chore: streamline GitHub actions

.github/actions/maven-cache-dance/action.yml

@@ -0,0 +1,39 @@
+name: Maven Cache Dance
+description: Prepares all Dockerfiles for Maven cache mounts and injects cache into Docker build
+inputs:
+  builder:
+    description: The Docker Buildx builder name
+    required: true
+  dockerfile:
+    description: Path to the primary Dockerfile to use for buildkit injection (will still inject cache for all Dockerfiles found)
+    required: false
+    default: 'Dockerfile'
+  skip-extraction:
+    description: Skip cache extraction if cache hit occurred
+    required: false
+    default: 'false'
+  cache-hit:
+    description: Whether Maven cache was hit (used for skip-extraction)
+    required: false
+    default: ''
+outputs: {}
+runs:
+  using: composite
+  steps:
+    - name: Prepare all Dockerfiles for Maven cache mount
+      shell: bash
+      run: |
+        # Find and prepare all Dockerfiles in the repository
+        find . -name "Dockerfile" -o -name "*.Dockerfile" | while read dockerfile; do
+          sed -i "s|RUN \./mvnw |RUN --mount=type=cache,target=/root/.m2/repository ./mvnw |g" "$dockerfile"
+        done
+    - name: Inject Maven cache into Docker build
+      uses: 'reproducible-containers/buildkit-cache-dance@5b81f4d29dc8397a7d341dba3aeecc7ec54d6361' # v3.3.0
+      with:
+        builder: ${{ inputs.builder }}
+        dockerfile: ${{ inputs.dockerfile }}
+        skip-extraction: ${{ inputs.cache-hit }}
+        cache-map: |
+          {
+            "/home/runner/.m2/repository": "/root/.m2/repository"
+          }

.github/actions/setup-java-maven/action.yml

@@ -0,0 +1,28 @@
+name: 'Setup Java and Maven'
+description: 'Set up JDK and Maven with dependency caching'
+
+inputs:
+  java_version:
+    description: 'Java version to install'
+    required: false
+    default: '21'
+outputs:
+  cache-hit:
+    description: 'Whether the Maven cache was hit'
+runs:
+  using: 'composite'
+  steps:
+    - name: Set up JDK ${{ inputs.java_version }}
+      id: setup-java
+      uses: actions/setup-java@v4
+      with:
+        distribution: 'temurin'
+        java-version: ${{ inputs.java_version }}
+        cache: 'maven'
+
+    - name: Download maven dependencies
+      if: steps.setup-java.outputs.cache-hit != 'true'
+      shell: bash
+      run: |
+        ./mvnw package -Dmaven.test.skip=true -B dependency:go-offline dependency:resolve-plugins dependency:resolve -q
+        ./mvnw clean -q

