Merge pull request #18 from OpenCHAMI/chore/add-build-automation

Add build automation with Makefile and update github  workflows

Author: bmcdonald3

.fabrica.yaml

@@ -0,0 +1,40 @@
+# SPDX-FileCopyrightText: 2026 OpenCHAMI Contributors
+#
+# SPDX-License-Identifier: MIT
+
+project:
+  name: fru-tracker
+  module: github.com/example/fru-tracker
+  description: OpenCHAMI FRU tracker service with Fabrica-generated REST APIs for hardware discovery and inventory
+  created: 2026-02-26T11:09:26-08:00
+features:
+  validation:
+    enabled: true
+    mode: strict
+  events:
+    enabled: true
+    bus_type: memory
+  conditional:
+    enabled: true
+    etag_algorithm: sha256
+  auth:
+    enabled: false
+  security:
+    authn:
+      enabled: false
+    authz:
+      enabled: false
+      mode: enforce
+  storage:
+    enabled: true
+    type: ent
+  metrics:
+    enabled: false
+generation:
+  handlers: true
+  storage: true
+  client: true
+  openapi: true
+  events: true
+  middleware: true
+  reconciliation: true

.github/workflows/PRBuild.yaml

@@ -0,0 +1,107 @@
+# Copyright © 2026 OpenCHAMI a Series of LF Projects, LLC
+#
+# SPDX-License-Identifier: MIT
+
+name: Build each PR for testing and validation
+
+on:
+    pull_request:
+        branches:
+            - main
+        types: [opened, synchronize, reopened, edited]
+    workflow_dispatch:
+      inputs:
+        pr_number:
+          description: 'PR Number to build (optional, for manual PR builds)'
+          required: false
+          type: string
+
+permissions: write-all # Necessary for the generate-build-provenance action with containers
+
+jobs:
+
+  build:
+
+
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Set up latest stable Go
+        uses: actions/setup-go@v6.4.0
+        with:
+          go-version: stable
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+        with:
+          driver-opts: |
+            image=moby/buildkit:master
+            network=host
+      - name: Docker Login
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Checkout
+        uses: actions/checkout@v6.0.2
+        with:
+          fetch-tags: 1
+          fetch-depth: 0
+      # Set environment variables required by GoReleaser
+      - name: Set build environment variables
+        run: |
+          echo "GIT_STATE=$(if git diff-index --quiet HEAD --; then echo 'clean'; else echo 'dirty'; fi)" >> $GITHUB_ENV
+          echo "BUILD_HOST=$(hostname)" >> $GITHUB_ENV
+          echo "GO_VERSION=$(go version | awk '{print $3}')" >> $GITHUB_ENV
+          echo "BUILD_USER=$(whoami)" >> $GITHUB_ENV
+          echo "CGO_ENABLED=0" >> $GITHUB_ENV
+          echo "IS_PR_BUILD=true" >> $GITHUB_ENV
+
+      - name: Docker Login
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Create Tag for PR
+        if: github.event_name == 'pull_request' || (github.event_name == 'workflow_dispatch' && inputs.pr_number != '')
+        run: |
+          git config --global user.name "github-actions[bot]"
+          git config --global user.email "github-actions[bot]@users.noreply.github.com"
+          PR_NUM="${{ github.event.number }}"
+          if [[ "${{ inputs.pr_number }}" != "" ]]; then
+            PR_NUM="${{ inputs.pr_number }}"
+          fi
+          git tag -f -a pr-${PR_NUM} -m "PR Release"
+
+      - name: Build/Push container with goreleaser
+        uses: goreleaser/goreleaser-action@v6
+        env:
+          GITHUB_TOKEN: ${{ github.token }}
+        with:
+          version: '~> 2'
+          args: release --clean --skip=announce,validate,archive
+        id: goreleaser
+      - name: Process goreleaser output
+        id: process_goreleaser_output
+        run: |
+          echo "const fs = require('fs');" > process.js
+          echo 'const artifacts = ${{ steps.goreleaser.outputs.artifacts }}' >> process.js
+          echo "const firstNonNullDigest = artifacts.find(artifact => artifact.extra && artifact.extra.Digest != null)?.extra.Digest;" >> process.js
+          echo "console.log(firstNonNullDigest);" >> process.js
+          echo "fs.writeFileSync('digest.txt', firstNonNullDigest);" >> process.js
+          node process.js
+          echo "digest=$(cat digest.txt)" >> $GITHUB_OUTPUT
+      - name: Attest Binaries
+        uses: actions/attest-build-provenance@v4.1.0
+        with:
+          subject-path: dist/**/fru-tracker*
+      - name: generate build provenance
+        uses: actions/attest-build-provenance@v4.1.0
+        with:
+          subject-name: ghcr.io/openchami/fru-tracker
+          subject-digest: ${{ steps.process_goreleaser_output.outputs.digest }}
+          push-to-registry: true

.github/workflows/REUSE.yaml

@@ -0,0 +1,16 @@
+# Copyright © 2026 OpenCHAMI a Series of LF Projects, LLC
+# SPDX-FileCopyrightText: 2020 Free Software Foundation Europe e.V.
+#
+# SPDX-License-Identifier: CC0-1.0
+# SPDX-License-Identifier: MIT
+name: REUSE Compliance Check
+
+on: [push, pull_request]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v6.0.2
+      - name: REUSE Compliance Check
+        uses: fsfe/reuse-action@v6

