Merge pull request #183 from morri-son/add-cv-creation-for-cli

Add cv creation for cli

Author: morri-son

.github/scripts/component-constructor.js

@@ -1,5 +1,6 @@
 // @ts-check
 import fs from "fs";
+import path from "path";
 import yaml from "js-yaml";
 
 /**
@@ -76,6 +77,9 @@ export function patchCliConstructor(constructor, imageRef, imageTag) {
             resource.name === "cli" &&
             resource.input?.type === "file"
         ) {
+            if (typeof resource.input.path !== "string" || resource.input.path.length === 0) {
+                throw new Error("CLI file resource is missing required field 'input.path'");
+            }
             const parts = resource.input.path.split("/");
             const filename = parts[parts.length - 1];
             resource.input.path = `resources/bin/${filename}`;
@@ -103,6 +107,179 @@ export function patchCliConstructor(constructor, imageRef, imageTag) {
     return constructor;
 }
 
+/**
+ * GitHub Actions entrypoint: patch the CLI component constructor for publishing.
+ *
+ * Verifies that CLI binaries exist, parses the constructor YAML, patches paths
+ * and image access, and writes the result to the target location.
+ *
+ * Environment variables:
+ * - CONSTRUCTOR_SOURCE: Path to the source component-constructor.yaml (required)
+ * - TARGET_CONSTRUCTOR: Path to write the patched constructor (required)
+ * - IMAGE_REF: Full OCI image reference, e.g. "ghcr.io/owner/cli:tag" (required)
+ * - IMAGE_TAG: Image tag / version string (required)
+ *
+ * @param {import('@actions/github-script').AsyncFunctionArguments} args
+ */
+export async function patchCliConstructorAction({ core }) {
+    const constructorSource = process.env.CONSTRUCTOR_SOURCE;
+    const targetConstructor = process.env.TARGET_CONSTRUCTOR;
+    const imageRef = process.env.IMAGE_REF;
+    const imageTag = process.env.IMAGE_TAG;
+
+    if (!constructorSource) {
+        core.setFailed("CONSTRUCTOR_SOURCE environment variable is required");
+        return;
+    }
+    if (!targetConstructor) {
+        core.setFailed("TARGET_CONSTRUCTOR environment variable is required");
+        return;
+    }
+    if (!imageRef) {
+        core.setFailed("IMAGE_REF environment variable is required");
+        return;
+    }
+    if (!imageTag) {
+        core.setFailed("IMAGE_TAG environment variable is required");
+        return;
+    }
+
+    try {
+        // Verify CLI binaries exist
+        const binDir = "bin";
+        const entries = fs.readdirSync(binDir).filter(f => f.startsWith("ocm-"));
+        if (entries.length === 0) {
+            throw new Error(`No CLI binaries found under ./${binDir}`);
+        }
+        core.info(`✅ Found ${entries.length} CLI binary(ies): ${entries.join(", ")}`);
+
+        // Verify source constructor exists
+        if (!fs.existsSync(constructorSource)) {
+            throw new Error(`Constructor source not found: ${constructorSource}`);
+        }
+
+        // Parse, patch, and write
+        const constructor = parseConstructorFile(constructorSource);
+        patchCliConstructor(constructor, imageRef, imageTag);
+
+        const targetDir = path.dirname(targetConstructor);
+        fs.mkdirSync(targetDir, { recursive: true });
+        fs.writeFileSync(targetConstructor, yaml.dump(constructor), "utf8");
+
+        core.info(`✅ Patched constructor written to ${targetConstructor}`);
+
+        // Validate round-trip
+        const written = parseConstructorFile(targetConstructor);
+        const imageResource = written.resources.find(r => r.name === "image");
+        if (!imageResource || imageResource.access?.imageReference !== imageRef) {
+            throw new Error("Validation failed: patched constructor does not contain expected image reference");
+        }
+        core.info(`✅ Validated image reference: ${imageRef}`);
+    } catch (error) {
+        core.setFailed(error.message);
+    }
+}
+
+/**
+ * Promote a constructor from RC to final version:
+ * - Replace the top-level version
+ * - Replace all resource versions
+ * - Update the image resource's access.imageReference
+ *
+ * @param {Object} constructor - Parsed constructor YAML object (mutated in place)
+ * @param {string} finalVersion - Final version string (e.g. "0.17.0")
+ * @param {string} imageRef - Full OCI image reference with final tag (e.g. "ghcr.io/owner/cli:0.17.0")
+ * @returns {Object} The mutated constructor object
+ * @throws {Error} If expected resources or access fields are not found
+ */
+export function promoteConstructorVersion(constructor, finalVersion, imageRef) {
+    if (!Array.isArray(constructor.resources)) {
+        throw new Error("Constructor has no 'resources' array");
+    }
+
+    constructor.version = finalVersion;
+
+    for (const resource of constructor.resources) {
+        resource.version = finalVersion;
+    }
+
+    const imageResource = constructor.resources.find(r => r.name === "image");
+    if (!imageResource || !imageResource.access) {
+        throw new Error("No image resource with 'access' found — was the constructor patched by patchCliConstructor first?");
+    }
+    imageResource.access.imageReference = imageRef;
+
+    return constructor;
+}
+
+/**
+ * GitHub Actions entrypoint: promote an RC constructor to final version.
+ *
+ * Reads the RC constructor, replaces all version fields with the final version,
+ * updates the image reference, validates the result, and writes it back.
+ *
+ * Environment variables:
+ * - CONSTRUCTOR: Path to the component-constructor.yaml (read and written in place) (required)
+ * - FINAL_VERSION: Final version string, e.g. "0.17.0" (required)
+ * - IMAGE_REF: Full OCI image reference with final tag (required)
+ *
+ * @param {import('@actions/github-script').AsyncFunctionArguments} args
+ */
+export async function promoteConstructorVersionAction({ core }) {
+    const constructorPath = process.env.CONSTRUCTOR;
+    const finalVersion = process.env.FINAL_VERSION;
+    const imageRef = process.env.IMAGE_REF;
+
+    if (!constructorPath) {
+        core.setFailed("CONSTRUCTOR environment variable is required");
+        return;
+    }
+    if (!finalVersion) {
+        core.setFailed("FINAL_VERSION environment variable is required");
+        return;
+    }
+    if (!imageRef) {
+        core.setFailed("IMAGE_REF environment variable is required");
+        return;
+    }
+
+    try {
+        if (!fs.existsSync(constructorPath)) {
+            throw new Error(`Constructor not found: ${constructorPath}`);
+        }
+
+        const constructor = parseConstructorFile(constructorPath);
+        const rcVersion = constructor.version;
+        core.info(`Promoting constructor from ${rcVersion} to ${finalVersion}...`);
+
+        promoteConstructorVersion(constructor, finalVersion, imageRef);
+
+        fs.writeFileSync(constructorPath, yaml.dump(constructor), "utf8");
+        core.info(`✅ Patched constructor written to ${constructorPath}`);
+
+        // Validate round-trip
+        const written = parseConstructorFile(constructorPath);
+
+        if (written.version !== finalVersion) {
+            throw new Error(`Validation failed: .version is '${written.version}', expected '${finalVersion}'`);
+        }
+
+        const resourceVersions = [...new Set(written.resources.map(r => r.version))];
+        if (resourceVersions.length !== 1 || resourceVersions[0] !== finalVersion) {
+            throw new Error(`Validation failed: resource versions are [${resourceVersions}], expected all '${finalVersion}'`);
+        }
+
+        const imageResource = written.resources.find(r => r.name === "image");
+        if (!imageResource || imageResource.access?.imageReference !== imageRef) {
+            throw new Error(`Validation failed: image reference is '${imageResource?.access?.imageReference}', expected '${imageRef}'`);
+        }
+
+        core.info(`✅ Validated: version=${finalVersion}, image=${imageRef}`);
+    } catch (error) {
+        core.setFailed(error.message);
+    }
+}
+
 /**
  * GitHub Actions entrypoint: summarize a published component version in the step summary.
  *

