From f75ace3f70dd52184ca8ab13bb22f0a28d4b9215 Mon Sep 17 00:00:00 2001
From: cmillett <65162811+cmillett@users.noreply.github.com>
Date: Fri, 15 May 2026 10:35:30 +0200
Subject: [PATCH] Drop multi-arch plumbing from reusable sonar workflows
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Companion to Woosmap/build-helper#122. Both reusable workflows now run a
single arm64 job — matrix, ARCH_SUFFIX, manifest jobs, and follow-up
deploy stages collapse to inline steps.

- sonar_python_bender_build.yml: drop `multi_arch` input, collapse
  matrix to `ubuntu-24.04-arm`, delete `create_manifest` and `pr_deploy`
  jobs, run the existing PR Deploy step inline in `test_actions`.
- sonar_docker_deployer.yml: drop `multi_arch` input, collapse matrix to
  `ubuntu-24.04-arm`, delete `create_release_manifest` and
  `deploy_develop` jobs, run the existing Deploy Develop step inline in
  `deploy_actions`.

Caller repos still passing `multi_arch: true|false` will log a "not a
valid input" warning but run successfully; per-caller cleanup is
deferred to a follow-up sweep.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
---
 .github/workflows/sonar_docker_deployer.yml   | 69 +----------------
 .../workflows/sonar_python_bender_build.yml   | 77 +------------------
 2 files changed, 4 insertions(+), 142 deletions(-)

diff --git a/.github/workflows/sonar_docker_deployer.yml b/.github/workflows/sonar_docker_deployer.yml
index 60a3410..9c0162d 100644
--- a/.github/workflows/sonar_docker_deployer.yml
+++ b/.github/workflows/sonar_docker_deployer.yml
@@ -8,11 +8,6 @@ on:
         default: ''
         required: false
         type: string
-      multi_arch:
-        description: 'Enable multi-architecture builds (amd64 + arm64)'
-        default: false
-        required: false
-        type: boolean
     secrets:
       helper_token:
         required: true
@@ -39,18 +34,14 @@ on:
 
