From 384565a41ab0ad082bbb717909834f9ee085f9af Mon Sep 17 00:00:00 2001 From: Ivan Panteleev Date: Tue, 29 Oct 2024 15:29:48 +0300 Subject: [PATCH 01/20] Peform single push on upload in case of multiple releases (#314) * Move worktree creation out of loop and add single push on upload action Signed-off-by: Ivan Panteleev Signed-off-by: amalgamm * Fix lint Signed-off-by: amalgamm --------- Signed-off-by: Ivan Panteleev Signed-off-by: amalgamm Signed-off-by: Manish Gupta --- pkg/releaser/releaser.go | 21 +++++++++++---------- pkg/releaser/releaser_test.go | 4 ++++ 2 files changed, 15 insertions(+), 10 deletions(-) diff --git a/pkg/releaser/releaser.go b/pkg/releaser/releaser.go index 439ae818..d7676599 100644 --- a/pkg/releaser/releaser.go +++ b/pkg/releaser/releaser.go @@ -289,6 +289,12 @@ func (r *Releaser) addToIndexFile(indexFile *repo.IndexFile, url string) error { // CreateReleases finds and uploads Helm chart packages to GitHub func (r *Releaser) CreateReleases() error { + worktree, err := r.git.AddWorktree("", r.config.Remote+"/"+r.config.PagesBranch) + if err != nil { + return err + } + defer r.git.RemoveWorktree("", worktree) // nolint: errcheck + packages, err := r.getListOfPackages(r.config.PackagePath) if err != nil { return err @@ -334,12 +340,6 @@ func (r *Releaser) CreateReleases() error { } if r.config.PackagesWithIndex { - worktree, err := r.git.AddWorktree("", r.config.Remote+"/"+r.config.PagesBranch) - if err != nil { - return err - } - defer r.git.RemoveWorktree("", worktree) //nolint: errcheck - pkgTargetPath := filepath.Join(worktree, filepath.Base(p)) if err := copyFile(p, pkgTargetPath); err != nil { return err @@ -352,10 +352,11 @@ func (r *Releaser) CreateReleases() error { if err := r.git.Commit(worktree, fmt.Sprintf("Publishing chart package for %s", releaseName)); err != nil { return err } - - if err := r.pushToPagesBranch(worktree); err != nil { - return err - } + } + } + if r.config.Push { + if err := r.pushToPagesBranch(worktree); err != nil { + return err } } diff --git a/pkg/releaser/releaser_test.go b/pkg/releaser/releaser_test.go index 55c7841f..bbb7571a 100644 --- a/pkg/releaser/releaser_test.go +++ b/pkg/releaser/releaser_test.go @@ -510,13 +510,17 @@ func TestReleaser_ReleaseNotes(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { fakeGitHub := new(FakeGitHub) + fakeGit := new(FakeGit) r := &Releaser{ config: &config.Options{ PackagePath: "testdata/release-packages", ReleaseNotesFile: tt.releaseNotesFile, }, github: fakeGitHub, + git: fakeGit, } + fakeGit.On("AddWorktree", mock.Anything, mock.Anything).Return("/tmp/chart-releaser-012345678", nil) + fakeGit.On("RemoveWorktree", mock.Anything, mock.Anything).Return(nil) fakeGitHub.On("CreateRelease", mock.Anything, mock.Anything).Return(nil) err := r.CreateReleases() assert.NoError(t, err) From 24bca4da632018797685b6add31b82550d05a872 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 4 Nov 2024 09:35:57 +0000 Subject: [PATCH 02/20] Bump anchore/sbom-action from 0.17.5 to 0.17.6 in the actions group (#463) Bumps the actions group with 1 update: [anchore/sbom-action](https://github.com/anchore/sbom-action). Updates `anchore/sbom-action` from 0.17.5 to 0.17.6 - [Release notes](https://github.com/anchore/sbom-action/releases) - [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md) - [Commits](https://github.com/anchore/sbom-action/compare/1ca97d9028b51809cf6d3c934c3e160716e1b605...251a468eed47e5082b105c3ba6ee500c0e65a764) --- updated-dependencies: - dependency-name: anchore/sbom-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Manish Gupta --- .github/workflows/ci.yaml | 2 +- .github/workflows/release.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index dd8549b4..2d75f6c6 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -34,7 +34,7 @@ jobs: uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0 - name: Install syft - uses: anchore/sbom-action/download-syft@1ca97d9028b51809cf6d3c934c3e160716e1b605 # v0.17.5 + uses: anchore/sbom-action/download-syft@251a468eed47e5082b105c3ba6ee500c0e65a764 # v0.17.6 - uses: chainguard-dev/actions/goimports@main diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index aeb0bad6..c086d12e 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -41,7 +41,7 @@ jobs: uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0 - name: Install syft - uses: anchore/sbom-action/download-syft@1ca97d9028b51809cf6d3c934c3e160716e1b605 # v0.17.5 + uses: anchore/sbom-action/download-syft@251a468eed47e5082b105c3ba6ee500c0e65a764 # v0.17.6 - name: Cache uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 From 8678158fd88fbf6ba6ddcb1af01923ba2ef417ae Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 11 Nov 2024 17:39:03 +0100 Subject: [PATCH 03/20] Bump the actions group with 2 updates (#465) Signed-off-by: Manish Gupta --- .github/workflows/ci.yaml | 4 ++-- .github/workflows/release.yaml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 2d75f6c6..af5bb457 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -26,7 +26,7 @@ jobs: uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 - name: Install GoReleaser - uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200 # v6.0.0 + uses: goreleaser/goreleaser-action@9ed2f89a662bf1735a48bc8557fd212fa902bebf # v6.1.0 with: install-only: true @@ -34,7 +34,7 @@ jobs: uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0 - name: Install syft - uses: anchore/sbom-action/download-syft@251a468eed47e5082b105c3ba6ee500c0e65a764 # v0.17.6 + uses: anchore/sbom-action/download-syft@fc46e51fd3cb168ffb36c6d1915723c47db58abb # v0.17.7 - uses: chainguard-dev/actions/goimports@main diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index c086d12e..3f462d30 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -33,7 +33,7 @@ jobs: uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 - name: Install GoReleaser - uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200 # v6.0.0 + uses: goreleaser/goreleaser-action@9ed2f89a662bf1735a48bc8557fd212fa902bebf # v6.1.0 with: install-only: true @@ -41,7 +41,7 @@ jobs: uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0 - name: Install syft - uses: anchore/sbom-action/download-syft@251a468eed47e5082b105c3ba6ee500c0e65a764 # v0.17.6 + uses: anchore/sbom-action/download-syft@fc46e51fd3cb168ffb36c6d1915723c47db58abb # v0.17.7 - name: Cache uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 From 5e592b67ae5e86399302dbd93a592a6bc413b3b6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 11 Nov 2024 17:40:24 +0100 Subject: [PATCH 04/20] Bump golang.org/x/oauth2 from 0.23.0 to 0.24.0 (#464) Signed-off-by: Manish Gupta --- README.md | 1 + cr/cmd/upload.go | 1 + doc/cr_upload.md | 1 + go.mod | 2 +- go.sum | 4 ++-- pkg/config/config.go | 1 + pkg/github/github.go | 2 ++ pkg/releaser/releaser.go | 4 ++-- pkg/releaser/releaser_test.go | 7 +++++++ 9 files changed, 18 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 4c0d0249..779fb752 100644 --- a/README.md +++ b/README.md @@ -107,6 +107,7 @@ Flags: -t, --token string GitHub Auth Token --make-release-latest bool Mark the created GitHub release as 'latest' (default "true") --packages-with-index Host the package files in the GitHub Pages branch + --prerelease Mark this release as 'Pre-release' (default: false) Global Flags: --config string Config file (default is $HOME/.cr.yaml) diff --git a/cr/cmd/upload.go b/cr/cmd/upload.go index 032f8a5c..cd436657 100644 --- a/cr/cmd/upload.go +++ b/cr/cmd/upload.go @@ -62,4 +62,5 @@ func init() { uploadCmd.Flags().Bool("push", false, "Push the chart package to the GitHub Pages branch (must not be set if --pr is set)") uploadCmd.Flags().Bool("pr", false, "Create a pull request for the chart package against the GitHub Pages branch (must not be set if --push is set)") uploadCmd.Flags().Bool("packages-with-index", false, "Host the package files in the GitHub Pages branch") + uploadCmd.Flags().Bool("prerelease", false, "Mark this as 'Pre-release' (default: false)") } diff --git a/doc/cr_upload.md b/doc/cr_upload.md index a6bf1ec6..59b709a9 100644 --- a/doc/cr_upload.md +++ b/doc/cr_upload.md @@ -25,6 +25,7 @@ cr upload [flags] --packages-with-index Host the package files in the GitHub Pages branch --pages-branch string The GitHub pages branch (default "gh-pages") --pr Create a pull request for the chart package against the GitHub Pages branch (must not be set if --push is set) + --prerelease Mark this as 'Pre-release' (default: false) --push Push the chart package to the GitHub Pages branch (must not be set if --pr is set) --release-name-template string Go template for computing release names, using chart metadata (default "{{ .Name }}-{{ .Version }}") --release-notes-file string Markdown file with chart release notes. If it is set to empty string, or the file is not found, the chart description will be used instead. The file is read from the chart package diff --git a/go.mod b/go.mod index 842ced8f..04c2915e 100644 --- a/go.mod +++ b/go.mod @@ -15,7 +15,7 @@ require ( github.com/spf13/pflag v1.0.5 github.com/spf13/viper v1.19.0 github.com/stretchr/testify v1.9.0 - golang.org/x/oauth2 v0.23.0 + golang.org/x/oauth2 v0.24.0 helm.sh/helm/v3 v3.16.2 ) diff --git a/go.sum b/go.sum index fd57e47d..1a65c2da 100644 --- a/go.sum +++ b/go.sum @@ -421,8 +421,8 @@ golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLL golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.26.0 h1:soB7SVo0PWrY4vPW/+ay0jKDNScG2X9wFeYlXIvJsOQ= golang.org/x/net v0.26.0/go.mod h1:5YKkiSynbBIh3p6iOc/vibscux0x38BZDkn8sCUPxHE= -golang.org/x/oauth2 v0.23.0 h1:PbgcYx2W7i4LvjJWEbf0ngHV6qJYr86PkAV3bXdLEbs= -golang.org/x/oauth2 v0.23.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= +golang.org/x/oauth2 v0.24.0 h1:KTBBxWqUa0ykRPLtV69rRto9TLXcqYkeswu48x/gvNE= +golang.org/x/oauth2 v0.24.