From 71edaba594af650686e0f68bcd11e44fa144ae58 Mon Sep 17 00:00:00 2001
From: Mathias Beaulieu-Duncan <52874619+singatias@users.noreply.github.com>
Date: Sun, 13 Oct 2024 13:16:40 -0400
Subject: [PATCH 1/4] Update apps-webservice.yaml

Signed-off-by: Mathias Beaulieu-Duncan <52874619+singatias@users.noreply.github.com>
---
 .github/workflows/apps-webservice.yaml | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/apps-webservice.yaml b/.github/workflows/apps-webservice.yaml
index a86cab196..f7f44e8bb 100644
--- a/.github/workflows/apps-webservice.yaml
+++ b/.github/workflows/apps-webservice.yaml
@@ -15,6 +15,7 @@ on:
       - packages/**
       - .github/workflows/apps-webservice.yaml
       - pnpm-lock.yaml
+  workflow_dispatch:
 
 jobs:
   build:
@@ -22,6 +23,11 @@ jobs:
     permissions:
       contents: read
       id-token: write
+
+    strategy:
+      matrix:
+        platform: [linux/amd64, linux/arm64]
+        
     steps:
       - uses: actions/checkout@v4
 
@@ -33,6 +39,7 @@ jobs:
 
       - name: Login to Docker Hub
         uses: docker/login-action@v3
+        if: github.event.pull_request.head.repo.full_name == github.repository
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
@@ -51,12 +58,14 @@ jobs:
         with:
           push: false
           file: apps/webservice/Dockerfile
+          platforms: ${{ matrix.platform }}
           tags: ${{ steps.meta.outputs.tags }}
 
       - name: Build and Push
         uses: docker/build-push-action@v6
-        if: github.ref == 'refs/heads/main'
+        if: github.ref == 'refs/heads/main' && github.event.pull_request.head.repo.full_name == github.repository
         with:
           push: true
           file: apps/webservice/Dockerfile
+          platforms: ${{ matrix.platform }}
           tags: ${{ steps.meta.outputs.tags }}

From c5bce11cac2d9e414db52d7203b0c50f552a817e Mon Sep 17 00:00:00 2001
From: Mathias Beaulieu-Duncan <52874619+singatias@users.noreply.github.com>
Date: Sun, 13 Oct 2024 13:40:08 -0400
Subject: [PATCH 2/4] test webservice with new condition

---
 .github/workflows/apps-webservice.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/apps-webservice.yaml b/.github/workflows/apps-webservice.yaml
index f7f44e8bb..35b07bd95 100644
--- a/.github/workflows/apps-webservice.yaml
+++ b/.github/workflows/apps-webservice.yaml
@@ -39,7 +39,7 @@ jobs:
 
       - name: Login to Docker Hub
         uses: docker/login-action@v3
-        if: github.event.pull_request.head.repo.full_name == github.repository
+        if: secrets.DOCKERHUB_USERNAME && secrets.DOCKERHUB_TOKEN
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
@@ -63,7 +63,7 @@ jobs:
 
       - name: Build and Push
         uses: docker/build-push-action@v6
-        if: github.ref == 'refs/heads/main' && github.event.pull_request.head.repo.full_name == github.repository
+        if: github.ref == 'refs/heads/main' && secrets.DOCKERHUB_USERNAME && secrets.DOCKERHUB_TOKEN
         with:
           push: true
           file: apps/webservice/Dockerfile

From 4a6d529f4a98352a12e942a5bd0a07dd6a512e5c Mon Sep 17 00:00:00 2001
From: Mathias Beaulieu-Duncan <52874619+singatias@users.noreply.github.com>
Date: Sun, 13 Oct 2024 13:42:00 -0400
Subject: [PATCH 3/4] update

---
 .github/workflows/apps-webservice.yaml | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/apps-webservice.yaml b/.github/workflows/apps-webservice.yaml
index 35b07bd95..14ae34dc7 100644
--- a/.github/workflows/apps-webservice.yaml
+++ b/.github/workflows/apps-webservice.yaml
@@ -37,9 +37,17 @@ jobs:
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
 
