From d01e5631f2679295bf1798c550e0b53ecd837c00 Mon Sep 17 00:00:00 2001 From: dann frazier Date: Fri, 22 Nov 2024 21:31:40 +0000 Subject: [PATCH 01/61] pip-build-install pipeline: Introduce "source" input variable Python modules may be provided in subdirectories of the upstream source. Signed-off-by: dann frazier --- pipelines/py/pip-build-install.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/pipelines/py/pip-build-install.yaml b/pipelines/py/pip-build-install.yaml index 8cfa9d5a513..793b93ecb27 100644 --- a/pipelines/py/pip-build-install.yaml +++ b/pipelines/py/pip-build-install.yaml @@ -7,6 +7,9 @@ inputs: dest: description: the destination default: ${{targets.contextdir}} + source: + description: directory containing the python package source + default: . needs-exe-named-python3: description: Does the build actually need 'python3' in its PATH default: false @@ -107,7 +110,7 @@ pipeline: mkdir -p "$distwheelsd" echo "$py is $pyver with site_packages dir '$sitepkgd'" vr $py -m pip wheel --verbose "--wheel-dir=$wd" \ - "--find-links=$distwheelsd" --no-index --no-build-isolation --no-deps . + "--find-links=$distwheelsd" --no-index --no-build-isolation --no-deps "${{inputs.source}}" vr $py -m pip install --verbose \ "--find-links=$distwheelsd" --no-index --no-build-isolation --no-deps \ --force-reinstall --no-compile --prefix=/usr "--root=$root" "$wd"/*.whl From b5298adf1d3c676135c311e101bbd4b433fc6e3c Mon Sep 17 00:00:00 2001 From: dann frazier Date: Fri, 22 Nov 2024 15:25:00 -0700 Subject: [PATCH 02/61] py3-grpcio-gcp: Build from github repository using py/pip-build-install Building from the tarball results in an unusable package because the included grpc_gcp_pb2.py is generated from an old protobuf. The tarball includes the .proto file we need to generate a new one. Signed-off-by: dann frazier --- py3-grpcio-gcp.yaml | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/py3-grpcio-gcp.yaml b/py3-grpcio-gcp.yaml index 2976033acc8..ad94349ae99 100644 --- a/py3-grpcio-gcp.yaml +++ b/py3-grpcio-gcp.yaml @@ -17,22 +17,34 @@ environment: - build-base - busybox - ca-certificates-bundle + - py3-build-base + - py3-grpcio-tools - py3-setuptools - python-3 - wolfi-base pipeline: - - uses: fetch + - uses: git-checkout with: - expected-sha256: e292605effc7da39b7a8734c719afb12ec4b5362add3528d8afad3aa3aa9057c - uri: https://files.pythonhosted.org/packages/source/g/grpcio-gcp/grpcio-gcp-${{package.version}}.tar.gz + repository: https://github.com/GoogleCloudPlatform/grpc-gcp-python + tag: v${{package.version}} + expected-commit: 8ef890243664ebd95ae0225cdf87e7442b570f9e + + - runs: | + cd src + # From src/setup.sh + cp -f ../template/version.py version.py + python3 -m grpc_tools.protoc -I. --python_out=grpc_gcp/proto grpc_gcp.proto - name: Python Build - uses: python/build-wheel + uses: py/pip-build-install + with: + source: ./src - uses: strip update: enabled: true - release-monitor: - identifier: 100779 + github: + identifier: GoogleCloudPlatform/grpc-gcp-python + strip-prefix: v From be8c0d30db79dcd5ef76a305336f1a0b63106314 Mon Sep 17 00:00:00 2001 From: dann frazier Date: Fri, 22 Nov 2024 15:32:42 -0700 Subject: [PATCH 03/61] py3-grpcio-gcp: Add python multiversion support Signed-off-by: dann frazier --- py3-grpcio-gcp.yaml | 74 ++++++++++++++++++++++++++++++++++----------- 1 file changed, 57 insertions(+), 17 deletions(-) diff --git a/py3-grpcio-gcp.yaml b/py3-grpcio-gcp.yaml index ad94349ae99..7f1056d9602 100644 --- a/py3-grpcio-gcp.yaml +++ b/py3-grpcio-gcp.yaml @@ -1,27 +1,31 @@ -# Generated from https://pypi.org/project/grpcio-gcp/ package: name: py3-grpcio-gcp version: 0.2.2 - epoch: 2 + epoch: 3 description: gRPC extensions for Google Cloud Platform copyright: - license: Apache-2.0 dependencies: - runtime: - - py3-grpcio - - python-3 + provider-priority: 0 + +vars: + pypi-package: grpcio-gcp + import: grpc_gcp + +data: + - name: py-versions + items: + 3.10: '310' + 3.11: '311' + 3.12: '312' + 3.13: '300' environment: contents: packages: - - build-base - - busybox - - ca-certificates-bundle - - py3-build-base - py3-grpcio-tools - - py3-setuptools - - python-3 - - wolfi-base + - py3-supported-build-base + - py3-supported-setuptools pipeline: - uses: git-checkout @@ -36,13 +40,49 @@ pipeline: cp -f ../template/version.py version.py python3 -m grpc_tools.protoc -I. --python_out=grpc_gcp/proto grpc_gcp.proto - - name: Python Build - uses: py/pip-build-install - with: - source: ./src - - uses: strip +subpackages: + - range: py-versions + name: py${{range.key}}-${{vars.pypi-package}} + description: python${{range.key}} version of ${{vars.pypi-package}} + dependencies: + provider-priority: ${{range.value}} + provides: + - py3-${{vars.pypi-package}} + runtime: + - py${{range.key}}-grpcio + - py${{range.key}}-protobuf + pipeline: + - uses: py/pip-build-install + with: + python: python${{range.key}} + source: ./src + - uses: strip + test: + pipeline: + - uses: python/import + with: + python: python${{range.key}} + imports: | + import ${{vars.import}} + + - name: py3-supported-${{vars.pypi-package}} + description: meta package providing ${{vars.pypi-package}} for supported python versions. + dependencies: + runtime: + - py3.10-${{vars.pypi-package}} + - py3.11-${{vars.pypi-package}} + - py3.12-${{vars.pypi-package}} + - py3.13-${{vars.pypi-package}} + +test: + pipeline: + - uses: python/import + with: + imports: | + import ${{vars.import}} + update: enabled: true github: From 281633dcc1c42546c070bad8cb6647e16acd10ac Mon Sep 17 00:00:00 2001 From: Dimitri John Ledkov <19779+xnox@users.noreply.github.com> Date: Mon, 25 Nov 2024 19:09:28 +0000 Subject: [PATCH 04/61] rustls-ffi: enable cargo auditable capi (#35158) cargo-audtiable in latest upstream release fixed ability to have auditable capi builds. Start using these. --- rustls-ffi.yaml | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/rustls-ffi.yaml b/rustls-ffi.yaml index eafe84adca1..b409373a200 100644 --- a/rustls-ffi.yaml +++ b/rustls-ffi.yaml @@ -1,7 +1,7 @@ package: name: rustls-ffi version: 0.14.1 - epoch: 0 + epoch: 1 description: "C-to-rustls bindings" copyright: - license: MIT @@ -13,6 +13,7 @@ environment: - build-base - busybox - ca-certificates-bundle + - cargo-auditable - cargo-c - openssf-compiler-options - rust @@ -26,8 +27,8 @@ pipeline: expected-commit: 2014e6154074ba66c0023a683b27fdae93fbeabb - runs: | - cargo capi build --release - cargo capi install --prefix=/usr --destdir "${{targets.contextdir}}" + cargo auditable capi build --release + cargo auditable capi install --prefix=/usr --destdir "${{targets.contextdir}}" - uses: strip @@ -40,6 +41,15 @@ subpackages: runtime: - ${{package.name}} +test: + environment: + contents: + packages: + - rust-audit-info + pipeline: + - runs: | + rust-audit-info /usr/lib/librustls.so.0.* + update: enabled: true github: From ec49b48c2bd450411f0673d186d0fc63d9de9b10 Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Mon, 25 Nov 2024 15:13:05 -0500 Subject: [PATCH 05/61] ruby3.3-logstash-core/8.16.1 package update (#34962)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- ruby3.3-logstash-core.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ruby3.3-logstash-core.yaml b/ruby3.3-logstash-core.yaml index 222a0f125c0..c62a370d1b8 100644 --- a/ruby3.3-logstash-core.yaml +++ b/ruby3.3-logstash-core.yaml @@ -1,7 +1,7 @@ # Generated from http://www.elastic.co/guide/en/logstash/current/index.html package: name: ruby3.3-logstash-core - version: 8.16.0 + version: 8.16.1 epoch: 0 description: The core components of logstash, the scalable log and event management tool copyright: @@ -45,7 +45,7 @@ pipeline: with: repository: https://github.com/elastic/logstash tag: v${{package.version}} - expected-commit: e4cb5c1ff7b7e5c3c38dae35ba4c01d5478a3100 + expected-commit: a769327be81a655ed66a0539cee42380de220c27 - working-directory: logstash-core pipeline: From 6be202a7e1c3778e50db253eb3c7c29d32105eb0 Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Mon, 25 Nov 2024 15:13:22 -0500 Subject: [PATCH 06/61] ruby3.3-logstash-core-plugin-api/8.16.1 package update (#34961)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- ruby3.3-logstash-core-plugin-api.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ruby3.3-logstash-core-plugin-api.yaml b/ruby3.3-logstash-core-plugin-api.yaml index 5f32e8c6976..02f798f59ac 100644 --- a/ruby3.3-logstash-core-plugin-api.yaml +++ b/ruby3.3-logstash-core-plugin-api.yaml @@ -1,7 +1,7 @@ # Generated from http://www.elastic.co/guide/en/logstash/current/index.html package: name: ruby3.3-logstash-core-plugin-api - version: 8.16.0 + version: 8.16.1 epoch: 0 description: Logstash plugin API copyright: @@ -34,7 +34,7 @@ pipeline: with: repository: https://github.com/elastic/logstash tag: v${{package.version}} - expected-commit: e4cb5c1ff7b7e5c3c38dae35ba4c01d5478a3100 + expected-commit: a769327be81a655ed66a0539cee42380de220c27 - working-directory: logstash-core-plugin-api pipeline: From d97e54bcd1946c44b8620a376cdfa58c1648b2dc Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Mon, 25 Nov 2024 15:13:42 -0500 Subject: [PATCH 07/61] ruby3.2-logstash-core-plugin-api/8.16.1 package update (#34957)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- ruby3.2-logstash-core-plugin-api.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ruby3.2-logstash-core-plugin-api.yaml b/ruby3.2-logstash-core-plugin-api.yaml index 6698052f593..2216aa78bc0 100644 --- a/ruby3.2-logstash-core-plugin-api.yaml +++ b/ruby3.2-logstash-core-plugin-api.yaml @@ -1,7 +1,7 @@ # Generated from http://www.elastic.co/guide/en/logstash/current/index.html package: name: ruby3.2-logstash-core-plugin-api - version: 8.16.0 + version: 8.16.1 epoch: 0 description: Logstash plugin API copyright: @@ -34,7 +34,7 @@ pipeline: with: repository: https://github.com/elastic/logstash tag: v${{package.version}} - expected-commit: e4cb5c1ff7b7e5c3c38dae35ba4c01d5478a3100 + expected-commit: a769327be81a655ed66a0539cee42380de220c27 - working-directory: logstash-core-plugin-api pipeline: From c124d6b339496b8bbdd363e87a6ce0a86552ccee Mon Sep 17 00:00:00 2001 From: Jon Johnson Date: Mon, 25 Nov 2024 12:39:54 -0800 Subject: [PATCH 08/61] Add libquadmath as runtime dep for gcc (#35164) This is silly, but the alternative to fix this will take a while, so I am proposing this in the meantime. We currently (incorrectly) assume that we will be able to solve for identical package sets across architectures, but that's not correct for per-arch things like libquadmath. I want to unwedge some things with this change, which I can revert once we fix these assumptions downstream. Signed-off-by: Jon Johnson --- gcc.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/gcc.yaml b/gcc.yaml index 43ed9cc3b78..5ad0c7f7e46 100644 --- a/gcc.yaml +++ b/gcc.yaml @@ -1,7 +1,7 @@ package: name: gcc version: 14.2.0 - epoch: 5 + epoch: 6 description: "the GNU compiler collection" copyright: - license: GPL-3.0-or-later WITH GCC-exception-3.1 @@ -11,6 +11,7 @@ package: dependencies: runtime: - binutils + - libquadmath # This is a temporary workaround for issues with single-arch packages. - libstdc++-dev - openssf-compiler-options - posix-cc-wrappers From d45b49f8b80f9c1a5ad5327fd1fbce7130f83c8c Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Mon, 25 Nov 2024 21:03:29 +0000 Subject: [PATCH 09/61] brew/4.4.8 package update (#35177)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- brew.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/brew.yaml b/brew.yaml index 499f643de9d..25a8e6d6690 100644 --- a/brew.yaml +++ b/brew.yaml @@ -1,6 +1,6 @@ package: name: brew - version: 4.4.7 + version: 4.4.8 epoch: 0 description: "The homebrew package manager" copyright: @@ -49,7 +49,7 @@ pipeline: repository: https://github.com/Homebrew/brew tag: ${{package.version}} destination: ./brew - expected-commit: 4a77cd1e2f7ed058d03a47fe1f18819b246e67f6 + expected-commit: e78a0adb4f260913fffdc956cc8c20fb54109feb - runs: | set -x From 57d58936d9c4b413e165a44e73c11a0c88bd8e0c Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Mon, 25 Nov 2024 21:03:57 +0000 Subject: [PATCH 10/61] tigerbeetle/0.16.14 package update (#35171)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- tigerbeetle.