.github/workflows/oci-make.yaml

# https://github.com/marketplace/actions/build-and-push-docker-images
name: OCI (make)
on:
  push:
    branches:
      - fast-oci
    paths-ignore:
      - '.github/workflows/secondary-umbrella.yaml'
      - '.github/workflows/update-elixir-patches.yaml'
      - '.github/workflows/update-otp-patches.yaml'
      - '.github/workflows/release-alphas.yaml'
      - '*.md'
  workflow_dispatch:
env:
  REGISTRY_IMAGE: pivotalrabbitmq/rabbitmq-test
concurrency:
  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
  cancel-in-progress: true
jobs:
  build-package-generic-unix:
    strategy:
      matrix:
        otp_version: [26, 27]
    runs-on: ubuntu-latest
    outputs:
      authorized: ${{ steps.authorized.outputs.authorized }}
    steps:
      - name: CHECK IF IMAGE WILL PUSH
        id: authorized
        run: |
          if [ -n "${{ secrets.DOCKERHUB_PASSWORD }}" ]; then
            echo "authorized=true" | tee -a $GITHUB_OUTPUT
          else
            echo "authorized=false" | tee -a $GITHUB_OUTPUT
          fi
      - name: Checkout
        if: steps.authorized.outputs.authorized == 'true'
        uses: actions/checkout@v4
      - name: Configure Erlang
        if: steps.authorized.outputs.authorized == 'true'
        uses: erlef/setup-beam@v1
        with:
          otp-version: ${{ matrix.otp_version }}
          elixir-version: latest
      - name: make package-generic-unix
        if: steps.authorized.outputs.authorized == 'true'
        run: |
          make package-generic-unix PROJECT_VERSION=4.1.0-alpha.1
      - name: Upload package-generic-unix
        if: steps.authorized.outputs.authorized == 'true'
        uses: actions/upload-artifact@v4
        with:
          name: package-generic-unix-otp${{ matrix.otp_version }}
          path: PACKAGES/rabbitmq-server-*.tar.xz

  build-and-push:
    strategy:
      fail-fast: false
      matrix:
        otp_version: [26, 27]
    needs: build-package-generic-unix
    runs-on: ubuntu-latest
    if: ${{ needs.build-package-generic-unix.outputs.authorized }} == 'true'
    steps:
      - name: Checkout
        uses: actions/checkout@v4
      - name: Download package-generic-unix
        uses: actions/download-artifact@v4
        with:
          name: package-generic-unix-otp${{ matrix.otp_version }}
          path: PACKAGES
      - name: Rename package-generic-unix
        run: |
          cp \
            PACKAGES/rabbitmq-server-generic-unix-*.tar.xz \
            packaging/docker-image/package-generic-unix.tar.xz
      - name: Docker meta
        id: meta
        uses: docker/metadata-action@v5
        with:
          images: ${{ env.REGISTRY_IMAGE }}
          flavor: |
            suffix=-otp${{ matrix.otp_version }}
          tags: |
            type=ref,event=branch
            type=ref,event=pr
            type=sha,format=long
      - name: Set up QEMU
        uses: docker/setup-qemu-action@v3
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
      - name: Login to Docker Hub
        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_PASSWORD }}
      - name: Build and push by digest
        id: build
        uses: docker/build-push-action@v6
        with:
          push: true
          context: packaging/docker-image
          platforms: linux/amd64, linux/arm64
          #labels: ${{ steps.meta.outputs.labels }}
          tags: ${{ steps.meta.outputs.tags }}
          #tags: pivotalrabbitmq/rabbitmq-test:otp${{ matrix.otp_version }}
          cache-to: type=gha
          cache-from: type=gha
          #outputs: type=image,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true,push=true
          build-args:
            OTP_VERSION=${{ matrix.otp_version }}

  # merge:
  #   needs:
  #     - build
  #   runs-on: ubuntu-latest
  #   if: ${{ needs.build-package-generic-unix.outputs.authorized }} == 'true'
  #   steps:
  #     - name: Download digests
  #       uses: actions/download-artifact@v4
  #       with:
  #         path: /tmp/digests
  #         pattern: digests-*
  #         merge-multiple: true
  #     - name: Set up Docker Buildx
  #       uses: docker/setup-buildx-action@v3
  #     - name: Docker meta
  #       id: meta
  #       uses: docker/metadata-action@v5
  #       with:
  #         images: ${{ env.REGISTRY_IMAGE }}
  #         tags: |
  #           type=ref,event=branch
  #           type=ref,event=pr
  #           type=sha,format=long
  #     - name: Login to Docker Hub
  #       uses: docker/login-action@v3
  #       with:
  #         username: ${{ secrets.DOCKERHUB_USERNAME }}
  #         password: ${{ secrets.DOCKERHUB_PASSWORD }}
  #     - name: Create manifest list and push
  #       working-directory: /tmp/digests
  #       run: |
  #         docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
  #           $(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *)
  #     - name: Inspect image
  #       run: |
  #         docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:${{ steps.meta.outputs.version }}