feat: move to matrix strategy

dheeraj-coding · dheeraj-coding · commit b9a70943a285 · 2025-12-11T22:03:55.000Z
diff --git a/.github/workflows/toolkit-base-build-push.yaml b/.github/workflows/toolkit-base-build-push.yaml
@@ -0,0 +1,84 @@
+name: Create and publish toolkit base image
+
+on:
+  workflow_dispatch:
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository_owner }}/eks-toolkit-base
+  BUILD_CONTEXT: tests/images/toolkit-base/
+
+jobs:
+  get_versions_job:
+    runs-on: ubuntu-latest
+    outputs:
+      k8s_versions: ${{ steps.determine_versions.outputs.k8s_versions }}
+      latest_tools: ${{ steps.determine_versions.outputs.latest_tools }}
+    
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+      - name: Install jq
+        run: sudo apt-get update && sudo apt-get install -y jq
+        
+      - name: Determine K8s Versions and Tool Versions
+        id: determine_versions
+        working-directory: ${{ env.BUILD_CONTEXT }}
+        run: |
+          chmod +x ./get_versions_matrix.sh  # We need a new version of the script
+          ./get_versions_matrix.sh
+
+  build_and_push_image:
+    needs: get_versions_job 
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+      attestations: write
+      id-token: write
+    
+    strategy:
+      fail-fast: false # Optional: Set to false if you want other builds to finish even if one fails
+      matrix:
+        k8s_tag: ${{ fromJson(needs.get_versions_job.outputs.k8s_versions) }}
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Setup QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Setup docker buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to the Container registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Set Image Tag for Matrix Run
+        id: tags
+        run: |
+          # Use the K8s version as the primary tag
+          echo "tag=${{ matrix.k8s_tag }}" >> $GITHUB_OUTPUT
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v6
+        with:
+          context: ${{ env.BUILD_CONTEXT }}
+          platforms: linux/amd64,linux/arm64
+          push: true
+          # The tags are set dynamically by the 'Set Image Tag' step
+          tags: ${{ env.REGISTRY }}/${{ env.IMAGE_REPO }}:${{ steps.tags.outputs.tag }}
+
+          # Extract the static tool versions from the needs output
+          build-args: |
+            KUBECTL_VERSION=${{ matrix.k8s_tag }}
+            HELM_VERSION=${{ fromJson(needs.get_versions_job.outputs.latest_tools).helm_version }}
+            KUSTOMIZE_VERSION=${{ fromJson(needs.get_versions_job.outputs.latest_tools).kustomize_version }}
+            KUBESEAL_VERSION=${{ fromJson(needs.get_versions_job.outputs.latest_tools).kubeseal_version }}
+            KREW_VERSION=${{ fromJson(needs.get_versions_job.outputs.latest_tools).krew_version }}
+            VALS_VERSION=${{ fromJson(needs.get_versions_job.outputs.latest_tools).vals_version }}
+            KUBECONFORM_VERSION=${{ fromJson(needs.get_versions_job.outputs.latest_tools).kubeconform_version }}
diff --git a/.github/workflows/toolkit-base.yaml b/.github/workflows/toolkit-base.yaml
diff --git a/tests/images/toolkit-base/get_versions_matrix.sh b/tests/images/toolkit-base/get_versions_matrix.sh
@@ -0,0 +1,72 @@
+#!/usr/bin/env bash
+
+set -e
+
