-
Notifications
You must be signed in to change notification settings - Fork 0
199 lines (181 loc) · 8.42 KB
/
docker.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
# Example modified from https://docs.github.com/en/actions/publishing-packages/publishing-docker-images
name: Create and publish a Docker image
# Configures this workflow to run every time a change is pushed to selected tags and branches
on:
pull_request:
branches:
- main
push:
branches:
- main
tags:
- v**
# Defines two custom environment variables for the workflow. These are used for the Container registry domain, and a name for the Docker image that this workflow builds.
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
# This job is configured to run on the latest available version of Ubuntu.
jobs:
build-and-push-image:
runs-on: ubuntu-latest
# Sets the permissions granted to the `GITHUB_TOKEN` for the actions in this job.
permissions:
contents: read
packages: write
attestations: write
id-token: write
outputs:
commit_hash: ${{ steps.get_commit_hash.outputs.commit_hash }}
sha256: ${{ steps.calculate_checksum.outputs.sha256 }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
# Uses the `docker/login-action` action to log in to the Container registry using the account and password that will publish the packages. Once published, the packages are scoped to the account defined here.
- name: Log in to the Container registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
# This step uses [docker/metadata-action](https://github.com/docker/metadata-action#about) to extract tags and labels that will be applied to the specified image. The `id` "meta" allows the output of this step to be referenced in a subsequent step. The `images` value provides the base name for the tags and labels.
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
# This step uses the `docker/build-push-action` action to build the image, based on your repository's `Dockerfile`. If the build succeeds, it pushes the image to GitHub Packages.
# It uses the `context` parameter to define the build's context as the set of files located in the specified path. For more information, see "[Usage](https://github.com/docker/build-push-action#usage)" in the README of the `docker/build-push-action` repository.
# It uses the `tags` and `labels` parameters to tag and label the image with the output from the "meta" step.
- name: Build and push Docker image
uses: docker/build-push-action@v5
with:
context: .
push: true
platforms: linux/amd64,linux/arm64
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
- name: Build connector definition
run: |
set -e pipefail
export DOCKER_IMAGE=$(echo "$DOCKER_METADATA_OUTPUT_JSON" | jq -r '.tags[0]')
make build
working-directory: ./connector-definition
- name: Build connector definition
run: |
set -e pipefail
export DOCKER_IMAGE=$(echo "$DOCKER_METADATA_OUTPUT_JSON" | jq -r '.tags[0]')
make build
working-directory: ./connector-definition
- uses: actions/upload-artifact@v4
with:
name: connector-definition.tgz
path: ./connector-definition/dist/connector-definition.tgz
compression-level: 0 # Already compressed
- name: Calculate SHA256 checksum
id: calculate_checksum
run: |
SHA256=$(sha256sum ./connector-definition/dist/connector-definition.tgz | awk '{ print $1 }')
echo "sha256=$SHA256" >> $GITHUB_OUTPUT
- name: Get commit hash
id: get_commit_hash
run: |
COMMIT_HASH=$(git rev-parse HEAD)
echo "commit_hash=$COMMIT_HASH" >> $GITHUB_OUTPUT
release-connector:
name: Release connector
runs-on: ubuntu-latest
needs: build-and-push-image
if: ${{ startsWith(github.ref, 'refs/tags/v') }}
steps:
- uses: actions/checkout@v4
- uses: actions/download-artifact@v4
with:
name: connector-definition.tgz
path: ./connector-definition/dist
- name: Get version from tag
id: get-version
run: |
echo "tagged_version=${GITHUB_REF#refs/tags/v}" >> $GITHUB_OUTPUT
shell: bash
- uses: mindsers/changelog-reader-action@v2
id: changelog-reader
with:
version: ${{ steps.get-version.outputs.tagged_version }}
path: ./CHANGELOG.md
- uses: softprops/action-gh-release@v1
with:
draft: false
tag_name: v${{ steps.get-version.outputs.tagged_version }}
body: ${{ steps.changelog-reader.outputs.changes }}
files: |
./connector-definition/dist/connector-definition.tgz
fail_on_unmatched_files: true
- name: Update ndc-hub
env:
REGISTRY_NAME: hasura
CONNECTOR_NAME: singlestore
COMMIT_HASH: ${{ needs.build-and-push-image.outputs.commit_hash }}
SHA256: ${{ needs.build-and-push-image.outputs.sha256 }}
GH_TOKEN: ${{ secrets.PAT_TOKEN }}
run: |
# Clone ndc-hub repository
git clone https://github.com/AdalbertMemSQL/ndc-hub.git
cd ndc-hub
# Create a new branch
NEW_BRANCH="update-${{ env.CONNECTOR_NAME }}-connector-v${{ steps.get-version.outputs.tagged_version }}"
git checkout -b $NEW_BRANCH
# Create releases directory if it doesn't exist
mkdir -p registry/${{ env.REGISTRY_NAME }}/${{ env.CONNECTOR_NAME }}/releases/v${{ steps.get-version.outputs.tagged_version }}
cd registry/${{ env.REGISTRY_NAME }}/${{ env.CONNECTOR_NAME }}
# Create connector-packaging.json
cat << EOF > releases/v${{ steps.get-version.outputs.tagged_version }}/connector-packaging.json
{
"version": "${{ steps.get-version.outputs.tagged_version }}",
"uri": "https://github.com/${{ github.repository }}/releases/download/v${{ steps.get-version.outputs.tagged_version }}/connector-definition.tgz",
"checksum": {
"type": "sha256",
"value": "$SHA256"
},
"source": {
"hash": "$COMMIT_HASH"
}
}
EOF
# Update metadata.json to remove 'packages' field if it exists and update 'latest_version'
jq --arg version_tag "v${{ steps.get-version.outputs.tagged_version }}" \
--arg commit_hash "$COMMIT_HASH" \
'if has("packages") then del(.packages) else . end |
.overview.latest_version = $version_tag |
if has("source_code") then
.source_code.version += [{
"tag": $version_tag,
"hash": $commit_hash,
"is_verified": false
}]
else
. + {"source_code": {"version": [{
"tag": $version_tag,
"hash": $commit_hash,
"is_verified": false
}]}}
end' \
metadata.json > tmp.json && mv tmp.json metadata.json
cp ../../../../README.md ./README.md
# Commit changes
git config user.name "GitHub Action"
git config user.email "[email protected]"
git add metadata.json README.md releases
git commit -m "Update ${{ env.CONNECTOR_NAME }} connector metadata to version ${{ steps.get-version.outputs.tagged_version }}"
# Push changes
git push https://${{ secrets.PAT_TOKEN }}@github.com/AdalbertMemSQL/ndc-hub.git HEAD:update-${{ env.CONNECTOR_NAME }}-connector-v${{ steps.get-version.outputs.tagged_version }}
# Create PR using GitHub CLI
cd ../..
gh pr create --repo hasura/ndc-hub \
--base main \
--head $NEW_BRANCH \
--title "Update ${{ env.CONNECTOR_NAME }} connector to v${{ steps.get-version.outputs.tagged_version }}" \
--body "This PR updates the ${{ env.CONNECTOR_NAME }} connector metadata to version ${{ steps.get-version.outputs.tagged_version }}."