chore(fips): reduce ci diff

[cardoso]

Summary by CodeRabbit

• Chores
  • Streamlined continuous integration workflow for Docker image building and publishing, improving build efficiency and artifact management.
  • Enhanced FIPS build authentication requirements and container orchestration logic.
  • Simplified Docker Compose configuration handling in end-to-end testing pipeline.

[dionisio-bot]

Looks like this PR is not ready to merge, because of the following issues:

• This PR is missing the 'stat: QA assured' label
• This PR is missing the required milestone or project

Please fix the issues and try again

If you have any trouble, please check the PR guidelines

[changeset-bot]

⚠️ No Changeset found

Latest commit: a7fc106

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[coderabbitai]

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 3a9eddd2-e032-4bb4-b440-f9a7d55bcee4

📥 Commits

Reviewing files that changed from the base of the PR and between 453c7da and a7fc106.

📒 Files selected for processing (3)

• .github/actions/build-docker/action.yml
• .github/workflows/ci-test-e2e.yml
• .github/workflows/ci.yml

---

Walkthrough

This PR refactors Docker build orchestration and E2E test workflows by consolidating the build-docker composite action, replacing dynamic Compose file expansion with fixed file paths, hardcoding the CI build matrix, and propagating FIPS secrets to test jobs. Three workflow files are interconnected: the build action changes drive the CI workflow restructuring, which in turn enables E2E workflow simplification.

Changes

Docker Build and CI Workflow Refactoring

Layer / File(s)	Summary
Docker build action refactoring .github/actions/build-docker/action.yml	Updated DOCKER_USER/DOCKER_PASS input descriptions to clarify FIPS requirement. DockerHub login condition now checks inputs.type == 'fips' instead of credential presence. Environment variables are remapped to GITHUB_/INPUT_ format. Docker buildx bake execution shifts from command-array retry loop to direct invocation with inline SERVICE_SUFFIX computation. Artifact tar filenames use SERVICE/ARCH/TYPE variables. Compose override handling consolidates to single compose_fips_override variable.
CI workflow build matrix and step restructuring .github/workflows/ci.yml	Replaces generated Docker matrix (via build-gh-docker-matrix) with hardcoded strategy matrix enumerating architectures, service groups, and build types. Adds explicit include entries for rocketchat coverage (amd64/arm64) and per-service amd64-only FIPS builds. Restructures build invocations to call the updated build-docker action up to four times per matrix entry using matrix.service[0] through [3] with conditional guards and per-step publish-image evaluation.
E2E workflow container startup and cleanup .github/workflows/ci-test-e2e.yml	Removes dynamic COMPOSE_FILES/COMPOSE_FILES_METEOR environment setup. Container startup now uses fixed file paths: httpbin via docker-compose-ci.yml, CE containers (rocketchat only) on same file, EE/FIPS containers via FIPS_OVERRIDE to include docker-compose-ci.fips.yml with --wait. Service readiness replaces per-service health checks with simple ddp-streamer-service log message wait. Test cleanup and failure logging use fixed compose file paths instead of array expansion.
FIPS secrets and DockerHub publishing .github/workflows/ci.yml	Adds NPM_TOKEN secret to test-api-fips, test-api-livechat-fips, and test-ui-fips jobs. Updates DockerHub publish script to remove rocketchat-cov echo message and adjust source image derivation to map *-fips services by base name with fips compose configuration, replacing prior special-case handling.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Suggested labels

type: chore

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 70.49%. Comparing base (453c7da) to head (a7fc106).
⚠️ Report is 1 commits behind head on fips-ddp-streamer.

Additional details and impacted files

@@                  Coverage Diff                  @@
##           fips-ddp-streamer   #40655      +/-   ##
=====================================================
+ Coverage              69.64%   70.49%   +0.85%     
=====================================================
  Files                   3338     1647    -1691     
  Lines                 123247    91316   -31931     
  Branches               21961    13824    -8137     
=====================================================
- Hits                   85830    64372   -21458     
+ Misses                 34065    26440    -7625     
+ Partials                3352      504    -2848     

Flag	Coverage Δ
e2e	?
e2e-api	?
unit	70.49% <ø> (+0.01%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.