feat: add reusable-go-docker-apps-ecr-legacy

a workflow to hide complexity of existing manual
implementations for multiple parallel builds, that
auto-discover endpoints.

.github/workflows/reusable-go-docker-apps-ecr-legacy.yml

@@ -0,0 +1,110 @@
+name: Go Docker apps ECR legacy
+on:
+  workflow_call:
+    inputs:
+      folder:
+        type: string
+        default: ./cmd
+        description: |
+          the folder to discover entrypoints to build
+      exclude:
+        type: string
+        default: '\?\?\?'
+        description: |
+          a regex string to match what package names to not include in building
+      dockerfile-template-path:
+        type: string
+        default: ./Dockerfile.tmplate
+        description: |
+          the path to the dockerfile to append CMD to
+      setup:
+        type: string
+        description: |
+          shell commands to setup the environment, such as installing dependencies
+      extra-build-args:
+        type: string
+        description: |
+          multi-lined input for build-args
+      test:
+        type: boolean
+        default: true
+        description: |
+          whether to enable built-in test
+jobs:
+  prepare:
+    runs-on: ubuntu-latest
+    outputs:
+      git-rev: ${{ steps.git-rev.outputs.git-rev }}
+      matrix: ${{ steps.set.outputs.matrix }}
+    steps:
+      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+      - uses: GeoNet/yq@bbe305500687a5fe8498d74883c17f0f06431ac4 # master
+      - id: git-rev
+        env:
+          GIT_SHA: ${{ github.sha }}
+        run: |
+          echo "git-rev=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
+      - id: set
+        env:
+          FOLDER: ${{ inputs.folder }}
+          EXCLUDE: ${{ inputs.exclude }}
+        run: |
+          echo "matrix=$(find $FOLDER -mindepth 1 -maxdepth 1 -type d | grep -Ewv "$EXCLUDE" - | xargs -n 1 basename | xargs | yq 'split(" ")|.[]|{"target":.,"folder":env(FOLDER)+"/"+.}' -ojson | jq -rcM -s '{"include":.}')" >> $GITHUB_OUTPUT
+      - name: check output
+        run: |
+          jq . <<< '${{ steps.set.outputs.matrix }}'
+  build:
+    needs: prepare
+    strategy:
+      matrix: ${{ fromJSON(needs.prepare.outputs.matrix) }}
+    uses: GeoNet/Actions/.github/workflows/reusable-docker-build.yml@main
+    with:
+      setup: |
+        # this is an anti-pattern
+        mkdir -p "${{ fromJSON(toJSON(matrix)).folder }}/assets"
+        DOCKERFILE="${{ fromJSON(toJSON(matrix)).folder }}/${{ fromJSON(toJSON(matrix)).target }}.Dockerfile"
+        if [ -f "${{ fromJSON(toJSON(matrix)).folder }}/Dockerfile" ]; then
+          echo "using existing"
+          cp "${{ fromJSON(toJSON(matrix)).folder }}/Dockerfile" "$DOCKERFILE"
+        else
+          echo "copy-editing template"
+          cp ${{ inputs.dockerfile-template-path }} "$DOCKERFILE"
+          cat << EOF >> "$DOCKERFILE"
+        CMD ["${{ fromJSON(toJSON(matrix)).target }}"]
+        EOF
+        fi
+      context: .
+      buildArgs: |
+        BUILD=${{ fromJSON(toJSON(matrix)).target }}
+        VERSION=git-${{ needs.prepare.outputs.git-rev }}
+        ASSET_DIR=${{ fromJSON(toJSON(matrix)).folder }}/assets
+        GIT_COMMIT_SHA=${{ needs.prepare.outputs.git-rev }}
+        ${{ inputs.extra-build-args }}
+      dockerfile: ${{ fromJSON(toJSON(matrix)).folder }}/${{ fromJSON(toJSON(matrix)).target }}.Dockerfile
+      imageName: ${{ fromJSON(toJSON(matrix)).target }}
+      platforms: linux/amd64
+      push: ${{ github.ref == 'refs/heads/main' }}
+      tags: latest,git-${{ needs.prepare.outputs.git-rev }}
+      registryOverride: 862640294325.dkr.ecr.ap-southeast-2.amazonaws.com
+      aws-region: ap-southeast-2
+      aws-role-arn-to-assume: arn:aws:iam::862640294325:role/github-actions-geonet-ecr-push
+      aws-role-duration-seconds: "3600"
+  go-build:
+    if: ${{ contains(fromJSON('["workflow_call", "push", "pull_request"]'), github.event_name) && startsWith(github.repository, 'GeoNet/') != false }}
+    uses: GeoNet/Actions/.github/workflows/reusable-go-build-smoke-test.yml@main
+    with:
+      paths: ${{ inputs.paths }}
+      setup: ${{ inputs.setup }}
+  gofmt:
+    if: ${{ contains(fromJSON('["workflow_call", "push", "pull_request"]'), github.event_name) && startsWith(github.repository, 'GeoNet/') != false }}
+    uses: GeoNet/Actions/.github/workflows/reusable-gofmt.yml@main
+  golangci-lint:
+    if: ${{ contains(fromJSON('["workflow_call", "push", "pull_request"]'), github.event_name) && startsWith(github.repository, 'GeoNet/') != false }}
+    uses: GeoNet/Actions/.github/workflows/reusable-golangci-lint.yml@main
+    with:
+      setup: ${{ inputs.setup }}
+  go-test:
+    if: ${{ contains(fromJSON('["workflow_call", "push", "pull_request"]'), github.event_name) && startsWith(github.repository, 'GeoNet/') != false && inputs.test == true }}
+    uses: GeoNet/Actions/.github/workflows/reusable-go-test.yml@main
+    with:
+      setup: ${{ inputs.setup }}