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tigerbeetle.yaml b/tigerbeetle.yaml index ecf90174493..b42fb607587 100644 --- a/tigerbeetle.yaml +++ b/tigerbeetle.yaml @@ -1,6 +1,6 @@ package: name: tigerbeetle - version: 0.16.13 + version: 0.16.14 epoch: 0 description: "The distributed financial accounting database designed for mission critical safety and performance." copyright: @@ -19,7 +19,7 @@ pipeline: with: repository: https://github.com/tigerbeetledb/tigerbeetle tag: ${{package.version}} - expected-commit: 48a896c43d08ffeb1c735e95ce570e184c72685e + expected-commit: ff102ad69d847e944f60faaded83b80afe44b550 - runs: | zig build -Drelease From 17770de8698ca26aee0fe575a89ecd0fbccb2a2f Mon Sep 17 00:00:00 2001 From: Mark McCormick Date: Mon, 25 Nov 2024 21:50:21 +0000 Subject: [PATCH 11/61] Add tests for ruby packages (#35146) Add tests for ruby packages. Also adds a missing ruby-3.3 package which we only had a ruby v3.2 version for. --------- Signed-off-by: Mark McCormick --- ruby3.2-faraday-excon.yaml | 25 +++++++ ruby3.2-faraday-follow_redirects.yaml | 30 ++++++++ ruby3.2-faraday.yaml | 44 +++++++++++- ruby3.2-faraday_middleware-aws-sigv4.yaml | 40 +++++++++-- ruby3.2-filesize.yaml | 40 +++++++++++ ruby3.2-fluent-config-regexp-type.yaml | 23 +++++++ ruby3.2-fluentd-1.17.yaml | 58 ++++++++++++++++ ruby3.2-gems.yaml | 16 +++++ ruby3.2-hashie.yaml | 37 ++++++++++ ruby3.2-http.yaml | 17 +++++ ruby3.2-http_parser.rb.yaml | 56 +++++++++++++++ ruby3.2-i18n.yaml | 18 +++++ ruby3.2-io-console.yaml | 33 ++++++++- ruby3.2-jar-dependencies.yaml | 23 +++++++ ruby3.2-jmespath.yaml | 26 +++++++ ruby3.3-faraday-excon.yaml | 25 +++++++ ruby3.3-faraday-follow_redirects.yaml | 30 ++++++++ ruby3.3-faraday.yaml | 44 +++++++++++- ruby3.3-faraday_middleware-aws-sigv4.yaml | 83 +++++++++++++++++++++++ ruby3.3-filesize.yaml | 40 +++++++++++ ruby3.3-fluent-config-regexp-type.yaml | 23 +++++++ ruby3.3-fluentd-1.17.yaml | 58 ++++++++++++++++ ruby3.3-gems.yaml | 16 +++++ ruby3.3-hashie.yaml | 37 ++++++++++ ruby3.3-http.yaml | 17 +++++ ruby3.3-http_parser.rb.yaml | 56 +++++++++++++++ ruby3.3-i18n.yaml | 18 +++++ ruby3.3-io-console.yaml | 33 ++++++++- ruby3.3-jar-dependencies.yaml | 23 +++++++ ruby3.3-jmespath.yaml | 26 +++++++ 30 files changed, 1002 insertions(+), 13 deletions(-) create mode 100644 ruby3.3-faraday_middleware-aws-sigv4.yaml diff --git a/ruby3.2-faraday-excon.yaml b/ruby3.2-faraday-excon.yaml index 93ceac9fbe1..fa7cd49e1ec 100644 --- a/ruby3.2-faraday-excon.yaml +++ b/ruby3.2-faraday-excon.yaml @@ -42,6 +42,31 @@ pipeline: vars: gem: faraday-excon +test: + environment: + contents: + packages: + - ruby${{vars.rubyMM}}-net-http + pipeline: + - runs: ruby -e "require 'faraday/excon'; puts 'Faraday Excon adapter loaded successfully!'" + - runs: | + ruby <<-EOF + require 'faraday' + require 'faraday/excon' + + # Test the Faraday connection with Excon adapter + begin + conn = Faraday.new(url: 'https://example.com') do |f| + f.adapter :excon + end + + response = conn.get('/') + puts "Faraday connection with Excon adapter configured successfully! Response status: \#{response.status}" + rescue StandardError => e + raise "Test failed with error: \#{e.message}" + end + EOF + update: enabled: true github: diff --git a/ruby3.2-faraday-follow_redirects.yaml b/ruby3.2-faraday-follow_redirects.yaml index 1cae2beafe7..d6000547865 100644 --- a/ruby3.2-faraday-follow_redirects.yaml +++ b/ruby3.2-faraday-follow_redirects.yaml @@ -41,6 +41,36 @@ pipeline: vars: gem: faraday-follow_redirects +test: + environment: + contents: + packages: + - ruby${{vars.rubyMM}}-net-http + pipeline: + - runs: ruby -e "require 'faraday/follow_redirects'; puts 'Faraday Follow Redirects middleware loaded successfully!'" + - runs: | + ruby <<-EOF + require 'faraday' + require 'faraday/follow_redirects' + + # Test the Faraday connection with the Follow Redirects middleware + begin + conn = Faraday.new(url: 'http://httpbingo.org/redirect/1') do |f| + f.use Faraday::FollowRedirects::Middleware + f.adapter Faraday.default_adapter + end + + response = conn.get + if response.status == 200 + puts "Faraday connection with Follow Redirects middleware configured successfully! Final status: \#{response.status}" + else + raise "Unexpected response status: \#{response.status}" + end + rescue StandardError => e + raise "Test failed with error: \#{e.message}" + end + EOF + update: enabled: true github: diff --git a/ruby3.2-faraday.yaml b/ruby3.2-faraday.yaml index ffa1bc9e1bc..a26512007bb 100644 --- a/ruby3.2-faraday.yaml +++ b/ruby3.2-faraday.yaml @@ -42,17 +42,55 @@ vars: gem: faraday test: + environment: + contents: + packages: + - ruby${{vars.rubyMM}}-faraday-net_http + - ruby${{vars.rubyMM}}-net-http pipeline: - name: Verify library import runs: ruby -e "require 'faraday'" - name: Basic usage runs: | - cat < /tmp/test.rb + cat < /tmp/basic_usage_test.rb require 'faraday' response = Faraday.get("https://edu.chainguard.dev/open-source/wolfi/overview/") - print response.status + if response.status == 200 + puts "Basic usage test passed! Status: \#{response.status}" + else + raise "Basic usage test failed. Unexpected status: \#{response.status}" + end EOF - ruby /tmp/test.rb + ruby /tmp/basic_usage_test.rb + - name: Functional test with middleware + runs: | + cat < /tmp/functional_test_middleware.rb + require 'faraday' + require 'json' + + # Configure Faraday connection with a middleware + conn = Faraday.new(url: "https://httpbin.org") do |f| + f.request :url_encoded + f.adapter :net_http + end + + # Perform a POST request with some data + response = conn.post("/post") do |req| + req.headers['Content-Type'] = 'application/json' + req.body = { test_key: 'test_value' }.to_json + end + + # Parse the JSON response + parsed_body = JSON.parse(response.body) + + # Validate the response + if response.status == 200 && parsed_body["json"]["test_key"] == "test_value" + puts "Functional middleware test passed!" + else + raise "Functional middleware test failed." + end + EOF + ruby /tmp/functional_test_middleware.rb update: enabled: true diff --git a/ruby3.2-faraday_middleware-aws-sigv4.yaml b/ruby3.2-faraday_middleware-aws-sigv4.yaml index 052e14a50e1..8157945cf41 100644 --- a/ruby3.2-faraday_middleware-aws-sigv4.yaml +++ b/ruby3.2-faraday_middleware-aws-sigv4.yaml @@ -7,8 +7,8 @@ package: - license: MIT dependencies: runtime: - - ruby3.2-aws-sigv4 - - ruby3.2-faraday + - ruby${{vars.rubyMM}}-aws-sigv4 + - ruby${{vars.rubyMM}}-faraday environment: contents: @@ -17,8 +17,8 @@ environment: - busybox - ca-certificates-bundle - git - - ruby-3.2 - - ruby-3.2-dev + - ruby-${{vars.rubyMM}} + - ruby-${{vars.rubyMM}}-dev pipeline: - uses: git-checkout @@ -49,5 +49,35 @@ update: use-tag: true test: + environment: + contents: + packages: + - ruby${{vars.rubyMM}}-net-http pipeline: - - runs: ruby -e "require 'faraday_middleware/aws_sigv4'" + - runs: ruby -e "require 'faraday_middleware/aws_sigv4'; puts 'faraday_middleware/aws_sigv4 loaded successfully!'" + - runs: | + ruby <<-EOF + require 'faraday' + require 'faraday_middleware/aws_sigv4' + + # Test the middleware by configuring a Faraday connection + begin + conn = Faraday.new(url: 'https://example.com') do |f| + f.request :aws_sigv4, + service: 's3', + region: 'us-east-1', + access_key_id: 'fake_access_key', + secret_access_key: 'fake_secret_key' + end + + puts "Faraday connection configured successfully with AWS SigV4 middleware!" + rescue StandardError => e + raise "Test failed with error: #{e.message}" + end + EOF + +var-transforms: + - from: ${{package.name}} + match: ^ruby(\d\.\d+)-.* + replace: $1 + to: rubyMM diff --git a/ruby3.2-filesize.yaml b/ruby3.2-filesize.yaml index 4bc17c4a74c..e318e592c9e 100644 --- a/ruby3.2-filesize.yaml +++ b/ruby3.2-filesize.yaml @@ -38,6 +38,46 @@ pipeline: vars: gem: filesize +test: + environment: + contents: + packages: + - ruby-${{vars.rubyMM}} + pipeline: + - name: Verify gem installation + runs: | + gem list filesize + - name: Basic functionality test + runs: | + ruby -e ' + begin + require "filesize" + puts "Debug: Loading Filesize class..." + + # Create size object directly with bytes + bytes = Filesize.new(1024) + puts "Debug: Created Filesize object: " + bytes.inspect + + # Convert to KiB (binary kilobytes) since that is the default + kib = bytes.to("KiB") + puts "Debug: Converted to KiB: " + kib.inspect + + size = kib.to_f + puts "Debug: Final float value: " + size.to_s + + # Should be exactly 1.0 since 1024 bytes = 1 KiB + if size == 1.0 + puts "Test passed: 1024 B = 1 KiB" + exit 0 + else + raise "Test failed: Expected 1.0 KiB, got " + size.to_s + end + rescue => e + puts "Test failed with error: " + e.class.to_s + ": " + e.message + puts e.backtrace + exit 1 + end ' + update: enabled: false exclude-reason: unmaintained, latest tag cut in 2018 diff --git a/ruby3.2-fluent-config-regexp-type.yaml b/ruby3.2-fluent-config-regexp-type.yaml index 9c6e7498835..dd981569b3a 100644 --- a/ruby3.2-fluent-config-regexp-type.yaml +++ b/ruby3.2-fluent-config-regexp-type.yaml @@ -42,6 +42,29 @@ pipeline: - uses: ruby/clean +test: + pipeline: + - runs: | + ruby -e ' + require "fluent/config/regexp_type" + + # Test timestamp pattern + regex = Fluent::Config::REGEXP_TYPE.call("/^\\d{4}-\\d{2}-\\d{2}/") + + # Should match + raise "Valid date (2024-11-23) failed to match" unless regex.match?("2024-11-23") + + # Should not match any of these + ["11-23-2024", "11-2-2024", "11-23-202", "202-11-23"].each do |invalid_date| + if regex.match?(invalid_date) + raise "Incorrectly matched #{invalid_date} which should not match pattern ^\\d{4}-\\d{2}-\\d{2}" + end + end + + puts "All tests passed!" + puts "Pattern matches yyyy-mm-dd format only" + ' + update: enabled: true github: diff --git a/ruby3.2-fluentd-1.17.yaml b/ruby3.2-fluentd-1.17.yaml index 71ff1cd8d53..f89f4528276 100644 --- a/ruby3.2-fluentd-1.17.yaml +++ b/ruby3.2-fluentd-1.17.yaml @@ -92,6 +92,7 @@ update: test: pipeline: + # Keep existing daemon test - name: Daemon test uses: test/daemon-check-output with: @@ -100,6 +101,8 @@ test: mkdir -p /etc/fluent/ touch /etc/fluent/fluent.conf expected_output: fluentd worker is now running + # Keep command line tests + - name: Command line tests runs: | fluent-binlog-reader --version fluent-ca-generate --version @@ -117,6 +120,61 @@ test: fluent-plugin-generate --help fluentd --version fluentd --help + - name: Basic IO test + runs: | + # Create minimal config + cat > test.conf < + log_level debug + + + + @type forward + port 24224 + + + + @type file + path /tmp/fluentd_test + append true + + flush_mode immediate + + + EOF + + # Start fluentd with logs + fluentd -c test.conf -d /tmp/fluentd.pid --log /tmp/fluentd.log + + # Wait for start + sleep 5 + + # Send test message with specific content + echo '{"message":"test_message_content"}' | fluent-cat test.tag + + # Wait for processing + sleep 5 + + # Check output files and content + if ls /tmp/fluentd_test.*.log > /dev/null 2>&1; then + OUTPUT=$(cat /tmp/fluentd_test.*.log) + echo "Output file contents: $OUTPUT" + + if echo "$OUTPUT" | grep -q "test_message_content"; then + echo "Test passed: Message content verified" + else + echo "Test failed: Expected message content not found" + exit 1 + fi + else + echo "Test failed: No output file" + echo "Fluentd logs:" + cat /tmp/fluentd.log + exit 1 + fi + + # Cleanup + kill $(cat /tmp/fluentd.pid) var-transforms: - from: ${{package.name}} diff --git a/ruby3.2-gems.yaml b/ruby3.2-gems.yaml index ac21a945115..6f9afaae5d0 100644 --- a/ruby3.2-gems.yaml +++ b/ruby3.2-gems.yaml @@ -49,6 +49,22 @@ test: print Gems.info 'rails' EOF ruby /tmp/test.rb + - name: Basic functionality test + runs: | + ruby -e ' + require "gems" + require "json" + + # Test search functionality + result = Gems.search("rake") + raise "Search failed" unless result.is_a?(Array) && !result.empty? + + # Test version info + versions = Gems.versions("rake") + raise "Version lookup failed" unless versions.is_a?(Array) && !versions.empty? + + puts "Tests passed - got valid responses for search and versions" + ' update: enabled: true diff --git a/ruby3.2-hashie.yaml b/ruby3.2-hashie.yaml index 8732a9409b4..d92a616ed85 100644 --- a/ruby3.2-hashie.yaml +++ b/ruby3.2-hashie.yaml @@ -38,6 +38,43 @@ pipeline: vars: gem: hashie +test: + pipeline: + - name: Verify library import + runs: ruby -e "require 'hashie'" + - name: Basic functionality test + runs: | + ruby -e ' + require "hashie" + + # Test Mash functionality + mash = Hashie::Mash.new + mash.name = "Test" + mash.info = { lang: "Ruby" } + + raise "Basic assignment failed" unless mash.name == "Test" + raise "Nested hash failed" unless mash.info.lang == "Ruby" + + # Test indifferent access + mash[:test_key] = "value" + raise "Indifferent access failed" unless mash["test_key"] == "value" && mash.test_key == "value" + + # Test key deletion + mash.delete(:test_key) + raise "Delete failed" if mash.key?(:test_key) + + # Test default values + mash.default = "not found" + raise "Default value failed" unless mash.missing == "not found" + + # Test merge + other = Hashie::Mash.new(a: 1, b: 2) + merged = mash.merge(other) + raise "Merge failed" unless merged.a == 1 && merged.info.lang == "Ruby" + + puts "All tests passed!" + ' + update: enabled: true github: diff --git a/ruby3.2-http.yaml b/ruby3.2-http.yaml index c54b6801903..1db2ec5dd83 100644 --- a/ruby3.2-http.yaml +++ b/ruby3.2-http.yaml @@ -54,6 +54,23 @@ test: HTTP.get("https://github.com").to_s EOF ruby /tmp/test.rb + - name: Functional test with POST request + runs: | + cat < /tmp/functional_test.rb + require "http" + + # Perform a POST request to httpbin.org + response = HTTP.post("https://httpbin.org/post", json: { key: "value" }) + + # Validate the response + raise "Unexpected status code" unless response.status == 200 + + body = response.parse(:json) + raise "Unexpected response body" unless body["json"]["key"] == "value" + + puts "Functional test passed!" + EOF + ruby /tmp/functional_test.rb update: enabled: true diff --git a/ruby3.2-http_parser.rb.yaml b/ruby3.2-http_parser.rb.yaml index 30df5b2661f..b98b0283d08 100644 --- a/ruby3.2-http_parser.rb.yaml +++ b/ruby3.2-http_parser.rb.yaml @@ -48,6 +48,62 @@ pipeline: version: ${{package.version}} - uses: ruby/clean +test: + environment: + contents: + packages: + - ruby-${{vars.rubyMM}} + pipeline: + - name: Verify gem installation + runs: gem list http_parser.rb + - name: Basic import test + runs: | + ruby <<-EOF + begin + require 'http/parser' + puts "Basic import test passed! HTTP::Parser loaded successfully." + rescue LoadError => e + puts "Basic import test failed: #{e.message}" + exit 1 + end + EOF + - name: Expanded functionality test + runs: | + ruby <<-EOF + require 'http/parser' + + # Create a basic HTTP parser and parse a simple request + begin + parser = HTTP::Parser.new + parsed_headers = {} + + # Define callbacks for parsing events + parser.on_headers_complete = proc do |headers| + parsed_headers.merge!