From 043c17d50d3cdbd914d513dc2c612da33aaffb11 Mon Sep 17 00:00:00 2001
From: Anthony Fitzroy <anthony.fitzroy@justice.gov.uk>
Date: Tue, 20 Feb 2024 09:54:38 +0000
Subject: [PATCH] added publish and build-and-test workflows

---
 .github/workflows/build-and-test.yml | 61 ++++++++++++++++++++++++++++
 .github/workflows/publish.yml        | 45 ++++++++++++++++++++
 scripts/build-and-test.sh            | 26 ++++++++++++
 3 files changed, 132 insertions(+)
 create mode 100644 .github/workflows/build-and-test.yml
 create mode 100644 .github/workflows/publish.yml
 create mode 100644 scripts/build-and-test.sh

diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml
new file mode 100644
index 0000000..30d59fa
--- /dev/null
+++ b/.github/workflows/build-and-test.yml
@@ -0,0 +1,61 @@
+---
+name: Test and Build
+
+on:
+  pull_request:
+    branches:
+      - main
+
+permissions: {} # yamllint disable-line
+
+jobs:
+  yamllint:
+    name: YAML Lint
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+    steps:
+      - name: Checkout
+        id: checkout
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+
+      - name: Run yamllint
+        id: run_yamllint
+        uses: actionshub/yamllint@b772a30c3ba90c5f5aadfe94d8f3599e3a7099c8 # v1.8.2
+
+  markdownlint:
+    name: Markdown Lint
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+    steps:
+      - name: Checkout
+        id: checkout
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+
+      - name: Run mdl
+        id: run_mdl
+        uses: actionshub/markdownlint@6c82ff529253530dfbf75c37570876c52692835f # v3.1.4
+
+  build-and-test:
+    if: github.ref != 'main'
+    name: Build and Test
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+    strategy:
+      fail-fast: false
+      max-parallel: 3
+      matrix:
+        flavour:
+          - "visual-studio-code"
+    steps:
+      - name: Checkout
+        id: checkout
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+
+      - name: Build and Test
+        id: build_and_test
+        shell: bash
+        run: |
+          bash scripts/build-and-test.sh "${{ matrix.flavour }}"
\ No newline at end of file
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
new file mode 100644
index 0000000..082c257
--- /dev/null
+++ b/.github/workflows/publish.yml
@@ -0,0 +1,45 @@
+---
+name: Publish
+
+on:
+  push:
+    tags:
+      - "v*"
+
+permissions: {}  # yamllint disable-line
+
+jobs:
+  publish:
+    name: Publish
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
+      packages: write
+    strategy:
+      fail-fast: false
+      max-parallel: 3
+      matrix:
+        flavour:
+          - "visual-studio-code"
+    steps:
+      - name: Checkout
+        id: checkout
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+
+      - name: Log in to GitHub Container Registry
+        id: login_ghcr
+        uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build and Push
+        id: build_and_push
+        uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
+        with:
+          context: ${{ matrix.flavour }}
+          file: Dockerfile
+          push: true
+          tags: ghcr.io/ministryofjustice/analytical-platform-${{ matrix.flavour }}:${{ github.ref_name }}
\ No newline at end of file
diff --git a/scripts/build-and-test.sh b/scripts/build-and-test.sh
new file mode 100644
index 0000000..9793fd8
--- /dev/null
+++ b/scripts/build-and-test.sh
@@ -0,0 +1,26 @@
+#!/usr/bin/env bash
+
+IMAGE="${1}"
+IMAGE_TAG="analytical-platform.service.justice.gov.uk/${IMAGE}:local"
+CONTAINER_STRUCTURE_TEST_IMAGE="gcr.io/gcp-runtimes/container-structure-test:latest"
+
+if [[ "${REMOTE_CONTAINERS}" ]] && [[ "$(uname -m)" == "aarch64" ]]; then
+  echo "(⚠) Looks like you're running in a dev container on Apple Silicon."
+  echo "(⚠) This script builds linux/amd64 images which might take a long time or even fail."
+  export PLATFORM_FLAG="--platform linux/amd64"
+fi
+
+echo "Building [ ${IMAGE} ] as [ ${IMAGE_TAG} ]"
+
+docker build ${PLATFORM_FLAG} --file "${IMAGE}/Dockerfile" --tag "${IMAGE_TAG}" "${IMAGE}"
+
+if [[ -f "${IMAGE}/test/container-structure-test.yml" ]]; then
+  echo "Running container structure test for [ ${IMAGE_TAG} ]"
+
+  docker run --rm ${PLATFORM_FLAG} \
+    --volume /var/run/docker.sock:/var/run/docker.sock \
+    --volume "${PWD}:/workspace" \
+    --workdir /workspace \
+    "${CONTAINER_STRUCTURE_TEST_IMAGE}" \
+    test --image "${IMAGE_TAG}" --config "/workspace/${IMAGE}/test/container-structure-test.yml"
+fi
\ No newline at end of file