Adding new GitHub Actions Workflows (#116)

* Add first attempt at new GHA workflows

* Make sure mmv is installed

* Extract more to re-usable workflows

Author: jonathanrainer

.github/workflows/build_docker_image.yml

@@ -0,0 +1,68 @@
+name: "Build Docker Image"
+
+on:
+  workflow_call:
+    inputs:
+      directory:
+        type: string
+        description: "The folder that contains the Dockerfile and all that's needed to build the image"
+        required: true
+      image_name:
+        type: string
+        description: "The name of the image to build"
+        required: true
+      image_registry:
+        type: string
+        description: "The registry the image should be pushed to"
+        required: true
+      description:
+        type: string
+        description: "A description of the image being built"
+        required: true
+      tags:
+        type: string
+        description: "A multi-line string that can be passed to the docker/metadata-action"
+        required: true
+      platforms:
+        type: string
+        description: "A comma separated list of the platforms to build for"
+        required: true
+
+jobs:
+  build_docker_image:
+    name: Build Docker Image (${{ inputs.image_name }})
+    runs-on: ubuntu-latest
+    steps:
+      - name: "Checkout repository"
+        uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@941183f0a080fa6be59a9e3d3f4108c19a528204
+      - name: Get Docker Metadata
+        id: meta
+        uses: docker/metadata-action@902fa8ec7d6ecbf8d84d538b9b233a880e428804
+        env:
+          DOCKER_METADATA_PR_HEAD_SHA: true
+        with:
+          images: ${{ inputs.image_registry }}/${{ inputs.image_name }}
+          tags: ${{ inputs.tags }}
+          labels: |
+            org.opencontainers.image.title=${{ inputs.image_name }}
+            org.opencontainers.image.description=${{ inputs.description }}
+            org.opencontainers.image.vendor=Apollo GraphQL
+            org.opencontainers.image.licenses=MIT
+          annotations: |
+            org.opencontainers.image.title=${{ inputs.image_name }}
+            org.opencontainers.image.description=${{ inputs.description }}
+            org.opencontainers.image.vendor=Apollo GraphQL
+            org.opencontainers.image.licenses=MIT
+      - name: Build and Push Docker image
+        id: push
+        uses: docker/build-push-action@67dc78bbaf388b3265f7e1c880e681f4b90d5f48
+        with:
+          context: ${{ inputs.directory }}
+          file: ${{ inputs.directory }}/Dockerfile
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          annotations: ${{ steps.meta.outputs.annotations }}
+          labels: ${{ steps.meta.outputs.labels }}
+          platforms: ${{ inputs.platforms }}

.github/workflows/docker_publish.yml

@@ -1,4 +1,4 @@
-name: Build & Publish Docker Images
+name: Build & Publish Changed Docker Images
 