+      - name: Check if Docker Hub secrets are available
+        run: |
+          if [ -z "${{ secrets.DOCKERHUB_USERNAME }}" ] || [ -z "${{ secrets.DOCKERHUB_TOKEN }}" ]; then
+            echo "DOCKERHUB_LOGIN=false" >> $GITHUB_ENV
+          else
+            echo "DOCKERHUB_LOGIN=true" >> $GITHUB_ENV
+          fi
+
       - name: Login to Docker Hub
         uses: docker/login-action@v3
-        if: secrets.DOCKERHUB_USERNAME && secrets.DOCKERHUB_TOKEN
+        if: env.DOCKERHUB_LOGIN == 'true'
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
@@ -63,7 +71,7 @@ jobs:
 
       - name: Build and Push
         uses: docker/build-push-action@v6
-        if: github.ref == 'refs/heads/main' && secrets.DOCKERHUB_USERNAME && secrets.DOCKERHUB_TOKEN
+        if: github.ref == 'refs/heads/main' && env.DOCKERHUB_LOGIN == 'true'
         with:
           push: true
           file: apps/webservice/Dockerfile

From 8eef2043fde3a9ece09db25a2452336d10048f88 Mon Sep 17 00:00:00 2001
From: Mathias Beaulieu-Duncan <52874619+singatias@users.noreply.github.com>
Date: Sun, 13 Oct 2024 14:25:24 -0400
Subject: [PATCH 4/4] updated all packages pipeliens

---
 .github/workflows/apps-event-worker.yaml      | 19 ++++++++++++++++-
 .../workflows/apps-job-policy-checker.yaml    | 19 ++++++++++++++++-
 .github/workflows/apps-webservice.yaml        |  2 +-
 .../integrations-google-compute-scanner.yaml  | 21 +++++++++++++++++--
 .../integrations-kubernetes-job-agent.yaml    | 19 ++++++++++++++++-
 .../integrations-terraform-cloud-scanner.yaml | 13 +++++++++++-
 .github/workflows/packages-migrations.yaml    | 13 +++++++++++-
 7 files changed, 98 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/apps-event-worker.yaml b/.github/workflows/apps-event-worker.yaml
index 9d6df9b2a..be32ce417 100644
--- a/.github/workflows/apps-event-worker.yaml
+++ b/.github/workflows/apps-event-worker.yaml
@@ -23,9 +23,15 @@ on:
 jobs:
   build:
     runs-on: ubuntu-latest
+    
     permissions:
       contents: read
       id-token: write
+
+    strategy:
+      matrix:
+        platform: [linux/amd64, linux/arm64]
+
     steps:
       - uses: actions/checkout@v4
 
@@ -35,8 +41,17 @@ jobs:
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
 
+      - name: Check if Docker Hub secrets are available
+        run: |
+          if [ -z "${{ secrets.DOCKERHUB_USERNAME }}" ] || [ -z "${{ secrets.DOCKERHUB_TOKEN }}" ]; then
+            echo "DOCKERHUB_LOGIN=false" >> $GITHUB_ENV
+          else
+            echo "DOCKERHUB_LOGIN=true" >> $GITHUB_ENV
+          fi
+
       - name: Login to Docker Hub
         uses: docker/login-action@v3
+        if: env.DOCKERHUB_LOGIN == 'true'
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
@@ -55,12 +70,14 @@ jobs:
         with:
           push: false
           file: apps/event-worker/Dockerfile
+          platforms: ${{ matrix.platform }}
           tags: ${{ steps.meta.outputs.tags }}
 
       - name: Build and Push
         uses: docker/build-push-action@v6
-        if: github.ref == 'refs/heads/main'
+        if: github.ref == 'refs/heads/main' && env.DOCKERHUB_LOGIN == 'true'
         with:
           push: true
           file: apps/event-worker/Dockerfile
+          platforms: ${{ matrix.platform }}
           tags: ${{ steps.meta.outputs.tags }}
diff --git a/.github/workflows/apps-job-policy-checker.yaml b/.github/workflows/apps-job-policy-checker.yaml
index 8895c8c8e..79841af95 100644
--- a/.github/workflows/apps-job-policy-checker.yaml
+++ b/.github/workflows/apps-job-policy-checker.yaml
@@ -21,9 +21,15 @@ on:
 jobs:
   build:
     runs-on: ubuntu-latest
+    
     permissions:
       contents: read
       id-token: write
+
+    strategy:
+      matrix:
+        platform: [linux/amd64, linux/arm64]
+
     steps:
       - uses: actions/checkout@v4
 