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= diff --git a/pkg/config/config.go b/pkg/config/config.go index a0d309ca..310dc11c 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -62,6 +62,7 @@ type Options struct { GenerateReleaseNotes bool `mapstructure:"generate-release-notes"` MakeReleaseLatest bool `mapstructure:"make-release-latest"` PackagesWithIndex bool `mapstructure:"packages-with-index"` + Prerelease bool `mapstructure:"prerelease"` } func LoadConfiguration(cfgFile string, cmd *cobra.Command, requiredFlags []string) (*Options, error) { diff --git a/pkg/github/github.go b/pkg/github/github.go index 4143c50d..80217f63 100644 --- a/pkg/github/github.go +++ b/pkg/github/github.go @@ -36,6 +36,7 @@ type Release struct { Commit string GenerateReleaseNotes bool MakeLatest string + Prerelease bool } type Asset struct { @@ -111,6 +112,7 @@ func (c *Client) CreateRelease(_ context.Context, input *Release) error { TargetCommitish: &input.Commit, GenerateReleaseNotes: &input.GenerateReleaseNotes, MakeLatest: &input.MakeLatest, + Prerelease: &input.Prerelease, } release, _, err := c.Repositories.CreateRelease(context.TODO(), c.owner, c.repo, req) diff --git a/pkg/releaser/releaser.go b/pkg/releaser/releaser.go index d7676599..8f89cf50 100644 --- a/pkg/releaser/releaser.go +++ b/pkg/releaser/releaser.go @@ -108,9 +108,8 @@ func (r *Releaser) UpdateIndexFile() (bool, error) { // if pages-index-path doesn't end with index.yaml we can try and fix it if filepath.Base(r.config.PagesIndexPath) != "index.yaml" { // if path is a directory then add index.yaml - if stat, err := os.Stat(filepath.Join(worktree, r.config.PagesIndexPath)); err == nil && stat.IsDir() { + if err := os.MkdirAll(filepath.Join(worktree, r.config.PagesIndexPath), 0755); err == nil { r.config.PagesIndexPath = filepath.Join(r.config.PagesIndexPath, "index.yaml") - // otherwise error out } else { fmt.Printf("pages-index-path (%s) should be a directory or a file called index.yaml\n", r.config.PagesIndexPath) os.Exit(1) // nolint: gocritic @@ -323,6 +322,7 @@ func (r *Releaser) CreateReleases() error { Commit: r.config.Commit, GenerateReleaseNotes: r.config.GenerateReleaseNotes, MakeLatest: strconv.FormatBool(r.config.MakeReleaseLatest), + Prerelease: r.config.Prerelease, } provFile := fmt.Sprintf("%s.prov", p) if _, err := os.Stat(provFile); err == nil { diff --git a/pkg/releaser/releaser_test.go b/pkg/releaser/releaser_test.go index bbb7571a..52e747cc 100644 --- a/pkg/releaser/releaser_test.go +++ b/pkg/releaser/releaser_test.go @@ -106,6 +106,7 @@ func (f *FakeGitHub) GetRelease(ctx context.Context, tag string) (*github.Releas URL: "https://myrepo/charts/third-party-file-0.1.0.txt", }, }, + Prerelease: false, } return release, nil } @@ -362,6 +363,7 @@ func TestReleaser_CreateReleases(t *testing.T) { version string commit string latest string + prerelease bool Releaser *Releaser error bool }{ @@ -378,6 +380,7 @@ func TestReleaser_CreateReleases(t *testing.T) { Commit: "", PackagesWithIndex: false, MakeReleaseLatest: true, + Prerelease: false, }, }, error: true, @@ -395,6 +398,7 @@ func TestReleaser_CreateReleases(t *testing.T) { Commit: "", PackagesWithIndex: false, MakeReleaseLatest: true, + Prerelease: false, }, }, error: false, @@ -412,6 +416,7 @@ func TestReleaser_CreateReleases(t *testing.T) { Commit: "5e239bd19fbefb9eb0181ecf0c7ef73b8fe2753c", PackagesWithIndex: false, MakeReleaseLatest: true, + Prerelease: false, }, }, error: false, @@ -430,6 +435,7 @@ func TestReleaser_CreateReleases(t *testing.T) { PackagesWithIndex: true, Push: true, MakeReleaseLatest: true, + Prerelease: false, }, }, error: false, @@ -466,6 +472,7 @@ func TestReleaser_CreateReleases(t *testing.T) { assert.Equal(t, assetPath, fakeGitHub.release.Assets[0].Path) assert.Equal(t, tt.commit, fakeGitHub.release.Commit) assert.Equal(t, tt.latest, fakeGitHub.release.MakeLatest) + assert.Equal(t, tt.prerelease, fakeGitHub.release.Prerelease) assert.Equal(t, tt.Releaser.config.Commit, fakeGitHub.release.Commit) fakeGitHub.AssertNumberOfCalls(t, "CreateRelease", 1) } From 0310c9004a4ad81dfbb06567d81c4a4ae1c9eb37 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 4 Nov 2024 09:35:57 +0000 Subject: [PATCH 05/20] Bump anchore/sbom-action from 0.17.5 to 0.17.6 in the actions group (#463) Bumps the actions group with 1 update: [anchore/sbom-action](https://github.com/anchore/sbom-action). Updates `anchore/sbom-action` from 0.17.5 to 0.17.6 - [Release notes](https://github.com/anchore/sbom-action/releases) - [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md) - [Commits](https://github.com/anchore/sbom-action/compare/1ca97d9028b51809cf6d3c934c3e160716e1b605...251a468eed47e5082b105c3ba6ee500c0e65a764) --- updated-dependencies: - dependency-name: anchore/sbom-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Manish Gupta --- .github/workflows/ci.yaml | 2 +- .github/workflows/release.