klauvsteinen/unifi-network-operator
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add GitHub Actions CI/CD workflows and documentation

Browse Source 
- Add Docker image build and push workflow (multi-arch: amd64, arm64)
- Add Helm chart release workflow with GitHub Pages publishing
- Add comprehensive release workflow for version tags
- Add PR validation workflow (tests, linting, validation)
- Update Chart.yaml and values.yaml with GitHub URLs
- Update image repository to use ghcr.io
- Add detailed CI/CD documentation and setup guides

Workflows provide:
- Automated Docker image builds to GitHub Container Registry
- Automated Helm chart releases to GitHub Pages
- Complete release automation with version tagging
- PR validation with tests and linting

Helm repository will be available at:
https://vegardengen.github.io/unifi-network-operator

Docker images available at:
ghcr.io/vegardengen/unifi-network-operator
This commit is contained in:
Vegard Engen
2025-10-25 21:27:29 +02:00
parent ea68bed9c2
commit c4f7cf63fa
10 changed files with 1387 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

92
.github/workflows/docker-build-push.yaml vendored Normal file
View File

@@ -0,0 +1,92 @@
name: Build and Push Docker Image
on:
push:
branches:
- main
- 'feature/**'
tags:
- 'v*'
pull_request:
branches:
- main
workflow_dispatch:
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
jobs:
build-and-push:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
id-token: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version-file: 'go.mod'
cache: true
- name: Run tests
run: |
go test -v ./... -coverprofile=coverage.out
go tool cover -func=coverage.out
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to Container Registry
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha,prefix={{branch}}-
type=raw,value=latest,enable={{is_default_branch}}
- name: Build and push Docker image
uses: docker/build-push-action@v5
with:
context: .
file: ./Dockerfile
platforms: linux/amd64,linux/arm64
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
build-args: |
VERSION=${{ github.ref_name }}
COMMIT=${{ github.sha }}
BUILD_DATE=${{ github.event.head_commit.timestamp }}
- name: Upload coverage reports
if: github.event_name == 'pull_request'
uses: actions/upload-artifact@v4
with:
name: coverage-report
path: coverage.out
retention-days: 7

65
.github/workflows/helm-release.yaml vendored Normal file
View File

@@ -0,0 +1,65 @@
name: Release Helm Chart
on:
push:
branches:
- main
paths:
- 'helm/unifi-network-operator/**'
- '.github/workflows/helm-release.yaml'
workflow_dispatch:
permissions:
contents: write
pages: write
id-token: write
jobs:
release:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Configure Git
run: |
git config user.name "$GITHUB_ACTOR"
git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
- name: Install Helm
uses: azure/setup-helm@v4
with:
version: v3.14.0
- name: Run chart-releaser
uses: helm/chart-releaser-action@v1.6.0
with:
charts_dir: helm
config: .github/cr.yaml
env:
CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
CR_SKIP_EXISTING: true
publish-pages:
needs: release
runs-on: ubuntu-latest
steps:
- name: Checkout gh-pages
uses: actions/checkout@v4
with:
ref: gh-pages
path: gh-pages
- name: Setup Pages
uses: actions/configure-pages@v4
- name: Upload artifact
uses: actions/upload-pages-artifact@v3
with:
path: ./gh-pages
- name: Deploy to GitHub Pages
id: deployment
uses: actions/deploy-pages@v4

90
.github/workflows/pr-validation.yaml vendored Normal file
View File

@@ -0,0 +1,90 @@
name: PR Validation
on:
pull_request:
branches:
- main
workflow_dispatch:
jobs:
lint-and-test:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version-file: 'go.mod'
cache: true
- name: Run go fmt
run: |
if [ -n "$(gofmt -s -l .)" ]; then
echo "Go code is not formatted:"
gofmt -s -d .
exit 1
fi
- name: Run go vet
run: go vet ./...
- name: Run tests
run: go test -v -race -coverprofile=coverage.out ./...
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v4
with:
file: ./coverage.out
fail_ci_if_error: false
helm-lint:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Install Helm
uses: azure/setup-helm@v4
with:
version: v3.14.0
- name: Lint Helm chart
run: |
helm lint helm/unifi-network-operator \
--set unifi.url="https://test.local" \
--set unifi.password="test"
- name: Template Helm chart
run: |
helm template test-release helm/unifi-network-operator \
--namespace test \
--set unifi.url="https://test.local" \
--set unifi.password="test" \
> /tmp/rendered.yaml
- name: Validate rendered manifests
run: |
# Check that the rendered output is valid YAML
kubectl --dry-run=client apply -f /tmp/rendered.yaml
docker-build:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build Docker image (test only)
uses: docker/build-push-action@v5
with:
context: .
file: ./Dockerfile
platforms: linux/amd64
push: false
tags: test:latest
cache-from: type=gha
cache-to: type=gha,mode=max

