reuse actions

Signed-off-by: dwertent <[email protected]>
dwertent · Nov 6, 2024 · ffdbd6b · ffdbd6b
1 parent f792f85
commit ffdbd6b
Show file tree

Hide file tree

Showing 6 changed files with 49 additions and 93 deletions.
diff --git a/.github/workflows/build-image-job.yaml → .github/actions/build-image.yaml b/.github/workflows/build-image-job.yaml → .github/actions/build-image.yaml
@@ -23,8 +23,7 @@ on:
         type: string
       registry:
         description: 'Docker registry to push to'
-        required: false
-        default: 'docker.io'
+        required: true
         type: string
       image:
         description: 'Name of the image'
@@ -76,13 +75,6 @@ jobs:
       - uses: actions/checkout@v4
         with:
           fetch-depth: 0
-
-      # docker is not installed on MacOS - https://github.com/actions/runner-images/issues/2150 
-      - name: Setup docker (missing on MacOS)
-        if: runner.os == 'macos'
-        run: |
-          brew install docker colima
-          colima start
 
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v3
@@ -124,5 +116,5 @@ jobs:
             commit=${{ github.sha }}
             build_date=${{ steps.build_tag_generator.outputs.BUILD_DATE }}
             tag=${{ steps.build_tag_generator.outputs.BUILD_TAG }}
-          cache-from: type=registry,ref=${{ env.IMAGE_LC }}:buildcache
-          cache-to: type=registry,ref=${{ env.IMAGE_LC }}:buildcache,mode=max
+          cache-from: type=gha,ref=${{ env.IMAGE_LC }}:buildcache
+          cache-to: type=gha,mode=max,ref=${{ env.IMAGE_LC }}:buildcache
diff --git a/.github/workflows/build-images.yaml → .github/actions/cross-build-images.yaml b/.github/workflows/build-images.yaml → .github/actions/cross-build-images.yaml
@@ -1,4 +1,4 @@
-name: Build core and operator images
+name: Cross build paladin and operator images
 
 on:
   workflow_call:
@@ -24,7 +24,7 @@ on:
 
 jobs:
   core-macos:
-    uses: ./.github/workflows/build-image-job.yaml
+    uses: ./.github/actions/build-image.yaml
     with:
       dockerfile: ./Dockerfile
       registry: ${{ inputs.registry }}
@@ -38,7 +38,7 @@ jobs:
       password: ${{ secrets.password }}
 
   core-ubuntu:
-    uses: ./.github/workflows/build-image-job.yaml
+    uses: ./.github/actions/build-image.yaml
     with:
       dockerfile: ./Dockerfile
       registry: ${{ inputs.registry }}
@@ -52,7 +52,7 @@ jobs:
       password: ${{ secrets.password }}
 
   operator:
-    uses: ./.github/workflows/build-image-job.yaml
+    uses: ./.github/actions/build-image.yaml
     with:
       dockerfile: ./operator/Dockerfile
       registry: ${{ inputs.registry }}

diff --git a/.github/workflows/docs.yaml b/.github/workflows/docs.yaml
@@ -14,6 +14,8 @@ on:
 jobs:
   build:
     runs-on: ubuntu-latest
+    env:
+      LATEST_TAG: ""
     permissions:
       contents: write
     steps:

diff --git a/.github/workflows/paladin-PR-build.yml b/.github/workflows/paladin-PR-build.yml
@@ -1,4 +1,4 @@
-name: Paladin CI build
+name: Paladin Core Build
 
 on:
   push:
@@ -50,54 +50,43 @@ jobs:
         run: ./gradlew -PcomposeLogs=true -PverboseTests=true --no-daemon --parallel --max-workers=5 build
 
   image-build:
+    # run only on PRs
+    if: github.event_name == 'pull_request'
     runs-on: ubuntu-latest
     env:
-      IMAGE_REGISTRY: kaleido.io  # just a placeholder
-      IMAGE_NAME: paladin
-      IMAGE_TAG: test  # just a placeholder, we should replace this with the workflow run number
-      BUILD_PLATFORM: linux/amd64
+      IMAGE: paladin
+      REGISTRY: paladin.io
+      IMAGE_TAG: ${{ github.sha }}
     steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-          submodules: recursive
+    - name: build image
+      uses: ./.github/actions/build-image.yaml
+      with:
+        dockerfile: ./Dockerfile
+        registry: ${{ env.REGISTRY }}
+        image: ${{ env.IMAGE }}
+        image_tag: ${{ env.IMAGE_TAG }}
+        push: false
+        platforms: linux/amd64
+        runs-on: ubuntu-latest
+    - name: Save Docker image as artifact
+      run: docker save ${{ env.REGISTRY }}/${{ env.IMAGE }} -o paladin-image.tar
 
