chore: add automation to sync analyzers and push sarif-parser's image

Changes:
  - Add a GitHub action to sync analyzers and their assets
  - Add a cloudbuild script to push sarif-parser's image

.github/workflows/syncer.yaml

@@ -0,0 +1,45 @@
+name: Sync community analyzers
+
+on:
+  push:
+    tags:
+      - v.*
+
+env:
+  ENDPOINT: ${{ secrets.SYNC_ENDPOINT_DEV }}
+  DATASYNC_SECRET: ${{ secrets.DATASYNC_SECRET_DEV }}
+
+jobs:
+  sync_analyzers:
+    runs-on: [self-hosted, charmeleon]
+
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          ref: ${{ github.event.pull_request.head.sha }}
+
+      - name: Set up Python 3.11
+        uses: actions/setup-python@v2
+        with:
+          python-version: 3.11
+          architecture: x64
+
+      - name: Send sync signal
+        run: |
+          # Prepare a list of names of all analyzers to sync
+          # These are all the subdirectories under `analyzers/` of the current repository
+          # We only want the names of subdir stored as strings in the array
+          # Expected result: ["infer", "kube-linter"]
+          analyzer_shortcodes=$(echo -n analyzers/*/(/:t) | jq -cRs 'split(" ")')
+
+          # Send a sync signal
+          curl -X POST $SYNC_ENDPOINT -H "Content-Type: application/json" -H "Authorization: Bearer ${DATASYNC_SECRET}" --data-raw '{"query":" mutation($input: TriggerCommunityAnalyzersSyncInput!){\n    triggerCommunityAnalyzersSync(input: $input){\n        ok\n    }\n}","variables":{"input":{"repoRef":'"$TAG"'', "analyzerTools":'"$analyzer_shortcodes"'}}}'
+
+          # Print a confirmation message
+          if [ $? -eq 0 ]; then
+            echo "Sync signal sent for $analyzer_shortcodes."
+          else
+            echo "Sync signal failed for $analyzer_shortcodes."
+            # Exit with a non-zero code to fail this GitHub Action pipeline
+            exit 1
+          fi

cloudbuild.yaml

@@ -1,18 +1,15 @@
-# Build
+# Build and Push the sarif parser image to GCR
 timeout: 5m0s
 
 steps:
-  - name: 'curlimages/curl'
+  - name: 'gcr.io/cloud-builders/docker:20.10.14'
     args:
-      [
-        '--location',
-        '--request', 'POST',
-        '--header', "Authorization: Bearer ${_DATASYNC_SECRET}",
-        '--header', 'Content-Type: application/json',
-        '--data-raw', '{"query":" mutation($input: TriggerAnalyzerSyncInput!){\n    triggerAnalyzerSync(input: $input){\n        ok\n    }\n}","variables":{"input":{"repoName":"community-analyzers","tag":"$TAG_NAME","analyzer_version_map":{\"infer\":\"v1.1.0\",\"kube-linter\":\"0.6.4\"}}}}',
-        'https://app.deepsource.one/internal/graphql/'
-      ]
-substitutions:
-  _DATASYNC_SECRET: datasyncsecret
+    - build
+    - -t
+    - ${_REGISTRY_NAME}:$TAG_NAME
+    - -t
+    - ${_REGISTRY_NAME}:latest  # Also push the image with a `latest` tag
+    - .
+images: ['${_REGISTRY_NAME}:$TAG_NAME', '${_REGISTRY_NAME}:latest']
 options:
   machineType: 'E2_HIGHCPU_8'