kata-containers/.github/workflows/build-kata-static-tarball-ppc64le.yaml

name: CI | Build kata-static tarball for ppc64le
on:
  workflow_call:
    inputs:
      stage:
        required: false
        type: string
        default: test
      tarball-suffix:
        required: false
        type: string
      push-to-registry:
        required: false
        type: string
        default: no
      commit-hash:
        required: false
        type: string
      target-branch:
        required: false
        type: string
        default: ""

jobs:
  build-asset:
    runs-on: ppc64le
    strategy:
      matrix:
        asset:
          - agent
          - kernel
          - qemu
          - virtiofsd
        stage:
          - ${{ inputs.stage }}
    steps:
      - name: Prepare the self-hosted runner
        timeout-minutes: 15
        run: |
            "${HOME}/scripts/prepare_runner.sh"
            sudo rm -rf "$GITHUB_WORKSPACE"/*            

      - name: Login to Kata Containers quay.io
        if: ${{ inputs.push-to-registry == 'yes' }}
        uses: docker/login-action@v3
        with:
          registry: quay.io
          username: ${{ secrets.QUAY_DEPLOYER_USERNAME }}
          password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}

      - uses: actions/checkout@v4
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0 # This is needed in order to keep the commit ids history

      - name: Rebase atop of the latest target branch
        run: |
          ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch"          
        env:
          TARGET_BRANCH: ${{ inputs.target-branch }}

      - name: Build ${{ matrix.asset }}
        run: |
          make "${KATA_ASSET}-tarball"
          build_dir=$(readlink -f build)
          # store-artifact does not work with symlink
          mkdir -p kata-build && cp "${build_dir}"/kata-static-"${KATA_ASSET}"*.tar.* kata-build/.          
        env:
          KATA_ASSET: ${{ matrix.asset }}
          TAR_OUTPUT: ${{ matrix.asset }}.tar.gz
          PUSH_TO_REGISTRY: ${{ inputs.push-to-registry }}
          ARTEFACT_REGISTRY: ghcr.io
          ARTEFACT_REGISTRY_USERNAME: ${{ github.actor }}
          ARTEFACT_REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
          TARGET_BRANCH: ${{ inputs.target-branch }}
          RELEASE: ${{ inputs.stage == 'release' && 'yes' || 'no' }}

      - name: store-artifact ${{ matrix.asset }}
        uses: actions/upload-artifact@v4
        with:
          name: kata-artifacts-ppc64le-${{ matrix.asset }}${{ inputs.tarball-suffix }}
          path: kata-build/kata-static-${{ matrix.asset }}.tar.xz
          retention-days: 1
          if-no-files-found: error

  build-asset-rootfs:
    runs-on: ppc64le
    needs: build-asset
    strategy:
      matrix:
        asset:
          - rootfs-initrd
        stage:
          - ${{ inputs.stage }}
    steps:
      - name: Prepare the self-hosted runner
        timeout-minutes: 15
        run: |
            "${HOME}/scripts/prepare_runner.sh"
            sudo rm -rf "$GITHUB_WORKSPACE"/*            

      - name: Login to Kata Containers quay.io
        if: ${{ inputs.push-to-registry == 'yes' }}
        uses: docker/login-action@v3
        with:
          registry: quay.io
          username: ${{ secrets.QUAY_DEPLOYER_USERNAME }}
          password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}

      - uses: actions/checkout@v4
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0 # This is needed in order to keep the commit ids history

      - name: Rebase atop of the latest target branch
        run: |
          ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch"          
        env:
          TARGET_BRANCH: ${{ inputs.target-branch }}

      - name: get-artifacts
        uses: actions/download-artifact@v4
        with:
          pattern: kata-artifacts-ppc64le-*${{ inputs.tarball-suffix }}
          path: kata-artifacts
          merge-multiple: true

      - name: Build ${{ matrix.asset }}
        run: |
          ./tests/gha-adjust-to-use-prebuilt-components.sh kata-artifacts "${KATA_ASSET}"
          make "${KATA_ASSET}-tarball"
          build_dir=$(readlink -f build)
          # store-artifact does not work with symlink
          mkdir -p kata-build && cp "${build_dir}"/kata-static-"${KATA_ASSET}"*.tar.* kata-build/.          
        env:
          KATA_ASSET: ${{ matrix.asset }}
          TAR_OUTPUT: ${{ matrix.asset }}.tar.gz
          PUSH_TO_REGISTRY: ${{ inputs.push-to-registry }}
          ARTEFACT_REGISTRY: ghcr.io
          ARTEFACT_REGISTRY_USERNAME: ${{ github.actor }}
          ARTEFACT_REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
          TARGET_BRANCH: ${{ inputs.target-branch }}
          RELEASE: ${{ inputs.stage == 'release' && 'yes' || 'no' }}

