APIGOV-27565 - refactor

Axway · May 10, 2024 · 293b85c · 293b85c
1 parent 90d154b
commit 293b85c
Show file tree

Hide file tree

Showing 8 changed files with 162 additions and 142 deletions.
diff --git a/.github/workflows/test-and-build.yml → .github/workflows/build-agents.yml b/.github/workflows/test-and-build.yml → .github/workflows/build-agents.yml
@@ -1,40 +1,32 @@
-name: Build Kong Agents
+name: Build agents
 on:
   push:
-    branches: [main, "APIGOV-*"]
+    branches: [main, "*"]
 
 jobs:
-  test:
-    env:
-      GOFLAGS: "-mod=mod"
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - name: Set up Go
-        uses: actions/setup-go@v5
-        with:
-          go-version: 1.21
-      - name: Test
-        working-directory: .
-        run: |
-          make test
+  testAgents:
+    uses: ./.github/workflows/run-tests.yml
 
-  build:
+  buildAgents:
+    needs: testAgents
     env:
       GOFLAGS: "-mod=mod"
       VERSION: ${{ github.ref_name }}
       COMMIT_ID: ${{ github.sha }}
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
+
       - name: Set up Go
         uses: actions/setup-go@v5
         with:
           go-version: 1.21
+
       - name: Build discovery agent
         working-directory: .
         run: |
           make build-da
+      
       - name: Build traceability agent
         working-directory: .
         run: |

diff --git a/.github/workflows/build-discovery-agent-docker.yml b/.github/workflows/build-discovery-agent-docker.yml
diff --git a/.github/workflows/build-docker-images.yml b/.github/workflows/build-docker-images.yml
@@ -0,0 +1,121 @@
+# build the docker images when a tag is created
+name: Build docker images
+
+on:
+  push:
+    tags:
+      - "*"
+
+jobs:
+  testAgents:
+    uses: ./.github/workflows/run-tests.yml
+
+  buildDiscoveryAgentDocker:
+    needs: testAgents
+    env:
+      GOFLAGS: "-mod=mod"
+      IMAGE_NAME: kong_discovery_agent
+      ORG_NAME: Axway
+      VERSION: ${{ github.ref_name }}
+      COMMIT_ID: ${{ github.sha }}
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set output
+        id: vars
+        run: |
+          echo "date=$(date +'%Y%m%d%H%M%S')" >> $GITHUB_OUTPUT
+          echo "tag=${GITHUB_REF#refs/*/}" >> $GITHUB_OUTPUT
+          echo "sdkversion=$(grep github.com/Axway/agent-sdk go.mod |  awk '{print $2}')" >> $GITHUB_OUTPUT
+          echo "commit=$(git rev-parse --short ${{ github.sha }})" >> $GITHUB_OUTPUT
+      
+      - name: Log in to the Container registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          flavor: latest=false
+          images: ghcr.io/${{ env.ORG_NAME }}/${{ env.IMAGE_NAME }}
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: build/discovery/Dockerfile
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          build-args: |
+            time=${{ steps.vars.outputs.date }}
+            CGO_ENABLED=0
+            version=${{ steps.vars.outputs.tag }}
+            sdk_version=${{ steps.vars.outputs.sdkversion }}
+            commit_id=${{ steps.vars.outputs.commit }}
+
+  buildTraceabilityAgentDocker:
+    needs: testAgents
+    env:
+        GOFLAGS: "-mod=mod"
+        IMAGE_NAME: kong_traceability_agent
+        ORG_NAME: Axway
+        VERSION: ${{ github.ref_name }}
+        COMMIT_ID: ${{ github.sha }}
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Log in to the Container registry
+        uses: docker/login-action@v3
+        with:
+            registry: ghcr.io
+            username: ${{ github.actor }}
+            password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Set outputs
+        id: vars
+        run: |
+          echo "date=$(date +'%Y%m%d%H%M%S')" >> $GITHUB_OUTPUT
+          echo "tag=${GITHUB_REF#refs/*/}" >> $GITHUB_OUTPUT
+          echo "sdkversion=$(grep github.com/Axway/agent-sdk go.mod |  awk '{print $2}')" >> $GITHUB_OUTPUT
+          echo "commit=$(git rev-parse --short ${{ github.sha }})" >> $GITHUB_OUTPUT
+      
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          flavor: latest=false
+          images: ghcr.io/${{ env.ORG_NAME }}/${{ env.IMAGE_NAME }}
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: build/traceability/Dockerfile
+          push: true
+          build-args: |
+            time=${{ steps.vars.outputs.date }}
+            CGO_ENABLED=0
+            version=${{ steps.vars.outputs.tag }}
+            sdk_version=${{ steps.vars.outputs.sdkversion }}
+            commit_id=${{ steps.vars.outputs.commit }}
+            tags: ${{ steps.meta.outputs.tags }}
+            labels: ${{ steps.meta.outputs.labels }}
+
+  notifyTeamsChannel:
+    runs-on: ubuntu-latest
+    needs: [buildDiscoveryAgentDocker, buildTraceabilityAgentDocker]
+    steps:
+      - uses: actions/checkout@v4
+      - name: Notify Teams channel
+        env:
+          TEAMS_WEBHOOK_URL: ${{ secrets.TEAMS_WEBHOOK_URL }}
+          TAG: ${{ github.ref_name }}
+        run: ./release.sh
+
diff --git a/.github/workflows/build-traceability-agent-docker.yml b/.github/workflows/build-traceability-agent-docker.yml
diff --git a/.github/workflows/create-tag-for-release.yml b/.github/workflows/create-tag-for-release.yml
@@ -1,4 +1,4 @@
-# This action gets triggered by a closed PR on branch named 'APIGOV-UpdateSDK'
+# This action gets triggered by a closed PR
 name: Create tag for release
 
