From 19a18f2bd7e7fd5ce8babffb25bbed71e29249e8 Mon Sep 17 00:00:00 2001
From: Salah Aldeen Al Saleh <sg.alsaleh@gmail.com>
Date: Tue, 12 Dec 2023 16:33:35 +0000
Subject: [PATCH 1/2] Build kotsadm-migrations image with apko

---
 .../action.yml                                | 62 +++++++++++++++++++
 .github/workflows/build-test.yaml             | 18 ++----
 migrations/deploy/apko.yaml.tmpl              | 36 +++++++++++
 migrations/deploy/melange.yaml.tmpl           | 30 +++++++++
 4 files changed, 132 insertions(+), 14 deletions(-)
 create mode 100644 .github/actions/build-push-kotsadm-migrations-image/action.yml
 create mode 100644 migrations/deploy/apko.yaml.tmpl
 create mode 100644 migrations/deploy/melange.yaml.tmpl

diff --git a/.github/actions/build-push-kotsadm-migrations-image/action.yml b/.github/actions/build-push-kotsadm-migrations-image/action.yml
new file mode 100644
index 0000000000..ca7a419c25
--- /dev/null
+++ b/.github/actions/build-push-kotsadm-migrations-image/action.yml
@@ -0,0 +1,62 @@
+name: 'Build and push kurl-proxy image'
+description: 'Composite action for building and pushing kurl-proxy image'
+inputs:
+  image-name:
+    description: 'Full destination kurl-proxy image name'
+    required: true
+
+  git-tag:
+    description: 'Git tag'
+    required: true
+
+  registry-username:
+    description: 'Username to login to registry'
+    default: ''
+    required: false
+
+  registry-password:
+    description: 'Password to login to registry'
+    default: ''
+    required: false
+
+runs:
+  using: "composite"
+  steps:
+    - name: load environment variables from .image.env
+      uses: falti/dotenv-action@v1
+      id: dotenv
+      with:
+        path: .image.env
+
+    - uses: shrink/actions-docker-extract@v3
+      with:
+        image: schemahero/schemahero:${{ steps.dotenv.outputs.SCHEMAHERO_TAG }}
+        path: /schemahero
+        destination: .
+
+    - name: template melange and apko configs
+      shell: bash
+      run: |
+        export GIT_TAG=${{ inputs.git-tag }}
+        envsubst '${GIT_TAG}' < migrations/deploy/melange.yaml.tmpl > migrations/deploy/melange.yaml
+        envsubst '${GIT_TAG}' < migrations/deploy/apko.yaml.tmpl > migrations/deploy/apko.yaml
+
+    - id: cache-dir
+      shell: bash
+      run: echo "cache_dir=$(go env GOMODCACHE)" >> "$GITHUB_OUTPUT"
+
+    - uses: chainguard-dev/actions/melange-build@main
+      with:
+        config: migrations/deploy/melange.yaml
+        archs: x86_64
+        sign-with-temporary-key: true
+        cache-dir: ${{ steps.cache-dir.outputs.cache_dir }}
+
+    - uses: chainguard-images/actions/apko-publish@main
+      with:
+        config: migrations/deploy/apko.yaml
+        archs: x86_64
+        tag: ${{ inputs.image-name }}
+        vcs-url: true
+        generic-user: ${{ inputs.registry-username }}
+        generic-pass: ${{ inputs.registry-password }}
diff --git a/.github/workflows/build-test.yaml b/.github/workflows/build-test.yaml
index 17074b7728..d1ac754246 100644
--- a/.github/workflows/build-test.yaml
+++ b/.github/workflows/build-test.yaml
@@ -383,7 +383,7 @@ jobs:
 
   build-migrations:
     runs-on: ubuntu-20.04
-    needs: [ can-run-ci ]
+    needs: [ can-run-ci, generate-tag ]
     steps:
       - name: setup env
         run: |
@@ -399,20 +399,10 @@ jobs:
           ref: ${{github.event.pull_request.head.ref}}
           repository: ${{github.event.pull_request.head.repo.full_name}}
 
