Updates github-config

.github/workflows/create-draft-release.yml

@@ -106,6 +106,11 @@ jobs:
               "path": "build/buildpackage.cnb",
               "name": "${{ github.event.repository.name }}-${{ steps.tag.outputs.tag }}.cnb",
               "content_type": "application/x-tar"
+            },
+            {
+              "path": "build/buildpack-release-artifact.tgz",
+              "name": "${{ github.event.repository.name }}-${{ steps.tag.outputs.tag }}.tgz",
+              "content_type": "application/gzip"
             }
           ]
 

.github/workflows/push-buildpackage.yml

@@ -6,6 +6,12 @@ on:
     - published
 env:
   REGISTRIES_FILENAME: "registries.json"
+  GCR_REGISTRY: "gcr.io"
+  GCR_PASSWORD: ${{ secrets.GCR_PUSH_BOT_JSON_KEY }}
+  GCR_USERNAME: "_json_key"
+  DOCKERHUB_REGISTRY: docker.io
+  DOCKERHUB_USERNAME: ${{ secrets.PAKETO_BUILDPACKS_DOCKERHUB_USERNAME }}
+  DOCKERHUB_PASSWORD: ${{ secrets.PAKETO_BUILDPACKS_DOCKERHUB_PASSWORD }}
 
 jobs:
   push:
@@ -25,14 +31,13 @@ jobs:
         echo "tag_full=${FULL_VERSION}" >> "$GITHUB_OUTPUT"
         echo "tag_minor=${MINOR_VERSION}" >> "$GITHUB_OUTPUT"
         echo "tag_major=${MAJOR_VERSION}" >> "$GITHUB_OUTPUT"
-        echo "download_url=$(jq -r '.release.assets[] | select(.name | endswith(".cnb")) | .url' "${GITHUB_EVENT_PATH}")" >> "$GITHUB_OUTPUT"
+        echo "download_tgz_file_url=$(jq -r '.release.assets[] | select(.name | endswith(".tgz")) | .url' "${GITHUB_EVENT_PATH}")" >> "$GITHUB_OUTPUT"
 
-    - name: Download
-      id: download
+    - name: Download .tgz buildpack release artifact
       uses: paketo-buildpacks/github-config/actions/release/download-asset@main
       with:
-        url: ${{ steps.event.outputs.download_url }}
-        output: "/github/workspace/buildpackage.cnb"
+        url: ${{ steps.event.outputs.download_tgz_file_url }}
+        output: "/github/workspace/buildpack-release-artifact.tgz"
         token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }}
 
     - name: Parse Configs
@@ -55,50 +60,69 @@ jobs:
         echo "push_to_dockerhub=${push_to_dockerhub}" >> "$GITHUB_OUTPUT"
         echo "push_to_gcr=${push_to_gcr}" >> "$GITHUB_OUTPUT"
 
+    - name: Install yj and crane
+      uses: buildpacks/github-actions/[email protected]
+
     - name: Validate version
       run: |
-        buidpackTomlVersion=$(sudo skopeo inspect "oci-archive:${GITHUB_WORKSPACE}/buildpackage.cnb" | jq -r '.Labels."io.buildpacks.buildpackage.metadata" | fromjson | .version')
+        buidpackTomlVersion=$(tar -xzf buildpack-release-artifact.tgz --to-stdout buildpack.toml | yj -tj | jq -r .buildpack.version)
         githubReleaseVersion="${{ steps.event.outputs.tag_full }}"
         if [[ "$buidpackTomlVersion" != "$githubReleaseVersion" ]]; then
           echo "Version in buildpack.toml ($buidpackTomlVersion) and github release ($githubReleaseVersion) are not identical"
           exit 1
         fi
 
