From ab5c03c1ba98cd507c281f460d8608481c6f5e85 Mon Sep 17 00:00:00 2001
From: Oliver Bertuch <o.bertuch@fz-juelich.de>
Date: Wed, 31 Aug 2022 02:02:32 +0200
Subject: [PATCH] feat(ct-base): enable base image pushes for master and
 develop branch

- Make pushes to develop or master branch release a container image
  to Docker Hub by default (can be changed / extended).
- Defaulting to the develop tag by default makes it more reusable for
  depending workflows based on pull requests.
- Moving all multi-arch building to only happen on pushes,
  as it will be done during push/deploy phase only and those need
  credentials only avail in git push context running at repo owner of
  CI action.
- Removing the Java version matrix parameter, too - we are gonna stick
  with what is default for releasing the images as they are meant to
  be a somewhat reliable base. It's still open for experiments.
---
 .github/workflows/container_base_push.yml | 22 +++++++++++++++++-----
 1 file changed, 17 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/container_base_push.yml b/.github/workflows/container_base_push.yml
index fc23b30d8ad..82c7a376ae0 100644
--- a/.github/workflows/container_base_push.yml
+++ b/.github/workflows/container_base_push.yml
@@ -5,16 +5,21 @@ on:
     push:
         branches:
             - 'develop'
+            - 'master'
         paths:
             - 'modules/container-base/**'
             - 'modules/dataverse-parent/pom.xml'
     pull_request:
         branches:
             - 'develop'
+            - 'master'
         paths:
             - 'modules/container-base/**'
             - 'modules/dataverse-parent/pom.xml'
 
+env:
+    IMAGE_TAG: develop
+    REGISTRY: docker.io
 
 jobs:
     build:
@@ -45,14 +50,21 @@ jobs:
                   key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
                   restore-keys: ${{ runner.os }}-m2
 
-            - name: Set up QEMU for multi-arch builds
-              uses: docker/setup-qemu-action@v2
-            - name: Build base container image
-              run: mvn -f modules/container-base -Pct package -Dtarget.java.version=${{ matrix.jdk }}
+            - name: Build base container image with local architecture
+              run: mvn -f modules/container-base -Pct package
 
             - if: ${{ github.event_name == 'push' }} # run only if this is a push - PRs have no access to secrets
               name: Log in to the Container registry
               uses: docker/login-action@v1
               with:
                   username: ${{ secrets.DOCKERHUB_USERNAME }}
-                  password: ${{ secrets.DOCKERHUB_TOKEN }}
\ No newline at end of file
+                  password: ${{ secrets.DOCKERHUB_TOKEN }}
+            - if: ${{ github.event_name == 'push' }} # run only if this is a push - multi-arch makes no sense with PR
+              name: Set up QEMU for multi-arch builds
+              uses: docker/setup-qemu-action@v2
+            - name: Re-set image tag based on branch
+              if: ${{ github.ref == 'master' }}
+              run: echo "IMAGE_TAG=release"
+            - if: ${{ github.event_name == 'push' }} # run only if this is a push - tag push will only succeed in upstream
+              name: Deploy multi-arch base container image to Docker Hub
+              run: mvn -f modules/container-base -Pct deploy -Dbase.image.tag=${{ env.IMAGE_TAG }} -Ddocker.registry=${{ env.REGISTRY }}