diff --git a/.github/resources/goomy.png b/.github/resources/goomy.png deleted file mode 100644 index 5f4d86f..0000000 Binary files a/.github/resources/goomy.png and /dev/null differ diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml new file mode 100644 index 0000000..3e87be5 --- /dev/null +++ b/.github/workflows/docker-build.yml @@ -0,0 +1,58 @@ +name: Docker + +# Trigger on pushes to master branch, new semantic version tags, and pull request updates +on: + workflow_dispatch: + inputs: + tag: + description: Git branch, or tag to build from. + required: false + target: + description: Target to build. + required: false + type: choice + options: + - spamooor + + merge_group: + push: + branches: + - "main" + tags: + - "**-v[0-9]+.[0-9]+.[0-9]+" + - "**-v[0-9]+.[0-9]+.[0-9]+-alpha.[0-9]+" + - "**-v[0-9]+.[0-9]+.[0-9]+-beta.[0-9]+" + - "**-v[0-9]+.[0-9]+.[0-9]+-rc[0-9]+" + + pull_request: + types: + - opened + - synchronize + - reopened + - labeled + +jobs: + run_checker: + uses: ./.github/workflows/reusable-run-checker.yml + + spamooor: + needs: run_checker + if: needs.run_checker.outputs.run_docker == 'true' || (github.event_name == 'workflow_dispatch' && github.event.inputs.target == 'spamooor') + uses: "./.github/workflows/reusable-docker-build.yml" + permissions: + contents: read + id-token: write + packages: write + with: + depot-project-id: mhgvgvsjnx + package-name: spamooor + target-binary: astria-spamooor + tag: ${{ inputs.tag }} + secrets: inherit + + docker: + if: ${{ always() && !cancelled() }} + needs: [spamooor] + uses: ./.github/workflows/reusable-success.yml + with: + success: ${{ !contains(needs.*.result, 'failure') }} diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml new file mode 100644 index 0000000..797720c --- /dev/null +++ b/.github/workflows/lint.yml @@ -0,0 +1,46 @@ +name: Lint +on: + pull_request: + merge_group: + push: + branches: + - "main" + +jobs: + run_checker: + uses: ./.github/workflows/reusable-run-checker.yml + + charts: + runs-on: ubuntu-latest + needs: run_checker + if: needs.run_checker.outputs.run_lint_charts == 'true' + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: Set up Helm + uses: azure/setup-helm@v4 + - uses: actions/setup-python@v5 + with: + python-version: '3.9' + check-latest: true + - name: Set up chart-testing + uses: helm/chart-testing-action@v2.6.1 + - name: Run chart-testing (list-changed) + id: list-changed + run: | + changed=$(ct list-changed --target-branch ${{ github.event.repository.default_branch }}) + if [[ -n "$changed" ]]; then + echo "changed=true" >> "$GITHUB_OUTPUT" + fi + - name: Run chart-testing (lint) + if: steps.list-changed.outputs.changed == 'true' + run: ct lint --target-branch ${{ github.event.repository.default_branch }} + + lint: + needs: [charts] + if: ${{ always() && !cancelled() }} + uses: ./.github/workflows/reusable-success.yml + with: + success: ${{ !contains(needs.*.result, 'failure') }} diff --git a/.github/workflows/reusable-docker-build.yml b/.github/workflows/reusable-docker-build.yml new file mode 100644 index 0000000..4afbd6c --- /dev/null +++ b/.github/workflows/reusable-docker-build.yml @@ -0,0 +1,101 @@ +name: Reusable Docker Build && Push Workflow + +on: + workflow_call: + inputs: + # depot-project-id: + # required: true + # type: string + package-name: + required: true + type: string + target-binary: + required: true + type: string + tag: + required: false + type: string + secrets: + DOCKER_TOKEN: + required: false + DOCKER_USER: + required: false +env: + REGISTRY: ghcr.io + FULL_REF: ${{ inputs.tag && format('refs/tags/{0}', inputs.tag) || github.ref }} + +jobs: + build-and-push: + runs-on: ubuntu-latest + permissions: + contents: read + id-token: write + packages: write + if: startsWith(inputs.tag, inputs.package-name) || !inputs.tag && (startsWith(github.ref, format('refs/tags/{0}-v', inputs.package-name)) || github.ref == 'refs/heads/main' || github.event_name == 'pull_request' || github.event_name == 'merge_group') + steps: + # Checking out the repo + - uses: actions/checkout@v4 + with: + ref: ${{ inputs.tag }} + # - uses: depot/setup-action@v1 + - name: Login to Docker Hub + if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == 'astriaorg/spamooor' + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKER_USER }} + password: ${{ secrets.DOCKER_TOKEN }} + - name: Log in to GHCR + uses: docker/login-action@v2 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + - name: Set up Docker Buildx + id: buildx + uses: docker/setup-buildx-action@v2 + # Generate correct tabs and labels + - name: Docker metadata + id: metadata + uses: docker/metadata-action@v4 + with: + images: ${{ format('ghcr.io/astriaorg/{0}', inputs.package-name) }} + tags: | + type=ref,event=pr + type=match,pattern=refs/tags/${{ inputs.package-name }}-v(.*),group=1,enable=${{ startsWith(env.FULL_REF, 'refs/tags/') }},value=${{ env.FULL_REF }} + type=sha + # set latest tag for `main` branch + type=raw,value=latest,enable=${{ env.FULL_REF == format('refs/heads/{0}', 'main') }} + - name: Build and push + uses: docker/build-push-action@v4 + with: + # this gets rid of the unknown/unknown image that is created without this setting + # https://github.com/docker/build-push-action/issues/820#issuecomment-1455687416 + provenance: false + context: . + file: Dockerfile + build-args: | + TARGETBINARY=${{ inputs.target-binary }} + platforms: 'linux/amd64,linux/arm64' + push: ${{ github.repository_owner == 'astriaorg'}} + tags: ${{ steps.metadata.outputs.tags }} + labels: ${{ steps.metadata.outputs.labels }} + # - name: Build and push (Depot) + # uses: depot/build-push-action@v1 + # with: + # # this gets rid of the unknown/unknown image that is created without this setting + # # https://github.com/docker/build-push-action/issues/820#issuecomment-1455687416 + # provenance: false + # context: . + # file: containerfiles/Dockerfile + # build-args: | + # TARGETBINARY=${{ inputs.target-binary }} + # platforms: "linux/amd64,linux/arm64" + # push: ${{ github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == 'astriaorg/spamooor' }} + # tags: ${{ steps.metadata.outputs.tags }} + # labels: ${{ steps.metadata.outputs.labels }} + # project: ${{ inputs.depot-project-id }} + + + \ No newline at end of file diff --git a/.github/workflows/reusable-run-checker.yml b/.github/workflows/reusable-run-checker.yml new file mode 100644 index 0000000..b4a9eb2 --- /dev/null +++ b/.github/workflows/reusable-run-checker.yml @@ -0,0 +1,38 @@ +name: Reusable Run Checker Workflow + +on: + workflow_call: + outputs: + run_docker: + description: If docker workflow needs to be run, will be 'true' + value: ${{ github.event_name != 'pull_request' || jobs.changes.outputs.docker_workflow == 'true' || contains(github.event.pull_request.labels.*.name, 'docker-build') }} + run_lint_charts: + description: If lint for charts needs to be run, will be 'true' + value: ${{ github.event_name != 'pull_request' || jobs.changes.outputs.lint_workflow == 'true' || jobs.changes.outputs.charts == 'true' }} + +jobs: + changes: + runs-on: ubuntu-latest + permissions: + pull-requests: read + outputs: + docker_workflow: ${{ steps.filters.outputs.docker_workflow }} + lint_workflow: ${{ steps.filters.outputs.lint_workflow }} + charts: ${{ steps.filters.outputs.charts }} + steps: + - uses: actions/checkout@v4 + - uses: dorny/paths-filter@v3 + id: filters + with: + list-files: json + filters: | + docker_workflow: + - '.github/workflows/docker-build.yml' + - '.github/workflows/reusable-docker-build.yml' + - '.dockerignore' + lint_workflow: + - '.github/workflows/lint.yml' + markdown: + - '**/*.md' + charts: + - 'charts/**' diff --git a/.github/workflows/reusable-success.yml b/.github/workflows/reusable-success.yml new file mode 100644 index 0000000..e2c198e --- /dev/null +++ b/.github/workflows/reusable-success.yml @@ -0,0 +1,18 @@ +name: Reusable Success Check + +on: + workflow_call: + inputs: + success: + required: true + type: boolean + +jobs: + success: + runs-on: ubuntu-latest + if: ${{ always() && !cancelled() }} + steps: + - if: ${{ !inputs.success }} + run: exit 1 + - if: ${{ inputs.success }} + run: exit 0 diff --git a/charts/spamoor-cronjobs/Chart.yaml b/charts/spamoor-cronjobs/Chart.yaml index 6617cfe..7ca69ac 100644 --- a/charts/spamoor-cronjobs/Chart.yaml +++ b/charts/spamoor-cronjobs/Chart.yaml @@ -4,3 +4,11 @@ description: A Helm chart for Kubernetes name: spamoor-cronjobs type: application version: 0.1.0 + +maintainers: + - name: bharath-123 + url: astria.org + - name: aajimal + url: astria.org + - name: joroshiba + url: astria.org