From 1662375b5d985593c0086e8d03801a785c1a1e10 Mon Sep 17 00:00:00 2001 From: Friedrich Wilken Date: Tue, 30 Jan 2024 16:58:43 +0100 Subject: [PATCH 01/12] add reusable workflows for release --- .../create-draft-release-reusable.yml | 43 ++++++++++++++ ...t-version-from-release-branch-reusable.yml | 45 ++++++++++++++ .../workflows/publish-release-reusable.yml | 29 +++++++++ .../render-and-upload-manifests-reusbale.yml | 59 +++++++++++++++++++ 4 files changed, 176 insertions(+) create mode 100644 .github/workflows/create-draft-release-reusable.yml create mode 100644 .github/workflows/get-version-from-release-branch-reusable.yml create mode 100644 .github/workflows/publish-release-reusable.yml create mode 100644 .github/workflows/render-and-upload-manifests-reusbale.yml diff --git a/.github/workflows/create-draft-release-reusable.yml b/.github/workflows/create-draft-release-reusable.yml new file mode 100644 index 0000000..6e26bd1 --- /dev/null +++ b/.github/workflows/create-draft-release-reusable.yml @@ -0,0 +1,43 @@ +name: Create draft release (reusable) + +on: + workflow_call: + inputs: + VERSION: + required: true + type: string + description: The semantic version number. + secrets: + BOT_PAT: + required: true + description: The github personal access token of your bot. + GH_TOKEN: + required: true + +jobs: + create-draft-release: + name: Create a draft release + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Write changelog to file + env: + VERSION: ${{ inputs.VERSION }} + # note: your repository needs to have this file. + # running this script should result in the file named CHANGELOG.md. + shell: bash + run: | + ./hack/scripts/create_changelog.sh "${VERSION}" + + - name: Print out changelog + run: cat CHANGELOG.md + + - name: Create the draft release + env: + VERSION: ${{ inputs.VERSION }} + GH_TOKEN: ${{ secrets.BOT_PAT }} + shell: bash + run: | + gh release create "${VERSION}" --draft --notes-file CHANGELOG.md diff --git a/.github/workflows/get-version-from-release-branch-reusable.yml b/.github/workflows/get-version-from-release-branch-reusable.yml new file mode 100644 index 0000000..40a1811 --- /dev/null +++ b/.github/workflows/get-version-from-release-branch-reusable.yml @@ -0,0 +1,45 @@ +name: Get version from release branch (reusable) + +on: + workflow_call: + outputs: + VERSION: + description: "The semantic version x.y.z, e.g.: 1.7.4" + value: ${{ jobs.create-version.outputs.VERSION }} + +jobs: + create-version: + name: generate version number + runs-on: ubuntu-latest + outputs: + VERSION: ${{ steps.generate.outputs.VERSION }} + + steps: + - name: checkout code + uses: actions/checkout@v4 + + - name: Verify that the current is branch is a release branch + shell: bash + run: | + CURRENT_BRANCH=$(git rev-parse --abbrev-ref HEAD) + [[ $CURRENT_BRANCH =~ ^release-([0-9]+)\.([0-9]+)$ ]] || exit 1 + echo "MAJOR=${BASH_REMATCH[1]}" >> $GITHUB_ENV + echo "MINOR=${BASH_REMATCH[2]}" >> $GITHUB_ENV + exit 0 + + - name: Generate version + id: generate + shell: bash + env: + MAJOR: ${{ env.MAJOR }} + MINOR: ${{ env.MINOR }} + run: | + TAGS=$(git tag -l "$MAJOR.$MINOR.*") + if [[ -z $TAGS ]]; then + PATCH=0 + else + PATCH=$(( $(echo $TAGS | cut -d '.' -f 3 | sort -n | tail -n 1) + 1)) + fi + VERSION="${MAJOR}.${MINOR}.