 on:
@@ -7,6 +7,7 @@ on:
       - closed
 
 jobs:
+  # only run this job if the merge name is "APIGOV-UpdateSDK", which comes from the automated release
   if_SDK_update_merged:
     if: github.event.pull_request.merged == true && startsWith(github.head_ref, 'APIGOV-UpdateSDK')
     runs-on: ubuntu-latest

diff --git a/.github/workflows/package-helm-chart.yml b/.github/workflows/package-helm-chart.yml
@@ -2,7 +2,7 @@ name: Kong Agents Helm
 on:
   push:
     tags:
-      - v*.*.*
+      - "*"
 
 jobs:
   helm-archive:
@@ -28,16 +28,3 @@ jobs:
           repo_token: ${{ secrets.GITHUB_TOKEN }}
           file: kong-agents.tgz
           tag: ${{ github.ref_name }}
-
-  notifyTeamsChannel:
-    needs: [helm-archive]
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Notify Teams channel
-        env:
-          TEAMS_WEBHOOK_URL: ${{ secrets.TEAMS_WEBHOOK_URL }}
-          TAG: ${{ github.ref_name }}
-        run: ./release.sh
-
diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml
@@ -0,0 +1,21 @@
+# This action is shared by workflows that want to run the unit tests
+name: Test the agents
+
+on:
+  workflow_call
+
+jobs:
+  test:
+    env:
+      GOFLAGS: "-mod=mod"
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: 1.21
+      - name: Test
+        working-directory: .
+        run: |
+          make test
diff --git a/build/traceability/Dockerfile b/build/traceability/Dockerfile
@@ -8,13 +8,12 @@ ARG sdk_version
 ARG time
 ARG CGO_ENABLED
 
-ENV GOFLAGS "-mod=mod"
-ENV GOWORK "off"
-
 RUN apk --no-cache update && \
   apk --no-cache add -U build-base
 
 ENV BASEPATH=/go/src/github.com/Axway/agents-kong
+ENV APP_USER axway
+
 RUN mkdir -p ${BASEPATH}
 WORKDIR ${BASEPATH}
 
@@ -36,13 +35,15 @@ RUN --mount=type=cache,target=/root/.cache/go-build \
   -a -o /traceability_agent ${BASEPATH}/pkg/traceability/main/agent.go
 
 # Create non-root user
-RUN addgroup -g 2500 axway && adduser -u 2500 -D -G axway axway
-RUN chown -R axway:axway /traceability_agent
-USER axway
+RUN addgroup -g 2500 ${APP_USER} && adduser -u 2500 -D -G ${APP_USER} ${APP_USER}
+RUN chown -R ${APP_USER}:${APP_USER} /traceability_agent
+USER ${APP_USER}
 
 # alpine 3.19 linux/amd64 
 FROM docker.io/alpine@sha256:13b7e62e8df80264dbb747995705a986aa530415763a6c58f84a3ca8af9a5bcd
 
+ENV APP_USER axway
+
 COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
 COPY --from=builder /etc/passwd /etc/passwd
 COPY --from=builder /traceability_agent /kong_traceability_agent
@@ -53,10 +54,7 @@ RUN mkdir /keys /logs && \
   apk --no-cache add openssl libssl3 libcrypto3 musl musl-utils libc6-compat busybox curl && \
   find / -perm /6000 -type f -exec chmod a-s {} \; || true
 
-USER axway
-
+USER ${APP_USER}
 VOLUME ["/keys", "/logs"]
-
 HEALTHCHECK --retries=1 CMD /kong_traceability_agent --status || exit 1
-
 ENTRYPOINT ["/kong_traceability_agent"]