From 33bd8d5a330c181841e7c9f0ea5f1c2ed2876f73 Mon Sep 17 00:00:00 2001
From: "Mahadik, Mukul Chandrakant" <MukulChandrakant.Mahadik@nrel.gov>
Date: Fri, 20 Sep 2024 20:42:30 -0700
Subject: [PATCH 1/5] Task A-6: Switching to step outputs instead of GITHUB_ENV

Refer to details in cleanup issue:
Task A-6: https://github.com/e-mission/e-mission-docs/issues/1082#issuecomment-2364335425
---
 .github/workflows/image_build_push.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/image_build_push.yml b/.github/workflows/image_build_push.yml
index 1847af67b..8580a0b03 100644
--- a/.github/workflows/image_build_push.yml
+++ b/.github/workflows/image_build_push.yml
@@ -24,7 +24,7 @@ jobs:
 
     - name: Get current date # get the date of the build
       id: date
-      run: echo "::set-output name=date::$(date +'%Y-%m-%d--%M-%S')"
+      run: echo "date=$(date +'%Y-%m-%d--%M-%S')" >> "$GITHUB_OUTPUT"
 
     #Runs a single command using the runners shell
     - name: Run a one-line script

From 96a8213c14019ddfd4e7c5635c4cf9202964ff0a Mon Sep 17 00:00:00 2001
From: "Mahadik, Mukul Chandrakant" <MukulChandrakant.Mahadik@nrel.gov>
Date: Fri, 20 Sep 2024 21:28:12 -0700
Subject: [PATCH 2/5] Task A-2: Storing latest tag in .env file + Task A-8:
 Prefix branch name

Refer to details in cleanup issue:
Task A-2: https://github.com/e-mission/e-mission-docs/issues/1082#issuecomment-2364583414

Storing server tag as well so that artifacts are not needed.
Can also remove image tag passed as input in Workflow dispatch POST request.
Workflow input also removed in dashboard workflows

For now not removing artifacts until the internal script is updated to handle this change.

----

Task A-8: Prefixing branch name to the docker tag along with the date.
In the internal script we will not need to maintain the different branch lists as the images will be completely tagged in the external workflows themselves.
We can simply use the tags without modifications then.

For now, not prefixing the tag to the artifact since we will be removing the artifact anyways.
And current internal script works with artifacts.
Once I update the internal script, will come back and remove artifacts.
---
 .github/workflows/image_build_push.yml | 30 +++++++++++++++++++++-----
 1 file changed, 25 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/image_build_push.yml b/.github/workflows/image_build_push.yml
index 8580a0b03..4f22ab7f0 100644
--- a/.github/workflows/image_build_push.yml
+++ b/.github/workflows/image_build_push.yml
@@ -18,6 +18,14 @@ jobs:
 
     steps:
     - uses: actions/checkout@v2
+
+    - name: Set docker image tags
+      id: set-tags
+      run: |
+        set -a; source .env; set +a
+        echo "SERVER_IMAGE_TAG=${SERVER_IMAGE_TAG}" >> "$GITHUB_OUTPUT"
+        echo "Current server image tag (push): ${SERVER_IMAGE_TAG}"
+  
     - name: docker login
       run: | # log into docker hub account
         docker login -u $DOCKER_USER -p $DOCKER_PASSWORD
@@ -40,6 +48,22 @@ jobs:
       run: |
         docker push $DOCKER_USER/${GITHUB_REPOSITORY#*/}:${GITHUB_REF##*/}_${{ steps.date.outputs.date }}
 
+    - name: Update .env file 
+      run: |
+        echo "SERVER_IMAGE_TAG=${GITHUB_REF##*/}_${{ steps.date.outputs.date }}" > .env
+
+    - name: Add, Commit, Push changes to .env file
+      run: |
+        git config --local user.email "action@github.com"
+        git config --local user.name "Github Actions bot to update .env with latest tags"
+        if git diff --quiet; then
+          echo "Latest timestamp already present in .env file, no changes to commit"
+        else
+          git add .env
+          git commit -m "Updated docker image tags in .env file to the latest timestamp"
+          git push origin 
+        fi
+
     - name: Create a text file
       run: |
         echo ${{ steps.date.outputs.date }} > tag_file.txt
@@ -56,9 +80,6 @@ jobs:
     needs: build
     runs-on: ubuntu-latest
 
