From 25a15bc7c285923343d9d718caed760b516f408f Mon Sep 17 00:00:00 2001
From: Lars Haugan <lars.haugan@sparebank1.no>
Date: Mon, 20 Nov 2023 10:22:12 +0100
Subject: [PATCH 1/4] Adds workflow for main branch that publishes plugin to
 ghcr.io

Signed-off-by: Lars Haugan <lars.haugan@sparebank1.no>
---
 .github/workflows/main.yaml | 37 +++++++++++++++++++++++++++++++++++++
 1 file changed, 37 insertions(+)
 create mode 100644 .github/workflows/main.yaml

diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml
new file mode 100644
index 00000000..9e80e846
--- /dev/null
+++ b/.github/workflows/main.yaml
@@ -0,0 +1,37 @@
+name: PR Check
+
+on:
+  push:
+    branches:
+    - "main"
+
+jobs:
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+    - name: Check out code
+      uses: actions/checkout@v3
+
+    - name: generate-tag                                                                 
+      run: |                                                                             
+        echo "TAG=$(git show -s --date=format:'%Y%m%d-%H%M' --format=%cd)" >> $GITHUB_ENV
+
+    - name: Log in to the Container registry
+      uses: docker/login-action@v3
+      with:
+        registry: ghcr.io
+        username: ${{ github.repository_owner }}
+        password: ${{ secrets.GITHUB_TOKEN }}
+
+    - name: Build and publish docker plugin
+      env:
+        REPO: ghcr.io/${{ github.repository }}
+        VERSION: ${{ env.TAG }}
+      run: |
+        make plugin
+        docker plugin push "$REPO:$VERSION"

From 820faf323888beca547a9838d01a3ad2b346b973 Mon Sep 17 00:00:00 2001
From: Lars Haugan <lars.haugan@sparebank1.no>
Date: Mon, 20 Nov 2023 10:32:32 +0100
Subject: [PATCH 2/4] remove '-v2' from plugin script, to enable publishing to
 ghcr

Signed-off-by: Lars Haugan <lars.haugan@sparebank1.no>
---
 Makefile  | 2 +-
 plugin.sh | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/Makefile b/Makefile
index f69f0d40..f2ccf5de 100644
--- a/Makefile
+++ b/Makefile
@@ -3,7 +3,7 @@
 VERSION ?= 0.8
 GO_VERSION := 1.19.1
 GOLANGCI_LINT_VERSION := v1.49.0
-REPO := openpolicyagent/opa-docker-authz
+REPO := openpolicyagent/opa-docker-authz-v2
 
 all: build
 
diff --git a/plugin.sh b/plugin.sh
index 18520d60..eeda1383 100755
--- a/plugin.sh
+++ b/plugin.sh
@@ -10,10 +10,10 @@ docker image build -t rootfsimage .
 id=`docker container create rootfsimage true`
 docker container export "$id" | tar -x -C ./rootfs
 
-echo "Creating plugin "${REPO}-v2:${VERSION}" ..."
-docker plugin create "${REPO}-v2:${VERSION}" .
+echo "Creating plugin "${REPO}:${VERSION}" ..."
+docker plugin create "${REPO}:${VERSION}" .
 
 echo "Cleanup..."
 docker container rm -f "$id" > /dev/null
 docker image rm -f rootfsimage > /dev/null
-rm -rf ./rootfs
\ No newline at end of file
+rm -rf ./rootfs

From fab2ce50041a3b469da7f128dd703f59caed08a8 Mon Sep 17 00:00:00 2001
From: Lars Haugan <lars.haugan@sparebank1.no>
Date: Mon, 20 Nov 2023 10:54:54 +0100
Subject: [PATCH 3/4] Workflow should build releases when tags are pushed

Signed-off-by: Lars Haugan <lars.haugan@sparebank1.no>
---
 .github/workflows/main.yaml | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml
index 9e80e846..65dd39fe 100644
--- a/.github/workflows/main.yaml
+++ b/.github/workflows/main.yaml
@@ -1,9 +1,9 @@
-name: PR Check
+name: Release
 
 on:
   push:
-    branches:
-    - "main"
+    tags:
+    - 'v*'
 
 jobs:
   build:
@@ -15,11 +15,11 @@ jobs:
 
     steps:
     - name: Check out code
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
 
