project-copacetic · ashnamehrotra · Aug 8, 2024 · Aug 6, 2024 · Aug 6, 2024 · Aug 7, 2024
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -3,59 +3,78 @@ on:
   workflow_dispatch:
     inputs:
       release_version:
-        description: 'Which version are we releasing? (format vX.Y.Z)'
+        description: "Which version are we releasing? (format vX.Y.Z)"
         required: true
 
 permissions:
   contents: write
 
 jobs:
-    release:
-        name: "release"
-        runs-on: ubuntu-latest
-        steps:
-          - name: Harden Runner
-            uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
-            with:
-              egress-policy: audit
-
-          - name: Checkout repo
-            uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
-            with:
-              fetch-depth: 0  
-
-          - name: Configure github-actions[bot]
-            run: |
-              git config user.name 'github-actions[bot]'
-              git config user.email 'github-actions[bot]@users.noreply.github.com'
-
-          - name: Generate and Push Tags
-            run: |
-              version=${{ github.event.inputs.release_version }}
-              major=$(echo $version | cut -d. -f1)
-              minor=$(echo $version | cut -d. -f1-2)
-
-              git tag $version
-              git tag $minor -f
-
-              git tag $major -f
-              git push --set-upstream origin --tags -f
-
-          - name: Create GitHub release
-            env:
-              GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-            run : |
-              gh release create "${{ github.event.inputs.release_version }}" --generate-notes
-
-          - name: Login to Docker Hub
-            uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
-            with:
-              username: ${{ secrets.DOCKERHUB_USERNAME }}
-              password: ${{ secrets.DOCKERHUB_TOKEN }}
-
-          - name: Push Extension Image
-            run: |
-              version=${{ github.event.inputs.release_version }}
-              version_no_v=$(echo "$version" | cut -c2-)
-              make push-extension TAG=$version_no_v
+  release:
+    name: "release"
+    runs-on: ubuntu-latest
+    steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
+        with:
+          egress-policy: audit
 
+      - name: Checkout repo
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+        with:
+          fetch-depth: 0
+
+      - uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
+        with:
+          node-version: "20"
+
+      - name: Configure github-actions[bot]
+        run: |
+          git config user.name 'github-actions[bot]'
+          git config user.email 'github-actions[bot]@users.noreply.github.com'
+
+      - name: Generate and Push Tags
+        run: |
+          version=${{ github.event.inputs.release_version }}
+          major=$(echo $version | cut -d. -f1)
+          minor=$(echo $version | cut -d. -f1-2)
+
+          git tag $version
+          git tag $minor -f
+
+          git tag $major -f
+          git push --set-upstream origin --tags -f
+
+      - name: Create GitHub release
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          gh release create "${{ github.event.inputs.release_version }}" --generate-notes
+
+      - name: Get Release Notes
+        id: get_release_notes
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          notes=$(gh release view "${{ github.event.inputs.release_version }}" --json body -q .body)
+          echo "$notes" > release_notes.md
+
+      - name: Install showdown
+        run: |
+          npm install -g showdown
+
+      - name: Convert from markdown to html
+        run: |
+          showdown makehtml -i release_notes.md -o release_notes.html
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Push Extension Image
+        run: |
+          version=${{ github.event.inputs.release_version }}
+          version_no_v=$(echo "$version" | cut -c2-)
+          make push-extension TAG=$version_no_v CHANGELOG=release_notes.html
diff --git a/Dockerfile b/Dockerfile
@@ -13,6 +13,7 @@ COPY ui /ui
 RUN npm run build
 
 FROM alpine
+ARG CHANGELOG
 LABEL org.opencontainers.image.title="Copacetic" \
     org.opencontainers.image.description="Directly patch container images given the vulnerability scanning results from popular tools like Trivy." \
     org.opencontainers.image.vendor="Project Copacetic" \
@@ -40,7 +41,7 @@ LABEL org.opencontainers.image.title="Copacetic" \
     {"title":"Extension Repository","url":"https://github.com/project-copacetic/copa-extension"} \
     ]' \
     com.docker.extension.categories="security" \
-    com.docker.extension.changelog="Initial version."
+    com.docker.extension.changelog=${CHANGELOG}
 
 COPY docker-compose.yaml .
 COPY metadata.json .

diff --git a/Makefile b/Makefile
@@ -1,6 +1,7 @@
-IMAGE?=projectcopacetic/copacetic-docker-desktop-extension
+IMAGE?=jgrerr/copacetic-docker-desktop-extension
 TAG?=0.1.0
 COPA_VERSION?=latest
+CHANGELOG?=default
 
 BUILDER=buildx-multi-arch
 
@@ -28,7 +29,7 @@ prepare-buildx: ## Create buildx builder for multi-arch build, if not exists
 	docker buildx inspect $(BUILDER) || docker buildx create --name=$(BUILDER) --driver=docker-container --driver-opt=network=host
 
 push-extension: prepare-buildx ## Build & Upload extension image to hub. Do not push if tag already exists: make push-extension tag=0.1
-	docker pull $(IMAGE):$(TAG) && echo "Failure: Tag already exists" || docker buildx build --push --builder=$(BUILDER) --platform=linux/amd64,linux/arm64 --build-arg TAG=$(TAG) --tag=$(IMAGE):$(TAG) .
+	docker pull $(IMAGE):$(TAG) && echo "Failure: Tag already exists" || docker buildx build --push --builder=$(BUILDER) --platform=linux/amd64,linux/arm64 --build-arg TAG=$(TAG) --build-arg CHANGELOG=$(CHANGELOG)--tag=$(IMAGE):$(TAG) .
 
 build-copa-image: prepare-buildx
 	docker buildx build --platform linux/amd64,linux/arm64 --build-arg copa_version=$(version) -t copa-extension container/copa-extension