Merge pull request #120 from WyriHaximus/prepare-for-v2

Prepare for v2

Author: WyriHaximus

.github/workflows/ci.yml

@@ -1,6 +1,5 @@
 name: Continuous Integration
 env:
-  DOCKER_IMAGE: wyrihaximusgithubactions/composer.lock-diff
   DOCKER_BUILDKIT: 1
 on:
   push:
@@ -49,16 +48,16 @@ jobs:
       - run: docker images
         env:
           REF: ${{ needs.generate-ref.outputs.ref }}
-      - run: docker build --no-cache -t "${DOCKER_IMAGE}:${REF}" ./generate-comments/ -f generate-comments/Dockerfile-build --target=runtime
+      - run: docker build --no-cache -t "$(echo "ghcr.io/${GITHUB_REPOSITORY}:${REF}" | tr '[:upper:]' '[:lower:]')" ./generate-comments/ -f generate-comments/Dockerfile-build --target=runtime
         env:
           REF: ${{ needs.generate-ref.outputs.ref }}
-      - run: docker tag "${DOCKER_IMAGE}:${REF}" "${DOCKER_IMAGE}:sha-${GITHUB_SHA}"
+      - run: docker tag "$(echo "ghcr.io/${GITHUB_REPOSITORY}:${REF}" | tr '[:upper:]' '[:lower:]')" "$(echo "ghcr.io/${GITHUB_REPOSITORY}:sha-${GITHUB_SHA}" | tr '[:upper:]' '[:lower:]')"
         env:
           REF: ${{ needs.generate-ref.outputs.ref }}
-      - run: echo -e "${DOCKER_IMAGE}:${REF}" | xargs -I % sh -c 'docker run -v /tmp/trivy:/var/lib/trivy -v /var/run/docker.sock:/var/run/docker.sock -t aquasec/trivy:latest --cache-dir /var/lib/trivy image --exit-code 1 --no-progress --format table %'
+      - run: echo -e "$(echo "ghcr.io/${GITHUB_REPOSITORY}:${REF}" | tr '[:upper:]' '[:lower:]')" | xargs -I % sh -c 'docker run -v /tmp/trivy:/var/lib/trivy -v /var/run/docker.sock:/var/run/docker.sock -t aquasec/trivy:latest --cache-dir /var/lib/trivy image --exit-code 1 --no-progress --format table %'
         env:
           REF: ${{ needs.generate-ref.outputs.ref }}
-      - run: docker save "${DOCKER_IMAGE}:sha-${GITHUB_SHA}" | gzip -9 > ./docker-image/image.tar
+      - run: docker save "$(echo "ghcr.io/${GITHUB_REPOSITORY}:sha-${GITHUB_SHA}" | tr '[:upper:]' '[:lower:]')" | gzip -9 > ./docker-image/image.tar
         if: github.actor == 'dependabot[bot]'
       - run: docker images
       - name: Upload Images
@@ -67,42 +66,22 @@ jobs:
         with:
           name: docker-image
           path: ./docker-image
-      - name: Login to Docker Hub
-        if: github.actor != 'dependabot[bot]'
-        env:
-          DOCKER_USER: ${{ secrets.HUB_USERNAME }}
-          DOCKER_PASSWORD: ${{ secrets.HUB_PASSCODE }}
-        run: |
-          echo "${{ secrets.DOCKER_PASSWORD }}" | \
-          docker login \
-            --username "${{ secrets.DOCKER_USER }}" \
-            --password-stdin
       - name: Login to GitHub Container Registry
         if: github.actor != 'dependabot[bot]'
         run: |
           echo "${{ secrets.GITHUB_TOKEN }}" | \
           docker login ghcr.io \
             --username "${GITHUB_ACTOR}" \
             --password-stdin
-      - name: Push branch image to Docker Hub
-        if: github.actor != 'dependabot[bot]'
-        run: docker push "${DOCKER_IMAGE}:${REF}"
-        env:
-          REF: ${{ needs.generate-ref.outputs.ref }}
       - name: Push branch image to GitHub Container Registry
         if: github.actor != 'dependabot[bot]'
         run: |
-          docker tag "${DOCKER_IMAGE}:${REF}" $(echo "ghcr.io/${GITHUB_REPOSITORY}:${REF}" | tr '[:upper:]' '[:lower:]')
           docker push $(echo "ghcr.io/${GITHUB_REPOSITORY}:${REF}" | tr '[:upper:]' '[:lower:]')
         env:
           REF: ${{ needs.generate-ref.outputs.ref }}
-      - name: Push commit sha image to Docker Hub
-        if: github.actor != 'dependabot[bot]'
-        run: docker push "${DOCKER_IMAGE}:sha-${GITHUB_SHA}"
       - name: Push commit sha image to GitHub Container Registry
         if: github.actor != 'dependabot[bot]'
         run: |
-          docker tag "${DOCKER_IMAGE}:sha-${GITHUB_SHA}" $(echo "ghcr.io/${GITHUB_REPOSITORY}:sha-${GITHUB_SHA}" | tr '[:upper:]' '[:lower:]')
           docker push $(echo "ghcr.io/${GITHUB_REPOSITORY}:sha-${GITHUB_SHA}" | tr '[:upper:]' '[:lower:]')
   comment-composer-lock-diff:
     name: Comment composer.lock diff
@@ -126,7 +105,7 @@ jobs:
       - run: docker load --input ./docker-image/image.tar
         if: github.actor == 'dependabot[bot]'
       - run: git branch
-      - run: sed -i $(echo "s/main/sha-$GITHUB_SHA/g") generate-comments/Dockerfile
+      - run: sed -i $(echo "s/main/sha-$GITHUB_SHA/g") action.yaml
       - name: Comment composer.lock diff
         if: github.actor != 'dependabot[bot]'
         uses: ./