+    - name: Docker login docker.io
+      uses: docker/login-action@v3
+      with:
+        username: ${{ env.DOCKERHUB_USERNAME }}
+        password: ${{ env.DOCKERHUB_PASSWORD }}
+        registry: ${{ env.DOCKERHUB_REGISTRY }}
+
+    - name: Docker login gcr.io
+      uses: docker/login-action@v3
+      if: ${{ steps.parse_configs.outputs.push_to_gcr == 'true' }}
+      with:
+        username: ${{ env.GCR_USERNAME }}
+        password: ${{ env.GCR_PASSWORD }}
+        registry: ${{ env.GCR_REGISTRY }}
+
     - name: Push to GCR
       if: ${{  steps.parse_configs.outputs.push_to_gcr == 'true' }}
-      env:
-        GCR_PUSH_BOT_JSON_KEY: ${{ secrets.GCR_PUSH_BOT_JSON_KEY }}
       run: |
-        echo "${GCR_PUSH_BOT_JSON_KEY}" | sudo skopeo login --username _json_key --password-stdin gcr.io
-        sudo skopeo copy "oci-archive:${GITHUB_WORKSPACE}/buildpackage.cnb" "docker://gcr.io/${{ github.repository }}:${{ steps.event.outputs.tag_full }}"
-        sudo skopeo copy "oci-archive:${GITHUB_WORKSPACE}/buildpackage.cnb" "docker://gcr.io/${{ github.repository }}:${{ steps.event.outputs.tag_minor }}"
-        sudo skopeo copy "oci-archive:${GITHUB_WORKSPACE}/buildpackage.cnb" "docker://gcr.io/${{ github.repository }}:${{ steps.event.outputs.tag_major }}"
-        sudo skopeo copy "oci-archive:${GITHUB_WORKSPACE}/buildpackage.cnb" "docker://gcr.io/${{ github.repository }}:latest"
+        ./scripts/publish.sh \
+          --archive-path buildpack-release-artifact.tgz \
+          --image-ref "gcr.io/${{ github.repository }}:${{ steps.event.outputs.tag_full }}"
+
+        crane copy "gcr.io/${{ github.repository }}:${{ steps.event.outputs.tag_full }}" "gcr.io/${{ github.repository }}:${{ steps.event.outputs.tag_minor }}"
+        crane copy "gcr.io/${{ github.repository }}:${{ steps.event.outputs.tag_full }}" "gcr.io/${{ github.repository }}:${{ steps.event.outputs.tag_major }}"
+        crane copy "gcr.io/${{ github.repository }}:${{ steps.event.outputs.tag_full }}" "gcr.io/${{ github.repository }}:latest"
 