(headers) + puts "Headers parsed successfully!" + end + parser.on_message_complete = proc { puts "Message parsed successfully!" } + + # Feed the parser with a simple HTTP request + request = "GET /path/to/resource HTTP/1.1\r\n" \ + "Host: example.com\r\n" \ + "User-Agent: TestAgent\r\n\r\n" + parser << request + + # Validate parsing results + raise "Unexpected HTTP method" unless parser.http_method == "GET" + raise "Unexpected request URL" unless parser.request_url == "/path/to/resource" + raise "Unexpected HTTP version" unless parser.http_version == [1, 1] + raise "Unexpected Host header" unless parsed_headers["Host"] == "example.com" + raise "Unexpected User-Agent header" unless parsed_headers["User-Agent"] == "TestAgent" + + puts "Expanded functionality test passed with valid results!" + rescue => e + puts "Test failed: #{e.message}" + exit 1 + end + EOF + update: enabled: true github: diff --git a/ruby3.2-i18n.yaml b/ruby3.2-i18n.yaml index d7e97299ffb..b4a1f90c828 100644 --- a/ruby3.2-i18n.yaml +++ b/ruby3.2-i18n.yaml @@ -40,6 +40,24 @@ pipeline: vars: gem: i18n +test: + pipeline: + - runs: ruby -e "require 'i18n'" + - name: Basic translation test + runs: | + ruby <<-EOF + require 'i18n' + + # Create a translation directly in memory + I18n.backend.store_translations(:en, hello: "Hello, %{name}!") + + # Test translation + greeting = I18n.t('hello', name: 'World') + raise "Translation test failed!" unless greeting == "Hello, World!" + + puts "Basic translation test passed!" + EOF + update: enabled: true github: diff --git a/ruby3.2-io-console.yaml b/ruby3.2-io-console.yaml index 14e5663f153..5e331e97f49 100644 --- a/ruby3.2-io-console.yaml +++ b/ruby3.2-io-console.yaml @@ -44,7 +44,38 @@ vars: test: pipeline: - - runs: ruby -e "require 'io/console'" + - name: Verify gem installation + runs: | + gem list io-console + - name: Test core functionality + runs: | + ruby -e ' + begin + require "io/console" + + # Test basic require works + puts "Loaded io/console successfully" + + # Test core methods + [:tty?, :winsize, :winsize=].each do |method| + unless IO.instance_methods.include?(method) + raise "Missing IO method: #{method}" + end + end + + # Test STDIN responds to console methods + unless STDIN.respond_to?(:tty?) + raise "STDIN missing tty? method" + end + + puts "Core functionality verified" + exit 0 + rescue => e + puts "Test failed: #{e.class}: #{e.message}" + puts e.backtrace + exit 1 + end + ' update: enabled: true diff --git a/ruby3.2-jar-dependencies.yaml b/ruby3.2-jar-dependencies.yaml index 11eae1677c5..d4b1e8753ad 100644 --- a/ruby3.2-jar-dependencies.yaml +++ b/ruby3.2-jar-dependencies.yaml @@ -49,6 +49,29 @@ test: # AUTOGENERATED - runs: | lock_jars --help + - name: Verify gem import + runs: ruby -e "require 'jar_dependencies'; puts 'jar_dependencies loaded successfully!'" + - name: Test basic functionality + runs: | + ruby -e ' + begin + require "jar_dependencies" + + # Test module definition + raise "Missing Jars module" unless defined?(Jars) + + # Test basic methods exist + [:require_jar, :setup, :lock].each do |method| + raise "Missing method: Jars.#{method}" unless Jars.respond_to?(method) + end + + puts "Basic jar-dependencies functionality verified" + exit 0 + rescue => e + puts "Test failed: #{e.message}" + exit 1 + end + ' var-transforms: - from: ${{package.name}} diff --git a/ruby3.2-jmespath.yaml b/ruby3.2-jmespath.yaml index d134bf968e9..a3ecfd7f29b 100644 --- a/ruby3.2-jmespath.yaml +++ b/ruby3.2-jmespath.yaml @@ -37,6 +37,32 @@ pipeline: vars: gem: jmespath +test: + pipeline: + - name: Verify gem import + runs: ruby -e "require 'jmespath'; puts 'jmespath loaded successfully!'" + - name: Basic JMESPath evaluation + runs: | + ruby <<-EOF + require 'jmespath' + + # Basic JMESPath expression test + data = { + "foo" => { + "bar" => "value" + } + } + expression = "foo.bar" + result = JMESPath.search(expression, data) + + # Validate the result + if result == "value" + puts "Basic JMESPath evaluation successful!" + else + raise "Expected 'value' but got '\#{result}'" + end + EOF + update: enabled: true github: diff --git a/ruby3.3-faraday-excon.yaml b/ruby3.3-faraday-excon.yaml index f1b888bf50a..5321b378abf 100644 --- a/ruby3.3-faraday-excon.yaml +++ b/ruby3.3-faraday-excon.yaml @@ -42,6 +42,31 @@ pipeline: vars: gem: faraday-excon +test: + environment: + contents: + packages: + - ruby${{vars.rubyMM}}-net-http + pipeline: + - runs: ruby -e "require 'faraday/excon'; puts 'Faraday Excon adapter loaded successfully!'" + - runs: | + ruby <<-EOF + require 'faraday' + require 'faraday/excon' + + # Test the Faraday connection with Excon adapter + begin + conn = Faraday.new(url: 'https://example.com') do |f| + f.adapter :excon + end + + response = conn.get('/') + puts "Faraday connection with Excon adapter configured successfully! Response status: \#{response.status}" + rescue StandardError => e + raise "Test failed with error: \#{e.message}" + end + EOF + update: enabled: true github: diff --git a/ruby3.3-faraday-follow_redirects.yaml b/ruby3.3-faraday-follow_redirects.yaml index c9e16e85207..0299b3427bf 100644 --- a/ruby3.3-faraday-follow_redirects.yaml +++ b/ruby3.3-faraday-follow_redirects.yaml @@ -41,6 +41,36 @@ pipeline: vars: gem: faraday-follow_redirects +test: + environment: + contents: + packages: + - ruby${{vars.rubyMM}}-net-http + pipeline: + - runs: ruby -e "require 'faraday/follow_redirects'; puts 'Faraday Follow Redirects middleware loaded successfully!'" + - runs: | + ruby <<-EOF + require 'faraday' + require 'faraday/follow_redirects' + + # Test the Faraday connection with the Follow Redirects middleware + begin + conn = Faraday.new(url: 'http://httpbingo.org/redirect/1') do |f| + f.use Faraday::FollowRedirects::Middleware + f.adapter Faraday.default_adapter + end + + response = conn.get + if response.status == 200 + puts "Faraday connection with Follow Redirects middleware configured successfully! Final status: \#{response.status}" + else + raise "Unexpected response status: \#{response.status}" + end + rescue StandardError => e + raise "Test failed with error: \#{e.message}" + end + EOF + update: enabled: true github: diff --git a/ruby3.3-faraday.yaml b/ruby3.3-faraday.yaml index a8a05f39e2e..e3b38d6ce5d 100644 --- a/ruby3.3-faraday.yaml +++ b/ruby3.3-faraday.yaml @@ -42,17 +42,55 @@ vars: gem: faraday test: + environment: + contents: + packages: + - ruby${{vars.rubyMM}}-faraday-net_http + - ruby${{vars.rubyMM}}-net-http pipeline: - name: Verify library import runs: ruby -e "require 'faraday'" - name: Basic usage runs: | - cat < /tmp/test.rb + cat < /tmp/basic_usage_test.rb require 'faraday' response = Faraday.get("https://edu.chainguard.dev/open-source/wolfi/overview/") - print response.status + if response.status == 200 + puts "Basic usage test passed! Status: \#{response.status}" + else + raise "Basic usage test failed. Unexpected status: \#{response.status}" + end EOF - ruby /tmp/test.rb + ruby /tmp/basic_usage_test.rb + - name: Functional test with middleware + runs: | + cat < /tmp/functional_test_middleware.rb + require 'faraday' + require 'json' + + # Configure Faraday connection with a middleware + conn = Faraday.new(url: "https://httpbin.org") do |f| + f.request :url_encoded + f.adapter :net_http + end + + # Perform a POST request with some data + response = conn.post("/post") do |req| + req.headers['Content-Type'] = 'application/json' + req.body = { test_key: 'test_value' }.to_json + end + + # Parse the JSON response + parsed_body = JSON.parse(response.body) + + # Validate the response + if response.status == 200 && parsed_body["json"]["test_key"] == "test_value" + puts "Functional middleware test passed!" + else + raise "Functional middleware test failed." + end + EOF + ruby /tmp/functional_test_middleware.rb update: enabled: true diff --git a/ruby3.3-faraday_middleware-aws-sigv4.yaml b/ruby3.3-faraday_middleware-aws-sigv4.yaml new file mode 100644 index 00000000000..1c8fabc13ae --- /dev/null +++ b/ruby3.3-faraday_middleware-aws-sigv4.yaml @@ -0,0 +1,83 @@ +package: + name: ruby3.3-faraday_middleware-aws-sigv4 + version: 1.0.1 + epoch: 0 + description: Faraday middleware for AWS Signature Version 4 using aws-sigv4. + copyright: + - license: MIT + dependencies: + runtime: + - ruby${{vars.rubyMM}}-aws-sigv4 + - ruby${{vars.rubyMM}}-faraday + +environment: + contents: + packages: + - build-base + - busybox + - ca-certificates-bundle + - git + - ruby-${{vars.rubyMM}} + - ruby-${{vars.rubyMM}}-dev + +pipeline: + - uses: git-checkout + with: + expected-commit: 8637e57de564df2b163bc459119dcae5b9b222de + repository: https://github.com/winebarrel/faraday_middleware-aws-sigv4 + tag: v${{package.version}} + + - uses: ruby/build + with: + gem: ${{vars.gem}} + + - uses: ruby/install + with: + gem: ${{vars.gem}} + version: ${{package.version}} + + - uses: ruby/clean + +vars: + gem: faraday_middleware-aws-sigv4 + +update: + enabled: true + github: + identifier: winebarrel/faraday_middleware-aws-sigv4 + strip-prefix: v + use-tag: true + +test: + environment: + contents: + packages: + - ruby${{vars.rubyMM}}-net-http + pipeline: + - runs: ruby -e "require 'faraday_middleware/aws_sigv4'; puts 'faraday_middleware/aws_sigv4 loaded successfully!'" + - runs: | + ruby <<-EOF + require 'faraday' + require 'faraday_middleware/aws_sigv4' + + # Test the middleware by configuring a Faraday connection + begin + conn = Faraday.new(url: 'https://example.com') do |f| + f.request :aws_sigv4, + service: 's3', + region: 'us-east-1', + access_key_id: 'fake_access_key', + secret_access_key: 'fake_secret_key' + end + + puts "Faraday connection configured successfully with AWS SigV4 middleware!" + rescue StandardError => e + raise "Test failed with error: #{e.message}" + end + EOF + +var-transforms: + - from: ${{package.name}} + match: ^ruby(\d\.\d+)-.* + replace: $1 + to: rubyMM diff --git a/ruby3.3-filesize.yaml b/ruby3.3-filesize.yaml index bb9d88ccf81..a12e8912cf4 100644 --- a/ruby3.3-filesize.yaml +++ b/ruby3.3-filesize.yaml @@ -38,6 +38,46 @@ pipeline: vars: gem: filesize +test: + environment: + contents: + packages: + - ruby-${{vars.rubyMM}} + pipeline: + - name: Verify gem installation + runs: | + gem list filesize + - name: Basic functionality test + runs: | + ruby -e ' + begin + require "filesize" + puts "Debug: Loading Filesize class..." + + # Create size object directly with bytes + bytes = Filesize.new(1024) + puts "Debug: Created Filesize object: " + bytes.inspect + + # Convert to KiB (binary kilobytes) since that is the default + kib = bytes.to("KiB") + puts "Debug: Converted to KiB: " + kib.inspect + + size = kib.to_f + puts "Debug: Final float value: " + size.to_s + + # Should be exactly 1.0 since 1024 bytes = 1 KiB + if size == 1.0 + puts "Test passed: 1024 B = 1 KiB" + exit 0 + else + raise "Test failed: Expected 1.0 KiB, got " + size.to_s + end + rescue => e + puts "Test failed with error: " + e.class.to_s + ": " + e.message + puts e.backtrace + exit 1 + end ' + update: enabled: false exclude-reason: unmaintained, latest tag cut in 2018 diff --git a/ruby3.3-fluent-config-regexp-type.yaml b/ruby3.3-fluent-config-regexp-type.yaml index eef339a9439..a1f2d37857e 100644 --- a/ruby3.3-fluent-config-regexp-type.yaml +++ b/ruby3.3-fluent-config-regexp-type.yaml @@ -42,6 +42,29 @@ pipeline: - uses: ruby/clean +test: + pipeline: + - runs: | + ruby -e ' + require "fluent/config/regexp_type" + + # Test timestamp pattern + regex = Fluent::Config::REGEXP_TYPE.call("/^\\d{4}-\\d{2}-\\d{2}/") + + # Should match + raise "Valid date (2024-11-23) failed to match" unless regex.match?("2024-11-23") + + # Should not match any of these + ["11-23-2024", "11-2-2024", "11-23-202", "202-11-23"].each do |invalid_date| + if regex.match?(invalid_date) + raise "Incorrectly matched #{invalid_date} which should not match pattern ^\\d{4}-\\d{2}-\\d{2}" + end + end + + puts "All tests passed!" + puts "Pattern matches yyyy-mm-dd format only" + ' + update: enabled: true github: diff --git a/ruby3.3-fluentd-1.17.yaml b/ruby3.3-fluentd-1.17.yaml index 84383ec198d..040571dd011 100644 --- a/ruby3.3-fluentd-1.17.yaml +++ b/ruby3.3-fluentd-1.17.yaml @@ -92,6 +92,7 @@ update: test: pipeline: + # Keep existing daemon test - name: Daemon test uses: test/daemon-check-output with: @@ -100,6 +101,8 @@ test: mkdir -p /etc/fluent/ touch /etc/fluent/fluent.conf expected_output: fluentd worker is now running + # Keep command line tests + - name: Command line tests runs: | fluent-binlog-reader --version fluent-ca-generate --version @@ -117,6 +120,61 @@ test: fluent-plugin-generate --help fluentd --version fluentd --help + - name: Basic IO test + runs: | + # Create minimal config + cat > test.conf < + log_level debug + + + + @type forward + port 24224 + + + + @type file + path /tmp/fluentd_test + append true + + flush_mode immediate + + + EOF + + # Start fluentd with logs + fluentd -c test.conf -d /tmp/fluentd.pid --log /tmp/fluentd.log + + # Wait for start + sleep 5 + + # Send test message with specific content + echo '{"message":"test_message_content"}' | fluent-cat test.tag + + # Wait for processing + sleep 5 + + # Check output files and content + if ls /tmp/fluentd_test.*.log > /dev/null 2>&1; then + OUTPUT=$(cat /tmp/fluentd_test.*.log) + echo "Output file contents: $OUTPUT" + + if echo "$OUTPUT" | grep -q "test_message_content"; then + echo "Test passed: Message content verified" + else + echo "Test failed: Expected message content not found" + exit 1 + fi + else + echo "Test failed: No output file" + echo "Fluentd logs:" + cat /tmp/fluentd.log + exit 1 + fi + + # Cleanup + kill $(cat /tmp/fluentd.pid) var-transforms: - from: ${{package.name}} diff --git a/ruby3.3-gems.yaml b/ruby3.3-gems.yaml index 791a8939b87..a90ef253b57 100644 --- a/ruby3.3-gems.yaml +++ b/ruby3.3-gems.yaml @@ -49,6 +49,22 @@ test: print Gems.info 'rails' EOF ruby /tmp/test.rb + - name: Basic functionality test + runs: | + ruby -e ' + require "gems" + require "json" + + # Test search functionality + result = Gems.search("rake") + raise "Search failed" unless result.is_a?