From 2d6c8dfe974c11b7d7f7f3927b3cab50b9196fe4 Mon Sep 17 00:00:00 2001 From: Sahil Ahuja Date: Tue, 4 Feb 2025 16:53:23 +0530 Subject: [PATCH] Adding trigger-cs-update job --- .editorconfig | 8 ++ .github/README.md | 1 + .github/unused/actions-base.Dockerfile | 43 +++++++ .github/unused/build-base-image.yml | 43 +++++++ .github/unused/demo.yml | 32 +++++ .github/unused/docker-publish.yml | 91 +++++++++++++++ .github/unused/docker-push.yml | 54 +++++++++ .github/unused/update-repo-version.yml | 42 +++++++ .github/unused/v1-lint-and-build.yml | 149 ++++++++++++++++++++++++ .github/unused/v2-pr-workflow.yml | 80 +++++++++++++ .github/unused/v2-push-workflow.yml | 91 +++++++++++++++ .github/unused/workflow_inputs.yml | 38 ++++++ .github/workflows/trigger-cs-update.yml | 54 +++++++++ LICENSE | 21 ++++ basetag.sh | 52 +++++++++ 15 files changed, 799 insertions(+) create mode 100644 .editorconfig create mode 100644 .github/README.md create mode 100644 .github/unused/actions-base.Dockerfile create mode 100644 .github/unused/build-base-image.yml create mode 100644 .github/unused/demo.yml create mode 100644 .github/unused/docker-publish.yml create mode 100644 .github/unused/docker-push.yml create mode 100644 .github/unused/update-repo-version.yml create mode 100644 .github/unused/v1-lint-and-build.yml create mode 100644 .github/unused/v2-pr-workflow.yml create mode 100644 .github/unused/v2-push-workflow.yml create mode 100644 .github/unused/workflow_inputs.yml create mode 100644 .github/workflows/trigger-cs-update.yml create mode 100644 LICENSE create mode 100755 basetag.sh diff --git a/.editorconfig b/.editorconfig new file mode 100644 index 0000000..f07d394 --- /dev/null +++ b/.editorconfig @@ -0,0 +1,8 @@ +# Unix-style newlines with a newline ending every file +[*] +end_of_line = lf +indent_style = space + +[*.{js,jsx,ts,tsx,py,sh,md,gql,graphql,yaml,yml,json,sql,njk,scss,css}] +indent_style = space +indent_size = 2 diff --git a/.github/README.md b/.github/README.md new file mode 100644 index 0000000..6eaac83 --- /dev/null +++ b/.github/README.md @@ -0,0 +1 @@ +> https://git.gmetri.io/gmetribin/build-tools/src/branch/main/.github/README.md \ No newline at end of file diff --git a/.github/unused/actions-base.Dockerfile b/.github/unused/actions-base.Dockerfile new file mode 100644 index 0000000..ce17216 --- /dev/null +++ b/.github/unused/actions-base.Dockerfile @@ -0,0 +1,43 @@ +FROM node:22-bookworm-slim + +#Use an entrypoint that simply lists out all commands sent to it +COPY entryPoint.sh /src/fab/entryPoint.sh +ENTRYPOINT ["/src/fab/entryPoint.sh"] + +#node:18 image already has a user node with uid:gid 1000:1000 +#We add it to sudo list +RUN export DEBIAN_FRONTEND="noninteractive" \ + && apt-get update \ + && apt-get install -y \ + # sudo \ + less \ +#Neededd for git commits during builds + # git \ +#Needed for triggering next step of builds + # curl \ + && rm -rf /var/lib/apt/lists/* \ + # && usermod -aG sudo node \ + # && echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers \ +#Creating a few base folders that child dockers may need + && mkdir -p /src && chown node /src \ + && mkdir -p /cloud && chown node /cloud \ + && mkdir -p /build && chown node /build \ + # && npm install -g npm@10.8.2 \ + && npm install -g pnpm + +USER node + +# upgrade pnpm to latest