Skip to content

Commit b301941

Browse files
ajaskolskiajaskolski
authored
fix(ci): get latest created tag for catalog remote tests (#576)
We dont use `latest` tag anymore as we have settings for immutable tags. We need to get latest tag dynamically.
1 parent a1074b1 commit b301941

2 files changed

Lines changed: 78 additions & 6 deletions

File tree

.github/workflows/pull-request-main.yml

Lines changed: 39 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -79,17 +79,51 @@ jobs:
7979
id-token: write
8080
contents: read
8181
actions: read
82-
env:
83-
CATALOG_SERVICE_IMAGE: ${{ secrets.AWS_ACCOUNT_NUMBER_PROD }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com/op-catalog-service:latest
8482
steps:
83+
- name: Checkout code
84+
uses: actions/checkout@v4
85+
86+
- name: Configure AWS credentials for ECR
87+
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
88+
with:
89+
role-to-assume: ${{ secrets.ECR_READ_ROLE_ARN }}
90+
aws-region: ${{ secrets.AWS_REGION }}
91+
92+
- name: Get latest catalog service tag from ECR
93+
id: get-catalog-tag
94+
run: |
95+
# Fetch the latest semantic version tag from ECR
96+
# Sort images by push date (latest first) and find the first semver tag
97+
LATEST_TAG=$(aws ecr describe-images \
98+
--repository-name op-catalog-service \
99+
--region ${{ secrets.AWS_REGION }} \
100+
--registry-id ${{ secrets.AWS_ACCOUNT_NUMBER_PROD }} \
101+
--query 'reverse(sort_by(imageDetails,& imagePushedAt))' \
102+
--output json | \
103+
jq -r '
104+
[.[] |
105+
select(.imageTags != null) |
106+
.imageTags[] |
107+
select(test("^v[0-9]+\\.[0-9]+\\.[0-9]+$"))
108+
] | first
109+
')
110+
111+
if [[ -z "${LATEST_TAG}" ]] || [[ "${LATEST_TAG}" == "null" ]]; then
112+
echo "::error::Could not find a valid semantic version tag in ECR"
113+
exit 1
114+
fi
115+
116+
echo "Latest catalog service tag from ECR: ${LATEST_TAG}"
117+
echo "tag=${LATEST_TAG}" >> "${GITHUB_OUTPUT}"
118+
85119
- name: Pull Catalog Service ECR Image
86120
uses: smartcontractkit/.github/actions/pull-private-ecr-image@2f8f0baf38e46140c6a119eb551a56eaaabcc09e # pull-private-ecr-image@1.0.0
87121
with:
88122
aws-account-number: ${{ secrets.AWS_ACCOUNT_NUMBER_PROD }}
89123
aws-region: ${{ secrets.AWS_REGION }}
90124
aws-role-arn: ${{ secrets.ECR_READ_ROLE_ARN }}
91125
ecr-repository: "op-catalog-service"
92-
image-tag: "latest"
126+
image-tag: ${{ steps.get-catalog-tag.outputs.tag }}
93127

94128
- name: Run Catalog Remote Integration Tests
95129
uses: smartcontractkit/.github/actions/ci-test-go@dfcba48f05933158428bce867d790e3d5a9baa6b # ci-test-go@1.1.0
@@ -98,6 +132,8 @@ jobs:
98132
go-test-cmd: cd datastore/catalog/remote && go test -v -race -timeout 10m -gcflags=all=-d=checkptr=0 -coverprofile=../../../coverage.txt
99133
use-go-cache: true
100134
artifact-name: catalog-remote-tests
135+
env:
136+
CATALOG_SERVICE_IMAGE: ${{ secrets.AWS_ACCOUNT_NUMBER_PROD }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com/op-catalog-service:${{ steps.get-catalog-tag.outputs.tag }}
101137

102138
sonarqube:
103139
name: Sonar Scan

.github/workflows/schedule-main.yml

Lines changed: 39 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -75,17 +75,51 @@ jobs:
7575
id-token: write
7676
contents: read
7777
actions: read
78-
env:
79-
CATALOG_SERVICE_IMAGE: ${{ secrets.AWS_ACCOUNT_NUMBER_PROD }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com/op-catalog-service:latest
8078
steps:
79+
- name: Checkout code
80+
uses: actions/checkout@v4
81+
82+
- name: Configure AWS credentials for ECR
83+
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
84+
with:
85+
role-to-assume: ${{ secrets.ECR_READ_ROLE_ARN }}
86+
aws-region: ${{ secrets.AWS_REGION }}
87+
88+
- name: Get latest catalog service tag from ECR
89+
id: get-catalog-tag
90+
run: |
91+
# Fetch the latest semantic version tag from ECR
92+
# Sort images by push date (latest first) and find the first semver tag
93+
LATEST_TAG=$(aws ecr describe-images \
94+
--repository-name op-catalog-service \
95+
--region ${{ secrets.AWS_REGION }} \
96+
--registry-id ${{ secrets.AWS_ACCOUNT_NUMBER_PROD }} \
97+
--query 'reverse(sort_by(imageDetails,& imagePushedAt))' \
98+
--output json | \
99+
jq -r '
100+
[.[] |
101+
select(.imageTags != null) |
102+
.imageTags[] |
103+
select(test("^v[0-9]+\\.[0-9]+\\.[0-9]+$"))
104+
] | first
105+
')
106+
107+
if [[ -z "${LATEST_TAG}" ]] || [[ "${LATEST_TAG}" == "null" ]]; then
108+
echo "::error::Could not find a valid semantic version tag in ECR"
109+
exit 1
110+
fi
111+
112+
echo "Latest catalog service tag from ECR: ${LATEST_TAG}"
113+
echo "tag=${LATEST_TAG}" >> "${GITHUB_OUTPUT}"
114+
81115
- name: Pull Catalog Service ECR Image
82116
uses: smartcontractkit/.github/actions/pull-private-ecr-image@2f8f0baf38e46140c6a119eb551a56eaaabcc09e # pull-private-ecr-image@1.0.0
83117
with:
84118
aws-account-number: ${{ secrets.AWS_ACCOUNT_NUMBER_PROD }}
85119
aws-region: ${{ secrets.AWS_REGION }}
86120
aws-role-arn: ${{ secrets.ECR_READ_ROLE_ARN }}
87121
ecr-repository: "op-catalog-service"
88-
image-tag: "latest"
122+
image-tag: ${{ steps.get-catalog-tag.outputs.tag }}
89123

90124
- name: Run Catalog Remote Integration Tests
91125
uses: smartcontractkit/.github/actions/ci-test-go@dfcba48f05933158428bce867d790e3d5a9baa6b # ci-test-go@1.1.0
@@ -94,6 +128,8 @@ jobs:
94128
go-test-cmd: cd datastore/catalog/remote && go test -v -race -timeout 10m -gcflags=all=-d=checkptr=0 -coverprofile=../../../coverage.txt
95129
use-go-cache: true
96130
artifact-name: catalog-remote-tests
131+
env:
132+
CATALOG_SERVICE_IMAGE: ${{ secrets.AWS_ACCOUNT_NUMBER_PROD }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com/op-catalog-service:${{ steps.get-catalog-tag.outputs.tag }}
97133

98134
sonarqube:
99135
name: Sonar Scan

0 commit comments

Comments
 (0)