diff --git a/.github/workflows/ndc-python-lambda-connector.yaml b/.github/workflows/ndc-python-lambda-connector.yaml index 66019d7..55fedcd 100644 --- a/.github/workflows/ndc-python-lambda-connector.yaml +++ b/.github/workflows/ndc-python-lambda-connector.yaml @@ -83,13 +83,6 @@ jobs: steps: - uses: actions/checkout@v4 - - name: Set up containerd - uses: crazy-max/ghaction-setup-containerd@v3 - - - name: Fix containerd socket permissions - run: | - sudo chgrp docker /run/containerd/containerd.sock - - name: Set up QEMU uses: docker/setup-qemu-action@v3 @@ -109,48 +102,7 @@ jobs: with: images: ${{ env.DOCKER_REGISTRY }}/${{ env.DOCKER_IMAGE_NAME }} - - name: Build Docker image - uses: docker/build-push-action@v6 - with: - context: . - push: false - platforms: linux/amd64,linux/arm64 - tags: ${{ steps.docker-metadata.outputs.tags }} - labels: ${{ steps.docker-metadata.outputs.labels }} - # Export the image to a tar so it can be imported into containerd so gokakashi can scan it - outputs: type=oci,dest=/tmp/image.tar - - - name: Import docker image into containerd store - run: | - ctr images import --base-name ${{ env.DOCKER_REGISTRY }}/${{ env.DOCKER_IMAGE_NAME }} --digests --all-platforms /tmp/image.tar - - - name: Get first docker tag for gokakashi - id: first-docker-tag - run: | - FIRST_TAG=$(echo "${{ steps.docker-metadata.outputs.tags }}" | head -n 1) - echo "First docker tag: $FIRST_TAG" - echo "tag=$FIRST_TAG" >> $GITHUB_OUTPUT - - - name: Scan docker image with gokakashi - uses: shinobistack/gokakashi-action@v0.1.1 - with: - image: ${{ steps.first-docker-tag.outputs.tag }} - labels: agentKey=${{ github.run_id }} - policy: ci-platform - server: https://gokakashi-server.hasura-app.io - token: ${{ secrets.GOKAKASHI_API_TOKEN }} - cf_client_id: ${{ secrets.CF_ACCESS_CLIENT_ID }} - cf_client_secret: ${{ secrets.CF_ACCESS_CLIENT_SECRET }} - interval: 10 - retries: 8 - - - name: Upload Trivy report as artifact - uses: actions/upload-artifact@v4 - with: - name: trivy-report - path: /tmp/trivy-report-*.json - - - name: Push Docker image + - name: Build and Push Docker image uses: docker/build-push-action@v6 with: context: . @@ -194,79 +146,3 @@ jobs: files: | ./connector-definition/dist/connector-definition.tgz fail_on_unmatched_files: true - - - name: Update ndc-hub - env: - REGISTRY_NAME: hasura - CONNECTOR_NAME: ndc-python-lambda - COMMIT_HASH: ${{ needs.build-connector.outputs.commit_hash }} - SHA256: ${{ needs.build-connector.outputs.sha256 }} - GH_TOKEN: ${{ secrets.PAT_TOKEN }} - run: | - # Clone ndc-hub repository - git clone https://github.com/hasura/ndc-hub.git - cd ndc-hub - - # Create a new branch - NEW_BRANCH="update-${{ env.CONNECTOR_NAME }}-connector-v${{ steps.get-version.outputs.tagged_version }}" - git checkout -b $NEW_BRANCH - - cd registry/${{ env.REGISTRY_NAME }}/python - - # Create releases directory if it doesn't exist - mkdir -p releases/v${{ steps.get-version.outputs.tagged_version }} - - # Create connector-packaging.json - cat << EOF > releases/v${{ steps.get-version.outputs.tagged_version }}/connector-packaging.json - { - "version": "v${{ steps.get-version.outputs.tagged_version }}", - "uri": "https://github.com/${{ github.repository }}/releases/download/v${{ steps.get-version.outputs.tagged_version }}/connector-definition.tgz", - "checksum": { - "type": "sha256", - "value": "$SHA256" - }, - "source": { - "hash": "$COMMIT_HASH" - }, - "test": { - "test_config_path": "../../tests/test-config.json" - } - } - EOF - - # Update metadata.json to remove 'packages' field if it exists and update 'latest_version' - jq --arg version_tag "v${{ steps.get-version.outputs.tagged_version }}" \ - --arg commit_hash "$COMMIT_HASH" \ - 'if has("packages") then del(.packages) else . end | - .overview.latest_version = $version_tag | - if has("source_code") then - .source_code.version += [{ - "tag": $version_tag, - "hash": $commit_hash, - "is_verified": false - }] - else - . + {"source_code": {"version": [{ - "tag": $version_tag, - "hash": $commit_hash, - "is_verified": false - }]}} - end' \ - metadata.json > tmp.json && mv tmp.json metadata.json - - # Commit changes - git config user.name "GitHub Action" - git config user.email "action@github.com" - git add metadata.json README.md releases - git commit -m "Update ${{ env.CONNECTOR_NAME }} connector metadata to version ${{ steps.get-version.outputs.tagged_version }}" - - # Push changes - git push https://${{ secrets.PAT_TOKEN }}@github.com/hasura/ndc-hub.git HEAD:$NEW_BRANCH - - # Create PR using GitHub CLI - cd ../.. - gh pr create --repo hasura/ndc-hub \ - --base main \ - --head $NEW_BRANCH \ - --title "Update ${{ env.CONNECTOR_NAME }} connector to v${{ steps.get-version.outputs.tagged_version }}" \ - --body "This PR updates the ${{ env.CONNECTOR_NAME }} connector metadata to version ${{ steps.get-version.outputs.tagged_version }}." diff --git a/CHANGELOG.md b/CHANGELOG.md index 42bbb23..988c552 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,7 +4,7 @@ This changelog documents the changes between release versions. ## [Unreleased] Changes to be included in the next upcoming release -## 0.2.1 - 2025.08.15 +## [0.2.1] - 2025.08.15 * Use `ndc-sdk-python` package version `v0.40` ## [0.2.0] - 2025-04-02