-    - name: generate-tag                                                                 
-      run: |                                                                             
-        echo "TAG=$(git show -s --date=format:'%Y%m%d-%H%M' --format=%cd)" >> $GITHUB_ENV
+    - name: Set TAG_NAME in Environment
+      # Subsequent jobs will be have the computed tag name
+      run: echo "TAG_NAME=${GITHUB_REF##*/}" >> $GITHUB_ENV
 
     - name: Log in to the Container registry
       uses: docker/login-action@v3
@@ -31,7 +31,7 @@ jobs:
     - name: Build and publish docker plugin
       env:
         REPO: ghcr.io/${{ github.repository }}
-        VERSION: ${{ env.TAG }}
+        VERSION: ${{ env.TAG_NAME }}
       run: |
         make plugin
-        docker plugin push "$REPO:$VERSION"
+        docker plugin push "$REPO:${TAG_NAME}"

From 8b780ce44182946daefaa524b965440be9bb5502 Mon Sep 17 00:00:00 2001
From: Lars Haugan <lars.haugan@sparebank1.no>
Date: Mon, 20 Nov 2023 11:06:46 +0100
Subject: [PATCH 4/4] add workflow for post merge with mutable tag edge

Signed-off-by: Lars Haugan <lars.haugan@sparebank1.no>
---
 .github/workflows/main.yaml    | 43 ++++++++++++++++------------------
 .github/workflows/release.yaml | 38 ++++++++++++++++++++++++++++++
 2 files changed, 58 insertions(+), 23 deletions(-)
 create mode 100644 .github/workflows/release.yaml

diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml
index 65dd39fe..a524b92b 100644
--- a/.github/workflows/main.yaml
+++ b/.github/workflows/main.yaml
@@ -1,37 +1,34 @@
-name: Release
+---
+name: Post Merge
 
 on:
   push:
-    tags:
-    - 'v*'
+    branches:
+      - main
 
 jobs:
   build:
-    name: Build
+    name: Build edge
     runs-on: ubuntu-latest
     permissions:
       contents: read
       packages: write
 
     steps:
-    - name: Check out code
-      uses: actions/checkout@v4
+      - name: Check out code
+        uses: actions/checkout@v4
 
-    - name: Set TAG_NAME in Environment
-      # Subsequent jobs will be have the computed tag name
-      run: echo "TAG_NAME=${GITHUB_REF##*/}" >> $GITHUB_ENV
+      - name: Log in to the Container registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
 
-    - name: Log in to the Container registry
-      uses: docker/login-action@v3
-      with:
-        registry: ghcr.io
-        username: ${{ github.repository_owner }}
-        password: ${{ secrets.GITHUB_TOKEN }}
-
-    - name: Build and publish docker plugin
-      env:
-        REPO: ghcr.io/${{ github.repository }}
-        VERSION: ${{ env.TAG_NAME }}
-      run: |
-        make plugin
-        docker plugin push "$REPO:${TAG_NAME}"
+      - name: Build and publish docker plugin
+        env:
+          REPO: ghcr.io/${{ github.repository }}
+          VERSION: edge
+        run: |-
+          make plugin
+          docker plugin push "$REPO:${TAG_NAME}"
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
new file mode 100644
index 00000000..06b4a4ad
--- /dev/null
+++ b/.github/workflows/release.yaml
@@ -0,0 +1,38 @@
+---
+name: Release
+
+on:
+  push:
+    tags:
+      - v*
+
+jobs:
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v4
+
+      - name: Set TAG_NAME in Environment
+      # Subsequent jobs will be have the computed tag name
+        run: echo "TAG_NAME=${GITHUB_REF##*/}" >> $GITHUB_ENV
+
+      - name: Log in to the Container registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build and publish docker plugin
+        env:
+          REPO: ghcr.io/${{ github.repository }}
+          VERSION: ${{ env.TAG_NAME }}
+        run: |-
+          make plugin
+          docker plugin push "$REPO:${TAG_NAME}"