 on:
   push:
@@ -19,7 +19,7 @@ jobs:
         uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2
       - name: "Calculate changed files directories"
         id: calculate_changed_files
-        uses: tj-actions/changed-files@5426ecc3f5c2b10effaefbd374f0abdc6a571b2f
+        uses: tj-actions/changed-files@c34c1c13a740b06851baff92ab9a653d93ad6ce7
         with:
           dir_names: true
           dir_names_exclude_current_dir: true
@@ -47,61 +47,38 @@ jobs:
       - name: Checkout repository
         uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2
       - name: Log in to the Container Registry
-        uses: docker/login-action@6d4b68b490aef8836e8fb5e50ee7b3bdfa5894f0
+        uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
       - name: Extract Details From config.yml
         id: extract_from_config_yaml
-        run: |
-          echo "desired_version=$(cat ${{ github.workspace }}/${{ matrix.changed_dir }}/config.yml | yq '.version')" >> "$GITHUB_OUTPUT"
-          echo "platforms=$(cat ${{ github.workspace }}/${{ matrix.changed_dir }}/config.yml | yq '.platforms | join(",")')" >> "$GITHUB_OUTPUT"
-          echo "description=$(cat ${{ github.workspace }}/${{ matrix.changed_dir }}/config.yml | yq '.description')" >> "$GITHUB_OUTPUT"
+        uses: ./.github/workflows/extract_details_from_config.yml
+        with:
+          config_yaml_path: ${{ github.workspace }}/${{ matrix.changed_dir }}/config.yaml
       - name: Check Image to Build Does Not Already Exist
         run: |
-          if docker manifest inspect ${{ env.NAMESPACED_REGISTRY }}/${{ matrix.changed_dir }}:${{ steps.extract_from_config_yaml.outputs.desired_version }} > /dev/null; then
-            echo "The tag "${{ env.NAMESPACED_REGISTRY }}/${{ matrix.changed_dir }}:${{ steps.extract_from_config_yaml.outputs.desired_version }}" already exists in the repository. Do you need to bump the version in the config.yml?"
+          if docker manifest inspect ${{ env.NAMESPACED_REGISTRY }}/${{ matrix.changed_dir }}:${{ steps.extract_from_config_yaml.outputs.current_version }} > /dev/null; then
+            echo "The tag "${{ env.NAMESPACED_REGISTRY }}/${{ matrix.changed_dir }}:${{ steps.extract_from_config_yaml.outputs.current_version }}" already exists in the repository. Do you need to bump the version in the config.yml?"
             exit 1
           fi
       - name: Calculate Version
         id: calculate_version
         run: |
-          VERSION=${{ github.event_name == 'pull_request' && format('{0}-PR{1}.{2}', steps.extract_from_config_yaml.outputs.desired_version, github.event.number, github.event.pull_request.head.sha) || steps.extract_from_config_yaml.outputs.desired_version}}
+          VERSION=${{ github.event_name == 'pull_request' && format('{0}-PR{1}.{2}', steps.extract_from_config_yaml.outputs.current_version, github.event.number, github.event.pull_request.head.sha) || steps.extract_from_config_yaml.outputs.current_version}}
           echo "version=$VERSION" >> "$GITHUB_OUTPUT"
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@e600775e527acba2317260cadb64b7e19efd5362
-      - name: Get Docker Metadata
-        id: meta
-        uses: docker/metadata-action@418e4b98bf2841bd337d0b24fe63cb36dc8afa55
-        env:
-          DOCKER_METADATA_PR_HEAD_SHA: true
+      - name: Build Docker Image (${{ matrix.changed_dir }})
+        uses: ./.github/workflows/build_docker_image.yml
         with:
-          images: ${{ env.NAMESPACED_REGISTRY }}/${{ matrix.changed_dir }}
+          description: ${{ steps.extract_from_config_yaml.outputs.description }}
+          directory: ${{ github.workspace }}/${{ matrix.changed_dir }}
+          image_name: ${{ matrix.changed_dir }}
+          image_registry: ${{ env.NAMESPACED_REGISTRY }}
+          platforms: ${{ steps.extract_from_config_yaml.outputs.platforms }}
           tags: |
-            type=semver,pattern={{version}},value=v${{ steps.calculate_version.outputs.version }}
+            type=semver,pattern={{version}},value=v${{ inputs.version }}
             type=sha,prefix=
-          labels: |
-            org.opencontainers.image.title=${{ matrix.changed_dir }}
-            org.opencontainers.image.description=${{ steps.extract_from_config_yaml.outputs.description }}
-            org.opencontainers.image.vendor=Apollo GraphQL
-            org.opencontainers.image.licenses=MIT
-          annotations: |
-            org.opencontainers.image.title=${{ matrix.changed_dir }}
-            org.opencontainers.image.description=${{ steps.extract_from_config_yaml.outputs.description }}
-            org.opencontainers.image.vendor=Apollo GraphQL
-            org.opencontainers.image.licenses=MIT
-      - name: Build and Push Docker image
-        id: push
-        uses: docker/build-push-action@14487ce63c7a62a4a324b0bfb37086795e31c6c1
-        with:
-          context: ${{ github.workspace }}/${{ matrix.changed_dir }}
-          file: ${{ github.workspace }}/${{ matrix.changed_dir }}/Dockerfile
-          push: true
-          tags: ${{ steps.meta.outputs.tags }}
-          annotations: ${{ steps.meta.outputs.annotations }}
-          labels: ${{ steps.meta.outputs.labels }}
-          platforms: ${{ steps.extract_from_config_yaml.outputs.platforms }}
       - name: Create Git Tag
         uses: mathieudutour/github-tag-action@a22cf08638b34d5badda920f9daf6e72c477b07b
         with:

