From bbd99d8eb4bb2bb7d13ef594ccf61f10afcdb7b9 Mon Sep 17 00:00:00 2001
From: nvuillam <nicolas.vuillamy@gmail.com>
Date: Sun, 20 Oct 2024 12:25:08 +0200
Subject: [PATCH 1/3] Alpha big image

---
 .github/workflows/deploy-ALPHA.yml | 31 ++++++++++++++++++------------
 1 file changed, 19 insertions(+), 12 deletions(-)

diff --git a/.github/workflows/deploy-ALPHA.yml b/.github/workflows/deploy-ALPHA.yml
index 3af1f6f65d0..3980906b38f 100644
--- a/.github/workflows/deploy-ALPHA.yml
+++ b/.github/workflows/deploy-ALPHA.yml
@@ -106,6 +106,13 @@ jobs:
             ghcr.io/oxsecurity/megalinter-server:alpha
           # ghcr.io/oxsecurity/megalinter-server:alpha-${{ github.sha }}
 
+      - name: Invoke Mirror docker image workflow (Server image)
+        uses: benc-uk/workflow-dispatch@v1
+        with:
+          workflow: mirror-docker-image.yml
+          inputs: '{ "source-image": "ghcr.io/oxsecurity/megalinter-server:alpha", "target-image": "docker.io/oxsecurity/megalinter-server:alpha" }'
+          ref: ${{ github.ref_name }}
+
       - name: Build & Push Docker Image
         uses: docker/build-push-action@v6
         with:
@@ -124,6 +131,13 @@ jobs:
             ghcr.io/oxsecurity/megalinter:alpha
           # ghcr.io/oxsecurity/megalinter:alpha-${{ github.sha }}
 
+      - name: Invoke Mirror docker image workflow (MegaLinter image)
+        uses: benc-uk/workflow-dispatch@v1
+        with:
+          workflow: mirror-docker-image.yml
+          inputs: '{ "source-image": "ghcr.io/oxsecurity/megalinter:alpha", "target-image": "docker.io/oxsecurity/megalinter:alpha" }'
+          ref: ${{ github.ref_name }}
+
       - name: Build & Push Worker Docker Image
         uses: docker/build-push-action@v6
         with:
@@ -142,16 +156,9 @@ jobs:
           tags: |
             ghcr.io/oxsecurity/megalinter-worker:alpha
 
-      - name: Login to Docker Hub
-        uses: docker/login-action@v3
+      - name: Invoke Mirror docker image workflow (Worker image)
+        uses: benc-uk/workflow-dispatch@v1
         with:
-          username: ${{ secrets.DOCKER_USERNAME }}
-          password: ${{ secrets.DOCKER_PASSWORD }}
-
-      # Copy ghrc.io image to Docker Hub
-      - name: Pull image from GHCR
-        run: docker system prune -a --volumes --force && docker system prune -a --volumes --force && docker pull ghcr.io/oxsecurity/megalinter:alpha
-      - name: Tag image for Docker Hub
-        run: docker tag ghcr.io/oxsecurity/megalinter:alpha oxsecurity/megalinter:alpha
-      - name: Push image to Docker Hub
-        run: docker push oxsecurity/megalinter:alpha
\ No newline at end of file
+          workflow: mirror-docker-image.yml
+          inputs: '{ "source-image": "ghcr.io/oxsecurity/megalinter-worker:alpha", "target-image": "docker.io/oxsecurity/megalinter-worker:alpha" }'
+          ref: ${{ github.ref_name }}

From a9e5ed9dcec325f02a611bd9defc8ed10c74f4fa Mon Sep 17 00:00:00 2001
From: nvuillam <nicolas.vuillamy@gmail.com>
Date: Sun, 20 Oct 2024 12:53:50 +0200
Subject: [PATCH 2/3] permissions

---
 .github/workflows/deploy-ALPHA-flavors.yml | 5 ++---
 .github/workflows/deploy-ALPHA.yml         | 4 +---
 2 files changed, 3 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/deploy-ALPHA-flavors.yml b/.github/workflows/deploy-ALPHA-flavors.yml
index 44683b91510..3f9dbb9e849 100644
--- a/.github/workflows/deploy-ALPHA-flavors.yml
+++ b/.github/workflows/deploy-ALPHA-flavors.yml
@@ -45,6 +45,7 @@ jobs:
     # Set the agent to run on
     runs-on: ${{ matrix.os }}
     permissions:
+      actions: write
       packages: write
     strategy:
       fail-fast: false
@@ -121,7 +122,6 @@ jobs:
         with:
           workflow: mirror-docker-image.yml
           inputs: '{ "source-image": "ghcr.io/oxsecurity/megalinter-${{ matrix.flavor }}:alpha", "target-image": "docker.io/oxsecurity/megalinter-${{ matrix.flavor }}:alpha" }'
-          ref: ${{ github.ref_name }}
 
