Skip to content

Commit dbe6a9c

Browse files
mmorel-35mmorel-35
committed
Add BCR publishing configuration and GitHub workflow
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
1 parent 8bfbf64 commit dbe6a9c

File tree

5 files changed

+174
-0
lines changed

5 files changed

+174
-0
lines changed

.bcr/README.md

Lines changed: 106 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,106 @@
1+
# Bazel Central Registry (BCR) Publishing Configuration
2+
3+
This directory contains the configuration files for publishing the xds module to the [Bazel Central Registry](https://github.com/bazelbuild/bazel-central-registry).
4+
5+
## Overview
6+
7+
The BCR publishing process is automated via GitHub Actions. When a new release is created, the workflow will automatically create a pull request to the Bazel Central Registry with the new version.
8+
9+
## Configuration Files
10+
11+
### metadata.template.json
12+
Contains metadata about the xds module including:
13+
- Homepage URL
14+
- Maintainers list
15+
- Repository references
16+
17+
The `versions` array will be automatically populated by the BCR publishing workflow.
18+
19+
### source.template.json
20+
Template for the `source.json` file that will be created in the BCR. It specifies:
21+
- Archive URL pattern: `https://github.com/cncf/xds/archive/{TAG}.tar.gz`
22+
- Strip prefix pattern for extracting the archive
23+
- Integrity hash (automatically computed)
24+
25+
### presubmit.yml
26+
Defines the tests that BCR will run to validate the module before accepting it. The tests run on multiple platforms (Debian, macOS, Ubuntu, Windows) with different Bazel versions. The verification builds all targets in the xds module using `@xds//...`.
27+
28+
## GitHub Actions Workflow
29+
30+
The `.github/workflows/publish.yaml` workflow automates the publishing process. It:
31+
32+
1. Triggers on new releases or manual workflow dispatch
33+
2. Uses the `bazel-contrib/publish-to-bcr` reusable workflow
34+
3. Opens a pull request to the Bazel Central Registry
35+
36+
## Personal Access Token (PAT) Setup
37+
38+
To enable automated BCR publishing, you need to configure a GitHub Personal Access Token:
39+
40+
### Creating the PAT
41+
42+
1. Go to GitHub Settings → Developer settings → Personal access tokens → Tokens (classic)
43+
2. Click "Generate new token (classic)"
44+
3. Give it a descriptive name (e.g., "BCR Publish Token for xds")
45+
4. Set an appropriate expiration (recommend 1 year and renew regularly)
46+
5. Select the following scopes:
47+
- `repo` (Full control of private repositories)
48+
- `workflow` (Update GitHub Action workflows)
49+
6. Click "Generate token" and copy the token value
50+
51+
### Configuring the Secret
52+
53+
1. Go to the xds repository settings: `https://github.com/cncf/xds/settings/secrets/actions`
54+
2. Click "New repository secret"
55+
3. Name: `BCR_PUBLISH_TOKEN`
56+
4. Value: Paste the PAT you created
57+
5. Click "Add secret"
58+
59+
### Registry Fork
60+
61+
The workflow requires a fork of the Bazel Central Registry. When the workflow runs, it will:
62+
63+
1. Push the new module version to your fork of the BCR (specified in `registry_fork`)
64+
2. Create a new branch in your fork with the module version
65+
3. Open a pull request from your fork to `bazelbuild/bazel-central-registry` (the main BCR)
66+
67+
**Important**: You must update the `registry_fork` parameter in `.github/workflows/publish.yaml`:
68+
- Change `REPLACE_WITH_YOUR_FORK/bazel-central-registry` to your actual fork
69+
- Example: `adisuissa/bazel-central-registry` if adisuissa owns the PAT
70+
71+
To create a fork:
72+
1. Go to https://github.com/bazelbuild/bazel-central-registry
73+
2. Click "Fork" button
74+
3. Create the fork under your personal account or organization
75+
4. Update the workflow file with your fork name
76+
77+
## Manual Publishing
78+
79+
If needed, you can manually trigger the publishing workflow:
80+
81+
1. Go to the Actions tab in the repository
82+
2. Select "Publish to BCR" workflow
83+
3. Click "Run workflow"
84+
4. Enter the tag name (e.g., `v1.0.0`)
85+
5. Click "Run workflow"
86+
87+
## Troubleshooting
88+
89+
### Common Issues
90+
91+
1. **PAT expired**: Renew the token and update the `BCR_PUBLISH_TOKEN` secret
92+
2. **Permission denied**: Ensure the PAT has `repo` and `workflow` scopes
93+
3. **Build failures**: Check the BCR presubmit results and fix any issues in the test module
94+
95+
### Verifying the Configuration
96+
97+
You can verify the templates are valid by checking:
98+
- metadata.template.json has valid JSON syntax
99+
- source.template.json uses correct URL patterns
100+
- presubmit.yml has valid YAML syntax
101+
102+
## References
103+
104+
- [Bazel Central Registry](https://github.com/bazelbuild/bazel-central-registry)
105+
- [publish-to-bcr GitHub Action](https://github.com/bazel-contrib/publish-to-bcr)
106+
- [Bzlmod User Guide](https://bazel.build/docs/bzlmod)

