ci: 👷 add ci/cd system

.dockerignore

@@ -0,0 +1,6 @@
+.github/
+ci/
+.release-please-manifest.json
+release-please-manifest.json
+README.md
+LICENSE

.github/workflows/build.yml

@@ -0,0 +1,105 @@
+name: Build
+
+on:
+  workflow_call:
+    inputs:
+      REGISTRY:
+        required: true
+        type: string
+      NAMESPACE:
+        required: true
+        type: string
+      TAG:
+        required: true
+        type: string
+      MAJOR_TAG:
+        required: false
+        type: string
+      MINOR_TAG:
+        required: false
+        type: string
+      PATCH_TAG:
+        required: false
+        type: string
+      PLATFORMS:
+        required: false
+        type: string
+  workflow_dispatch:
+    inputs:
+      REGISTRY:
+        description: Target registry to push images
+        required: true
+        type: string
+        default: ghcr.io
+      NAMESPACE:
+        description: Target namespace to the given registry
+        required: true
+        type: string
+        default: titigmr/external-dns-midaas-webhook
+      PLATFORMS:
+        description: Target platforms for build
+        required: false
+        type: string
+        default: linux/amd64,linux/arm64
+
+jobs:
+  vars:
+    name: Generate variables
+    runs-on: ubuntu-latest
+    outputs:
+      lower-branch: ${{ steps.infos.outputs.LOWER_BRANCH }}
+      short-sha: ${{ steps.infos.outputs.SHORT_SHA }}
+    steps:
+      - name: Get variables
+        id: infos
+        run: |
+          echo "SHORT_SHA=sha-$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
+
+  build:
+    name: Build application
+    runs-on: ubuntu-latest
+    needs:
+      - vars
+    steps:
+      - name: Checks-out repository
+        uses: actions/checkout@v4
+
+      - name: Set up Docker buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Set up QEMU (for multi platform build)
+        uses: docker/setup-qemu-action@v3
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ inputs.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+          logout: true
+
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ inputs.REGISTRY }}/${{ inputs.NAMESPACE }}
+          tags: |
+            type=raw,value=${{ needs.vars.outputs.short-sha }},enable=${{ inputs.TAG == '' }}
+            type=raw,value=${{ inputs.TAG }},enable=${{ inputs.TAG != '' }}
+            type=raw,value=${{ inputs.MAJOR_TAG }}.${{ inputs.MINOR_TAG }},enable=${{ inputs.MAJOR_TAG != '' && inputs.MINOR_TAG != '' }}
+            type=raw,value=${{ inputs.MAJOR_TAG }},enable=${{ inputs.MAJOR_TAG != '' }}
+            type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'main') }}
+
+      - name: Build and push docker image
+        id: build
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: ./Dockerfile
+          provenance: false
+          platforms: ${{ inputs.PLATFORMS }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          push: true
+          cache-from: type=gha
+          cache-to: type=gha,mode=max

