From 4a2bc7bfbd478c7547467eb54a99ecb270dbc1f1 Mon Sep 17 00:00:00 2001
From: Devin Buhl <devin@buhl.casa>
Date: Tue, 31 Dec 2024 09:17:51 -0500
Subject: [PATCH] fix: updates

Signed-off-by: Devin Buhl <devin@buhl.casa>
---
 .github/workflows/pre-pull-images.yaml | 111 +++++++++++++++----------
 1 file changed, 69 insertions(+), 42 deletions(-)

diff --git a/.github/workflows/pre-pull-images.yaml b/.github/workflows/pre-pull-images.yaml
index ea761a6eeb597..674faa432100d 100644
--- a/.github/workflows/pre-pull-images.yaml
+++ b/.github/workflows/pre-pull-images.yaml
@@ -19,13 +19,11 @@ concurrency:
 #   UV_SYSTEM_PYTHON: "1"
 
 jobs:
-  extract-images:
-    name: Extract Images
+  default-images:
+    name: Default Images
     runs-on: ubuntu-latest
-    permissions:
-      pull-requests: write
     outputs:
-      matrix: ${{ steps.extract-images.outputs.images }}
+      images: ${{ steps.default-images.outputs.images }}
     steps:
       - name: Generate Token
         uses: actions/create-github-app-token@v1
@@ -34,36 +32,11 @@ jobs:
           app-id: "${{ secrets.BOT_APP_ID }}"
           private-key: "${{ secrets.BOT_APP_PRIVATE_KEY }}"
 
-      - name: Checkout Default Branch
+      - name: Checkout
         uses: actions/checkout@v4
         with:
           token: "${{ steps.app-token.outputs.token }}"
           ref: "${{ github.event.repository.default_branch }}"
-          path: default
-
-      - name: Checkout Pull Request Branch
-        uses: actions/checkout@v4
-        with:
-          token: "${{ steps.app-token.outputs.token }}"
-          path: pull
-
-      # - name: Setup Homebrew
-      #   uses: Homebrew/actions/setup-homebrew@master
-      #   with:
-      #     stable: true
-
-      # - name: Setup Workflow Tools
-      #   shell: bash
-      #   run: brew install fluxcd/tap/flux helm jo kustomize uv yq
-
-      # - name: Setup Python
-      #   uses: actions/setup-python@v5
-      #   with:
-      #     python-version: 3.12.x
-
-      # - name: Install Python Dependencies
-      #   shell: bash
-      #   run: uv pip install flux-local
 
       - name: Setup Workflow Tools
         uses: jdx/mise-action@v2
@@ -80,40 +53,94 @@ jobs:
             "aqua:mikefarah/yq" = "latest"
             "pipx:flux-local" = "latest"
 
-      - name: Gather Images in Default Branch
+      - name: Extract Images
         shell: bash
         run: |
           flux-local get cluster \
-              --path ${{ github.workspace }}/default/kubernetes/main/flux \
+              --path ${{ github.workspace }}/kubernetes/main/flux \
               --enable-images \
               --output yaml \
-              --output-file default.yaml
+              --output-file images.yaml
+
+      - name: Filter Image
+        shell: bash
+        run: |
+          yq -r '[.. | .images? | select(. != null)] | flatten | sort | unique | .[]' \
+              images.yaml > images.txt
+
+      - name: Output Images
+        id: images
+        shell: bash
+        run: |
+          echo "images=$(cat images.txt)" >> $GITHUB_OUTPUT
+
+  pull-request-images:
+    name: Pull Request Images
+    runs-on: ubuntu-latest
+    outputs:
+      images: ${{ steps.pull-request-images.outputs.images }}
+    steps:
+      - name: Generate Token
+        uses: actions/create-github-app-token@v1
+        id: app-token
+        with:
+          app-id: "${{ secrets.BOT_APP_ID }}"
+          private-key: "${{ secrets.BOT_APP_PRIVATE_KEY }}"
+
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          token: "${{ steps.app-token.outputs.token }}"
 
-      - name: Gather Images in Pull Request Branch
+      - name: Setup Workflow Tools
+        uses: jdx/mise-action@v2
+        env:
+          GITHUB_TOKEN: "${{ steps.app-token.outputs.token }}"
+        with:
+          mise_toml: |
+            [tools]
+            python = "3.12"
+            "aqua:astral-sh/uv" = "latest"
+            "aqua:fluxcd/flux2" = "latest"
+            "aqua:helm/helm" = "latest"
+            "aqua:kubernetes-sigs/kustomize" = "latest"
+            "aqua:mikefarah/yq" = "latest"
+            "pipx:flux-local" = "latest"
+
+      - name: Extract Images
         shell: bash
         run: |
           flux-local get cluster \
-              --path ${{ github.workspace }}/pull/kubernetes/main/flux \
+              --path ${{ github.workspace }}/kubernetes/main/flux \
               --enable-images \
               --output yaml \
-              --output-file pull.yaml
+              --output-file images.yaml
 
-      - name: Filter Default Branch Results
+      - name: Filter Image
         shell: bash
         run: |
           yq -r '[.. | .images? | select(. != null)] | flatten | sort | unique | .[]' \
-              default.yaml > default.txt
+              images.yaml > images.txt
 
-      - name: Filter Pull Request Branch Results
+      - name: Output Images
+        id: images
         shell: bash
         run: |
-          yq -r '[.. | .images? | select(. != null)] | flatten | sort | unique | .[]' \
-              pull.yaml > pull.txt
+          echo "images=$(cat images.txt)" >> $GITHUB_OUTPUT
 
+  extract-images:
+    name: Extract Images
+    runs-on: ubuntu-latest
+    needs: ["default-images", "pull-request-images"]
+    outputs:
+      matrix: ${{ steps.extract-images.outputs.images }}
+    steps:
       - name: Compare Default and Pull Request Images
         id: extract-images
         shell: bash
         run: |
+          echo "${{ steps.default-images.outputs.images }}" > default.txt
+          echo "${{ steps.pull-request-images.outputs.images }}" > pull.txt
           images=$(jq --compact-output --raw-input --null-input '[inputs]' < <(grep -vf default.txt pull.txt))
           echo "images=${images}" >> $GITHUB_OUTPUT
           echo "${images}"