From cc796dbe398a6aae2d1d4b32ac75ab176818cc8b Mon Sep 17 00:00:00 2001
From: Alexey Pustovalov <alexey.pustovalov@zabbix.com>
Date: Sun, 18 Feb 2024 15:49:20 +0900
Subject: [PATCH] Updated building images workflow

---
 .github/workflows/images_build.yml | 49 +++++++++++-------------------
 1 file changed, 17 insertions(+), 32 deletions(-)

diff --git a/.github/workflows/images_build.yml b/.github/workflows/images_build.yml
index cce50f49b..5cefc6483 100644
--- a/.github/workflows/images_build.yml
+++ b/.github/workflows/images_build.yml
@@ -424,26 +424,22 @@ jobs:
 
       - name: Image digest
         env:
-          DIGEST: ${{ steps.docker_build.outputs.digest }}
-          CACHE_FILE_NAME: "base_image_metadata"
+          CACHE_FILE_NAME: "base_image_metadata.json"
           METADATA: ${{ steps.docker_build.outputs.metadata }}
         run: |
-            echo "::group::Image digest"
-            echo "$DIGEST"
+            echo "::group::Image metadata"
+            echo "${METADATA}"
             echo "::endgroup::"
             echo "::group::Cache file name"
-            echo "$CACHE_FILE_NAME"
+            echo "${CACHE_FILE_NAME}"
             echo "::endgroup::"
-            echo "$METADATA" > test_file
 
-            cat test_file
-
-            echo "$DIGEST" > "$CACHE_FILE_NAME"
+            echo "${METADATA}" > "$CACHE_FILE_NAME"
 
       - name: Cache image digest
         uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
         with:
-          path: "base_image_metadata"
+          path: "base_image_metadata.json"
           key: ${{ env.BASE_BUILD_NAME }}-${{ matrix.os }}-${{ github.run_id }}
 
   build_base_database:
@@ -556,42 +552,31 @@ jobs:
           tags: |
             type=semver,enable=${{ needs.init_build.outputs.current_branch != 'trunk' }},pattern={{version}},prefix=${{ matrix.os }}-
             type=semver,enable=${{ needs.init_build.outputs.current_branch != 'trunk' }},pattern={{version}},suffix=-${{ matrix.os }}
-            type=ref,enable=${{ needs.init_build.outputs.current_branch != 'trunk' }},event=branch,prefix=${{ matrix.os }}-,suffix=-latest
-            type=ref,enable=${{ needs.init_build.outputs.current_branch != 'trunk' }},event=branch,suffix=-${{ matrix.os }}-latest
+            type=ref,enable=${{ needs.init_build.outputs.current_branch != 'trunk' && (!contains(fromJSON('["workflow_dispatch"]'), github.event_name)) }},event=branch,prefix=${{ matrix.os }}-,suffix=-latest
+            type=ref,enable=${{ needs.init_build.outputs.current_branch != 'trunk' && (!contains(fromJSON('["workflow_dispatch"]'), github.event_name)) }},event=branch,suffix=-${{ matrix.os }}-latest
             type=raw,enable=${{ (needs.init_build.outputs.current_branch != 'trunk') && (needs.init_build.outputs.is_default_branch == 'true') }},value=${{matrix.os}}-latest
             type=ref,enable=${{ needs.init_build.outputs.current_branch == 'trunk' }},event=branch,prefix=${{ matrix.os }}-
-            type=ref,enable=${{ needs.init_build.outputs.current_branch == 'trunk' }},event=branch,suffix=-${{ matrix.os }}
+            type=ref,enable=${{ needs.init_build.outputs.current_branch == 'trunk' || contains(fromJSON('["workflow_dispatch"]'), github.event_name) }},event=branch,suffix=-${{ matrix.os }}
           flavor: |
             latest=${{ (matrix.os == 'alpine') && (!contains(fromJSON('["workflow_dispatch"]'), github.event_name)) && ( needs.init_build.outputs.is_default_branch == 'true' ) }}
 
       - name: Download SHA256 tag of ${{ env.BASE_BUILD_NAME }}:${{ matrix.os }}
         uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
         with:
-          path: ${{ env.BASE_BUILD_NAME }}_${{ matrix.os }}
+          path: "base_image_metadata.json"
           key: ${{ env.BASE_BUILD_NAME }}-${{ matrix.os }}-${{ github.run_id }}
 
-      - name: Retrieve ${{ env.BASE_BUILD_NAME }}:${{ matrix.os }} SHA256 tag
+      - name: Process ${{ env.BASE_BUILD_NAME }}:${{ matrix.os }} image metadata
         id: base_build
-        env:
-         MATRIX_OS: ${{ matrix.os }}
-         DOCKER_REPOSITORY: ${{ env.AUTO_PUSH_IMAGES != 'true' && 'ghcr.io/' }}${{ env.AUTO_PUSH_IMAGES == 'true' && env.DOCKER_REPOSITORY || env.DOCKER_REGISTRY_TEST }}
-         BASE_IMAGE: ${{ env.BASE_BUILD_NAME }}
-         IMAGES_PREFIX: ${{ env.IMAGES_PREFIX }}
         run: |
-            BASE_TAG=$(cat "base_image_metadata")
-            if [[ "${BASE_TAG}" == "sha256"* ]]; then
-                BUILD_BASE_IMAGE="${DOCKER_REPOSITORY}/${IMAGES_PREFIX}${BASE_IMAGE}@${BASE_TAG}"
-            else
-                BUILD_BASE_IMAGE=${BASE_TAG}
-            fi
-
-            echo "::group::Base build image information"
-            echo "base_tag=${BASE_TAG}"
-            echo "base_build_image=${BUILD_BASE_IMAGE}"
+            echo "::group::Base image metadata"
+            cat "base_image_metadata.json"
             echo "::endgroup::"
 
-            echo "base_tag=${BASE_TAG}" >> $GITHUB_OUTPUT
-            echo "base_build_image=${BUILD_BASE_IMAGE}" >> $GITHUB_OUTPUT
+            IMAGE_DIGEST=$(jq -r '."containerimage.digest"' "base_image_metadata.json")
+            IMAGE_NAME=$(jq -r '."image.name"' "base_image_metadata.json" | cut -d: -f1)
+
+            echo "base_build_image=${IMAGE_NAME}@IMAGE_DIGEST" >> $GITHUB_OUTPUT
 
       - name: Verify ${{ env.BASE_BUILD_NAME }}:${{ matrix.os }} cosign
         if: ${{ env.AUTO_PUSH_IMAGES == 'true' }}