From b16c98aef3dfe0b0458dada35e518d1118eec200 Mon Sep 17 00:00:00 2001
From: Eric Wyles <23637493+ericwyles@users.noreply.github.com>
Date: Tue, 12 Mar 2024 21:32:06 -0500
Subject: [PATCH] chore: change to use uds-common test action (#54)

* updates to use latest uds-common actions

* rearrange for clarity

* updates from pr comments

* pull deploy and setup includes from uds-common
---
 .github/workflows/commitlint.yaml      |  2 +-
 .github/workflows/pull-requests.yaml   | 66 --------------------------
 .github/workflows/tag-and-release.yaml | 16 +++++--
 .github/workflows/test.yaml            | 62 ++++++++++++++++++++++++
 tasks.yaml                             | 30 ++++++------
 tasks/deploy.yaml                      | 10 ----
 tasks/setup.yaml                       |  5 --
 7 files changed, 90 insertions(+), 101 deletions(-)
 delete mode 100644 .github/workflows/pull-requests.yaml
 create mode 100644 .github/workflows/test.yaml
 delete mode 100644 tasks/deploy.yaml
 delete mode 100644 tasks/setup.yaml

diff --git a/.github/workflows/commitlint.yaml b/.github/workflows/commitlint.yaml
index c83ce2b..54ef3a6 100644
--- a/.github/workflows/commitlint.yaml
+++ b/.github/workflows/commitlint.yaml
@@ -8,4 +8,4 @@ on:
 jobs:
   validate:
     name: Validate
-    uses: defenseunicorns/uds-common/.github/workflows/commitlint.yaml@417b9c2bc088f664c616c9929a2b3ce448d251f7
+    uses: defenseunicorns/uds-common/.github/workflows/commitlint.yaml@442bae718050ea9a47254851a45632aabeb13b17
diff --git a/.github/workflows/pull-requests.yaml b/.github/workflows/pull-requests.yaml
deleted file mode 100644
index d7b1507..0000000
--- a/.github/workflows/pull-requests.yaml
+++ /dev/null
@@ -1,66 +0,0 @@
-name: Test
-
-# This workflow is triggered on pull requests to the main branch.
-on:
-  pull_request:
-    paths:
-      - ".github/**"
-      - "bundle/**"
-      - "values/**"
-      - "tasks/**"
-      - "src/**"
-      - "chart/**"
-      - "tasks.yaml"
-      - "zarf.yaml"
-
-    # milestoned is added here as a workaround for release-please not triggering PR workflows (PRs should be added to a milestone to trigger the workflow).
-    types: [milestoned, opened, reopened, synchronize]
-
-# Permissions for the GITHUB_TOKEN used by the workflow.
-permissions:
-  id-token: write # Needed for OIDC-related operations.
-  contents: read # Allows reading the content of the repository.
-  pull-requests: read # Allows reading pull request metadata.
-
-# Default settings for all run commands in the workflow jobs.
-defaults:
-  run:
-    shell: bash -e -o pipefail {0} # Ensures that scripts fail on error and pipefail is set.
-
-jobs:
-  deploy:
-    runs-on: "ubuntu-latest"
-    timeout-minutes: 20
-    strategy:
-      matrix:
-        flavor: [upstream, registry1]
-    name: Deploy ${{ matrix.flavor }}
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
-
-      - name: Environment setup
-        uses: defenseunicorns/uds-common/.github/actions/setup@417b9c2bc088f664c616c9929a2b3ce448d251f7
-      
-      - name: Iron Bank Login
-        if: ${{ matrix.flavor == 'registry1' }}
-        run: uds zarf tools registry login -u "${{secrets.IRON_BANK_ROBOT_USERNAME}}" -p "${{secrets.IRON_BANK_ROBOT_PASSWORD}}" registry1.dso.mil
-
-      - name: Create test bundle
-        run: uds run create-test-bundle --set FLAVOR=${{ matrix.flavor }}
-
-      - name: Setup cluster
-        run: uds run setup-cluster
-      
-      - name: Deploy test bundle
-        run: uds run deploy-test-bundle
-
-      - name: Test package
-        run: uds run test-package
-
-      - name: Save logs
-        if: always()
-        uses: defenseunicorns/uds-common/.github/actions/save-logs@417b9c2bc088f664c616c9929a2b3ce448d251f7
-        with:
-          suffix: '${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }}'
diff --git a/.github/workflows/tag-and-release.yaml b/.github/workflows/tag-and-release.yaml
index 02fe692..04fd7a1 100644
--- a/.github/workflows/tag-and-release.yaml
+++ b/.github/workflows/tag-and-release.yaml
@@ -36,13 +36,13 @@ jobs:
       - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
 
       - name: Environment setup
-        uses: defenseunicorns/uds-common/.github/actions/setup@417b9c2bc088f664c616c9929a2b3ce448d251f7
-
-      - name: Iron Bank Login
-        run: uds zarf tools registry login -u "${{secrets.IRON_BANK_ROBOT_USERNAME}}" -p "${{secrets.IRON_BANK_ROBOT_PASSWORD}}" registry1.dso.mil
+        uses: defenseunicorns/uds-common/.github/actions/setup@442bae718050ea9a47254851a45632aabeb13b17
+        with:
+          username: ${{secrets.IRON_BANK_ROBOT_USERNAME}}
+          password: ${{secrets.IRON_BANK_ROBOT_PASSWORD}}
     
       - name: Login to GHCR
-        uses: docker/login-action@v3
+        uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3
         with:
           registry: ghcr.io
           username: dummy
@@ -50,3 +50,9 @@ jobs:
     