${PATCH:-0}" + echo "VERSION=${VERSION}" >> $GITHUB_OUTPUT + exit 0 diff --git a/.github/workflows/publish-release-reusable.yml b/.github/workflows/publish-release-reusable.yml new file mode 100644 index 0000000..4fe184e --- /dev/null +++ b/.github/workflows/publish-release-reusable.yml @@ -0,0 +1,29 @@ +name: Publish release + +on: + workflow_call: + inputs: + VERSION: + required: true + type: string + description: The semantic version number. + secrets: + BOT_PAT: + required: true + description: The github personal access token of your bot. + +jobs: + publish-release: + name: Publish release + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Publish + env: + VERSION: ${{ inputs.VERSION }} + GH_TOKEN: ${{ secrets.BOT_PAT }} + shell: bash + run: | + gh release edit "${VERSION}" --draft=false --latest diff --git a/.github/workflows/render-and-upload-manifests-reusbale.yml b/.github/workflows/render-and-upload-manifests-reusbale.yml new file mode 100644 index 0000000..343186e --- /dev/null +++ b/.github/workflows/render-and-upload-manifests-reusbale.yml @@ -0,0 +1,59 @@ +name: Render and upload manifests + +on: + workflow_call: + inputs: + VERSION: + required: true + type: string + description: The semantic version number. + CR_FILE: + type: string + required: true + description: The file name of the CR. + CRD_FILE: + type: string + required: true + description: The file name of the CRD. + secrets: + BOT_PAT: + required: true + description: The github personal access token of your bot. + +jobs: + render-and-upload-manifests: + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Render CRD + env: + VERSION: ${{ inputs.VERSION }} + CRD_FILE: ${{ inputs.CRD_FILE }} + shell: bash + run: ./hack/scripts/render_crd.sh "${VERSION}" "${CRD_FILE}" + + - name: Print out CR file + env: + CR_FILE: ${{ inputs.CR_FILE }} + shell: bash + run: cat "${CR_FILE}" + + - name: Print out CRD file + env: + CRD_FILE: ${{ inputs.CRD_FILE }} + shell: bash + run: cat "${CRD_FILE}" + + - name: Upload manifests + env: + VERSION: ${{ inputs.VERSION }} + GH_TOKEN: ${{ secrets.BOT_PAT }} + CRD_FILE: ${{ inputs.CRD_FILE }} + CR_FILE: ${{ inputs.CR_FILE }} + shell: bash + run: | + gh release upload "${VERSION}" "${CR_FILE}" + gh release upload "${VERSION}" "${CRD_FILE}" From c282ca3777aa58a2c974213722016816a1cbee0d Mon Sep 17 00:00:00 2001 From: Friedrich Wilken Date: Tue, 30 Jan 2024 17:02:43 +0100 Subject: [PATCH 02/12] improve bum-sec-scanners-config --- .../bump-sec-scanners-config-reusable.yml | 37 +++++++++---------- 1 file changed, 18 insertions(+), 19 deletions(-) diff --git a/.github/workflows/bump-sec-scanners-config-reusable.yml b/.github/workflows/bump-sec-scanners-config-reusable.yml index 8bcc5e0..a5718f3 100644 --- a/.github/workflows/bump-sec-scanners-config-reusable.yml +++ b/.github/workflows/bump-sec-scanners-config-reusable.yml @@ -13,10 +13,10 @@ # Setting a secret for a repo: https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions # # If changes were done by the script, the workflow will create a PR and wait for it to be merged. -# The waiting will happen with a timeout that can be set via the input of `timeout`. The units are seconds. # It has a default value of 3600 (seconds (= 1 hour)). Note that GitHub Action jobs will automatically fail after 6 hours: # Further reads: # Default limits for GitHub Actions: https://docs.github.com/en/actions/learn-github-actions/usage-limits-billing-and-administration#usage-limits +# The waiting will happen with a timeout that can be set via the input of `TIMEOUT`. The units are seconds. # # Examples of using this workflow: # 1. Set all awailable inputs and secrets. @@ -26,7 +26,7 @@ # uses: kyma-project/eventing-tools/.github/workflows/bump-sec-scanners-config-reusable.yml@main # with: # version_tag: 2.3.4 -# timeout: 3600 # 1 hour +# TIMEOUT: 3600 # 1 hour # secrets: # BOT_PAT: ${{ secrets.my_pat }} # @@ -45,11 +45,11 @@ name: bump sec-scanners-config.yaml (reusable) on: workflow_call: inputs: - version_tag: + VERSION: required: true type: string description: The semantic version number, that will be used to tag the main image in the sec scanner config. - timeout: + TIMEOUT: required: false type: number description: The time in seconds this workflow will wait for a resulting PR to be merged. @@ -62,22 +62,19 @@ jobs: bump: name: Bump sec-scanners-config.yaml runs-on: ubuntu-latest - env: - REPO: ${{ github.repository }} steps: - - name: Checkout Code + - name: Checkout code uses: actions/checkout@v4 - name: Render sec-scanners-config.yaml env: - VERSION_TAG: ${{ inputs.version_tag }} - shell: bash + VERSION: ${{ inputs.VERSION }} # Where ever you use this workflow, the script hack/scripts/render-sec-scanners-config.sh must exist. - run: ./hack/scripts/render-sec-scanners-config.sh "${VERSION_TAG}" + run: ./hack/scripts/render-sec-scanners-config.sh "${VERSION}" # Check if there are changes so we can determin if all following steps can be skipped. - - name: Check For Changes + - name: Check for changes shell: bash run: | if [ -z "$(git status --porcelain)" ]; then @@ -87,29 +84,30 @@ jobs: echo "CREATE_PR=true" >> $GITHUB_ENV fi - - name: Print Content of sec-scanners-config.yaml if: ${{ always() }} + - name: Print out sec-scanners-config.yaml shell: bash run: | FILE="sec-scanners-config.yaml" [ -f "${FILE}" ] && cat "${FILE}" || echo "${FILE} not found." - - name: Set Up Git + - name: Set up git if: ${{ env.CREATE_PR == 'true' }} env: GH_TOKEN: ${{ secrets.BOT_PAT }} + REPO: ${{ github.repository }} shell: bash run: | # set git username - ghusername=$(curl -H "Authorization: token ${GH_TOKEN}" https://api.github.com/user) + ghusername=$(curl -s -H "Authorization: token ${GH_TOKEN}" https://api.github.com/user | jq '.login') git config user.name "${ghusername}" # set git mail address - ghmailaddress=$(curl -H "Authorization: token ${GH_TOKEN}" https://api.github.com/email) + ghmailaddress="${ghusername}@users.noreply.github.com" git config user.email "${ghmailaddress}" # set remote url git remote set-url origin "https://x-access-token:${GH_TOKEN}@github.com/${REPO}.git" - - name: Set All Variables + - name: Set all variables if: ${{ env.CREATE_PR == 'true' }} shell: bash run: | @@ -125,9 +123,10 @@ jobs: echo "name of the new branch: ${BRANCH_NAME}" echo "BRANCH_NAME=${BRANCH_NAME}" >> $GITHUB_ENV - - name: Create a Pull Request + - name: Create a pull request if: ${{ env.CREATE_PR == 'true' }} env: + REPO: ${{ github.repository }} CURRENT_BRANCH: ${{ env.CURRENT_BRANCH }} PR_DATE: ${{ env.PR_DATE }} BRANCH_NAME: ${{ env.BRANCH_NAME }} @@ -157,11 +156,11 @@ jobs: run: | echo "please review ${PR_URL}" - - name: Wait for PR to be Merged if: ${{ env.CREATE_PR == 'true' }} + - name: Wait for PR to be merged shell: bash env: - TIMEOUT: ${{ inputs.timeout }} + TIMEOUT: ${{ inputs.TIMEOUT }} PR_URL: ${{ env.PR_URL }} GH_TOKEN: ${{ secrets.BOT_PAT }} run: | From c7ea6f12f60a6441c302e4e8d7c0f969ebf1d6ab Mon Sep 17 00:00:00 2001 From: Friedrich Wilken Date: Tue, 30 Jan 2024 17:12:28 +0100 Subject: [PATCH 03/12] add comments --- .github/workflows/create-draft-release-reusable.yml | 4 ++-- .github/workflows/publish-release-reusable.yml | 2 +- .github/workflows/render-and-upload-manifests-reusbale.yml | 3 ++- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/.github/workflows/create-draft-release-reusable.yml b/.github/workflows/create-draft-release-reusable.yml index 6e26bd1..861445b 100644 --- a/.github/workflows/create-draft-release-reusable.yml +++ b/.github/workflows/create-draft-release-reusable.yml @@ -25,10 +25,10 @@ jobs: - name: Write changelog to file env: VERSION: ${{ inputs.VERSION }} - # note: your repository needs to have this file. - # running this script should result in the file named CHANGELOG.md. shell: bash run: | + # Note: your repository needs to have this script. + # Running this script should result in a file named CHANGELOG.md, located in the base directory. ./hack/scripts/create_changelog.sh "${VERSION}" - name: Print out changelog diff --git a/.github/workflows/publish-release-reusable.yml b/.github/workflows/publish-release-reusable.yml index 4fe184e..996aac8 100644 --- a/.github/workflows/publish-release-reusable.yml +++ b/.github/workflows/publish-release-reusable.yml @@ -1,4 +1,4 @@ -name: Publish release +name: Publish release (reusable) on: workflow_call: diff --git a/.github/workflows/render-and-upload-manifests-reusbale.yml b/.github/workflows/render-and-upload-manifests-reusbale.yml index 343186e..1f99ebc 100644 --- a/.github/workflows/render-and-upload-manifests-reusbale.yml +++ b/.github/workflows/render-and-upload-manifests-reusbale.yml @@ -1,4 +1,4 @@ -name: Render and upload manifests +name: Render and upload manifests (reusable) on: workflow_call: @@ -33,6 +33,7 @@ jobs: VERSION: ${{ inputs.VERSION }} CRD_FILE: ${{ inputs.CRD_FILE }} shell: bash + # Note: your repository needs to have this script. run: ./hack/scripts/render_crd.sh "${VERSION}" "${CRD_FILE}" - name: Print out CR file From 919c26c8389d1331759ecbc014ccca089ecec8c0 Mon Sep 17 00:00:00 2001 From: Friedrich Wilken Date: Wed, 31 Jan 2024 10:48:39 +0100 Subject: [PATCH 04/12] add workflow to trigger prow jobs --- .../trigger-prow-build-job-reusable.yml | 72 +++++++++++++++++++ 1 file changed, 72 insertions(+) create mode 100644 .github/workflows/trigger-prow-build-job-reusable.yml diff --git a/.github/workflows/trigger-prow-build-job-reusable.yml b/.github/workflows/trigger-prow-build-job-reusable.yml new file mode 100644 index 0000000..b518f88 --- /dev/null +++ b/.github/workflows/trigger-prow-build-job-reusable.yml @@ -0,0 +1,72 @@ +name: Trigger prow build job (reusable) + +on: + workflow_call: + inputs: + VERSION: + required: true + type: string + description: The semantic version number. + TIMEOUT: + type: number + default: 60000 # 10 minutes in miliseconds + INTERVAL: + type: number + default: 60000 # 1 minute in miliseconds + CONTEXT: + required: true + type: string + description: The context is the name of the prow job we are waiting for. + secrets: + BOT_PAT: + required: true + GH_TOKEN: + required: true + +jobs: + trigger-prow-build-job: + name: Trigger prow build job + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Set up git + if: ${{ env.CREATE_PR == 'true' }} + env: + GH_TOKEN: ${{ secrets.BOT_PAT }} + REPO: ${{ github.repository }} + shell: bash + run: | + # set git username + ghusername=$(curl -s -H "Authorization: token ${GH_TOKEN}" https://api.github.com/user | jq '.login') + git config user.name "${ghusername}" + # set git mail address + ghmailaddress="${ghusername}@users.noreply.github.com" + git config user.email "${ghmailaddress}" + # set remote url + git remote set-url origin "https://x-access-token:${GH_TOKEN}@github.com/${REPO}.git" + + - name: Push git tag to trigger the prow build job + env: + VERSION: ${{ inputs.VERSION }} + run: | + git tag "${VERSION}" + git push origin "${VERSION}" + + - name: Wait for the build job to succeed + id: wait-build + uses: kyma-project/wait-for-commit-status-action@2b3ffe09af8b6f40e1213d5fb7f91a7bd41ffb20 + env: + GITHUB_TOKEN: "${{ secrets.GH_TOKEN }}" + GITHUB_OWNER: "${{ github.repository_owner }}" + GITHUB_REPO: ${{ github.event.repository.name }} + VERSION: "${{ inputs.VERSION }}" + with: + context: "${{ inputs.CONTEXT }}" + commit_ref: "release-${VERSION}" # the name of the release branch. + timeout: + 600000 # 10 minutes in milliseconds + # The check interval is kept long otherwise it will exhaust the GitHub rate limit (More info: https://docs.github.com/en/rest/overview/resources-in-the-rest-api?apiVersion=2022-11-28#rate-limiting) + check_interval: 60000 # 1 minute in milliseconds From 8f5f06d41af3c851c34341414811ae27f64e0275 Mon Sep 17 00:00:00 2001 From: Friedrich Wilken Date: Thu, 1 Feb 2024 09:26:31 +0100 Subject: [PATCH 05/12] pass timeout and interval --- .../workflows/trigger-prow-build-job-reusable.yml | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/.github/workflows/trigger-prow-build-job-reusable.yml b/.github/workflows/trigger-prow-build-job-reusable.yml index b518f88..da431bf 100644 --- a/.github/workflows/trigger-prow-build-job-reusable.yml +++ b/.github/workflows/trigger-prow-build-job-reusable.yml @@ -27,7 +27,8 @@ jobs: trigger-prow-build-job: name: Trigger prow build job runs-on: ubuntu-latest - + env: + VERSION: ${{ inputs.VERSION }} steps: - name: Checkout code uses: actions/checkout@v4 @@ -49,8 +50,6 @@ jobs: git remote set-url origin "https://x-access-token:${GH_TOKEN}@github.com/${REPO}.git" - name: Push git tag to trigger the prow build job - env: - VERSION: ${{ inputs.VERSION }} run: | git tag "${VERSION}" git push origin "${VERSION}" @@ -62,11 +61,8 @@ jobs: GITHUB_TOKEN: "${{ secrets.GH_TOKEN }}" GITHUB_OWNER: "${{ github.repository_owner }}" GITHUB_REPO: ${{ github.event.repository.name }} - VERSION: "${{ inputs.VERSION }}" with: context: "${{ inputs.CONTEXT }}" commit_ref: "release-${VERSION}" # the name of the release branch. - timeout: - 600000 # 10 minutes in milliseconds - # The check interval is kept long otherwise it will exhaust the GitHub rate limit (More info: https://docs.github.com/en/rest/overview/resources-in-the-rest-api?apiVersion=2022-11-28#rate-limiting) - check_interval: 60000 # 1 minute in milliseconds + timeout: ${{ inputs.TIMEOUT }} + check_interval: ${{ inputs.INTERVAL }} From 36a39b2af7cd8e2ceb21e8cc1b15d1038a648994 Mon Sep 17 00:00:00 2001 From: Friedrich Wilken Date: Thu, 1 Feb 2024 09:26:49 +0100 Subject: [PATCH 06/12] pass github token --- .github/workflows/create-draft-release-reusable.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/create-draft-release-reusable.yml b/.github/workflows/create-draft-release-reusable.yml index 861445b..1c71f18 100644 --- a/.github/workflows/create-draft-release-reusable.yml +++ b/.github/workflows/create-draft-release-reusable.yml @@ -25,6 +25,7 @@ jobs: - name: Write changelog to file env: VERSION: ${{ inputs.VERSION }} + GH_TOKEN: ${{ secrets.GH_TOKEN }} shell: bash run: | # Note: your repository needs to have this script. From 585a5b1d25a68df5f1ad05fecbb59c08828cc3cb Mon Sep 17 00:00:00 2001 From: Friedrich Wilken Date: Thu, 1 Feb 2024 09:41:01 +0100 Subject: [PATCH 07/12] updated comments --- .github/workflows/bump-sec-scanners-config-reusable.