From 029ce8db7417ef4c149600f5afaf1ddad5653129 Mon Sep 17 00:00:00 2001
From: Alan-pad <46325799+Alan-pad@users.noreply.github.com>
Date: Fri, 26 Jan 2024 11:31:14 +0100
Subject: [PATCH] Ci/fix release workflow (#229)

* ci: add packages write permission

* ci: add permissions to packages, remove push on pr
---
 .github/workflows/{ci.yaml => main.yaml} |  10 +-
 .github/workflows/pr.yaml                | 119 +++++++++++++++++++++++
 .github/workflows/release.yaml           |   3 +-
 3 files changed, 126 insertions(+), 6 deletions(-)
 rename .github/workflows/{ci.yaml => main.yaml} (96%)
 create mode 100644 .github/workflows/pr.yaml

diff --git a/.github/workflows/ci.yaml b/.github/workflows/main.yaml
similarity index 96%
rename from .github/workflows/ci.yaml
rename to .github/workflows/main.yaml
index 5642805e..0c5dd6d5 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/main.yaml
@@ -1,12 +1,12 @@
-name: Continuous Integration
+name: [Main] Continuous Integration
 
 on:
   push:
     branches:
     - main
-  pull_request:
-    branches:
-    - main
+
+permissions:
+  packages: write
 
 env:
   GO_VERSION: 1.19
@@ -120,4 +120,4 @@ jobs:
         tags: ${{ steps.meta.outputs.tags }}
         labels: ${{ steps.meta.outputs.labels }}
         cache-from: type=gha
-        cache-to: type=gha,mode=max
\ No newline at end of file
+        cache-to: type=gha,mode=max
diff --git a/.github/workflows/pr.yaml b/.github/workflows/pr.yaml
new file mode 100644
index 00000000..93a0c268
--- /dev/null
+++ b/.github/workflows/pr.yaml
@@ -0,0 +1,119 @@
+name: [Pull Request] Continuous Integration
+
+on:
+  pull_request:
+    branches:
+    - main
+
+env:
+  GO_VERSION: 1.19
+  BUILD_PLATFORMS: linux/amd64,linux/arm64
+
+jobs:
+  unit-tests:
+    name: Unit Tests
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v3
+    - name: Cache envtest binaries
+      uses: actions/cache@v3
+      with:
+        path: ./bin/
+        key: binaries
+    - name: Setup Golang
+      uses: actions/setup-go@v4
+      with:
+        go-version: "${{ env.GO_VERSION }}"
+    - name: Install envtest
+      run: make envtest
+    - name: Setup envtest
+      run: ./bin/setup-envtest use
+    - name: Run tests
+      run: make test
+    - name: Upload coverage reports to Codecov
+      uses: codecov/codecov-action@v3
+
+  check-codegen:
+    name: Check Codegen
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v3
+    - name: Setup Golang
+      uses: actions/setup-go@v4
+      with:
+        go-version: "${{ env.GO_VERSION }}"
+    - name: Generate manifests
+      run: make manifests
+    - name: Check nothing has changed
+      run: |
+        git diff --exit-code ./manifests
+
+  lint:
+    name: Lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-go@v4
+        with:
+          go-version: "${{ env.GO_VERSION }}"
+          cache: false
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@v3
+        with:
+          version: v1.53
+          args: --timeout=5m
+
+  build-and-push:
+    name: Build & Push
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v3
+
+    - name: Get Build timestamp and branch name
+      run: |
+        echo "BUILD_TIMESTAMP=$(date +'%s')" >> $GITHUB_ENV
+        echo "VERSION=$( echo ${{ github.head_ref || github.ref_name }} | tr '/' '-' )" >> $GITHUB_ENV
+
+    - name: Docker tags & labels
+      id: meta
+      uses: docker/metadata-action@v4
+      with:
+        images: ghcr.io/${{ github.repository }}
+        # generate Docker tags:
+        # - type=raw,VERSION -> branch name
+        # - type=ref,event=tag -> tag name
+        # - type=sha,format=long,prefix= -> commit sha
+        tags: |
+          type=raw,${{ env.VERSION }}
+          type=ref,event=tag
+          type=sha,format=long,prefix=
+
+    - name: Set up QEMU
+      uses: docker/setup-qemu-action@v2
+
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v2
+
+    - name: Login to GHCR
+      uses: docker/login-action@v2
+      with:
+        registry: ghcr.io
+        username: ${{ github.repository_owner }}
+        password: ${{ secrets.GITHUB_TOKEN }}
+
+    - name: Build and push
+      uses: docker/build-push-action@v4
+      with:
+        provenance: false
+        platforms: ${{ env.BUILD_PLATFORMS }}
+        build-args: |
+          VERSION=${{ env.VERSION }}
+          BUILD_TIMESTAMP=${{ env.BUILD_TIMESTAMP }}
+          COMMIT_HASH=${{ github.sha }}
+        tags: ${{ steps.meta.outputs.tags }}
+        labels: ${{ steps.meta.outputs.labels }}
+        cache-from: type=gha
+        cache-to: type=gha,mode=max
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index b2d10252..8d055da4 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -11,6 +11,7 @@ env:
 
 permissions:
   contents: write
+  packages: write
 
 jobs:
   goreleaser:
@@ -127,4 +128,4 @@ jobs:
         tags: ${{ steps.meta.outputs.tags }}
         labels: ${{ steps.meta.outputs.labels }}
         cache-from: type=gha
-        cache-to: type=gha,mode=max
\ No newline at end of file
+        cache-to: type=gha,mode=max