-      - name: load environment variables from .image.env
-        uses: falti/dotenv-action@v1
-        id: dotenv
+      - uses: ./.github/actions/build-push-kotsadm-migrations-image
         with:
-          path: .image.env
-
-      - name: build and push migrations for e2e
-        uses: docker/build-push-action@v5
-        with:
-          tags: ttl.sh/automated-${{ github.run_id }}/kotsadm-migrations:24h
-          context: ./migrations
-          file: ./migrations/deploy/Dockerfile
-          push: true
-          build-args: SCHEMAHERO_TAG=${{ steps.dotenv.outputs.schemahero_tag }}
+          image-name: ttl.sh/automated-${{ github.run_id }}/kotsadm-migrations:24h
+          git-tag: ${{ needs.generate-tag.outputs.tag }}
 
 
   push-minio:
diff --git a/migrations/deploy/apko.yaml.tmpl b/migrations/deploy/apko.yaml.tmpl
new file mode 100644
index 0000000000..fb1796b3b3
--- /dev/null
+++ b/migrations/deploy/apko.yaml.tmpl
@@ -0,0 +1,36 @@
+contents:
+  repositories:
+    - https://packages.wolfi.dev/os
+    - ./packages/
+  keyring:
+    - https://packages.wolfi.dev/os/wolfi-signing.rsa.pub
+    - ./melange.rsa.pub
+  packages:
+    - kotsadm-migrations-head  # This is expected to be built locally by `melange`.
+    - bash
+    - busybox
+    - curl
+    - git
+    - wolfi-baselayout
+
+accounts:
+  groups:
+    - groupname: schemahero
+      gid: 1001
+  users:
+    - username: schemahero
+      uid: 1001
+      gid: 1001
+  run-as: schemahero
+
+environment:
+  VERSION: ${GIT_TAG}
+
+entrypoint:
+  command: /schemahero
+
+cmd: apply
+
+archs:
+  - x86_64
+  - aarch64
diff --git a/migrations/deploy/melange.yaml.tmpl b/migrations/deploy/melange.yaml.tmpl
new file mode 100644
index 0000000000..5f2897b2cb
--- /dev/null
+++ b/migrations/deploy/melange.yaml.tmpl
@@ -0,0 +1,30 @@
+package:
+  name: kotsadm-migrations-head
+  version: ${GIT_TAG}
+  epoch: 0
+  description: kotsadm-migrations package
+  copyright:
+    - license: Apache-2.0
+
+environment:
+  contents:
+    repositories:
+      - https://packages.wolfi.dev/os
+    keyring:
+      - https://packages.wolfi.dev/os/wolfi-signing.rsa.pub
+    packages:
+      - ca-certificates-bundle
+      - busybox
+      - git
+      - go
+  environment:
+    GOMODCACHE: '/var/cache/melange'
+
+pipeline:
+  - runs: |
+      set -x
+      export DESTDIR="${{targets.destdir}}"
+      mkdir -p "${DESTDIR}"
+
+      # expected to have already beeen extracted from the schemahero image
+      mv schemahero "${DESTDIR}/schemahero"

From 4de09bc287f5a84f161c3ad00cf9f54d2ca1cb87 Mon Sep 17 00:00:00 2001
From: Salah Aldeen Al Saleh <sg.alsaleh@gmail.com>
Date: Tue, 12 Dec 2023 16:39:34 +0000
Subject: [PATCH 2/2] updates

---
 .../actions/build-push-kotsadm-migrations-image/action.yml    | 2 +-
 migrations/deploy/melange.yaml.tmpl                           | 4 +++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/.github/actions/build-push-kotsadm-migrations-image/action.yml b/.github/actions/build-push-kotsadm-migrations-image/action.yml
index ca7a419c25..a0f80311c9 100644
--- a/.github/actions/build-push-kotsadm-migrations-image/action.yml
+++ b/.github/actions/build-push-kotsadm-migrations-image/action.yml
@@ -32,7 +32,7 @@ runs:
       with:
         image: schemahero/schemahero:${{ steps.dotenv.outputs.SCHEMAHERO_TAG }}
         path: /schemahero
-        destination: .
+        destination: migrations
 
     - name: template melange and apko configs
       shell: bash
diff --git a/migrations/deploy/melange.yaml.tmpl b/migrations/deploy/melange.yaml.tmpl
index 5f2897b2cb..6ed4ad5a30 100644
--- a/migrations/deploy/melange.yaml.tmpl
+++ b/migrations/deploy/melange.yaml.tmpl
@@ -26,5 +26,7 @@ pipeline:
       export DESTDIR="${{targets.destdir}}"
       mkdir -p "${DESTDIR}"
 
+      mv migrations/tables "${DESTDIR}/tables"
+
       # expected to have already beeen extracted from the schemahero image
-      mv schemahero "${DESTDIR}/schemahero"
+      mv migrations/schemahero "${DESTDIR}/schemahero"