aerospike
diff --git a/‎.github/workflows/reusable_upload-artifacts.yaml‎
Lines changed: 88 additions & 0 deletions b/‎.github/workflows/reusable_upload-artifacts.yaml‎
Lines changed: 88 additions & 0 deletions
diff --git a/‎.github/workflows/test_sign-artifacts-workflow.yaml‎
Lines changed: 1 addition & 2 deletions b/‎.github/workflows/test_sign-artifacts-workflow.yaml‎
Lines changed: 1 addition & 2 deletions
diff --git a/‎.github/workflows/test_upload-artifacts-workflow.yaml‎
Lines changed: 47 additions & 0 deletions b/‎.github/workflows/test_upload-artifacts-workflow.yaml‎
Lines changed: 47 additions & 0 deletions
diff --git a/‎.github/workflows/upload-artifacts/README.md‎
Lines changed: 114 additions & 0 deletions b/‎.github/workflows/upload-artifacts/README.md‎
Lines changed: 114 additions & 0 deletions
@@ -0,0 +1,88 @@
+name: Upload to JFrog Artifactory
+
+on:
+  workflow_call:
+    inputs:
+      project:
+        description: JFrog Artifactory project name
+        required: true
+        type: string
+      build-prefix:
+        description: Prefix for the build name
+        required: true
+        type: string
+      version:
+        description: Version of the artifact to upload
+        required: true
+        type: string
+      artifactory-url:
+        required: false
+        description: JFrog Artifactory URL
+        type: string
+        default: https://aerospike.jfrog.io
+      artifactory-oidc-provider-name:
+        required: false
+        description: OIDC provider name
+        type: string
+        default: gh-citrusleaf
+      artifactory-oidc-audience:
+        required: false
+        description: OIDC audience
+        type: string
+        default: citrusleaf
+      build-artifacts-name:
+        description: Name of downloaded/uploaded artifacts
+        required: false
+        type: string
+        default: build-artifacts
+      dry-run:
+        description: Whether to run in dry-run mode. Dry-run mode will not upload any artifacts.
+        required: false
+        type: boolean
+        default: false
+
+permissions:
+  contents: read
+  packages: write
+  id-token: write
+
+jobs:
+  upload:
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - name: Setup JFrog CLI
+        uses: jfrog/setup-jfrog-cli@f748a0599171a192a2668afee8d0497f7c1069df # v4.5.6
+        env:
+          JF_URL: ${{ inputs.artifactory-url }}
+          JF_PROJECT: ${{ inputs.project }}
+        with:
+          oidc-provider-name: ${{ inputs.artifactory-oidc-provider-name }}
+          oidc-audience: ${{ inputs.artifactory-oidc-audience }}
+
+      - name: Check JFrog Configuration
+        run: |
+          jf c show
+          jf rt ping
+      - name: Download artifacts
+        uses: actions/download-artifact@v4
+        with:
+          name: ${{ inputs.build-artifacts-name }}
+          path: ./build-artifacts
+
+      - name: Upload Artifacts
+        shell: bash
+        run: |
+          chmod +x ${{ github.workspace }}/.github/workflows/upload-artifacts/entrypoint.sh
+          dry_run_arg=""
+          if [ "${{ inputs.dry-run }}" = "true" ]; then
+            dry_run_arg="--dry-run"
+          fi
+          ${{ github.workspace }}/.github/workflows/upload-artifacts/entrypoint.sh \
+            "${{ inputs.project }}" \
+            "${{ inputs.build-prefix }}" \
+            "${{ inputs.version }}" \
+            $dry_run_arg
@@ -10,8 +10,7 @@ jobs:
   # In order to test the workflow in a subdirectory, we need to limit it to a specific ref.
   # This will require a secondary PR to clean up the conditional logic for the main branch.
   test-sign-workflow:
-    if: github.head_ref == 'feature/INFRA-127-develop-sign-artifacts-workflow'
-    uses: aerospike/shared-workflows/.github/workflows/reusable_sign-artifacts.yaml@feature/INFRA-127-develop-sign-artifacts-workflow
+    uses: aerospike/shared-workflows/.github/workflows/reusable_sign-artifacts.yaml@e98d5bdf0034b78651a53729650aece75f85f96d # FIXME: pin to release on release of v1.1.0
     with:
       artifact-glob: tests/**/*.{deb,rpm}
       output-dir: signed-artifacts
 
@@ -0,0 +1,47 @@
+name: Test Upload Workflow
+on:
+  workflow_dispatch:
+  pull_request:
+    branches: [main]
+
+permissions:
+  id-token: write
+  contents: read
+  packages: write
+
+jobs:
+  upload-test-gh-artifacts:
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Upload Artifacts
+        uses: actions/upload-artifact@v4
+        with:
+          name: build-artifacts
+          path: tests/test-1.0-2.noarch.rpm
+  # In order to test the workflow in a subdirectory, we need to limit it to a specific ref.
