.github/workflows/build.yml

---
name: Build
permissions:
  issues: write
  pull-requests: read
  contents: read

on:
  workflow_dispatch:
    inputs:
      keep_workdir:
        description: set to anything to keep around the work directory for inspection after the job finishes
        required: false
      extract_install_logs:
        description: set to anything to save anaconda logs and remove from rpm/iso
        required: false
      finalbuild:
        description: set to True for a final build
        required: true
        default: "False"
      checkiso:
        description: set to anything to verify the ISO
        required: false
  push:
    branches: [master]
  schedule:
    # Running every morning in EMEA timezone
    - cron: '0 6 * * *'

jobs:
  set-kernel:
    strategy:
      matrix:
        name: [el8, el9]
    runs-on: [image-builders, "${{ matrix.name }}"]
    steps:
      - name: mount /host/modules
        run: |
          echo "Kernel version $(uname -r)"
          mkdir -p /host/modules
          umount -f /host/modules 2>/dev/null || true
          mount --bind /lib/modules/$(uname -r) /host/modules

  build-matrix:
    timeout-minutes: 60
    strategy:
      fail-fast: false
      matrix:
        include:
          - name: el8
            container-name: el8stream
          - name: el9
            container-name: el9stream
    runs-on: [image-builders, "${{ matrix.name }}"]
    needs: set-kernel
    container:
      image: quay.io/ovirt/buildcontainer:${{ matrix.container-name }}
      volumes:
        - /host/modules:/host/modules
      options: --privileged

    steps:
      - name: Checkout
        uses: actions/checkout@v3

      - name: Build
        env:
          EXTRACT_INSTALL_LOGS: ${{ github.event.inputs.extract_install_logs }}
          FINALBUILD: ${{ github.event.inputs.finalbuild }}
          CHECK_ISO: ${{ github.event.inputs.checkiso }}
          SUPERMIN_MODULES: /host/modules
          SUPERMIN_KERNEL: /host/modules/vmlinuz
        run: ./build.sh

      - name: Upload rpm to resources.ovirt.org
        uses: ovirt/ovirt-resources-upload-action@main
        with:
          username: ${{ secrets.SSH_USERNAME_FOR_RESOURCES_OVIRT_ORG }}
          key: ${{ secrets.SSH_KEY_FOR_RESOURCES_OVIRT_ORG }}
          known_hosts: ${{ secrets.KNOWN_HOSTS_FOR_RESOURCES_OVIRT_ORG }}
          source: tmp.repos/RPMS/noarch/*.rpm
          target: github-ci/ovirt-node-ng-image/${{ matrix.name }}
          cleanup: yes
          createrepo: yes
          delete_before_upload: yes
          # keep 10 last builds + repodata
          keep_files_count: 11

      - name: Upload iso to resources.ovirt.org
        uses: ovirt/ovirt-resources-upload-action@main
        with:
          username: ${{ secrets.SSH_USERNAME_FOR_RESOURCES_OVIRT_ORG }}
          key: ${{ secrets.SSH_KEY_FOR_RESOURCES_OVIRT_ORG }}
          known_hosts: ${{ secrets.KNOWN_HOSTS_FOR_RESOURCES_OVIRT_ORG }}
          source: ovirt-node-ng-installer-*.iso
          target: github-ci/ovirt-node-ng-image
          cleanup: yes
          createrepo: no
          delete_before_upload: yes
          # keep 20 last builds
          keep_files_count: 20

      - name: Upload logs and manifests to github
        uses: actions/upload-artifact@v3
        with:
          name: "logs-and-manifests${{ matrix.name }}"
          path: |
            exported-artifacts

      - name: Clean up mount and entire workdir
        if: always()
        run: |
          umount -f /host/modules
          [[ -z "${{ github.event.inputs.keep_workdir }}" ]] && rm -rf $PWD/*

  close-build-issue-on-success:
    name: Report workflow success
    runs-on: ubuntu-latest
    needs:
      - build-matrix
    steps:
      - name: Checkout
        uses: actions/checkout@v3
      - name: Add a comment about successful job and close issue
        run: |
          set -e
          LABEL="build-failed"
          ISSUENO=$(gh issue list -l $LABEL | awk ' { print $1 } ' | head -n 1)
          if [ -n "$ISSUENO" ]; then
              MESSAGE="✅ The oVirt Node build CI job is now [successful](https://github.com/oVirt/ovirt-node-ng-image/actions/runs/${{ github.run_id }}), closing issue."
              gh issue comment "${ISSUENO}" --body "${MESSAGE}"
              gh issue close "${ISSUENO}"
          fi
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

  open-build-issue-on-failure:
    name: Report workflow failure
    runs-on: ubuntu-latest
    if: ${{ always() && (needs.build-matrix.result=='failure') }}
    needs:
      - build-matrix

    steps:
      - name: Checkout
        uses: actions/checkout@v3
      - name: Add a comment about failed job
        run: |
          set -e
          TITLE="Failed oVirt Node build job"
          LABEL="build-failed"
          ISSUENO=$(gh issue list -l $LABEL | awk ' { print $1 } ' | head -n 1)
          if [ -z "$ISSUENO" ]; then
              MESSAGE="❌ The oVirt Node build CI job failed. [Please investigate.](https://github.com/oVirt/ovirt-node-ng-image/actions/runs/${{ github.run_id }})"
              gh issue create --title "${TITLE}" --body "${MESSAGE}" --label "${LABEL}"
          else
              MESSAGE="❌ oVirt Node build CI job is still failing. [Please investigate.](https://github.com/oVirt/ovirt-node-ng-image/actions/runs/${{ github.run_id }})"
              gh issue comment "${ISSUENO}" --body "${MESSAGE}"
          fi
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}