.bcr/metadata.template.json

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
{
2+
"homepage": "https://github.com/cncf/xds",
3+
"maintainers": [
4+
{
5+
"name": "Adi (Suissa) Peleg",
6+
"email": "adisuissa@google.com",
7+
"github": "adisuissa",
8+
"github_user_id": 4787431
9+
}
10+
],
11+
"repository": [
12+
"github:cncf/xds"
13+
],
14+
"versions": [],
15+
"yanked_versions": {}
16+
}

.bcr/presubmit.yml

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,13 @@
1+
# BCR presubmit tests for xds module
2+
matrix:
3+
platform: ["debian11", "macos", "ubuntu2204", "windows"]
4+
bazel: [7.x, 8.x]
5+
tasks:
6+
verify_targets:
7+
name: "Verify build targets"
8+
platform: ${{ platform }}
9+
bazel: ${{ bazel }}
10+
build_targets:
11+
- "@xds//..."
12+
test_targets:
13+
- //...

.bcr/source.template.json

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
{
2+
"integrity": "",
3+
"strip_prefix": "xds-{VERSION}",
4+
"url": "https://github.com/cncf/xds/archive/{TAG}.tar.gz"
5+
}

.github/workflows/publish.yaml

Lines changed: 34 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,34 @@
1+
name: Publish to BCR
2+
3+
# Trigger the workflow on new releases or allow manual dispatch
4+
on:
5+
# Trigger when a new release is published
6+
release:
7+
types: [published]
8+
# Allow manual triggering from the GitHub UI
9+
workflow_dispatch:
10+
inputs:
11+
tag_name:
12+
description: 'Tag name to publish (e.g., v1.0.0)'
13+
required: true
14+
type: string
15+
16+
jobs:
17+
publish:
18+
uses: bazel-contrib/publish-to-bcr/.github/workflows/publish.yaml@v0.14.0
19+
with:
20+
# Use the tag from the release event or the manual input
21+
tag_name: ${{ github.event.release.tag_name || inputs.tag_name }}
22+
# The registry to open PR against (defaults to bazelbuild/bazel-central-registry)
23+
registry: bazelbuild/bazel-central-registry
24+
# Enable attestation support for verifiable builds
25+
attest: true
26+
permissions:
27+
contents: write
28+
# Necessary for attestation
29+
id-token: write
30+
attestations: write
31+
secrets:
32+
# Personal Access Token with 'repo' and 'workflow' permissions
33+
# Must be configured in repository secrets as BCR_PUBLISH_TOKEN
34+
publish_token: ${{ secrets.BCR_PUBLISH_TOKEN }}

0 commit comments

Comments
 (0)