(Array) && !result.empty? + + # Test version info + versions = Gems.versions("rake") + raise "Version lookup failed" unless versions.is_a?(Array) && !versions.empty? + + puts "Tests passed - got valid responses for search and versions" + ' update: enabled: true diff --git a/ruby3.3-hashie.yaml b/ruby3.3-hashie.yaml index 5e7aa3f9149..142292282e2 100644 --- a/ruby3.3-hashie.yaml +++ b/ruby3.3-hashie.yaml @@ -38,6 +38,43 @@ pipeline: vars: gem: hashie +test: + pipeline: + - name: Verify library import + runs: ruby -e "require 'hashie'" + - name: Basic functionality test + runs: | + ruby -e ' + require "hashie" + + # Test Mash functionality + mash = Hashie::Mash.new + mash.name = "Test" + mash.info = { lang: "Ruby" } + + raise "Basic assignment failed" unless mash.name == "Test" + raise "Nested hash failed" unless mash.info.lang == "Ruby" + + # Test indifferent access + mash[:test_key] = "value" + raise "Indifferent access failed" unless mash["test_key"] == "value" && mash.test_key == "value" + + # Test key deletion + mash.delete(:test_key) + raise "Delete failed" if mash.key?(:test_key) + + # Test default values + mash.default = "not found" + raise "Default value failed" unless mash.missing == "not found" + + # Test merge + other = Hashie::Mash.new(a: 1, b: 2) + merged = mash.merge(other) + raise "Merge failed" unless merged.a == 1 && merged.info.lang == "Ruby" + + puts "All tests passed!" + ' + update: enabled: true github: diff --git a/ruby3.3-http.yaml b/ruby3.3-http.yaml index eeced43c711..7849830cf06 100644 --- a/ruby3.3-http.yaml +++ b/ruby3.3-http.yaml @@ -54,6 +54,23 @@ test: HTTP.get("https://github.com").to_s EOF ruby /tmp/test.rb + - name: Functional test with POST request + runs: | + cat < /tmp/functional_test.rb + require "http" + + # Perform a POST request to httpbin.org + response = HTTP.post("https://httpbin.org/post", json: { key: "value" }) + + # Validate the response + raise "Unexpected status code" unless response.status == 200 + + body = response.parse(:json) + raise "Unexpected response body" unless body["json"]["key"] == "value" + + puts "Functional test passed!" + EOF + ruby /tmp/functional_test.rb update: enabled: true diff --git a/ruby3.3-http_parser.rb.yaml b/ruby3.3-http_parser.rb.yaml index 504b59a7cef..7095fa9548c 100644 --- a/ruby3.3-http_parser.rb.yaml +++ b/ruby3.3-http_parser.rb.yaml @@ -48,6 +48,62 @@ pipeline: version: ${{package.version}} - uses: ruby/clean +test: + environment: + contents: + packages: + - ruby-${{vars.rubyMM}} + pipeline: + - name: Verify gem installation + runs: gem list http_parser.rb + - name: Basic import test + runs: | + ruby <<-EOF + begin + require 'http/parser' + puts "Basic import test passed! HTTP::Parser loaded successfully." + rescue LoadError => e + puts "Basic import test failed: #{e.message}" + exit 1 + end + EOF + - name: Expanded functionality test + runs: | + ruby <<-EOF + require 'http/parser' + + # Create a basic HTTP parser and parse a simple request + begin + parser = HTTP::Parser.new + parsed_headers = {} + + # Define callbacks for parsing events + parser.on_headers_complete = proc do |headers| + parsed_headers.merge!(headers) + puts "Headers parsed successfully!" + end + parser.on_message_complete = proc { puts "Message parsed successfully!" } + + # Feed the parser with a simple HTTP request + request = "GET /path/to/resource HTTP/1.1\r\n" \ + "Host: example.com\r\n" \ + "User-Agent: TestAgent\r\n\r\n" + parser << request + + # Validate parsing results + raise "Unexpected HTTP method" unless parser.http_method == "GET" + raise "Unexpected request URL" unless parser.request_url == "/path/to/resource" + raise "Unexpected HTTP version" unless parser.http_version == [1, 1] + raise "Unexpected Host header" unless parsed_headers["Host"] == "example.com" + raise "Unexpected User-Agent header" unless parsed_headers["User-Agent"] == "TestAgent" + + puts "Expanded functionality test passed with valid results!" + rescue => e + puts "Test failed: #{e.message}" + exit 1 + end + EOF + update: enabled: true github: diff --git a/ruby3.3-i18n.yaml b/ruby3.3-i18n.yaml index f653d1a9d64..e6c692ce268 100644 --- a/ruby3.3-i18n.yaml +++ b/ruby3.3-i18n.yaml @@ -40,6 +40,24 @@ pipeline: vars: gem: i18n +test: + pipeline: + - runs: ruby -e "require 'i18n'" + - name: Basic translation test + runs: | + ruby <<-EOF + require 'i18n' + + # Create a translation directly in memory + I18n.backend.store_translations(:en, hello: "Hello, %{name}!") + + # Test translation + greeting = I18n.t('hello', name: 'World') + raise "Translation test failed!" unless greeting == "Hello, World!" + + puts "Basic translation test passed!" + EOF + update: enabled: true github: diff --git a/ruby3.3-io-console.yaml b/ruby3.3-io-console.yaml index 06abb60af39..0dcb866d12d 100644 --- a/ruby3.3-io-console.yaml +++ b/ruby3.3-io-console.yaml @@ -44,7 +44,38 @@ vars: test: pipeline: - - runs: ruby -e "require 'io/console'" + - name: Verify gem installation + runs: | + gem list io-console + - name: Test core functionality + runs: | + ruby -e ' + begin + require "io/console" + + # Test basic require works + puts "Loaded io/console successfully" + + # Test core methods + [:tty?, :winsize, :winsize=].each do |method| + unless IO.instance_methods.include?(method) + raise "Missing IO method: #{method}" + end + end + + # Test STDIN responds to console methods + unless STDIN.respond_to?(:tty?) + raise "STDIN missing tty? method" + end + + puts "Core functionality verified" + exit 0 + rescue => e + puts "Test failed: #{e.class}: #{e.message}" + puts e.backtrace + exit 1 + end + ' update: enabled: true diff --git a/ruby3.3-jar-dependencies.yaml b/ruby3.3-jar-dependencies.yaml index 2a25970c61d..deaf50ebca1 100644 --- a/ruby3.3-jar-dependencies.yaml +++ b/ruby3.3-jar-dependencies.yaml @@ -49,6 +49,29 @@ test: # AUTOGENERATED - runs: | lock_jars --help + - name: Verify gem import + runs: ruby -e "require 'jar_dependencies'; puts 'jar_dependencies loaded successfully!'" + - name: Test basic functionality + runs: | + ruby -e ' + begin + require "jar_dependencies" + + # Test module definition + raise "Missing Jars module" unless defined?(Jars) + + # Test basic methods exist + [:require_jar, :setup, :lock].each do |method| + raise "Missing method: Jars.#{method}" unless Jars.respond_to?(method) + end + + puts "Basic jar-dependencies functionality verified" + exit 0 + rescue => e + puts "Test failed: #{e.message}" + exit 1 + end + ' var-transforms: - from: ${{package.name}} diff --git a/ruby3.3-jmespath.yaml b/ruby3.3-jmespath.yaml index 7cc5894939d..1f6a846225d 100644 --- a/ruby3.3-jmespath.yaml +++ b/ruby3.3-jmespath.yaml @@ -37,6 +37,32 @@ pipeline: vars: gem: jmespath +test: + pipeline: + - name: Verify gem import + runs: ruby -e "require 'jmespath'; puts 'jmespath loaded successfully!'" + - name: Basic JMESPath evaluation + runs: | + ruby <<-EOF + require 'jmespath' + + # Basic JMESPath expression test + data = { + "foo" => { + "bar" => "value" + } + } + expression = "foo.bar" + result = JMESPath.search(expression, data) + + # Validate the result + if result == "value" + puts "Basic JMESPath evaluation successful!" + else + raise "Expected 'value' but got '\#{result}'" + end + EOF + update: enabled: true github: From d60792e8b3e59beb9ca2d1f68d2e289258c4193d Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Mon, 25 Nov 2024 22:03:24 +0000 Subject: [PATCH 12/61] wazero/1.8.2 package update (#35181)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- wazero.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/wazero.yaml b/wazero.yaml index a4ca0ac3c82..f66ce313f3a 100644 --- a/wazero.yaml +++ b/wazero.yaml @@ -1,6 +1,6 @@ package: name: wazero - version: 1.8.1 + version: 1.8.2 epoch: 0 description: The zero dependency WebAssembly runtime for Go developers copyright: @@ -19,7 +19,7 @@ pipeline: with: repository: https://github.com/tetratelabs/wazero tag: v${{package.version}} - expected-commit: 6016a705fa6077f517731d4ce148a82968de02dd + expected-commit: 610c202ec48f3a7c729f2bf11707330127ab3689 - runs: | make build/wazero_linux_$(go env GOARCH)/wazero From bf8a1b456ea0f0415799c9b06d1fd45dee407d96 Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Mon, 25 Nov 2024 22:03:38 +0000 Subject: [PATCH 13/61] ztunnel-1.24/1.24.1 package update (#35173)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- ztunnel-1.24.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ztunnel-1.24.yaml b/ztunnel-1.24.yaml index f7b183db7b4..65c8e352126 100644 --- a/ztunnel-1.24.yaml +++ b/ztunnel-1.24.yaml @@ -1,6 +1,6 @@ package: name: ztunnel-1.24 - version: 1.24.0 + version: 1.24.1 epoch: 0 description: The `ztunnel` component of istio ambient mesh. copyright: @@ -34,7 +34,7 @@ pipeline: with: repository: https://github.com/istio/ztunnel tag: ${{package.version}} - expected-commit: 1226c1b35f50938f428c71f7dcad3602ea991675 + expected-commit: 4c7cdf1b62ddcc786402499c03eff0d5172c95ef - runs: | export ZTUNNEL_BUILD_buildStatus=clean From f3defdb21beef6cb1a0462bc354a02dfbd8c91d8 Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Mon, 25 Nov 2024 22:04:05 +0000 Subject: [PATCH 14/61] istio-1.24/1.24.1 package update (#35175)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- istio-1.24.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/istio-1.24.yaml b/istio-1.24.yaml index 37e0b3e8b0e..4c1c84ee67c 100644 --- a/istio-1.24.yaml +++ b/istio-1.24.yaml @@ -1,7 +1,7 @@ package: name: istio-1.24 - version: 1.24.0 - epoch: 2 + version: 1.24.1 + epoch: 0 description: Istio is an open source service mesh that layers transparently onto existing distributed applications. copyright: - license: Apache-2.0 @@ -26,7 +26,7 @@ pipeline: with: repository: https://github.com/istio/istio tag: ${{package.version}} - expected-commit: 8825a6b7f8c9a2d66005a5f8b64e98aaee0dda99 + expected-commit: 5c178358f9c61c50d3d6149a0b05a609a0d7defd subpackages: - name: istio-cni-${{vars.major-minor-version}} From 77949492e0c5c0dd69e944e81eea80645b903dbf Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Mon, 25 Nov 2024 23:03:35 +0000 Subject: [PATCH 15/61] py3-boto3/1.35.69 package update (#35184)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- py3-boto3.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/py3-boto3.yaml b/py3-boto3.yaml index f4279aa2304..78faa1b202b 100644 --- a/py3-boto3.yaml +++ b/py3-boto3.yaml @@ -1,6 +1,6 @@ package: name: py3-boto3 - version: 1.35.68 + version: 1.35.69 epoch: 0 description: The AWS SDK for Python copyright: @@ -28,7 +28,7 @@ environment: pipeline: - uses: fetch with: - expected-sha256: 091d6bed1422370987a839bff3f8755df7404fc15e9fac2a48e8505356f07433 + expected-sha256: 40db86c7732a310b282f595251995ecafcbd62009a57e47a22683862e570cc7a uri: https://files.pythonhosted.org/packages/source/b/boto3/boto3-${{package.version}}.tar.gz subpackages: From df7ac7e6dec87991a328ac5629bdfc21fef31a7a Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Mon, 25 Nov 2024 23:04:01 +0000 Subject: [PATCH 16/61] istio-envoy-1.24/1.24.1 package update (#35172)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- istio-envoy-1.24.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/istio-envoy-1.24.yaml b/istio-envoy-1.24.yaml index dbb224872ed..1486659bfdc 100644 --- a/istio-envoy-1.24.yaml +++ b/istio-envoy-1.24.yaml @@ -1,6 +1,6 @@ package: name: istio-envoy-1.24 - version: 1.24.0 + version: 1.24.1 epoch: 0 description: Envoy with additional Istio plugins (wasm, telemetry, etc) copyright: @@ -48,7 +48,7 @@ pipeline: with: repository: https://github.com/istio/proxy tag: ${{package.version}} - expected-commit: 739644f84930a8c0d416319aea97f58c2222f7ef + expected-commit: 147cca4e7da4e8b3f8006e9fe3d8b3d6abd89462 - runs: | export JAVA_HOME=/usr/lib/jvm/java-11-openjdk From 5a7bc65052bf02d346a486ac0e3de2c003ddc7fd Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 00:14:38 +0000 Subject: [PATCH 17/61] py3-botocore/1.35.69 package update (#35185)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- py3-botocore.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/py3-botocore.yaml b/py3-botocore.yaml index 3db9622d1bc..a43b4b85838 100644 --- a/py3-botocore.yaml +++ b/py3-botocore.yaml @@ -1,6 +1,6 @@ package: name: py3-botocore - version: 1.35.68 + version: 1.35.69 epoch: 0 description: The low-level, core functionality of Boto3 copyright: @@ -29,7 +29,7 @@ pipeline: - uses: fetch with: uri: https://files.pythonhosted.org/packages/source/b/botocore/botocore-${{package.version}}.tar.gz - expected-sha256: 42c3700583a82f2b5316281a073d644a521d6358837e2b446dc458ba5d990fb4 + expected-sha256: f9f23dd76fb247d9b0e8d411d2995e6f847fc451c026f1e58e300f815b0b36eb subpackages: - range: py-versions From c1c9202c41803314e15af8a2d8563c691445cbcd Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 01:09:05 +0000 Subject: [PATCH 18/61] linkerd2/24.11.7 package update (#35188)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- linkerd2.