.github/workflows/composer-diff.yaml

@@ -25,6 +25,6 @@ jobs:
           ref: ${{ github.event.pull_request.head.sha }}
           fetch-depth: 0
       - name: Comment composer.lock diff
-        uses: WyriHaximus/github-action-composer.lock-diff@v1
+        uses: WyriHaximus/github-action-composer.lock-diff@v2
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/craft-release.yaml

@@ -1,6 +1,5 @@
 name: Create Release
 env:
-  DOCKER_IMAGE: wyrihaximusgithubactions/composer.lock-diff
   MILESTONE: ${{ github.event.milestone.title }}
 on:
   milestone:
@@ -79,15 +78,6 @@ jobs:
         version: ${{ fromJson(needs.generate-version-strategy.outputs.docker_versions) }}
     runs-on: ubuntu-latest
     steps:
-      - name: Login to Docker Hub
-        env:
-          DOCKER_USER: ${{ secrets.HUB_USERNAME }}
-          DOCKER_PASSWORD: ${{ secrets.HUB_PASSCODE }}
-        run: |
-          echo "${{ secrets.DOCKER_PASSWORD }}" | \
-          docker login \
-            --username "${{ secrets.DOCKER_USER }}" \
-            --password-stdin
       - name: Login to GitHub Container Registry
         if: github.actor != 'dependabot[bot]'
         run: |
@@ -96,14 +86,11 @@ jobs:
             --username "${GITHUB_ACTOR}" \
             --password-stdin
       - name: Pull source image
-        run: docker pull "${DOCKER_IMAGE}:sha-${GITHUB_SHA}"
+        run: docker pull "$(echo "ghcr.io/${GITHUB_REPOSITORY}:sha-${GITHUB_SHA}" | tr '[:upper:]' '[:lower:]')"
       - name: Retag images for release
         run: | 
-          docker tag "${DOCKER_IMAGE}:sha-${GITHUB_SHA}" "${DOCKER_IMAGE}:${{ matrix.version }}"
-          docker tag "${DOCKER_IMAGE}:sha-${GITHUB_SHA}" $(echo "ghcr.io/${GITHUB_REPOSITORY}:${{ matrix.version }}" | tr '[:upper:]' '[:lower:]')
+          docker tag "$(echo "ghcr.io/${GITHUB_REPOSITORY}:sha-${GITHUB_SHA}" | tr '[:upper:]' '[:lower:]')" $(echo "ghcr.io/${GITHUB_REPOSITORY}:${{ matrix.version }}" | tr '[:upper:]' '[:lower:]')
       - run: docker images
-      - name: Push release images to Docker Hub
-        run: docker push "${DOCKER_IMAGE}:${{ matrix.version }}"
       - name: Push release images to GitHub Container Registry
         run: docker push $(echo "ghcr.io/${GITHUB_REPOSITORY}:${{ matrix.version }}" | tr '[:upper:]' '[:lower:]')
   create-release:
@@ -120,7 +107,7 @@ jobs:
       - uses: actions/checkout@v1
       - name: Create release/${{ matrix.version }} branch
         run: git checkout -b release/${{ matrix.version }} ${GITHUB_SHA}
-      - run: sed -i 's/main/${{ matrix.version }}/g' Dockerfile
+      - run: sed -i 's/main/${{ matrix.version }}/g' action.yaml
       - run: cat Dockerfile
       - run: git add Dockerfile
       - run: git status

