diff --git a/.gitea/workflows/release.yaml b/.gitea/workflows/release.yaml index 7333070..5933f73 100644 --- a/.gitea/workflows/release.yaml +++ b/.gitea/workflows/release.yaml @@ -22,6 +22,32 @@ jobs: - name: Package tarball run: npx @kinvolk/headlamp-plugin package + - name: Compute tarball checksum + run: | + TARBALL=$(ls *.tar.gz) + CHECKSUM=$(sha256sum "$TARBALL" | awk '{print $1}') + echo "TARBALL=$TARBALL" >> $GITHUB_ENV + echo "CHECKSUM=$CHECKSUM" >> $GITHUB_ENV + echo "Tarball: $TARBALL" + echo "Checksum: sha256:$CHECKSUM" + + - name: Update artifacthub-pkg.yml on main + run: | + VERSION=${GITHUB_REF_NAME#v} + sed -i "s|headlamp/plugin/archive-checksum:.*|headlamp/plugin/archive-checksum: sha256:${CHECKSUM}|" artifacthub-pkg.yml + sed -i "s|headlamp/plugin/archive-url:.*|headlamp/plugin/archive-url: \"https://github.com/cpfarhood/polaris-headlamp-plugin/releases/download/${GITHUB_REF_NAME}/polaris-headlamp-plugin-${VERSION}.tar.gz\"|" artifacthub-pkg.yml + sed -i "s|^version:.*|version: ${VERSION}|" artifacthub-pkg.yml + FILE_SHA=$(curl -sf \ + -H "Authorization: token ${{ github.token }}" \ + "${{ github.server_url }}/api/v1/repos/${{ github.repository }}/contents/artifacthub-pkg.yml?ref=main" \ + | node -e "process.stdin.resume();let d='';process.stdin.on('data',c=>d+=c);process.stdin.on('end',()=>console.log(JSON.parse(d).sha))") + CONTENT=$(base64 -w 0 artifacthub-pkg.yml) + curl -sf -X PUT \ + -H "Authorization: token ${{ github.token }}" \ + -H "Content-Type: application/json" \ + "${{ github.server_url }}/api/v1/repos/${{ github.repository }}/contents/artifacthub-pkg.yml" \ + -d "{\"content\":\"${CONTENT}\",\"sha\":\"${FILE_SHA}\",\"message\":\"ci: update artifact hub metadata for ${GITHUB_REF_NAME}\",\"branch\":\"main\"}" + - name: Install Docker CLI run: apt-get update && apt-get install -y docker.io @@ -34,9 +60,35 @@ jobs: docker push git.farh.net/${{ github.repository }}:${{ github.ref_name }} docker push git.farh.net/${{ github.repository }}:latest - - name: Create release + - name: Create Gitea release uses: akkuman/gitea-release-action@v1 with: files: | *.tar.gz token: ${{ github.token }} + + - name: Create GitHub release + continue-on-error: true + run: | + RELEASE_RESPONSE=$(curl -s -w "\n%{http_code}" -X POST \ + -H "Authorization: token ${{ secrets.GH_PAT }}" \ + -H "Accept: application/vnd.github+json" \ + "https://api.github.com/repos/cpfarhood/polaris-headlamp-plugin/releases" \ + -d "{\"tag_name\":\"${GITHUB_REF_NAME}\",\"name\":\"${GITHUB_REF_NAME}\",\"generate_release_notes\":true}") + HTTP_CODE=$(echo "$RELEASE_RESPONSE" | tail -1) + BODY=$(echo "$RELEASE_RESPONSE" | sed '$d') + if [ "$HTTP_CODE" = "422" ]; then + echo "Release already exists, fetching it..." + BODY=$(curl -sf \ + -H "Authorization: token ${{ secrets.GH_PAT }}" \ + -H "Accept: application/vnd.github+json" \ + "https://api.github.com/repos/cpfarhood/polaris-headlamp-plugin/releases/tags/${GITHUB_REF_NAME}") + fi + RELEASE_ID=$(echo "$BODY" | node -e "process.stdin.resume();let d='';process.stdin.on('data',c=>d+=c);process.stdin.on('end',()=>console.log(JSON.parse(d).id))") + echo "Release ID: $RELEASE_ID" + curl -sf -X POST \ + -H "Authorization: token ${{ secrets.GH_PAT }}" \ + -H "Content-Type: application/gzip" \ + "https://uploads.github.com/repos/cpfarhood/polaris-headlamp-plugin/releases/${RELEASE_ID}/assets?name=${TARBALL}" \ + --data-binary "@${TARBALL}" + echo "GitHub release created with same tarball (checksum guaranteed to match)" diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 1dc3d80..a96e898 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,4 +1,4 @@ -name: GitHub Release +name: GitHub Release (fallback) on: push: @@ -12,25 +12,44 @@ jobs: release: runs-on: ubuntu-latest steps: + - name: Check if release already exists + id: check + run: | + if gh release view "${{ github.ref_name }}" --repo "${{ github.repository }}" &>/dev/null; then + echo "Release ${{ github.ref_name }} already exists (created by Gitea CI), skipping." + echo "exists=true" >> "$GITHUB_OUTPUT" + else + echo "No existing release found, building as fallback." + echo "exists=false" >> "$GITHUB_OUTPUT" + fi + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + - name: Checkout + if: steps.check.outputs.exists == 'false' uses: actions/checkout@v4 - name: Setup Node.js + if: steps.check.outputs.exists == 'false' uses: actions/setup-node@v4 with: node-version: '20' cache: 'npm' - name: Install dependencies + if: steps.check.outputs.exists == 'false' run: npm ci - name: Build plugin + if: steps.check.outputs.exists == 'false' run: npx @kinvolk/headlamp-plugin build - name: Package tarball + if: steps.check.outputs.exists == 'false' run: npx @kinvolk/headlamp-plugin package - name: Create GitHub Release + if: steps.check.outputs.exists == 'false' uses: softprops/action-gh-release@v2 with: files: "*.tar.gz" diff --git a/artifacthub-pkg.yml b/artifacthub-pkg.yml index fee7f0c..e9606ea 100644 --- a/artifacthub-pkg.yml +++ b/artifacthub-pkg.yml @@ -1,4 +1,4 @@ -version: 0.0.1 +version: 0.0.2 name: polaris-headlamp-plugin displayName: Polaris createdAt: "2026-02-05T19:00:00Z" @@ -24,5 +24,5 @@ maintainers: annotations: headlamp/plugin/archive-url: "https://github.com/cpfarhood/polaris-headlamp-plugin/releases/download/v0.0.1/polaris-headlamp-plugin-0.0.1.tar.gz" headlamp/plugin/version-compat: ">=0.26" - headlamp/plugin/archive-checksum: sha256:456f09cf8b126816b80c723b6c6f300b2af0c2e1288ee67da13f435b0e35c04d + headlamp/plugin/archive-checksum: sha256:f76db2b6f6944341fad3d61e2250d2d73d64529d1c22333ca4678ba16fa5f300 headlamp/plugin/distro-compat: in-cluster diff --git a/package.json b/package.json index b241c71..d5cd1ae 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "polaris-headlamp-plugin", - "version": "0.0.1", + "version": "0.0.2", "description": "Headlamp plugin for Fairwinds Polaris audit results", "scripts": { "start": "headlamp-plugin start",