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/linkerd2.yaml b/linkerd2.yaml index 65afe09f06f..79df2be83c5 100644 --- a/linkerd2.yaml +++ b/linkerd2.yaml @@ -1,6 +1,6 @@ package: name: linkerd2 - version: 24.11.5 + version: 24.11.7 epoch: 0 description: "meta linkerd package" copyright: @@ -25,7 +25,7 @@ environment: pipeline: - uses: git-checkout with: - expected-commit: 3c91fc64ce61208e3be01f908abe178e3786616f + expected-commit: afdf2e7d2de44c7ac1dedee64e8b5031f1d5f57b repository: https://github.com/linkerd/linkerd2/ tag: edge-${{package.version}} From a3c17a9cf5f3782ae237373cb45b20c9852e87bb Mon Sep 17 00:00:00 2001 From: dann frazier Date: Mon, 25 Nov 2024 18:19:33 -0700 Subject: [PATCH 19/61] py3-grpcio-tools: python multiversioning (#34780) --- pipelines/py/pip-build-install.yaml | 5 +- py3-grpcio-gcp.yaml | 5 +- py3-grpcio-tools.yaml | 137 ++++++++++++++++++---------- 3 files changed, 94 insertions(+), 53 deletions(-) diff --git a/pipelines/py/pip-build-install.yaml b/pipelines/py/pip-build-install.yaml index 793b93ecb27..8cfa9d5a513 100644 --- a/pipelines/py/pip-build-install.yaml +++ b/pipelines/py/pip-build-install.yaml @@ -7,9 +7,6 @@ inputs: dest: description: the destination default: ${{targets.contextdir}} - source: - description: directory containing the python package source - default: . needs-exe-named-python3: description: Does the build actually need 'python3' in its PATH default: false @@ -110,7 +107,7 @@ pipeline: mkdir -p "$distwheelsd" echo "$py is $pyver with site_packages dir '$sitepkgd'" vr $py -m pip wheel --verbose "--wheel-dir=$wd" \ - "--find-links=$distwheelsd" --no-index --no-build-isolation --no-deps "${{inputs.source}}" + "--find-links=$distwheelsd" --no-index --no-build-isolation --no-deps . vr $py -m pip install --verbose \ "--find-links=$distwheelsd" --no-index --no-build-isolation --no-deps \ --force-reinstall --no-compile --prefix=/usr "--root=$root" "$wd"/*.whl diff --git a/py3-grpcio-gcp.yaml b/py3-grpcio-gcp.yaml index 7f1056d9602..6c7a267b134 100644 --- a/py3-grpcio-gcp.yaml +++ b/py3-grpcio-gcp.yaml @@ -1,7 +1,7 @@ package: name: py3-grpcio-gcp version: 0.2.2 - epoch: 3 + epoch: 4 description: gRPC extensions for Google Cloud Platform copyright: - license: Apache-2.0 @@ -26,6 +26,7 @@ environment: - py3-grpcio-tools - py3-supported-build-base - py3-supported-setuptools + - python3 pipeline: - uses: git-checkout @@ -57,7 +58,7 @@ subpackages: - uses: py/pip-build-install with: python: python${{range.key}} - source: ./src + working-directory: ./src - uses: strip test: pipeline: diff --git a/py3-grpcio-tools.yaml b/py3-grpcio-tools.yaml index 82b221690be..1476186955a 100644 --- a/py3-grpcio-tools.yaml +++ b/py3-grpcio-tools.yaml @@ -1,17 +1,24 @@ -# Generated from https://pypi.org/project/grpcio-tools/ package: name: py3-grpcio-tools - version: 1.67.1 - epoch: 1 + version: 1.68.0 + epoch: 0 description: Protobuf code generator for gRPC copyright: - license: Apache-2.0 dependencies: - runtime: - - py3-protobuf - - py3-grpcio - - py3-setuptools - - python3 + provider-priority: 0 + +vars: + pypi-package: grpcio-tools + import: grpc_tools.protoc + +data: + - name: py-versions + items: + 3.10: '310' + 3.11: '311' + 3.12: '312' + 3.13: '300' environment: contents: @@ -19,65 +26,101 @@ environment: - build-base - busybox - ca-certificates-bundle - - cython - git - openssf-compiler-options - - py3-setuptools - - py3-wheel + - py3-supported-build-base + - py3-supported-cython + - py3-supported-python-dev + - py3-supported-setuptools - python3 - - python3-dev - wolfi-base + environment: + # https://github.com/wolfi-dev/os/issues/34075 + GCC_SPEC_FILE: /dev/null + GRPC_PYTHON_BUILD_WITH_CYTHON: 1 pipeline: - uses: git-checkout with: repository: https://github.com/grpc/grpc tag: v${{package.version}} - expected-commit: d3286610f703a339149c3f9be69f0d7d0abb130a + expected-commit: 6b49ae626bc9cd7033e062f89dbe0e0576b1110e - runs: | git submodule update --init cd tools/distrib/python/grpcio_tools - python ../make_grpcio_tools.py - export GRPC_PYTHON_BUILD_WITH_CYTHON=1 - python setup.py install --prefix=/usr --root="${{targets.destdir}}" + python3 ../make_grpcio_tools.py - uses: strip +subpackages: + - range: py-versions + name: py${{range.key}}-${{vars.pypi-package}} + description: python${{range.key}} version of ${{vars.pypi-package}} + dependencies: + provider-priority: ${{range.value}} + provides: + - py3-${{vars.pypi-package}} + runtime: + - py${{range.key}}-grpcio + - py${{range.key}}-protobuf + pipeline: + - uses: py/pip-build-install + with: + python: python${{range.key}} + working-directory: tools/distrib/python/grpcio_tools + - uses: strip + test: + pipeline: + - name: Verify Installation + uses: python/import + with: + python: python${{range.key}} + imports: | + import ${{vars.import}} + - name: Test Protobuf Compilation + runs: | + # Create a temporary directory for testing + mkdir -p /home/build/test-grpcio-tools + cd /home/build/test-grpcio-tools + + # Create a sample .proto file for testing + echo 'syntax = "proto3"; package test; message TestMessage { string test_field = 1; }' > test.proto + + # Compile the .proto file using grpcio-tools + python${{range.key}} -m grpc_tools.protoc -I. --python_out=. --grpc_python_out=. test.proto || exit 1 + echo "Protobuf file compiled successfully." + + # Check if Python files were generated + if [ ! -f test_pb2.py ] || [ ! -f test_pb2_grpc.py ]; then + echo "Generated Python files not found!" + exit 1 + fi + echo "Generated Python files found." + - name: Clean Up + runs: | + # Clean up the test files after the test + rm -rf /home/build/test-grpcio-tools + + - name: py3-supported-${{vars.pypi-package}} + description: meta package providing ${{vars.pypi-package}} for supported python versions. + dependencies: + runtime: + - py3.10-${{vars.pypi-package}} + - py3.11-${{vars.pypi-package}} + - py3.12-${{vars.pypi-package}} + - py3.13-${{vars.pypi-package}} + +test: + pipeline: + - name: Verify Installation + uses: python/import + with: + import: ${{vars.import}} + update: enabled: true github: identifier: grpc/grpc strip-prefix: v use-tag: true - -test: - pipeline: - - name: Verify Installation - runs: | - # Ensure that grpcio-tools is installed - python3 -c "import grpc_tools.protoc" || exit 1 - echo "grpcio-tools package is installed." - - name: Test Protobuf Compilation - runs: | - # Create a temporary directory for testing - mkdir -p /home/build/test-grpcio-tools - cd /home/build/test-grpcio-tools - - # Create a sample .proto file for testing - echo 'syntax = "proto3"; package test; message TestMessage { string test_field = 1; }' > test.proto - - # Compile the .proto file using grpcio-tools - python3 -m grpc_tools.protoc -I. --python_out=. --grpc_python_out=. test.proto || exit 1 - echo "Protobuf file compiled successfully." - - # Check if Python files were generated - if [ ! -f test_pb2.py ] || [ ! -f test_pb2_grpc.py ]; then - echo "Generated Python files not found!" - exit 1 - fi - echo "Generated Python files found." - - name: Clean Up - runs: | - # Clean up the test files after the test - rm -rf /home/build/test-grpcio-tools From c44ae4c11d9cf65c102fd0ddb0737fc2328863fe Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 01:35:51 +0000 Subject: [PATCH 20/61] Update images digests (#35040) Update images digests ```release-note NONE ``` ## Changes
```diff diff --git a/.github/actions/docker-run/action.yaml b/.github/actions/docker-run/action.yaml index 426862c..d85b841 100644 --- a/.github/actions/docker-run/action.yaml +++ b/.github/actions/docker-run/action.yaml @@ -6,7 +6,7 @@ inputs: required: true image: description: "The image to use" - default: "ghcr.io/wolfi-dev/sdk:latest@sha256:77da1186e7c2d9796bcaf4fb035e8675cd822d67a1d8a530cc0f1ceb5df80110" + default: "ghcr.io/wolfi-dev/sdk:latest@sha256:98d8669d2eb9c8d23984fa2f55a272b67a04b4bfd132c714682c4fd716a3d7be" required: false workdir: description: "The images working directory" diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 478e1f4..a5bf5b5 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -29,7 +29,7 @@ jobs: contents: read container: - image: ghcr.io/wolfi-dev/sdk:latest@sha256:77da1186e7c2d9796bcaf4fb035e8675cd822d67a1d8a530cc0f1ceb5df80110 + image: ghcr.io/wolfi-dev/sdk:latest@sha256:98d8669d2eb9c8d23984fa2f55a272b67a04b4bfd132c714682c4fd716a3d7be # TODO: Deprivilege options: | --cap-add NET_ADMIN --cap-add SYS_ADMIN --device /dev/fuse --security-opt seccomp=unconfined --security-opt apparmor:unconfined @@ -175,7 +175,7 @@ jobs: container: # NOTE: This step only signs and uploads, so it doesn't need any privileges - image: ghcr.io/wolfi-dev/sdk:latest@sha256:77da1186e7c2d9796bcaf4fb035e8675cd822d67a1d8a530cc0f1ceb5df80110 + image: ghcr.io/wolfi-dev/sdk:latest@sha256:98d8669d2eb9c8d23984fa2f55a272b67a04b4bfd132c714682c4fd716a3d7be steps: - name: Harden Runner @@ -303,7 +303,7 @@ jobs: container: # NOTE: This step only signs and uploads, so it doesn't need any privileges - image: ghcr.io/wolfi-dev/sdk:latest@sha256:77da1186e7c2d9796bcaf4fb035e8675cd822d67a1d8a530cc0f1ceb5df80110 + image: ghcr.io/wolfi-dev/sdk:latest@sha256:98d8669d2eb9c8d23984fa2f55a272b67a04b4bfd132c714682c4fd716a3d7be steps: - name: Harden Runner diff --git a/Makefile b/Makefile index 65e0107..14618f4 100644 --- a/Makefile +++ b/Makefile @@ -167,7 +167,7 @@ dev-container: -v "${PWD}:${PWD}" \ -w "${PWD}" \ -e SOURCE_DATE_EPOCH=0 \ - ghcr.io/wolfi-dev/sdk:latest@sha256:77da1186e7c2d9796bcaf4fb035e8675cd822d67a1d8a530cc0f1ceb5df80110 + ghcr.io/wolfi-dev/sdk:latest@sha256:98d8669d2eb9c8d23984fa2f55a272b67a04b4bfd132c714682c4fd716a3d7be PACKAGES_CONTAINER_FOLDER ?= /work/packages # This target spins up a docker container that is helpful for testing local @@ -235,6 +235,6 @@ dev-container-wolfi: --mount type=bind,source="${PWD}/local-melange.rsa.pub",destination="/etc/apk/keys/local-melange.rsa.pub",readonly \ --mount type=bind,source="$(TMP_REPOS_FILE)",destination="/etc/apk/repositories",readonly \ -w "$(PACKAGES_CONTAINER_FOLDER)" \ - ghcr.io/wolfi-dev/sdk:latest@sha256:77da1186e7c2d9796bcaf4fb035e8675cd822d67a1d8a530cc0f1ceb5df80110 + ghcr.io/wolfi-dev/sdk:latest@sha256:98d8669d2eb9c8d23984fa2f55a272b67a04b4bfd132c714682c4fd716a3d7be @rm "$(TMP_REPOS_FILE)" @rmdir "$(TMP_REPOS_DIR)" ```
Co-authored-by: octo-sts[bot] <157150467+octo-sts[bot]@users.noreply.github.com> --- .github/actions/docker-run/action.yaml | 2 +- .github/workflows/build.yaml | 6 +++--- Makefile | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/actions/docker-run/action.yaml b/.github/actions/docker-run/action.yaml index 426862c2426..d85b8410265 100644 --- a/.github/actions/docker-run/action.yaml +++ b/.github/actions/docker-run/action.yaml @@ -6,7 +6,7 @@ inputs: required: true image: description: "The image to use" - default: "ghcr.io/wolfi-dev/sdk:latest@sha256:77da1186e7c2d9796bcaf4fb035e8675cd822d67a1d8a530cc0f1ceb5df80110" + default: "ghcr.io/wolfi-dev/sdk:latest@sha256:98d8669d2eb9c8d23984fa2f55a272b67a04b4bfd132c714682c4fd716a3d7be" required: false workdir: description: "The images working directory" diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 478e1f4a875..a5bf5b55677 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -29,7 +29,7 @@ jobs: contents: read container: - image: ghcr.io/wolfi-dev/sdk:latest@sha256:77da1186e7c2d9796bcaf4fb035e8675cd822d67a1d8a530cc0f1ceb5df80110 + image: ghcr.io/wolfi-dev/sdk:latest@sha256:98d8669d2eb9c8d23984fa2f55a272b67a04b4bfd132c714682c4fd716a3d7be # TODO: Deprivilege options: | --cap-add NET_ADMIN --cap-add SYS_ADMIN --device /dev/fuse --security-opt seccomp=unconfined --security-opt apparmor:unconfined @@ -175,7 +175,7 @@ jobs: container: # NOTE: This step only signs and uploads, so it doesn't need any privileges - image: ghcr.io/wolfi-dev/sdk:latest@sha256:77da1186e7c2d9796bcaf4fb035e8675cd822d67a1d8a530cc0f1ceb5df80110 + image: ghcr.io/wolfi-dev/sdk:latest@sha256:98d8669d2eb9c8d23984fa2f55a272b67a04b4bfd132c714682c4fd716a3d7be steps: - name: Harden Runner @@ -303,7 +303,7 @@ jobs: container: # NOTE: This step only signs and uploads, so it doesn't need any privileges - image: ghcr.io/wolfi-dev/sdk:latest@sha256:77da1186e7c2d9796bcaf4fb035e8675cd822d67a1d8a530cc0f1ceb5df80110 + image: ghcr.io/wolfi-dev/sdk:latest@sha256:98d8669d2eb9c8d23984fa2f55a272b67a04b4bfd132c714682c4fd716a3d7be steps: - name: Harden Runner diff --git a/Makefile b/Makefile index 65e01078cf9..14618f421fc 100644 --- a/Makefile +++ b/Makefile @@ -167,7 +167,7 @@ dev-container: -v "${PWD}:${PWD}" \ -w "${PWD}" \ -e SOURCE_DATE_EPOCH=0 \ - ghcr.io/wolfi-dev/sdk:latest@sha256:77da1186e7c2d9796bcaf4fb035e8675cd822d67a1d8a530cc0f1ceb5df80110 + ghcr.io/wolfi-dev/sdk:latest@sha256:98d8669d2eb9c8d23984fa2f55a272b67a04b4bfd132c714682c4fd716a3d7be PACKAGES_CONTAINER_FOLDER ?= /work/packages # This target spins up a docker container that is helpful for testing local @@ -235,6 +235,6 @@ dev-container-wolfi: --mount type=bind,source="${PWD}/local-melange.rsa.pub",destination="/etc/apk/keys/local-melange.rsa.pub",readonly \ --mount type=bind,source="$(TMP_REPOS_FILE)",destination="/etc/apk/repositories",readonly \ -w "$(PACKAGES_CONTAINER_FOLDER)" \ - ghcr.io/wolfi-dev/sdk:latest@sha256:77da1186e7c2d9796bcaf4fb035e8675cd822d67a1d8a530cc0f1ceb5df80110 + ghcr.io/wolfi-dev/sdk:latest@sha256:98d8669d2eb9c8d23984fa2f55a272b67a04b4bfd132c714682c4fd716a3d7be @rm "$(TMP_REPOS_FILE)" @rmdir "$(TMP_REPOS_DIR)" From 1d8f33dc99083ad5c5a3c380576a1658c17960ce Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 02:14:48 +0000 Subject: [PATCH 21/61] bun-bootstrap/1.1.37 package update (#35194)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- bun-bootstrap.