.github/workflows/docker_publish_daily.yml

@@ -0,0 +1,65 @@
+name: Build & Publish Docker Images - Daily
+
+on:
+  schedule:
+    - cron: "0 10 * * *" # Run this job every day at 10am to get a daily build
+  workflow_dispatch: { }
+
+env:
+  REGISTRY: ghcr.io
+  NAMESPACED_REGISTRY: ghcr.io/apollographql/ci-utility-docker-images
+
+jobs:
+  find-all-docker-images:
+    uses: ./.github/workflows/find_all_docker_images.yml
+  build-and-push-images:
+    name: Build and Push Docker Image
+    needs: find-all-docker-images
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      packages: write
+      attestations: write
+      id-token: write
+    strategy:
+      matrix:
+        image_directory: ${{ fromJSON(needs.find-all-docker-images.outputs.docker_images) }}
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2
+      - name: Get current date
+        id: get-date
+        run: echo "date=$(date +'%Y%m%d%H%M')" >> $GITHUB_OUTPUT
+      - name: Log in to the Container Registry
+        uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Extract Details From config.yml
+        id: extract_from_config_yaml
+        uses: ./.github/workflows/extract_details_from_config.yml
+        with:
+          config_yaml_path: ${{ github.workspace }}/${{ matrix.image_directory }}/config.yaml
+      - name: Build Docker Image
+        uses: ./.github/workflows/build_docker_image.yml
+        with:
+          description: ${{ steps.extract_from_config_yaml.outputs.description }}
+          directory: ${{ github.workspace }}/${{ matrix.image_directory }}
+          image_name: ${{ matrix.image_directory }}
+          image_registry: ${{ env.NAMESPACED_REGISTRY }}
+          platforms: ${{ steps.extract_from_config_yaml.outputs.platforms }}
+          tags: |
+            type=semver,pattern={{version}},value=v${{ steps.extract_from_config_yaml.outputs.current_version }}-${{ steps.get-date.outputs.date }}
+
+  check-builds-all-completes:
+    name: Docker Images Built & Pushed
+    if: ${{ always() }}
+    runs-on: ubuntu-latest
+    needs:
+      - build-and-push-images
+    steps:
+      - run: |
+          exit ${{ (contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled')) && 1 || 0 }}
+
+

.github/workflows/extract_details_from_config.yml

@@ -0,0 +1,26 @@
+on:
+  workflow_call:
+    inputs:
+      config_yaml_path:
+        type: string
+        required: true
+        description: "The path to the config.yaml file in the repo"
+    outputs:
+      current_version: ${{ steps.extract_from_config_yaml.outputs.current_version }}
+      platforms: ${{ steps.extract_from_config_yaml.outputs.platforms }}
+      description: ${{ steps.extract_from_config_yaml.outputs.description }}
+
+jobs:
+
+  extract_details_from_config_yaml:
+    name: "Extract Details From config.yaml"
+    runs-on: ubuntu-latest
+    steps:
+      - name: "Checkout repository"
+        uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2
+      - name: Extract Details From config.yml
+        id: extract_from_config_yaml
+        run: |
+          echo "current_version=$(cat ${{ inputs.config_yaml_path }} | yq '.version')" >> "$GITHUB_OUTPUT"
+          echo "platforms=$(cat ${{ inputs.config_yaml_path }} | yq '.platforms | join(",")')" >> "$GITHUB_OUTPUT"
+          echo "description=$(cat ${{ inputs.config_yaml_path }} | yq '.description')" >> "$GITHUB_OUTPUT"