version +#&& source ~/.bashrc \ #doesn't work +#Also, "pnpm add -g pnpm" needs be in "~" to work - it doesn't work from "/" dir (not sure why). +RUN SHELL=bash pnpm setup \ + && export PNPM_HOME="~/.local/share/pnpm" && export PATH="$PNPM_HOME:$PATH" \ + && cd ~ && pnpm add -g pnpm + +RUN echo '\nalias p="pnpm"' >> ~/.bashrc + +WORKDIR /src + +#Allow image to be used standalone without any commands: +CMD ["tail", "-f", "/dev/null"] +#CMD ["sleep", "inf"] diff --git a/.github/unused/build-base-image.yml b/.github/unused/build-base-image.yml new file mode 100644 index 0000000..3166b3c --- /dev/null +++ b/.github/unused/build-base-image.yml @@ -0,0 +1,43 @@ +name: Build the docker base image weekly +# on: [push] + +on: + push: + # branches: + # - main + schedule: + - cron: "0 6 * * 5" #Every Friday@11:30 AM IST (6:00 GMT) + # Cron: Minute(0-59) Hour(0-23) DayOfMonth(1-31) MonthOfYear(1-12) DayOfWeek(0-6) + +env: + DOCKER_REGISTRY: ${{ vars.docker_repo2_registry }} + REPO: ${{ github.repository }} + DOCKER_IMAGE: ${{ vars.docker_repo2_registry }}/${{ github.repository }}:base-v2 + +jobs: + + docker-build-and-push: + runs-on: ubuntu-22.04 #ubuntu-latest + # if: ${{ github.event_name == 'push' }} + steps: + - uses: actions/checkout@v4 + + - name: Login to Docker Container Registry + # if: ${{ github.event_name == 'push' }} + uses: docker/login-action@v3 + with: + registry: ${{ vars.docker_repo2_registry }} + username: ${{ vars.docker_repo2_username }} + password: ${{ vars.docker_repo2_password }} + + - name: Build the Base Docker image + run: | + docker build \ + --file fab/d/actions-base.Dockerfile \ + --tag $DOCKER_IMAGE \ + ./fab/context/; + + - name: Push the Docker image + # if: ${{ github.event_name == 'push' }} + run: | + docker push $DOCKER_IMAGE diff --git a/.github/unused/demo.yml b/.github/unused/demo.yml new file mode 100644 index 0000000..e062094 --- /dev/null +++ b/.github/unused/demo.yml @@ -0,0 +1,32 @@ +name: Gitea Actions Demo +run-name: ${{ github.actor }} is testing out Gitea Actions 🚀 +on: [push] + +jobs: + Explore-Gitea-Actions: + runs-on: ubuntu-latest + steps: + - run: echo "🎉 The job was automatically triggered by a ${{ github.event_name }} event." + - run: echo "🐧 This job is now running on a ${{ runner.os }} server hosted by Gitea!" + - run: echo "🔎 The name of your branch is ${{ github.ref }} and your repository is ${{ github.repository }}." + - name: Check out repository code + uses: actions/checkout@v4 + - run: echo "💡 The ${{ github.repository }} repository has been cloned to the runner." + - run: echo "🖥️ The workflow is now ready to test your code on the runner." + - name: List files in the repository + run: | + ls ${{ github.workspace }} + echo "var.DOCKER_REPO2_REGISTRY" repo2.hub.gmetri.io + echo "github.repository" ${{ github.repository }} + echo "github.ref_name" ${{ github.ref_name }} + + - run: echo "🍏 This job's status is ${{ job.status }}." + +# Gitea action runners + + # - "ubuntu-latest:docker://repo2.hub.gmetri.io/gitea/runner-images:ubuntu-latest" + # - "ubuntu-22.04:docker://repo2.hub.gmetri.io/gitea/runner-images:ubuntu-22.04" + # - "ubuntu-20.04:docker://repo2.hub.gmetri.io/gitea/runner-images:ubuntu-20.04" + # - "ubuntu-latest-slim:docker://repo2.hub.gmetri.io/gitea/runner-images:ubuntu-latest-slim" + # - "ubuntu-22.04-slim:docker://repo2.hub.gmetri.io/gitea/runner-images:ubuntu-22.04-slim" + # - "ubuntu-20.04-slim:docker://repo2.hub.gmetri.io/gitea/runner-images:ubuntu-20.04-slim" diff --git a/.github/unused/docker-publish.yml b/.github/unused/docker-publish.yml new file mode 100644 index 0000000..89a81dd --- /dev/null +++ b/.github/unused/docker-publish.yml @@ -0,0 +1,91 @@ +name: Docker + +# This workflow uses actions that are not certified by GitHub. +# They are provided by a third-party and are governed by +# separate terms of service, privacy policy, and support +# documentation. + +on: + schedule: + - cron: $cron-daily + push: + branches: [ $default-branch ] + # Publish semver tags as releases. + tags: [ 'v*.*.*' ] + pull_request: + branches: [ $default-branch ] + +env: + # Use docker.io for Docker Hub if empty + REGISTRY: ${{ vars.docker_repo2_registry }} + # github.repository as / + IMAGE_NAME: ${{ github.repository }} + +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + # Install the cosign tool except on PR + # https://github.com/sigstore/cosign-installer + - name: Install cosign + if: github.event_name != 'pull_request' + uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 #v3.5.0 + with: + cosign-release: 'v2.2.4' + + # Set up BuildKit Docker container builder to be able to build + # multi-platform images and export cache + # https://github.com/docker/setup-buildx-action + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 + + # Login against a Docker registry except on PR + # https://github.com/docker/login-action + - name: Log into registry ${{ env.REGISTRY }} + if: github.event_name != 'pull_request' + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 + with: + registry: ${{ env.REGISTRY }} + username: ${{ secrets.docker_repo2_username }} + password: ${{ secrets.docker_repo2_password }} + + # Extract metadata (tags, labels) for Docker + # https://github.com/docker/metadata-action + - name: Extract Docker metadata + id: meta + uses: docker/metadata-action@96383f45573cb7f253c731d3b3ab81c87ef81934 # v5.0.0 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + + # Build and push Docker image with Buildx (don't push on PR) + # https://github.com/docker/build-push-action + - name: Build and push Docker image + id: build-and-push + uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0 + with: + context: . + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=gha + cache-to: type=gha,mode=max + + # Sign the resulting Docker image digest except on PRs. + # This will only write to the public Rekor transparency log when the Docker + # repository is public to avoid leaking data. If you would like to publish + # transparency data even for private images, pass --force to cosign below. + # https://github.com/sigstore/cosign + - name: Sign the published Docker image + if: ${{ github.event_name != 'pull_request' }} + env: + # https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable + TAGS: ${{ steps.meta.outputs.tags }} + DIGEST: ${{ steps.build-and-push.outputs.digest }} + # This step uses the identity token to provision an ephemeral certificate + # against the sigstore community Fulcio instance. + run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST} \ No newline at end of file diff --git a/.github/unused/docker-push.yml b/.github/unused/docker-push.yml