 jobs:
   deploy_actions:
-    strategy:
-      matrix:
-        include: ${{ fromJson(inputs.multi_arch && '[{"runner":"ubuntu-24.04","arch":"amd64"},{"runner":"ubuntu-24.04-arm","arch":"arm64"}]' || '[{"runner":"ubuntu-24.04","arch":"amd64"}]') }}
-    runs-on: ${{ matrix.runner }}
-    name: Deploy Docker${{ inputs.multi_arch && format(' ({0})', matrix.arch) || '' }}
+    runs-on: ubuntu-24.04-arm
+    name: Deploy Docker
     env:
       docker_password: ${{ secrets.dockerhub_ro_token }}
       TERM: xterm-256color
       FORCE_COLOR: 2
       DOCKER_BUILDKIT: 1
       BUILDX_NO_DEFAULT_ATTESTATIONS: 1
-      ARCH_SUFFIX: ${{ inputs.multi_arch && format('-{0}', matrix.arch) || '' }}
     steps:
       - name: Login to Docker Hub
         if: ${{ env.docker_password }}
@@ -83,12 +74,10 @@ jobs:
           cache_aws_key_id: ${{ secrets.cache_aws_key_id }}
           cache_aws_key: ${{ secrets.cache_aws_key }}
       - name: Deploy Develop
-        if: matrix.arch == 'amd64' && !inputs.multi_arch
         uses: ./helper/.github/actions/deploy
         with:
           leela_token: ${{ secrets.leela_token }}
       - name: Restore code coverage cache
-        if: matrix.arch == 'amd64'
         uses: ./helper/.github/actions/cache
         with:
           restore: "true"
@@ -97,61 +86,7 @@ jobs:
           cache_aws_key_id: ${{ secrets.cache_aws_key_id }}
           cache_aws_key: ${{ secrets.cache_aws_key }}
       - name: SonarCloud Scan
-        if: matrix.arch == 'amd64'
         uses: SonarSource/sonarqube-scan-action@master
         env:
           GITHUB_TOKEN: ${{ secrets.helper_token }}
           SONAR_TOKEN: ${{ secrets.sonar_token}}
-
-  create_release_manifest:
-    if: inputs.multi_arch
-    needs: deploy_actions
-    runs-on: ubuntu-24.04
-    name: Create multi-arch release manifest
-    env:
-      docker_password: ${{ secrets.dockerhub_ro_token }}
-      TERM: xterm-256color
-      FORCE_COLOR: 2
-    steps:
-      - name: Login to Docker Hub
-        if: ${{ env.docker_password }}
-        uses: docker/login-action@v3
-        with:
-          username: "woosmap"
-          password: ${{ secrets.dockerhub_ro_token }}
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-      - uses: Woosmap/.github/.github/actions/checkout_build_helper@master
-        with:
-          helper_token: ${{ secrets.helper_token }}
-          build_helper_branch: ${{ inputs.build_helper_branch }}
-      - name: Login to AWS ECR
-        uses: docker/login-action@v3
-        with:
-          registry: ${{ secrets.aws_account }}.dkr.ecr.us-east-1.amazonaws.com
-          username: ${{ secrets.aws_key_id }}
-          password: ${{ secrets.aws_key }}
-      - name: Create Release Manifest
-        uses: ./helper/.github/actions/create_release_manifest
-
-  deploy_develop:
-    if: inputs.multi_arch
-    needs: create_release_manifest
-    runs-on: ubuntu-24.04
-    name: Deploy develop
-    env:
-      TERM: xterm-256color
-      FORCE_COLOR: 2
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-      - uses: Woosmap/.github/.github/actions/checkout_build_helper@master
-        with:
-          helper_token: ${{ secrets.helper_token }}
-          build_helper_branch: ${{ inputs.build_helper_branch }}
-      - name: Deploy Develop
-        uses: ./helper/.github/actions/deploy
-        with:
-          leela_token: ${{ secrets.leela_token }}
diff --git a/.github/workflows/sonar_python_bender_build.yml b/.github/workflows/sonar_python_bender_build.yml
index 8a8e930..d1f063e 100644
--- a/.github/workflows/sonar_python_bender_build.yml
+++ b/.github/workflows/sonar_python_bender_build.yml
@@ -16,11 +16,6 @@ on:
         default: false
         required: false
         type: boolean
-      multi_arch:
-        description: 'Enable multi-architecture builds (amd64 + arm64)'
-        default: false
-        required: false
-        type: boolean
     secrets:
       helper_token:
         required: true
@@ -52,11 +47,8 @@ jobs:
     if: |
       (github.event_name == 'pull_request' && github.actor != 'dependabot[bot]') ||
       (github.event_name == 'pull_request_target' && github.actor == 'dependabot[bot]')
-    strategy:
-      matrix:
-        include: ${{ fromJson(inputs.multi_arch && '[{"runner":"ubuntu-24.04","arch":"amd64"},{"runner":"ubuntu-24.04-arm","arch":"arm64"}]' || '[{"runner":"ubuntu-24.04","arch":"amd64"}]') }}
-    runs-on: ${{ matrix.runner }}
-    name: Build, Test, Sonar, Publish${{ inputs.multi_arch && format(' ({0})', matrix.arch) || '' }}
+    runs-on: ubuntu-24.04-arm
+    name: Build, Test, Sonar, Publish
     env:
       is_reco: ${{ secrets.maxmind }}
       docker_password: ${{ secrets.dockerhub_ro_token }}
@@ -64,7 +56,6 @@ jobs:
       FORCE_COLOR: 2
       DOCKER_BUILDKIT: 1
       BUILDX_NO_DEFAULT_ATTESTATIONS: 1
-      ARCH_SUFFIX: ${{ inputs.multi_arch && format('-{0}', matrix.arch) || '' }}
     steps:
       - name: Login to Docker Hub
         if: ${{ env.docker_password }}
@@ -100,12 +91,10 @@ jobs:
         env:
           MAXMIND: ${{ secrets.maxmind }}
       - name: Bender Test
-        if: matrix.arch == 'amd64'
         uses: ./helper/.github/actions/run_tests
       - name: Bender Build
         uses: ./helper/.github/actions/builder
       - name: Cache code coverage
-        if: matrix.arch == 'amd64'
         uses: ./helper/.github/actions/cache
         with:
           path: "./coverage/coverage.xml"
@@ -113,7 +102,6 @@ jobs:
           cache_aws_key_id: ${{ secrets.cache_aws_key_id }}
           cache_aws_key: ${{ secrets.cache_aws_key }}
       - name: SonarCloud Scan
-        if: matrix.arch == 'amd64'
         uses: SonarSource/sonarqube-scan-action@master
         env:
           GITHUB_TOKEN: ${{ secrets.helper_token }}
@@ -125,67 +113,6 @@ jobs:
       - name: Publish
         uses: ./helper/.github/actions/publish
       - name: PR Deploy
-        if: matrix.arch == 'amd64' && !inputs.multi_arch
-        uses: ./helper/.github/actions/deploy
-        with:
-          pr_deploy: "true"
-          leela_token: ${{ secrets.leela_token }}
-
-  create_manifest:
-    if: |
-      inputs.multi_arch &&
-      ((github.event_name == 'pull_request' && github.actor != 'dependabot[bot]') ||
-      (github.event_name == 'pull_request_target' && github.actor == 'dependabot[bot]'))
-    needs: test_actions
-    runs-on: ubuntu-24.04
-    name: Create multi-arch manifest
-    env:
-      docker_password: ${{ secrets.dockerhub_ro_token }}
-      TERM: xterm-256color
-      FORCE_COLOR: 2
-    steps:
-      - name: Login to Docker Hub
-        if: ${{ env.docker_password }}
-        uses: docker/login-action@v3
-        with:
-          username: "woosmap"
-          password: ${{ secrets.dockerhub_ro_token }}
-      - uses: actions/checkout@v4
-        with:
-          ref: ${{ github.event.pull_request.head.sha }}
-      - uses: Woosmap/.github/.github/actions/checkout_build_helper@master
-        with:
-          helper_token: ${{ secrets.helper_token }}
-          build_helper_branch: ${{ inputs.build_helper_branch }}
-      - name: Login to AWS ECR
-        uses: docker/login-action@v3
-        with:
-          registry: ${{ secrets.aws_account }}.dkr.ecr.us-east-1.amazonaws.com
-          username: ${{ secrets.aws_key_id }}
-          password: ${{ secrets.aws_key }}
-      - name: Create Manifest
-        uses: ./helper/.github/actions/create_manifest
-
-  pr_deploy:
-    if: |
-      inputs.multi_arch &&
-      ((github.event_name == 'pull_request' && github.actor != 'dependabot[bot]') ||
-      (github.event_name == 'pull_request_target' && github.actor == 'dependabot[bot]'))
-    needs: create_manifest
-    runs-on: ubuntu-24.04
-    name: Deploy PR to develop
-    env:
-      TERM: xterm-256color
-      FORCE_COLOR: 2
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          ref: ${{ github.event.pull_request.head.sha }}
-      - uses: Woosmap/.github/.github/actions/checkout_build_helper@master
-        with:
-          helper_token: ${{ secrets.helper_token }}
-          build_helper_branch: ${{ inputs.build_helper_branch }}
-      - name: Deploy PR
         uses: ./helper/.github/actions/deploy
         with:
           pr_deploy: "true"