.github/workflows/find_all_docker_images.yml

@@ -0,0 +1,25 @@
+on:
+  workflow_call:
+    outputs:
+      docker_images:
+        description: "List of all the directories of Docker Images that need to be built"
+        value: ${{ jobs.find-all-docker-images.outputs.folders }}
+
+jobs:
+  find-all-docker-images:
+    name: Find All Docker Images
+    runs-on: ubuntu-latest
+    outputs:
+      folders: ${{ steps.filter_config_directories.outputs.docker_images }}
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2
+      - id: find-folders
+        uses: SuperEvilMegacorp/list-folders-action@5f9fce10cea7c4e4f094e6638e7209865af5501e
+        with:
+          path: ${{ github.workspace }}
+      - name: "Filter out config directories"
+        id: filter_config_directories
+        run: |
+          DOCKER_IMAGES=$(echo "${{ steps.find-folders.outputs.folders }}" | jq -c '[.[] | select(. |  contains(".") | not)'])
+          echo "docker_images=$DOCKER_IMAGES" >> "$GITHUB_OUTPUT"

.github/workflows/raise_pr_monthly.yml

@@ -0,0 +1,70 @@
+name: Raise PR for Monthly Version Bump
+
+on:
+  schedule:
+    - cron: '0 9 1 * *' # Run at midnight each Sunday
+  workflow_dispatch: { }
+
+jobs:
+  find-all-docker-images:
+    uses: ./.github/workflows/find_all_docker_images.yml
+  create-new-config-yamls:
+    name: "Calculate and Store New config.yaml"
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
+    needs: find-all-docker-images
+    strategy:
+      matrix:
+        image_directory: ${{ fromJSON(needs.find-all-docker-images.outputs.docker_images ) }}
+    steps:
+      - name: "Checkout Repo"
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+      - name: Extract Details From config.yml
+        id: extract_from_config_yaml
+        uses: ./.github/workflows/extract_details_from_config.yml
+        with:
+          config_yaml_path: ${{ github.workspace }}/${{ matrix.changed_dir }}/config.yaml
+      - name: Bump Minor Version
+        id: bump
+        uses: cbrgm/semver-bump-action@main
+        with:
+          current-version: ${{ steps.extract_from_config_yaml.outputs.current_version }}
+          bump-level: patch
+      - name: "Calculate version to bump to"
+        id: calculate-version
+        run: |
+          yq w ${{ github.workspace }}/${{ matrix.image_directory }}/config.yml .version ${{ steps.bump.outputs.new_version }} >> ${{ github.workspace }}/${{ matrix.image_directory }}_config.yml
+      - name: "Store saved config.yaml"
+        uses: actions/upload-artifact@6027e3dd177782cd8ab9af838c04fd81a07f1d47
+        with:
+          name: new-version_${{ matrix.image_directory }}/config.yml
+          path: ${{ github.workspace }}/${{ matrix.image_directory }}_config.yml
+
+  raise_pull_request:
+    name: "Raise Pull Request"
+    runs-on: ubuntu-latest
+    steps:
+      - name: "Checkout Repo"
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+      - name: Get current date
+        id: get-date
+        run: echo "date=$(date +'%Y%m%d%')" >> $GITHUB_OUTPUT
+      - name: Download new config YAMLs
+        id: download-new-config-yamls
+        uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e
+        with:
+          pattern: new-version_*
+      - name: Move the configs to their new location
+        run: |
+          apt-get update
+          apt-get install -y mmv
+          mmv *_config.yaml '${{ github.workspace }}/#1/config.yaml'
+      - name: Create Pull Request
+        uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e
+        with:
+          commit-message: 'Update Patch Versions For All Images - ${{ steps.get-date.outputs.date }}'
+          branch: update-patch-versions
+          title: 'Update Patch Versions For All Images - ${{ steps.get-date.outputs.date }}'
+          body: Automated PR to bump patch versions for all images, to ensure they don't get stale