.github/workflows/cache.yml

@@ -0,0 +1,69 @@
+name: Clean cache
+
+on:
+  pull_request:
+    types:
+      - closed
+  workflow_dispatch:
+    inputs:
+      PR_NUMBER:
+        description: ID number of the pull request assiocited with the cache
+        required: false
+        type: number
+      BRANCH_NAME:
+        description: Branch name assiocited with the cache
+        required: false
+        type: string
+
+jobs:
+  cleanup-cache:
+    name: Delete gituhb cache
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v4
+
+      - name: Clean cache for closed branch
+        run: |
+          gh extension install actions/gh-actions-cache
+
+          REPO=${{ github.repository }}
+          if [ -n "${{ inputs.BRANCH_NAME }}" ]; then
+            BRANCH="${{ inputs.BRANCH_NAME }}"
+          else
+            BRANCH="refs/pull/${{ github.event.pull_request.number || inputs.PR_NUMBER }}/merge"
+          fi
+
+          echo "Fetching list of cache key"
+          cacheKeysForPR=$(gh actions-cache list -R $REPO -B $BRANCH -L 100 | cut -f 1 )
+
+          ## Setting this to not fail the workflow while deleting cache keys. 
+          set +e
+          echo "Deleting caches..."
+          for cacheKey in $cacheKeysForPR; do
+            gh actions-cache delete $cacheKey -R $REPO -B $BRANCH --confirm
+          done
+          echo "Done"
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+  cleanup-image:
+    name: Delete image from ghcr.io
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checks-out repository
+        uses: actions/checkout@v4
+
+      - name: Get repository owner and name
+        id: image-infos
+        run: |
+          echo "ORG_NAME=$(echo '${{ github.repository }}' | cut -d "/" -f 1)" >> $GITHUB_OUTPUT
+          echo "REPO_NAME=$(echo '${{ github.repository }}' | cut -d "/" -f 2)" >> $GITHUB_OUTPUT
+
+      - name: Delete external-dns-midaas-webhook image
+        run: |
+          ./ci/scripts/delete-image.sh \
+            -o "${{ steps.image-infos.outputs.ORG_NAME }}" \
+            -i "${{ steps.image-infos.outputs.REPO_NAME }}/external-dns-midaas-webhook" \
+            -t "pr-${{ github.event.pull_request.number || github.event.number }}" \
+            -g "${{ secrets.GITHUB_TOKEN }}"

.github/workflows/cd.yml

@@ -0,0 +1,43 @@
+name: CD
+
+on:
+  push:
+    branches:
+      - main
+  workflow_dispatch:
+
+env:
+  REGISTRY: "ghcr.io"
+  NAMESPACE: "${{ github.repository }}"
+  PLATFORMS: linux/amd64,linux/arm64
+
+jobs:
+  expose-vars:
+    runs-on: ubuntu-latest
+    outputs:
+      REGISTRY: ${{ env.REGISTRY }}
+      NAMESPACE: ${{ env.NAMESPACE }}
+      PLATFORMS: ${{ env.PLATFORMS }}
+    steps:
+      - name: Exposing env vars
+        run: echo "Exposing env vars"
+
+  release:
+    uses: ./.github/workflows/release.yml
+
+  build:
+    uses: ./.github/workflows/build.yml
+    if: ${{ needs.release.outputs.release-created == 'true' }}
+    needs:
+      - expose-vars
+      - release
+    permissions:
+      packages: write
+    with:
+      REGISTRY: ${{ needs.expose-vars.outputs.REGISTRY }}
+      NAMESPACE: ${{ needs.expose-vars.outputs.NAMESPACE }}
+      PLATFORMS: ${{ needs.expose-vars.outputs.PLATFORMS }}
+      TAG: ${{ needs.release.outputs.major-tag }}.${{ needs.release.outputs.minor-tag }}.${{ needs.release.outputs.patch-tag }}
+      MAJOR_TAG: ${{ needs.release.outputs.major-tag }}
+      MINOR_TAG: ${{ needs.release.outputs.minor-tag }}
+      PATCH_TAG: ${{ needs.release.outputs.patch-tag }}