       - name: Build Worker Image
         uses: docker/build-push-action@v6
@@ -145,8 +145,7 @@ jobs:
         uses: benc-uk/workflow-dispatch@v1
         with:
           workflow: mirror-docker-image.yml
-          inputs: '{ "source-image": "ghcr.io/oxsecurity/megalinter-worker-${{ matrix.flavor }}:alpha", "target-image": "docker.io/oxsecurity/megalinter-worker-${{ matrix.flavor }}:alpha" }'
-          ref: ${{ github.ref_name }}
+          inputs: '{ "source-image": "ghcr.io/oxsecurity/megalinter-worker-${{ matrix.flavor }}:alpha", "target-image": "docker.io/oxsecurity/megalinter-worker-${{ matrix.flavor }}:alpha" }'    
 
       ##############################################
       # Check Docker image security with Trivy #
diff --git a/.github/workflows/deploy-ALPHA.yml b/.github/workflows/deploy-ALPHA.yml
index 3980906b38f..40ffe44b136 100644
--- a/.github/workflows/deploy-ALPHA.yml
+++ b/.github/workflows/deploy-ALPHA.yml
@@ -45,6 +45,7 @@ jobs:
     # Set the agent to run on
     runs-on: ubuntu-latest
     permissions:
+      actions: write
       packages: write
     # Only run this on the main repo
     if: github.repository == 'oxsecurity/megalinter' && !contains(github.event.head_commit.message, 'skip deploy')
@@ -111,7 +112,6 @@ jobs:
         with:
           workflow: mirror-docker-image.yml
           inputs: '{ "source-image": "ghcr.io/oxsecurity/megalinter-server:alpha", "target-image": "docker.io/oxsecurity/megalinter-server:alpha" }'
-          ref: ${{ github.ref_name }}
 
       - name: Build & Push Docker Image
         uses: docker/build-push-action@v6
@@ -136,7 +136,6 @@ jobs:
         with:
           workflow: mirror-docker-image.yml
           inputs: '{ "source-image": "ghcr.io/oxsecurity/megalinter:alpha", "target-image": "docker.io/oxsecurity/megalinter:alpha" }'
-          ref: ${{ github.ref_name }}
 
       - name: Build & Push Worker Docker Image
         uses: docker/build-push-action@v6
@@ -161,4 +160,3 @@ jobs:
         with:
           workflow: mirror-docker-image.yml
           inputs: '{ "source-image": "ghcr.io/oxsecurity/megalinter-worker:alpha", "target-image": "docker.io/oxsecurity/megalinter-worker:alpha" }'
-          ref: ${{ github.ref_name }}

From 14f17a54275d0908393880fc2b299aaab19f33a8 Mon Sep 17 00:00:00 2001
From: nvuillam <nicolas.vuillamy@gmail.com>
Date: Sun, 20 Oct 2024 13:04:47 +0200
Subject: [PATCH 3/3] Handle permissions

---
 .github/workflows/mirror-docker-image.yml | 31 ++++++++++++++++++++++-
 1 file changed, 30 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/mirror-docker-image.yml b/.github/workflows/mirror-docker-image.yml
index 4e4ebbec45b..aa49ceb72d6 100644
--- a/.github/workflows/mirror-docker-image.yml
+++ b/.github/workflows/mirror-docker-image.yml
@@ -15,7 +15,36 @@ on:
         default: 'true'
 
 jobs:
-  copy-to-docker-hub:
+
+  copy-to-docker-hub-alpha:
+    if: github.ref_name == 'alpha'
+    runs-on: ubuntu-latest
+    environment:
+      name: alpha
+    steps:
+      # Free disk space
+      - name: Free Disk space
+        if: github.event.inputs.free-space-before == 'true'
+        shell: bash
+        run: |
+          sudo rm -rf /usr/local/lib/android  # will release about 10 GB if you don't need Android
+          sudo rm -rf /usr/share/dotnet # will release about 20GB if you don't need .NET
+      # Login to docker hub
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+      # Copy ghrc.io image to Docker Hub
+      - name: Pull image from GHCR
+        run: docker pull "${{ github.event.inputs.source-image }}"
+      - name: Tag image for Docker Hub
+        run: docker tag "${{ github.event.inputs.source-image }}" "${{ github.event.inputs.target-image }}"
+      - name: Push image to Docker Hub
+        run: docker push "${{ github.event.inputs.target-image }}"
+
+  copy-to-docker-hub-main:
+    if: github.ref_name == 'main'
     runs-on: ubuntu-latest
     environment:
       name: beta