From e3a5baf597c0b6ef9cfff031f479524be887370a Mon Sep 17 00:00:00 2001
From: Tatsinnit <tamishra@microsoft.com>
Date: Sat, 10 Feb 2024 10:34:39 +1300
Subject: [PATCH] New test workflow for 1es runner. (#284)

Co-authored-by: Tatsat Mishra <tatsat.mishra@microsoft.com>
---
 .github/workflows/build-publish-poc-1es.yml | 56 +++++++++++++++++++++
 1 file changed, 56 insertions(+)
 create mode 100644 .github/workflows/build-publish-poc-1es.yml

diff --git a/.github/workflows/build-publish-poc-1es.yml b/.github/workflows/build-publish-poc-1es.yml
new file mode 100644
index 00000000..189eee40
--- /dev/null
+++ b/.github/workflows/build-publish-poc-1es.yml
@@ -0,0 +1,56 @@
+name: Building and Pushing to MCR
+on: [workflow_dispatch]
+
+permissions:
+      id-token: write
+      contents: read
+
+jobs:
+  common:
+    runs-on:
+      labels: ["self-hosted", "1ES.Pool=1es-aks-periscope-pool-msit-poc"]
+    defaults:
+      run:
+        shell: pwsh
+    steps:
+    - uses: actions/checkout@v3
+    - name: Get Changelog Entry
+      id: changelog_reader
+      uses: mindsers/changelog-reader-action@v2
+      with:
+        validation_depth: 10
+        path: ./CHANGELOG.md
+    - name: Get Version Info
+      id: read_metadata
+      run: |
+        echo "Version: ${{ steps.changelog_reader.outputs.version }}"
+        echo "Changes: ${{ steps.changelog_reader.outputs.changes }}"
+        $tagbase = "${{ vars.AZURE_REGISTRY_SERVER }}/periscope-test:${{ steps.changelog_reader.outputs.version }}"
+        echo "tagbase=$tagbase" >> $env:GITHUB_OUTPUT
+    outputs:
+      tagbase: ${{ steps.read_metadata.outputs.tagbase }}
+      version: ${{ steps.changelog_reader.outputs.version }}
+      changes: ${{ steps.changelog_reader.outputs.changes }}
+  publish:
+    runs-on:
+      labels: ["self-hosted", "1ES.Pool=1es-aks-periscope-pool-msit-poc"]
+    needs: common
+    defaults:
+      run:
+        shell: pwsh
+    steps:
+    - uses: actions/checkout@v3
+    # - name: 'Az CLI login'
+    - name: "Login to ACR"
+      run: |
+          az login --identity
+    - name: 'Publish to ACR'
+      id: publish
+      run: |
+        $tag = "${{ needs.common.outputs.tagbase }}-mariner2.0"
+        echo "tag-ubuntu-latest=$tag" >> $env:GITHUB_OUTPUT
+        docker build -f ./builder/Dockerfile.linux --build-arg BASE_IMAGE=mcr.microsoft.com/cbl-mariner/distroless/base:2.0 -t $tag .
+        az acr login -n ${{ vars.AZURE_REGISTRY_SERVER }}
+        docker push $tag
+    outputs:
+      linux: ${{ steps.publish.outputs.tag-ubuntu-latest }}