222
.github/workflows/release.yaml vendored Normal file
View File

@@ -0,0 +1,222 @@
name: Release
on:
push:
tags:
- 'v*.*.*'
workflow_dispatch:
inputs:
tag:
description: 'Tag to release (e.g., v1.0.0)'
required: true
type: string
permissions:
contents: write
packages: write
pages: write
id-token: write
jobs:
# Build and push multi-arch Docker images
build-images:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version-file: 'go.mod'
- name: Run tests
run: go test -v ./...
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract version
id: version
run: |
if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
VERSION="${{ github.event.inputs.tag }}"
else
VERSION="${GITHUB_REF#refs/tags/}"
fi
echo "version=${VERSION}" >> $GITHUB_OUTPUT
echo "version_no_v=${VERSION#v}" >> $GITHUB_OUTPUT
- name: Build and push Docker image
uses: docker/build-push-action@v5
with:
context: .
file: ./Dockerfile
platforms: linux/amd64,linux/arm64
push: true
tags: |
ghcr.io/${{ github.repository }}:${{ steps.version.outputs.version }}
ghcr.io/${{ github.repository }}:${{ steps.version.outputs.version_no_v }}
ghcr.io/${{ github.repository }}:latest
labels: |
org.opencontainers.image.source=${{ github.event.repository.html_url }}
org.opencontainers.image.revision=${{ github.sha }}
org.opencontainers.image.version=${{ steps.version.outputs.version }}
cache-from: type=gha
cache-to: type=gha,mode=max
# Package and release Helm chart
release-chart:
needs: build-images
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Configure Git
run: |
git config user.name "$GITHUB_ACTOR"
git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
- name: Install Helm
uses: azure/setup-helm@v4
with:
version: v3.14.0
- name: Extract version
id: version
run: |
if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
VERSION="${{ github.event.inputs.tag }}"
else
VERSION="${GITHUB_REF#refs/tags/}"
fi
VERSION_NO_V="${VERSION#v}"
echo "version=${VERSION}" >> $GITHUB_OUTPUT
echo "version_no_v=${VERSION_NO_V}" >> $GITHUB_OUTPUT
- name: Update Chart.yaml version and appVersion
run: |
sed -i "s/^version:.*/version: ${{ steps.version.outputs.version_no_v }}/" helm/unifi-network-operator/Chart.yaml
sed -i "s/^appVersion:.*/appVersion: \"${{ steps.version.outputs.version }}\"/" helm/unifi-network-operator/Chart.yaml
- name: Update values.yaml image tag
run: |
sed -i "s/tag: \".*\"/tag: \"${{ steps.version.outputs.version }}\"/" helm/unifi-network-operator/values.yaml
sed -i "s|repository: .*|repository: ghcr.io/${{ github.repository }}|" helm/unifi-network-operator/values.yaml
- name: Package Helm chart
run: |
mkdir -p .cr-release-packages
helm package helm/unifi-network-operator -d .cr-release-packages
- name: Run chart-releaser
uses: helm/chart-releaser-action@v1.6.0
with:
charts_dir: helm
skip_packaging: true
config: .github/cr.yaml
env:
CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
- name: Upload Helm chart as artifact
uses: actions/upload-artifact@v4
with:
name: helm-chart
path: .cr-release-packages/*.tgz
retention-days: 90
# Create GitHub Release
create-release:
needs: [build-images, release-chart]
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Extract version
id: version
run: |
if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
VERSION="${{ github.event.inputs.tag }}"
else
VERSION="${GITHUB_REF#refs/tags/}"
fi
echo "version=${VERSION}" >> $GITHUB_OUTPUT
- name: Download Helm chart artifact
uses: actions/download-artifact@v4
with:
name: helm-chart
path: ./artifacts
- name: Generate release notes
id: notes
run: |
cat > release_notes.md << 'EOF'
## UniFi Network Operator ${{ steps.version.outputs.version }}
### Installation
#### Using Helm
```bash
helm repo add unifi-network-operator https://vegardengen.github.io/unifi-network-operator
helm repo update
helm install unifi-network-operator unifi-network-operator/unifi-network-operator \
--namespace unifi-network-operator-system \
--create-namespace \
--set unifi.url="https://your-unifi-controller:8443" \
--set unifi.password="your-password"
```
#### Using Docker
```bash
docker pull ghcr.io/${{ github.repository }}:${{ steps.version.outputs.version }}
```
### What's Changed
See the full changelog for details of changes in this release.
### Container Images
- `ghcr.io/${{ github.repository }}:${{ steps.version.outputs.version }}`
- Available for `linux/amd64` and `linux/arm64`
### Helm Chart
- Chart version: Automatically generated
- App version: ${{ steps.version.outputs.version }}
- Repository: https://vegardengen.github.io/unifi-network-operator
EOF
cat release_notes.md
- name: Create GitHub Release
uses: softprops/action-gh-release@v1
with:
tag_name: ${{ steps.version.outputs.version }}
name: Release ${{ steps.version.outputs.version }}
body_path: release_notes.md
draft: false
prerelease: ${{ contains(steps.version.outputs.version, 'alpha') || contains(steps.version.outputs.version, 'beta') || contains(steps.version.outputs.version, 'rc') }}
files: |
./artifacts/*.tgz
token: ${{ secrets.GITHUB_TOKEN }}