bin/linux/amd64/kubectl.sha256"
+RUN echo "$(cat kubectl.sha256)  /usr/bin/kubectl" | sha256sum --check
+
+LABEL name="fleet-manager-tools" \
+      vendor="Red Hat" \
+      version="0.0.1" \
+      summary="FleetManagerTools" \
+      description="RHACS fleet-manager tools used for CI pipelines"

Makefile

@@ -549,6 +549,20 @@ image/build/multi-target/probe:
 	DOCKER_CONFIG=${DOCKER_CONFIG} $(DOCKER) tag $(IMAGE_REF) $(PROBE_SHORT_IMAGE_REF)
 .PHONY: image/build/multi-target/probe
 
+image/build/fleet-manager-tools: GOOS=linux
+image/build/fleet-manager-tools: IMAGE_REF="$(external_image_registry)/rhacs-eng/fleet-manager-tools:$(image_tag)"
+image/build/fleet-manager-tools: fleet-manager fleetshard-sync acsfleetctl
+	DOCKER_CONFIG=${DOCKER_CONFIG} $(DOCKER) build -t $(IMAGE_REF) -f Dockerfile.tools .
+	DOCKER_CONFIG=${DOCKER_CONFIG} $(DOCKER) tag $(IMAGE_REF) fleet-manager-tools:$(image_tag)
+.PHONY: image/build/multi-target/fleet-manager-tools
+
+image/push/fleet-manager-tools: IMAGE_REF="$(external_image_registry)/rhacs-eng/fleet-manager-tools:$(image_tag)"
+image/push/fleet-manager-tools: image/build/fleet-manager-tools
+	DOCKER_CONFIG=${DOCKER_CONFIG} $(DOCKER) push $(IMAGE_REF)
+	@echo
+	@echo "Image fleet-manager tools was pushed as $(IMAGE_REF)."
+.PHONY: image/push/fleet-manager-tools
+
 # build binary and image and tag image for local deployment
 image/build/local: GOOS=linux
 image/build/local: IMAGE_REF="$(external_image_registry)/$(image_repository):$(image_tag)"

build_push_fleet_manager_tools.sh

@@ -0,0 +1,76 @@
+#!/bin/bash -e
+#
+# Copyright (c) 2018 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+# =====================================================================================================================
+# This script builds and pushes the ACS Fleet Manager tools container image which is used by CI pipelines.
+# In order to work, it needs the following variables defined in the CI/CD configuration of the project:
+#
+# QUAY_USER - The name of the robot account used to push images to
+# 'quay.io', for example 'openshift-unified-hybrid-cloud+jenkins'.
+#
+# QUAY_TOKEN - The token of the robot account used to push images to
+# 'quay.io'.
+#
+# The machines that run this script need to have access to internet, so that
+# the built images can be pushed to quay.io.
+# =====================================================================================================================
+
+# Set image repository to default value if it is not passed via env
+IMAGE_REPOSITORY="${QUAY_IMAGE_REPOSITORY:-rhacs-eng/fleet-manager-tools}"
+
+# Set the directory for docker configuration:
+DOCKER_CONFIG="${PWD}/.docker"
+
+# Log in to the image registry:
+if [ -z "${QUAY_USER}" ]; then
+  echo "The quay.io push user name hasn't been provided."
+  echo "Make sure to set the QUAY_USER environment variable."
+  exit 1
+fi
+if [ -z "${QUAY_TOKEN}" ]; then
+  echo "The quay.io push token hasn't been provided."
+  echo "Make sure to set the QUAY_TOKEN environment variable."
+  exit 1
+fi
+
+# Set up the docker config directory
+mkdir -p "${DOCKER_CONFIG}"
+
+BRANCH="main"
+if [[ -n "$GITHUB_REF" ]]; then
+  BRANCH="$(echo "$GITHUB_REF" | awk -F/ '{print $NF}')"
+  echo "GITHUB_REF is defined. Set image tag to $BRANCH."
+elif [[ -n "$GIT_BRANCH" ]]; then
+  BRANCH="$(echo "$GIT_BRANCH" | awk -F/ '{print $NF}')"
+  echo "GIT_BRANCH is defined. Set image tag to $BRANCH."
+else
+  echo "No git branch env var found. Set image tag to $BRANCH."
+fi
+
+# Push the image:
+echo "Quay.io user and token is set, will push images to $IMAGE_REPOSITORY"
+
+make \
+  DOCKER_CONFIG="${DOCKER_CONFIG}" \
+  QUAY_USER="${QUAY_USER}" \
+  QUAY_TOKEN="${QUAY_TOKEN}" \
+  TAG="${BRANCH}" \
+  external_image_registry="quay.io" \
+  internal_image_registry="quay.io" \
+  image_repository="${IMAGE_REPOSITORY}" \
+  docker/login/fleet-manager \
+  image/push/fleet-manager-tools