.github/scripts/component-constructor.test.js

@@ -8,6 +8,7 @@ import {
     buildPackageUrl,
     patchCliConstructor,
     parseConstructorFile,
+    promoteConstructorVersion,
 } from "./component-constructor.js";
 
 // ----------------------------------------------------------
@@ -148,6 +149,30 @@ assert.throws(
     "Should throw when resources array is missing"
 );
 
+// patchCliConstructor: missing input.path on CLI file resource
+assert.throws(
+    () => patchCliConstructor({
+        resources: [
+            { name: "cli", input: { type: "file" } },
+            { name: "image", type: "ociImage", relation: "local", input: { type: "file", path: "x" } },
+        ],
+    }, "ref", "tag"),
+    /missing required field 'input\.path'/,
+    "Should throw when CLI file resource has no input.path"
+);
+
+// patchCliConstructor: empty input.path on CLI file resource
+assert.throws(
+    () => patchCliConstructor({
+        resources: [
+            { name: "cli", input: { type: "file", path: "" } },
+            { name: "image", type: "ociImage", relation: "local", input: { type: "file", path: "x" } },
+        ],
+    }, "ref", "tag"),
+    /missing required field 'input\.path'/,
+    "Should throw when CLI file resource has empty input.path"
+);
+
 // patchCliConstructor: non-file CLI resources are left untouched
 {
     const constructor = {
@@ -208,4 +233,112 @@ assert.throws(
     fs.rmdirSync(tmpDir);
 }
 