@@ -33,8 +39,17 @@ jobs:
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
 
+      - name: Check if Docker Hub secrets are available
+        run: |
+          if [ -z "${{ secrets.DOCKERHUB_USERNAME }}" ] || [ -z "${{ secrets.DOCKERHUB_TOKEN }}" ]; then
+            echo "DOCKERHUB_LOGIN=false" >> $GITHUB_ENV
+          else
+            echo "DOCKERHUB_LOGIN=true" >> $GITHUB_ENV
+          fi
+
       - name: Login to Docker Hub
         uses: docker/login-action@v3
+        if: env.DOCKERHUB_LOGIN == 'true'
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
@@ -53,12 +68,14 @@ jobs:
         with:
           push: false
           file: apps/job-policy-checker/Dockerfile
+          platforms: ${{ matrix.platform }}
           tags: ${{ steps.meta.outputs.tags }}
 
       - name: Build and Push
         uses: docker/build-push-action@v6
-        if: github.ref == 'refs/heads/main'
+        if: github.ref == 'refs/heads/main' && env.DOCKERHUB_LOGIN == 'true'
         with:
           push: true
           file: apps/job-policy-checker/Dockerfile
+          platforms: ${{ matrix.platform }}
           tags: ${{ steps.meta.outputs.tags }}
diff --git a/.github/workflows/apps-webservice.yaml b/.github/workflows/apps-webservice.yaml
index 14ae34dc7..6f30ee36e 100644
--- a/.github/workflows/apps-webservice.yaml
+++ b/.github/workflows/apps-webservice.yaml
@@ -15,11 +15,11 @@ on:
       - packages/**
       - .github/workflows/apps-webservice.yaml
       - pnpm-lock.yaml
-  workflow_dispatch:
 
 jobs:
   build:
     runs-on: ubuntu-latest
+    
     permissions:
       contents: read
       id-token: write
diff --git a/.github/workflows/integrations-google-compute-scanner.yaml b/.github/workflows/integrations-google-compute-scanner.yaml
index 0206a1a40..07f88c2ae 100644
--- a/.github/workflows/integrations-google-compute-scanner.yaml
+++ b/.github/workflows/integrations-google-compute-scanner.yaml
@@ -19,9 +19,15 @@ on:
 jobs:
   build:
     runs-on: ubuntu-latest
+
     permissions:
       contents: read
       id-token: write
+
+    strategy:
+      matrix:
+        platform: [linux/amd64, linux/arm64]
+
     steps:
       - uses: actions/checkout@v4
 
@@ -31,8 +37,17 @@ jobs:
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
 
+      - name: Check if Docker Hub secrets are available
+        run: |
+          if [ -z "${{ secrets.DOCKERHUB_USERNAME }}" ] || [ -z "${{ secrets.DOCKERHUB_TOKEN }}" ]; then
+            echo "DOCKERHUB_LOGIN=false" >> $GITHUB_ENV
+          else
+            echo "DOCKERHUB_LOGIN=true" >> $GITHUB_ENV
+          fi
+
       - name: Login to Docker Hub
         uses: docker/login-action@v3
+        if: env.DOCKERHUB_LOGIN == 'true'
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
@@ -51,12 +66,14 @@ jobs:
         with:
           push: false
           file: integrations/google-compute-scanner/Dockerfile
+          platforms: ${{ matrix.platform }}
           tags: ${{ steps.meta.outputs.tags }}
 
       - name: Build and Push
         uses: docker/build-push-action@v6
-        if: github.ref == 'refs/heads/main'
+        if: github.ref == 'refs/heads/main' && env.DOCKERHUB_LOGIN == 'true'
         with:
           push: true
-          file: integrations/google-compute-scanner/Dockerfile
+          file: integrations/google-compute-scanner/Dockerfile 
+          platforms: ${{ matrix.platform }}
           tags: ${{ steps.meta.outputs.tags }}
diff --git a/.github/workflows/integrations-kubernetes-job-agent.yaml b/.github/workflows/integrations-kubernetes-job-agent.yaml
index e173e890e..d7dd33e31 100644
--- a/.github/workflows/integrations-kubernetes-job-agent.yaml
+++ b/.github/workflows/integrations-kubernetes-job-agent.yaml
@@ -19,9 +19,15 @@ on:
 jobs:
   build:
     runs-on: ubuntu-latest
+
     permissions:
       contents: read
       id-token: write
+
+    strategy:
+      matrix:
+        platform: [linux/amd64, linux/arm64]
+
     steps:
       - uses: actions/checkout@v4
 
