ci: replace find-image script with versionsapi cli

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2024-10-01 01:36:09 -04:00 · 2022-12-30 10:27:03 +01:00 · 2022-12-30 10:27:03 +01:00 · e1a0a01ac3
commit e1a0a01ac3
parent 3561a16819
3 changed files with 10 additions and 169 deletions
--- a/.github/actions/find_latest_image/action.yaml
+++ b/.github/actions/find_latest_image/action.yaml
@ -22,17 +22,19 @@ runs:
    - name: Login to AWS
      uses: aws-actions/configure-aws-credentials@67fbcbb121271f7775d2e7715933280b06314838 # v1.7.0
      with:
-        role-to-assume: arn:aws:iam::795746500882:role/GithubConstellationImageFinder
+        role-to-assume: arn:aws:iam::795746500882:role/GithubConstellationVersionsAPIRead
        aws-region: eu-central-1

+    - name: Build versionsapi CLI
+      shell: bash
+      working-directory: internal/versionsapi/cli
+      run: go build -o versionsapi
+
    - name: Find latest image
      id: find-latest-image
      shell: bash
-      env:
-        ref: ${{ inputs.ref }}
-        stream: ${{ inputs.stream }}
+      working-directory: internal/versionsapi/cli
      run: |
-        image=$(./find-image.sh --ref "${ref}" --stream "${stream}")
+        image=$(./versionsapi latest --ref "${{ inputs.ref }}" --stream "${{ inputs.stream }}")
        echo "image=${image}" >> "${GITHUB_OUTPUT}"
-        echo "Found image '${image}'."
-      working-directory: hack/api
+        echo "Found image ${image}."
--- a/debugd/README.md
+++ b/debugd/README.md
@ -22,7 +22,7 @@ With `cdbg` and `yq` installed in your path:

 1. Run `constellation config generate` to create a new default configuration

-2. Locate the latest debugd images by running `hack/api/find-image.sh --ref main --stream debug`
+2. Locate the latest debugd images by running `(cd internal/versionsapi/cli && go build -o versionsapi . && ./versionsapi latest --ref main --stream debug)`

 3. Modify the `constellation-conf.yaml` to use an image with the debugd already included and add required firewall rules:

--- a/hack/api/find-image.sh
+++ b/hack/api/find-image.sh
@ -1,161 +0,0 @@
-#!/usr/bin/env bash
-# Copyright (c) Edgeless Systems GmbH
-#
-# SPDX-License-Identifier: AGPL-3.0-only
-
-set -euo pipefail
-shopt -s inherit_errexit
-
-ref="-"
-stream="stable"
-json=false
-cdn_url="https://cdn.confidential.cloud"
-
-function usage() {
-  cat << 'EOF'
-Usage: find-image.sh [options] [command]
-
-Options:
-  -r, --ref <ref>        Ref to search for (default: "-")
-  -s, --stream <stream>  Stream to search for (default: "stable")
-  --json                 Output JSON instead of shortname(s)
-  --help                 Show this help
-
-Commands:
-  latest                 Find latest image for ref and stream
-  list                   List all images for ref and stream
-EOF
-}
-
-POSITIONAL_ARGS=()
-
-while [[ $# -gt 0 ]]; do
-  case $1 in
-  -r | --ref)
-    # Canonicalize ref format (e.g. "feat/foo/bar" -> "feat-foo-bar")
-    ref=$(echo -n "$2" | tr -c '[:alnum:]' '-')
-    shift # past argument
-    shift # past value
-    ;;
-  -s | --stream)
-    stream="$2"
-    shift # past argument
-    shift # past value
-    ;;
-  --json)
-    json=true
-    shift # past argument
-    ;;
-  --help)
-    usage
-    exit 0
-    ;;
-  -*)
-    echo "Unknown option $1"
-    echo
-    usage
-    exit 1
-    ;;
-  *)
-    POSITIONAL_ARGS+=("$1") # save positional arg
-    shift                   # past argument
-    ;;
-  esac
-done
-
-set -- "${POSITIONAL_ARGS[@]}" # restore positional parameters
-
-# shortname <ref> <stream> <version>
-function shortname() {
-  shortname=""
-
-  if [[ ${ref} != "-" ]]; then
-    shortname+="ref/${1}/"
-  fi
-
-  if [[ ${stream} != "stable" ]]; then
-    shortname+="stream/${2}/"
-  fi
-
-  shortname+="${3}"
-
-  echo "${shortname}"
-}
-
-function latest() {
-  latest_path="constellation/v1/ref/${ref}/stream/${stream}/versions/latest/image.json"
-  latest_url="${cdn_url}/${latest_path}"
-
-  latest_status=$(curl -s -o /dev/null -w "%{http_code}" "${latest_url}")
-  if [[ ${latest_status} != "200" ]]; then
-    echo "[Error] No image found for ref ${ref} and stream ${stream} (${latest_status})"
-    exit 1
-  fi
-
-  latest_json=$(curl -sL "${latest_url}")
-
-  if [[ ${json} == true ]]; then
-    jq <<< "${latest_json}"
-    exit 0
-  fi
-
-  latest_version=$(echo "${latest_json}" | jq -r '.version')
-
-  shortname "${ref}" "${stream}" "${latest_version}"
-  exit 0
-}
-
-function list() {
-  major="v2"
-  list_path="constellation/v1/ref/${ref}/stream/${stream}/versions/major/${major}/image.json"
-  list_url="${cdn_url}/${list_path}"
-
-  list_status=$(curl -s -o /dev/null -w "%{http_code}" "${list_url}")
-  if [[ ${list_status} != "200" ]]; then
-    echo "[Error] No minor image list found for ref ${ref} and stream ${stream} and version ${major} (${list_status})"
-    exit 1
-  fi
-
-  minor_list=$(curl -sL "${list_url}" | jq -r '.versions[]')
-
-  for minor in ${minor_list}; do
-    list_path="constellation/v1/ref/${ref}/stream/${stream}/versions/minor/${minor}/image.json"
-    list_url="${cdn_url}/${list_path}"
-
-    list_status=$(curl -s -o /dev/null -w "%{http_code}" "${list_url}")
-    if [[ ${list_status} != "200" ]]; then
-      echo "[Error] No patch image list found for ref ${ref} and stream ${stream} and version ${minor} (${list_status})"
-      exit 1
-    fi
-
-    patch_list="${patch_list-""} $(curl -sL "${list_url}" | jq -r '.versions[]')"
-  done
-
-  if [[ ${json} == true ]]; then
-    out="{}"
-    out=$(jq <<< "${out}" --arg ref "${ref}" '.ref = $ref')
-    out=$(jq <<< "${out}" --arg stream "${stream}" '.stream = $stream')
-    for patch in ${patch_list}; do
-      out=$(jq <<< "${out}" --arg patch "${patch}" '.versions += [$patch]')
-    done
-    jq <<< "${out}"
-    exit 0
-  fi
-
-  for version in ${patch_list}; do
-    shortname "${ref}" "${stream}" "${version}"
-  done
-  exit 0
-}
-
-case ${1-"latest"} in
-"list")
-  list
-  ;;
-"latest")
-  latest
-  ;;
-*)
-  echo "Unknown command $1"
-  ;;
-esac