.github/workflows/test-reusable-docker-build.yml

@@ -59,7 +59,7 @@ jobs:
       push: ${{ github.ref != 'refs/heads/main' }}
       test: |
         date
-        crane append ghcr.io/geonet/actions/t1-use-test-${{ github.sha }}-success --new_tag --new_layer <(tar cvf $(mktemp))
+        crane append --new_tag ghcr.io/geonet/actions/t1-use-test-${{ github.sha }}-success:latest --new_layer <(tar cvf - $(mktemp -d))
   t1-use-test-check:
     needs: t1-use-test
     runs-on: ubuntu-latest
@@ -74,6 +74,7 @@ jobs:
         run: |
           crane manifest $IMAGE
           crane manifest $IMAGE | jq -r '.manifests[] | select(.annotations."vnd.docker.reference.type" != "attestation-manifest") | .platform.architecture' | xargs | grep -E '^amd64'
+          crane manifest ghcr.io/geonet/actions/t1-use-test-${{ github.sha }}-success
           gh api -X DELETE /orgs/GeoNet/packages/container/actions%2Ftestimage-t1-use-test || true
           gh api -X DELETE /orgs/GeoNet/packages/container/actions%2Ftestimage-t1-use-test-${{ github.sha }}-success || true
   t2-artifact-pull-prepare:

README.md

@@ -20,6 +20,7 @@
     - [Presubmit commit policy conformance](#presubmit-commit-policy-conformance)
     - [Go container apps](#go-container-apps)
     - [Go apps](#go-apps)
+  - [Go Docker apps ECR legacy](#go-docker-apps-ecr-legacy)
     - [Bash shellcheck](#bash-shellcheck)
     - [Presubmit README table of contents](#presubmit-readme-table-of-contents)
     - [Presubmit GitHub Actions workflow validator](#presubmit-github-actions-workflow-validator)
@@ -852,6 +853,55 @@ jobs:
 
 for configuration see [`on.workflow_call.inputs` in .github/workflows/reusable-go-container-apps.yml](.github/workflows/reusable-go-container-apps.yml).
 
+## Go Docker apps ECR legacy
+
+A workflow to hide the complexity of current multi-image build workflows.
+
+This workflow
+
+- discovers entrypoints from a directory
+- templates a Dockerfile by appending a CMD statement
+- pushes to ECR
+- includes
+  - go-build
+  - gofmt
+  - golangci-lint
+  - go-test
+
+and is intended as an intermediary step between manual 
+implementations of this workflow and Go container apps,
+it also continues the pattern of replicating the previous Travis behaviours.
+
+```yaml
+name: go docker apps ecr legacy
+
+on:
+  push:
+    branches:
+      - main
+  pull_request: {}
+  workflow_dispatch: {}
+
+permissions:
+  actions: read
+  packages: write
+  contents: write
+  id-token: write
+
+jobs:
+  go-docker-apps-ecr-legacy:
+    uses: GeoNet/Actions/.github/workflows/reusable-go-docker-apps-ecr-legacy.yml@main
+    # with:
+    #   folder: ./cmd
+    #   exclude: ^my-app|this-one$
+    #   dockerfile-template-path: ./template.Dockerfile
+    #   setup: |
+    #     sudo apt install -y something-needed-for-build
+    #   extra-build-args: |
+    #     SOMETHING=cool
+    #   test: true
+```
+
 ### Bash shellcheck
 
 STATUS: stable