From b7387e6d92fb22798284dcc7f1f15922c0938ffd Mon Sep 17 00:00:00 2001 From: Francisco Ithurriague Date: Mon, 30 Mar 2026 16:14:25 -0300 Subject: [PATCH 1/3] AI-687 feat(ci): github actions ci --- .github/actions/aws-ecr-auth/action.yml | 30 +++++++ .github/workflows/ci.yml | 102 ++++++++++++++++++++++++ 2 files changed, 132 insertions(+) create mode 100644 .github/actions/aws-ecr-auth/action.yml create mode 100644 .github/workflows/ci.yml diff --git a/.github/actions/aws-ecr-auth/action.yml b/.github/actions/aws-ecr-auth/action.yml new file mode 100644 index 0000000..41cdfdf --- /dev/null +++ b/.github/actions/aws-ecr-auth/action.yml @@ -0,0 +1,30 @@ +name: Authenticate to AWS and Amazon ECR +description: > + Configures AWS credentials and logs in to Amazon ECR so subsequent steps can use the AWS CLI + and Docker against the registry. Matches the former repeated configure + login steps in CI. + +inputs: + aws-region: + description: AWS region (must match the ECR registry region). + required: true + +secrets: + aws_access_key_id: + description: AWS access key ID (repository secret AWS_ACCESS_KEY_ID). + required: true + aws_secret_access_key: + description: AWS secret access key (repository secret AWS_SECRET_ACCESS_KEY). + required: true + +runs: + using: composite + steps: + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-access-key-id: ${{ secrets.aws_access_key_id }} + aws-secret-access-key: ${{ secrets.aws_secret_access_key }} + aws-region: ${{ inputs.aws-region }} + + - name: Login to Amazon ECR + uses: aws-actions/amazon-ecr-login@v2 diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..355c682 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,102 @@ +name: CI + +on: + pull_request: + branches: + - main + workflow_dispatch: + +concurrency: + group: ci-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: true + +permissions: + contents: read + +env: + AWS_REGION: us-east-1 + AWS_ACCOUNT_ID: "462204803675" + DOCKER_BUILDKIT: "1" + +jobs: + build-and-push: + name: Build and push image + runs-on: ubuntu-latest + timeout-minutes: 60 + outputs: + image: ${{ steps.ecr.outputs.image }} + steps: + - name: Checkout + uses: actions/checkout@v6 + + - name: Authenticate to AWS and ECR + uses: ./.github/actions/aws-ecr-auth + with: + aws-region: ${{ env.AWS_REGION }} + secrets: + aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + + - name: Compute ECR image coordinates + id: ecr + run: | + REPO_LOWER=$(echo "${{ github.repository }}" | tr '[:upper:]' '[:lower:]') + REGISTRY="${{ env.AWS_ACCOUNT_ID }}.dkr.ecr.${{ env.AWS_REGION }}.amazonaws.com" + TAG="${{ github.run_number }}" + echo "repository=$REPO_LOWER" >> "$GITHUB_OUTPUT" + echo "registry=$REGISTRY" >> "$GITHUB_OUTPUT" + echo "tag=$TAG" >> "$GITHUB_OUTPUT" + echo "image=$REGISTRY/$REPO_LOWER:$TAG" >> "$GITHUB_OUTPUT" + + - name: Ensure ECR repository exists + run: | + aws ecr describe-repositories --repository-names "${{ steps.ecr.outputs.repository }}" \ + || aws ecr create-repository --repository-name "${{ steps.ecr.outputs.repository }}" + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Build and push + uses: docker/build-push-action@v6 + with: + context: . + file: Dockerfile + target: builder + push: true + tags: ${{ steps.ecr.outputs.image }} + cache-from: type=gha + cache-to: type=gha,mode=max + + validate: + name: Validate OpenAPI + runs-on: ubuntu-latest + timeout-minutes: 15 + needs: [build-and-push] + steps: + - name: Authenticate to AWS and ECR + uses: ./.github/actions/aws-ecr-auth + with: + aws-region: ${{ env.AWS_REGION }} + secrets: + aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + + - name: Validate + run: docker run --rm ${{ needs.build-and-push.outputs.image }} openapi-generator-cli validate -i api.yaml + + openapi-generate: + name: Generate OpenAPI YAML + runs-on: ubuntu-latest + timeout-minutes: 15 + needs: [build-and-push] + steps: + - name: Authenticate to AWS and ECR + uses: ./.github/actions/aws-ecr-auth + with: + aws-region: ${{ env.AWS_REGION }} + secrets: + aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + + - name: Generate + run: docker run --rm ${{ needs.build-and-push.outputs.image }} openapi-generator-cli generate -i api.yaml -g openapi-yaml From 220d80d491cf959a9904a4a9ec7c72bd01032129 Mon Sep 17 00:00:00 2001 From: Francisco Ithurriague Date: Mon, 30 Mar 2026 16:25:00 -0300 Subject: [PATCH 2/3] AI-687 feat(ci): removed drone pipeline --- .drone.yml | 49 ------------------------------------------------- 1 file changed, 49 deletions(-) delete mode 100644 .drone.yml diff --git a/.drone.yml b/.drone.yml deleted file mode 100644 index a240ff4..0000000 --- a/.drone.yml +++ /dev/null @@ -1,49 +0,0 @@ ---- -kind: pipeline -type: kubernetes -name: default - -trigger: - branch: - - main - - release/v2.2.0 - event: - - pull_request - -steps: - - name: build_image - image: plugins/ecr - privileged: true - settings: - dockerfile: Dockerfile - registry: 462204803675.dkr.ecr.us-east-1.amazonaws.com - debug: true - target: builder - tags: - - "${DRONE_BUILD_NUMBER}" - environment: - AWS_ACCESS_KEY_ID: - from_secret: AWS_ACCESS_KEY_ID - AWS_SECRET_ACCESS_KEY: - from_secret: AWS_SECRET_ACCESS_KEY - PLUGIN_SSH_AGENT_KEY: - from_secret: SSH_KEY - DOCKER_BUILDKIT: 1 - ECR_CREATE_REPOSITORY: true - PLUGIN_REPO: ${DRONE_REPO} - - name: validate - image: 462204803675.dkr.ecr.us-east-1.amazonaws.com/${DRONE_REPO}:${DRONE_BUILD_NUMBER} - depends_on: - - build_image - commands: - - openapi-generator-cli validate -i api.yaml - - name: dummy generator - image: 462204803675.dkr.ecr.us-east-1.amazonaws.com/${DRONE_REPO}:${DRONE_BUILD_NUMBER} - depends_on: - - build_image - commands: - - openapi-generator-cli generate -i api.yaml -g openapi-yaml - -image_pull_secrets: - - ECR_PULL_SECRET - - DOCKERCONFIG \ No newline at end of file From 4d069b1fded1b9fd43d4f3fb8c8540688f53a31b Mon Sep 17 00:00:00 2001 From: Francisco Ithurriague Date: Mon, 30 Mar 2026 18:27:04 -0300 Subject: [PATCH 3/3] AI-687 fix(aws): remove aws storage, local image testing only --- .github/actions/aws-ecr-auth/action.yml | 30 ---------- .github/workflows/ci.yml | 79 ++++--------------------- 2 files changed, 11 insertions(+), 98 deletions(-) delete mode 100644 .github/actions/aws-ecr-auth/action.yml diff --git a/.github/actions/aws-ecr-auth/action.yml b/.github/actions/aws-ecr-auth/action.yml deleted file mode 100644 index 41cdfdf..0000000 --- a/.github/actions/aws-ecr-auth/action.yml +++ /dev/null @@ -1,30 +0,0 @@ -name: Authenticate to AWS and Amazon ECR -description: > - Configures AWS credentials and logs in to Amazon ECR so subsequent steps can use the AWS CLI - and Docker against the registry. Matches the former repeated configure + login steps in CI. - -inputs: - aws-region: - description: AWS region (must match the ECR registry region). - required: true - -secrets: - aws_access_key_id: - description: AWS access key ID (repository secret AWS_ACCESS_KEY_ID). - required: true - aws_secret_access_key: - description: AWS secret access key (repository secret AWS_SECRET_ACCESS_KEY). - required: true - -runs: - using: composite - steps: - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - aws-access-key-id: ${{ secrets.aws_access_key_id }} - aws-secret-access-key: ${{ secrets.aws_secret_access_key }} - aws-region: ${{ inputs.aws-region }} - - - name: Login to Amazon ECR - uses: aws-actions/amazon-ecr-login@v2 diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 355c682..d0d24a4 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -14,89 +14,32 @@ permissions: contents: read env: - AWS_REGION: us-east-1 - AWS_ACCOUNT_ID: "462204803675" + IMAGE_TAG: openapi-ci:local DOCKER_BUILDKIT: "1" jobs: - build-and-push: - name: Build and push image + openapi: + name: OpenAPI (Docker) runs-on: ubuntu-latest timeout-minutes: 60 - outputs: - image: ${{ steps.ecr.outputs.image }} steps: - - name: Checkout - uses: actions/checkout@v6 + - uses: actions/checkout@v6 - - name: Authenticate to AWS and ECR - uses: ./.github/actions/aws-ecr-auth - with: - aws-region: ${{ env.AWS_REGION }} - secrets: - aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - - - name: Compute ECR image coordinates - id: ecr - run: | - REPO_LOWER=$(echo "${{ github.repository }}" | tr '[:upper:]' '[:lower:]') - REGISTRY="${{ env.AWS_ACCOUNT_ID }}.dkr.ecr.${{ env.AWS_REGION }}.amazonaws.com" - TAG="${{ github.run_number }}" - echo "repository=$REPO_LOWER" >> "$GITHUB_OUTPUT" - echo "registry=$REGISTRY" >> "$GITHUB_OUTPUT" - echo "tag=$TAG" >> "$GITHUB_OUTPUT" - echo "image=$REGISTRY/$REPO_LOWER:$TAG" >> "$GITHUB_OUTPUT" - - - name: Ensure ECR repository exists - run: | - aws ecr describe-repositories --repository-names "${{ steps.ecr.outputs.repository }}" \ - || aws ecr create-repository --repository-name "${{ steps.ecr.outputs.repository }}" + - uses: docker/setup-buildx-action@v3 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Build and push - uses: docker/build-push-action@v6 + - uses: docker/build-push-action@v6 with: context: . file: Dockerfile target: builder - push: true - tags: ${{ steps.ecr.outputs.image }} + push: false + load: true + tags: ${{ env.IMAGE_TAG }} cache-from: type=gha cache-to: type=gha,mode=max - validate: - name: Validate OpenAPI - runs-on: ubuntu-latest - timeout-minutes: 15 - needs: [build-and-push] - steps: - - name: Authenticate to AWS and ECR - uses: ./.github/actions/aws-ecr-auth - with: - aws-region: ${{ env.AWS_REGION }} - secrets: - aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - - name: Validate - run: docker run --rm ${{ needs.build-and-push.outputs.image }} openapi-generator-cli validate -i api.yaml - - openapi-generate: - name: Generate OpenAPI YAML - runs-on: ubuntu-latest - timeout-minutes: 15 - needs: [build-and-push] - steps: - - name: Authenticate to AWS and ECR - uses: ./.github/actions/aws-ecr-auth - with: - aws-region: ${{ env.AWS_REGION }} - secrets: - aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + run: docker run --rm ${{ env.IMAGE_TAG }} openapi-generator-cli validate -i api.yaml - name: Generate - run: docker run --rm ${{ needs.build-and-push.outputs.image }} openapi-generator-cli generate -i api.yaml -g openapi-yaml + run: docker run --rm ${{ env.IMAGE_TAG }} openapi-generator-cli generate -i api.yaml -g openapi-yaml