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/bun-bootstrap.yaml b/bun-bootstrap.yaml index 99a1a1fb922..5a13d88cde2 100644 --- a/bun-bootstrap.yaml +++ b/bun-bootstrap.yaml @@ -1,6 +1,6 @@ package: name: bun-bootstrap - version: 1.1.36 + version: 1.1.37 epoch: 0 description: "Bun requires itself to bootstrap." copyright: @@ -23,13 +23,13 @@ pipeline: uses: fetch with: uri: "https://github.com/oven-sh/bun/releases/download/bun-v${{package.version}}/bun-linux-aarch64.zip" - expected-sha256: "d5bbf74d49288bb69819c5459789dac06a0062d999a626d79d2f45b05b53597a" + expected-sha256: "6a2ef497ddcc8fb9b78add876d340c20d7642858e159f93ab5bcb406483ffdd2" extract: false - if: ${{build.arch}} == 'x86_64' uses: fetch with: uri: "https://github.com/oven-sh/bun/releases/download/bun-v${{package.version}}/bun-linux-x64.zip" - expected-sha256: "c5261f4d7e342fe720bc6a5d736b1c94f4df2942c225a87652c6985181b1ec77" + expected-sha256: "cc7a53917edc9b65778bacdfca21e9acfbd1f2f69742d616980377a78620e974" extract: false - runs: | From 143db377d94ff67c39b703e1de3b859fdf0b1e72 Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 03:03:31 +0000 Subject: [PATCH 22/61] bun/1.1.37 package update (#35193)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- bun.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/bun.yaml b/bun.yaml index a54a92cd8e4..b87fab771f6 100644 --- a/bun.yaml +++ b/bun.yaml @@ -1,6 +1,6 @@ package: name: bun - version: 1.1.36 + version: 1.1.37 epoch: 0 description: "Incredibly fast JavaScript runtime, bundler, test runner, and package manager - all in one" copyright: @@ -54,7 +54,7 @@ pipeline: - uses: git-checkout with: repository: https://github.com/oven-sh/bun - expected-commit: ededc168cf07afcdbe5ca34495c58df435ea526d + expected-commit: 8ca0eb831d6739c6a94b3f4d484bbfe71ee97226 tag: bun-v${{package.version}} - runs: | From d27a457b943461a11c13f77c3e7030188a2e32ac Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 05:03:58 +0000 Subject: [PATCH 23/61] py3-virtualenv/20.28.0 package update (#35202)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- py3-virtualenv.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/py3-virtualenv.yaml b/py3-virtualenv.yaml index c72fa879483..efc26bfe9c2 100644 --- a/py3-virtualenv.yaml +++ b/py3-virtualenv.yaml @@ -1,6 +1,6 @@ package: name: py3-virtualenv - version: 20.27.1 + version: 20.28.0 epoch: 0 description: Virtual Python Environment builder copyright: @@ -34,7 +34,7 @@ pipeline: with: repository: https://github.com/pypa/virtualenv tag: ${{package.version}} - expected-commit: cb20fdaeaebcb3a6e91037e1017a313883057fee + expected-commit: bfc04e3616d66edc55a31b9627bc5ef35efdf62a subpackages: - range: py-versions From 2e133302ae0ad36362789afb0e5519d7d11701fb Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 06:04:54 +0000 Subject: [PATCH 24/61] ruby3.2-protocol-http/0.45.0 package update (#35206)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- ruby3.2-protocol-http.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ruby3.2-protocol-http.yaml b/ruby3.2-protocol-http.yaml index a8b31f40bb6..7551014b364 100644 --- a/ruby3.2-protocol-http.yaml +++ b/ruby3.2-protocol-http.yaml @@ -1,6 +1,6 @@ package: name: ruby3.2-protocol-http - version: 0.44.0 + version: 0.45.0 epoch: 0 description: Provides abstractions to handle HTTP protocols. copyright: @@ -25,7 +25,7 @@ vars: pipeline: - uses: git-checkout with: - expected-commit: bdabfd7e25a4949406d8c420f67427005518091c + expected-commit: f0a9782fbe60eac3d8e057de33b585cc066774fc repository: https://github.com/socketry/protocol-http tag: v${{package.version}} From 12eeeca1e1f86152444ad75224e0fe749ad0fea3 Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 06:05:09 +0000 Subject: [PATCH 25/61] ollama/0.4.5 package update (#35201)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- ollama.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ollama.yaml b/ollama.yaml index 23bcdd68d94..8f8b4702ccb 100644 --- a/ollama.yaml +++ b/ollama.yaml @@ -1,6 +1,6 @@ package: name: ollama - version: 0.4.4 + version: 0.4.5 epoch: 0 description: Get up and running with Llama 2 and other large language models locally copyright: @@ -20,7 +20,7 @@ pipeline: with: repository: https://github.com/ollama/ollama tag: v${{package.version}} - expected-commit: 3478b2cf14c3fa2661c03f7fd5764a63a496293a + expected-commit: 2b7ed61ca22743598db2b407a94b8865042f1078 - runs: | go generate ./... From 5bdbb87e87bc4c920d86e9e34e0deaabf12b4a7e Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 06:05:33 +0000 Subject: [PATCH 26/61] ruby3.3-protocol-http/0.45.0 package update (#35204)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- ruby3.3-protocol-http.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ruby3.3-protocol-http.yaml b/ruby3.3-protocol-http.yaml index bb5bcd044ba..27577847216 100644 --- a/ruby3.3-protocol-http.yaml +++ b/ruby3.3-protocol-http.yaml @@ -1,6 +1,6 @@ package: name: ruby3.3-protocol-http - version: 0.44.0 + version: 0.45.0 epoch: 0 description: Provides abstractions to handle HTTP protocols. copyright: @@ -25,7 +25,7 @@ vars: pipeline: - uses: git-checkout with: - expected-commit: bdabfd7e25a4949406d8c420f67427005518091c + expected-commit: f0a9782fbe60eac3d8e057de33b585cc066774fc repository: https://github.com/socketry/protocol-http tag: v${{package.version}} From 6c6cc2a0a90a729c369ba9aca516beb50eba86e0 Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 08:04:47 +0000 Subject: [PATCH 27/61] tealdeer/1.7.1-r0: cve remediation (#35207) tealdeer/1.7.1-r0: fix GHSA-qg5g-gv98-5ffh Advisory data: https://github.com/wolfi-dev/advisories/blob/main/tealdeer.advisories.yaml Co-authored-by: octo-sts[bot] <157150467+octo-sts@users.noreply.github.com> --- tealdeer.yaml | 4 +++- tealdeer/cargobump-deps.yaml | 3 +++ 2 files changed, 6 insertions(+), 1 deletion(-) create mode 100644 tealdeer/cargobump-deps.yaml diff --git a/tealdeer.yaml b/tealdeer.yaml index 76e440da81f..d474104d4b4 100644 --- a/tealdeer.yaml +++ b/tealdeer.yaml @@ -1,7 +1,7 @@ package: name: tealdeer version: 1.7.1 - epoch: 0 + epoch: 1 description: A very fast implementation of tldr in Rust. copyright: - license: Apache-2.0 @@ -17,6 +17,8 @@ pipeline: tag: v${{package.version}} expected-commit: 1d9153e37e131ca56071213ba40ec01b16158ebf + - uses: rust/cargobump + - name: Configure and Build uses: cargo/build with: diff --git a/tealdeer/cargobump-deps.yaml b/tealdeer/cargobump-deps.yaml new file mode 100644 index 00000000000..4d353f7d988 --- /dev/null +++ b/tealdeer/cargobump-deps.yaml @@ -0,0 +1,3 @@ +packages: + - name: rustls + version: 0.23.18 From f1cc6c977be71288b3dea3aef6e98deaae4ab19e Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 09:35:02 +0000 Subject: [PATCH 28/61] kubescape/3.0.21 package update (#34631)

--------- Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Signed-off-by: Batuhan Apaydin Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: Batuhan Apaydin --- kubescape.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/kubescape.yaml b/kubescape.yaml index a6c948ba100..8aac924d7c8 100644 --- a/kubescape.yaml +++ b/kubescape.yaml @@ -1,6 +1,6 @@ package: name: kubescape - version: 3.0.20 + version: 3.0.21 epoch: 0 description: Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources. copyright: @@ -20,14 +20,14 @@ environment: pipeline: - uses: git-checkout with: - expected-commit: 5b9c6491de8ab7b89c15d6b1b780987e2206a4c4 + expected-commit: a9ac880356ec677e17472f08592d87b75229c681 recurse-submodules: "true" repository: https://github.com/kubescape/kubescape tag: v${{package.version}} - uses: go/bump with: - deps: github.com/anchore/archiver/v3@v3.5.2 + deps: github.com/mholt/archiver/v3@v3.5.2 replaces: github.com/mholt/archiver/v3=github.com/anchore/archiver/v3@v3.5.2 - runs: | From 613d034fc2fd894f904fd804dfe79b32815e5767 Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 10:04:14 +0000 Subject: [PATCH 29/61] vite/6.0.0 package update (#35222)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- vite.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vite.yaml b/vite.yaml index bdba4464ac8..e4ed775f893 100644 --- a/vite.yaml +++ b/vite.yaml @@ -1,6 +1,6 @@ package: name: vite - version: 5.4.11 + version: 6.0.0 epoch: 0 description: Vite (French word for "quick", pronounced /vit/, like "veet") is a build tool that aims to provide a faster and leaner development experience for modern web projects. copyright: From 16c6aa7cac0f9a447ac047ecbdc9a6573eb09d12 Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 10:04:29 +0000 Subject: [PATCH 30/61] ntpd-rs/1.3.0-r1: cve remediation (#35219) ntpd-rs/1.3.0-r1: fix GHSA-qg5g-gv98-5ffh Advisory data: https://github.com/wolfi-dev/advisories/blob/main/ntpd-rs.advisories.yaml Co-authored-by: octo-sts[bot] <157150467+octo-sts@users.noreply.github.com> --- ntpd-rs.yaml | 4 +++- ntpd-rs/cargobump-deps.yaml | 3 +++ 2 files changed, 6 insertions(+), 1 deletion(-) create mode 100644 ntpd-rs/cargobump-deps.yaml diff --git a/ntpd-rs.yaml b/ntpd-rs.yaml index 9b2918de669..2e39862b960 100644 --- a/ntpd-rs.yaml +++ b/ntpd-rs.yaml @@ -1,7 +1,7 @@ package: name: ntpd-rs version: 1.3.0 - epoch: 1 + epoch: 2 description: "An NTP implementation in Rust." copyright: - license: MIT @@ -24,6 +24,8 @@ pipeline: tag: v${{package.version}} expected-commit: e8869f4378971ca470131e54fea6e72655a774c3 + - uses: rust/cargobump + - name: Configure and build runs: | cargo auditable build --release -vv diff --git a/ntpd-rs/cargobump-deps.yaml b/ntpd-rs/cargobump-deps.yaml new file mode 100644 index 00000000000..4d353f7d988 --- /dev/null +++ b/ntpd-rs/cargobump-deps.yaml @@ -0,0 +1,3 @@ +packages: + - name: rustls + version: 0.23.18 From 8b2a8d59b35d8e453e5009d915e5da098e86c92e Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 10:04:46 +0000 Subject: [PATCH 31/61] uv/0.5.4-r0: cve remediation (#35215) uv/0.5.4-r0: fix GHSA-qg5g-gv98-5ffh Advisory data: https://github.com/wolfi-dev/advisories/blob/main/uv.advisories.yaml Co-authored-by: octo-sts[bot] <157150467+octo-sts@users.noreply.github.com> --- uv.yaml | 4 +++- uv/cargobump-deps.yaml | 3 +++ 2 files changed, 6 insertions(+), 1 deletion(-) create mode 100644 uv/cargobump-deps.yaml diff --git a/uv.yaml b/uv.yaml index 81e1738d8e2..cf38f010ddb 100644 --- a/uv.yaml +++ b/uv.yaml @@ -1,7 +1,7 @@ package: name: uv version: 0.5.4 - epoch: 0 + epoch: 1 description: An extremely fast Python package installer and resolver, written in Rust. copyright: - license: MIT @@ -26,6 +26,8 @@ pipeline: tag: ${{package.version}} expected-commit: c62c83c37ada63eae4efb77551e2ec7a0f0113d8 + - uses: rust/cargobump + - runs: | cargo auditable build --locked --release install -Dm755 target/release/uv "${{targets.destdir}}"/usr/bin/uv diff --git a/uv/cargobump-deps.yaml b/uv/cargobump-deps.yaml new file mode 100644 index 00000000000..4d353f7d988 --- /dev/null +++ b/uv/cargobump-deps.yaml @@ -0,0 +1,3 @@ +packages: + - name: rustls + version: 0.23.18 From fa2c3ef375b91905e570212917e862d24365dbde Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 10:05:04 +0000 Subject: [PATCH 32/61] ztunnel-1.24/1.24.1-r0: cve remediation (#35214) ztunnel-1.24/1.24.1-r0: fix GHSA-qg5g-gv98-5ffh Advisory data: https://github.com/wolfi-dev/advisories/blob/main/ztunnel-1.24.advisories.yaml Co-authored-by: octo-sts[bot] <157150467+octo-sts@users.noreply.github.com> --- ztunnel-1.24.yaml | 4 +++- ztunnel-1.24/cargobump-deps.yaml | 3 +++ 2 files changed, 6 insertions(+), 1 deletion(-) create mode 100644 ztunnel-1.24/cargobump-deps.yaml diff --git a/ztunnel-1.24.yaml b/ztunnel-1.24.yaml index 65c8e352126..8498a320eb9 100644 --- a/ztunnel-1.24.yaml +++ b/ztunnel-1.24.yaml @@ -1,7 +1,7 @@ package: name: ztunnel-1.24 version: 1.24.1 - epoch: 0 + epoch: 1 description: The `ztunnel` component of istio ambient mesh. copyright: - license: Apache-2.0 @@ -36,6 +36,8 @@ pipeline: tag: ${{package.version}} expected-commit: 4c7cdf1b62ddcc786402499c03eff0d5172c95ef + - uses: rust/cargobump + - runs: | export ZTUNNEL_BUILD_buildStatus=clean export ZTUNNEL_BUILD_buildGitRevision=$(git rev-parse HEAD) diff --git a/ztunnel-1.24/cargobump-deps.yaml b/ztunnel-1.24/cargobump-deps.yaml new file mode 100644 index 00000000000..4d353f7d988 --- /dev/null +++ b/ztunnel-1.24/cargobump-deps.yaml @@ -0,0 +1,3 @@ +packages: + - name: rustls + version: 0.23.18 From 4359afa48ea1b5aff189c09ca430772f2317c135 Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 10:05:20 +0000 Subject: [PATCH 33/61] xh/0.23.0-r1: cve remediation (#35217) xh/0.23.0-r1: fix GHSA-qg5g-gv98-5ffh Advisory data: https://github.com/wolfi-dev/advisories/blob/main/xh.advisories.yaml Co-authored-by: octo-sts[bot] <157150467+octo-sts@users.noreply.github.com> --- xh.yaml | 4 +++- xh/cargobump-deps.yaml | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/xh.yaml b/xh.yaml index e942f09c517..182da8a20a4 100644 --- a/xh.yaml +++ b/xh.yaml @@ -1,7 +1,7 @@ package: name: xh version: 0.23.0 - epoch: 1 + epoch: 2 description: Friendly and fast tool for sending HTTP requests. copyright: - license: MIT @@ -23,6 +23,8 @@ pipeline: tag: v${{package.version}} expected-commit: 0fb0a13ecb64a3a1af35cfaf13a6970f78c38dfb + - uses: rust/cargobump + - runs: | cargo auditable build --locked --release install -Dm755 target/release/xh "${{targets.destdir}}"/usr/bin/xh diff --git a/xh/cargobump-deps.yaml b/xh/cargobump-deps.yaml index 345caf806ab..4d353f7d988 100644 --- a/xh/cargobump-deps.yaml +++ b/xh/cargobump-deps.yaml @@ -1,3 +1,3 @@ packages: - name: rustls - version: 0.22.4 + version: 0.23.18 From f6b1d6a9788c47e2d0dd370ca4c056ca1825963c Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 10:05:35 +0000 Subject: [PATCH 34/61] wadm/0.18.0-r1: cve remediation (#35213) wadm/0.18.0-r1: fix GHSA-qg5g-gv98-5ffh Advisory data: https://github.com/wolfi-dev/advisories/blob/main/wadm.advisories.yaml Co-authored-by: octo-sts[bot] <157150467+octo-sts@users.noreply.github.com> --- wadm.yaml | 4 +++- wadm/cargobump-deps.yaml | 3 +++ 2 files changed, 6 insertions(+), 1 deletion(-) create mode 100644 wadm/cargobump-deps.yaml diff --git a/wadm.yaml b/wadm.yaml index a166ba3cc16..ff62dc8fa90 100644 --- a/wadm.yaml +++ b/wadm.yaml @@ -1,7 +1,7 @@ package: name: wadm version: 0.18.0 - epoch: 1 + epoch: 2 description: "Wasm-native orchestrator for managing and scaling declarative wasmCloud applications" copyright: - license: Apache-2.0 @@ -23,6 +23,8 @@ pipeline: tag: v${{package.version}} expected-commit: 6f29e729325ee1fa1735df2ae545ae606413c379 + - uses: rust/cargobump + - name: Configure and build runs: | cargo auditable build --release --bin wadm diff --git a/wadm/cargobump-deps.yaml b/wadm/cargobump-deps.yaml new file mode 100644 index 00000000000..4d353f7d988 --- /dev/null +++ b/wadm/cargobump-deps.yaml @@ -0,0 +1,3 @@ +packages: + - name: rustls + version: 0.23.18 From 15737aa2c07fa83686186daaa382b38550c6ef71 Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 10:05:52 +0000 Subject: [PATCH 35/61] mailpit/1.21.5 package update (#35220)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- mailpit.