BUILD/MAJOR: ci: add github workflows

Author: oktalz

.github/stale.yml

@@ -0,0 +1,19 @@
+# Number of days of inactivity before an issue becomes stale
+daysUntilStale: 30
+# Number of days of inactivity before a stale issue is closed
+daysUntilClose: 30
+# Issues with these labels will never be considered stale
+exemptLabels:
+  - enhancement
+  - bug
+  - documentation
+  - hold-open
+# Label to use when marking an issue as stale
+staleLabel: stale
+# Comment to post when marking an issue as stale. Set to `false` to disable
+markComment: >
+  This issue has been automatically marked as stale because it has not had
+  recent activity. It will be closed if no further activity occurs. Thank you
+  for your contributions.
+# Comment to post when closing a stale issue. Set to `false` to disable
+closeComment: false

.github/workflows/.goreleaser.yml

@@ -0,0 +1,27 @@
+name: goreleaser
+on:
+  push:
+    tags:
+      - "*"
+jobs:
+  goreleaser:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          # we have to fetch all history to be able to generate the release note. c.f. https://goreleaser.com/ci/actions/.
+          fetch-depth: 0
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version-file: "go.mod"
+          check-latest: true
+      - name: Run GoReleaser
+        uses: goreleaser/goreleaser-action@v4
+        with:
+          distribution: goreleaser
+          version: 1.17.1
+          args: release --clean
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/actions.yml

@@ -0,0 +1,153 @@
+name: CI
+on: [push, pull_request]
+jobs:
+  check:
+    if: ${{ github.event_name == 'pull_request' }}
+    name: HAProxy check commit message
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v4
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version-file: 'go.mod'
+        id: go
+      - name: Install Task
+        uses: go-task/setup-task@v1
+        with:
+          version: 3.x
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+      - name: commit-policy
+        run: task check-commit
+  generate-doc:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v4
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version-file: 'go.mod'
+        id: go
+      - name: Install Task
+        uses: go-task/setup-task@v1
+        with:
+          version: 3.x
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+      - name: prepare taskfile
+        run: "sed -i 's/internal: true/internal: false/g' taskfile/generate.yml"
+      - name: generating documentation
+        run: task generate
+      - name: reset taskfile
+        run: "sed -i 's/internal: false/internal: true/g' taskfile/generate.yml"
+      - name: changes
+        run: test -z "$(git diff 2> /dev/null)" || exit "Documentation is not generated, issue \`task ci\` and commit the result"
+      - name: untracked files
+        run: test -z "$(git ls-files --others --exclude-standard 2> /dev/null)" || exit "Documentation created untracked files, cannot proceed"
+  generate-code:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v4
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version-file: 'go.mod'
+        id: go
+      - name: Install Task
+        uses: go-task/setup-task@v1
+        with:
+          version: 3.x
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+      - name: prepare taskfile
+        run: "sed -i 's/internal: true/internal: false/g' taskfile/generate.yml"
+      - name: generating code
+        run: task controller-gen
+      - name: reset taskfile
+        run: "sed -i 's/internal: false/internal: true/g' taskfile/generate.yml"
+      - name: changes
+        run: test -z "$(git diff 2> /dev/null)" || exit "code generation is not run, issue \`task ci\` and commit the result"
+      - name: untracked files
+        run: test -z "$(git ls-files --others --exclude-standard 2> /dev/null)" || exit "Documentation created untracked files, cannot proceed"
+  tidy:
+    name: go mod tidy
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v4
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version-file: "go.mod"
+          check-latest: true
+      - name: tidy
+        run: go mod tidy
+      - name: changes
+        run: test -z "$(git diff 2> /dev/null)" || exit "Go modules not tidied, issue \`go mod tidy\` and commit the result"
+  gofumpt:
+    name: gofumpt
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v4
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version-file: 'go.mod'
+        id: go
+      - name: Install Task
+        uses: go-task/setup-task@v1
+        with:
+          version: 3.x
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+      - name: prepare taskfile
+        run: "sed -i 's/internal: true/internal: false/g' taskfile/generate.yml"
+      - name: tidy
+        run: task format
+      - name: reset taskfile
+        run: "sed -i 's/internal: false/internal: true/g' taskfile/generate.yml"
+      - name: changes
+        run: test -z "$(git diff 2> /dev/null)" || exit "Go code not formatted, issue \`make gofumpt\` and commit the result"
+  lint:
+    name: golangci-lint
+    needs: ["generate", "tidy"]
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v4
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version-file: 'go.mod'
+        id: go
+      - name: Install Task
+        uses: go-task/setup-task@v1
+        with:
+          version: 3.x
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+      - name: reset taskfile
+        run: "sed -i 's/internal: false/internal: true/g' taskfile/generate.yml"
+      - name: Lint
+        run: |
+          task lint
+      - name: reset taskfile
+        run: "sed -i 's/internal: false/internal: true/g' taskfile/generate.yml"
+  build:
+    name: build
+    runs-on: ubuntu-latest
+    needs: ["lint"]
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v4
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version-file: 'go.mod'
+        id: go
+      - name: Get dependencies
+        run: |
+          go mod tidy
+      - name: Build
+        run: |
+          go build -v .

