From 14ff64886b8679c79acd6d8dacbeac790c2b583f Mon Sep 17 00:00:00 2001
From: Simon Deziel <simon.deziel@canonical.com>
Date: Thu, 5 Dec 2024 17:58:01 -0500
Subject: [PATCH 1/3] github: add lp-snap-build action

Signed-off-by: Simon Deziel <simon.deziel@canonical.com>
---
 .github/actions/lp-snap-build/action.yml | 69 ++++++++++++++++++++++++
 1 file changed, 69 insertions(+)
 create mode 100644 .github/actions/lp-snap-build/action.yml

diff --git a/.github/actions/lp-snap-build/action.yml b/.github/actions/lp-snap-build/action.yml
new file mode 100644
index 000000000000..284d45e60e94
--- /dev/null
+++ b/.github/actions/lp-snap-build/action.yml
@@ -0,0 +1,69 @@
+name: Trigger snap build on Launchpad
+description: Setup SSH for interaction with Launchpad and trigger snap build
+
+inputs:
+  package-name:
+    description: Name of the package to provide to lxd-snapcraft
+    type: string
+  target-repo:
+    description: URL of the target repository to clone from and push to. Must have the protocol and user specified (`git+ssh://lxdbot@git.launchpad.net/~canonical-lxd/lxd`)
+    type: string
+  target-branch:
+    description: Name of the target branch to checkout and push to
+    type: string
+
+runs:
+  using: composite
+  steps:
+    - name: Setup Launchpad SSH access
+      shell: bash
+      env:
+        SSH_AUTH_SOCK: /tmp/ssh_auth.sock
+        LAUNCHPAD_LXD_BOT_KEY: ${{ secrets.LAUNCHPAD_LXD_BOT_KEY }}
+      run: |
+        set -eux
+        mkdir -m 0700 -p ~/.ssh/
+        ssh-agent -a "${SSH_AUTH_SOCK}" > /dev/null
+        ssh-add - <<< "${{ secrets.LAUNCHPAD_LXD_BOT_KEY }}"
+        ssh-add -L > ~/.ssh/id_ed25519.pub
+        # In ephemeral environments like GitHub Action runners, relying on TOFU isn't providing any security
+        # so require the key obtained by `ssh-keyscan` to match the expected hash from https://help.launchpad.net/SSHFingerprints
+        ssh-keyscan git.launchpad.net >> ~/.ssh/known_hosts
+        ssh-keygen -qlF git.launchpad.net | grep -xF 'git.launchpad.net RSA SHA256:UNOzlP66WpDuEo34Wgs8mewypV0UzqHLsIFoqwe8dYo'
+
+    - name: Configure Git
+      shell: bash
+      run: |
+        set -eux
+        git config --global transfer.fsckobjects true
+        git config --global user.name "Canonical LXD Bot"
+        git config --global user.email "lxd@lists.canonical.com"
+        git config --global commit.gpgsign true
+        git config --global gpg.format "ssh"
+        git config --global user.signingkey ~/.ssh/id_ed25519.pub
+
+    - name: Install lxd-snapcraft tool
+      shell: bash
+      run: |
+        # Depends on Go being available which is the case in the GitHub Actions environment
+        set -eux
+        go install github.com/canonical/lxd-ci/lxd-snapcraft@latest
+
+    - name: Trigger Launchpad snap build
+      shell: bash
+      env:
+        SSH_AUTH_SOCK: /tmp/ssh_auth.sock
+        PACKAGE: ${{ inputs.package-name }}
+        REPO: ${{ inputs.target-repo }}
+        BRANCH: ${{ inputs.target-branch }}
+      run: |
+        set -eux
+        localRev="$(git rev-parse HEAD)"
+
+        git clone -b "${BRANCH}" --depth 1 "${REPO}" ~/lp
+        cd ~/lp
+        lxd-snapcraft -package "${PACKAGE}" -set-version "git-${localRev:0:7}" -set-source-commit "${localRev}"
+        git add --all
+        git commit --all --quiet -s --allow-empty -m "Automatic upstream build (${BRANCH})" -m "Upstream commit: ${localRev}"
+        git show
+        git push --quiet