+# --- 1. Find all Static Tool Versions and put them into a single JSON object ---
+
+# Collect all versions into bash variables first
+HELM_VERSION=$(curl -s https://api.github.com/repos/helm/helm/releases | jq -r '.[].tag_name | select([startswith("v"), (contains("-") | not)] | all)' | sort -rV | head -n 1 | sed 's/v//')
+KUSTOMIZE_RELEASE=$(curl -s https://api.github.com/repos/kubernetes-sigs/kustomize/releases | jq -r '.[].tag_name | select(contains("kustomize"))' | sort -rV | head -n 1)
+KUSTOMIZE_VERSION=$(basename ${KUSTOMIZE_RELEASE})
+KUBESEAL_VERSION=$(curl -s https://api.github.com/repos/bitnami-labs/sealed-secrets/releases | jq -r '.[].tag_name | select(startswith("v"))' | sort -rV | head -n 1 | sed 's/v//')
+KREW_VERSION=$(curl -s https://api.com/repos/kubernetes-sigs/krew/releases | jq -r '.[].tag_name | select(startswith("v"))' | sort -rV | head -n 1 | sed 's/v//')
+VALS_VERSION=$(curl -s https://api.github.com/repos/helmfile/vals/releases | jq -r '.[].tag_name | select(startswith("v"))' | sort -rV | head -n 1 | sed 's/v//')
+KUBECONFORM_VERSION=$(curl -s https://api.github.com/repos/yannh/kubeconform/releases | jq -r '.[].tag_name | select(startswith("v"))' | sort -rV | head -n 1 | sed 's/v//')
+
+
+# Construct a single JSON object with all static tool versions
+# This will be output to the GITHUB_OUTPUT variable 'latest_tools'
+LATEST_TOOLS_JSON=$(
+  jq -n \
+    --arg helm "$HELM_VERSION" \
+    --arg kustomize "$KUSTOMIZE_VERSION" \
+    --arg kubeseal "$KUBESEAL_VERSION" \
+    --arg krew "$KREW_VERSION" \
+    --arg vals "$VALS_VERSION" \
+    --arg kubeconform "$KUBECONFORM_VERSION" \
+    '{
+      "helm_version": $helm, 
+      "kustomize_version": $kustomize, 
+      "kubeseal_version": $kubeseal, 
+      "krew_version": $krew, 
+      "vals_version": $vals, 
+      "kubeconform_version": $kubeconform
+    }'
+)
+
+echo "latest_tools=$LATEST_TOOLS_JSON" >> $GITHUB_OUTPUT
+echo "Found static tools: $LATEST_TOOLS_JSON"
+
+# --- 2. Find the top 4 latest K8s minor versions and output as a JSON Array ---
+
+# Get the list of all releases tags, excludes alpha, beta, rc tags
+RELEASES=$(curl -s https://api.github.com/repos/kubernetes/kubernetes/releases | jq -r '.[].tag_name | select(test("alpha|beta|rc") | not)')
+
+# Logic to extract unique minor versions
+MINOR_VERSIONS=()
+for RELEASE in $RELEASES; do
+  # Extract v1.30 or v1.29
+  MINOR_VERSION=$(echo $RELEASE | awk -F'.' '{print $1"."$2}')
+  if [[ ! " ${MINOR_VERSIONS[@]} " =~ " ${MINOR_VERSION} " ]]; then
+    MINOR_VERSIONS+=($MINOR_VERSION)
+  fi
+done
+
+# Sort the unique minor versions in reverse order
+SORTED_MINOR_VERSIONS=($(echo "${MINOR_VERSIONS[@]}" | tr ' ' '\n' | sort -rV))
+
+# Loop through the first 4 unique minor versions and get the LATEST PATCH for each
+K8S_TAGS=()
+# Loop for the first 4 latest minors
+for i in $(seq 0 3); do
+  MINOR_VERSION="${SORTED_MINOR_VERSIONS[$i]}"
+  # Get the single latest patch version for this minor
+  LATEST_VERSION=$(echo "$RELEASES" | grep "^$MINOR_VERSION\." | sort -rV | head -1 | sed 's/v//')
+  K8S_TAGS+=("$LATEST_VERSION")
+done
+
+# Convert the bash array into a JSON array string
+K8S_TAGS_JSON=$(printf '%s\n' "${K8S_TAGS[@]}" | jq -R . | jq -s .)
+
+echo "k8s_versions=$K8S_TAGS_JSON" >> $GITHUB_OUTPUT
+echo "Found K8s versions: ${K8S_TAGS[*]}"