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index af5bb457..76b19c42 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -34,7 +34,7 @@ jobs: uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0 - name: Install syft - uses: anchore/sbom-action/download-syft@fc46e51fd3cb168ffb36c6d1915723c47db58abb # v0.17.7 + uses: anchore/sbom-action/download-syft@251a468eed47e5082b105c3ba6ee500c0e65a764 # v0.17.6 - uses: chainguard-dev/actions/goimports@main diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 3f462d30..ce22c53f 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -41,7 +41,7 @@ jobs: uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0 - name: Install syft - uses: anchore/sbom-action/download-syft@fc46e51fd3cb168ffb36c6d1915723c47db58abb # v0.17.7 + uses: anchore/sbom-action/download-syft@251a468eed47e5082b105c3ba6ee500c0e65a764 # v0.17.6 - name: Cache uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 From 22e17d9f9acddc196fa9883e885aa789e124b200 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 11 Nov 2024 17:39:03 +0100 Subject: [PATCH 06/20] Bump the actions group with 2 updates (#465) Signed-off-by: Manish Gupta --- .github/workflows/ci.yaml | 2 +- .github/workflows/release.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 76b19c42..af5bb457 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -34,7 +34,7 @@ jobs: uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0 - name: Install syft - uses: anchore/sbom-action/download-syft@251a468eed47e5082b105c3ba6ee500c0e65a764 # v0.17.6 + uses: anchore/sbom-action/download-syft@fc46e51fd3cb168ffb36c6d1915723c47db58abb # v0.17.7 - uses: chainguard-dev/actions/goimports@main diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index ce22c53f..3f462d30 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -41,7 +41,7 @@ jobs: uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0 - name: Install syft - uses: anchore/sbom-action/download-syft@251a468eed47e5082b105c3ba6ee500c0e65a764 # v0.17.6 + uses: anchore/sbom-action/download-syft@fc46e51fd3cb168ffb36c6d1915723c47db58abb # v0.17.7 - name: Cache uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 From e86843ba4055b22ddf6119232cadaaa4dc922244 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 25 Nov 2024 10:33:35 +0000 Subject: [PATCH 07/20] Bump anchore/sbom-action from 0.17.7 to 0.17.8 in the actions group (#469) Bumps the actions group with 1 update: [anchore/sbom-action](https://github.com/anchore/sbom-action). Updates `anchore/sbom-action` from 0.17.7 to 0.17.8 - [Release notes](https://github.com/anchore/sbom-action/releases) - [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md) - [Commits](https://github.com/anchore/sbom-action/compare/fc46e51fd3cb168ffb36c6d1915723c47db58abb...55dc4ee22412511ee8c3142cbea40418e6cec693) --- updated-dependencies: - dependency-name: anchore/sbom-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Manish Gupta --- .github/workflows/ci.yaml | 2 +- .github/workflows/release.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index af5bb457..3e629243 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -34,7 +34,7 @@ jobs: uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0 - name: Install syft - uses: anchore/sbom-action/download-syft@fc46e51fd3cb168ffb36c6d1915723c47db58abb # v0.17.7 + uses: anchore/sbom-action/download-syft@55dc4ee22412511ee8c3142cbea40418e6cec693 # v0.17.8 - uses: chainguard-dev/actions/goimports@main diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 3f462d30..957e8443 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -41,7 +41,7 @@ jobs: uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0 - name: Install syft - uses: anchore/sbom-action/download-syft@fc46e51fd3cb168ffb36c6d1915723c47db58abb # v0.17.7 + uses: anchore/sbom-action/download-syft@55dc4ee22412511ee8c3142cbea40418e6cec693 # v0.17.8 - name: Cache uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 From 08e617a8c17c30d0d72aa7c7b3d0ac88a61ee893 Mon Sep 17 00:00:00 2001 From: Manish Gupta <59428681+mguptahub@users.noreply.github.com> Date: Fri, 27 Dec 2024 10:44:47 +0530 Subject: [PATCH 08/20] Update cr/cmd/upload.go Co-authored-by: Carlos Tadeu Panato Junior Signed-off-by: Manish Gupta <59428681+mguptahub@users.noreply.github.com> Signed-off-by: Manish Gupta --- cr/cmd/upload.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cr/cmd/upload.go b/cr/cmd/upload.go index cd436657..4bed6bee 100644 --- a/cr/cmd/upload.go +++ b/cr/cmd/upload.go @@ -62,5 +62,5 @@ func init() { uploadCmd.Flags().Bool("push", false, "Push the chart package to the GitHub Pages branch (must not be set if --pr is set)") uploadCmd.Flags().Bool("pr", false, "Create a pull request for the chart package against the GitHub Pages branch (must not be set if --push is set)") uploadCmd.Flags().Bool("packages-with-index", false, "Host the package files in the GitHub Pages branch") - uploadCmd.Flags().Bool("prerelease", false, "Mark this as 'Pre-release' (default: false)") + uploadCmd.Flags().Bool("pre-release", false, "Mark this as 'Pre-release' (default: false)") } From d0c2c38f8601752f555bca50e9f9579c2121a3f7 Mon Sep 17 00:00:00 2001 From: Manish Gupta <59428681+mguptahub@users.noreply.github.com> Date: Fri, 27 Dec 2024 10:45:03 +0530 Subject: [PATCH 09/20] Update pkg/config/config.go Co-authored-by: Carlos Tadeu Panato Junior Signed-off-by: Manish Gupta <59428681+mguptahub@users.noreply.github.com> Signed-off-by: Manish Gupta --- pkg/config/config.