From ff8b914815f5cd71558ff6715d1a10decfbc8af5 Mon Sep 17 00:00:00 2001
From: Jason Greathouse <jgreat@jgreat.me>
Date: Wed, 13 Nov 2024 12:44:49 -0600
Subject: [PATCH] add docker raw output and docker merge for distrubted
 multi-arch builds

---
 docker-merge-digests/action.yaml | 71 ++++++++++++++++++++++++++++++++
 docker/action.yaml               | 19 ++++++---
 short-sha/action.yaml            | 16 +++++++
 3 files changed, 101 insertions(+), 5 deletions(-)
 create mode 100644 docker-merge-digests/action.yaml
 create mode 100644 short-sha/action.yaml

diff --git a/docker-merge-digests/action.yaml b/docker-merge-digests/action.yaml
new file mode 100644
index 0000000..1b92a0a
--- /dev/null
+++ b/docker-merge-digests/action.yaml
@@ -0,0 +1,71 @@
+name: Mobilecoin Docker
+description: Standardized docker build and publish actions
+
+inputs:
+  digest_artifact_prefix:
+    description: Prefix for the artifact names to restore
+    required: false
+    default: ""
+  flavor:
+    description: New line separated list of docker meta flavor options
+    required: false
+    default: "latest=false"
+  images:
+    description: URL/Path to docker image registry
+    default: ""
+    required: false
+  tags:
+    description: New line separated list of tags for the docker image
+    required: false
+    default: ""
+  username:
+    description: docker registry user
+    default: ""
+    required: false
+  password:
+    description: docker registry password
+    default: ""
+    required: false
+
+outputs:
+  tags:
+    description: docker/meta-action tags
+    value: ${{ steps.docker_meta.output.tags }}
+
+runs:
+  using: composite
+  steps:
+  - name: Download digests
+    uses: mobilecoinofficial/gh-actions/download-artifact@v0
+    with:
+      path: /tmp/digests
+      pattern: ${{ inputs.digest_artifact_prefix }}*
+      merge-multiple: true
+
+  - name: Set up Docker Buildx
+    uses: docker/setup-buildx-action@v3
+
+  - name: Generate Docker Tags
+    id: docker_meta
+    uses: docker/metadata-action@v5
+    with:
+      flavor: ${{ inputs.flavor }}
+      images: ${{ inputs.images }}
+      tags: ${{ inputs.tags }}
+
+  - name: Login to DockerHub
+    if: inputs.username && inputs.password
+    uses: docker/login-action@v3
+    with:
+      username: ${{ inputs.username }}
+      password: ${{ inputs.password }}
+
+  - name: Create manifest list and push
+    shell: bash
+    working-directory: /tmp/digests
+    run: |
+      # Grab the tags from metadata-action ENV with jq
+      # Gather all the digests for the images pushed (names of empty files stored as artifacts)
+      # Push a manifest (tag) with all the digests to dockerhub
+      docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
+        $(printf '${{ inputs.images }}@sha256:%s ' *)
diff --git a/docker/action.yaml b/docker/action.yaml
index 9a440c9..bb04031 100644
--- a/docker/action.yaml
+++ b/docker/action.yaml
@@ -17,8 +17,7 @@ inputs:
   flavor:
     description: New line separated list of docker meta flavor options
     required: false
-    default: |
-      latest=true
+    default: "latest=false"
   platforms:
     description: comma separated list of platforms to build for linux/amd64,linux/arm64
     default: ""
@@ -36,7 +35,8 @@ inputs:
     required: false
   tags:
     description: New line separated list of tags for the docker image
-    required: true
+    required: false
+    default: ""
   target:
     description: Sets the target stage to build in Dockerfile
     required: false
@@ -49,14 +49,21 @@ inputs:
     description: docker registry password
     default: ""
     required: false
+  outputs:
+    description: override the image output methods https://docs.docker.com/build/exporters/
+    required: false
+    default: ""
 
 outputs:
   tags:
     description: docker/meta-action tags
-    value: ${{ steps.docker_meta.tags }}
+    value: ${{ steps.docker_meta.output.tags }}
   pushed:
     description: was the docker image published to the registry
     value: ${{ inputs.push }}
+  digest:
+    description: docker image digest
+    value: ${{ steps.docker_build.outputs.digest }}
 
 runs:
   using: composite
@@ -85,6 +92,7 @@ runs:
       password: ${{ inputs.password }}
 
   - name: Publish to DockerHub
+    id: docker_build
     uses: docker/build-push-action@v6
     env:
       DOCKER_BUILD_CHECKS_ANNOTATIONS: "false"
@@ -97,5 +105,6 @@ runs:
       labels: ${{ steps.docker_meta.outputs.labels }}
       platforms: ${{ inputs.platforms }}
       push: ${{ inputs.push }}
-      tags: ${{ steps.docker_meta.outputs.tags }}
+      tags: ${{ inputs.outputs == '' && steps.docker_meta.outputs.tags || '' }}
       target: ${{ inputs.target }}
+      outputs: ${{ inputs.outputs }}
diff --git a/short-sha/action.yaml b/short-sha/action.yaml
new file mode 100644
index 0000000..a4aefcc
--- /dev/null
+++ b/short-sha/action.yaml
@@ -0,0 +1,16 @@
+name: Short SHA
+description: Just spit out the short SHA (7) of the commit.
+
+outputs:
+  short_sha:
+    description: Short SHA (7) of the commit
+    value: ${{ steps.short_sha.outputs.sha }}
+
+runs:
+  using: composite
+  steps:
+  - name: Get short SHA
+    shell: bash
+    id: short_sha
+    run: |
+        echo "sha=sha-${GITHUB_SHA::7}" >> "${GITHUB_OUTPUT}"