kata-containers/.github/workflows/payload-after-push.yaml

name: CI | Publish Kata Containers payload
on:
  push:
    branches:
      - main
  workflow_dispatch:

concurrency:
  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}

jobs:
  build-assets-amd64:
    uses: ./.github/workflows/build-kata-static-tarball-amd64.yaml
    with:
      commit-hash: ${{ github.sha }}
      push-to-registry: yes
      target-branch: ${{ github.ref_name }}
    secrets: inherit

  build-assets-arm64:
    uses: ./.github/workflows/build-kata-static-tarball-arm64.yaml
    with:
      commit-hash: ${{ github.sha }}
      push-to-registry: yes
      target-branch: ${{ github.ref_name }}
    secrets: inherit

  build-assets-s390x:
    uses: ./.github/workflows/build-kata-static-tarball-s390x.yaml
    with:
      commit-hash: ${{ github.sha }}
      push-to-registry: yes
      target-branch: ${{ github.ref_name }}
    secrets: inherit

  build-assets-ppc64le:
    uses: ./.github/workflows/build-kata-static-tarball-ppc64le.yaml
    with:
      commit-hash: ${{ github.sha }}
      push-to-registry: yes
      target-branch: ${{ github.ref_name }}
    secrets: inherit

  publish-kata-deploy-payload-amd64:
    needs: build-assets-amd64
    uses: ./.github/workflows/publish-kata-deploy-payload.yaml
    with:
      commit-hash: ${{ github.sha }}
      registry: quay.io
      repo: kata-containers/kata-deploy-ci
      tag: kata-containers-latest-amd64
      target-branch: ${{ github.ref_name }}
      runner: ubuntu-22.04
      arch: amd64
    secrets: inherit

  publish-kata-deploy-payload-arm64:
    needs: build-assets-arm64
    uses: ./.github/workflows/publish-kata-deploy-payload.yaml
    with:
      commit-hash: ${{ github.sha }}
      registry: quay.io
      repo: kata-containers/kata-deploy-ci
      tag: kata-containers-latest-arm64
      target-branch: ${{ github.ref_name }}
      runner: ubuntu-22.04-arm
      arch: arm64
    secrets: inherit

  publish-kata-deploy-payload-s390x:
    needs: build-assets-s390x
    uses: ./.github/workflows/publish-kata-deploy-payload.yaml
    with:
      commit-hash: ${{ github.sha }}
      registry: quay.io
      repo: kata-containers/kata-deploy-ci
      tag: kata-containers-latest-s390x
      target-branch: ${{ github.ref_name }}
      runner: s390x
      arch: s390x
    secrets: inherit

  publish-kata-deploy-payload-ppc64le:
    needs: build-assets-ppc64le
    uses: ./.github/workflows/publish-kata-deploy-payload.yaml
    with:
      commit-hash: ${{ github.sha }}
      registry: quay.io
      repo: kata-containers/kata-deploy-ci
      tag: kata-containers-latest-ppc64le
      target-branch: ${{ github.ref_name }}
      runner: ppc64le
      arch: ppc64le
    secrets: inherit

  publish-manifest:
    runs-on: ubuntu-22.04
    needs: [publish-kata-deploy-payload-amd64, publish-kata-deploy-payload-arm64, publish-kata-deploy-payload-s390x, publish-kata-deploy-payload-ppc64le]
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4

      - name: Login to Kata Containers quay.io
        uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
        with:
          registry: quay.io
          username: ${{ secrets.QUAY_DEPLOYER_USERNAME }}
          password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}

      - name: Push multi-arch manifest
        run: |
          ./tools/packaging/release/release.sh publish-multiarch-manifest          
        env:
          KATA_DEPLOY_IMAGE_TAGS: "kata-containers-latest"
          KATA_DEPLOY_REGISTRIES: "quay.io/kata-containers/kata-deploy-ci"