OpenSPP
diff --git a/‎.github/workflows/docker-build.yml‎
Lines changed: 248 additions & 0 deletions b/‎.github/workflows/docker-build.yml‎
Lines changed: 248 additions & 0 deletions
@@ -0,0 +1,248 @@
+# ABOUTME: GitHub Actions workflow for building and pushing OpenSPP Docker images
+# ABOUTME: Builds multi-architecture images and pushes to ACN Nexus registry
+
+name: Docker Build and Push
+
+on:
+  push:
+    branches:
+      - main
+      - master
+      - develop
+      - 'release/**'
+    tags:
+      - 'v*'
+      - '[0-9]+.[0-9]+.[0-9]+'
+  pull_request:
+    branches:
+      - main
+      - master
+      - develop
+  workflow_dispatch:
+    inputs:
+      push_images:
+        description: 'Push images to registry'
+        required: false
+        default: 'false'
+        type: choice
+        options:
+          - 'true'
+          - 'false'
+
+env:
+  REGISTRY: docker-push.acn.fr
+  PUBLIC_REGISTRY: docker.acn.fr
+  IMAGE_NAME: openspp/openspp
+
+jobs:
+  build-ubuntu:
+    name: Build Ubuntu Image
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+      
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+      
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      
+      - name: Log in to Nexus Registry
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ secrets.NEXUS_USERNAME }}
+          password: ${{ secrets.NEXUS_PASSWORD }}
+      
+      - name: Extract metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: |
+            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=ref,event=branch
+            type=ref,event=pr
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=raw,value=latest,enable={{is_default_branch}}
+            type=raw,value=daily,enable={{is_default_branch}}
+            type=sha,prefix={{branch}}-
+      
+      - name: Build and push Ubuntu image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: ./Dockerfile
+          platforms: linux/amd64
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          build-args: |
+            BUILD_DATE=${{ github.event.head_commit.timestamp }}
+            VCS_REF=${{ github.sha }}
+            VERSION=${{ steps.meta.outputs.version }}
+
+  build-slim:
+    name: Build Slim Image
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+      
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+      
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      
+      - name: Log in to Nexus Registry
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ secrets.NEXUS_USERNAME }}
+          password: ${{ secrets.NEXUS_PASSWORD }}
+      
+      - name: Extract metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: |
+            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=ref,event=branch,suffix=-slim
+            type=ref,event=pr,suffix=-slim
+            type=semver,pattern={{version}},suffix=-slim
+            type=semver,pattern={{major}}.{{minor}},suffix=-slim
+            type=raw,value=latest-slim,enable={{is_default_branch}}
+            type=raw,value=daily-slim,enable={{is_default_branch}}
+            type=sha,prefix={{branch}}-,suffix=-slim
+      
+      - name: Build and push Slim image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: ./Dockerfile.slim
+          platforms: linux/amd64
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          build-args: |
+            BUILD_DATE=${{ github.event.head_commit.timestamp }}
+            VCS_REF=${{ github.sha }}
+            VERSION=${{ steps.meta.outputs.version }}
+
+  test-images:
+    name: Test Docker Images
+    needs: [build-ubuntu, build-slim]
+    runs-on: ubuntu-latest
+    if: github.event_name == 'pull_request'
+    
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+      
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      
+      - name: Build test image (Ubuntu)
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: ./Dockerfile
+          load: true
+          tags: openspp:test-ubuntu
+          cache-from: type=gha
+      
+      - name: Build test image (Slim)
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: ./Dockerfile.slim
+          load: true
+          tags: openspp:test-slim
+          cache-from: type=gha
+      
+      - name: Test Ubuntu image
+        run: |
+          echo "Testing Ubuntu image..."
+          docker run --rm openspp:test-ubuntu openspp-server --version
+          docker run --rm openspp:test-ubuntu openspp-server --help | grep -q "OpenSPP"
+      
+      - name: Test Slim image
+        run: |
+          echo "Testing Slim image..."
+          docker run --rm openspp:test-slim openspp-server --version
+          docker run --rm openspp:test-slim openspp-server --help | grep -q "OpenSPP"
+      
+      - name: Test health endpoint
+        run: |
+          echo "Starting container for health check..."
+          docker run -d --name openspp-test -p 8069:8069 openspp:test-ubuntu
+          sleep 60
+          curl -f http://localhost:8069/web/health || (docker logs openspp-test && exit 1)
+          docker stop openspp-test
+          docker rm openspp-test
+
+  update-manifests:
+    name: Update Kubernetes Manifests
+    needs: [build-ubuntu, build-slim]
+    runs-on: ubuntu-latest
+    if: startsWith(github.ref, 'refs/tags/')
+    
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+      
+      - name: Update deployment manifests
+        run: |
+          TAG=${GITHUB_REF#refs/tags/}
+          echo "Updating manifests for tag: $TAG"
+          
+          # Update image tags in deployment files
+          find deployments -name "*.yaml" -type f -exec \
+            sed -i "s|image: .*openspp:.*|image: ${{ env.PUBLIC_REGISTRY }}/${{ env.IMAGE_NAME }}:${TAG}|g" {} \;
+      
+      - name: Commit and push changes
+        run: |
+          git config --local user.email "action@github.com"
+          git config --local user.name "GitHub Action"
+          git add deployments/
+          git diff --staged --quiet || git commit -m "Update deployment manifests for ${GITHUB_REF#refs/tags/}"
+          git push
+
+  notify:
+    name: Send Notifications
+    needs: [build-ubuntu, build-slim]
+    runs-on: ubuntu-latest
+    if: always() && github.event_name != 'pull_request'
+    
+    steps:
+      - name: Notify Slack
+        if: secrets.SLACK_WEBHOOK != ''
+        uses: 8398a7/action-slack@v3
+        with:
+          status: ${{ job.status }}
+          text: |
+            OpenSPP Docker Build ${{ job.status }}
+            Branch: ${{ github.ref }}
+            Commit: ${{ github.sha }}
+            Images pushed to: ${{ env.PUBLIC_REGISTRY }}/${{ env.IMAGE_NAME }}
+          webhook_url: ${{ secrets.SLACK_WEBHOOK }}
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}