      - name: store-artifact ${{ matrix.asset }}
        uses: actions/upload-artifact@v4
        with:
          name: kata-artifacts-ppc64le-${{ matrix.asset }}${{ inputs.tarball-suffix }}
          path: kata-build/kata-static-${{ matrix.asset }}.tar.xz
          retention-days: 1
          if-no-files-found: error

  # We don't need the binaries installed in the rootfs as part of the release tarball, so can delete them now we've built the rootfs
  remove-rootfs-binary-artifacts:
    runs-on: ubuntu-22.04
    needs: build-asset-rootfs
    strategy:
      matrix:
        asset:
          - agent
    steps:
      - uses: geekyeggo/delete-artifact@v5
        if: ${{ inputs.stage == 'release' }}
        with:
          name: kata-artifacts-ppc64le-${{ matrix.asset}}${{ inputs.tarball-suffix }}

  build-asset-shim-v2:
    runs-on: ppc64le
    needs: [build-asset, build-asset-rootfs, remove-rootfs-binary-artifacts]
    steps:
      - name: Prepare the self-hosted runner
        timeout-minutes: 15
        run: |
            "${HOME}/scripts/prepare_runner.sh"
            sudo rm -rf "$GITHUB_WORKSPACE"/*            

      - name: Login to Kata Containers quay.io
        if: ${{ inputs.push-to-registry == 'yes' }}
        uses: docker/login-action@v3
        with:
          registry: quay.io
          username: ${{ secrets.QUAY_DEPLOYER_USERNAME }}
          password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}

      - uses: actions/checkout@v4
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0 # This is needed in order to keep the commit ids history

      - name: Rebase atop of the latest target branch
        run: |
          ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch"          
        env:
          TARGET_BRANCH: ${{ inputs.target-branch }}

      - name: get-artifacts
        uses: actions/download-artifact@v4
        with:
          pattern: kata-artifacts-ppc64le-*${{ inputs.tarball-suffix }}
          path: kata-artifacts
          merge-multiple: true

      - name: Build shim-v2
        run: |
          ./tests/gha-adjust-to-use-prebuilt-components.sh kata-artifacts "${KATA_ASSET}"
          make "${KATA_ASSET}-tarball"
          build_dir=$(readlink -f build)
          # store-artifact does not work with symlink
          mkdir -p kata-build && cp "${build_dir}"/kata-static-"${KATA_ASSET}"*.tar.* kata-build/.          
        env:
          KATA_ASSET: shim-v2
          TAR_OUTPUT: shim-v2.tar.gz
          PUSH_TO_REGISTRY: ${{ inputs.push-to-registry }}
          ARTEFACT_REGISTRY: ghcr.io
          ARTEFACT_REGISTRY_USERNAME: ${{ github.actor }}
          ARTEFACT_REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
          TARGET_BRANCH: ${{ inputs.target-branch }}
          RELEASE: ${{ inputs.stage == 'release' && 'yes' || 'no' }}

      - name: store-artifact shim-v2
        uses: actions/upload-artifact@v4
        with:
          name: kata-artifacts-ppc64le-shim-v2${{ inputs.tarball-suffix }}
          path: kata-build/kata-static-shim-v2.tar.xz
          retention-days: 1
          if-no-files-found: error

  create-kata-tarball:
    runs-on: ppc64le
    needs: [build-asset, build-asset-rootfs, build-asset-shim-v2]
    steps:
      - name: Adjust a permission for repo
        run: |
          sudo chown -R "$USER":"$USER" "$GITHUB_WORKSPACE"          

      - uses: actions/checkout@v4
        with:
          ref: ${{ inputs.commit-hash }}
          fetch-depth: 0
      - name: Rebase atop of the latest target branch
        run: |
          ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch"          
        env:
          TARGET_BRANCH: ${{ inputs.target-branch }}
      - name: get-artifacts
        uses: actions/download-artifact@v4
        with:
          pattern: kata-artifacts-ppc64le-*${{ inputs.tarball-suffix }}
          path: kata-artifacts
          merge-multiple: true
      - name: merge-artifacts
        run: |
          ./tools/packaging/kata-deploy/local-build/kata-deploy-merge-builds.sh kata-artifacts versions.yaml          
      - name: store-artifacts
        uses: actions/upload-artifact@v4
        with:
          name: kata-static-tarball-ppc64le${{ inputs.tarball-suffix }}
          path: kata-static.tar.xz
          retention-days: 1
          if-no-files-found: error