From 46ee68001d306b1c49e8b73954c03a91d9dde062 Mon Sep 17 00:00:00 2001 From: vladimir Date: Wed, 20 Mar 2024 15:46:36 -0400 Subject: [PATCH 1/3] fixed JS errors that blocked creating keys --- bin/controller.keys.js | 10 ++++++---- bin/server.js | 4 ++-- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/bin/controller.keys.js b/bin/controller.keys.js index bf6276c3..30b22189 100755 --- a/bin/controller.keys.js +++ b/bin/controller.keys.js @@ -112,10 +112,12 @@ module.exports.updateKeys = function updateKeys(options, taskCallback) { singleItem.Labels = _.get(singleItem, 'metadata.labels'); - singleItem.Labels['ci.rabbit.name'] = singleItem.Labels['name']; - - singleItem.Labels['ci.rabbit.ssh.user'] = singleItem.Labels['ci.rabbit.ssh.user'] || null; - return singleItem; + // Prevents the application from being added to the list if it does not have the required labels + if ( _.get(singleItem.Labels, 'name', false) && _.get(singleItem.Labels, 'ci.rabbit.ssh.user', false) ) { + singleItem.Labels['ci.rabbit.name'] = singleItem.Labels['name']; + singleItem.Labels['ci.rabbit.ssh.user'] = singleItem.Labels['ci.rabbit.ssh.user'] || null; + return singleItem; + } }); diff --git a/bin/server.js b/bin/server.js index c65925c8..bab04a9b 100644 --- a/bin/server.js +++ b/bin/server.js @@ -51,8 +51,8 @@ setInterval(function() { var _containers = body = _.map(body.items, function(singleItem) { singleItem.Labels = _.get(singleItem, 'metadata.labels'); - singleItem.Labels['ci.rabbit.name'] = singleItem.Labels['name']; - singleItem.Labels['ci.rabbit.ssh.user'] = singleItem.Labels['ci.rabbit.ssh.user'] || null; + singleItem.Labels['ci.rabbit.name'] = _.get(singleItem.Labels,'name', null); + singleItem.Labels['ci.rabbit.ssh.user'] = _.get(singleItem.Labels,'ci.rabbit.ssh.user', null); return singleItem; }); From f9662c5335cc4be0fc86bdc907c149339b75e804 Mon Sep 17 00:00:00 2001 From: vladimir Date: Wed, 20 Mar 2024 15:48:51 -0400 Subject: [PATCH 2/3] added new GitHub Action to release and create SBOM --- .github/workflows/publish_release.yml | 130 ++++++++++++++++++++++++++ 1 file changed, 130 insertions(+) create mode 100644 .github/workflows/publish_release.yml diff --git a/.github/workflows/publish_release.yml b/.github/workflows/publish_release.yml new file mode 100644 index 00000000..3947034d --- /dev/null +++ b/.github/workflows/publish_release.yml @@ -0,0 +1,130 @@ +name: Publish Release +run-name: Publish Release + +on: + workflow_dispatch: + inputs: + release: + description: 'Release version (e.g. 1.2.3)' + required: true + +permissions: + contents: write + +env: + TAG: ${{ github.event.inputs.release }} + BRANCH: temp-release-${{ github.event.inputs.release }} + +jobs: + build: + runs-on: ubuntu-latest + steps: + # ref and repository are required, otherwise repo could appear in detached head state + - name: Checkout + uses: actions/checkout@v4 + with: + ref: ${{ github.head_ref }} + repository: ${{ github.repository }} + + - name: Parse Changelog Entries + uses: actions/github-script@v7 + id: changelog + with: + script: | + const { open } = require('fs/promises'); + + const version = process.env.TAG; + const delimiter = '#### '; + const file = await open('./changes.md'); + + let description = []; + let found = false; + + for await (let line of file.readLines()) { + line = line.trim(); + + if ( line.startsWith(`${delimiter}${version}`) ) { + found = true; + continue; + } + + if (!found) continue; + if ( line.startsWith(delimiter) ) break; + + description.push(line); + } + + if ( !description.length ) core.setFailed(`Release ${version} not found in the changelog!`); + + core.setOutput('description', description.join('\n') ); + + + # cleanup files that are not needed for the release + # but keep the .git folder, because we need it for the next step + - name: Cleanup files + run: | + rm -f composer.lock || true + rm -rf vendor/composer/installers || true + find ./ -name '.git*' -not -path './.git' -type f -delete || true + find ./ -name '.git*' -not -path './.git' -type d -exec rm -rf {} \; || true + find ./vendor -name .svn -exec rm -rf {} \; || true + + # cleanup files, specific to Google API PHP library + - name: Cleanup files for Google API library + run: | + rm -f lib/Google/phpstan.neon.dist || true + rm -f lib/Google/vendor/paragonie/random_compat/build-phar.sh || true + find ./lib/Google/ -name '.repo-metadata.json' -type f -delete || true + find ./lib/Google/vendor -name .svn -exec rm -rf '{}' \; || true + + # commit changes to temporary release branch and create a new tag + - name: Commit changes + uses: EndBug/add-and-commit@v9 + with: + message: Cleanup files for release + new_branch: ${{ env.BRANCH }} + tag: ${{ env.TAG }} + + # generate SBOM that will be attached to a release as an artifact + - name: Create SBOM + id: sbom + uses: anchore/sbom-action@v0 + with: + path: . + output-file: sbom.spdx.json + format: spdx-json + + # create a draft release with the version changelog as a description + - name: Create Draft Release + id: draft_release + uses: softprops/action-gh-release@v1 + with: + name: "Release ${{ env.TAG }}" + body: "${{ steps.changelog.outputs.description }}" + tag_name: ${{ env.TAG }} + draft: true + prerelease: false + + # attach SBOM to release + - name: Upload SBOM to release + uses: actions/upload-release-asset@v1.0.1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + upload_url: ${{ steps.draft_release.outputs.upload_url }} + asset_path: ./sbom.spdx.json + asset_name: sbom.spdx.json + asset_content_type: application/json + + # publish release using an ID from the 'draft_release' step + - name: Publish Release + uses: eregon/publish-release@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + release_id: ${{ steps.draft_release.outputs.id }} + + # delete temporary release branch + - name: Delete temporary release branch + run: | + git push origin --delete ${{ env.BRANCH }} \ No newline at end of file From 0b0040d5b318ba31f10663fd99c986f2c0fcbe8e Mon Sep 17 00:00:00 2001 From: vladimir Date: Mon, 1 Apr 2024 14:20:27 -0400 Subject: [PATCH 3/3] removed GitHub Action for release, will be improved and then committed --- .github/workflows/publish_release.yml | 130 -------------------------- 1 file changed, 130 deletions(-) delete mode 100644 .github/workflows/publish_release.yml diff --git a/.github/workflows/publish_release.yml b/.github/workflows/publish_release.yml deleted file mode 100644 index 3947034d..00000000 --- a/.github/workflows/publish_release.yml +++ /dev/null @@ -1,130 +0,0 @@ -name: Publish Release -run-name: Publish Release - -on: - workflow_dispatch: - inputs: - release: - description: 'Release version (e.g. 1.2.3)' - required: true - -permissions: - contents: write - -env: - TAG: ${{ github.event.inputs.release }} - BRANCH: temp-release-${{ github.event.inputs.release }} - -jobs: - build: - runs-on: ubuntu-latest - steps: - # ref and repository are required, otherwise repo could appear in detached head state - - name: Checkout - uses: actions/checkout@v4 - with: - ref: ${{ github.head_ref }} - repository: ${{ github.repository }} - - - name: Parse Changelog Entries - uses: actions/github-script@v7 - id: changelog - with: - script: | - const { open } = require('fs/promises'); - - const version = process.env.TAG; - const delimiter = '#### '; - const file = await open('./changes.md'); - - let description = []; - let found = false; - - for await (let line of file.readLines()) { - line = line.trim(); - - if ( line.startsWith(`${delimiter}${version}`) ) { - found = true; - continue; - } - - if (!found) continue; - if ( line.startsWith(delimiter) ) break; - - description.push(line); - } - - if ( !description.length ) core.setFailed(`Release ${version} not found in the changelog!`); - - core.setOutput('description', description.join('\n') ); - - - # cleanup files that are not needed for the release - # but keep the .git folder, because we need it for the next step - - name: Cleanup files - run: | - rm -f composer.lock || true - rm -rf vendor/composer/installers || true - find ./ -name '.git*' -not -path './.git' -type f -delete || true - find ./ -name '.git*' -not -path './.git' -type d -exec rm -rf {} \; || true - find ./vendor -name .svn -exec rm -rf {} \; || true - - # cleanup files, specific to Google API PHP library - - name: Cleanup files for Google API library - run: | - rm -f lib/Google/phpstan.neon.dist || true - rm -f lib/Google/vendor/paragonie/random_compat/build-phar.sh || true - find ./lib/Google/ -name '.repo-metadata.json' -type f -delete || true - find ./lib/Google/vendor -name .svn -exec rm -rf '{}' \; || true - - # commit changes to temporary release branch and create a new tag - - name: Commit changes - uses: EndBug/add-and-commit@v9 - with: - message: Cleanup files for release - new_branch: ${{ env.BRANCH }} - tag: ${{ env.TAG }} - - # generate SBOM that will be attached to a release as an artifact - - name: Create SBOM - id: sbom - uses: anchore/sbom-action@v0 - with: - path: . - output-file: sbom.spdx.json - format: spdx-json - - # create a draft release with the version changelog as a description - - name: Create Draft Release - id: draft_release - uses: softprops/action-gh-release@v1 - with: - name: "Release ${{ env.TAG }}" - body: "${{ steps.changelog.outputs.description }}" - tag_name: ${{ env.TAG }} - draft: true - prerelease: false - - # attach SBOM to release - - name: Upload SBOM to release - uses: actions/upload-release-asset@v1.0.1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ steps.draft_release.outputs.upload_url }} - asset_path: ./sbom.spdx.json - asset_name: sbom.spdx.json - asset_content_type: application/json - - # publish release using an ID from the 'draft_release' step - - name: Publish Release - uses: eregon/publish-release@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - release_id: ${{ steps.draft_release.outputs.id }} - - # delete temporary release branch - - name: Delete temporary release branch - run: | - git push origin --delete ${{ env.BRANCH }} \ No newline at end of file