From eb232e298bff3233b29abeb7ed36c2f4f1b25dfa Mon Sep 17 00:00:00 2001 From: Karthik Natarajan Date: Sun, 28 Dec 2025 18:57:34 +0530 Subject: [PATCH 1/5] User better workflow naming --- .github/workflows/cloudness-build.yml | 3 ++- .github/workflows/cloudness-builder.yml | 3 ++- .github/workflows/cloudness-release.yml | 8 +++++--- 3 files changed, 9 insertions(+), 5 deletions(-) diff --git a/.github/workflows/cloudness-build.yml b/.github/workflows/cloudness-build.yml index 3b3b42d..022b4b4 100644 --- a/.github/workflows/cloudness-build.yml +++ b/.github/workflows/cloudness-build.yml @@ -10,7 +10,8 @@ env: IMAGE_NAME: ${{ github.repository }} jobs: - build-and-push-app: + build-cloudness-app: + name: Cloudness App permissions: contents: read packages: write diff --git a/.github/workflows/cloudness-builder.yml b/.github/workflows/cloudness-builder.yml index 72fb28f..a7b41d9 100644 --- a/.github/workflows/cloudness-builder.yml +++ b/.github/workflows/cloudness-builder.yml @@ -15,7 +15,8 @@ env: IMAGE_NAME: ${{ github.repository }} jobs: - build-and-push-builder: + build-cloudness-builder: + name: Builder Plugin permissions: contents: read packages: write diff --git a/.github/workflows/cloudness-release.yml b/.github/workflows/cloudness-release.yml index ff1983c..f49b32f 100644 --- a/.github/workflows/cloudness-release.yml +++ b/.github/workflows/cloudness-release.yml @@ -12,7 +12,8 @@ env: IMAGE_NAME: ${{ github.repository }} jobs: - build-and-push-app: + build-cloudness-app: + name: Cloudness App permissions: contents: read packages: write @@ -23,7 +24,8 @@ jobs: DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} - build-and-push-builder: + build-cloudness-builder: + name: Builder Plugin permissions: contents: read packages: write @@ -36,7 +38,7 @@ jobs: upload-scripts: runs-on: ubuntu-latest - needs: [build-and-push-app, build-and-push-builder] + needs: [build-cloudness-app, build-cloudness-builder] permissions: contents: read From f44a27d27a88d510b1e06faca4f5272aeb4b46cf Mon Sep 17 00:00:00 2001 From: Karthik Natarajan Date: Sun, 28 Dec 2025 20:29:16 +0530 Subject: [PATCH 2/5] Resuable upload scripts --- .github/workflows/cloudness-release.yml | 36 +++++-------------------- 1 file changed, 7 insertions(+), 29 deletions(-) diff --git a/.github/workflows/cloudness-release.yml b/.github/workflows/cloudness-release.yml index f49b32f..c55b5e3 100644 --- a/.github/workflows/cloudness-release.yml +++ b/.github/workflows/cloudness-release.yml @@ -37,35 +37,13 @@ jobs: DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} upload-scripts: - runs-on: ubuntu-latest + name: Upload Scripts needs: [build-cloudness-app, build-cloudness-builder] permissions: contents: read - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - name: Extract version from tag - id: version - run: | - if [[ "${{ github.ref }}" == refs/tags/* ]]; then - VERSION=${GITHUB_REF#refs/tags/} - else - VERSION="latest" - fi - echo "version=$VERSION" >> $GITHUB_OUTPUT - - - name: Replace version placeholder in YAML files - run: | - sed -i "s|{{.App.Version}}|${{ steps.version.outputs.version }}|g" ./scripts/install/cloudness-app.yaml - - - name: Upload Script files - uses: ryand56/r2-upload-action@latest - with: - r2-account-id: ${{ secrets.SCRIPTS_BUCKET_ACCOUNT_ID }} - r2-access-key-id: ${{ secrets.SCRIPTS_BUCKET_ACCESS_KEY_ID }} - r2-secret-access-key: ${{ secrets.SCRIPTS_BUCKET_SECRET_ACCESS_KEY }} - r2-bucket: ${{ secrets.SCRIPTS_BUCKET_NAME }} - source-dir: ./scripts/install - destination-dir: ./ + uses: ./.github/workflows/_upload-scripts.yml + secrets: + SCRIPTS_BUCKET_ACCOUNT_ID: ${{ secrets.SCRIPTS_BUCKET_ACCOUNT_ID }} + SCRIPTS_BUCKET_ACCESS_KEY_ID: ${{ secrets.SCRIPTS_BUCKET_ACCESS_KEY_ID }} + SCRIPTS_BUCKET_SECRET_ACCESS_KEY: ${{ secrets.SCRIPTS_BUCKET_SECRET_ACCESS_KEY }} + SCRIPTS_BUCKET_NAME: ${{ secrets.SCRIPTS_BUCKET_NAME }} From 1e011bda81b39133404970c7733e5d063d68597c Mon Sep 17 00:00:00 2001 From: Karthik Natarajan Date: Sun, 28 Dec 2025 20:29:31 +0530 Subject: [PATCH 3/5] Resuable upload scripts --- .github/workflows/_upload-scripts.yml | 47 +++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) create mode 100644 .github/workflows/_upload-scripts.yml diff --git a/.github/workflows/_upload-scripts.yml b/.github/workflows/_upload-scripts.yml new file mode 100644 index 0000000..3e1507c --- /dev/null +++ b/.github/workflows/_upload-scripts.yml @@ -0,0 +1,47 @@ +name: Upload Scripts (Reusable) + +on: + workflow_call: + secrets: + SCRIPTS_BUCKET_ACCOUNT_ID: + required: true + SCRIPTS_BUCKET_ACCESS_KEY_ID: + required: true + SCRIPTS_BUCKET_SECRET_ACCESS_KEY: + required: true + SCRIPTS_BUCKET_NAME: + required: true + +jobs: + upload-scripts: + runs-on: ubuntu-latest + permissions: + contents: read + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Extract version from tag + id: version + run: | + if [[ "${{ github.ref }}" == refs/tags/* ]]; then + VERSION=${GITHUB_REF#refs/tags/} + else + VERSION="latest" + fi + echo "version=$VERSION" >> $GITHUB_OUTPUT + + - name: Replace version placeholder in YAML files + run: | + sed -i "s|{{.App.Version}}|${{ steps.version.outputs.version }}|g" ./scripts/install/cloudness-app.yaml + + - name: Upload Script files + uses: ryand56/r2-upload-action@latest + with: + r2-account-id: ${{ secrets.SCRIPTS_BUCKET_ACCOUNT_ID }} + r2-access-key-id: ${{ secrets.SCRIPTS_BUCKET_ACCESS_KEY_ID }} + r2-secret-access-key: ${{ secrets.SCRIPTS_BUCKET_SECRET_ACCESS_KEY }} + r2-bucket: ${{ secrets.SCRIPTS_BUCKET_NAME }} + source-dir: ./scripts/install + destination-dir: ./ From 60202691eeeef074ea50ec382b803b4b5ab48a6b Mon Sep 17 00:00:00 2001 From: KArtHiK Date: Sun, 28 Dec 2025 20:43:22 +0530 Subject: [PATCH 4/5] Better naming --- .github/workflows/_build-app.yml | 2 +- .github/workflows/_build-builder.yml | 2 +- .github/workflows/_upload-scripts.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/_build-app.yml b/.github/workflows/_build-app.yml index e642ea9..43a7680 100644 --- a/.github/workflows/_build-app.yml +++ b/.github/workflows/_build-app.yml @@ -15,7 +15,7 @@ on: required: true jobs: - build-and-push-app: + build: runs-on: ubuntu-latest permissions: contents: read diff --git a/.github/workflows/_build-builder.yml b/.github/workflows/_build-builder.yml index 1386fe2..5ce0f9f 100644 --- a/.github/workflows/_build-builder.yml +++ b/.github/workflows/_build-builder.yml @@ -15,7 +15,7 @@ on: required: true jobs: - build-and-push-builder: + build: runs-on: ubuntu-latest permissions: contents: read diff --git a/.github/workflows/_upload-scripts.yml b/.github/workflows/_upload-scripts.yml index 3e1507c..e19548c 100644 --- a/.github/workflows/_upload-scripts.yml +++ b/.github/workflows/_upload-scripts.yml @@ -13,7 +13,7 @@ on: required: true jobs: - upload-scripts: + upload: runs-on: ubuntu-latest permissions: contents: read From 358260d55a49635928529ab06c68dff213424869 Mon Sep 17 00:00:00 2001 From: KArtHiK Date: Sun, 28 Dec 2025 20:53:26 +0530 Subject: [PATCH 5/5] Add PR validation --- .github/workflows/_build-app.yml | 7 +++++- .github/workflows/_build-builder.yml | 7 +++++- .github/workflows/pr-validation.yml | 33 ++++++++++++++++++++++++++++ 3 files changed, 45 insertions(+), 2 deletions(-) create mode 100644 .github/workflows/pr-validation.yml diff --git a/.github/workflows/_build-app.yml b/.github/workflows/_build-app.yml index 43a7680..4ca6af6 100644 --- a/.github/workflows/_build-app.yml +++ b/.github/workflows/_build-app.yml @@ -8,6 +8,11 @@ on: required: false type: boolean default: false + push-images: + description: "Push images to registries" + required: false + type: boolean + default: true secrets: DOCKERHUB_USERNAME: required: true @@ -61,7 +66,7 @@ jobs: with: context: . file: ./Dockerfile - push: true + push: ${{ inputs.push-images }} tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} cache-from: ${{ inputs.enable-cache && 'type=gha' || '' }} diff --git a/.github/workflows/_build-builder.yml b/.github/workflows/_build-builder.yml index 5ce0f9f..20bbcd5 100644 --- a/.github/workflows/_build-builder.yml +++ b/.github/workflows/_build-builder.yml @@ -8,6 +8,11 @@ on: required: false type: boolean default: false + push-images: + description: "Push images to registries" + required: false + type: boolean + default: true secrets: DOCKERHUB_USERNAME: required: true @@ -61,7 +66,7 @@ jobs: with: context: ./plugins/builder file: ./plugins/builder/Dockerfile - push: true + push: ${{ inputs.push-images }} tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} cache-from: ${{ inputs.enable-cache && 'type=gha' || '' }} diff --git a/.github/workflows/pr-validation.yml b/.github/workflows/pr-validation.yml new file mode 100644 index 0000000..47e127c --- /dev/null +++ b/.github/workflows/pr-validation.yml @@ -0,0 +1,33 @@ +name: PR Validation + +on: + pull_request: + branches: + - main + +jobs: + validate-app: + name: Validate App + permissions: + contents: read + packages: read + uses: ./.github/workflows/_build-app.yml + with: + enable-cache: true + push-images: false + secrets: + DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} + DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} + + validate-builder: + name: Validate Builder + permissions: + contents: read + packages: read + uses: ./.github/workflows/_build-builder.yml + with: + enable-cache: true + push-images: false + secrets: + DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} + DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}