From 5df110637db42a0cdae58285db5e4d6720df161e Mon Sep 17 00:00:00 2001
From: Anthony Britton <anthony.britton@digital.justice.gov.uk>
Date: Fri, 28 Feb 2025 11:54:48 +0000
Subject: [PATCH 1/2] PI-2770 use jib in gha

---
 .github/workflows/jib-build.yml | 51 +++++++++++++++++++++++++++++++++
 .github/workflows/pipeline.yml  | 24 ++++++----------
 2 files changed, 59 insertions(+), 16 deletions(-)
 create mode 100644 .github/workflows/jib-build.yml

diff --git a/.github/workflows/jib-build.yml b/.github/workflows/jib-build.yml
new file mode 100644
index 00000000..d27f8494
--- /dev/null
+++ b/.github/workflows/jib-build.yml
@@ -0,0 +1,51 @@
+name: Build & push docker image and deploy to environment
+
+on:
+  workflow_call:
+
+    outputs:
+      app_version:
+        description: The version of the app as generated by create_app_version
+        value: ${{ jobs.docker_build.outputs.version }}
+
+permissions:
+  contents: read
+  packages: write
+
+jobs:
+  docker_build:
+    name: Build docker image
+    runs-on: ubuntu-latest
+    outputs:
+      version: ${{ steps.app_version.outputs.version }}
+    steps:
+      - id: app_version
+        name: Application version creators
+        uses: ministryofjustice/hmpps-github-actions/.github/actions/build-test-and-deploy/create_app_version@v2 # WORKFLOW_VERSION
+
+      - uses: actions/checkout@v4
+      - name: refresh cache
+        id: initial-cache
+        uses: actions/cache@v4
+        env:
+          cache-name: kotlin-cache
+        with:
+          path: |
+            - gradle-{{ checksum "build.gradle.kts" }}
+            - gradle-
+          key: ${{ runner.os }}-gradle-${{ env.cache-name }}-${{ hashFiles('build.gradle.kts') }}
+
+      - uses: actions/setup-java@v4
+        with:
+          distribution: 'temurin'
+          java-version: '21'
+          cache: 'gradle'
+          cache-dependency-path: |
+            *.gradle*
+            **/gradle-wrapper.properties
+      - run: ./gradlew jib --image="${IMAGE_NAME}:${APP_VERSION}" -Djib.to.auth.username=${GITHUB_USERNAME} -Djib.to.auth.password=${GITHUB_PASSWORD} -Djib.to.tags=latest -Djib.container.environment=BUILD_NUMBER="${BUILD_NUMBER}"
+        env:
+          GITHUB_USERNAME: ${{ github.actor }}
+          GITHUB_PASSWORD: ${{ github.token }}
+          BUILD_NUMBER: ${{ steps.app_version.outputs.version }}
+          IMAGE_NAME: "ghcr.io/ministryofjustice/probation-offender-search"
diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
index 5739798f..9a35ee55 100644
--- a/.github/workflows/pipeline.yml
+++ b/.github/workflows/pipeline.yml
@@ -35,24 +35,16 @@ jobs:
     name: Validate the kotlin
     uses: ./.github/workflows/kotlin_integration_tests.yml
     secrets: inherit
-  build:
-    name: Build docker image from hmpps-github-actions
-    if: github.ref == 'refs/heads/main'
-    uses: ministryofjustice/hmpps-github-actions/.github/workflows/docker_build.yml@v2 # WORKFLOW_VERSION
-    needs:
-      - kotlin_validate
-    with:
-      docker_registry: 'ghcr.io'
-      registry_org: 'ministryofjustice'
-      additional_docker_tag: ""
-      push: ${{ inputs.push || true }}
-      docker_multiplatform: false
-      additional_docker_build_args: ""
+  docker_build:
+    if: ${{ inputs.push || true }}
+    name: Push image
+    uses: ./.github/workflows/jib-build.yml
+    needs: kotlin_validate
   deploy_dev:
     name: Deploy to the dev environment
     if: github.ref == 'refs/heads/main'
     needs:
-    - build
+    - docker_build
     - helm_lint
     uses: ministryofjustice/hmpps-github-actions/.github/workflows/deploy_env.yml@v2 # WORKFLOW_VERSION
     secrets: inherit
@@ -62,7 +54,7 @@ jobs:
   deploy_preprod:
     name: Deploy to the preprod environment
     needs:
-    - build
+    - docker_build
     - helm_lint
     uses: ministryofjustice/hmpps-github-actions/.github/workflows/deploy_env.yml@v2 # WORKFLOW_VERSION
     secrets: inherit
@@ -72,7 +64,7 @@ jobs:
   deploy_prod:
     name: Deploy to the prod environment
     needs:
-    - build
+    - docker_build
     - helm_lint
     - deploy_dev
     - deploy_preprod

From f8f5bd0dc471280cf212f2c7a43a2dfe0fb271ba Mon Sep 17 00:00:00 2001
From: Anthony Britton <anthony.britton@digital.justice.gov.uk>
Date: Fri, 28 Feb 2025 12:43:49 +0000
Subject: [PATCH 2/2] PI-2770 use jib in gha

---
 .github/workflows/jib-build.yml | 2 +-
 .github/workflows/pipeline.yml  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/jib-build.yml b/.github/workflows/jib-build.yml
index d27f8494..08f20935 100644
--- a/.github/workflows/jib-build.yml
+++ b/.github/workflows/jib-build.yml
@@ -43,7 +43,7 @@ jobs:
           cache-dependency-path: |
             *.gradle*
             **/gradle-wrapper.properties
-      - run: ./gradlew jib --image="${IMAGE_NAME}:${APP_VERSION}" -Djib.to.auth.username=${GITHUB_USERNAME} -Djib.to.auth.password=${GITHUB_PASSWORD} -Djib.to.tags=latest -Djib.container.environment=BUILD_NUMBER="${BUILD_NUMBER}"
+      - run: ./gradlew jib --image="${IMAGE_NAME}:${BUILD_NUMBER}" -Djib.to.auth.username=${GITHUB_USERNAME} -Djib.to.auth.password=${GITHUB_PASSWORD} -Djib.to.tags=latest -Djib.container.environment=BUILD_NUMBER="${BUILD_NUMBER}"
         env:
           GITHUB_USERNAME: ${{ github.actor }}
           GITHUB_PASSWORD: ${{ github.token }}
diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
index 9a35ee55..a2bb14a9 100644
--- a/.github/workflows/pipeline.yml
+++ b/.github/workflows/pipeline.yml
@@ -36,7 +36,7 @@ jobs:
     uses: ./.github/workflows/kotlin_integration_tests.yml
     secrets: inherit
   docker_build:
-    if: ${{ inputs.push || true }}
+    if: ${{ github.ref == 'refs/heads/main' || inputs.push }}
     name: Push image
     uses: ./.github/workflows/jib-build.yml
     needs: kotlin_validate