Skip to content

Commit

Permalink
Fix first run (dry run)
Browse files Browse the repository at this point in the history
  • Loading branch information
sbrunner committed Nov 7, 2024
1 parent ce3501b commit d43ca69
Show file tree
Hide file tree
Showing 11 changed files with 254 additions and 163 deletions.
3 changes: 2 additions & 1 deletion .github/publish.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,8 @@ pypi:
- version_tag
- version_branch
packages:
- path: .
- {}
docker:
auto_login: true
images:
- name: camptocamp/tag-publish
1 change: 1 addition & 0 deletions .github/workflows/main.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ on:

permissions:
packages: write
id-token: write

env:
HAS_SECRETS: ${{ secrets.HAS_SECRETS }}
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/repository-dispatch.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,8 @@ on:
required: true
name:
description: The package name
path:
description: The package path
folder:
description: The package folder
version:
description: The package version
tag:
Expand All @@ -33,7 +33,7 @@ jobs:
run: |
echo "Event type: ${{ github.event.client_payload.type }}"
echo "Package name: ${{ github.event.client_payload.name }}"
echo "Package path: ${{ github.event.client_payload.path }}"
echo "Package folder: ${{ github.event.client_payload.folder }}"
echo "Package version: ${{ github.event.client_payload.version }}"
echo "Package tag: ${{ github.event.client_payload.tag }}"
echo "Repository: ${{ github.event.client_payload.repository }}"
Expand Down
16 changes: 7 additions & 9 deletions config.md
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ _Tag Publish configuration file_
- **`server`** _(string)_: The server URL.
- **`versions`** _(array)_: The kind or version that should be published, tag, branch or value of the --version argument of the tag-publish script. Default: `["version_tag", "version_branch", "rebuild", "feature_branch"]`.
- **Items** _(string)_
- **`auto_login`** _(boolean)_: Auto login to the GitHub Docker registry. Default: `false`.
- **`snyk`** _(object)_: Checks the published images with Snyk.
- **`monitor_args`**: The arguments to pass to the Snyk container monitor command. Default: `["--app-vulns"]`.
- **One of**
Expand All @@ -45,19 +46,16 @@ _Tag Publish configuration file_
- **`packages`** _(array)_: The configuration of packages that will be published.
- **Items** _(object)_: The configuration of package that will be published.
- **`group`** _(string)_: The image is in the group, should be used with the --group option of tag-publish script. Default: `"default"`.
- **`path`** _(string)_: The path of the pypi package. Default: `"."`.
- **`folder`** _(string)_: The folder of the pypi package. Default: `"."`.
- **`build_command`** _(array)_: The command used to do the build.
- **Items** _(string)_
- **`versions`** _(array)_: The kind or version that should be published, tag, branch or value of the --version argument of the tag-publish script. Default: `["version_tag"]`.
- **Items** _(string)_
- <a id="definitions/helm"></a>**`helm`**: Configuration to publish Helm charts on GitHub release.
- **One of**
- _object_: Configuration to publish on Helm charts on GitHub release.
- **`folders`** _(array)_: The folders that will be published.
- **Items** _(string)_
- **`versions`** _(array)_: The kind or version that should be published, tag, branch or value of the --version argument of the tag-publish script. Default: `["version_tag"]`.
- **Items** _(string)_
- : Must be: `false`.
- <a id="definitions/helm"></a>**`helm`** _(object)_: Configuration to publish Helm charts on GitHub release.
- **`folders`** _(array)_: The folders that will be published.
- **Items** _(string)_
- **`versions`** _(array)_: The kind or version that should be published, tag, branch or value of the --version argument of the tag-publish script. Default: `["version_tag"]`.
- **Items** _(string)_
- <a id="definitions/version_transform"></a>**`version_transform`** _(array)_: A version transformer definition.
- **Items** _(object)_
- **`from`** _(string)_: The from regular expression.
Expand Down
34 changes: 29 additions & 5 deletions tag_publish/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@
from re import Match, Pattern
from typing import Any, Optional, TypedDict, cast

import application_download.cli
import github
import requests
import ruamel.yaml
Expand All @@ -32,10 +33,25 @@ class GH:

def __init__(self) -> None:
"""Initialize the GitHub helper class."""
token = os.environ["GITHUB_TOKEN"]
token = (
os.environ["GITHUB_TOKEN"]
if "GITHUB_TOKEN" in os.environ
else subprocess.run(
["gh", "auth", "token"], check=True, stdout=subprocess.PIPE, encoding="utf-8"
).stdout.strip()
)
self.auth = github.Auth.Token(token)
self.github = github.Github(auth=self.auth)
self.repo = self.github.get_repo(os.environ["GITHUB_REPOSITORY"])
self.repo = self.github.get_repo(
os.environ["GITHUB_REPOSITORY"]
if "GITHUB_REPOSITORY" in os.environ
else subprocess.run(
["gh", "repo", "view", "--json", "name,owner", "--jq", '(.owner.login + "/" + .name)'],
check=True,
stdout=subprocess.PIPE,
encoding="utf-8",
).stdout.strip()
)
self.default_branch = self.repo.default_branch


Expand Down Expand Up @@ -77,8 +93,8 @@ def get_config(gh: GH) -> tag_publish.configuration.Configuration:
Get the configuration, with project and auto detections.
"""
config: tag_publish.configuration.Configuration = {}
if os.path.exists("ci/config.yaml"):
with open("ci/config.yaml", encoding="utf-8") as open_file:
if os.path.exists(".github/publish.yaml"):
with open(".github/publish.yaml", encoding="utf-8") as open_file:
yaml_ = ruamel.yaml.YAML()
config = yaml_.load(open_file)

Expand Down Expand Up @@ -224,6 +240,14 @@ def snyk_exec() -> tuple[str, dict[str, str]]:
env = {**os.environ}
env["FORCE_COLOR"] = "true"
snyk_bin = os.path.expanduser(os.path.join("~", ".local", "bin", "snyk"))

if not os.path.exists(snyk_bin):
try:
application_download.cli.download_application("snyk/cli")
except Exception as exception: # pylint: disable=broad-exception-caught
print(f"Error: {exception}")
print("::error::With error")

if "SNYK_ORG" in env:
subprocess.run([snyk_bin, "config", "set", f"org={env['SNYK_ORG']}"], check=True, env=env)

Expand All @@ -237,7 +261,7 @@ class PublishedPayload(TypedDict, total=False):

type: str
name: str
path: str
folder: str
version: str
tag: str
repository: str
Expand Down
1 change: 1 addition & 0 deletions tag_publish/applications-versions.yaml
Original file line number Diff line number Diff line change
@@ -1,2 +1,3 @@
# https://docs.renovatebot.com/modules/datasource/#github-releases-datasource
helm/chart-releaser: v1.6.1 # github-releases
snyk/cli: v1.1293.1 # github-releases
Loading

0 comments on commit d43ca69

Please sign in to comment.