From d19633d33dd074cb0270d9b2877a170cd4532d3c Mon Sep 17 00:00:00 2001
From: Anton Novojilov <andy@essentialkaos.com>
Date: Wed, 25 Sep 2024 01:35:51 +0300
Subject: [PATCH] Improve CI workflow

---
 .docker/alpine.docker                         |  4 +-
 .../{docker-push.yml => cd-release.yml}       | 12 ++--
 .github/workflows/ci-pr.yml                   | 69 ++++++++++++++++++
 .github/workflows/ci-push.yml                 | 26 +++++++
 .github/workflows/ci.yml                      | 72 +------------------
 5 files changed, 103 insertions(+), 80 deletions(-)
 rename .github/workflows/{docker-push.yml => cd-release.yml} (96%)
 create mode 100644 .github/workflows/ci-pr.yml
 create mode 100644 .github/workflows/ci-push.yml

diff --git a/.docker/alpine.docker b/.docker/alpine.docker
index 11f8094..356c81e 100644
--- a/.docker/alpine.docker
+++ b/.docker/alpine.docker
@@ -4,7 +4,7 @@ ARG REGISTRY="docker.io"
 
 ## BUILDER #####################################################################
 
-FROM golang:alpine3.17 as builder
+FROM golang:alpine3.20 as builder
 
 WORKDIR /go/src/github.com/essentialkaos/rsz
 
@@ -15,7 +15,7 @@ RUN apk add --no-cache git make && make deps && make all
 
 ## FINAL IMAGE #################################################################
 
-FROM ${REGISTRY}/essentialkaos/alpine:3.17
+FROM ${REGISTRY}/essentialkaos/alpine:3.20
 
 LABEL org.opencontainers.image.title="rsz" \
       org.opencontainers.image.description="Simple utility for image resizing" \
diff --git a/.github/workflows/docker-push.yml b/.github/workflows/cd-release.yml
similarity index 96%
rename from .github/workflows/docker-push.yml
rename to .github/workflows/cd-release.yml
index 5980e6b..43539a0 100644
--- a/.github/workflows/docker-push.yml
+++ b/.github/workflows/cd-release.yml
@@ -1,4 +1,4 @@
-name: "Docker Push"
+name: CD (Release)
 
 on:
   release:
@@ -19,15 +19,13 @@ permissions:
 
 env:
   IMAGE_NAME: ${{ github.repository }}
+  DOCKER_FILE: alpine
 
 jobs:
-  Docker:
-    name: Docker Build & Publish
+  BuildImage:
+    name: Image Build & Publish
     runs-on: ubuntu-latest
 
-    env:
-      DOCKER_FILE: alpine
-
     steps:
       - name: Checkout
         uses: actions/checkout@v4
@@ -92,7 +90,7 @@ jobs:
       - name: Check if build/rebuild is required
         id: build_check
         run: |
-          if [[ "${{github.event_name}}" == "release" ]] ; then
+          if [[ "$GITHUB_EVENT_NAME" == "release" ]] ; then
             echo "build=true" >> $GITHUB_OUTPUT
             exit 0
           fi
diff --git a/.github/workflows/ci-pr.yml b/.github/workflows/ci-pr.yml
new file mode 100644
index 0000000..0624c2f
--- /dev/null
+++ b/.github/workflows/ci-pr.yml
@@ -0,0 +1,69 @@
+name: CI (PR)
+
+on:
+  pull_request:
+    branches: [master]
+  workflow_dispatch:
+    inputs:
+      force_run:
+        description: 'Force workflow run'
+        required: true
+        type: choice
+        options: [yes, no]
+
+permissions:
+  actions: read
+  contents: read
+  statuses: write
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  CI:
+    uses: ./.github/workflows/ci.yml
+    secrets: inherit
+
+  ImageBuild:
+    name: Container Image Build Check
+    runs-on: ubuntu-latest
+
+    needs: CI
+
+    env:
+      REGISTRY: ghcr.io
+
+    strategy:
+      matrix:
+        image: [ 'alpine' ]
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Login to DockerHub
+        uses: docker/login-action@v3
+        env:
+          DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
+        if: ${{ env.DOCKERHUB_USERNAME != '' }}
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build Docker image
+        run: |
+          docker build --build-arg REGISTRY=${REGISTRY} -f .docker/${{matrix.image}}.docker -t ${{matrix.image}} .
+
+      - name: Show info about built Docker image
+        uses: essentialkaos/docker-info-action@v1
+        with:
+          image: ${{matrix.image}}
+          show-labels: true
diff --git a/.github/workflows/ci-push.yml b/.github/workflows/ci-push.yml
new file mode 100644
index 0000000..04d2363
--- /dev/null
+++ b/.github/workflows/ci-push.yml
@@ -0,0 +1,26 @@
+name: CI (Push)
+
+on:
+  push:
+    branches: [master, develop]
+  workflow_dispatch:
+    inputs:
+      force_run:
+        description: 'Force workflow run'
+        required: true
+        type: choice
+        options: [yes, no]
+
+permissions:
+  actions: read
+  contents: read
+  statuses: write
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  CI:
+    uses: ./.github/workflows/ci.yml
+    secrets: inherit
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index b1b9cb8..0db8855 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -1,27 +1,13 @@
 name: CI
 
 on:
-  push:
-    branches: [master, develop]
-  pull_request:
-    branches: [master]
-  workflow_dispatch:
-    inputs:
-      force_run:
-        description: 'Force workflow run'
-        required: true
-        type: choice
-        options: [yes, no]
+  workflow_call:
 
 permissions:
   actions: read
   contents: read
   statuses: write
 
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: true
-
 jobs:
   Go:
     name: Go
@@ -74,59 +60,3 @@ jobs:
       - name: Check spelling
         continue-on-error: true
         uses: crate-ci/typos@master
-
-  DockerBuild:
-    name: Docker Build Check
-    runs-on: ubuntu-latest
-
-    needs: Hadolint
-
-    env:
-      REGISTRY: ghcr.io
-
-    strategy:
-      matrix:
-        image: [ 'alpine' ]
-
-    steps:
-      - name: Check event type
-        run: |
-          if [[ "${{github.event_name}}" != "pull_request" ]] ; then
-            echo "::notice::Event type is not 'pull_request', all job actions will be skipped"
-          fi
-
-          # This step is a hack for needs+if issue with actions
-          # More info about issue: https://github.com/actions/runner/issues/491
-
-      - name: Checkout
-        uses: actions/checkout@v4
-        if: ${{ github.event_name == 'pull_request' }}
-
-      - name: Login to DockerHub
-        uses: docker/login-action@v3
-        env:
-          DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
-        if: ${{ github.event_name == 'pull_request' && env.DOCKERHUB_USERNAME != '' }}
-        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v3
-        if: ${{ github.event_name == 'pull_request' }}
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Build Docker image
-        if: ${{ github.event_name == 'pull_request' }}
-        run: |
-          docker build --build-arg REGISTRY=${REGISTRY} -f .docker/${{matrix.image}}.docker -t ${{matrix.image}} .
-
-      - name: Show info about built Docker image
-        uses: essentialkaos/docker-info-action@v1
-        if: ${{ github.event_name == 'pull_request' }}
-        with:
-          image: ${{matrix.image}}
-          show-labels: true