new file mode 100644 index 0000000..cd5d469 --- /dev/null +++ b/.github/unused/docker-push.yml @@ -0,0 +1,54 @@ +name: Docker Image CI +on: [push] + +# on: +# push: +# branches: [ $default-branch ] +# pull_request: +# branches: [ $default-branch ] +env: + IMAGE_NAME: repo2.hub.gmetri.io/${{ github.repository }}:${{ github.ref_name }}-v9 + +jobs: + + docker-build-and-push: + + runs-on: ubuntu-22.04 + + steps: + - name: Debug + run: | + ls ${{ github.workspace }} + echo "VARS" + echo "vars.docker_repo2_username" ${{vars.docker_repo2_username}} + echo "SECRETS" + echo "secrets.docker_repo2_password2" ${{ secrets.docker_repo2_password2 }} + echo "CONTEXT" + echo "github.repository" ${{ github.repository }} + echo "github.ref_name" ${{ github.ref_name }} + + - uses: docker/login-action@v3 + name: Login to GitHub Container Registry + with: + registry: repo2.hub.gmetri.io + username: ${{ vars.docker_repo2_username }} + password: ${{ secrets.docker_repo2_password }} + + - uses: actions/checkout@v4 + + - name: List files in the repository + run: | + ls ${{ github.workspace }} && \ + echo "VARS" + echo "var.DOCKER_REPO2_REGISTRY" ${{ vars.DOCKER_REPO2_REGISTRY }} + echo "CONTEXT" + echo "github.repository" ${{ github.repository }} + echo "github.ref_name" ${{ github.ref_name }} + + - name: Build the Docker image + run: | + docker build ./context --file context/Dockerfile --tag $IMAGE_NAME && \ + docker push $IMAGE_NAME + +# my-image-name:$(date +%s) +# ${DRONE_BRANCH//\//-}-v8 diff --git a/.github/unused/update-repo-version.yml b/.github/unused/update-repo-version.yml new file mode 100644 index 0000000..767cf1c --- /dev/null +++ b/.github/unused/update-repo-version.yml @@ -0,0 +1,42 @@ +name: Update Repo Version Workflow + +on: + workflow_call: + inputs: + branch: + description: "Branch getting released. (branch 'release' might update a different image)" + default: main + required: false + type: string + image: + description: "Name of the image" + required: true + type: string + tag: + description: "Tag of the image" + required: true + type: string + +env: + REPO: ${{ github.repository }} + +jobs: + + npm-push: + runs-on: ubuntu-22.04 + permissions: + # Give the default GITHUB_TOKEN write permission to commit and push the + # added or changed files to the repository. + contents: write + + steps: + - uses: actions/checkout@v4 + + - name: Increment package version and push + env: + GITHUB_TOKEN: ${{ github.token }} + run: | + pwd; ls -al; + echo ./drone/repo_to_cs.sh -m ${{ inputs.image }} -t ${{ inputs.tag }} -b ${{ inputs.branch }} + # git push origin main + # git push --tags origin main diff --git a/.github/unused/v1-lint-and-build.yml b/.github/unused/v1-lint-and-build.yml new file mode 100644 index 0000000..412dea6 --- /dev/null +++ b/.github/unused/v1-lint-and-build.yml @@ -0,0 +1,149 @@ +name: Docker Image CI +# on: [push] + +on: + push: + branches: + - main + pull_request: + branches: + - main + +env: + DOCKER_REGISTRY: ${{ vars.docker_repo2_registry }} + REPO: ${{ github.repository }} + +jobs: + + image-vulnerability-scan: + runs-on: ubuntu-22.04 #ubuntu-latest + + steps: + - id: get-id + name: Get a unique tag for this build + run: | + SHA=${{github.sha}}; + ID=${SHA:0:8}; + echo "ID=$ID" >> "$GITHUB_OUTPUT"; + echo "DOCKER_IMAGE=$DOCKER_REGISTRY/$REPO:temp-$ID" >> "$GITHUB_OUTPUT"; + + - name: Print build id and image name + run: | + echo "${{ steps.get-id.outputs.ID }}"; + echo "${{ steps.get-id.outputs.DOCKER_IMAGE }}"; + + - uses: actions/checkout@v4 + + - name: Login to Docker Container Registry + # if: ${{ github.event_name == 'push' }} + uses: docker/login-action@v3 + with: + registry: ${{ vars.docker_repo2_registry }} + username: ${{ vars.docker_repo2_username }} + password: ${{ vars.docker_repo2_password }} + + - name: Build the Docker image + # Commenting this from docker build for speed: --build-arg PUBLIC_BUILD_VERSION=${{ steps.get-id.outputs.ID }} \ + run: | + docker build \ + --file fab/d/actions-build.Dockerfile \ + --tag ${{ steps.get-id.outputs.DOCKER_IMAGE }} \ + .; + + - name: Scan Docker Image for vulnerabilities with Grype + uses: anchore/scan-action@v6 + with: + image: ${{ steps.get-id.outputs.DOCKER_IMAGE }} + cache-db: true #Cache Grype DB in Github Actions + output-format: table + only-fixed: true + severity-cutoff: critical + fail-build: true + + npm-push: + runs-on: ubuntu-22.04 #ubuntu-latest + if: ${{ github.event_name == 'push' }} + permissions: + # Give the default GITHUB_TOKEN write permission to commit and push the + # added or changed files to the repository. + contents: write + steps: + - uses: actions/checkout@v4 + + - uses: actions/setup-node@v4 + with: + node-version: 22 + registry-url: ${{ vars.NPM_REGISTRY }} + token: ${{ secrets.NPM_TOKEN }} + + - name: Install NPM Dependencies + run: | + npm install -g pnpm + pnpm install + + - name: Lint & Check + run: | + pnpm lint + pnpm check + + - run: pnpm build + + #If this is a merge of a pull request, GITHUB_BASE_REF will contain main. + #But if this is a direct commit on the main branch, then GITHUB_REF_NAME will contain main + - name: Increment package version and push + env: + GITHUB_TOKEN: ${{ github.token }} + # BRANCH_NAME: ${{ github.base_ref || github.ref_name }} + run: | + git config --global user.name 'bot-build' + git config --global user.email 'techbots+build@gmetri.com' + + export N=`node -p require\(\'./package.json\'\).name` && echo $N + pnpm version patch --message "v%s: $N [CI SKIP]" + + git push origin + git push --tags origin + + docker-build-and-push: + runs-on: ubuntu-22.04 #ubuntu-latest + # if: ${{ github.event_name == 'push' }} + steps: + - id: get-id + name: Get a unique tag for this build + run: | + SHA=${{github.sha}}; + ID=${SHA:0:8}; + echo "ID=$ID" >> "$GITHUB_OUTPUT"; + echo "DOCKER_IMAGE=$DOCKER_REGISTRY/$REPO:$ID" >> "$GITHUB_OUTPUT"; + + - name: Print build id and image name + run: | + echo "${{ steps.get-id.outputs.ID }}"; + echo "${{ steps.get-id.outputs.DOCKER_IMAGE }}"; + + - uses: actions/checkout@v4 + + - name: Login to Docker Container Registry + # if: ${{ github.event_name == 'push' }} + uses: docker/login-action@v3 + with: + registry: ${{ vars.docker_repo2_registry }} + username: ${{ vars.docker_repo2_username }} + password: ${{ vars.docker_repo2_password }} + + - name: Build the Docker image + run: | + docker build \ + --build-arg PUBLIC_BUILD_VERSION=${{ steps.get-id.outputs.ID }} \ + --file fab/d/actions-build.Dockerfile \ + --tag ${{ steps.get-id.outputs.DOCKER_IMAGE }} \ + .; + IMAGE_SIZE=`docker inspect -f "{{ .Size }}" ${{ steps.get-id.outputs.DOCKER_IMAGE }} | numfmt --to=si`; + echo "Image size $IMAGE_SIZE"; + + - name: Push the Docker image + if: ${{ github.event_name == 'push' }} + run: | + docker push ${{ steps.get-id.outputs.DOCKER_IMAGE }}; + IMAGE_SIZE=`docker inspect -f "{{ .Size }}" ${{ steps.get-id.outputs.DOCKER_IMAGE }} | numfmt --to=si`; + echo "Pushed $IMAGE_SIZE image ${{ steps.get-id.outputs.DOCKER_IMAGE }}"; diff --git a/.github/unused/v2-pr-workflow.yml b/.github/unused/v2-pr-workflow.yml new file mode 100644 index 0000000..8e1e5d9 --- /dev/null +++ b/.github/unused/v2-pr-workflow.yml @@ -0,0 +1,80 @@ +name: Docker Image CI + +on: + pull_request: + branches: + - main + +env: + REPO: ${{ github.repository }}/temp #Add /temp for PR workflow + +jobs: + + lint-and-compile: + runs-on: ubuntu-22.04 + steps: + - uses: actions/checkout@v4 + + - uses: actions/setup-node@v4 + with: + node-version: 22 + registry-url: ${{ vars.NPM_REGISTRY }} + token: ${{ secrets.NPM_TOKEN }} + + - name: Install npm dependencies + run: | + npm install -g pnpm + pnpm install + + - run: pnpm lint + - run: pnpm check + + image-vulnerability-scan: + runs-on: ubuntu-22.04 + + steps: + - id: get-id + name: Get a unique tag for this build + run: | + SHA=${{ github.sha }}; BRANCH_NAME=${{ github.base_ref || github.ref_name }}; + BUILD_ID=$BRANCH_NAME-${SHA:0:8}; + DOCKER_IMAGE=${{ vars.docker_repo2_registry }}/$REPO:$BUILD_ID; + echo "BUILD_ID=$BUILD_ID" >> "$GITHUB_OUTPUT"; + echo "DOCKER_IMAGE=$DOCKER_IMAGE" >> "$GITHUB_OUTPUT"; + + - name: Print build id and image name + run: | + echo "BUILD_ID: ${{ steps.get-id.outputs.BUILD_ID }}"; + echo "DOCKER_IMAGE: ${{ steps.get-id.outputs.DOCKER_IMAGE }}"; + + - uses: actions/checkout@v4 + + - name: Login to docker container registry + uses: docker/login-action@v3 + with: + registry: ${{ vars.docker_repo2_registry }} + username: ${{ vars.docker_repo2_username }} + password: ${{ vars.docker_repo2_password }} + + - name: Build the container image (quick, without PUBLIC_BUILD_VERSION) + # Commenting this from docker build for speed: --build-arg PUBLIC_BUILD_VERSION=${{ steps.get-id.outputs.BUILD_ID }} \ + run: | + docker build \ + --file fab/d/actions-build.Dockerfile \ + --tag ${{ steps.get-id.outputs.DOCKER_IMAGE }} \ + .; + + - name: Container details + run: | + IMAGE_SIZE=`docker inspect -f "{{ .Size }}" ${{ steps.get-id.outputs.DOCKER_IMAGE }} | numfmt --to=si`; + echo "$IMAGE_SIZE container ${{ steps.get-id.outputs.DOCKER_IMAGE }}"; + + - name: Scan container image for vulnerabilities with grype + uses: anchore/scan-action@v6 + with: + image: ${{ steps.get-id.outputs.DOCKER_IMAGE }} + cache-db: true #Cache Grype DB in Github Actions + output-format: table + only-fixed: true + severity-cutoff: critical + fail-build: true diff --git a/.github/unused/v2-push-workflow.yml b/.github/unused/v2-push-workflow.yml new file mode 100644 index 0000000..159f208 --- /dev/null +++ b/.github/unused/v2-push-workflow.yml @@ -0,0 +1,91 @@ +name: Docker Image CI + +on: + push: + branches: + - main + +env: + REPO: ${{ github.repository }} + +jobs: + + npm-push: + runs-on: ubuntu-22.04 + permissions: + # Give the default GITHUB_TOKEN write permission to commit and push the + # added or changed files to the repository. + contents: write + + steps: + - uses: actions/checkout@v4 + + - uses: actions/setup-node@v4 + with: + node-version: 22 + registry-url: ${{ vars.NPM_REGISTRY }} + token: ${{ secrets.NPM_TOKEN }} + + - name: Install npm dependencies + run: | + npm install -g pnpm + pnpm install + + - run: pnpm build + + - name: Increment package version and push + env: + GITHUB_TOKEN: ${{ github.token }} + run: | + git config --global user.name 'bot-build' + git config --global user.email 'techbots+build@gmetri.com' + + export N=`node -p require\(\'./package.json\'\).name` && echo $N + pnpm version patch --message "v%s: $N [CI SKIP]" + + npm publish + + git push origin + git push --tags origin + + container-push: + runs-on: ubuntu-22.04 + steps: + - id: get-id + name: Get a unique tag for this build + run: | + SHA=${{ github.sha }}; BRANCH_NAME=${{ github.base_ref || github.ref_name }}; + BUILD_ID=$BRANCH_NAME-${SHA:0:8}; + DOCKER_IMAGE=${{ vars.docker_repo2_registry }}/$REPO:$BUILD_ID; + echo "BUILD_ID=$BUILD_ID" >> "$GITHUB_OUTPUT"; + echo "DOCKER_IMAGE=$DOCKER_IMAGE" >> "$GITHUB_OUTPUT"; + + - name: Print build id and image name + run: | + echo "BUILD_ID: ${{ steps.get-id.outputs.BUILD_ID }}"; + echo "DOCKER_IMAGE: ${{ steps.get-id.outputs.DOCKER_IMAGE }}"; + + - uses: actions/checkout@v4 + + - name: Login to docker container registry + uses: docker/login-action@v3 + with: + registry: ${{ vars.docker_repo2_registry }} + username: ${{ vars.docker_repo2_username }} + password: ${{ vars.docker_repo2_password }} + + - name: Build the container image + run: | + docker build \ + --build-arg PUBLIC_BUILD_VERSION=${{ steps.get-id.outputs.BUILD_ID }} \ + --file fab/d/actions-build.Dockerfile \ + --tag ${{ steps.get-id.outputs.DOCKER_IMAGE }} \ + .; + + - name: Container details + run: | + IMAGE_SIZE=`docker inspect -f "{{ .Size }}" ${{ steps.get-id.outputs.DOCKER_IMAGE }} | numfmt --to=si`; + echo "$IMAGE_SIZE container ${{ steps.get-id.outputs.DOCKER_IMAGE }}"; + + - name: Push the container image + run: docker push ${{ steps.get-id.outputs.DOCKER_IMAGE }} diff --git a/.github/unused/workflow_inputs.yml b/.github/unused/workflow_inputs.yml new file mode 100644 index 0000000..920dc75 --- /dev/null +++ b/.github/unused/workflow_inputs.yml @@ -0,0 +1,38 @@ +# Inputs with workflow_call (triggering from another workflow): +on: + workflow_call: + inputs: + username: + description: 'A username passed from the caller workflow' + default: 'john-doe' + required: false + type: string + +jobs: + print-username: + runs-on: ubuntu-latest + + steps: + - name: Print the input name to STDOUT + run: echo The username is ${{ inputs.username }} + + +# Inputs with workflow_dispatch (manual trigger): +name: Update Repo Version Workflow + +on: + workflow_dispatch: + inputs: + name: + type: choice + description: Who to greet + options: + - monalisa + - cschleiden + message: + required: true + use-emoji: + type: boolean + description: Include 🎉🤣 emojis + environment: + type: environment \ No newline at end of file diff --git a/.github/workflows/trigger-cs-update.yml b/.github/workflows/trigger-cs-update.yml new file mode 100644 index 0000000..8c8c2c4 --- /dev/null +++ b/.github/workflows/trigger-cs-update.yml @@ -0,0 +1,54 @@ +name: Reusable container push workflow + +on: + workflow_call: + inputs: + deploy_repo: + description: 'The cs repo that contains this image' + required: true + type: string + +env: + REPO: ${{ github.repository }} + +jobs: + trigger-cs-job: + permissions: + issues: write + runs-on: ubuntu-22.04 + steps: + - id: get-id + name: Get a unique tag for this build + run: | + SHA=${{ github.sha }}; BRANCH_NAME=${{ github.base_ref || github.ref_name }}; + BUILD_ID=$BRANCH_NAME-${SHA:0:8}; + DOCKER_BASE=${{ vars.docker_repo2_registry }}/$REPO + DOCKER_IMAGE=$DOCKER_BASE:$BUILD_ID; + echo "BUILD_ID=$BUILD_ID" >> "$GITHUB_OUTPUT"; + echo "DOCKER_BASE=$DOCKER_BASE" >> "$GITHUB_OUTPUT"; + echo "DOCKER_IMAGE=$DOCKER_IMAGE" >> "$GITHUB_OUTPUT"; + + - name: Print build id and image name + run: | + echo "BUILD_ID: ${{ steps.get-id.outputs.BUILD_ID }}"; + echo "DOCKER_BASE: ${{ steps.get-id.outputs.DOCKER_BASE }}"; + echo "DOCKER_IMAGE: ${{ steps.get-id.outputs.DOCKER_IMAGE }}"; + + - name: Push image name and tag to cs repo's issue#1 + run: | + ISSUE_COMMENT_STRING=`echo "{ \"image\": \"${{ steps.get-id.outputs.DOCKER_BASE }}\", \"tag\": \"${{ steps.get-id.outputs.BUILD_ID }}\" }" | jq tostring` + echo ISSUE_COMMENT_STRING: $ISSUE_COMMENT_STRING + + API_JSON_BODY=`echo '{"body": '$ISSUE_COMMENT_STRING' }' | jq -r tostring` + echo API_JSON_BODY: $API_JSON_BODY + # {"body":"{\"image\":\"repo2.hub.gmetri.io/dt-api\",\"tag\":\"main-255c2f30\"}"} + + set +x + curl -X 'POST' \ + '${{ github.api_url }}/repos/${{ inputs.deploy_repo }}/issues/1/comments' \ + -H 'accept: application/json' \ + -H 'Authorization: token ${{ secrets.bot_build_issues_token }}' \ + -H 'Content-Type: application/json' \ + -d $API_JSON_BODY + set +x + diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..d954a11 --- /dev/null +++ b/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2025 GMetri XR + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/basetag.sh b/basetag.sh new file mode 100755 index 0000000..4287c21 --- /dev/null +++ b/basetag.sh @@ -0,0 +1,52 @@ +#!/bin/bash + +# https://gist.github.com/CSTDev/08c127680e3b5fae38c051da3e489351 + +#get highest tag number containing at least 2 dots +VERSION=`git describe --abbrev=0 --tags --match="v[0-9]*\.*\.*"` + +#replace . with space so can split into an array +VERSION_BITS=(${VERSION//./ }) + +#get number parts and increase last one by 1 +VNUM1=${VERSION_BITS[0]} +VNUM2=${VERSION_BITS[1]} +VNUM3=${VERSION_BITS[2]} +VNUM1=`echo $VNUM1 | sed 's/v//'` + +# Check for #major or #minor in commit message and increment the relevant version number +MAJOR=`git log --format=%B -n 1 HEAD | grep '#major'` +MINOR=`git log --format=%B -n 1 HEAD | grep '#minor'` + +if [ "$MAJOR" ]; then + echo "Update major version" + VNUM1=$((VNUM1+1)) + VNUM2=0 + VNUM3=0 +elif [ "$MINOR" ]; then + echo "Update minor version" + VNUM2=$((VNUM2+1)) + VNUM3=0 +else + echo "Update patch version" + VNUM3=$((VNUM3+1)) +fi + + +#create new tag +NEW_TAG="v$VNUM1.$VNUM2.$VNUM3" + +echo "Updating $VERSION to $NEW_TAG" + +#get current hash and see if it already has a tag +GIT_COMMIT=`git rev-parse HEAD` +NEEDS_TAG=`git describe --contains $GIT_COMMIT` + +#only tag if no tag already (would be better if the git describe command above could have a silent option) +if [ -z "$NEEDS_TAG" ]; then + echo "Tagged with $NEW_TAG (Ignoring fatal:cannot describe - this means commit is untagged) " + git tag $NEW_TAG + git push --tags +else + echo "Already a tag on this commit" +fi