From 088d05afa8bcaa0760214e6234117924b2119eaa Mon Sep 17 00:00:00 2001 From: ajaskolski Date: Thu, 13 Nov 2025 12:02:23 +0100 Subject: [PATCH 1/3] fix(ci): get latest tag for catalog remote tests --- .github/workflows/pull-request-main.yml | 45 +++++++++++++++++++++++-- .github/workflows/schedule-main.yml | 45 +++++++++++++++++++++++-- 2 files changed, 84 insertions(+), 6 deletions(-) diff --git a/.github/workflows/pull-request-main.yml b/.github/workflows/pull-request-main.yml index 9b940b715..848c78a80 100644 --- a/.github/workflows/pull-request-main.yml +++ b/.github/workflows/pull-request-main.yml @@ -79,9 +79,46 @@ jobs: id-token: write contents: read actions: read - env: - CATALOG_SERVICE_IMAGE: ${{ secrets.AWS_ACCOUNT_NUMBER_PROD }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com/op-catalog-service:latest steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Configure AWS credentials for ECR + uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 + with: + role-to-assume: ${{ secrets.ECR_READ_ROLE_ARN }} + aws-region: ${{ secrets.AWS_REGION }} + + - name: Get latest catalog service tag from ECR + id: get-catalog-tag + run: | + # Fetch the latest image tag from ECR based on push date + # Get the most recently pushed image's tags and find the highest semver tag + LATEST_TAG=$(aws ecr describe-images \ + --repository-name op-catalog-service \ + --region ${{ secrets.AWS_REGION }} \ + --registry-id ${{ secrets.AWS_ACCOUNT_NUMBER_PROD }} \ + --query 'reverse(sort_by(imageDetails,& imagePushedAt))' \ + --output json | \ + jq -r ' + .[] | + select(.imageTags != null) | + .imageTags[] | + select(test("^v[0-9]+\\.[0-9]+\\.[0-9]+$")) + ' | \ + sed 's/^v//' | \ + sort -t. -k1,1n -k2,2n -k3,3n | \ + tail -1 | \ + sed 's/^/v/') + + if [[ -z "${LATEST_TAG}" ]]; then + echo "::error::Could not find a valid semantic version tag in ECR" + exit 1 + fi + + echo "Latest catalog service tag from ECR: ${LATEST_TAG}" + echo "tag=${LATEST_TAG}" >> "${GITHUB_OUTPUT}" + - name: Pull Catalog Service ECR Image uses: smartcontractkit/.github/actions/pull-private-ecr-image@2f8f0baf38e46140c6a119eb551a56eaaabcc09e # pull-private-ecr-image@1.0.0 with: @@ -89,7 +126,7 @@ jobs: aws-region: ${{ secrets.AWS_REGION }} aws-role-arn: ${{ secrets.ECR_READ_ROLE_ARN }} ecr-repository: "op-catalog-service" - image-tag: "latest" + image-tag: ${{ steps.get-catalog-tag.outputs.tag }} - name: Run Catalog Remote Integration Tests uses: smartcontractkit/.github/actions/ci-test-go@dfcba48f05933158428bce867d790e3d5a9baa6b # ci-test-go@1.1.0 @@ -98,6 +135,8 @@ jobs: go-test-cmd: cd datastore/catalog/remote && go test -v -race -timeout 10m -gcflags=all=-d=checkptr=0 -coverprofile=../../../coverage.txt use-go-cache: true artifact-name: catalog-remote-tests + env: + CATALOG_SERVICE_IMAGE: ${{ secrets.AWS_ACCOUNT_NUMBER_PROD }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com/op-catalog-service:${{ steps.get-catalog-tag.outputs.tag }} sonarqube: name: Sonar Scan diff --git a/.github/workflows/schedule-main.yml b/.github/workflows/schedule-main.yml index 1505a1186..f4f1e5a00 100644 --- a/.github/workflows/schedule-main.yml +++ b/.github/workflows/schedule-main.yml @@ -75,9 +75,46 @@ jobs: id-token: write contents: read actions: read - env: - CATALOG_SERVICE_IMAGE: ${{ secrets.AWS_ACCOUNT_NUMBER_PROD }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com/op-catalog-service:latest steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Configure AWS credentials for ECR + uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 + with: + role-to-assume: ${{ secrets.ECR_READ_ROLE_ARN }} + aws-region: ${{ secrets.AWS_REGION }} + + - name: Get latest catalog service tag from ECR + id: get-catalog-tag + run: | + # Fetch the latest image tag from ECR based on push date + # Get the most recently pushed image's tags and find the highest semver tag + LATEST_TAG=$(aws ecr describe-images \ + --repository-name op-catalog-service \ + --region ${{ secrets.AWS_REGION }} \ + --registry-id ${{ secrets.AWS_ACCOUNT_NUMBER_PROD }} \ + --query 'reverse(sort_by(imageDetails,& imagePushedAt))' \ + --output json | \ + jq -r ' + .[] | + select(.imageTags != null) | + .imageTags[] | + select(test("^v[0-9]+\\.[0-9]+\\.[0-9]+$")) + ' | \ + sed 's/^v//' | \ + sort -t. -k1,1n -k2,2n -k3,3n | \ + tail -1 | \ + sed 's/^/v/') + + if [[ -z "${LATEST_TAG}" ]]; then + echo "::error::Could not find a valid semantic version tag in ECR" + exit 1 + fi + + echo "Latest catalog service tag from ECR: ${LATEST_TAG}" + echo "tag=${LATEST_TAG}" >> "${GITHUB_OUTPUT}" + - name: Pull Catalog Service ECR Image uses: smartcontractkit/.github/actions/pull-private-ecr-image@2f8f0baf38e46140c6a119eb551a56eaaabcc09e # pull-private-ecr-image@1.0.0 with: @@ -85,7 +122,7 @@ jobs: aws-region: ${{ secrets.AWS_REGION }} aws-role-arn: ${{ secrets.ECR_READ_ROLE_ARN }} ecr-repository: "op-catalog-service" - image-tag: "latest" + image-tag: ${{ steps.get-catalog-tag.outputs.tag }} - name: Run Catalog Remote Integration Tests uses: smartcontractkit/.github/actions/ci-test-go@dfcba48f05933158428bce867d790e3d5a9baa6b # ci-test-go@1.1.0 @@ -94,6 +131,8 @@ jobs: go-test-cmd: cd datastore/catalog/remote && go test -v -race -timeout 10m -gcflags=all=-d=checkptr=0 -coverprofile=../../../coverage.txt use-go-cache: true artifact-name: catalog-remote-tests + env: + CATALOG_SERVICE_IMAGE: ${{ secrets.AWS_ACCOUNT_NUMBER_PROD }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com/op-catalog-service:${{ steps.get-catalog-tag.outputs.tag }} sonarqube: name: Sonar Scan From 4ad1e276ce5738f55f1ba1232a297373a78af571 Mon Sep 17 00:00:00 2001 From: ajaskolski Date: Thu, 13 Nov 2025 13:22:07 +0100 Subject: [PATCH 2/3] simplify code logic --- .github/workflows/pull-request-main.yml | 16 ++++------------ .github/workflows/schedule-main.yml | 16 ++++------------ 2 files changed, 8 insertions(+), 24 deletions(-) diff --git a/.github/workflows/pull-request-main.yml b/.github/workflows/pull-request-main.yml index 848c78a80..7ebd2fe49 100644 --- a/.github/workflows/pull-request-main.yml +++ b/.github/workflows/pull-request-main.yml @@ -93,23 +93,15 @@ jobs: id: get-catalog-tag run: | # Fetch the latest image tag from ECR based on push date - # Get the most recently pushed image's tags and find the highest semver tag + # Get images sorted by push date (latest first) and take the first semver tag LATEST_TAG=$(aws ecr describe-images \ --repository-name op-catalog-service \ --region ${{ secrets.AWS_REGION }} \ --registry-id ${{ secrets.AWS_ACCOUNT_NUMBER_PROD }} \ - --query 'reverse(sort_by(imageDetails,& imagePushedAt))' \ + --query 'reverse(sort_by(imageDetails,& imagePushedAt))[0].imageTags' \ --output json | \ - jq -r ' - .[] | - select(.imageTags != null) | - .imageTags[] | - select(test("^v[0-9]+\\.[0-9]+\\.[0-9]+$")) - ' | \ - sed 's/^v//' | \ - sort -t. -k1,1n -k2,2n -k3,3n | \ - tail -1 | \ - sed 's/^/v/') + jq -r '.[] | select(test("^v[0-9]+\\.[0-9]+\\.[0-9]+$"))' | \ + head -1) if [[ -z "${LATEST_TAG}" ]]; then echo "::error::Could not find a valid semantic version tag in ECR" diff --git a/.github/workflows/schedule-main.yml b/.github/workflows/schedule-main.yml index f4f1e5a00..3c98452fd 100644 --- a/.github/workflows/schedule-main.yml +++ b/.github/workflows/schedule-main.yml @@ -89,23 +89,15 @@ jobs: id: get-catalog-tag run: | # Fetch the latest image tag from ECR based on push date - # Get the most recently pushed image's tags and find the highest semver tag + # Get images sorted by push date (latest first) and take the first semver tag LATEST_TAG=$(aws ecr describe-images \ --repository-name op-catalog-service \ --region ${{ secrets.AWS_REGION }} \ --registry-id ${{ secrets.AWS_ACCOUNT_NUMBER_PROD }} \ - --query 'reverse(sort_by(imageDetails,& imagePushedAt))' \ + --query 'reverse(sort_by(imageDetails,& imagePushedAt))[0].imageTags' \ --output json | \ - jq -r ' - .[] | - select(.imageTags != null) | - .imageTags[] | - select(test("^v[0-9]+\\.[0-9]+\\.[0-9]+$")) - ' | \ - sed 's/^v//' | \ - sort -t. -k1,1n -k2,2n -k3,3n | \ - tail -1 | \ - sed 's/^/v/') + jq -r '.[] | select(test("^v[0-9]+\\.[0-9]+\\.[0-9]+$"))' | \ + head -1) if [[ -z "${LATEST_TAG}" ]]; then echo "::error::Could not find a valid semantic version tag in ECR" From 2d95e71df2acf0c43a0c36202e47dd8f138079ef Mon Sep 17 00:00:00 2001 From: ajaskolski Date: Thu, 13 Nov 2025 13:24:18 +0100 Subject: [PATCH 3/3] fix --- .github/workflows/pull-request-main.yml | 17 +++++++++++------ .github/workflows/schedule-main.yml | 17 +++++++++++------ 2 files changed, 22 insertions(+), 12 deletions(-) diff --git a/.github/workflows/pull-request-main.yml b/.github/workflows/pull-request-main.yml index 7ebd2fe49..a8a6d6624 100644 --- a/.github/workflows/pull-request-main.yml +++ b/.github/workflows/pull-request-main.yml @@ -92,18 +92,23 @@ jobs: - name: Get latest catalog service tag from ECR id: get-catalog-tag run: | - # Fetch the latest image tag from ECR based on push date - # Get images sorted by push date (latest first) and take the first semver tag + # Fetch the latest semantic version tag from ECR + # Sort images by push date (latest first) and find the first semver tag LATEST_TAG=$(aws ecr describe-images \ --repository-name op-catalog-service \ --region ${{ secrets.AWS_REGION }} \ --registry-id ${{ secrets.AWS_ACCOUNT_NUMBER_PROD }} \ - --query 'reverse(sort_by(imageDetails,& imagePushedAt))[0].imageTags' \ + --query 'reverse(sort_by(imageDetails,& imagePushedAt))' \ --output json | \ - jq -r '.[] | select(test("^v[0-9]+\\.[0-9]+\\.[0-9]+$"))' | \ - head -1) + jq -r ' + [.[] | + select(.imageTags != null) | + .imageTags[] | + select(test("^v[0-9]+\\.[0-9]+\\.[0-9]+$")) + ] | first + ') - if [[ -z "${LATEST_TAG}" ]]; then + if [[ -z "${LATEST_TAG}" ]] || [[ "${LATEST_TAG}" == "null" ]]; then echo "::error::Could not find a valid semantic version tag in ECR" exit 1 fi diff --git a/.github/workflows/schedule-main.yml b/.github/workflows/schedule-main.yml index 3c98452fd..da24af6f0 100644 --- a/.github/workflows/schedule-main.yml +++ b/.github/workflows/schedule-main.yml @@ -88,18 +88,23 @@ jobs: - name: Get latest catalog service tag from ECR id: get-catalog-tag run: | - # Fetch the latest image tag from ECR based on push date - # Get images sorted by push date (latest first) and take the first semver tag + # Fetch the latest semantic version tag from ECR + # Sort images by push date (latest first) and find the first semver tag LATEST_TAG=$(aws ecr describe-images \ --repository-name op-catalog-service \ --region ${{ secrets.AWS_REGION }} \ --registry-id ${{ secrets.AWS_ACCOUNT_NUMBER_PROD }} \ - --query 'reverse(sort_by(imageDetails,& imagePushedAt))[0].imageTags' \ + --query 'reverse(sort_by(imageDetails,& imagePushedAt))' \ --output json | \ - jq -r '.[] | select(test("^v[0-9]+\\.[0-9]+\\.[0-9]+$"))' | \ - head -1) + jq -r ' + [.[] | + select(.imageTags != null) | + .imageTags[] | + select(test("^v[0-9]+\\.[0-9]+\\.[0-9]+$")) + ] | first + ') - if [[ -z "${LATEST_TAG}" ]]; then + if [[ -z "${LATEST_TAG}" ]] || [[ "${LATEST_TAG}" == "null" ]]; then echo "::error::Could not find a valid semantic version tag in ECR" exit 1 fi