falcosecurity · poiana · Apr 27, 2023 · Apr 17, 2023 · Apr 17, 2023 · Apr 18, 2023
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -755,78 +755,78 @@ workflows:
       - "tests-driver-loader-integration":
           requires:
             - "build-centos7"
-      - "rpm-sign":
-          context: falco
-          filters:
-            tags:
-              ignore: /.*/
-            branches:
-              only: master
-          requires:
-            - "tests-integration"
-            - "tests-integration-arm64"
-      - "publish-packages-dev":
-          context:
-            - falco
-            - test-infra
-          filters:
-            tags:
-              ignore: /.*/
-            branches:
-              only: master
-          requires:
-            - "rpm-sign"
-            - "tests-integration-static"
-      - "publish-packages-deb-dev":
-          context:
-            - falco
-            - test-infra
-          filters:
-            tags:
-              ignore: /.*/
-            branches:
-              only: master
-          requires:
-            - "tests-integration"
-            - "tests-integration-arm64"
-      - "build-docker-dev":
-          context:
-            - falco
-            - test-infra
-          filters:
-            tags:
-              ignore: /.*/
-            branches:
-              only: master
-          requires:
-            - "publish-packages-dev"
-            - "publish-packages-deb-dev"
-            - "tests-driver-loader-integration"
-      - "build-docker-dev-arm64":
-          context:
-            - falco
-            - test-infra
-          filters:
-            tags:
-              ignore: /.*/
-            branches:
-              only: master
-          requires:
-            - "publish-packages-dev"
-            - "publish-packages-deb-dev"
-            - "tests-driver-loader-integration"      
-      - "publish-docker-dev":
-          context:
-            - falco
-            - test-infra
-          filters:
-            tags:
-              ignore: /.*/
-            branches:
-              only: master
-          requires:
-            - "build-docker-dev"
-            - "build-docker-dev-arm64"
+      # - "rpm-sign":
+      #     context: falco
+      #     filters:
+      #       tags:
+      #         ignore: /.*/
+      #       branches:
+      #         only: master
+      #     requires:
+      #       - "tests-integration"
+      #       - "tests-integration-arm64"
+      # - "publish-packages-dev":
+      #     context:
+      #       - falco
+      #       - test-infra
+      #     filters:
+      #       tags:
+      #         ignore: /.*/
+      #       branches:
+      #         only: master
+      #     requires:
+      #       - "rpm-sign"
+      #       - "tests-integration-static"
+      # - "publish-packages-deb-dev":
+      #     context:
+      #       - falco
+      #       - test-infra
+      #     filters:
+      #       tags:
+      #         ignore: /.*/
+      #       branches:
+      #         only: master
+      #     requires:
+      #       - "tests-integration"
+      #       - "tests-integration-arm64"
+      # - "build-docker-dev":
+      #     context:
+      #       - falco
+      #       - test-infra
+      #     filters:
+      #       tags:
+      #         ignore: /.*/
+      #       branches:
+      #         only: master
+      #     requires:
+      #       - "publish-packages-dev"
+      #       - "publish-packages-deb-dev"
+      #       - "tests-driver-loader-integration"
+      # - "build-docker-dev-arm64":
+      #     context:
+      #       - falco
+      #       - test-infra
+      #     filters:
+      #       tags:
+      #         ignore: /.*/
+      #       branches:
+      #         only: master
+      #     requires:
+      #       - "publish-packages-dev"
+      #       - "publish-packages-deb-dev"
+      #       - "tests-driver-loader-integration"      
+      # - "publish-docker-dev":
+      #     context:
+      #       - falco
+      #       - test-infra
+      #     filters:
+      #       tags:
+      #         ignore: /.*/
+      #       branches:
+      #         only: master
+      #     requires:
+      #       - "build-docker-dev"
+      #       - "build-docker-dev-arm64"
       # - "quality/static-analysis" # This is temporarily disabled: https://github.com/falcosecurity/falco/issues/1526
   release:
     jobs:
@@ -848,73 +848,73 @@ workflows:
               only: /.*/
             branches:
               ignore: /.*/
-      - "rpm-sign":
-          context: falco
-          requires:
-            - "build-centos7"
-            - "build-arm64"
-          filters:
-            tags:
-              only: /.*/
-            branches:
-              ignore: /.*/
-      - "publish-packages":
-          context:
-            - falco
-            - test-infra
-          requires:
-            - "build-musl"
-            - "rpm-sign"
-          filters:
-            tags:
-              only: /.*/
-            branches:
-              ignore: /.*/
-      - "publish-packages-deb":
-          context:
-            - falco
-            - test-infra
-          requires:
-            - "build-centos7"
-            - "build-arm64"
-          filters:
-            tags:
-              only: /.*/
-            branches:
-              ignore: /.*/
-      - "build-docker":
-          context:
-            - falco
-            - test-infra
-          requires:
-            - "publish-packages"
-            - "publish-packages-deb"
-          filters:
-            tags:
-              only: /.*/
-            branches:
-              ignore: /.*/
-      - "build-docker-arm64":
-          context:
-            - falco
-            - test-infra
-          requires:
-            - "publish-packages"
-            - "publish-packages-deb"
-          filters:
-            tags:
-              only: /.*/
-            branches:
-              ignore: /.*/
-      - "publish-docker":
-          context:
-            - falco
-            - test-infra
-          requires:
-            - "build-docker"
-            - "build-docker-arm64"
-          filters:
-            tags:
-              only: /.*/
-            branches:
-              ignore: /.*/
+      # - "rpm-sign":
+      #     context: falco
+      #     requires:
+      #       - "build-centos7"
+      #       - "build-arm64"
+      #     filters:
+      #       tags:
+      #         only: /.*/
+      #       branches:
+      #         ignore: /.*/
+      # - "publish-packages":
+      #     context:
+      #       - falco
+      #       - test-infra
+      #     requires:
+      #       - "build-musl"
+      #       - "rpm-sign"
+      #     filters:
+      #       tags:
+      #         only: /.*/
+      #       branches:
+      #         ignore: /.*/
+      # - "publish-packages-deb":
+      #     context:
+      #       - falco
+      #       - test-infra
+      #     requires:
+      #       - "build-centos7"
+      #       - "build-arm64"
+      #     filters:
+      #       tags:
+      #         only: /.*/
+      #       branches:
+      #         ignore: /.*/
+      # - "build-docker":
+      #     context:
+      #       - falco
+      #       - test-infra
+      #     requires:
+      #       - "publish-packages"
+      #       - "publish-packages-deb"
+      #     filters:
+      #       tags:
+      #         only: /.*/
+      #       branches:
+      #         ignore: /.*/
+      # - "build-docker-arm64":
+      #     context:
+      #       - falco
+      #       - test-infra
+      #     requires:
+      #       - "publish-packages"
+      #       - "publish-packages-deb"
+      #     filters:
+      #       tags:
+      #         only: /.*/
+      #       branches:
+      #         ignore: /.*/
+      # - "publish-docker":
+      #     context:
+      #       - falco
+      #       - test-infra
+      #     requires:
+      #       - "build-docker"
+      #       - "build-docker-arm64"
+      #     filters:
+      #       tags:
+      #         only: /.*/
+      #       branches:
+      #         ignore: /.*/
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -2,12 +2,10 @@ name: CI Build
 on:
   pull_request:
     branches: [master]
-  push:
-    branches: [master]
   workflow_dispatch:
 
 # Checks if any concurrent jobs under the same pull request or branch are being executed
-# NOTE: this will cancel every workflow that is being ran as group is just the github ref (without the workflow name)
+# NOTE: this will cancel every workflow that is being ran against a PR as group is just the github ref (without the workflow name)
 concurrency:
   group: ${{ github.head_ref || github.run_id }}
   cancel-in-progress: true  

diff --git a/.github/workflows/master.yaml b/.github/workflows/master.yaml
@@ -0,0 +1,54 @@
+name: Dev Packages and Docker images
+on:
+  push:
+    branches: [master]
+
+# Checks if any concurrent jobs is running for master CI and eventually cancel it
+concurrency:
+  group: ci-master
+  cancel-in-progress: true  
+
+jobs:
+  build-dev-packages:
+    uses: falcosecurity/falco/.github/workflows/reusable_build_packages.yaml@master
+    with:
+      arch: x86_64
+    secrets: inherit
+
+  build-dev-packages-arm64:
+    uses: falcosecurity/falco/.github/workflows/reusable_build_packages.yaml@master
+    with:
+      arch: aarch64
+    secrets: inherit
+
+  publish-dev-packages:
+    needs: [build-dev-packages, build-dev-packages-arm64]
+    uses: falcosecurity/falco/.github/workflows/reusable_publish_packages.yaml@master
+    with:
+      bucket: '-dev'
+      version: ${{ needs.build-dev-packages.outputs.version }}
+    secrets: inherit
+
+  # Both build-dev-docker and its arm64 counterpart require build-dev-packages because they use its output
+  build-dev-docker:
+    needs: [build-dev-packages, publish-dev-packages]
+    uses: falcosecurity/falco/.github/workflows/reusable_build_docker.yaml@master
+    with:
+      arch: x86_64
+      bucket: '-dev'
+      version: ${{ needs.build-dev-packages.outputs.version }}
+    secrets: inherit
+
+  build-dev-docker-arm64:
+    needs: [build-dev-packages, publish-dev-packages]
+    uses: falcosecurity/falco/.github/workflows/reusable_build_docker.yaml@master
+    with:
+      arch: aarch64
+      bucket: '-dev'
+      version: ${{ needs.build-dev-packages.outputs.version }}
+    secrets: inherit
+
+  publish-dev-docker:
+    needs: [build-dev-docker, build-dev-docker-arm64]
+    uses: falcosecurity/falco/.github/workflows/reusable_publish_docker.yaml@master
+    secrets: inherit