+  # This will require a secondary PR to clean up the conditional logic for the main branch.
+  test-upload-workflow:
+    if: github.head_ref == 'feature/INFRA-128-upload-artifacts'
+    uses: aerospike/shared-workflows/.github/workflows/reusable_upload-artifacts.yaml@feature/INFRA-128-upload-artifacts
+    with:
+      project: database
+      build-prefix: test-upload-workflow
+      version: v1.0.0
+      artifactory-url: https://aerospike.jfrog.io
+      artifactory-oidc-provider-name: gh-aerospike
+      artifactory-oidc-audience: aerospike
+      build-artifacts-name: build-artifacts
+
+  run-tests:
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Install dependencies
+        run: |
+          sudo apt-get update && sudo apt-get install dpkg-dev rpm -y
+      - name: Test Entrypoint
+        run: |
+          .github/workflows/upload-artifacts/test-entrypoint.sh
@@ -0,0 +1,114 @@
+# Upload to JFrog Artifactory Workflow
+
+A reusable GitHub Actions workflow for uploading artifacts to JFrog Artifactory following best practices for repository naming and organization.
+
+## Overview
+
+This workflow uploads build artifacts to JFrog Artifactory. It automatically categorizes files by type and uploads them to the appropriate repositories:
+
+- **DEB packages** → `{project}-deb-dev-local`
+- **RPM packages** → `{project}-rpm-dev-local`
+- **Generic files** → `{project}-generic-dev-local`
+
+The workflow processes artifacts from a `build-artifacts` directory and creates structured build artifacts before uploading.
+
+### Debian/Ubuntu Structure
+
+```text
+pool/
+├── bookworm/
+│   └── {package-name}/
+│       ├── {package-name}_version_debian12_arch.deb
+│       └── {package-name}_version_debian12_arch.deb.asc
+├── bullseye/
+│   └── {package-name}/
+│       └── {package-name}_version_debian11_arch.deb
+├── jammy/
+│   └── {package-name}/
+│       └── {package-name}_version_ubuntu22.04_arch.deb
+└── noble/
+    └── {package-name}/
+        └── {package-name}_version_ubuntu24.04_arch.deb
+```
+
+### RPM/Yum Structure
+
+```text
+repo/
+├── el8/
+│   ├── x86_64/
+│   │   ├── *.rpm
+│   │   └── repodata/
+│   └── aarch64/
+│       ├── *.rpm
+│       └── repodata/
+├── el9/
+│   └── …
+└── amzn2023/
+    └── …
+```
+
+## Inputs
+
+| Input                            | Description                           | Required | Default                      |
+| -------------------------------- | ------------------------------------- | -------- | ---------------------------- |
+| `project`                        | JFrog Artifactory project name        | Yes      | -                            |
+| `build-prefix`                   | Prefix for the build name             | Yes      | -                            |
+| `version`                        | Version string for build info         | Yes      | -                            |
+| `artifactory-url`                | JFrog Artifactory URL                 | No       | `https://aerospike.jfrog.io` |
+| `artifactory-oidc-provider-name` | OIDC provider name for authentication | No       | `gh-citrusleaf`              |
+| `artifactory-oidc-audience`      | OIDC audience for authentication      | No       | `citrusleaf`                 |
+| `build-artifacts-name`           | Name of the artifacts to download     | No       | `build-artifacts`            |
+| `dry-run`                        | Whether to run in dry-run mode        | No       | `false`                      |
+
+## Example Usage
+
+```yaml
+name: Upload to Artifactory
+on:
+  workflow_dispatch:
+  push:
+    tags: ["v*"]
+
+jobs:
+  upload:
+    uses: ./.github/workflows/reusable_upload-artifacts.yaml
+    with:
+      project: database
+      build-prefix: database
+      version: ${{ github.ref_name }}
+      artifactory-url: https://aerospike.jfrog.io
+      artifactory-oidc-provider-name: gh-citrusleaf
+      artifactory-oidc-audience: citrusleaf
+      build-artifacts-name: build-artifacts
+      dry-run: false
+```
+
+### Build Info Publishing
+
+After uploading artifacts, the workflow publishes comprehensive build information:
+
+- Environment variables
+- Git information
+- Dependencies
+- Build metadata
+
+The workflow creates separate build info for each artifact type:
+
+- `{build-prefix}-deb` for DEB packages
+- `{build-prefix}-rpm` for RPM packages
+- `{build-prefix}-generic` for generic files
+
+## Prerequisites
+
+- JFrog Artifactory instance with OIDC authentication configured
+- GitHub Actions with OIDC token access to Artifactory
+- Build artifacts available as downloadable artifacts
+
+## Notes
+
+- The workflow expects artifacts to be in a directory called `build-artifacts`
+- All uploads use the "DEV" environment level and "local" locator
+- Build info is published for each artifact type separately
+- The workflow processes DEB and RPM files and creates structured build artifacts before uploading
+- Generic files are uploaded directly without structured processing