.github/workflows/build-docker-images.yml

@@ -0,0 +1,209 @@
+name: Build Docker Images (Reusable)
+description: Reusable workflow to build Docker images for multiple platforms and stages
+
+on:
+  workflow_call:
+    inputs:
+      push:
+        description: Whether to push the image to a registry
+        type: boolean
+        default: false
+      tags_publish_amd64:
+        description: Docker tag for publish image on amd64
+        type: string
+        default: 'local/openrouteservice:test'
+      tags_publish_arm64:
+        description: Docker tag for publish image on arm64
+        type: string
+        default: 'local/openrouteservice:test'
+      tags_minimal_amd64:
+        description: Docker tag for minimal image on amd64
+        type: string
+        default: 'local/openrouteservice:test-minimal'
+      tags_minimal_arm64:
+        description: Docker tag for minimal image on arm64
+        type: string
+        default: 'local/openrouteservice:test-minimal'
+      cache_from_type:
+        description: Cache backend type (default gha for GitHub Actions)
+        type: string
+        default: 'gha'
+      java_version:
+        description: Java version to use for Maven builds
+        type: string
+        default: '21'
+      skip_arm64:
+        description: Skip ARM64 builds
+        type: boolean
+        default: false
+    outputs:
+      dockerfile_hash:
+        description: Hash of the Dockerfile
+        value: ${{ jobs.prepare_environment.outputs.dockerfile_hash }}
+
+jobs:
+  prepare_environment:
+    name: Prepare the environment variables
+    runs-on: ubuntu-latest
+    outputs:
+      dockerfile_hash: ${{ steps.dockerfile-hash.outputs.hash }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Generate Dockerfile hash
+        id: dockerfile-hash
+        run: |
+          HASH=$(sha256sum Dockerfile | cut -d' ' -f1 | cut -c1-8)
+          echo "hash=$HASH" >> $GITHUB_OUTPUT
+
+  prepare_maven_dependencies:
+    name: Prepare Maven dependencies for ${{ matrix.name }}
+    runs-on: ${{ matrix.runner }}
+    needs:
+      - prepare_environment
+    strategy:
+      matrix:
+        include:
+          - platform: linux/amd64
+            name: linux-amd64
+            runner: ubuntu-latest
+          - platform: linux/arm64
+            name: linux-arm64
+            runner: ubuntu-24.04-arm
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - name: Setup Java and Maven
+        uses: ./.github/actions/setup-java-maven
+        with:
+          java_version: ${{ inputs.java_version }}
+
+  build_docker_images:
+    name: Build ${{ matrix.image_stage }} for ${{ matrix.name }}
+    runs-on: ${{ matrix.runner }}
+    needs:
+      - prepare_environment
+      - prepare_maven_dependencies
+    strategy:
+      matrix:
+        include:
+          - platform: linux/amd64
+            name: linux-amd64
+            runner: ubuntu-latest
+            image_stage: publish
+            docker_tag_input: tags_publish_amd64
+          - platform: linux/arm64
+            name: linux-arm64
+            runner: ubuntu-24.04-arm
+            image_stage: publish
+            docker_tag_input: tags_publish_arm64
+          - platform: linux/amd64
+            name: linux-amd64
+            runner: ubuntu-latest
+            image_stage: minimal
+            docker_tag_input: tags_minimal_amd64
+          - platform: linux/arm64
+            name: linux-arm64
+            runner: ubuntu-24.04-arm
+            image_stage: minimal
+            docker_tag_input: tags_minimal_arm64
+    steps:
+      - name: Check if should skip (ARM64)
+        id: should_skip
+        run: |
+          SKIP="false"
+          # Skip ARM64 builds if requested
+          if [[ "${{ matrix.name }}" == "linux-arm64" && "${{ inputs.skip_arm64 }}" == "true" ]]; then
+            SKIP="true"
+          fi
+          echo "skip=$SKIP" >> $GITHUB_OUTPUT
+
+      - name: Checkout
+        if: steps.should_skip.outputs.skip != 'true'
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Get and save the UID
+        if: steps.should_skip.outputs.skip != 'true'
+        run: |
+          echo "UID=$(id -u)" >> $GITHUB_ENV
+
+      - name: Set up Docker Buildx
+        if: steps.should_skip.outputs.skip != 'true'
+        uses: docker/setup-buildx-action@v3
+        id: buildx
+
+      - name: Setup Java and Maven
+        id: setup-java
+        if: steps.should_skip.outputs.skip != 'true'
+        uses: ./.github/actions/setup-java-maven
+        with:
+          java_version: ${{ inputs.java_version }}
+
+      - name: Maven cache dance
+        if: steps.should_skip.outputs.skip != 'true'
+        uses: ./.github/actions/maven-cache-dance
+        with:
+          builder: ${{ steps.buildx.outputs.name }}
+          dockerfile: 'Dockerfile'
+          cache-hit: '${{ steps.setup-java.outputs.cache-hit }}'
+
+      - name: Resolve Docker tag (publish amd64)
+        if: steps.should_skip.outputs.skip != 'true' && matrix.docker_tag_input == 'tags_publish_amd64'
+        id: resolve_tag_1
+        run: |
+          echo "tag=${{ inputs.tags_publish_amd64 }}" >> $GITHUB_OUTPUT
+      - name: Resolve Docker tag (publish arm64)
+        if: steps.should_skip.outputs.skip != 'true' && matrix.docker_tag_input == 'tags_publish_arm64'
+        id: resolve_tag_2
+        run: |
+          echo "tag=${{ inputs.tags_publish_arm64 }}" >> $GITHUB_OUTPUT
+      - name: Resolve Docker tag (minimal amd64)
+        if: steps.should_skip.outputs.skip != 'true' && matrix.docker_tag_input == 'tags_minimal_amd64'
+        id: resolve_tag_3
+        run: |
+          echo "tag=${{ inputs.tags_minimal_amd64 }}" >> $GITHUB_OUTPUT
+      - name: Resolve Docker tag (minimal arm64)
+        if: steps.should_skip.outputs.skip != 'true' && matrix.docker_tag_input == 'tags_minimal_arm64'
+        id: resolve_tag_4
+        run: |
+          echo "tag=${{ inputs.tags_minimal_arm64 }}" >> $GITHUB_OUTPUT
+
+      - name: Determine Docker output
+        if: steps.should_skip.outputs.skip != 'true'
+        id: output
+        run: |
+          if [ "${{ inputs.push }}" == "true" ]; then
+            echo "output=type=image,push=true" >> $GITHUB_OUTPUT
+          else
+            echo "output=type=docker,dest=${{ runner.temp }}/image-${{ matrix.name }}-${{ matrix.image_stage }}.tar" >> $GITHUB_OUTPUT
+          fi
+
+      - name: Build ${{ matrix.image_stage }} image stage for ${{ matrix.name }}
+        if: steps.should_skip.outputs.skip != 'true'
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          build-args: MAVEN_OPTS=-Dmaven.repo.local=/root/.m2/repository
+          target: ${{ matrix.image_stage }}
+          push: ${{ inputs.push }}
+          load: false
+          tags: ${{ steps.resolve_tag_1.outputs.tag || steps.resolve_tag_2.outputs.tag || steps.resolve_tag_3.outputs.tag || steps.resolve_tag_4.outputs.tag || 'local/openrouteservice:test' }}
+          platforms: "${{ matrix.platform }}"
+          cache-from: type=${{ inputs.cache_from_type }}
+          cache-to: type=${{ inputs.cache_from_type }},mode=max
+          outputs: ${{ steps.output.outputs.output }}
+
+      - name: Upload image artifact
+        if: steps.should_skip.outputs.skip != 'true' && inputs.push != true
+        uses: actions/upload-artifact@v4
+        with:
+          name: image-${{ matrix.name }}-${{ matrix.image_stage }}-${{ needs.prepare_environment.outputs.dockerfile_hash }}-artifact
+          path: ${{ runner.temp }}/image-${{ matrix.name }}-${{ matrix.image_stage }}.tar
+          retention-days: 1
+          if-no-files-found: error
+          compression-level: 0
+          overwrite: true