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
+    # This will allow using the image in other jobs
+    - name: Upload Docker image artifact
+      uses: actions/upload-artifact@v4
+      with:
+        name: paladin-image
+        path: paladin-image.tar
 
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
-
-    # TODO: Setup docker registry
-    #   - name: Login to Docker registry
-    #     if: ${{ env.IMAGE_REGISTRY != '' }}
-    #     uses: docker/login-action@v3
-    #     with:
-    #       registry: ${{ env.IMAGE_REGISTRY }}
-    #       username: ${{ secrets.REGISTRY_USERNAME }}
-    #       password: ${{ secrets.REGISTRY_PASSWORD }}
-
-      - name: Build
-        uses: docker/build-push-action@v3
-        with:
-          sbom: true
-          file: Dockerfile
-          tags: ${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }}
-          platforms: ${{ env.BUILD_PLATFORM }}
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
-          push: false
-
-      # TODO: Run a basic test to make sure the image was built correctly
-      # This is just a placeholder, we should replace this with a real test
-      # - name: Test the image
-      #   run: |
-      #     docker run -d -p <>:<> --name paladin-test \
-      #     -v <path to config file on host>:<path to config file> \
-      #     ${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }} \
-      #     -Djna.library.path=/app \
-      #     -jar paladin.jar <path to config file> <node name>
-      #     sleep 5
-      #     docker logs paladin-test | grep 'Started PaladinApplication' && echo 'Test passed' || echo 'Test failed'
-      #   timeout-minutes: 5
-
+  image-release:
+    # run only on pushes to main
+    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
+    uses: ./.github/actions/cross-build-images.yaml
+    with:
+      registry: ghcr.io
+      repository: ${{ github.repository_owner }}
+      image_tag: ${{ github.ref_name }}
+    secrets:
+      username: ${{ github.actor }}
+      password: ${{ secrets.GITHUB_TOKEN }}
+
diff --git a/.github/workflows/release-images.yaml b/.github/workflows/release-images.yaml
@@ -1,4 +1,4 @@
-name: Release Image
+name: Release
 
 on:
   release:
@@ -9,6 +9,7 @@ jobs:
     runs-on: ubuntu-latest
     env:
       LATEST_TAG: ""
+      TAGS: ${{ github.ref_name }}
     steps:
     - name: Get the latest tag
       run: |
@@ -17,10 +18,6 @@ jobs:
         echo "latest tag: $latest_tag"
         echo "LATEST_TAG=$latest_tag" >> $GITHUB_ENV
 
-    - name: Set release tag
-      run: |
-        echo "TAGS=${{ github.ref_name }}" >> $GITHUB_ENV
-
     - name: Set latest tag
       if: github.event.action == 'released' && github.ref_name == env.LATEST_TAG
       run: |
@@ -41,7 +38,7 @@ jobs:
       run: |
         echo "TAGS=${{ env.TAGS }},rc" >> $GITHUB_ENV
   push-to-dockerhub:
-    uses: ./.github/workflows/build-images.yaml
+    uses: ./.github/actions/cross-build-images.yaml
     needs: image-tags
     with:
       registry: docker.io
@@ -52,7 +49,7 @@ jobs:
       username: ${{ secrets.DOCKERHUB_USERNAME }}
       password: ${{ secrets.DOCKERHUB_TOKEN }}
   push-to-ghcr:
-    uses: ./.github/workflows/build-images.yaml
+    uses: ./.github/actions/cross-build-images.yaml
     needs: image-tags
     with:
       registry: ghcr.io

diff --git a/.github/workflows/trigger-image-build.yaml b/.github/workflows/trigger-image-build.yaml