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/bump-sec-scanners-config-reusable.yml b/.github/workflows/bump-sec-scanners-config-reusable.yml index a5718f3..3fdc202 100644 --- a/.github/workflows/bump-sec-scanners-config-reusable.yml +++ b/.github/workflows/bump-sec-scanners-config-reusable.yml @@ -5,7 +5,7 @@ # will require a specfic sec-scanners-config.yaml. # # The script `render-sec-scanners-config.sh` will in all cases require a version that is used to tag the corresponding image -# of the controller. For this reason, passing the input `version_tag` is required. +# of the controller. For this reason, passing the input `VERSION` is required. # # To create a PR and monitor it, this workflow will require a classic github personal access token (pat) passed # as a secret named `BOT_PAT`. The token must be configured to have all rights for `repo`, `user` and `workflow`. @@ -25,7 +25,7 @@ # call-this-workflow: # uses: kyma-project/eventing-tools/.github/workflows/bump-sec-scanners-config-reusable.yml@main # with: -# version_tag: 2.3.4 +# VERSION: 2.3.4 # TIMEOUT: 3600 # 1 hour # secrets: # BOT_PAT: ${{ secrets.my_pat }} @@ -36,7 +36,7 @@ # call-this-workflow::working_dir: g # uses: kyma-project/eventing-tools/.github/workflows/bump-sec-scanners-config-reusable.yml@main # with: -# version_tag: 2.3.4 +# VERSION: 2.3.4 # secrets: # BOT_PAT: ${{ secrets.my_pat }} From 6acdf7855e775720b38caf7862048568d40aeec8 Mon Sep 17 00:00:00 2001 From: Friedrich Wilken Date: Thu, 1 Feb 2024 09:53:58 +0100 Subject: [PATCH 08/12] revert removed shell instructions --- .github/workflows/bump-sec-scanners-config-reusable.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/bump-sec-scanners-config-reusable.yml b/.github/workflows/bump-sec-scanners-config-reusable.yml index 3fdc202..592d053 100644 --- a/.github/workflows/bump-sec-scanners-config-reusable.yml +++ b/.github/workflows/bump-sec-scanners-config-reusable.yml @@ -70,6 +70,7 @@ jobs: - name: Render sec-scanners-config.yaml env: VERSION: ${{ inputs.VERSION }} + shell: bash # Where ever you use this workflow, the script hack/scripts/render-sec-scanners-config.sh must exist. run: ./hack/scripts/render-sec-scanners-config.sh "${VERSION}" @@ -84,8 +85,8 @@ jobs: echo "CREATE_PR=true" >> $GITHUB_ENV fi - if: ${{ always() }} - name: Print out sec-scanners-config.yaml + if: ${{ always() }} shell: bash run: | FILE="sec-scanners-config.yaml" @@ -156,8 +157,8 @@ jobs: run: | echo "please review ${PR_URL}" - if: ${{ env.CREATE_PR == 'true' }} - name: Wait for PR to be merged + if: ${{ env.CREATE_PR == 'true' }} shell: bash env: TIMEOUT: ${{ inputs.TIMEOUT }} From f666d7c45e031a6aeef924a2a5c87bfab11f2a18 Mon Sep 17 00:00:00 2001 From: Friedrich Wilken Date: Thu, 1 Feb 2024 10:26:19 +0100 Subject: [PATCH 09/12] rename file --- ...ests-reusbale.yml => render-and-upload-manifests-reusable.yml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .github/workflows/{render-and-upload-manifests-reusbale.yml => render-and-upload-manifests-reusable.yml} (100%) diff --git a/.github/workflows/render-and-upload-manifests-reusbale.yml b/.github/workflows/render-and-upload-manifests-reusable.yml similarity index 100% rename from .github/workflows/render-and-upload-manifests-reusbale.yml rename to .github/workflows/render-and-upload-manifests-reusable.yml From 9f7d51344a37fca2eab76832e44ca596ef553f9c Mon Sep 17 00:00:00 2001 From: Friedrich Wilken Date: Thu, 1 Feb 2024 10:49:06 +0100 Subject: [PATCH 10/12] change spelling --- .github/workflows/bump-sec-scanners-config-reusable.yml | 4 ++-- .github/workflows/trigger-prow-build-job-reusable.