     - name: Push to DockerHub
       if: ${{  steps.parse_configs.outputs.push_to_dockerhub == 'true' }}
       id: push
-      env:
-        DOCKERHUB_USERNAME: ${{ secrets.PAKETO_BUILDPACKS_DOCKERHUB_USERNAME }}
-        DOCKERHUB_PASSWORD: ${{ secrets.PAKETO_BUILDPACKS_DOCKERHUB_PASSWORD }}
-        GITHUB_REPOSITORY_OWNER: ${{ github.repository_owner }}
       run: |
-        REPOSITORY="${GITHUB_REPOSITORY_OWNER/-/}/${GITHUB_REPOSITORY#${GITHUB_REPOSITORY_OWNER}/}" # translates 'paketo-buildpacks/bundle-install' to 'paketobuildpacks/bundle-install'
-        IMAGE="index.docker.io/${REPOSITORY}"
-        echo "${DOCKERHUB_PASSWORD}" | sudo skopeo login --username "${DOCKERHUB_USERNAME}" --password-stdin index.docker.io
-        sudo skopeo copy "oci-archive:${GITHUB_WORKSPACE}/buildpackage.cnb" "docker://${IMAGE}:${{ steps.event.outputs.tag_full }}"
-        sudo skopeo copy "oci-archive:${GITHUB_WORKSPACE}/buildpackage.cnb" "docker://${IMAGE}:${{ steps.event.outputs.tag_minor }}"
-        sudo skopeo copy "oci-archive:${GITHUB_WORKSPACE}/buildpackage.cnb" "docker://${IMAGE}:${{ steps.event.outputs.tag_major }}"
-        sudo skopeo copy "oci-archive:${GITHUB_WORKSPACE}/buildpackage.cnb" "docker://${IMAGE}:latest"
+        IMAGE="${GITHUB_REPOSITORY_OWNER/-/}/${GITHUB_REPOSITORY#${GITHUB_REPOSITORY_OWNER}/}" # translates 'paketo-buildpacks/bundle-install' to 'paketobuildpacks/bundle-install'
+
+        ./scripts/publish.sh \
+          --archive-path buildpack-release-artifact.tgz \
+          --image-ref "${DOCKERHUB_REGISTRY}/${IMAGE}:${{ steps.event.outputs.tag_full }}"
+
+        pushed_image_index_digest=$(crane digest "${DOCKERHUB_REGISTRY}/${IMAGE}:${{ steps.event.outputs.tag_full }}" | xargs)
+
+        crane copy "${DOCKERHUB_REGISTRY}/${IMAGE}:${{ steps.event.outputs.tag_full }}" "${DOCKERHUB_REGISTRY}/${IMAGE}:${{ steps.event.outputs.tag_minor }}"
+        crane copy "${DOCKERHUB_REGISTRY}/${IMAGE}:${{ steps.event.outputs.tag_full }}" "${DOCKERHUB_REGISTRY}/${IMAGE}:${{ steps.event.outputs.tag_major }}"
+        crane copy "${DOCKERHUB_REGISTRY}/${IMAGE}:${{ steps.event.outputs.tag_full }}" "${DOCKERHUB_REGISTRY}/${IMAGE}:latest"
+
         echo "image=${IMAGE}" >> "$GITHUB_OUTPUT"
-        echo "digest=$(sudo skopeo inspect "oci-archive:${GITHUB_WORKSPACE}/buildpackage.cnb" | jq -r .Digest)" >> "$GITHUB_OUTPUT"
+        echo "digest=$pushed_image_index_digest" >> "$GITHUB_OUTPUT"
 
     - name: Register with CNB Registry
       uses: docker://ghcr.io/buildpacks/actions/registry/request-add-entry:main
       with:
         id: ${{ github.repository }}
         version: ${{ steps.event.outputs.tag_full }}
-        address: ${{ steps.push.outputs.image }}@${{ steps.push.outputs.digest }}
+        address: index.docker.io/${{ steps.push.outputs.image }}@${{ steps.push.outputs.digest }}
         token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }}
 
   failure:

scripts/.util/tools.json

@@ -1,4 +1,5 @@
 {
   "jam": "v2.15.0",
-  "pack": "v0.38.2"
+  "pack": "v0.38.2",
+  "yj": "v5.1.0"
 }

scripts/.util/tools.sh

@@ -164,6 +164,60 @@ function util::tools::pack::install() {
   fi
 }
 
+function util::tools::yj::install() {
+  local dir token
+  token=""
+
+  while [[ "${#}" != 0 ]]; do
+    case "${1}" in
+      --directory)
+        dir="${2}"
+        shift 2
+        ;;
+
+      --token)
+        token="${2}"
+        shift 2
+        ;;
+
+      *)
+        util::print::error "unknown argument \"${1}\""
+    esac
+  done
+
+  mkdir -p "${dir}"
+  util::tools::path::export "${dir}"
+
+  if [[ ! -f "${dir}/yj" ]]; then
+    local version curl_args os arch
+
+    version="$(jq -r .yj "$(dirname "${BASH_SOURCE[0]}")/tools.json")"
+
+    curl_args=(
+      "--fail"
+      "--silent"
+      "--location"
+      "--output" "${dir}/yj"
+    )
+
+    if [[ "${token}" != "" ]]; then
+      curl_args+=("--header" "Authorization: Token ${token}")
+    fi
+
+    util::print::title "Installing yj ${version}"
+
+    os=$(util::tools::os macos)
+    arch=$(util::tools::arch)
+
+    curl "https://github.com/sclevine/yj/releases/download/${version}/yj-${os}-${arch}" \
+      "${curl_args[@]}"
+
+    chmod +x "${dir}/yj"
+  else
+    util::print::info "Using yj $("${dir}"/yj -v)"
+  fi
+}
+
 function util::tools::tests::checkfocus() {
   testout="${1}"
   if grep -q 'Focused: [1-9]' "${testout}"; then

scripts/package.sh

@@ -71,6 +71,7 @@ function main {
   tools::install "${token}"
 
   buildpack::archive "${version}"
+  buildpack::release::archive
   buildpackage::create "${output}" "${flags[@]}"
 }
 
