From b62ea995ca4ab55e086fcfc73a6ccd642bb3ce22 Mon Sep 17 00:00:00 2001 From: Daniel Mikusa Date: Mon, 30 Jan 2023 23:26:18 -0500 Subject: [PATCH 1/2] Update `pipeline-descriptor.yml` Update `pipeline-descriptor.yml` to use new tokens, codeowners, and to publish to DockerHub as well as GCR.io --- .github/pipeline-descriptor.yml | 4 ++-- .github/workflows/pb-create-package.yml | 14 +++++++------- .github/workflows/pb-minimal-labels.yml | 4 ++-- .github/workflows/pb-tests.yml | 15 ++++----------- .github/workflows/pb-update-cargo.yml | 6 +++--- .github/workflows/pb-update-pipeline.yml | 8 +++++--- .github/workflows/pb-update-procfile.yml | 6 +++--- .github/workflows/pb-update-rust-dist.yml | 6 +++--- .github/workflows/pb-update-rustup.yml | 6 +++--- .github/workflows/pb-update-syft.yml | 6 +++--- 10 files changed, 35 insertions(+), 40 deletions(-) diff --git a/.github/pipeline-descriptor.yml b/.github/pipeline-descriptor.yml index 35698b5..e08809b 100644 --- a/.github/pipeline-descriptor.yml +++ b/.github/pipeline-descriptor.yml @@ -9,9 +9,9 @@ codeowners: owner: "@paketo-community/rust-maintainers" package: - repository: docker.io/paketocommunity/rust + repositories: ["docker.io/paketobuildpacks/rust","gcr.io/paketo-buildpacks/rust"] register: true - registry_token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} + registry_token: ${ secrets.PAKETO_BOT_GITHUB_TOKEN } docker_credentials: - registry: docker.io diff --git a/.github/workflows/pb-create-package.yml b/.github/workflows/pb-create-package.yml index 6f615ec..b26daae 100644 --- a/.github/workflows/pb-create-package.yml +++ b/.github/workflows/pb-create-package.yml @@ -102,15 +102,15 @@ jobs: MAJOR_VERSION="$(echo "${VERSION}" | awk -F '.' '{print $1 }')" MINOR_VERSION="$(echo "${VERSION}" | awk -F '.' '{print $1 "." $2 }')" - echo "::set-output name=version-major::${MAJOR_VERSION}" - echo "::set-output name=version-minor::${MINOR_VERSION}" + echo "version-major=${MAJOR_VERSION}" >> "$GITHUB_OUTPUT" + echo "version-minor=${MINOR_VERSION}" >> "$GITHUB_OUTPUT" elif [[ ${GITHUB_REF} =~ refs/heads/(.+) ]]; then VERSION=${BASH_REMATCH[1]} else VERSION=$(git rev-parse --short HEAD) fi - echo "::set-output name=version::${VERSION}" + echo "version=${VERSION}" >> "$GITHUB_OUTPUT" echo "Selected ${VERSION} from * ref: ${GITHUB_REF} * sha: ${GITHUB_SHA} @@ -166,7 +166,7 @@ jobs: crane tag "${PACKAGE}:${VERSION}" "${VERSION_MAJOR}" fi crane tag "${PACKAGE}:${VERSION}" latest - echo "::set-output name=digest::$(crane digest "${PACKAGE}:${VERSION}")" + echo "digest=$(crane digest "${PACKAGE}:${VERSION}")" >> "$GITHUB_OUTPUT" # copy to other repositories specified for P in "${PACKAGE_LIST[@]}" @@ -188,7 +188,7 @@ jobs: --format "${FORMAT}" fi env: - PACKAGES: docker.io/paketocommunity/rust + PACKAGES: docker.io/paketobuildpacks/rust gcr.io/paketo-buildpacks/rust PUBLISH: "true" VERSION: ${{ steps.version.outputs.version }} VERSION_MAJOR: ${{ steps.version.outputs.version-major }} @@ -218,7 +218,7 @@ jobs: - if: ${{ true }} uses: docker://ghcr.io/buildpacks/actions/registry/request-add-entry:4.0.1 with: - address: docker.io/paketocommunity/rust@${{ steps.package.outputs.digest }} + address: docker.io/paketobuildpacks/rust@${{ steps.package.outputs.digest }} id: paketo-community/rust - token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} + token: ${ secrets.PAKETO_BOT_GITHUB_TOKEN } version: ${{ steps.version.outputs.version }} diff --git a/.github/workflows/pb-minimal-labels.yml b/.github/workflows/pb-minimal-labels.yml index 8f4aab5..39c568e 100644 --- a/.github/workflows/pb-minimal-labels.yml +++ b/.github/workflows/pb-minimal-labels.yml @@ -12,7 +12,7 @@ jobs: runs-on: - ubuntu-latest