From f3f02511061869de95e02cb5c6f014df9b58d10b Mon Sep 17 00:00:00 2001
From: Scott J Dickerson <sdickers@redhat.com>
Date: Fri, 10 May 2024 11:08:06 -0400
Subject: [PATCH] :sparkles: Test image build on Dockerfile change

If the workflow is run from a PR, and the PR includes
a change to the `Dockerfile`, then run image builds
for all of our target platforms.

The images are built but not pushed to any repository.

We want to be reasonably sure that any `Dockerfile` change
will not cause the image-build-and-push on PR merge workflow
to break.  Doing the image build here should show up most
problems much earlier.  For example, a npm version update
in the build container could break github action `nofiles`
or network access capabilities for the npm install.

In future, it may be reasonable to extend this check
to happen when other core build related changes are
made (package-lock.json, package.json).

See #1742, #1746, and #1781 for some other examples of
when this check could have caught issues before a PR
merge.

Supports: #1883

Signed-off-by: Scott J Dickerson <sdickers@redhat.com>
---
 .github/workflows/ci-Dockerfile.yml | 91 +++++++++++++++++++++++++++++
 .github/workflows/ci-repo.yml       |  7 ++-
 2 files changed, 95 insertions(+), 3 deletions(-)
 create mode 100644 .github/workflows/ci-Dockerfile.yml

diff --git a/.github/workflows/ci-Dockerfile.yml b/.github/workflows/ci-Dockerfile.yml
new file mode 100644
index 0000000000..cd664f4c7c
--- /dev/null
+++ b/.github/workflows/ci-Dockerfile.yml
@@ -0,0 +1,91 @@
+name: CI (test image build for a PR with a Dockerfile change)
+
+on:
+  pull_request:
+    branches:
+      - "main"
+      - "release-*"
+
+jobs:
+  checks:
+    runs-on: ubuntu-latest
+    outputs:
+      should-test: ${{ steps.check-dockerfile.outputs.should-test }}
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: What files changed?
+        id: changed
+        uses: tj-actions/changed-files@v44
+        with:
+          files: |
+            Dockerfile
+
+      - name: Check if the `Dockerfile` has been changed in a PR
+        id: check-dockerfile
+        env:
+          IS_PR: ${{ !!github.event.pull_request }}
+          ANY_MODIFIED: ${{ steps.changed.outputs.any_modified }}
+        run: |
+          TEST_IMAGE_BUILD=$(
+            if [[ $IS_PR == true ]] && [[ $ANY_MODIFIED == true ]]; then
+              echo "true"
+            else
+              echo "false"
+            fi
+          )
+
+          echo "is-pr=$IS_PR" >> "$GITHUB_OUTPUT"
+          echo "changed=${ANY_MODIFIED:-false}" >> "$GITHUB_OUTPUT"
+          echo "should-test=$TEST_IMAGE_BUILD" >> "$GITHUB_OUTPUT"
+
+      - name: Summarize findings
+        run: |
+          cat >> "$GITHUB_STEP_SUMMARY" <<EOF
+          ## Findings
+          PR triggered? \`${{ steps.check-dockerfile.outputs.is-pr }}\`
+          PR includes a Dockerfile change? \`${{ steps.check-dockerfile.outputs.changed }}\`
+          Should the image build be tested? \`${{ steps.check-dockerfile.outputs.should-test }}\`
+          EOF
+
+  #
+  # Based on:
+  #   - image-build.yaml
+  #   - konveyor/release-tools/.github/workflows/build-push-images.yaml@main
+  #
+  # Only test the image build, no push to quay is required.
+  #
+  test-image-build:
+    runs-on: ubuntu-latest
+    needs: checks
+    if: ${{ needs.checks.outputs.should-test == 'true' }}
+
+    strategy:
+      fail-fast: true
+      matrix:
+        architecture:
+          - amd64
+          - arm64
+
+    steps:
+      - name: Checkout merge commit for PR${{ github.event.pull_request.number }}
+        uses: actions/checkout@v4
+
+      - name: Setup QEMU to be able to build on platform ${{ matrix.architecture }}
+        if: ${{ matrix.architecture != 'amd64' }}
+        uses: docker/setup-qemu-action@master
+        with:
+          platforms: ${{ matrix.architecture }}
+
+      - name: Test build image on ${{ matrix.architecture }}
+        id: test-build
+        uses: redhat-actions/buildah-build@main
+        with:
+          image: "tackle2-ui"
+          tags: pr${{ github.event.pull_request.number }}-${{ matrix.architecture }}
+          extra-args: "--no-cache --rm --ulimit nofile=4096:4096"
+          archs: ${{ matrix.architecture }}
+          labels: ""
+          containerfiles: "./Dockerfile"
+          context: "."
diff --git a/.github/workflows/ci-repo.yml b/.github/workflows/ci-repo.yml
index e5cc1c63ee..1677e134f5 100644
--- a/.github/workflows/ci-repo.yml
+++ b/.github/workflows/ci-repo.yml
@@ -17,10 +17,11 @@ on:
   workflow_dispatch:
 
 jobs:
-  unit-test-lookup-image:
+  unit-test-lookups:
     runs-on: ubuntu-latest
     outputs:
       builder-image: ${{ steps.grepBuilder.outputs.builder }}
+
     steps:
       - uses: actions/checkout@v4
 
@@ -33,10 +34,10 @@ jobs:
 
   unit-test:
     runs-on: ubuntu-latest
-    needs: unit-test-lookup-image
+    needs: unit-test-lookups
 
     # Use the same container as the Dockerfile's "FROM * as builder"
-    container: ${{ needs.unit-test-lookup-image.outputs.builder-image }}
+    container: ${{ needs.unit-test-lookups.outputs.builder-image }}
 
     steps:
       - uses: actions/checkout@v4