.github/workflows/ci.yml

@@ -0,0 +1,102 @@
+name: CI
+
+on:
+  pull_request:
+    types:
+      - opened
+      - reopened
+      - synchronize
+      - ready_for_review
+    branches:
+      - "**"
+  workflow_dispatch:
+
+env:
+  REGISTRY: "ghcr.io"
+  NAMESPACE: "${{ github.repository }}"
+  PLATFORMS: linux/amd64,linux/arm64
+  GO_VERSION: 1.22.4
+
+jobs:
+  path-filter:
+    runs-on: ubuntu-latest
+    if: ${{ !github.event.pull_request.draft }}
+    outputs:
+      app: ${{ steps.filter.outputs.app }}
+    steps:
+      - name: Checks-out repository
+        uses: actions/checkout@v4
+
+      - name: Check updated files paths
+        uses: dorny/paths-filter@v3
+        id: filter
+        with:
+          filters: |
+            app:
+              - 'api/**'
+              - 'midaas/**'
+              - 'go.mod'
+              - 'go.sum'
+              - 'main.go'
+
+  expose-vars:
+    runs-on: ubuntu-latest
+    if: ${{ !github.event.pull_request.draft }}
+    outputs:
+      REGISTRY: ${{ env.REGISTRY }}
+      NAMESPACE: ${{ env.NAMESPACE }}
+      PLATFORMS: ${{ env.PLATFORMS }}
+      GO_VERSION: ${{ env.GO_VERSION }}
+    steps:
+      - name: Exposing env vars
+        run: echo "Exposing env vars"
+
+  test:
+    uses: ./.github/workflows/test.yml
+    if: ${{ needs.path-filter.outputs.app == 'true' }}
+    needs:
+      - path-filter
+      - expose-vars
+    permissions:
+      packages: write
+    with:
+      GO_VERSION: ${{ needs.expose-vars.outputs.GO_VERSION }}
+
+  build:
+    uses: ./.github/workflows/build.yml
+    if: ${{ needs.path-filter.outputs.app == 'true' }}
+    needs:
+      - path-filter
+      - expose-vars
+    permissions:
+      packages: write
+    with:
+      REGISTRY: ${{ needs.expose-vars.outputs.REGISTRY }}
+      NAMESPACE: ${{ needs.expose-vars.outputs.NAMESPACE }}
+      PLATFORMS: ${{ needs.expose-vars.outputs.PLATFORMS }}
+      TAG: pr-${{ github.event.pull_request.number || github.event.number }}
+
+  # Workaround for required status check in protection branches (see. https://github.com/orgs/community/discussions/13690)
+  all-jobs-passed:
+    name: Check jobs status
+    runs-on: ubuntu-latest
+    if: ${{ always() }}
+    needs:
+      - path-filter
+      - expose-vars
+      - build
+    steps:
+      - name: Check status of all required jobs
+        run: |-
+          NEEDS_CONTEXT='${{ toJson(needs) }}'
+          JOB_IDS=$(echo "$NEEDS_CONTEXT" | jq -r 'keys[]')
+          for JOB_ID in $JOB_IDS; do
+            RESULT=$(echo "$NEEDS_CONTEXT" | jq -r ".[\"$JOB_ID\"].result")
+            echo "$JOB_ID job result: $RESULT"
+            if [[ $RESULT != "success" && $RESULT != "skipped" ]]; then
+              echo "***"
+              echo "Error: The $JOB_ID job did not pass."
+              exit 1
+            fi
+          done
+          echo "All jobs passed or were skipped."

.github/workflows/release.yml

@@ -0,0 +1,38 @@
+name: Release
+
+on:
+  workflow_call:
+    outputs:
+      release-created:
+        description: "Has the releease been created"
+        value: ${{ jobs.release.outputs.release-created }}
+      major-tag:
+        description: "Major version tag"
+        value: ${{ jobs.release.outputs.major-tag }}
+      minor-tag:
+        description: "Minor version tag"
+        value:  ${{ jobs.release.outputs.minor-tag }}
+      patch-tag:
+        description: "Patch version tag"
+        value:  ${{ jobs.release.outputs.patch-tag }}
+
+jobs:
+  release:
+    name: Create new release
+    runs-on: ubuntu-latest
+    outputs:
+      release-created: ${{ steps.release.outputs.release_created }}
+      major-tag: ${{ steps.release.outputs.major }}
+      minor-tag: ${{ steps.release.outputs.minor }}
+      patch-tag: ${{ steps.release.outputs.patch }}
+    steps:
+      - name: Checks-out repository
+        uses: actions/checkout@v4
+
+      - name: Pre release new version
+        uses: googleapis/release-please-action@v4
+        id: release
+        with:
+          release-type: go
+          target-branch: main
+          token: ${{ secrets.GITHUB_TOKEN }}