diff --git a/.github/workflows/multi-container-test.yaml b/.github/workflows/multi-container-test.yaml new file mode 100644 index 00000000..4865ae7c --- /dev/null +++ b/.github/workflows/multi-container-test.yaml @@ -0,0 +1,92 @@ +name: Build multiple containers + +on: + pull_request: + # Ignore PRs on branches specifically intended for other assets + branches-ignore: + - '*/trino-container*' + - '*/fizzbuzz-chart*' + - '*/fizzbuzz-crds-chart*' + # Only consider PRs that change files for this asset, including ci scripts + paths: + - '.github/workflows/flake8.yaml' + - '.github/workflows/multi-container-test.yaml' + - 'containers/controller/**' + - 'containers/trino/**' + # Make sure all workflows that are "required checks" for a given + # branch protection rule have the same paths: and branches-ignore: + # filters. Otherwise, you can end up in a deadlock waiting on a + # required check that will never be executed. + push: + # Only release off of release and maintenance branches for this asset + branches: + - 'maintenance/controller-container/[0-9]+.x.x' + - 'maintenance/controller-container/[0-9]+.[0-9]+.x' + - 'main' + # Only consider pushes that change files for this asset, including ci scripts + paths: + - '.github/workflows/multi-container-test.yaml' + - 'containers/controller/**' + - 'containers/trino/**' + +permissions: + contents: write + pull-requests: write + actions: read + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + # Cancel early on pull requests if new commits are added, + # Don't cancel on release pushes + cancel-in-progress: ${{ github.event_name == 'pull_request' }} + +jobs: + # Job name must be unique across repo to target + # branch protection rules "required checks" properly! + setup-release: + uses: SwanseaUniversityMedical/workflows/.github/workflows/pr-and-release-repo.yaml@feat/allow-for-functionality-to-support-releasing-multiple-assets-bundled-with-the-same-tag + with: + job-name: setup-release + release-tag-format: 'v${version}-bulk-release-test' + + controller-container: + needs: setup-release + uses: SwanseaUniversityMedical/workflows/.github/workflows/bulk-pr-and-release-container.yaml@feat/allow-for-functionality-to-support-releasing-multiple-assets-bundled-with-the-same-tag + with: + job-name: controller-container + comment-pr: "true" + comment-release: "true" + registry: ${{ vars.HARBOR_REGISTRY }} + registry-user: ${{ vars.HARBOR_USER }} + registry-repo: ${{ vars.HARBOR_PROJECT }}/controller + release-tag-format: 'v${version}-controller-container' + release-info: ${{ needs.setup-release.outputs.release-info }} + cosign-public-key: ${{ vars.COSIGN_PUBLIC_KEY }} + build-file: containers/controller/Dockerfile + build-context: containers/controller + secrets: + cosign-private-key: ${{ secrets.COSIGN_PRIVATE_KEY }} + cosign-password: ${{ secrets.COSIGN_PASSWORD }} + registry-token: ${{ secrets.HARBOR_TOKEN }} + + trino-container: + needs: setup-release + uses: SwanseaUniversityMedical/workflows/.github/workflows/bulk-pr-and-release-container.yaml@feat/allow-for-functionality-to-support-releasing-multiple-assets-bundled-with-the-same-tag + with: + job-name: trino-container + comment-pr: "true" + comment-release: "true" + registry: ${{ vars.HARBOR_REGISTRY }} + registry-user: ${{ vars.HARBOR_USER }} + registry-repo: ${{ vars.HARBOR_PROJECT }}/trino + release-tag-format: 'v${version}-trino-container' + registry-extra-tag-command: >- + cat containers/trino/Dockerfile | grep -m 1 "ARG BASE_VERSION=" | cut -d "=" -f 2 + release-info: ${{ needs.setup-release.outputs.release-info }} + cosign-public-key: ${{ vars.COSIGN_PUBLIC_KEY }} + build-file: containers/trino/Dockerfile + build-context: containers/trino + secrets: + cosign-private-key: ${{ secrets.COSIGN_PRIVATE_KEY }} + cosign-password: ${{ secrets.COSIGN_PASSWORD }} + registry-token: ${{ secrets.HARBOR_TOKEN }}