.github/workflows/docker-build.yml

name: Docker

# Trigger on pushes to master branch, new semantic version tags, and pull request updates
on:
  workflow_dispatch:
    inputs:
      tag:
        description: Git branch, or tag to build from.
        required: false
      target:
        description: Target to build.
        required: false
        type: choice
        options:
          - composer
          - conductor
          - sequencer
          - sequencer-relayer
  merge_group:
  push:
    branches:
      - "main"
    tags:
      - "**-v[0-9]+.[0-9]+.[0-9]+"
      - "**-v[0-9]+.[0-9]+.[0-9]+-alpha.[0-9]+"
      - "**-v[0-9]+.[0-9]+.[0-9]+-beta.[0-9]+"
      - "**-v[0-9]+.[0-9]+.[0-9]+-rc[0-9]+"
    
  pull_request:
    types:
      - opened
      - synchronize
      - reopened
      - labeled

jobs:
  run_checker:
    uses: ./.github/workflows/reusable-run-checker.yml

  composer:
    needs: run_checker
    if: needs.run_checker.outputs.run_docker == 'true' || (github.event_name == 'workflow_dispatch' && github.event.inputs.target == 'composer')
    uses: "./.github/workflows/reusable-docker-build.yml"
    permissions:
      contents: read
      id-token: write
      packages: write
    with:
      depot-project-id: mhgvgvsjnx
      package-name: composer
      target-binary: astria-composer
      tag: ${{ inputs.tag }}
    secrets: inherit

  conductor:
    needs: run_checker
    if: needs.run_checker.outputs.run_docker == 'true' || (github.event_name == 'workflow_dispatch' && github.event.inputs.target == 'conductor')
    uses: "./.github/workflows/reusable-docker-build.yml"
    permissions:
      contents: read
      id-token: write
      packages: write
    with:
      depot-project-id: zrh9t1d84s
      package-name: conductor
      target-binary: astria-conductor
      tag: ${{ inputs.tag }}
    secrets: inherit

  sequencer:
    needs: run_checker
    if: needs.run_checker.outputs.run_docker == 'true' || (github.event_name == 'workflow_dispatch' && github.event.inputs.target == 'sequencer')
    uses: "./.github/workflows/reusable-docker-build.yml"
    permissions:
      contents: read
      id-token: write
      packages: write
    with:
      depot-project-id: brzhxfbv9b
      package-name: sequencer
      target-binary: astria-sequencer
      tag: ${{ inputs.tag }}
    secrets: inherit

  sequencer-relayer:
    needs: run_checker
    if: needs.run_checker.outputs.run_docker == 'true' || (github.event_name == 'workflow_dispatch' && github.event.inputs.target == 'sequencer-relayer')
    uses: "./.github/workflows/reusable-docker-build.yml"
    permissions:
      contents: read
      id-token: write
      packages: write
    with:
      depot-project-id: 86q4kz4wfs
      package-name: sequencer-relayer
      target-binary: astria-sequencer-relayer
      tag: ${{ inputs.tag }}
    secrets: inherit

  smoke-test:
    needs: [run_checker, composer, conductor, sequencer, sequencer-relayer]
    if: (github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == 'astriaorg/astria') && (github.event_name == 'merge_group' || needs.run_checker.outputs.run_docker == 'true')
    runs-on: buildjet-8vcpu-ubuntu-2204
    steps:
      - uses: actions/checkout@v4
      - name: Install just
        uses: taiki-e/install-action@just
      - name: Install kind
        uses: helm/kind-action@v1
        with:
          install_only: true
      - name: Log in to GHCR
        uses: docker/login-action@v2
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - name: Setup Smoke Test Environment
        timeout-minutes: 5
        run: |
          TAG=sha-$(git rev-parse --short HEAD)
          just deploy cluster
          kubectl create secret generic regcred --from-file=.dockerconfigjson=$HOME/.docker/config.json --type=kubernetes.io/dockerconfigjson
          echo -e "\n\nDeploying with astria images tagged $TAG"
          just deploy smoke-test $TAG
      - name: Run Smoke test
        timeout-minutes: 1
        run: just run-smoke-test

  docker:
    if: ${{ always() && !cancelled() }}
    needs: [composer, conductor, sequencer, sequencer-relayer, smoke-test]
    uses: ./.github/workflows/reusable-success.yml
    with:
      success: ${{ !contains(needs.*.result, 'failure') }}