.github/workflows/docker_auto_release.yml

@@ -0,0 +1,120 @@
+name: Build on release and push to Docker Hub
+on:
+  push:
+    tags:
+      - "v*"
+jobs:
+  main:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    env:
+      DOCKER_PLATFORMS: linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64
+      DOCKER_IMAGE: haproxytech/haproxy-unified-gateway
+      LATEST_BRANCH: "dev"
+    steps:
+      - name: Login to Docker Hub
+        id: login_docker
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKER_HUB_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
+
+      - name: Login to Container Registry
+        id: login_ghcr
+        uses: docker/login-action@v1
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v1
+
+      - name: Cache Docker layers
+        uses: actions/cache@v4
+        with:
+          path: /tmp/.buildx-cache
+          key: ${{ runner.os }}-buildx-${{ github.sha }}
+          restore-keys: |
+            ${{ runner.os }}-buildx-
+
+      - name: Check out repo
+        id: checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Prepare env variables
+        id: env
+        run: |
+          echo "BUILD_BRANCH=$(echo $GITHUB_REF | cut -d / -f 3 | sed -e 's:^v::g' | cut -d. -f-2)" >> $GITHUB_ENV
+          echo "BUILD_VER=$(echo $GITHUB_REF | cut -d / -f 3 | sed -e 's:^v::g')" >> $GITHUB_ENV
+          echo "BUILD_DATE=$(date +'%Y-%m-%d %H:%M:%S')" >> $GITHUB_ENV
+          echo "GIT_SHA=$(git rev-parse --short HEAD | cut -c1-7)" >> $GITHUB_ENV
+          echo "GIT_REF=$(git symbolic-ref -q --short HEAD || git describe --tags --exact-match)" >> $GITHUB_ENV
+          echo "LATEST_BRANCH=$(curl -sfSL 'https://raw.githubusercontent.com/haproxytech/haproxy-unified-gateway/master/documentation/doc.yaml' 2>/dev/null | awk -F: '/^active_version/ {gsub(/^ /,"",$2); print $2}' || echo $LATEST_BRANCH)" >> $GITHUB_ENV
+
+      - name: Build and push latest stable branch
+        if: ${{ env.BUILD_BRANCH == env.LATEST_BRANCH }}
+        id: docker_build_latest
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          file: build/Dockerfile
+          builder: ${{ steps.buildx.outputs.name }}
+          platforms: ${{ env.DOCKER_PLATFORMS }}
+          push: true
+          labels: |
+            org.opencontainers.image.authors=${{ github.repository_owner }}
+            org.opencontainers.image.created=${{ env.BUILD_DATE }}
+            org.opencontainers.image.description=Created from commit ${{ env.GIT_SHA }} and ref ${{ env.GIT_REF }}
+            org.opencontainers.image.ref.name=${{ env.GIT_REF }}
+            org.opencontainers.image.revision=${{ env.GIT_SHA }}
+            org.opencontainers.image.source=https://github.com/${{ github.repository }}
+            org.opencontainers.image.version=${{ env.BUILD_VER }}
+          tags: |
+            ${{ env.DOCKER_IMAGE }}:latest
+            ${{ env.DOCKER_IMAGE }}:${{ env.BUILD_BRANCH }}
+            ${{ env.DOCKER_IMAGE }}:${{ env.BUILD_VER }}
+            ghcr.io/${{ github.repository }}:latest
+            ghcr.io/${{ github.repository }}:${{ env.BUILD_BRANCH }}
+            ghcr.io/${{ github.repository }}:${{ env.BUILD_VER }}
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,dest=/tmp/.buildx-cache-new
+
+      - name: Build and push everything else
+        if: ${{ env.BUILD_BRANCH != env.LATEST_BRANCH }}
+        id: docker_build_regular
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          file: build/Dockerfile
+          builder: ${{ steps.buildx.outputs.name }}
+          platforms: ${{ env.DOCKER_PLATFORMS }}
+          push: true
+          labels: |
+            org.opencontainers.image.authors=${{ github.repository_owner }}
+            org.opencontainers.image.created=${{ env.BUILD_DATE }}
+            org.opencontainers.image.description=Created from commit ${{ env.GIT_SHA }} and ref ${{ env.GIT_REF }}
+            org.opencontainers.image.ref.name=${{ env.GIT_REF }}
+            org.opencontainers.image.revision=${{ env.GIT_SHA }}
+            org.opencontainers.image.source=https://github.com/${{ github.repository }}
+            org.opencontainers.image.version=${{ env.BUILD_VER }}
+          tags: |
+            ${{ env.DOCKER_IMAGE }}:${{ env.BUILD_BRANCH }}
+            ${{ env.DOCKER_IMAGE }}:${{ env.BUILD_VER }}
+            ghcr.io/${{ github.repository }}:${{ env.BUILD_BRANCH }}
+            ghcr.io/${{ github.repository }}:${{ env.BUILD_VER }}
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,dest=/tmp/.buildx-cache-new
+
+      - name: Move cache
+        run: |
+          rm -rf /tmp/.buildx-cache
+          mv /tmp/.buildx-cache-new /tmp/.buildx-cache

.github/workflows/docker_description.yml

@@ -0,0 +1,26 @@
+name: Update Docker Hub description
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - README.md
+  workflow_dispatch:
+jobs:
+  main:
+    runs-on: ubuntu-latest
+    env:
+      DOCKER_IMAGE: haproxytech/haproxy-unified-gateway
+    steps:
+      - name: Check out repo
+        id: checkout
+        uses: actions/checkout@v4
+
+      - name: Update Docker Hub description
+        id: description
+        uses: peter-evans/dockerhub-description@v2
+        with:
+          username: ${{ secrets.DOCKER_HUB_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_PASSWORD }}
+          repository: ${{ env.DOCKER_IMAGE }}
+          short-description: ${{ github.event.repository.description }}