From ba82bc6b74a9a30fc772c6596d5bcd5c870b350c Mon Sep 17 00:00:00 2001
From: Joel Takvorian <jtakvori@redhat.com>
Date: Mon, 7 Mar 2022 17:34:16 +0100
Subject: [PATCH 1/3] Create branch-based and commit-based images

- an image tagged "main" (tracking branch "main")
- an image, short-lived, tagged after commit SHA
---
 .github/workflows/push_image.yml | 11 +++++++----
 Makefile                         |  6 ++++++
 2 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/push_image.yml b/.github/workflows/push_image.yml
index f37ac6088..c6915c891 100644
--- a/.github/workflows/push_image.yml
+++ b/.github/workflows/push_image.yml
@@ -8,7 +8,7 @@ env:
   REGISTRY_PASSWORD: ${{ secrets.QUAY_SECRET }}
   REGISTRY: quay.io/netobserv
   IMAGE: flowlogs-pipeline
-  TAG: latest
+  TAG: main
 
 jobs:
   push-image:
@@ -26,20 +26,23 @@ jobs:
           go-version: ${{ matrix.go }}
       - name: checkout
         uses: actions/checkout@v2
-      - name: build image
-        run: make build-image
+      - name: build images
+        run: DOCKER_TAG=${{ env.TAG }} make build-main-and-sha
       - name: podman login to quay.io
         uses: redhat-actions/podman-login@v1
         with:
           username: ${{ env.REGISTRY_USER }}
           password: ${{ env.REGISTRY_PASSWORD }}
           registry: quay.io
+      - name: get short sha
+        id: shortsha
+        run: echo "::set-output name=short_sha::$(git rev-parse --short HEAD)"
       - name: push to quay.io
         id: push-to-quay
         uses: redhat-actions/push-to-registry@v2
         with:
           image: ${{ env.IMAGE }}
-          tags: ${{ env.TAG }}
+          tags: ${{ env.TAG }} ${{ steps.shortsha.outputs.short_sha }}
           registry: ${{ env.REGISTRY }}
       - name: print image url
         run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}"
diff --git a/Makefile b/Makefile
index d1f610728..1d1e98290 100644
--- a/Makefile
+++ b/Makefile
@@ -116,6 +116,12 @@ run: build ## Run
 build-image:
 	DOCKER_BUILDKIT=1 $(OCI_RUNTIME) build -t $(DOCKER_IMG):$(DOCKER_TAG) -f contrib/docker/Dockerfile .
 
+.PHONY: build-main-and-sha
+build-main-and-sha: build-image
+	echo "FROM $(DOCKER_IMG):$(DOCKER_TAG)" > tmp.Dockerfile && \
+		$(OCI_RUNTIME) build --label quay.expires-after=2w -t $(DOCKER_IMG):$(COMMIT) -f tmp.Dockerfile . && \
+		rm tmp.Dockerfile
+
 .PHONY: push-image
 push-image: build-image ## Push latest image
 	@echo 'publish image $(DOCKER_TAG) to $(DOCKER_IMG)'

From 2489e9c36b5087b55fa4c0119bda8c7beab2c307 Mon Sep 17 00:00:00 2001
From: Joel Takvorian <jtakvori@redhat.com>
Date: Tue, 8 Mar 2022 10:35:46 +0100
Subject: [PATCH 2/3] Create "shortlived.Dockerfile", rename make target

---
 .github/workflows/push_image.yml     |  4 ++--
 Makefile                             | 14 +++++++++-----
 contrib/docker/shortlived.Dockerfile |  3 +++
 3 files changed, 14 insertions(+), 7 deletions(-)
 create mode 100644 contrib/docker/shortlived.Dockerfile

diff --git a/.github/workflows/push_image.yml b/.github/workflows/push_image.yml
index c6915c891..11aa2c689 100644
--- a/.github/workflows/push_image.yml
+++ b/.github/workflows/push_image.yml
@@ -27,7 +27,7 @@ jobs:
       - name: checkout
         uses: actions/checkout@v2
       - name: build images
-        run: DOCKER_TAG=${{ env.TAG }} make build-main-and-sha
+        run: DOCKER_TAG=${{ env.TAG }} make build-ci-images
       - name: podman login to quay.io
         uses: redhat-actions/podman-login@v1
         with:
@@ -42,7 +42,7 @@ jobs:
         uses: redhat-actions/push-to-registry@v2
         with:
           image: ${{ env.IMAGE }}
-          tags: ${{ env.TAG }} ${{ steps.shortsha.outputs.short_sha }}
+          tags: ${{ env.TAG }} ${{ steps.shortsha.outputs.short_sha }} latest
           registry: ${{ env.REGISTRY }}
       - name: print image url
         run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}"
diff --git a/Makefile b/Makefile
index 1d1e98290..bfe30e340 100644
--- a/Makefile
+++ b/Makefile
@@ -116,11 +116,15 @@ run: build ## Run
 build-image:
 	DOCKER_BUILDKIT=1 $(OCI_RUNTIME) build -t $(DOCKER_IMG):$(DOCKER_TAG) -f contrib/docker/Dockerfile .
 