steps: - - uses: mheap/github-action-required-labels@v2 + - uses: mheap/github-action-required-labels@v3 with: count: 1 labels: semver:major, semver:minor, semver:patch @@ -22,7 +22,7 @@ jobs: runs-on: - ubuntu-latest steps: - - uses: mheap/github-action-required-labels@v2 + - uses: mheap/github-action-required-labels@v3 with: count: 1 labels: type:bug, type:dependency-upgrade, type:documentation, type:enhancement, type:question, type:task diff --git a/.github/workflows/pb-tests.yml b/.github/workflows/pb-tests.yml index ca677ab..1b0488a 100644 --- a/.github/workflows/pb-tests.yml +++ b/.github/workflows/pb-tests.yml @@ -10,13 +10,6 @@ jobs: runs-on: - ubuntu-latest steps: - - name: Docker login docker.io - if: ${{ (github.event_name != 'pull_request' || ! github.event.pull_request.head.repo.fork) && (github.actor != 'dependabot[bot]') }} - uses: docker/login-action@v2 - with: - password: ${{ secrets.PAKETO_BUILDPACKS_DOCKERHUB_PASSWORD }} - registry: docker.io - username: ${{ secrets.PAKETO_BUILDPACKS_DOCKERHUB_USERNAME }} - uses: actions/setup-go@v3 with: go-version: "1.18" @@ -83,15 +76,15 @@ jobs: MAJOR_VERSION="$(echo "${VERSION}" | awk -F '.' '{print $1 }')" MINOR_VERSION="$(echo "${VERSION}" | awk -F '.' '{print $1 "." $2 }')" - echo "::set-output name=version-major::${MAJOR_VERSION}" - echo "::set-output name=version-minor::${MINOR_VERSION}" + echo "version-major=${MAJOR_VERSION}" >> "$GITHUB_OUTPUT" + echo "version-minor=${MINOR_VERSION}" >> "$GITHUB_OUTPUT" elif [[ ${GITHUB_REF} =~ refs/heads/(.+) ]]; then VERSION=${BASH_REMATCH[1]} else VERSION=$(git rev-parse --short HEAD) fi - echo "::set-output name=version::${VERSION}" + echo "version=${VERSION}" >> "$GITHUB_OUTPUT" echo "Selected ${VERSION} from * ref: ${GITHUB_REF} * sha: ${GITHUB_SHA} @@ -145,7 +138,7 @@ jobs: crane tag "${PACKAGE}:${VERSION}" "${VERSION_MAJOR}" fi crane tag "${PACKAGE}:${VERSION}" latest - echo "::set-output name=digest::$(crane digest "${PACKAGE}:${VERSION}")" + echo "digest=$(crane digest "${PACKAGE}:${VERSION}")" >> "$GITHUB_OUTPUT" # copy to other repositories specified for P in "${PACKAGE_LIST[@]}" diff --git a/.github/workflows/pb-update-cargo.yml b/.github/workflows/pb-update-cargo.yml index ea4c6dc..cfe2336 100644 --- a/.github/workflows/pb-update-cargo.yml +++ b/.github/workflows/pb-update-cargo.yml @@ -113,9 +113,9 @@ jobs: LABEL="semver:patch" fi - echo "::set-output name=old-version::${OLD_VERSION}" - echo "::set-output name=new-version::${NEW_VERSION}" - echo "::set-output name=version-label::${LABEL}" + echo "old-version=${OLD_VERSION}" >> "$GITHUB_OUTPUT" + echo "new-version=${NEW_VERSION}" >> "$GITHUB_OUTPUT" + echo "version-label=${LABEL}" >> "$GITHUB_OUTPUT" env: BP_DEPENDENCY: docker.io/paketo-community/cargo DEPENDENCY: docker.io/paketocommunity/cargo diff --git a/.github/workflows/pb-update-pipeline.yml b/.github/workflows/pb-update-pipeline.yml index 29b9337..82c0fdd 100644 --- a/.github/workflows/pb-update-pipeline.yml +++ b/.github/workflows/pb-update-pipeline.yml @@ -57,9 +57,11 @@ jobs: git add .github/ git checkout -- . - echo "::set-output name=old-version::${OLD_VERSION}" - echo "::set-output name=new-version::${NEW_VERSION}" - echo "::set-output name=release-notes::${RELEASE_NOTES//$'\n'/%0A}" + echo "old-version=${OLD_VERSION}" >> "$GITHUB_OUTPUT" + echo "new-version=${NEW_VERSION}" >> "$GITHUB_OUTPUT" + + DELIMITER=$(openssl rand -hex 16) # roughly the same entropy as uuid v4 used in https://github.com/actions/toolkit/blob/b36e70495fbee083eb20f600eafa9091d832577d/packages/core/src/file-command.ts#L28 + printf "release-notes<<%s\n%s\n%s\n" "${DELIMITER}" "${RELEASE_NOTES}" "${DELIMITER}" >> "${GITHUB_OUTPUT}" # see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings env: DESCRIPTOR: .github/pipeline-descriptor.yml GITHUB_TOKEN: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} diff --git a/.github/workflows/pb-update-procfile.yml b/.github/workflows/pb-update-procfile.yml index 7b03cd5..d8b21fd 100644 --- a/.github/workflows/pb-update-procfile.yml +++ b/.github/workflows/pb-update-procfile.yml @@ -113,9 +113,9 @@ jobs: LABEL="semver:patch" fi - echo "::set-output name=old-version::${OLD_VERSION}" - echo "::set-output name=new-version::${NEW_VERSION}" - echo "::set-output name=version-label::${LABEL}" + echo "old-version=${OLD_VERSION}" >> "$GITHUB_OUTPUT" + echo "new-version=${NEW_VERSION}" >> "$GITHUB_OUTPUT" + echo "version-label=${LABEL}" >> "$GITHUB_OUTPUT" env: DEPENDENCY: gcr.io/paketo-buildpacks/procfile - uses: peter-evans/create-pull-request@v4 diff --git a/.github/workflows/pb-update-rust-dist.yml b/.github/workflows/pb-update-rust-dist.yml index 6fe41fb..719880a 100644 --- a/.github/workflows/pb-update-rust-dist.yml +++ b/.github/workflows/pb-update-rust-dist.yml @@ -113,9 +113,9 @@ jobs: LABEL="semver:patch" fi - echo "::set-output name=old-version::${OLD_VERSION}" - echo "::set-output name=new-version::${NEW_VERSION}" - echo "::set-output name=version-label::${LABEL}" + echo "old-version=${OLD_VERSION}" >> "$GITHUB_OUTPUT" + echo "new-version=${NEW_VERSION}" >> "$GITHUB_OUTPUT" + echo "version-label=${LABEL}" >> "$GITHUB_OUTPUT" env: BP_DEPENDENCY: docker.io/paketo-community/rust-dist DEPENDENCY: docker.io/paketocommunity/rust-dist diff --git a/.github/workflows/pb-update-rustup.yml b/.github/workflows/pb-update-rustup.yml index c339a7e..bd50bf7 100644 --- a/.github/workflows/pb-update-rustup.yml +++ b/.github/workflows/pb-update-rustup.yml @@ -113,9 +113,9 @@ jobs: LABEL="semver:patch" fi - echo "::set-output name=old-version::${OLD_VERSION}" - echo "::set-output name=new-version::${NEW_VERSION}" - echo "::set-output name=version-label::${LABEL}" + echo "old-version=${OLD_VERSION}" >> "$GITHUB_OUTPUT" + echo "new-version=${NEW_VERSION}" >> "$GITHUB_OUTPUT" + echo "version-label=${LABEL}" >> "$GITHUB_OUTPUT" env: BP_DEPENDENCY: docker.io/paketo-community/rustup DEPENDENCY: docker.io/paketocommunity/rustup diff --git a/.github/workflows/pb-update-syft.yml b/.github/workflows/pb-update-syft.yml index edccce4..efbe58c 100644 --- a/.github/workflows/pb-update-syft.yml +++ b/.github/workflows/pb-update-syft.yml @@ -113,9 +113,9 @@ jobs: LABEL="semver:patch" fi - echo "::set-output name=old-version::${OLD_VERSION}" - echo "::set-output name=new-version::${NEW_VERSION}" - echo "::set-output name=version-label::${LABEL}" + echo "old-version=${OLD_VERSION}" >> "$GITHUB_OUTPUT" + echo "new-version=${NEW_VERSION}" >> "$GITHUB_OUTPUT" + echo "version-label=${LABEL}" >> "$GITHUB_OUTPUT" env: DEPENDENCY: gcr.io/paketo-buildpacks/syft - uses: peter-evans/create-pull-request@v4 From d3f9ad889836ad4059f4287566981294529b2ade Mon Sep 17 00:00:00 2001 From: Daniel Mikusa Date: Tue, 31 Jan 2023 08:43:03 -0500 Subject: [PATCH 2/2] Update .github/pipeline-descriptor.yml --- .github/pipeline-descriptor.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/pipeline-descriptor.yml b/.github/pipeline-descriptor.yml index e08809b..deead1e 100644 --- a/.github/pipeline-descriptor.yml +++ b/.github/pipeline-descriptor.yml @@ -14,6 +14,9 @@ package: registry_token: ${ secrets.PAKETO_BOT_GITHUB_TOKEN } docker_credentials: +- registry: gcr.io + username: _json_key + password: ${{ secrets.GCR_PUSH_BOT_JSON_KEY }} - registry: docker.io username: ${{ secrets.PAKETO_BUILDPACKS_DOCKERHUB_USERNAME }} password: ${{ secrets.PAKETO_BUILDPACKS_DOCKERHUB_PASSWORD }}