diff --git a/.github/workflows/release-docker.yml b/.github/workflows/release-docker.yml index d3484654bac..ddc04fd14b1 100644 --- a/.github/workflows/release-docker.yml +++ b/.github/workflows/release-docker.yml @@ -16,6 +16,11 @@ jobs: VERSION_WITHOUT_V=${VERSION:1} echo "value=${VERSION_WITHOUT_V}" >> $GITHUB_OUTPUT + - name : Checkout repository + uses: actions/checkout@v4 + with: + ref: tags/${{ github.event.release.tag_name }} + - name: Set Up QEMU uses: docker/setup-qemu-action@v2 @@ -28,10 +33,6 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - # This workflow triggers on GitHub Release, but it may start before the npm package is published. - - name: Sleep for 30 sec - run: sleep 30s - - name: Build Image uses: docker/build-push-action@v4 with: diff --git a/.github/workflows/upload-release-assets.yml b/.github/workflows/upload-release-assets.yml index f9c979955ad..b56e0eb6689 100644 --- a/.github/workflows/upload-release-assets.yml +++ b/.github/workflows/upload-release-assets.yml @@ -1,16 +1,13 @@ name: Upload custom assets to GitHub release on: - # It cannot run on release event as when release is created then version is not yet bumped in package.json - # This means we cannot extract easily latest version and have a risk that package is not yet on npm - push: - branches: - - master + release: + types: + - published jobs: upload-assets: name: Generate and upload assets - if: startsWith(github.event.commits[0].message, 'chore(release):') runs-on: ${{ matrix.os }} continue-on-error: true strategy: diff --git a/.sonarcloud.properties b/.sonarcloud.properties index 0657ce6336b..fbba2f0d869 100644 --- a/.sonarcloud.properties +++ b/.sonarcloud.properties @@ -1 +1,9 @@ -sonar.exclusions=test/**/* \ No newline at end of file +sonar.exclusions=test/**/*,Dockerfile +sonar.issue.ignore.multicriteria=e1,e2 + +# Exclude copy recursively and root user issue in Dockerfile +sonar.issue.ignore.multicriteria.e1.ruleKey=docker:S6470 +sonar.issue.ignore.multicriteria.e1.resourceKey=**/Dockerfile + +sonar.issue.ignore.multicriteria.e2.ruleKey=docker:S6471 +sonar.issue.ignore.multicriteria.e2.resourceKey=**/Dockerfile diff --git a/CHANGELOG.md b/CHANGELOG.md index ea0999faf2d..acbad0fd933 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,13 @@ # @asyncapi/cli +## 2.14.0 + +### Minor Changes + +- 6839c8f: - Changed docker build to a source code based build + - Changed name of github action to avoid clash + - Fixed Docker and Release Pipeline + ## 2.13.1 ### Patch Changes diff --git a/Development.md b/DEVELOPMENT.md similarity index 100% rename from Development.md rename to DEVELOPMENT.md diff --git a/Dockerfile b/Dockerfile index c2d7945239f..bee568fe55f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,3 +1,30 @@ +FROM node:20-alpine AS build + +# Copy the source code +COPY ./ /tmp/source_code + +# Install dependencies +RUN cd /tmp/source_code && npm install --ignore-scripts + +# Build the source code +RUN cd /tmp/source_code && npm run build + +# create libraries directory +RUN mkdir -p /libraries + +# Copy the lib, bin, node_modules, and package.json files to the /libraries directory +RUN cp -r /tmp/source_code/lib /libraries +RUN cp -r /tmp/source_code/assets /libraries +RUN cp /tmp/source_code/package.json /libraries +RUN cp /tmp/source_code/package-lock.json /libraries +RUN cp /tmp/source_code/oclif.manifest.json /libraries + +# Copy the bin directory to the /libraries directory +RUN cp -r /tmp/source_code/bin /libraries + +# Remove everything inside /tmp +RUN rm -rf /tmp/* + FROM node:20-alpine # Set ARG to explicit value to build chosen version. Default is "latest" @@ -19,8 +46,20 @@ RUN apk --update add git chromium && \ rm -rf /var/lib/apt/lists/* && \ rm /var/cache/apk/* -# Installing latest released npm package -RUN npm install --ignore-scripts -g @asyncapi/cli@"$ASYNCAPI_CLI_VERSION" +# Copy the libraries directory from the build stage +COPY --from=build /libraries /libraries + +# Install the dependencies +RUN cd /libraries && npm install --production --ignore-scripts + +# Create a script that runs the desired command +RUN ln -s /libraries/bin/run_bin /usr/local/bin/asyncapi + +# Make the script executable +RUN chmod +x /usr/local/bin/asyncapi + +# Change ownership to non-root user +RUN chown -R myuser:myuser /libraries /usr/local/bin/asyncapi || echo "Failed to change ownership" RUN chown -R myuser:myuser /usr/local/lib/node_modules && \ chown -R myuser:myuser /usr/local/bin diff --git a/README.md b/README.md index 36ef6c70323..15d0f6e9005 100644 --- a/README.md +++ b/README.md @@ -32,7 +32,7 @@ Read [CONTRIBUTING](https://github.com/asyncapi/.github/blob/master/CONTRIBUTING ### Set up development environment -Read [Development.md](/Development.md) file for development setup. +Read [DEVELOPMENT.md](/DEVELOPMENT.md) file for development setup. Additional steps: diff --git a/action.yml b/action.yml index 1efd6ec4cb3..258c39ef712 100644 --- a/action.yml +++ b/action.yml @@ -38,7 +38,7 @@ runs: using: 'docker' # This is the image that will be used to run the action. # IMPORTANT: The version has to be changed manually in your PRs. - image: 'docker://asyncapi/github-action-for-cli:2.13.1' + image: 'docker://asyncapi/github-action-for-cli:2.14.0' args: - ${{ inputs.cli_version }} - ${{ inputs.command }} diff --git a/package.json b/package.json index 4ff50b16f4a..133d9799deb 100644 --- a/package.json +++ b/package.json @@ -1,7 +1,7 @@ { "name": "@asyncapi/cli", "description": "All in one CLI for all AsyncAPI tools", - "version": "2.13.1", + "version": "2.14.0", "author": "@asyncapi", "bin": { "asyncapi": "./bin/run_bin"