-console.log("✅ All component-constructor tests passed.");
+// ----------------------------------------------------------
+// promoteConstructorVersion
+// ----------------------------------------------------------
+console.log("Testing promoteConstructorVersion...");
+
+// Happy path: promotes version, resource versions, and image reference
+{
+    const constructor = {
+        name: "ocm.software/cli",
+        version: "0.17.0-rc.1",
+        resources: [
+            {
+                name: "cli",
+                type: "executable",
+                version: "0.17.0-rc.1",
+                input: { type: "file", path: "resources/bin/ocm-linux-amd64" },
+            },
+            {
+                name: "cli",
+                type: "executable",
+                version: "0.17.0-rc.1",
+                input: { type: "file", path: "resources/bin/ocm-darwin-arm64" },
+            },
+            {
+                name: "image",
+                type: "ociImage",
+                version: "0.17.0-rc.1",
+                access: {
+                    type: "ociArtifact",
+                    imageReference: "ghcr.io/ocm/cli:0.17.0-rc.1",
+                },
+            },
+        ],
+    };
+
+    const result = promoteConstructorVersion(constructor, "0.17.0", "ghcr.io/ocm/cli:0.17.0");
+
+    assert.strictEqual(result.version, "0.17.0", "Top-level version should be updated");
+    assert.strictEqual(result.resources[0].version, "0.17.0", "First CLI resource version should be updated");
+    assert.strictEqual(result.resources[1].version, "0.17.0", "Second CLI resource version should be updated");
+    assert.strictEqual(result.resources[2].version, "0.17.0", "Image resource version should be updated");
+    assert.strictEqual(
+        result.resources[2].access.imageReference,
+        "ghcr.io/ocm/cli:0.17.0",
+        "Image reference should be updated"
+    );
+    // Ensure non-image fields are untouched
+    assert.strictEqual(result.resources[0].input.path, "resources/bin/ocm-linux-amd64", "CLI path should be unchanged");
+    assert.strictEqual(result.name, "ocm.software/cli", "Name should be unchanged");
+}
+
+// Mutates in place and returns the same object
+{
+    const constructor = {
+        version: "1.0.0-rc.1",
+        resources: [
+            { name: "image", version: "1.0.0-rc.1", access: { type: "ociArtifact", imageReference: "old" } },
+        ],
+    };
+    const result = promoteConstructorVersion(constructor, "1.0.0", "new-ref");
+    assert.strictEqual(result, constructor, "Should return the same object (mutate in place)");
+}
+
+// Error: missing resources array
+assert.throws(
+    () => promoteConstructorVersion({ name: "test", version: "1.0.0" }, "2.0.0", "ref"),
+    /no 'resources' array/,
+    "Should throw when resources array is missing"
+);
+
+// Error: no image resource
+assert.throws(
+    () => promoteConstructorVersion({
+        version: "1.0.0-rc.1",
+        resources: [
+            { name: "cli", version: "1.0.0-rc.1", input: { type: "file", path: "bin/ocm" } },
+        ],
+    }, "1.0.0", "ref"),
+    /No image resource with 'access' found/,
+    "Should throw when no image resource exists"
+);
+
+// Error: image resource exists but has no access field
+assert.throws(
+    () => promoteConstructorVersion({
+        version: "1.0.0-rc.1",
+        resources: [
+            { name: "image", version: "1.0.0-rc.1" },
+        ],
+    }, "1.0.0", "ref"),
+    /No image resource with 'access' found/,
+    "Should throw when image resource has no access field"
+);
+
+// Edge: single resource that is the image
+{
+    const constructor = {
+        version: "0.1.0-rc.2",
+        resources: [
+            { name: "image", version: "0.1.0-rc.2", access: { type: "ociArtifact", imageReference: "old:rc2" } },
+        ],
+    };
+    promoteConstructorVersion(constructor, "0.1.0", "new:final");
+    assert.strictEqual(constructor.version, "0.1.0");
+    assert.strictEqual(constructor.resources[0].version, "0.1.0");
+    assert.strictEqual(constructor.resources[0].access.imageReference, "new:final");
+}
+
+console.log("✅ All component-constructor tests passed.");

.github/workflows/ci.yml

@@ -338,15 +338,15 @@ jobs:
             .github/workflows/ci.yml
             ${{ matrix.project }}
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@ae9ef3a1d2e3413523c3741725c30064970cc0d4 # v3
+        uses: github/codeql-action/init@820e3160e279568db735cee8ed8f8e77a6da7818 # v3
         with:
           languages: go
           queries: security-extended
       - name: Autobuild
-        uses: github/codeql-action/autobuild@ae9ef3a1d2e3413523c3741725c30064970cc0d4 # v3
+        uses: github/codeql-action/autobuild@820e3160e279568db735cee8ed8f8e77a6da7818 # v3
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@ae9ef3a1d2e3413523c3741725c30064970cc0d4 # v3
+        uses: github/codeql-action/analyze@820e3160e279568db735cee8ed8f8e77a6da7818 # v3
         with:
           category: "/language:go"