README.md

@@ -64,7 +64,7 @@ jobs:
           ref: ${{ github.event.pull_request.head.sha }}
           fetch-depth: 0
       - name: Comment composer.lock diff
-        uses: WyriHaximus/github-action-composer.lock-diff@v1
+        uses: WyriHaximus/github-action-composer.lock-diff@v2
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 ```

action.yaml

@@ -33,11 +33,6 @@ runs:
             owner: context.payload.repository.owner.login,
             repo: context.payload.repository.name,
           }));
-          console.log({
-              timeout: timeout,
-              mcs: pr.data.merge_commit_sha,
-              mergeable_state: pr.data.mergeable_state,
-          });
           while (timeout < 60000 && pr.data.merge_commit_sha == null) {
             timeout *= 2;
             await new Promise(r => setTimeout(r, timeout));
@@ -46,22 +41,12 @@ runs:
               owner: context.payload.repository.owner.login,
               repo: context.payload.repository.name,
             }));
-            console.log({
-                timeout: timeout,
-                mcs: pr.data.merge_commit_sha,
-                mergeable_state: pr.data.mergeable_state,
-            });
           }
           pr = (await github.rest.pulls.get({
             pull_number: context.payload.pull_request.number,
             owner: context.payload.repository.owner.login,
             repo: context.payload.repository.name,
           }));
-          console.log({
-              timeout: timeout,
-              mcs: pr.data.merge_commit_sha,
-              mergeable_state: pr.data.mergeable_state,
-          });
           require('fs').appendFileSync(process.env.GITHUB_OUTPUT, `sha=${pr.data.merge_commit_sha}\n`);
     #          const requests = Array.from({length: 8}, (v, i) => 500 * Math.pow(2, i)).map(timeout => resolveShaAfterTimeout(timeout));
     #          console.log(requests);
@@ -87,26 +72,6 @@ runs:
         ref: ${{ github.event.pull_request.base.ref }}
         fetch-depth: 1
         path: .wyrihaximus-composer.lock-diff/checkout/base-ref
-#    - name: Attempt to get branch point composer.lock
-#      shell: bash
-#      run: |
-#        cd .wyrihaximus-composer.lock-diff/checkout/head-sha
-#
-#        branchPoint=$(
-#          git log --no-merges --graph --oneline --decorate origin/${{ github.event.pull_request.base.ref }}..$(git branch --show-current) | \
-#          tac | \
-#          grep -o '[a-f0-9]\{7,11\}' | \
-#          head -n 1 | \
-#          xargs -I '{}' git rev-parse "{}^"
-#        )
-#
-#        git show $branchPoint:composer.lock | cat > ".wyrihaximus-composer.lock-diff/branch-point-composer.lock"
-#    - name: Cat branch point composer.lock
-#      shell: bash
-#      run: cat .wyrihaximus-composer.lock-diff/branch-point-composer.lock
-#    - name: Cat base ref composer.lock
-#      shell: bash
-#      run: cat .wyrihaximus-composer.lock-diff/checkout/base-ref/composer.lock
     - name: Generate Comments
       uses: docker://ghcr.io/wyrihaximus/github-action-composer.lock-diff:main
       with: