Merge pull request #295 from felddy/improvement/workflows-v2

Update to use new reusable workflows
felddy · Jan 20, 2024 · 9faa664 · 9faa664
2 parents ccbad79 + b3986c9
commit 9faa664
Show file tree

Hide file tree

Showing 2 changed files with 36 additions and 59 deletions.
diff --git a/.github/workflows/_config.yml b/.github/workflows/_config.yml
@@ -20,56 +20,25 @@ on:
       data_artifact_path:
         description: "The path to include in the test data artifact"
         value: data
-      image_archive_artifact_name:
+      image_artifact_name_stem:
         description: "The name of the image archives artifact"
-        value: image-archives
+        value: image-archive
       platforms:
         description: "The platforms to build (CSV)"
         value: ${{ inputs.platforms }}
       platforms_json:
         description: "The platforms to build (JSON)"
-        value: ${{ jobs.csv-to-json.outputs.platforms_json }}
+        value: ${{ jobs.csv-to-json.outputs.json }}
+      sbom_artifact_name_stem:
+        description: "The stem name for sbom artifacts"
+        value: sbom
       test_platform:
         description: "The platform to use for testing"
         value: linux/amd64
 
 jobs:
-  diagnostics:
-    name: "Diagnostics"
-    runs-on: ubuntu-latest
-    steps:
-      - name: Harden Runner
-        uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895  # tag=v2.6.1
-        with:
-          egress-policy: block
-          allowed-endpoints: >
-            azure.archive.ubuntu.com:443
-            azure.archive.ubuntu.com:80
-            packages.microsoft.com:443
-            www.githubstatus.com:443
-
-      - name: Check GitHub Status
-        uses: crazy-max/ghaction-github-status@df4d23a4977438215339cf0fafceda8d9af8a0e5  # tag=v4.0.0
-        with:
-          overall_threshold: major
-          packages_threshold: major_outage
-
-      - name: Dump context
-        uses: crazy-max/ghaction-dump-context@8b55fa205ab4530d36f787a4de1009afaaa7f3b4  # tag=v2.1.0
-
   csv-to-json:
-    name: "Convert platforms CSV to JSON"
-    runs-on: ubuntu-latest
-    outputs:
-      platforms_json: ${{ steps.csv-to-json.outputs.platforms_json }}
-    steps:
-      - name: Harden Runner
-        uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895  # tag=v2.6.1
-        with:
-          egress-policy: block
-          allowed-endpoints: >
-
-      - name: Convert CSV to JSON
-        id: csv-to-json
-        run: |
-          echo "platforms_json=$(echo -n ${{ inputs.platforms }} | jq --raw-input --compact-output 'split(",")')" >> $GITHUB_OUTPUT
+    name: "Convert CSV to JSON"
+    uses: felddy/reusable-workflows/.github/workflows/csv-to-json.yml@v2
+    with:
+      csv: ${{ inputs.platforms }}
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -23,14 +23,18 @@ permissions:
   contents: read
 
 jobs:
+  diagnostics:
+    name: "Diagnostics"
+    uses: felddy/reusable-workflows/.github/workflows/diagnostics.yml@v2
+
   config:
     name: "Config"
     uses: ./.github/workflows/_config.yml
 
   metadata:
     name: "Metadata"
     needs: [config]
-    uses: felddy/reusable-workflows/.github/workflows/docker-metadata.yml@develop
+    uses: felddy/reusable-workflows/.github/workflows/docker-metadata.yml@v2
     with:
       image_name: ${{ needs.config.outputs.image_name }}
 
@@ -54,17 +58,17 @@ jobs:
   lint:
     name: "Lint"
     needs: [config]
-    uses: felddy/reusable-workflows/.github/workflows/common-lint.yml@develop
+    uses: felddy/reusable-workflows/.github/workflows/common-lint.yml@v2
 
-  build-normal-test-image:
-    name: "Build normal test image"
+  build-test-image:
+    name: "Build test image"
     needs:
       - config
       - lint
       - metadata
-    uses: felddy/reusable-workflows/.github/workflows/docker-build-image.yml@develop
+    uses: felddy/reusable-workflows/.github/workflows/docker-build-image.yml@v2
     with:
-      artifact_name: ${{ needs.config.outputs.image_archive_artifact_name }}
+      artifact_name: ${{ needs.config.outputs.image_artifact_name_stem }}-${{ needs.config.outputs.test_platform }}
       build_arg_1_name: VERSION
       cache_from_scopes: ${{ needs.config.outputs.test_platform }}
       cache_to_scope: ${{ needs.config.outputs.test_platform }}
@@ -75,16 +79,16 @@ jobs:
       build_arg_1_value: ${{ needs.metadata.outputs.source_version }}
 
   test-normal-image:
-    name: "Test normal image"
+    name: "Test image"
     needs:
-      - build-normal-test-image
+      - build-test-image
       - config
-    uses: felddy/reusable-workflows/.github/workflows/docker-pytest-image.yml@develop
+    uses: felddy/reusable-workflows/.github/workflows/docker-pytest-image.yml@v2
     with:
       data_artifact_name: ${{ needs.config.outputs.data_artifact_name }}
       data_artifact_path: ${{ needs.config.outputs.data_artifact_path }}
-      image_artifact_name: ${{ needs.config.outputs.image_archive_artifact_name }}
-      image_archive_name: ${{ needs.build-normal-test-image.outputs.image_archive_name }}
+      image_artifact_name: ${{ needs.build-test-image.outputs.artifact_name }}
+      image_archive_name: ${{ needs.build-test-image.outputs.image_archive_name }}
 
   build-each-platform:
     name: "Build platform"
@@ -99,9 +103,9 @@ jobs:
         platform: ${{ fromJson(needs.config.outputs.platforms_json) }}
         exclude:
           - platform: ${{ needs.config.outputs.test_platform }}
-    uses: felddy/reusable-workflows/.github/workflows/docker-build-image.yml@develop
+    uses: felddy/reusable-workflows/.github/workflows/docker-build-image.yml@v2
     with:
-      artifact_name: ${{ needs.config.outputs.image_archive_artifact_name }}
+      artifact_name: ${{ needs.config.outputs.image_artifact_name_stem }}-${{ matrix.platform }}
       build_arg_1_name: VERSION
       cache_from_scopes: ${{ matrix.platform }}
       cache_to_scope: ${{ matrix.platform }}
@@ -118,9 +122,13 @@ jobs:
       - config
     permissions:
       contents: write
-    uses: felddy/reusable-workflows/.github/workflows/sbom-artifact.yml@develop
+    strategy:
+      matrix:
+        platform: ${{ fromJson(needs.config.outputs.platforms_json) }}
+    uses: felddy/reusable-workflows/.github/workflows/sbom-artifact.yml@v2
     with:
-      image_artifact_name: ${{ needs.config.outputs.image_archive_artifact_name }}
+      image_artifact_name: ${{ needs.config.outputs.image_artifact_name_stem }}-${{ matrix.platform }}
+      sbom_artifact_name: ${{ needs.config.outputs.sbom_artifact_name_stem }}-${{ matrix.platform }}
 
   build-multi-arch-image:
     name: "Publish image"
@@ -132,9 +140,9 @@ jobs:
     if: github.event_name != 'pull_request'
     permissions:
       packages: write
-    uses: felddy/reusable-workflows/.github/workflows/docker-multi-arch-push.yml@develop
+    uses: felddy/reusable-workflows/.github/workflows/docker-multi-arch-push.yml@v2
     with:
-      artifact_name: ${{ needs.config.outputs.image_archive_artifact_name }}
+      artifact_name_pattern: ${{ needs.config.outputs.image_artifact_name_stem }}-*
       image_tags: ${{ needs.metadata.outputs.image_tags }}
     secrets:
       docker_password: ${{ secrets.DOCKER_PASSWORD }}
@@ -148,7 +156,7 @@ jobs:
       - docker-secrets
       - metadata
     if: needs.metadata.outputs.latest == 'true'
-    uses: felddy/reusable-workflows/.github/workflows/docker-publish-description.yml@develop
+    uses: felddy/reusable-workflows/.github/workflows/docker-publish-description.yml@v2
     with:
       image_name: ${{ needs.config.outputs.image_name }}
     secrets: