fix: buildkit in gh (#478)

* fix: buildkit in gh

* chore: clean

Author: devthejo

.github/workflows/deactivate.yaml

@@ -18,6 +18,6 @@ on:
       - "!**-persist-**"
 
 jobs:
-  socialgouv:
-    uses: socialgouv/workflows/.github/workflows/use-ks-gh-deactivate.yaml@v1
+  kontinuous:
+    uses: socialgouv/workflows/.github/workflows/use-ks-gh-deactivate-atlas.yaml@v1
     secrets: inherit

.github/workflows/preproduction.yaml

@@ -13,7 +13,42 @@ concurrency:
   group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.event.ref }}
 
 jobs:
-  socialgouv:
+  build-app:
+    environment: build-preproduction
+    outputs:
+      tags: ${{ steps.meta.outputs.tags }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: ⏬ Checkout code repository
+        uses: actions/checkout@v4
+
+      - name: 📌 Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ vars.REGISTRY_URL }}/${{ vars.PROJECT_NAME }}/${{ github.event.repository.name }}/app
+          tags: |
+            type=sha,prefix=preprod-,format=long,priority=850
+            type=sha,prefix=sha-,format=long,priority=890
+
+      - name: 📦 Build and push Docker image for app
+        uses: socialgouv/workflows/actions/buildkit@v1
+        with:
+          context: "."
+          dockerfile: "Dockerfile"
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          registry: "${{ vars.REGISTRY_URL }}"
+          registry-username: "${{ secrets.REGISTRY_USERNAME }}"
+          registry-password: "${{ secrets.REGISTRY_PASSWORD }}"
+          buildkit-cert-ca: "${{ secrets.BUILDKIT_CERT_CA }}"
+          buildkit-cert: "${{ secrets.BUILDKIT_CERT }}"
+          buildkit-cert-key: "${{ secrets.BUILDKIT_CERT_KEY }}"
+          buildkit-svc-count: ${{ vars.BUILDKIT_SVC_COUNT }}
+          buildkit-daemon-address: ${{ vars.BUILDKIT_DAEMON_ADDRESS }}
+
+  kontinuous:
+    needs: [build-app]
     name: "🇫🇷 SocialGouv"
-    uses: socialgouv/workflows/.github/workflows/use-ks-gh-preproduction.yaml@v1
+    uses: socialgouv/workflows/.github/workflows/use-ks-gh-preproduction-atlas.yaml@v1
     secrets: inherit

.github/workflows/production.yaml

@@ -10,7 +10,43 @@ concurrency:
   group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.event.ref }}
 
 jobs:
-  socialgouv:
+  build-app:
+    environment: build-production
+    outputs:
+      tags: ${{ steps.meta.outputs.tags }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: ⏬ Checkout code repository
+        uses: actions/checkout@v4
+
+      - name: 📌 Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ vars.REGISTRY_URL }}/${{ vars.PROJECT_NAME }}/${{ github.event.repository.name }}/app
+          tags: |
+            type=semver,pattern=v{{version}},priority=900
+            type=sha,prefix=sha-,format=long,priority=890
+            type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }},priority=200
+
+      - name: 📦 Build and push Docker image for app
+        uses: socialgouv/workflows/actions/buildkit@v1
+        with:
+          context: "."
+          dockerfile: "Dockerfile"
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          registry: "${{ vars.REGISTRY_URL }}"
+          registry-username: "${{ secrets.REGISTRY_USERNAME }}"
+          registry-password: "${{ secrets.REGISTRY_PASSWORD }}"
+          buildkit-cert-ca: "${{ secrets.BUILDKIT_CERT_CA }}"
+          buildkit-cert: "${{ secrets.BUILDKIT_CERT }}"
+          buildkit-cert-key: "${{ secrets.BUILDKIT_CERT_KEY }}"
+          buildkit-svc-count: ${{ vars.BUILDKIT_SVC_COUNT }}
+          buildkit-daemon-address: ${{ vars.BUILDKIT_DAEMON_ADDRESS }}
+
+  kontinuous:
+    needs: [build-app]
     name: "🇫🇷 SocialGouv"
-    uses: socialgouv/workflows/.github/workflows/use-ks-gh-production.yaml@v1
+    uses: socialgouv/workflows/.github/workflows/use-ks-gh-production-atlas.yaml@v1
     secrets: inherit