-.PHONY: build-main-and-sha
-build-main-and-sha: build-image
-	echo "FROM $(DOCKER_IMG):$(DOCKER_TAG)" > tmp.Dockerfile && \
-		$(OCI_RUNTIME) build --label quay.expires-after=2w -t $(DOCKER_IMG):$(COMMIT) -f tmp.Dockerfile . && \
-		rm tmp.Dockerfile
+.PHONY: build-ci-images
+build-ci-images:
+ifeq ($(DOCKER_TAG), main)
+# Also tag "latest" only for branch "main"
+	DOCKER_BUILDKIT=1 $(OCI_RUNTIME) build -t $(DOCKER_IMG):$(DOCKER_TAG) -t $(DOCKER_IMG):latest -f contrib/docker/Dockerfile .
+else
+	DOCKER_BUILDKIT=1 $(OCI_RUNTIME) build -t $(DOCKER_IMG):$(DOCKER_TAG) -f contrib/docker/Dockerfile .
+endif
+	DOCKER_BUILDKIT=1 $(OCI_RUNTIME) build --build-arg BASE_IMAGE=$(DOCKER_IMG):$(DOCKER_TAG) -t $(DOCKER_IMG):$(COMMIT) -f contrib/docker/shortlived.Dockerfile .
 
 .PHONY: push-image
 push-image: build-image ## Push latest image
diff --git a/contrib/docker/shortlived.Dockerfile b/contrib/docker/shortlived.Dockerfile
new file mode 100644
index 000000000..7dca26000
--- /dev/null
+++ b/contrib/docker/shortlived.Dockerfile
@@ -0,0 +1,3 @@
+ARG BASE_IMAGE=quay.io/netobserv/flowlogs-pipeline:main
+FROM $BASE_IMAGE
+LABEL quay.expires-after=2w

From 18dc917a4685a54fe643ef8807d38ff98dab7a29 Mon Sep 17 00:00:00 2001
From: Joel Takvorian <jtakvori@redhat.com>
Date: Tue, 8 Mar 2022 11:28:51 +0100
Subject: [PATCH 3/3] Add release action, triggered from tag

It's the same as in console-pluigin repo
---
 .github/workflows/release.yml | 56 +++++++++++++++++++++++++++++++++++
 1 file changed, 56 insertions(+)
 create mode 100644 .github/workflows/release.yml

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
new file mode 100644
index 000000000..94e4dc9cb
--- /dev/null
+++ b/.github/workflows/release.yml
@@ -0,0 +1,56 @@
+name: release to quay.io
+on:
+  push:
+    tags: [v*]
+
+env:
+  REGISTRY_USER: netobserv+github_ci
+  REGISTRY_PASSWORD: ${{ secrets.QUAY_SECRET }}
+  REGISTRY: quay.io/netobserv
+  IMAGE: flowlogs-pipeline
+
+jobs:
+  push-image:
+    name: push image
+    runs-on: ubuntu-20.04
+    strategy:
+      matrix:
+        go: ['1.17']
+    steps:
+      - name: checkout
+        uses: actions/checkout@v2
+      - name: validate tag
+        id: validate_tag
+        run: |
+          tag=`git describe --exact-match --tags 2> /dev/null`
+          if [[ $tag =~ ^v[0-9]+\.[0-9]+\.[0-9]+(-rc[0-9]+)?$ ]]; then
+              echo "$tag is a valid release tag"
+              set -e
+              echo "::set-output name=tag::$tag"
+          else
+              echo "$tag is NOT a valid release tag"
+              exit 1
+          fi
+      - name: install make
+        run: sudo apt-get install make
+      - name: set up go 1.x
+        uses: actions/setup-go@v2
+        with:
+          go-version: ${{ matrix.go }}
+      - name: build images
+        run: DOCKER_TAG=${{ steps.validate_tag.outputs.tag }} make build-images
+      - name: podman login to quay.io
+        uses: redhat-actions/podman-login@v1
+        with:
+          username: ${{ env.REGISTRY_USER }}
+          password: ${{ env.REGISTRY_PASSWORD }}
+          registry: quay.io
+      - name: push to quay.io
+        id: push-to-quay
+        uses: redhat-actions/push-to-registry@v2
+        with:
+          image: ${{ env.IMAGE }}
+          tags: ${{ steps.validate_tag.outputs.tag }}
+          registry: ${{ env.REGISTRY }}
+      - name: print image url
+        run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}"