-    env:
-      DOCKER_IMAGE_TAG: ${{ needs.build.outputs.date }}
-
     strategy:
       matrix:
         include:
@@ -71,7 +92,6 @@ jobs:
     - uses: actions/checkout@v4
 
     - name: Trigger workflow in admin-dash, public-dash
-      # TODO: Create Fine-grained token with "Actions: write" permissions 
       run: |
         curl -L \
           -X POST \
@@ -79,4 +99,4 @@ jobs:
           -H "Authorization: Bearer ${{ secrets.GH_FG_PAT_TAGS }}" \
           -H "X-GitHub-Api-Version: 2022-11-28" \
           https://api.github.com/repos/${{ matrix.repo }}/actions/workflows/image_build_push.yml/dispatches \
-          -d '{"ref":"${{ matrix.branch }}", "inputs": {"docker_image_tag" : "${{ env.DOCKER_IMAGE_TAG }}"}}'
+          -d '{"ref":"${{ matrix.branch }}"}'

From c1917c4118811bed9439996cdf223b6cba3b300d Mon Sep 17 00:00:00 2001
From: "Mahadik, Mukul Chandrakant" <MukulChandrakant.Mahadik@nrel.gov>
Date: Fri, 20 Sep 2024 21:44:11 -0700
Subject: [PATCH 3/5] Task A-7: Removed certificates from external Dockerfile;
 added internally

Refer to issue comment for details:
Task A-7: https://github.com/e-mission/e-mission-docs/issues/1082#issuecomment-2364315699

The certificates are relevant to our internal AWS configuration and not needed externally.
They can be present externally too without having any major effect.
But removing them helps keeping the base image clean.
Additionally, anyone working with the code can customize with their own certificates if needed or adopt an approach which doesn't even need certificates in the first place.
---
 Dockerfile | 2 --
 1 file changed, 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index fcea642fd..04dba77f0 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -3,8 +3,6 @@ FROM ubuntu:jammy-20240227
 
 MAINTAINER K. Shankari (shankari@eecs.berkeley.edu)
 
-ADD https://truststore.pki.rds.amazonaws.com/global/global-bundle.pem /etc/ssl/certs/
-
 WORKDIR /usr/src/app
 
 RUN apt-get -y -qq update

From f2f344c452c9158f748c7dc6ae058901cc091600 Mon Sep 17 00:00:00 2001
From: "Mahadik, Mukul Chandrakant" <MukulChandrakant.Mahadik@nrel.gov>
Date: Fri, 20 Sep 2024 21:59:24 -0700
Subject: [PATCH 4/5] Task A-2: Added .env file initialized with the current
 latest tag

---
 .env | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 .env

diff --git a/.env b/.env
new file mode 100644
index 000000000..b290898cf
--- /dev/null
+++ b/.env
@@ -0,0 +1 @@
+SERVER_IMAGE_TAG=2024-09-20--06-45

From 3a01028463accf790567d7ab55b70a51becd2f77 Mon Sep 17 00:00:00 2001
From: "Mahadik, Mukul Chandrakant" <MukulChandrakant.Mahadik@nrel.gov>
Date: Mon, 23 Sep 2024 14:39:54 -0700
Subject: [PATCH 5/5] Task A-2: Removed artifact upload ; internal script
 updated

Internal script updated as well.
Internal PR must be merged as well once these external PR changes merged.
---
 .github/workflows/image_build_push.yml | 12 ------------
 1 file changed, 12 deletions(-)

diff --git a/.github/workflows/image_build_push.yml b/.github/workflows/image_build_push.yml
index 4f22ab7f0..1afab6fca 100644
--- a/.github/workflows/image_build_push.yml
+++ b/.github/workflows/image_build_push.yml
@@ -64,18 +64,6 @@ jobs:
           git push origin 
         fi
 
-    - name: Create a text file
-      run: |
-        echo ${{ steps.date.outputs.date }} > tag_file.txt
-        echo "Created tag text file"
-
-    - name: Upload Artifact
-      uses: actions/upload-artifact@v4
-      with:
-        name: docker-image-tag
-        path: tag_file.txt
-        overwrite: true
-
   dispatch:
     needs: build
     runs-on: ubuntu-latest