From 5ae1acdf3c33951443d2b7ac2637a06577c56e22 Mon Sep 17 00:00:00 2001
From: Simon Deziel <simon.deziel@canonical.com>
Date: Thu, 5 Dec 2024 17:58:57 -0500
Subject: [PATCH 2/3] github: use actions/lp-snap-build

Signed-off-by: Simon Deziel <simon.deziel@canonical.com>
---
 .github/workflows/tests.yml | 44 ++++---------------------------------
 1 file changed, 4 insertions(+), 40 deletions(-)

diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
index 9f74264eca78..e1a4d60985e7 100644
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -665,48 +665,12 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
-      - name: Setup Launchpad SSH access
-        env:
-          SSH_AUTH_SOCK: /tmp/ssh_agent.sock
-          LAUNCHPAD_LXD_BOT_KEY: ${{ secrets.LAUNCHPAD_LXD_BOT_KEY }}
-        run: |
-          set -eux
-          mkdir -m 0700 -p ~/.ssh/
-          ssh-agent -a "${SSH_AUTH_SOCK}" > /dev/null
-          ssh-add - <<< "${{ secrets.LAUNCHPAD_LXD_BOT_KEY }}"
-          ssh-add -L > ~/.ssh/id_ed25519.pub
-          # In ephemeral environments like GitHub Action runners, relying on TOFU isn't providing any security
-          # so require the key obtained by `ssh-keyscan` to match the expected hash from https://help.launchpad.net/SSHFingerprints
-          ssh-keyscan git.launchpad.net >> ~/.ssh/known_hosts
-          ssh-keygen -qlF git.launchpad.net | grep -xF 'git.launchpad.net RSA SHA256:UNOzlP66WpDuEo34Wgs8mewypV0UzqHLsIFoqwe8dYo'
-
-      - name: Install Go
-        uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
+      - uses: ./.github/actions/lp-snap-build
         with:
-          go-version-file: 'go.mod'
-
-      - name: Trigger Launchpad snap build
-        env:
-          SSH_AUTH_SOCK: /tmp/ssh_agent.sock
-          TARGET: >-
+          package-name: "lxd"
+          target-repo: "git+ssh://lxdbot@git.launchpad.net/~canonical-lxd/lxd"
+          target-branch: >-
             ${{ fromJson('{
               "main": "latest-edge",
               "stable-5.0": "5.0-edge",
             }')[github.ref_name] }}
-        run: |
-          set -eux
-          git config --global transfer.fsckobjects true
-          git config --global user.name "Canonical LXD Bot"
-          git config --global user.email "lxd@lists.canonical.com"
-          git config --global commit.gpgsign true
-          git config --global gpg.format "ssh"
-          git config --global user.signingkey ~/.ssh/id_ed25519.pub
-          localRev="$(git rev-parse HEAD)"
-          go install github.com/canonical/lxd-ci/lxd-snapcraft@latest
-          git clone -b "${TARGET}" git+ssh://lxdbot@git.launchpad.net/~canonical-lxd/lxd ~/lxd-pkg-snap-lp
-          cd ~/lxd-pkg-snap-lp
-          lxd-snapcraft -package lxd -set-version "git-${localRev:0:7}" -set-source-commit "${localRev}"
-          git add --all
-          git commit --all --quiet -s --allow-empty -m "Automatic upstream build (${TARGET})" -m "Upstream commit: ${localRev}"
-          git show
-          git push --quiet

From 04a74f6da44e329f08aa3611a9feca6bc04c389a Mon Sep 17 00:00:00 2001
From: Simon Deziel <simon.deziel@canonical.com>
Date: Thu, 5 Dec 2024 17:59:38 -0500
Subject: [PATCH 3/3] github: add missing git branch mapping from lxd to
 lxd-pkg-snap for 5.21

Signed-off-by: Simon Deziel <simon.deziel@canonical.com>
---
 .github/workflows/tests.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
index e1a4d60985e7..d22405f5e922 100644
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -672,5 +672,6 @@ jobs:
           target-branch: >-
             ${{ fromJson('{
               "main": "latest-edge",
+              "stable-5.21": "5.21-edge",
               "stable-5.0": "5.0-edge",
             }')[github.ref_name] }}