From 4663ec263cb970cf36233711f002c16e8e59cc3b Mon Sep 17 00:00:00 2001
From: digorgonzola <29941279+digorgonzola@users.noreply.github.com>
Date: Fri, 13 Oct 2023 14:59:36 +1100
Subject: [PATCH] add default github workflows for building docker images

---
 .github/workflows/release.yml | 67 +++++++++++++++++++++++++++++++++
 .github/workflows/test.yml    | 70 +++++++++++++++++++++++++++++++++++
 2 files changed, 137 insertions(+)
 create mode 100644 .github/workflows/release.yml
 create mode 100644 .github/workflows/test.yml

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
new file mode 100644
index 0000000..2b87445
--- /dev/null
+++ b/.github/workflows/release.yml
@@ -0,0 +1,67 @@
+name: release
+
+on:
+  release:
+      types:
+        - published
+
+env:
+  AWS_REGION: ap-northeast-1
+  TAG: ${{ github.event.release.tag_name }}
+
+permissions:
+  id-token: write   # This is required for requesting the JWT
+  contents: read    # This is required for actions/checkout
+
+jobs:
+  build_test_push:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Set up docker structure test
+        run: >
+          curl -LO
+          https://storage.googleapis.com/container-structure-test/latest/container-structure-test-linux-amd64
+          && chmod +x container-structure-test-linux-amd64 && sudo mv container-structure-test-linux-amd64
+          /usr/local/bin/container-structure-test
+
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          audience: sts.amazonaws.com
+          aws-region: ${{ env.AWS_REGION }}
+          role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
+
+      - name: Login to ECR
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ vars.ECR_REGISTRY }}
+
+      - name: Build
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          load: true
+          tags: ${{ env.TAG }}
+
+      - name: Test
+        run: |
+          container-structure-test test --image ${{ env.TAG }} --config tests/config.yaml
+
+      - name: Build and push
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: |
+            ${{ vars.ECR_REGISTRY }}/${{ vars.ECR_REPOSITORY }}:${{ env.TAG }}
+            ${{ vars.ECR_REGISTRY }}/${{ vars.ECR_REPOSITORY }}:latest
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
new file mode 100644
index 0000000..d6b8b38
--- /dev/null
+++ b/.github/workflows/test.yml
@@ -0,0 +1,70 @@
+name: build and test
+
+on:
+  pull_request:
+    branches:
+      - "main"
+
+env:
+  AWS_REGION: ap-northeast-1
+  TAG_PREFIX: test
+
+permissions:
+  id-token: write   # This is required for requesting the JWT
+  contents: read    # This is required for actions/checkout
+
+jobs:
+  build_test_push:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: set tag
+        run: |
+          BRANCH_NAME=${{ github.head_ref || github.ref_name }}
+          echo TAG=${{ env.TAG_PREFIX}}-${BRANCH_NAME/\//_} >> $GITHUB_ENV
+
+      - name: Set up docker structure test
+        run: >
+          curl -LO
+          https://storage.googleapis.com/container-structure-test/latest/container-structure-test-linux-amd64
+          && chmod +x container-structure-test-linux-amd64 && sudo mv container-structure-test-linux-amd64
+          /usr/local/bin/container-structure-test
+
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          audience: sts.amazonaws.com
+          aws-region: ${{ env.AWS_REGION }}
+          role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
+
+      - name: Login to ECR
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ vars.ECR_REGISTRY }}
+
+      - name: Build
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          load: true
+          tags: ${{ env.TAG }}
+
+      - name: Test
+        run: |
+          container-structure-test test --image ${{ env.TAG }} --config tests/config.yaml
+
+      - name: Build and push
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: ${{ vars.ECR_REGISTRY }}/${{ vars.ECR_REPOSITORY }}:${{ env.TAG }}