From daf052c241bed24b793bed89a87ace89e9d832a5 Mon Sep 17 00:00:00 2001
From: Lebaud Antoine <lebaud.antoine131@gmail.com>
Date: Mon, 5 Feb 2024 18:44:06 +0100
Subject: [PATCH] =?UTF-8?q?=F0=9F=91=B7(project)=20streamline=20Docker=20i?=
 =?UTF-8?q?mage=20publishing=20workflow?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Refactored 'Hub' CI job for clarity, using 'docker/build-push-action.'
This dedicated workflow efficiently manages image releases on tagged
events and main branch merges.

'Hub' job had been broken by Chat GPT translation from Circle CI.

Images are pushed to a temporary Docker Hub repository,
lasuite/people.
---
 .github/workflows/docker-hub.yml | 44 ++++++++++++++++++++++++++++++++
 .github/workflows/people.yml     | 42 ------------------------------
 2 files changed, 44 insertions(+), 42 deletions(-)
 create mode 100644 .github/workflows/docker-hub.yml

diff --git a/.github/workflows/docker-hub.yml b/.github/workflows/docker-hub.yml
new file mode 100644
index 000000000..0c21857ce
--- /dev/null
+++ b/.github/workflows/docker-hub.yml
@@ -0,0 +1,44 @@
+name: Docker Hub Workflow
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - 'main'
+    tags:
+      - 'v*'
+  pull_request:
+    branches:
+      - 'main'
+
+jobs:
+  build-and-push:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v4
+      -
+        name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: lasuite/people
+      -
+        name: Load sops secrets
+        uses: rouja/actions-sops@main
+        with:
+          secret-file: .github/workflows/secrets.enc.env
+          age-key: ${{ secrets.SOPS_PRIVATE }}
+      -
+        name: Login to DockerHub
+        if: github.event_name != 'pull_request'
+        run: echo "$DOCKER_HUB_PASSWORD" | docker login -u "$DOCKER_HUB_USER" --password-stdin
+      -
+        name: Build and push
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
diff --git a/.github/workflows/people.yml b/.github/workflows/people.yml
index a773d6f8c..8c86c8b85 100644
--- a/.github/workflows/people.yml
+++ b/.github/workflows/people.yml
@@ -323,45 +323,3 @@ jobs:
           -v "${{ github.workspace }}:/app" \
           crowdin/cli:3.16.0 \
           crowdin upload sources -c /app/crowdin/config.yml
-
-  hub:
-    runs-on: ubuntu-latest
-    if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v2
-      - name: Generate a version.json file describing app release
-        run: |
-          printf '{"commit":"${{ github.sha }}","version":"${{ github.ref }}","source":"https://github.com/${{ github.repository_owner }}/${{ github.repository }}","build":"${{ github.run_id }}"}\n' > src/backend/people/version.json
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
-      - name: Build production image
-        run: docker build -t people:${{ github.sha }} --target production .
-      - name: Check built images availability
-        run: docker images "people:${{ github.sha }}*"
-      - name: Load sops secrets
-        uses: rouja/actions-sops@main
-        with:
-          secret-file: .github/workflows/secrets.enc.env
-          age-key: ${{ secrets.SOPS_PRIVATE }}
-      - name: Login to DockerHub
-        run: echo "$DOCKER_HUB_PASSWORD" | docker login -u "$DOCKER_HUB_USER" --password-stdin
-      - name: Tag images
-        run: |
-          DOCKER_TAG=$([[ -z "${{ github.event.ref }}" ]] && echo "${{ github.event.ref }}" || echo "${{ github.event.ref }}" | sed 's/^v//')
-          RELEASE_TYPE=$([[ -z "${{ github.event.ref }}" ]] && echo "branch" || echo "tag ")
-          echo "DOCKER_TAG: ${DOCKER_TAG} (Git ${RELEASE_TYPE}${{ github.event.ref }})"
-          docker tag people:${{ github.sha }} numerique-gouv/people:${DOCKER_TAG}
-          if [[ -n "${{ github.event.ref }}" ]]; then
-            docker tag people:${{ github.sha }} numerique-gouv/people:latest
-          fi
-          docker images | grep -E "^numerique-gouv/people\s*(${DOCKER_TAG}.*|latest|main)"
-      - name: Publish images
-        run: |
-          DOCKER_TAG=$([[ -z "${{ github.event.ref }}" ]] && echo "${{ github.event.ref }}" || echo "${{ github.event.ref }}" | sed 's/^v//')
-          RELEASE_TYPE=$([[ -z "${{ github.event.ref }}" ]] && echo "branch" || echo "tag ")
-          echo "DOCKER_TAG: ${DOCKER_TAG} (Git ${RELEASE_TYPE}${{ github.event.ref }})"
-          docker push numerique-gouv/people:${DOCKER_TAG}
-          if [[ -n "${{ github.event.ref }}" ]]; then
-            docker push numerique-gouv/people:latest
-          fi