.github/workflows/review-auto.yaml

@@ -10,7 +10,49 @@ concurrency:
   group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.event.ref }}
 
 jobs:
-  socialgouv:
+  build-app:
+    environment: build-review-auto
+    outputs:
+      tags: ${{ steps.meta.outputs.tags }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: ⏬ Checkout code repository
+        uses: actions/checkout@v4
+
+      - name: 📌 Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ vars.REGISTRY_URL }}/${{ vars.PROJECT_NAME }}/${{ github.event.repository.name }}/app
+          tags: |
+            type=sha,prefix=persist-,format=long,enable=${{ 
+              github.ref_name == 'dev' || 
+              github.ref_name == 'develop' || 
+              github.ref_name == 'preprod' || 
+              github.ref_name == 'main' || 
+              github.ref_name == 'master'
+            }},priority=840
+            type=sha,prefix=sha-,format=long,priority=890
+            type=ref,event=branch,priority=600
+
+      - name: 📦 Build and push Docker image for app
+        uses: socialgouv/workflows/actions/buildkit@v1
+        with:
+          context: "."
+          dockerfile: "Dockerfile"
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          registry: "${{ vars.REGISTRY_URL }}"
+          registry-username: "${{ secrets.REGISTRY_USERNAME }}"
+          registry-password: "${{ secrets.REGISTRY_PASSWORD }}"
+          buildkit-cert-ca: "${{ secrets.BUILDKIT_CERT_CA }}"
+          buildkit-cert: "${{ secrets.BUILDKIT_CERT }}"
+          buildkit-cert-key: "${{ secrets.BUILDKIT_CERT_KEY }}"
+          buildkit-svc-count: ${{ vars.BUILDKIT_SVC_COUNT }}
+          buildkit-daemon-address: ${{ vars.BUILDKIT_DAEMON_ADDRESS }}
+
+  kontinuous:
+    needs: [build-app]
     name: "🇫🇷 SocialGouv"
-    uses: socialgouv/workflows/.github/workflows/use-ks-gh-review-auto.yaml@v1
+    uses: socialgouv/workflows/.github/workflows/use-ks-gh-review-auto-atlas.yaml@v1
     secrets: inherit

.github/workflows/review.yaml

@@ -13,7 +13,49 @@ concurrency:
   group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.event.ref }}
 
 jobs:
-  socialgouv:
+  build-app:
+    environment: build-review
+    outputs:
+      tags: ${{ steps.meta.outputs.tags }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: ⏬ Checkout code repository
+        uses: actions/checkout@v4
+
+      - name: 📌 Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ vars.REGISTRY_URL }}/${{ vars.PROJECT_NAME }}/${{ github.event.repository.name }}/app
+          tags: |
+            type=sha,prefix=persist-,format=long,enable=${{ 
+              github.ref_name == 'dev' || 
+              github.ref_name == 'develop' || 
+              github.ref_name == 'preprod' || 
+              github.ref_name == 'main' || 
+              github.ref_name == 'master'
+            }},priority=840
+            type=sha,prefix=sha-,format=long,priority=890
+            type=ref,event=branch,priority=600
+
+      - name: 📦 Build and push Docker image for app
+        uses: socialgouv/workflows/actions/buildkit@v1
+        with:
+          context: "."
+          dockerfile: "Dockerfile"
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          registry: "${{ vars.REGISTRY_URL }}"
+          registry-username: "${{ secrets.REGISTRY_USERNAME }}"
+          registry-password: "${{ secrets.REGISTRY_PASSWORD }}"
+          buildkit-cert-ca: "${{ secrets.BUILDKIT_CERT_CA }}"
+          buildkit-cert: "${{ secrets.BUILDKIT_CERT }}"
+          buildkit-cert-key: "${{ secrets.BUILDKIT_CERT_KEY }}"
+          buildkit-svc-count: ${{ vars.BUILDKIT_SVC_COUNT }}
+          buildkit-daemon-address: ${{ vars.BUILDKIT_DAEMON_ADDRESS }}
+
+  kontinuous:
+    needs: [build-app]
     name: "🇫🇷 SocialGouv"
-    uses: socialgouv/workflows/.github/workflows/use-ks-gh-review.yaml@v1
-    secrets: inherit
+    uses: socialgouv/workflows/.github/workflows/use-ks-gh-review-atlas.yaml@v1
+    secrets: inherit

.kontinuous/config.yaml

@@ -1,8 +1 @@
-projectName: fabrique
-ciNamespace: ci-fabrique
-
-dependencies:
-  fabrique:
-    extends:
-      - name: ovh
-      - name: buildkit-service
+projectName: fabrique

.kontinuous/values.yaml

@@ -1,4 +1,7 @@
 app:
+  ~chart: app
+  imagePackage: app
+  containerPort: 8080
   envFrom:
     - secretRef:
         name: standup-sealed-secret