@@ -31,8 +37,17 @@ jobs:
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
 
+      - name: Check if Docker Hub secrets are available
+        run: |
+          if [ -z "${{ secrets.DOCKERHUB_USERNAME }}" ] || [ -z "${{ secrets.DOCKERHUB_TOKEN }}" ]; then
+            echo "DOCKERHUB_LOGIN=false" >> $GITHUB_ENV
+          else
+            echo "DOCKERHUB_LOGIN=true" >> $GITHUB_ENV
+          fi
+
       - name: Login to Docker Hub
         uses: docker/login-action@v3
+        if: env.DOCKERHUB_LOGIN == 'true'
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
@@ -51,12 +66,14 @@ jobs:
         with:
           push: false
           file: integrations/kubernetes-job-agent/Dockerfile
+          platforms: ${{ matrix.platform }}
           tags: ${{ steps.meta.outputs.tags }}
 
       - name: Build and Push
         uses: docker/build-push-action@v6
-        if: github.ref == 'refs/heads/main'
+        if: github.ref == 'refs/heads/main' && env.DOCKERHUB_LOGIN == 'true'
         with:
           push: true
           file: integrations/kubernetes-job-agent/Dockerfile
+          platforms: ${{ matrix.platform }}
           tags: ${{ steps.meta.outputs.tags }}
diff --git a/.github/workflows/integrations-terraform-cloud-scanner.yaml b/.github/workflows/integrations-terraform-cloud-scanner.yaml
index 42a32937e..96b76b1d2 100644
--- a/.github/workflows/integrations-terraform-cloud-scanner.yaml
+++ b/.github/workflows/integrations-terraform-cloud-scanner.yaml
@@ -31,8 +31,17 @@ jobs:
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
 
+      - name: Check if Docker Hub secrets are available
+        run: |
+          if [ -z "${{ secrets.DOCKERHUB_USERNAME }}" ] || [ -z "${{ secrets.DOCKERHUB_TOKEN }}" ]; then
+            echo "DOCKERHUB_LOGIN=false" >> $GITHUB_ENV
+          else
+            echo "DOCKERHUB_LOGIN=true" >> $GITHUB_ENV
+          fi
+
       - name: Login to Docker Hub
         uses: docker/login-action@v3
+        if: env.DOCKERHUB_LOGIN == 'true'
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
@@ -51,12 +60,14 @@ jobs:
         with:
           push: false
           file: integrations/terraform-cloud-scanner/Dockerfile
+          platforms: ${{ matrix.platform }}
           tags: ${{ steps.meta.outputs.tags }}
 
       - name: Build and Push
         uses: docker/build-push-action@v6
-        if: github.ref == 'refs/heads/main'
+        if: github.ref == 'refs/heads/main' && env.DOCKERHUB_LOGIN == 'true'
         with:
           push: true
           file: integrations/terraform-cloud-scanner/Dockerfile
+          platforms: ${{ matrix.platform }}
           tags: ${{ steps.meta.outputs.tags }}
diff --git a/.github/workflows/packages-migrations.yaml b/.github/workflows/packages-migrations.yaml
index 21480b705..21b6ab8c4 100644
--- a/.github/workflows/packages-migrations.yaml
+++ b/.github/workflows/packages-migrations.yaml
@@ -27,8 +27,17 @@ jobs:
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
 
+      - name: Check if Docker Hub secrets are available
+        run: |
+          if [ -z "${{ secrets.DOCKERHUB_USERNAME }}" ] || [ -z "${{ secrets.DOCKERHUB_TOKEN }}" ]; then
+            echo "DOCKERHUB_LOGIN=false" >> $GITHUB_ENV
+          else
+            echo "DOCKERHUB_LOGIN=true" >> $GITHUB_ENV
+          fi
+
       - name: Login to Docker Hub
         uses: docker/login-action@v3
+        if: env.DOCKERHUB_LOGIN == 'true'
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
@@ -47,12 +56,14 @@ jobs:
         with:
           push: false
           file: packages/db/Dockerfile
+          platforms: ${{ matrix.platform }}
           tags: ${{ steps.meta.outputs.tags }}
 
       - name: Build and Push
         uses: docker/build-push-action@v6
-        if: github.ref == 'refs/heads/main'
+        if: github.ref == 'refs/heads/main' && env.DOCKERHUB_LOGIN == 'true'
         with:
           push: true
           file: packages/db/Dockerfile
+          platforms: ${{ matrix.platform }}
           tags: ${{ steps.meta.outputs.tags }}