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mailpit.yaml b/mailpit.yaml index 09bc4506752..3010baafd7d 100644 --- a/mailpit.yaml +++ b/mailpit.yaml @@ -1,6 +1,6 @@ package: name: mailpit - version: 1.21.4 + version: 1.21.5 epoch: 0 description: An email and SMTP testing tool with API for developers copyright: @@ -21,7 +21,7 @@ pipeline: with: repository: https://github.com/axllent/mailpit tag: v${{package.version}} - expected-commit: 6d115ceb86746c74cff2cd778bec8c0a7d44663f + expected-commit: 0277f4e9442aff4be26ebfcf99e8995187be27d0 - runs: | npm install From 7c9c881255a1074624defd2f69208bfb8d6aa324 Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 10:06:18 +0000 Subject: [PATCH 36/61] wasm-pack/0.13.1-r0: cve remediation (#35216) wasm-pack/0.13.1-r0: fix GHSA-qg5g-gv98-5ffh Advisory data: https://github.com/wolfi-dev/advisories/blob/main/wasm-pack.advisories.yaml Co-authored-by: octo-sts[bot] <157150467+octo-sts@users.noreply.github.com> --- wasm-pack.yaml | 4 +++- wasm-pack/cargobump-deps.yaml | 3 +++ 2 files changed, 6 insertions(+), 1 deletion(-) create mode 100644 wasm-pack/cargobump-deps.yaml diff --git a/wasm-pack.yaml b/wasm-pack.yaml index e4a3dbb8ac0..268827efa30 100644 --- a/wasm-pack.yaml +++ b/wasm-pack.yaml @@ -1,7 +1,7 @@ package: name: wasm-pack version: 0.13.1 - epoch: 0 + epoch: 1 description: rust to wasm build tool copyright: - license: Apache-2.0 @@ -30,6 +30,8 @@ pipeline: expected-commit: 24bdca457abad34e444912e6165eb71422a51046 tag: v${{package.version}} + - uses: rust/cargobump + - runs: | # prepare rm -rf Cargo.lock diff --git a/wasm-pack/cargobump-deps.yaml b/wasm-pack/cargobump-deps.yaml new file mode 100644 index 00000000000..4d353f7d988 --- /dev/null +++ b/wasm-pack/cargobump-deps.yaml @@ -0,0 +1,3 @@ +packages: + - name: rustls + version: 0.23.18 From 65cbe14235d18fcf58bebe2326a828f86212bbdf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Furkan=20T=C3=BCrkal?= Date: Tue, 26 Nov 2024 13:48:28 +0300 Subject: [PATCH 37/61] repmgr and bitnami-compat (#35107) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * https://github.com/bitnami/containers/tree/main/bitnami/postgresql-repmgr Fixes: Related: ### Pre-review Checklist #### For new package PRs only - [ ] This PR is marked as fixing a pre-existing package request bug - [ ] Alternatively, the PR is marked as related to a pre-existing package request bug, such as a dependency - [X] REQUIRED - The package is available under an OSI-approved or FSF-approved license - [X] REQUIRED - The version of the package is still receiving security updates - [ ] This PR links to the upstream project's support policy (e.g. `endoflife.date`) #### For new version streams - [ ] The upstream project actually supports multiple concurrent versions. - [ ] Any subpackages include the version string in their package name (e.g. `name: ${{package.name}}-compat`) - [ ] The package (and subpackages) `provides:` logical unversioned forms of the package (e.g. `nodejs`, `nodejs-lts`) - [ ] If non-streamed package names no longer built, open PR to withdraw them (see [WITHDRAWING PACKAGES](https://github.com/wolfi-dev/os/blob/main/WITHDRAWING_PACKAGES.md)) #### For package updates (renames) in the base images When updating packages part of base images (i.e. cgr.dev/chainguard/wolfi-base or ghcr.io/wolfi-dev/sdk) - [ ] REQUIRED cgr.dev/chainguard/wolfi-base and ghcr.io/wolfi-dev/sdk images successfully build - [ ] REQUIRED cgr.dev/chainguard/wolfi-base and ghcr.io/wolfi-dev/sdk contain no obsolete (no longer built) packages - [ ] Upon launch, does `apk upgrade --latest` successfully upgrades packages or performs no actions #### For security-related PRs - [ ] The security fix is recorded in the [advisories](https://github.com/wolfi-dev/advisories) repo #### For version bump PRs - [ ] The `epoch` field is reset to 0 #### For PRs that add patches - [ ] Patch source is documented --------- Signed-off-by: Dentrax --- repmgr.yaml | 288 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 288 insertions(+) create mode 100644 repmgr.yaml diff --git a/repmgr.yaml b/repmgr.yaml new file mode 100644 index 00000000000..b042aa6e5ee --- /dev/null +++ b/repmgr.yaml @@ -0,0 +1,288 @@ +package: + name: repmgr + version: 5.5.0 + epoch: 0 + description: "A lightweight replication manager for PostgreSQL" + copyright: + - license: GPL-3.0-only + +environment: + contents: + packages: + - autoconf + - automake + - build-base + - ca-certificates-bundle + - curl-dev + - docbook-xml + - flex + - git + - json-c-dev + - krb5-dev + - libedit-dev + - libpq-16 + - libssl3 + - libxml2-dev + - libxslt-dev + - linux-pam-dev + - openssf-compiler-options + - openssl-dev + - postgresql-16-dev + - readline-dev + - wolfi-base + +vars: + # This needs to be 16 since bitnami does not support 17 yet: + # https://github.com/bitnami/containers/tree/main/bitnami/postgresql-repmgr + # When newer versions are supported, this should be updated to the latest version + # along with the postgresql-dev and libpq dependencies above. + PG_VERSION: 16 + +pipeline: + - uses: git-checkout + with: + repository: https://github.com/EnterpriseDB/repmgr + tag: v${{package.version}} + expected-commit: c0d9dc6dac34c4cb60c3d8805842eed18cca4e85 + + - uses: autoconf/configure + + - uses: autoconf/make + + - uses: autoconf/make-install + + - name: Symlink repmgr binaries + runs: | + mkdir -p "${{targets.destdir}}/usr/bin" + ln -sf /usr/libexec/postgresql${{vars.PG_VERSION}}/repmgr ${{targets.destdir}}/usr/bin/repmgr + ln -sf /usr/libexec/postgresql${{vars.PG_VERSION}}/repmgrd ${{targets.destdir}}/usr/bin/repmgrd + +subpackages: + - name: "${{package.name}}-dev" + description: "${{package.name}} development headers" + pipeline: + - uses: split/dev + test: + pipeline: + - uses: test/pkgconf + + - name: ${{package.name}}-bitnami-compat + description: "compat package with bitnami/repmgr image" + dependencies: + runtime: + - curl + - coreutils + - bash + - brotli + - libcom_err + - libcurl-openssl4 + - libedit + - libffi + - libgcc + - gnutls + - nettle + - net-tools + - icu-libs + - libidn + - krb5 + - keyutils-libs + - libldap + - liblz4-1 + - xz + - libmd + - libnghttp2-14 + - p11-kit-trust + - pcre2 + - libpsl + - readline + - librtmp + - sqlite-libs + - sed + - grep + - libssh + - libssl3 + - libstdc++-6 + - libtasn1 + - ncurses + - libunistring + - libuuid + - libxml2 + - libxslt + - libzstd1 + - glibc-locales + - procps + - zlib + - samba-libs + - krb5-libs + - cyrus-sasl + - gmp + - postgresql-16 + - postgresql-16-client + pipeline: + - uses: bitnami/compat + with: + image: postgresql-repmgr + version-path: ${{vars.PG_VERSION}}/debian-12 + - runs: | + mkdir -p ${{targets.contextdir}}/opt/bitnami/repmgr/bin + mkdir -p ${{targets.contextdir}}/opt/bitnami/repmgr/conf + mkdir -p ${{targets.contextdir}}/opt/bitnami/repmgr/tmp + mv ${{targets.contextdir}}/events ${{targets.contextdir}}/opt/bitnami/repmgr/events + ln -sf /usr/libexec/postgresql${{vars.PG_VERSION}}/repmgr ${{targets.contextdir}}/opt/bitnami/repmgr/bin/repmgr + ln -sf /usr/libexec/postgresql${{vars.PG_VERSION}}/repmgrd ${{targets.contextdir}}/opt/bitnami/repmgr/bin/repmgrd + chmod -R u+rwX,g+rwX,o+rw ${{targets.contextdir}}/opt/bitnami/ + find / -perm /6000 -type f -exec chmod a-s {} \; || true + - name: PostgreSQL 16 Bitnami compat + runs: | + # Copy-paste from postgresql-17-bitnami-compat package with some modifications included. + # Having the postgresql-16-bitnami-compat package would be ideal, but it was retulting + # conflicts with the bitnami dirs that owned by this package. + mkdir -p ${{targets.contextdir}}/bitnami/postgresql + mkdir -p ${{targets.contextdir}}/opt/bitnami/postgresql/conf + mkdir -p ${{targets.contextdir}}/opt/bitnami/postgresql/conf.default + mkdir -p ${{targets.contextdir}}/opt/bitnami/postgresql/bin + mkdir -p ${{targets.contextdir}}/opt/bitnami/postgresql/share + mkdir -p ${{targets.contextdir}}/opt/bitnami/postgresql/tmp + + chmod -R u+rwX,g+rwX,o+rw ${{targets.contextdir}}/bitnami/postgresql + chmod -R u+rwX,g+rwX,o+rw ${{targets.contextdir}}/opt/bitnami/postgresql + + # Copy sample configs used to generate Bitnami config + cp /usr/share/postgresql${{vars.PG_VERSION}}/pg_hba.conf.sample ${{targets.contextdir}}/opt/bitnami/postgresql/share/pg_hba.conf.sample + cp /usr/share/postgresql${{vars.PG_VERSION}}/postgresql.conf.sample ${{targets.contextdir}}/opt/bitnami/postgresql/share/postgresql.conf.sample + + # Use package path while unpacking + find . -iname "*.sh" -exec sed 's#/opt/bitnami#${{targets.contextdir}}/opt/bitnami#g' -i {} \; + ${{targets.contextdir}}/opt/bitnami/scripts/postgresql/postunpack.sh || true + # Restore path + find ${{targets.contextdir}}/opt/bitnami -type f -exec sed 's#${{targets.contextdir}}##g' -i {} \; + + # Link binaries used by Bitnami config + ln -sf /usr/libexec/postgresql${{vars.PG_VERSION}}/initdb ${{targets.contextdir}}/opt/bitnami/postgresql/bin/initdb + ln -sf /usr/libexec/postgresql${{vars.PG_VERSION}}/pg_ctl ${{targets.contextdir}}/opt/bitnami/postgresql/bin/pg_ctl + ln -sf /usr/libexec/postgresql${{vars.PG_VERSION}}/pg_rewind ${{targets.contextdir}}/opt/bitnami/postgresql/bin/pg_rewind + ln -sf /usr/libexec/postgresql${{vars.PG_VERSION}}/pg_isready /${{targets.contextdir}}/opt/bitnami/postgresql/bin/pg_isready + test: + environment: + environment: + PATH: "/opt/bitnami/postgresql/bin:/opt/bitnami/repmgr/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" + BITNAMI_APP_NAME: "postgresql-repmgr" + NSS_WRAPPER_LIB: "/opt/bitnami/common/lib/libnss_wrapper.so" + accounts: + groups: + - groupname: postgres + gid: 1001 + users: + - username: postgres + gid: 1001 + uid: 1001 + run-as: 1001 + pipeline: + - working-directory: /tmp # Workaround for "can't cd to /home/build: Permission denied" error + pipeline: + - name: "Launch the postgresql-repmgr" + uses: test/daemon-check-output + with: + start: | + env REPMGR_PASSWORD=repmgrpass \ + REPMGR_NODE_NETWORK_NAME=pg-0 \ + REPMGR_NODE_NAME=pg-0 \ + REPMGR_PARTNER_NODES=pg-0 \ + REPMGR_PRIMARY_HOST=pg-0 \ + POSTGRESQL_PASSWORD=secretpass \ + /opt/bitnami/scripts/postgresql-repmgr/entrypoint.sh /opt/bitnami/scripts/postgresql-repmgr/run.sh + timeout: 60 + expected_output: | + Initializing Repmgr + Starting PostgreSQL in background + +update: + enabled: true + ignore-regex-patterns: + - rc* + github: + identifier: EnterpriseDB/repmgr + use-tag: true + strip-prefix: v + tag-filter: v + +test: + environment: + contents: + packages: + - postgresql-16 + - repmgr + - shadow + - sudo-rs + - glibc-locales + - postgresql-16-client + environment: + PGDATA: /tmp/test_db + PGUSER: repmgruser + PGPASS: repmgrpassword + PGDB: repmgr_test + pipeline: + - name: Create a non-root PostgreSQL user + runs: | + useradd repmgruser + echo "${PGUSER}:${PGPASS}" | chpasswd + - name: Initialize PostgreSQL as non-root user + runs: | + sudo -u ${PGUSER} initdb -D ${PGDATA} + sudo -u ${PGUSER} pg_ctl -D ${PGDATA} -l /tmp/logfile start + sudo -u ${PGUSER} createdb ${PGDB} + sudo -u ${PGUSER} psql -d ${PGDB} -c "GRANT ALL PRIVILEGES ON SCHEMA public TO ${PGUSER};" + - name: Configure primary for replication + runs: | + echo "host replication ${PGUSER} 127.0.0.1/32 md5" | sudo tee -a ${PGDATA}/pg_hba.conf + echo "host replication ${PGUSER} ::1/128 md5" | sudo tee -a ${PGDATA}/pg_hba.conf + echo "wal_level = replica" | sudo tee -a ${PGDATA}/postgresql.conf + echo "archive_mode = on" | sudo tee -a ${PGDATA}/postgresql.conf + echo "max_wal_senders = 5" | sudo tee -a ${PGDATA}/postgresql.conf + echo "hot_standby = on" | sudo tee -a ${PGDATA}/postgresql.conf + sudo -u ${PGUSER} pg_ctl -D ${PGDATA} restart + - name: Create repmgr configuration for primary + runs: | + cat </dev/null 2>&1; do + echo "Waiting for standby to be ready..." + sleep 2 + done + - name: Create repmgr configuration for standby + runs: | + cat < Date: Tue, 26 Nov 2024 11:03:28 +0000 Subject: [PATCH 38/61] cargo-audit/0.21.0-r1: cve remediation (#35225) cargo-audit/0.21.0-r1: fix GHSA-qg5g-gv98-5ffh Advisory data: https://github.com/wolfi-dev/advisories/blob/main/cargo-audit.advisories.yaml Co-authored-by: octo-sts[bot] <157150467+octo-sts@users.noreply.github.com> --- cargo-audit.yaml | 4 +++- cargo-audit/cargobump-deps.yaml | 3 +++ 2 files changed, 6 insertions(+), 1 deletion(-) create mode 100644 cargo-audit/cargobump-deps.yaml diff --git a/cargo-audit.yaml b/cargo-audit.yaml index 35e43c47c47..5a9e3b34a3d 100644 --- a/cargo-audit.yaml +++ b/cargo-audit.yaml @@ -1,7 +1,7 @@ package: name: cargo-audit version: 0.21.0 - epoch: 1 + epoch: 2 description: Audit your dependencies for crates with security vulnerabilities reported to the RustSec Advisory Database. copyright: - license: MIT OR Apache-2.0 @@ -22,6 +22,8 @@ pipeline: tag: cargo-audit/v${{package.version}} expected-commit: 78f9859ef6a78bc4a7c7219dac1d0b250446c84c + - uses: rust/cargobump + - runs: | cd cargo-audit cargo update --precise 0.3.36 --package time diff --git a/cargo-audit/cargobump-deps.yaml b/cargo-audit/cargobump-deps.yaml new file mode 100644 index 00000000000..4d353f7d988 --- /dev/null +++ b/cargo-audit/cargobump-deps.yaml @@ -0,0 +1,3 @@ +packages: + - name: rustls + version: 0.23.18 From 5b7a769d7df79f8f40b9f3f7e38589b6b4de04f5 Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 11:03:42 +0000 Subject: [PATCH 39/61] pixi/0.37.0-r0: cve remediation (#35224) pixi/0.37.0-r0: fix GHSA-qg5g-gv98-5ffh Advisory data: https://github.com/wolfi-dev/advisories/blob/main/pixi.advisories.yaml Co-authored-by: octo-sts[bot] <157150467+octo-sts@users.noreply.github.com> --- pixi.yaml | 2 +- pixi/cargobump-deps.yaml | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/pixi.yaml b/pixi.yaml index 79e930f6b73..4a00e605c8b 100644 --- a/pixi.yaml +++ b/pixi.yaml @@ -1,7 +1,7 @@ package: name: pixi version: 0.37.0 - epoch: 0 + epoch: 1 description: "Package management made easy" copyright: - license: BSD-3-Clause diff --git a/pixi/cargobump-deps.yaml b/pixi/cargobump-deps.yaml index c477f6ccadc..c9ad5378116 100644 --- a/pixi/cargobump-deps.yaml +++ b/pixi/cargobump-deps.yaml @@ -3,3 +3,5 @@ packages: version: 1.0.0 - name: quinn-proto version: 0.11.7 + - name: rustls + version: 0.23.18 From 5e221b6e488c3c2d3578e960565f424d94a4a02e Mon Sep 17 00:00:00 2001 From: Brian Murray Date: Tue, 26 Nov 2024 03:58:58 -0800 Subject: [PATCH 40/61] Add the pkgconf test pipeline to freerdp (#35169) More testing \o/ --- freerdp.