@@ -125,6 +126,57 @@ function buildpack::archive() {
     --output "${BUILD_DIR}/buildpack.tgz"
 }
 
+function buildpack::release::archive() {
+  local tmp_dir
+
+  util::print::title "Packaging buildpack into ${BUILD_DIR}/buildpack-release-artifact.tgz..."
+
+  tmp_dir=$(mktemp -d -p $ROOT_DIR)
+
+  cat <<'README_EOF' > $tmp_dir/README.md
+# Composite buildpack release artifact
+
+This is a buildpack release artifact that contains everything needed to package and publish a composite buildpack. Composite buildpacks are a logic grouping of other buildpacks.
+
+It contains the following files:
+
+* `buildpack.toml` - this is needed because it contains the buildpacks and ordering information for the composite buildpack
+* `package.toml` - this is needed because it contains the dependencies (and URIs) that let pack know where to find the buildpacks referenced in `buildpack.toml`.
+  * `package.toml` can contain targets (platforms) for multi-arch support
+* `build/buildpack.tgz` - this is needed because it contains the actual buildpack referenced in `package.toml`
+
+## package locally
+
+To package this buildpack to local .cnb file(s) run the following.
+
+```
+pack buildpack package mybuildpack.cnb --format file --config package.toml
+```
+
+## package and publish to a registry
+
+To package this buildpack and publish it to a registry run the following.
+
+* Note that as of pack v0.38.2 at least one target is required in package.toml or on the command line when publishing to a registry with `--publish`.
+
+* replace SOME-REGISTRY with your registry (e.g. index.docker.io/yourdockerhubusername)
+* replace SOME-VERSION with the version you want to publish (e.g. 0.0.1)
+
+```
+pack buildpack package SOME-REGISTRY/mybuildpack:SOME-VERSION --format image --config package.toml --publish
+```
+README_EOF
+
+  mkdir -p $tmp_dir/build
+  cp ${BUILD_DIR}/buildpack.tgz $tmp_dir/build
+  cp ${ROOT_DIR}/package.toml $tmp_dir/
+  # add the buildpack.toml from the tgz file because it has the version populated
+  tar -xzf ${BUILD_DIR}/buildpack.tgz -C $tmp_dir/ buildpack.toml
+
+  tar -cvzf ${BUILD_DIR}/buildpack-release-artifact.tgz -C $tmp_dir $(ls $tmp_dir)
+  rm -rf $tmp_dir
+}
+
 function buildpackage::create() {
   local output flags
   output="${1}"
@@ -142,11 +194,14 @@ function buildpackage::create() {
 
   pack \
     buildpack package "${output}" \
-    "${args[@]}"
+    ${args[@]}
+
+  # Use the local architecture to support running locally and in CI, which will be linux/amd64 by default.
+  arch=$(util::tools::arch)
 
-  if [[ -e "${BUILD_DIR}/buildpackage-linux-amd64.cnb" ]]; then
-    echo "Copying linux-amd64 buildpackage to buildpackage.cnb"
-    cp "${BUILD_DIR}/buildpackage-linux-amd64.cnb" "${BUILD_DIR}/buildpackage.cnb"
+  if [[ -e "${BUILD_DIR}/buildpackage-linux-${arch}.cnb" ]]; then
+    echo "Copying linux-${arch} buildpackage to buildpackage.cnb"
+    cp "${BUILD_DIR}/buildpackage-linux-${arch}.cnb" "${BUILD_DIR}/buildpackage.cnb"
   fi
 }