From 524d22a6821a0edf1a50125e52aff1099d2fc6ab Mon Sep 17 00:00:00 2001
From: feederbox826 <me@feederbox.cc>
Date: Sat, 5 Oct 2024 01:56:35 -0400
Subject: [PATCH] add manual pr builder

---
 .github/workflows/docker-pr.yml | 57 +++++++++++++++++++++++++++++++++
 .github/workflows/pr-build.yml  | 25 +++++++++++++++
 ci/parser.mjs                   | 46 ++++++++++++++++++++++++++
 dockerfile/pr.Dockerfile        | 17 ++++++++++
 4 files changed, 145 insertions(+)
 create mode 100644 .github/workflows/docker-pr.yml
 create mode 100644 .github/workflows/pr-build.yml
 create mode 100644 ci/parser.mjs
 create mode 100644 dockerfile/pr.Dockerfile

diff --git a/.github/workflows/docker-pr.yml b/.github/workflows/docker-pr.yml
new file mode 100644
index 0000000..2f2f31e
--- /dev/null
+++ b/.github/workflows/docker-pr.yml
@@ -0,0 +1,57 @@
+name: docker-alpine-build
+on: 
+  workflow_call:
+    inputs:
+      upstream:
+        require: true
+        type: string
+      pr:
+        required: true
+        type: string
+      tag:
+        required: true
+        type: string
+    secrets:
+      GH_TOKEN:
+        required: true
+
+env:
+  IMAGE_NAME: stash-s6
+
+permissions:
+  packages: write
+  contents: read
+
+jobs:
+  docker-alpine-build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: docker/setup-buildx-action@v3
+      - id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: |
+            ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}
+          tags: |
+            ${{ inputs.tag }}
+      - uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GH_TOKEN }}
+      - name: build and push multi-arch alpine image
+        uses: docker/build-push-action@v5
+        with:
+          push: true
+          provenance: false
+          file: dockerfile/pr.Dockerfile
+          tags: ${{ steps.meta.outputs.tags }}
+          platforms: linux/amd64
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          secrets: |
+            GITHUB_TOKEN=${{ secrets.GH_TOKEN }}
+          build-args: |
+            UPSTREAM_TYPE=${{ inputs.upstream }}
+            TARGET_BRANCH=${{ inputs.pr }}
\ No newline at end of file
diff --git a/.github/workflows/pr-build.yml b/.github/workflows/pr-build.yml
new file mode 100644
index 0000000..9bf8f21
--- /dev/null
+++ b/.github/workflows/pr-build.yml
@@ -0,0 +1,25 @@
+name: docker-develop-build
+on:
+  workflow_dispatch:
+    inputs:
+      pr:
+        type: string
+        required: true
+
+jobs:
+  docker-alpine:
+    uses: ./.github/workflows/docker-pr.yml
+    with:
+      upstream: alpine-develop
+      pr: ${{ inputs.pr }}
+      tag: alpine-pr-${{ inputs.pr }}
+    secrets:
+      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  docker-hwaccel:
+    uses: ./.github/workflows/docker-pr.yml
+    with:
+      upstream: hwaccel-develop
+      pr: ${{ inputs.pr }}
+      tag: hwaccel-pr-${{ inputs.pr }}
+    secrets:
+      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
\ No newline at end of file
diff --git a/ci/parser.mjs b/ci/parser.mjs
new file mode 100644
index 0000000..cfc7fcb
--- /dev/null
+++ b/ci/parser.mjs
@@ -0,0 +1,46 @@
+import axios from 'axios';
+import promises from 'fs/promises';
+import fs from 'fs';
+
+const TARGET_BRANCH = process.env.TARGET_BRANCH || 'issues/live-transcode-issues';
+const TARGET_REPO = process.env.TARGET_REPO;
+const WORKFLOW_NAME = process.env.WORKFLOW_NAME;
+const ARTIFACT_NAME = process.env.ARTIFACT_NAME;
+const GITHUB_TOKEN = fs.readFileSync('/run/secrets/GITHUB_TOKEN', 'utf8').trim();
+
+async function downloadUrl(url) {
+  const response = await axios.get(url, {
+    headers: {
+      Authorization: `Bearer ${GITHUB_TOKEN}`
+    },
+    responseType: 'stream'
+  });
+  await promises.writeFile(ARTIFACT_NAME, response.data);
+}
+
+const ghApi = axios.create({
+  baseURL: 'https://api.github.com',
+  headers: {
+    Authorization: `Bearer ${GITHUB_TOKEN}`,
+    Accept: 'application/vnd.github+json',
+    "User-Agent": "fbox826/parser",
+    "X-Github-Api-Version": "2022-11-28"
+  }
+});
+
+const getArtifact = () =>
+  ghApi.get(`/repos/${TARGET_REPO}/actions/runs`, {
+    params: {
+      branch: TARGET_BRANCH,
+      status: 'completed'
+    }
+  }).then(repo => repo.data.workflow_runs
+    .find(run => run.name === WORKFLOW_NAME)
+    .artifacts_url
+  ).then(ghApi.get)
+  .then(res => res.data.artifacts
+      .find(artifact => artifact.name === ARTIFACT_NAME)
+      .archive_download_url
+  ).then(downloadUrl)
+
+getArtifact();
\ No newline at end of file
diff --git a/dockerfile/pr.Dockerfile b/dockerfile/pr.Dockerfile
new file mode 100644
index 0000000..401dcdc
--- /dev/null
+++ b/dockerfile/pr.Dockerfile
@@ -0,0 +1,17 @@
+# syntax=docker/dockerfile:1
+ARG UPSTREAM_TYPE="alpine"
+
+# pull in builds from artifacts
+FROM node:alpine AS puller
+ARG TARGET_BRANCH \
+  TARGET_REPO="stashapp/stash" \
+  WORKFLOW_NAME="Build" \
+  ARTIFACT_NAME="stash-linux"
+WORKDIR /usr/app
+COPY ci/parser.mjs parser.mjs
+RUN --mount=type=secret,id=GITHUB_TOKEN \
+  npm i axios && node parser.mjs
+
+# pull in prebuilt alpine/hwaccel
+FROM ghcr.io/feederbox826/stash-s6:${UPSTREAM_TYPE} AS stash
+COPY --from=puller /usr/app/stash-linux /usr/bin/stash
\ No newline at end of file