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/config/config.go b/pkg/config/config.go index 310dc11c..da508f29 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -62,7 +62,7 @@ type Options struct { GenerateReleaseNotes bool `mapstructure:"generate-release-notes"` MakeReleaseLatest bool `mapstructure:"make-release-latest"` PackagesWithIndex bool `mapstructure:"packages-with-index"` - Prerelease bool `mapstructure:"prerelease"` + PreRelease bool `mapstructure:"pre-release"` } func LoadConfiguration(cfgFile string, cmd *cobra.Command, requiredFlags []string) (*Options, error) { From a28740fe7e893499b9e8cba7e9f111cc7c5fc6eb Mon Sep 17 00:00:00 2001 From: Manish Gupta <59428681+mguptahub@users.noreply.github.com> Date: Fri, 27 Dec 2024 07:26:57 +0000 Subject: [PATCH 10/20] fixes Signed-off-by: Manish Gupta --- README.md | 2 +- doc/cr_upload.md | 2 +- pkg/releaser/releaser.go | 2 +- pkg/releaser/releaser_test.go | 8 ++++---- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 779fb752..b03d5707 100644 --- a/README.md +++ b/README.md @@ -107,7 +107,7 @@ Flags: -t, --token string GitHub Auth Token --make-release-latest bool Mark the created GitHub release as 'latest' (default "true") --packages-with-index Host the package files in the GitHub Pages branch - --prerelease Mark this release as 'Pre-release' (default: false) + --pre-release Mark this release as 'Pre-release' (default: false) Global Flags: --config string Config file (default is $HOME/.cr.yaml) diff --git a/doc/cr_upload.md b/doc/cr_upload.md index 59b709a9..335d4d72 100644 --- a/doc/cr_upload.md +++ b/doc/cr_upload.md @@ -25,7 +25,7 @@ cr upload [flags] --packages-with-index Host the package files in the GitHub Pages branch --pages-branch string The GitHub pages branch (default "gh-pages") --pr Create a pull request for the chart package against the GitHub Pages branch (must not be set if --push is set) - --prerelease Mark this as 'Pre-release' (default: false) + --pre-release Mark this as 'Pre-release' (default: false) --push Push the chart package to the GitHub Pages branch (must not be set if --pr is set) --release-name-template string Go template for computing release names, using chart metadata (default "{{ .Name }}-{{ .Version }}") --release-notes-file string Markdown file with chart release notes. If it is set to empty string, or the file is not found, the chart description will be used instead. The file is read from the chart package diff --git a/pkg/releaser/releaser.go b/pkg/releaser/releaser.go index 8f89cf50..306a9dc2 100644 --- a/pkg/releaser/releaser.go +++ b/pkg/releaser/releaser.go @@ -322,7 +322,7 @@ func (r *Releaser) CreateReleases() error { Commit: r.config.Commit, GenerateReleaseNotes: r.config.GenerateReleaseNotes, MakeLatest: strconv.FormatBool(r.config.MakeReleaseLatest), - Prerelease: r.config.Prerelease, + Prerelease: r.config.PreRelease, } provFile := fmt.Sprintf("%s.prov", p) if _, err := os.Stat(provFile); err == nil { diff --git a/pkg/releaser/releaser_test.go b/pkg/releaser/releaser_test.go index 52e747cc..e91c2606 100644 --- a/pkg/releaser/releaser_test.go +++ b/pkg/releaser/releaser_test.go @@ -380,7 +380,7 @@ func TestReleaser_CreateReleases(t *testing.T) { Commit: "", PackagesWithIndex: false, MakeReleaseLatest: true, - Prerelease: false, + PreRelease: false, }, }, error: true, @@ -398,7 +398,7 @@ func TestReleaser_CreateReleases(t *testing.T) { Commit: "", PackagesWithIndex: false, MakeReleaseLatest: true, - Prerelease: false, + PreRelease: false, }, }, error: false, @@ -416,7 +416,7 @@ func TestReleaser_CreateReleases(t *testing.T) { Commit: "5e239bd19fbefb9eb0181ecf0c7ef73b8fe2753c", PackagesWithIndex: false, MakeReleaseLatest: true, - Prerelease: false, + PreRelease: false, }, }, error: false, @@ -435,7 +435,7 @@ func TestReleaser_CreateReleases(t *testing.T) { PackagesWithIndex: true, Push: true, MakeReleaseLatest: true, - Prerelease: false, + PreRelease: false, }, }, error: false, From 30d36c1e27f2a4d590cb8ccf4c6672e8d0c0edc8 Mon Sep 17 00:00:00 2001 From: Manish Gupta Date: Fri, 27 Dec 2024 13:10:14 +0530 Subject: [PATCH 11/20] added pre-release true testcase Signed-off-by: Manish Gupta --- pkg/releaser/releaser_test.go | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/pkg/releaser/releaser_test.go b/pkg/releaser/releaser_test.go index e91c2606..79f1334a 100644 --- a/pkg/releaser/releaser_test.go +++ b/pkg/releaser/releaser_test.go @@ -374,6 +374,7 @@ func TestReleaser_CreateReleases(t *testing.T) { version: "0.1.0", commit: "", latest: "true", + prerelease: false, Releaser: &Releaser{ config: &config.Options{ PackagePath: "testdata/does-not-exist", @@ -403,6 +404,25 @@ func TestReleaser_CreateReleases(t *testing.T) { }, error: false, }, + { + name: "valid-package-path", + packagePath: "testdata/release-packages", + chart: "test-chart", + version: "0.1.0", + commit: "", + latest: "false", + prerelease: true, + Releaser: &Releaser{ + config: &config.Options{ + PackagePath: "testdata/release-packages", + Commit: "", + PackagesWithIndex: false, + MakeReleaseLatest: false, + PreRelease: true, + }, + }, + error: false, + }, { name: "valid-package-path-with-commit", packagePath: "testdata/release-packages", From 386a367ad9ab17bf2a4f80a5b6a80800037ceb46 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 4 Nov 2024 09:35:57 +0000 Subject: [PATCH 12/20] Bump anchore/sbom-action from 0.17.5 to 0.17.6 in the actions group (#463) Bumps the actions group with 1 update: [anchore/sbom-action](https://github.com/anchore/sbom-action). Updates `anchore/sbom-action` from 0.17.5 to 0.17.6 - [Release notes](https://github.com/anchore/sbom-action/releases) - [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md) - [Commits](https://github.com/anchore/sbom-action/compare/1ca97d9028b51809cf6d3c934c3e160716e1b605...251a468eed47e5082b105c3ba6ee500c0e65a764) --- updated-dependencies: - dependency-name: anchore/sbom-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/ci.yaml | 2 +- .github/workflows/release.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 3e629243..76b19c42 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -34,7 +34,7 @@ jobs: uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0 - name: Install syft - uses: anchore/sbom-action/download-syft@55dc4ee22412511ee8c3142cbea40418e6cec693 # v0.17.8 + uses: anchore/sbom-action/download-syft@251a468eed47e5082b105c3ba6ee500c0e65a764 # v0.17.6 - uses: chainguard-dev/actions/goimports@main diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 957e8443..ce22c53f 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -41,7 +41,7 @@ jobs: uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0 - name: Install syft - uses: anchore/sbom-action/download-syft@55dc4ee22412511ee8c3142cbea40418e6cec693 # v0.17.8 + uses: anchore/sbom-action/download-syft@251a468eed47e5082b105c3ba6ee500c0e65a764 # v0.17.6 - name: Cache uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 From f410ee935a5813abb646c1885600f197591a141b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 11 Nov 2024 17:39:03 +0100 Subject: [PATCH 13/20] Bump the actions group with 2 updates (#465) Signed-off-by: Manish Gupta --- .github/workflows/ci.yaml | 2 +- .github/workflows/release.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 76b19c42..af5bb457 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -34,7 +34,7 @@ jobs: uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0 - name: Install syft - uses: anchore/sbom-action/download-syft@251a468eed47e5082b105c3ba6ee500c0e65a764 # v0.17.6 + uses: anchore/sbom-action/download-syft@fc46e51fd3cb168ffb36c6d1915723c47db58abb # v0.17.7 - uses: chainguard-dev/actions/goimports@main diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index ce22c53f..3f462d30 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -41,7 +41,7 @@ jobs: uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0 - name: Install syft - uses: anchore/sbom-action/download-syft@251a468eed47e5082b105c3ba6ee500c0e65a764 # v0.17.6 + uses: anchore/sbom-action/download-syft@fc46e51fd3cb168ffb36c6d1915723c47db58abb # v0.17.7 - name: Cache uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 From afd9ccde1fc97b58a037c748ace35bf9385b9020 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 25 Nov 2024 10:33:35 +0000 Subject: [PATCH 14/20] Bump anchore/sbom-action from 0.17.7 to 0.17.8 in the actions group (#469) Bumps the actions group with 1 update: [anchore/sbom-action](https://github.com/anchore/sbom-action). Updates `anchore/sbom-action` from 0.17.7 to 0.17.8 - [Release notes](https://github.com/anchore/sbom-action/releases) - [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md) - [Commits](https://github.com/anchore/sbom-action/compare/fc46e51fd3cb168ffb36c6d1915723c47db58abb...55dc4ee22412511ee8c3142cbea40418e6cec693) --- updated-dependencies: - dependency-name: anchore/sbom-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Manish Gupta --- .github/workflows/ci.yaml | 2 +- .github/workflows/release.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index af5bb457..3e629243 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -34,7 +34,7 @@ jobs: uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0 - name: Install syft - uses: anchore/sbom-action/download-syft@fc46e51fd3cb168ffb36c6d1915723c47db58abb # v0.17.7 + uses: anchore/sbom-action/download-syft@55dc4ee22412511ee8c3142cbea40418e6cec693 # v0.17.8 - uses: chainguard-dev/actions/goimports@main diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 3f462d30..957e8443 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -41,7 +41,7 @@ jobs: uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0 - name: Install syft - uses: anchore/sbom-action/download-syft@fc46e51fd3cb168ffb36c6d1915723c47db58abb # v0.17.7 + uses: anchore/sbom-action/download-syft@55dc4ee22412511ee8c3142cbea40418e6cec693 # v0.17.8 - name: Cache uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 From 675be6ed234dabf1900bef5f3389c3b3c6f84339 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Dec 2024 14:20:26 +0100 Subject: [PATCH 15/20] Bump actions/cache from 4.1.2 to 4.2.0 in the actions group (#470) Signed-off-by: Manish Gupta --- .github/workflows/release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 957e8443..3e5431f4 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -44,7 +44,7 @@ jobs: uses: anchore/sbom-action/download-syft@55dc4ee22412511ee8c3142cbea40418e6cec693 # v0.17.8 - name: Cache - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 + uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0 with: path: ~/go/pkg/mod key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} From fa9f2fa65e060d752e325faa7391ec90487be3da Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 12 Dec 2024 10:45:13 +0100 Subject: [PATCH 16/20] Bump golang.org/x/crypto from 0.27.0 to 0.31.0 (#471) Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.27.0 to 0.31.0. - [Commits](https://github.com/golang/crypto/compare/v0.27.0...v0.31.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: indirect ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Manish Gupta --- go.mod | 10 +++++----- go.sum | 20 ++++++++++---------- 2 files changed, 15 insertions(+), 15 deletions(-) diff --git a/go.mod b/go.mod index 04c2915e..4e6ac189 100644 --- a/go.mod +++ b/go.mod @@ -141,13 +141,13 @@ require ( go.opentelemetry.io/otel/trace v1.28.0 // indirect go.starlark.net v0.0.0-20240520160348-046347dcd104 // indirect go.uber.org/multierr v1.11.0 // indirect - golang.org/x/crypto v0.27.0 // indirect + golang.org/x/crypto v0.31.0 // indirect golang.org/x/exp v0.0.0-20240613232115-7f521ea00fb8 // indirect golang.org/x/net v0.26.0 // indirect - golang.org/x/sync v0.8.0 // indirect - golang.org/x/sys v0.25.0 // indirect - golang.org/x/term v0.24.0 // indirect - golang.org/x/text v0.18.0 // indirect + golang.org/x/sync v0.10.0 // indirect + golang.org/x/sys v0.28.0 // indirect + golang.org/x/term v0.27.0 // indirect + golang.org/x/text v0.21.0 // indirect golang.org/x/time v0.5.0 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20240701130421-f6361c86f094 // indirect google.golang.org/grpc v1.65.0 // indirect diff --git a/go.sum b/go.sum index 1a65c2da..a6f96cc8 100644 --- a/go.sum +++ b/go.sum @@ -405,8 +405,8 @@ golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnf golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.27.0 h1:GXm2NjJrPaiv/h1tb2UH8QfgC/hOf/+z0p6PT8o1w7A= -golang.org/x/crypto v0.27.0/go.mod h1:1Xngt8kV6Dvbssa53Ziq6Eqn0HqbZi5Z6R0ZpwQzt70= +golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U= +golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= golang.org/x/exp v0.0.0-20240613232115-7f521ea00fb8 h1:yixxcjnhBmY0nkL253HFVIm0JsFHwrHdT3Yh6szTnfY= golang.org/x/exp v0.0.0-20240613232115-7f521ea00fb8/go.mod h1:jj3sYF3dwk5D+ghuXyeI3r5MFf+NT2An6/9dOA95KSI= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= @@ -428,8 +428,8 @@ golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ= -golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ= +golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -440,14 +440,14 @@ golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.25.0 h1:r+8e+loiHxRqhXVl6ML1nO3l1+oFoWbnlu2Ehimmi34= -golang.org/x/sys v0.25.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/term v0.24.0 h1:Mh5cbb+Zk2hqqXNO7S1iTjEphVL+jb8ZWaqh/g+JWkM= -golang.org/x/term v0.24.0/go.mod h1:lOBK/LVxemqiMij05LGJ0tzNr8xlmwBRJ81PX6wVLH8= +golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA= +golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/term v0.27.0 h1:WP60Sv1nlK1T6SupCHbXzSaN0b9wUmsPoRS9b61A23Q= +golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.18.0 h1:XvMDiNzPAl0jr17s6W9lcaIhGUfUORdGCNsuLmPG224= -golang.org/x/text v0.18.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= +golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= +golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= From d1cd3df6b6dea972b8261318ea038df94b93cea0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Dec 2024 10:49:09 +0100 Subject: [PATCH 17/20] Bump the actions group with 2 updates (#472) Bumps the actions group with 2 updates: [actions/setup-go](https://github.com/actions/setup-go) and [anchore/sbom-action](https://github.com/anchore/sbom-action). Updates `actions/setup-go` from 5.1.0 to 5.2.0 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed...3041bf56c941b39c61721a86cd11f3bb1338122a) Updates `anchore/sbom-action` from 0.17.8 to 0.17.9 - [Release notes](https://github.com/anchore/sbom-action/releases) - [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md) - [Commits](https://github.com/anchore/sbom-action/compare/55dc4ee22412511ee8c3142cbea40418e6cec693...df80a981bc6edbc4e220a492d3cbe9f5547a6e75) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: anchore/sbom-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Manish Gupta --- .github/workflows/ci.yaml | 8 ++++---- .github/workflows/release.yaml | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 3e629243..b18af795 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -14,7 +14,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Setup Go - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version-file: ./go.mod check-latest: true @@ -34,7 +34,7 @@ jobs: uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0 - name: Install syft - uses: anchore/sbom-action/download-syft@55dc4ee22412511ee8c3142cbea40418e6cec693 # v0.17.8 + uses: anchore/sbom-action/download-syft@df80a981bc6edbc4e220a492d3cbe9f5547a6e75 # v0.17.9 - uses: chainguard-dev/actions/goimports@main @@ -48,7 +48,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + - uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version-file: ./go.mod check-latest: true @@ -69,7 +69,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + - uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version-file: ./go.mod check-latest: true diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 3e5431f4..f8305e78 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -21,7 +21,7 @@ jobs: fetch-depth: 0 - name: Setup Go - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version-file: ./go.mod check-latest: true @@ -41,7 +41,7 @@ jobs: uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0 - name: Install syft - uses: anchore/sbom-action/download-syft@55dc4ee22412511ee8c3142cbea40418e6cec693 # v0.17.8 + uses: anchore/sbom-action/download-syft@df80a981bc6edbc4e220a492d3cbe9f5547a6e75 # v0.17.9 - name: Cache uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0 From f55d046638318061746ab1e5fa47abb7d23f7dfe Mon Sep 17 00:00:00 2001 From: Carlos Tadeu Panato Junior Date: Tue, 17 Dec 2024 22:00:09 +0100 Subject: [PATCH 18/20] fix push to ghcr.io (#473) Signed-off-by: cpanato Signed-off-by: Manish Gupta --- .github/workflows/release.yaml | 8 ++++++++ .goreleaser.yml | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index f8305e78..a05a2570 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -61,6 +61,14 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} + - name: Login to registry + if: github.repository == 'helm/chart-releaser' + uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Run Mage uses: magefile/mage-action@6a5dcb5fe61f43d7c08a98bc3cf9bc63c308c08e # v3.0.0 with: diff --git a/.goreleaser.yml b/.goreleaser.yml index 209c6d15..b314a2b8 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -53,7 +53,7 @@ archives: checksum: name_template: 'checksums.txt' snapshot: - name_template: "{{ .Tag }}-next" + version_template: "{{ .Tag }}-next" dockers: - goos: linux From cf1772dda8cc8099fc486a25f0a300972a04ab36 Mon Sep 17 00:00:00 2001 From: Carlos Tadeu Panato Junior Date: Fri, 20 Dec 2024 11:34:38 +0100 Subject: [PATCH 19/20] add existing CI TOKEN to access/push brew update (#474) Signed-off-by: cpanato Signed-off-by: Manish Gupta --- .github/workflows/release.yaml | 1 + .goreleaser.yml | 1 + 2 files changed, 2 insertions(+) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index a05a2570..2efa789c 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -75,3 +75,4 @@ jobs: args: -v release env: GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" + CI_HOMEBREW_TOKEN: "${{ secrets.CI_TOKEN }}" diff --git a/.goreleaser.yml b/.goreleaser.yml index b314a2b8..abab46c8 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -200,6 +200,7 @@ brews: - repository: owner: helm name: homebrew-tap + token: "{{ .Env.CI_HOMEBREW_TOKEN }}" commit_author: name: helm-bot email: helm-bot@users.noreply.github.com From bacfb15ade570c35f3240d1fccfecdd6fd8e18c4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 23 Dec 2024 13:52:01 +0100 Subject: [PATCH 20/20] Bump docker/setup-buildx-action from 3.7.1 to 3.8.0 in the actions group (#476) Bumps the actions group with 1 update: [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action). Updates `docker/setup-buildx-action` from 3.7.1 to 3.8.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/c47758b77c9736f4b2ef4073d4d51994fabfe349...6524bf65af31da8d45b59e8c27de4bd072b392f5) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Manish Gupta --- .github/workflows/ci.yaml | 2 +- .github/workflows/release.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index b18af795..4072d4d6 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -23,7 +23,7 @@ jobs: uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 + uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0 - name: Install GoReleaser uses: goreleaser/goreleaser-action@9ed2f89a662bf1735a48bc8557fd212fa902bebf # v6.1.0 diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 2efa789c..f54644b3 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -30,7 +30,7 @@ jobs: uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 + uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0 - name: Install GoReleaser uses: goreleaser/goreleaser-action@9ed2f89a662bf1735a48bc8557fd212fa902bebf # v6.1.0