       - name: Publish Package
         run: uds run -f tasks/publish.yaml package --set FLAVOR=${{ matrix.flavor }}
+
+      - name: Save logs
+        if: always()
+        uses: defenseunicorns/uds-common/.github/actions/save-logs@442bae718050ea9a47254851a45632aabeb13b17
+        with:
+          suffix: ${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }}
\ No newline at end of file
diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml
new file mode 100644
index 0000000..ab063c0
--- /dev/null
+++ b/.github/workflows/test.yaml
@@ -0,0 +1,62 @@
+name: Test
+
+on:
+  pull_request:
+    branches: [main]
+    types: [milestoned, opened, edited, synchronize]  
+    paths-ignore:
+      - "**.md"
+      - "**.jpg"
+      - "**.png"
+      - "**.gif"
+      - "**.svg"
+      - "adr/**"
+      - "docs/**"
+      - ".gitignore"
+      - "renovate.json"
+      - ".release-please-config.json"
+      - "release-please-config.json"
+      - "oscal-component.yaml"
+      - "CODEOWNERS"
+      - "LICENSE"
+      - "CONTRIBUTING.md"
+      - "SECURITY.md"  
+
+# Abort prior jobs in the same workflow / PR
+concurrency:
+  group: test-${{ github.ref }}
+  cancel-in-progress: true
+
+permissions:
+  contents: read
+
+jobs:
+  run-test:
+    name: Create and Deploy Flavor ${{ matrix.flavor }}
+    runs-on: ubuntu-latest
+    timeout-minutes: 20
+    strategy:
+      matrix:
+        flavor: [upstream, registry1]
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+
+      - name: Environment setup
+        uses: defenseunicorns/uds-common/.github/actions/setup@442bae718050ea9a47254851a45632aabeb13b17
+        with:
+          username: ${{secrets.IRON_BANK_ROBOT_USERNAME}}
+          password: ${{secrets.IRON_BANK_ROBOT_PASSWORD}}
+
+      - name: Test
+        uses: defenseunicorns/uds-common/.github/actions/test@442bae718050ea9a47254851a45632aabeb13b17
+        with:
+          flavor: ${{ matrix.flavor }}
+
+      - name: Save logs
+        if: always()
+        uses: defenseunicorns/uds-common/.github/actions/save-logs@442bae718050ea9a47254851a45632aabeb13b17
+        with:
+          suffix: ${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }}
+
diff --git a/tasks.yaml b/tasks.yaml
index da514a4..c887c6c 100644
--- a/tasks.yaml
+++ b/tasks.yaml
@@ -1,8 +1,8 @@
 includes:
   - cleanup: ./tasks/cleanup.yaml
   - create: ./tasks/create.yaml
-  - deploy: ./tasks/deploy.yaml
-  - setup: ./tasks/setup.yaml
+  - deploy: https://raw.githubusercontent.com/defenseunicorns/uds-common-tasks/v0.2.2/tasks/deploy.yaml
+  - setup: https://raw.githubusercontent.com/defenseunicorns/uds-common-tasks/v0.2.2/tasks/setup.yaml
   - test: ./tasks/test.yaml
 
 tasks:
@@ -13,31 +13,33 @@ tasks:
       - task: setup-cluster
       - task: deploy-test-bundle
 
-  - name: setup-cluster
-    actions:
-      - task: setup:k3d-test-cluster
-  
   - name: create-package
     actions:
       - task: create:sonarqube-package
 
+  - name: deploy-package
+    actions:
+      - task: deploy:package
+
+  - name: cleanup
+    actions:
+      - task: cleanup:destroy
+
+# CI will execute the following (via uds-common/.github/actions/test) so they need to be here with these names
+
   - name: create-test-bundle
     actions:
       - task: create:sonarqube-test-bundle
-  
-  - name: deploy-package
+
+  - name: setup-cluster
     actions:
-      - task: deploy:sonarqube-package
+      - task: setup:k3d-test-cluster
 
   - name: deploy-test-bundle
     actions:
-      - task: deploy:sonarqube-test-bundle
+      - task: deploy:test-bundle
 
   - name: test-package
     actions:
       - task: test:health-check
       - task: test:ingress
-
-  - name: cleanup
-    actions:
-      - task: cleanup:destroy
diff --git a/tasks/deploy.yaml b/tasks/deploy.yaml
deleted file mode 100644
index fec2273..0000000
--- a/tasks/deploy.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
-tasks:
-  - name: sonarqube-package
-    actions:
-      - description: Deploy the UDS Sonarqube Zarf Package
-        cmd: uds zarf package deploy zarf-package-sonarqube-${UDS_ARCH}-*.tar.zst --confirm --no-progress
-
-  - name: sonarqube-test-bundle
-    actions:
-      - description: Deploy the UDS bundle with Sonarqube and its dependencies
-        cmd: UDS_CONFIG=bundle/uds-config.yaml uds deploy bundle/uds-bundle-sonarqube-test-${UDS_ARCH}-*.tar.zst --confirm --no-progress
diff --git a/tasks/setup.yaml b/tasks/setup.yaml
deleted file mode 100644
index d83377f..0000000
--- a/tasks/setup.yaml
+++ /dev/null
@@ -1,5 +0,0 @@
-tasks:
-  - name: k3d-test-cluster
-    actions:
-      - description: Create k3d cluster with UDS Core
-        cmd: uds deploy oci://defenseunicorns/uds/bundles/k3d-core-istio-dev:0.9.2-${UDS_ARCH} --confirm --no-progress