.github/workflows/codegen-check.yaml

@@ -0,0 +1,35 @@
+# SPDX-FileCopyrightText: 2026 OpenCHAMI Contributors
+#
+# SPDX-License-Identifier: MIT
+
+name: Codegen Check
+
+on:
+  pull_request:
+    branches: [main]
+    paths:
+      - "apis/**"
+      - "cmd/server/**"
+      - "internal/middleware/**"
+      - "internal/storage/**"
+      - "pkg/apiversion/**"
+      - "pkg/client/**"
+      - "pkg/reconcilers/**"
+      - "Makefile"
+      - ".github/workflows/codegen-check.yaml"
+  workflow_dispatch:
+
+jobs:
+  codegen-drift:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v6.0.2
+
+      - name: Set up Go
+        uses: actions/setup-go@v6.4.0
+        with:
+          go-version: stable
+
+      - name: Verify generated code is committed
+        run: make generate-check

.github/workflows/golangci-lint.yaml

@@ -0,0 +1,25 @@
+# Copyright © 2026 OpenCHAMI a Series of LF Projects, LLC
+#
+# SPDX-License-Identifier: MIT
+name: golangci-lint
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+  workflow_dispatch:
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Set up latest stable Go
+        uses: actions/setup-go@v6.4.0
+        with:
+          go-version: stable
+      - uses: actions/checkout@v6.0.2
+      - name: Run golangci-lint
+        uses: golangci/golangci-lint-action@v9.2.0
+        with:
+          version: latest

.github/workflows/release.yaml

@@ -1,50 +1,83 @@
-# SPDX-FileCopyrightText: 2026 Copyright © 2026 OpenCHAMI a Series of LF Projects, LLC
+# Copyright © 2026 OpenCHAMI a Series of LF Projects, LLC
 #
 # SPDX-License-Identifier: MIT
 
-name: Release
+name: Release with goreleaser
 
 on:
+  workflow_dispatch:
   push:
     tags:
-      - 'v*.*.*'
+      - v*
 
-permissions:
-  contents: write
-  packages: write
+permissions: write-all # Necessary for the generate-build-provenance action with containers
 
 jobs:
-  goreleaser:
+
+  build:
+
+
     runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
 
-      - name: Set up Go
-        uses: actions/setup-go@v5
+    steps:
+      - name: Set up latest stable Go
+        uses: actions/setup-go@v6.4.0
         with:
-          go-version: '1.23'
-
+          go-version: stable
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v3
-
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
-
-      - name: Login to GitHub Container Registry
+        with:
+          driver-opts: |
+            image=moby/buildkit:master
+            network=host
+      - name: Docker Login
         uses: docker/login-action@v3
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Checkout
+        uses: actions/checkout@v6.0.2
+        with:
+          fetch-tags: 1
+          fetch-depth: 0
+      # Set environment variables required by GoReleaser
+      - name: Set build environment variables
+        run: |
+          echo "GIT_STATE=$(if git diff-index --quiet HEAD --; then echo 'clean'; else echo 'dirty'; fi)" >> $GITHUB_ENV
+          echo "BUILD_HOST=$(hostname)" >> $GITHUB_ENV
+          echo "GO_VERSION=$(go version | awk '{print $3}')" >> $GITHUB_ENV
+          echo "BUILD_USER=$(whoami)" >> $GITHUB_ENV
+          echo "CGO_ENABLED=0" >> $GITHUB_ENV
+          echo "IS_PR_BUILD=false" >> $GITHUB_ENV
 
-      - name: Run GoReleaser
+      - name: Release with goreleaser
         uses: goreleaser/goreleaser-action@v6
+        env:
+          GITHUB_TOKEN: ${{ github.token }}
         with:
-          distribution: goreleaser
-          version: '~> v2'
+          version: latest
           args: release --clean
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        id: goreleaser
+      - name: Process goreleaser output
+        id: process_goreleaser_output
+        run: |
+          echo "const fs = require('fs');" > process.js
+          echo 'const artifacts = ${{ steps.goreleaser.outputs.artifacts }}' >> process.js
+          echo "const firstNonNullDigest = artifacts.find(artifact => artifact.extra && artifact.extra.Digest != null)?.extra.Digest;" >> process.js
+          echo "console.log(firstNonNullDigest);" >> process.js
+          echo "fs.writeFileSync('digest.txt', firstNonNullDigest);" >> process.js
+          node process.js
+          echo "digest=$(cat digest.txt)" >> $GITHUB_OUTPUT
+      - name: Attest Binaries
+        uses: actions/attest-build-provenance@v1
+        with:
+          subject-path: dist/**/fru-tracker*
+      - name: generate build provenance
+        uses: actions/attest-build-provenance@v1
+        with:
+          subject-name: ghcr.io/openchami/fru-tracker
+          subject-digest: ${{ steps.process_goreleaser_output.outputs.digest }}
+          push-to-registry: true