diff --git a/.changeset/warm-seas-run.md b/.changeset/warm-seas-run.md new file mode 100644 index 00000000000..0c3e44d0705 --- /dev/null +++ b/.changeset/warm-seas-run.md @@ -0,0 +1,7 @@ +--- +'@asyncapi/cli': minor +--- + +- Changed docker build to a source code based build +- Changed name of github action to avoid clash +- Fixed Docker and Release Pipeline diff --git a/.github/workflows/release-docker.yml b/.github/workflows/release-docker.yml index d3484654bac..ddc04fd14b1 100644 --- a/.github/workflows/release-docker.yml +++ b/.github/workflows/release-docker.yml @@ -16,6 +16,11 @@ jobs: VERSION_WITHOUT_V=${VERSION:1} echo "value=${VERSION_WITHOUT_V}" >> $GITHUB_OUTPUT + - name : Checkout repository + uses: actions/checkout@v4 + with: + ref: tags/${{ github.event.release.tag_name }} + - name: Set Up QEMU uses: docker/setup-qemu-action@v2 @@ -28,10 +33,6 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - # This workflow triggers on GitHub Release, but it may start before the npm package is published. - - name: Sleep for 30 sec - run: sleep 30s - - name: Build Image uses: docker/build-push-action@v4 with: diff --git a/.github/workflows/upload-release-assets.yml b/.github/workflows/upload-release-assets.yml index f9c979955ad..b56e0eb6689 100644 --- a/.github/workflows/upload-release-assets.yml +++ b/.github/workflows/upload-release-assets.yml @@ -1,16 +1,13 @@ name: Upload custom assets to GitHub release on: - # It cannot run on release event as when release is created then version is not yet bumped in package.json - # This means we cannot extract easily latest version and have a risk that package is not yet on npm - push: - branches: - - master + release: + types: + - published jobs: upload-assets: name: Generate and upload assets - if: startsWith(github.event.commits[0].message, 'chore(release):') runs-on: ${{ matrix.os }} continue-on-error: true strategy: diff --git a/.sonarcloud.properties b/.sonarcloud.properties index 0657ce6336b..fbba2f0d869 100644 --- a/.sonarcloud.properties +++ b/.sonarcloud.properties @@ -1 +1,9 @@ -sonar.exclusions=test/**/* \ No newline at end of file +sonar.exclusions=test/**/*,Dockerfile +sonar.issue.ignore.multicriteria=e1,e2 + +# Exclude copy recursively and root user issue in Dockerfile +sonar.issue.ignore.multicriteria.e1.ruleKey=docker:S6470 +sonar.issue.ignore.multicriteria.e1.resourceKey=**/Dockerfile + +sonar.issue.ignore.multicriteria.e2.ruleKey=docker:S6471 +sonar.issue.ignore.multicriteria.e2.resourceKey=**/Dockerfile diff --git a/Development.md b/DEVELOPMENT.md similarity index 100% rename from Development.md rename to DEVELOPMENT.md diff --git a/Dockerfile b/Dockerfile index c2d7945239f..bee568fe55f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,3 +1,30 @@ +FROM node:20-alpine AS build + +# Copy the source code +COPY ./ /tmp/source_code + +# Install dependencies +RUN cd /tmp/source_code && npm install --ignore-scripts + +# Build the source code +RUN cd /tmp/source_code && npm run build + +# create libraries directory +RUN mkdir -p /libraries + +# Copy the lib, bin, node_modules, and package.json files to the /libraries directory +RUN cp -r /tmp/source_code/lib /libraries +RUN cp -r /tmp/source_code/assets /libraries +RUN cp /tmp/source_code/package.json /libraries +RUN cp /tmp/source_code/package-lock.json /libraries +RUN cp /tmp/source_code/oclif.manifest.json /libraries + +# Copy the bin directory to the /libraries directory +RUN cp -r /tmp/source_code/bin /libraries + +# Remove everything inside /tmp +RUN rm -rf /tmp/* + FROM node:20-alpine # Set ARG to explicit value to build chosen version. Default is "latest" @@ -19,8 +46,20 @@ RUN apk --update add git chromium && \ rm -rf /var/lib/apt/lists/* && \ rm /var/cache/apk/* -# Installing latest released npm package -RUN npm install --ignore-scripts -g @asyncapi/cli@"$ASYNCAPI_CLI_VERSION" +# Copy the libraries directory from the build stage +COPY --from=build /libraries /libraries + +# Install the dependencies +RUN cd /libraries && npm install --production --ignore-scripts + +# Create a script that runs the desired command +RUN ln -s /libraries/bin/run_bin /usr/local/bin/asyncapi + +# Make the script executable +RUN chmod +x /usr/local/bin/asyncapi + +# Change ownership to non-root user +RUN chown -R myuser:myuser /libraries /usr/local/bin/asyncapi || echo "Failed to change ownership" RUN chown -R myuser:myuser /usr/local/lib/node_modules && \ chown -R myuser:myuser /usr/local/bin diff --git a/README.md b/README.md index 36ef6c70323..15d0f6e9005 100644 --- a/README.md +++ b/README.md @@ -32,7 +32,7 @@ Read [CONTRIBUTING](https://github.com/asyncapi/.github/blob/master/CONTRIBUTING ### Set up development environment -Read [Development.md](/Development.md) file for development setup. +Read [DEVELOPMENT.md](/DEVELOPMENT.md) file for development setup. Additional steps: diff --git a/action.yml b/action.yml index 1efd6ec4cb3..660126529f9 100644 --- a/action.yml +++ b/action.yml @@ -1,5 +1,5 @@ -name: 'Generator, Validator, Converter and others - all in one for your AsyncAPI docs' -description: 'Use this action to generate docs or code from your AsyncAPI document. Use default templates or provide your custom ones.' +name: 'AsyncAPI CLI Action' +description: 'One stop solution for all your AsyncAPI Specification needs in github actions. Use this action to generate code, validate your AsyncAPI document, convert it to other formats, optimize it or run custom commands.' inputs: cli_version: description: 'Version of AsyncAPI CLI to be used. This is only needed if you want to test with a specific version of AsyncAPI CLI. Default is latest which is also the recommended option.'