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/bump-sec-scanners-config-reusable.yml b/.github/workflows/bump-sec-scanners-config-reusable.yml index 592d053..5a10825 100644 --- a/.github/workflows/bump-sec-scanners-config-reusable.yml +++ b/.github/workflows/bump-sec-scanners-config-reusable.yml @@ -103,8 +103,8 @@ jobs: ghusername=$(curl -s -H "Authorization: token ${GH_TOKEN}" https://api.github.com/user | jq '.login') git config user.name "${ghusername}" # set git mail address - ghmailaddress="${ghusername}@users.noreply.github.com" - git config user.email "${ghmailaddress}" + ghemailaddress="${ghusername}@users.noreply.github.com" + git config user.email "${ghemailaddress}" # set remote url git remote set-url origin "https://x-access-token:${GH_TOKEN}@github.com/${REPO}.git" diff --git a/.github/workflows/trigger-prow-build-job-reusable.yml b/.github/workflows/trigger-prow-build-job-reusable.yml index da431bf..4571109 100644 --- a/.github/workflows/trigger-prow-build-job-reusable.yml +++ b/.github/workflows/trigger-prow-build-job-reusable.yml @@ -44,8 +44,8 @@ jobs: ghusername=$(curl -s -H "Authorization: token ${GH_TOKEN}" https://api.github.com/user | jq '.login') git config user.name "${ghusername}" # set git mail address - ghmailaddress="${ghusername}@users.noreply.github.com" - git config user.email "${ghmailaddress}" + ghemailaddress="${ghusername}@users.noreply.github.com" + git config user.email "${ghemailaddress}" # set remote url git remote set-url origin "https://x-access-token:${GH_TOKEN}@github.com/${REPO}.git" From 49029adff15d7979e3d3b84e9e12f2cf896dc4f9 Mon Sep 17 00:00:00 2001 From: Friedrich Wilken Date: Thu, 1 Feb 2024 14:05:26 +0100 Subject: [PATCH 11/12] remove CRD_FILE --- .github/workflows/render-and-upload-manifests-reusable.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/render-and-upload-manifests-reusable.yml b/.github/workflows/render-and-upload-manifests-reusable.yml index 1f99ebc..f185156 100644 --- a/.github/workflows/render-and-upload-manifests-reusable.yml +++ b/.github/workflows/render-and-upload-manifests-reusable.yml @@ -31,10 +31,9 @@ jobs: - name: Render CRD env: VERSION: ${{ inputs.VERSION }} - CRD_FILE: ${{ inputs.CRD_FILE }} shell: bash # Note: your repository needs to have this script. - run: ./hack/scripts/render_crd.sh "${VERSION}" "${CRD_FILE}" + run: ./hack/scripts/render_crd.sh "${VERSION}" - name: Print out CR file env: From 867277f7f8f4a4a403c32ce80d2b1d5b53697987 Mon Sep 17 00:00:00 2001 From: Friedrich Wilken Date: Thu, 1 Feb 2024 14:20:44 +0100 Subject: [PATCH 12/12] add yq --- .github/workflows/bump-sec-scanners-config-reusable.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/bump-sec-scanners-config-reusable.yml b/.github/workflows/bump-sec-scanners-config-reusable.yml index 5a10825..cdc2582 100644 --- a/.github/workflows/bump-sec-scanners-config-reusable.yml +++ b/.github/workflows/bump-sec-scanners-config-reusable.yml @@ -67,6 +67,9 @@ jobs: - name: Checkout code uses: actions/checkout@v4 + - name: "Setup yq" # Required for rendering the sec-scanners-config. + uses: dcarbone/install-yq-action@v1.1.1 + - name: Render sec-scanners-config.yaml env: VERSION: ${{ inputs.VERSION }}