From b33a6c8784f3e8f84d9230df1cb5f2f130646e07 Mon Sep 17 00:00:00 2001
From: Adam Dyess <adam.dyess@canonical.com>
Date: Thu, 18 Jan 2024 13:28:15 -0600
Subject: [PATCH] Build and Publish Rocks workflows

---
 .github/workflows/build_rock.yaml   | 42 +++++++++++++++++++++++++++++
 .github/workflows/pull_request.yaml | 10 +++++++
 trivy.yaml                          |  3 +++
 3 files changed, 55 insertions(+)
 create mode 100644 .github/workflows/build_rock.yaml
 create mode 100644 .github/workflows/pull_request.yaml
 create mode 100644 trivy.yaml

diff --git a/.github/workflows/build_rock.yaml b/.github/workflows/build_rock.yaml
new file mode 100644
index 0000000..d5d35f7
--- /dev/null
+++ b/.github/workflows/build_rock.yaml
@@ -0,0 +1,42 @@
+name: Build Rocks
+
+on:
+  workflow_call:
+    inputs:
+      image-build-args:
+        description: |
+          List of build args to pass to the build image job
+        type: string
+        default: ""
+      registry:
+        description: Container Registrying top-level domain
+        type: string
+        default: ghcr.io
+      trivy-image-config:
+        type: string
+        description: Trivy YAML configuration for image testing that is checked in as part of the repo
+      working-directory:
+        type: string
+        description: The working directory for jobs
+        default: "./"
+        
+env:
+  REGISTRY: ${{ inputs.registry }}
+  OWNER: ${{ github.repository_owner }}
+
+jobs:
+  get-runner-image:
+    name: Get runner image
+    uses: canonical/operator-workflows/.github/workflows/get_runner_image.yaml@main
+    with:
+      working-directory: ${{ inputs.working-directory }}
+  build-rocks:
+    name: Build rock
+    uses: canonical/operator-workflows/.github/workflows/build_rocks.yaml@main
+    needs: get-runner-image
+    with:
+      owner: ${{ env.OWNER }}
+      registry: ${{ env.REGISTRY }}
+      runs-on: ${{ needs.get-runner-image.outputs.runs-on }}
+      trivy-image-config: ${{ inputs.trivy-image-config }}
+      working-directory: ${{ inputs.working-directory }}
diff --git a/.github/workflows/pull_request.yaml b/.github/workflows/pull_request.yaml
new file mode 100644
index 0000000..d4c089b
--- /dev/null
+++ b/.github/workflows/pull_request.yaml
@@ -0,0 +1,10 @@
+name: Pull Request
+on:
+  pull_request:
+
+jobs:
+  build-rocks:
+    name: Build Rocks
+    uses: ./.github/workflows/build_rock.yaml
+    with:
+      trivy-image-config: "trivy.yaml"
diff --git a/trivy.yaml b/trivy.yaml
new file mode 100644
index 0000000..6e79d6f
--- /dev/null
+++ b/trivy.yaml
@@ -0,0 +1,3 @@
+timeout: 20m
+scan:
+  offline-scan: true
\ No newline at end of file