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/freerdp.yaml b/freerdp.yaml index cc6fa027897..e922e4d4568 100644 --- a/freerdp.yaml +++ b/freerdp.yaml @@ -1,7 +1,7 @@ package: name: freerdp version: 2.11.7 - epoch: 3 + epoch: 4 description: FreeRDP client copyright: - license: Apache-2.0 @@ -96,6 +96,9 @@ subpackages: runtime: - freerdp description: freerdp dev + test: + pipeline: + - uses: test/pkgconf - name: freerdp-libs pipeline: From f69a7eaf88077728502d2c6aff0ce719c977ee99 Mon Sep 17 00:00:00 2001 From: Brian Murray Date: Tue, 26 Nov 2024 03:59:07 -0800 Subject: [PATCH 41/61] Add the pkgconf test pipeline to pulseaudio (#35182) More testing \o/ --- pulseaudio.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/pulseaudio.yaml b/pulseaudio.yaml index 759d0734510..cb3158e3fc8 100644 --- a/pulseaudio.yaml +++ b/pulseaudio.yaml @@ -187,6 +187,9 @@ subpackages: pipeline: - uses: split/dev description: pulseaudio dev + test: + pipeline: + - uses: test/pkgconf - name: pulseaudio-lang pipeline: From d6957fffd0700e81128f03b6578dbab1086d91e6 Mon Sep 17 00:00:00 2001 From: Brian Murray Date: Tue, 26 Nov 2024 03:59:15 -0800 Subject: [PATCH 42/61] Add the pkgconf test pipeline to zfs (#35183) More testing \o/ --- zfs.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/zfs.yaml b/zfs.yaml index a46f04e61ef..03f9df216e2 100644 --- a/zfs.yaml +++ b/zfs.yaml @@ -63,6 +63,9 @@ subpackages: pipeline: - uses: split/dev description: zfs dev + test: + pipeline: + - uses: test/pkgconf - name: zfs-doc pipeline: From 70f5997b5a1d2570059d6cfcba9091e732bdde6b Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 12:06:16 +0000 Subject: [PATCH 43/61] weaviate/1.27.6 package update (#35229)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- weaviate.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/weaviate.yaml b/weaviate.yaml index 79642b7a715..0bb84840218 100644 --- a/weaviate.yaml +++ b/weaviate.yaml @@ -1,6 +1,6 @@ package: name: weaviate - version: 1.27.5 + version: 1.27.6 epoch: 0 description: Weaviate is an open source vector database that stores both objects and vectors, allowing for combining vector search with structured filtering with the fault-tolerance and scalability of a cloud-native database, all accessible through GraphQL, REST, and various language clients. copyright: @@ -17,7 +17,7 @@ environment: pipeline: - uses: git-checkout with: - expected-commit: cfdbdd0552d19345ebaaad13897c14380d60b1f9 + expected-commit: 4bec043d083a27be2f85c429f999e45648ab0c1e repository: https://github.com/weaviate/weaviate tag: v${{package.version}} From 5b6b6b9de8fb9b487563c62d4230da02168a9a7b Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 12:06:30 +0000 Subject: [PATCH 44/61] pulumi-language-java/0.18.0 package update (#35227)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- pulumi-language-java.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pulumi-language-java.yaml b/pulumi-language-java.yaml index 4350f16c4d7..180d531eb2a 100644 --- a/pulumi-language-java.yaml +++ b/pulumi-language-java.yaml @@ -1,6 +1,6 @@ package: name: pulumi-language-java - version: 0.17.0 + version: 0.18.0 epoch: 0 description: Pulumi Language SDK for Java copyright: @@ -17,7 +17,7 @@ environment: pipeline: - uses: git-checkout with: - expected-commit: 2a665a885bc967f1488e84a89ebdcf001ceb8e3f + expected-commit: b4614eb546eb461a2c2d11754c959d137d387f43 repository: https://github.com/pulumi/pulumi-java.git tag: v${{package.version}} From abc860863d624a44e7b9e549062d0866ffdd8d2c Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 12:06:58 +0000 Subject: [PATCH 45/61] tkn/0.39.0 package update (#35228)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- tkn.yaml | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/tkn.yaml b/tkn.yaml index 90a56ef1c13..c4d0e82ded5 100644 --- a/tkn.yaml +++ b/tkn.yaml @@ -1,7 +1,7 @@ package: name: tkn - version: 0.38.1 - epoch: 2 + version: 0.39.0 + epoch: 0 description: A CLI for interacting with Tekton! copyright: - license: Apache-2.0 @@ -20,11 +20,7 @@ pipeline: with: repository: https://github.com/tektoncd/cli tag: v${{package.version}} - expected-commit: 1da09c088bf9f3f82eeee7508bbddf0e7c28fa4b - - - uses: go/bump - with: - deps: github.com/golang-jwt/jwt/v4@v4.5.1 + expected-commit: cb2f6797bf2c48dc60d5b4e23f015e35f5f42d78 - runs: | make bin/tkn From f43b9456aa606ea508282a4f3fcc2557ad1869f0 Mon Sep 17 00:00:00 2001 From: kranurag7 <81210977+kranurag7@users.noreply.github.com> Date: Tue, 26 Nov 2024 18:20:27 +0530 Subject: [PATCH 46/61] withdraw ansible operator package (#35233) no longer required here, moved. --------- Signed-off-by: kranurag7 <81210977+kranurag7@users.noreply.github.com> --- withdrawn-packages.txt | 3 +++ 1 file changed, 3 insertions(+) diff --git a/withdrawn-packages.txt b/withdrawn-packages.txt index c7cd6e134c5..e611310ec71 100644 --- a/withdrawn-packages.txt +++ b/withdrawn-packages.txt @@ -7,3 +7,6 @@ rrdtool-cgi-1.8.0-r0.apk rrdtool-dev-1.8.0-r0.apk rrdtool-doc-1.8.0-r0.apk rrdtool-utils-1.8.0-r0.apk +ansible-operator-compat-1.36.1-r0.apk +ansible-operator-1.36.1-r0.apk +awx-operator-2.19.1-r0.apk From 960d03d52921ad59867b9d4a2640f3d5b27ff92f Mon Sep 17 00:00:00 2001 From: kranurag7 <81210977+kranurag7@users.noreply.github.com> Date: Tue, 26 Nov 2024 19:00:58 +0530 Subject: [PATCH 47/61] add prometheus-podman-exporter package (#34999) adds prometheus-podman-exporter package --------- Signed-off-by: kranurag7 <81210977+kranurag7@users.noreply.github.com> --- prometheus-podman-exporter.yaml | 55 +++++++++++++++++++++++++++++++++ 1 file changed, 55 insertions(+) create mode 100644 prometheus-podman-exporter.yaml diff --git a/prometheus-podman-exporter.yaml b/prometheus-podman-exporter.yaml new file mode 100644 index 00000000000..aa36ff726e9 --- /dev/null +++ b/prometheus-podman-exporter.yaml @@ -0,0 +1,55 @@ +package: + name: prometheus-podman-exporter + version: 1.13.3 + epoch: 0 + description: Prometheus exporter for podman environments exposing containers, pods, images, volumes and networks information. + copyright: + - license: Apache-2.0 + +environment: + contents: + packages: + - btrfs-progs-dev + - gpgme-dev + environment: + CGO_ENABLED: "0" + +pipeline: + - uses: git-checkout + with: + repository: https://github.com/containers/prometheus-podman-exporter + tag: v${{package.version}} + expected-commit: fb5d46579cced8ea862611305e66f37fe5695326 + + - uses: go/bump + with: + deps: github.com/opencontainers/runc@v1.1.14 + + - uses: go/build + with: + packages: . + ldflags: | + -X github.com/containers/prometheus-podman-exporter.cmd.buildVersion=${{package.version}} + -X github.com/containers/prometheus-podman-exporter.cmd.buildRevision=$(cat VERSION | grep REVISION | cut -d'=' -f2) + -X github.com/containers/prometheus-podman-exporter.cmd.buildBranch=$(git rev-parse --abbrev-ref HEAD 2>/dev/null) + tags: remote,containers_image_openpgp + output: podman_exporter + +subpackages: + - name: ${{package.name}}-compat + description: "upstream image have executable placed at /bin" + pipeline: + - runs: | + mkdir -p ${{targets.contextdir}}/bin/ + ln -sf /usr/bin/podman_exporter ${{targets.contextdir}}/bin/podman_exporter + +update: + enabled: true + github: + identifier: containers/prometheus-podman-exporter + strip-prefix: v + +test: + pipeline: + - runs: | + podman_exporter --help From 8821a6ada4b08367773df3e902dff1e0a84a08a0 Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 14:03:33 +0000 Subject: [PATCH 48/61] rancher-kontainer-driver-metadata-2.9/0_git20241126 package update (#35250)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- rancher-kontainer-driver-metadata-2.9.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rancher-kontainer-driver-metadata-2.9.yaml b/rancher-kontainer-driver-metadata-2.9.yaml index 0031638725f..256b5d4f530 100644 --- a/rancher-kontainer-driver-metadata-2.9.yaml +++ b/rancher-kontainer-driver-metadata-2.9.yaml @@ -1,7 +1,7 @@ #nolint:git-checkout-must-use-github-updates,valid-pipeline-git-checkout-tag package: name: rancher-kontainer-driver-metadata-2.9 - version: 0_git20241124 + version: 0_git20241126 epoch: 0 description: Complete container management platform - kontainer driver metadata copyright: From d77f974e016916a36676238c5a6a299d59431589 Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 14:03:47 +0000 Subject: [PATCH 49/61] rancher-system-charts-2.9/0_git20241126 package update (#35242)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- rancher-system-charts-2.9.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rancher-system-charts-2.9.yaml b/rancher-system-charts-2.9.yaml index 757b0d62e63..f5f52546684 100644 --- a/rancher-system-charts-2.9.yaml +++ b/rancher-system-charts-2.9.yaml @@ -1,7 +1,7 @@ #nolint:git-checkout-must-use-github-updates,valid-pipeline-git-checkout-tag package: name: rancher-system-charts-2.9 - version: 0_git20241124 + version: 0_git20241126 epoch: 0 description: Complete container management platform - system charts copyright: From 1acb9d219689693d1359b0987ba493b91bc59c62 Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 14:04:00 +0000 Subject: [PATCH 50/61] aws-eks-pod-identity-agent/0_git20241126 package update (#35240)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- aws-eks-pod-identity-agent.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aws-eks-pod-identity-agent.yaml b/aws-eks-pod-identity-agent.yaml index bae6de99beb..68fe0a140e7 100644 --- a/aws-eks-pod-identity-agent.yaml +++ b/aws-eks-pod-identity-agent.yaml @@ -1,7 +1,7 @@ #nolint:git-checkout-must-use-github-updates,valid-pipeline-git-checkout-tag package: name: aws-eks-pod-identity-agent - version: 0_git20241124 + version: 0_git20241126 epoch: 0 description: EKS Pod Identity is a feature of Amazon EKS that simplifies the process for cluster administrators to configure Kubernetes applications with AWS IAM permissions copyright: From a67fa020b3fcf90d821a59969c69070828c986ba Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 14:04:15 +0000 Subject: [PATCH 51/61] gitlab-pages-17.5/17.5.3 package update (#35243)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- gitlab-pages-17.5.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gitlab-pages-17.5.yaml b/gitlab-pages-17.5.yaml index 4944626fd4c..3f56e71b5fc 100644 --- a/gitlab-pages-17.5.yaml +++ b/gitlab-pages-17.5.yaml @@ -1,6 +1,6 @@ package: name: gitlab-pages-17.5 - version: 17.5.2 + version: 17.5.3 epoch: 0 description: GitLab Pages daemon used to serve static websites for GitLab users. copyright: @@ -20,7 +20,7 @@ pipeline: with: repository: https://gitlab.com/gitlab-org/gitlab-pages.git tag: v${{package.version}} - expected-commit: 086dfbdfe2337874e342b48dba5508b7d3f59626 + expected-commit: 00734497b120604ef91ef6c45b2b72c806f34d94 - uses: go/build with: From b26b8bd1f738c7957f89ddb3379085729dfd2933 Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 14:04:34 +0000 Subject: [PATCH 52/61] rancher-partner-charts/0_git20241126 package update (#35239)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- rancher-partner-charts.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/rancher-partner-charts.yaml b/rancher-partner-charts.yaml index 57788c5823f..6e0c9d49880 100644 --- a/rancher-partner-charts.yaml +++ b/rancher-partner-charts.yaml @@ -1,7 +1,7 @@ #nolint:git-checkout-must-use-github-updates,valid-pipeline-git-checkout-tag package: name: rancher-partner-charts - version: 0_git20241124 + version: 0_git20241126 epoch: 0 description: Complete container management platform - partner charts copyright: @@ -19,7 +19,7 @@ pipeline: repository: https://github.com/rancher/partner-charts branch: main destination: ./charts - expected-commit: 09d37214df6aaf1ba3eaa2377cbdc9b246703e13 + expected-commit: b6ae147976b22452f5597570056b69bacf4d1b22 - working-directory: ./charts runs: | From 5626c1cbbc17c48ba23ba6344d401651bcebd7fd Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 14:04:48 +0000 Subject: [PATCH 53/61] ddp-tool/1.0.34.0_git20241126 package update (#35236)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- ddp-tool.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ddp-tool.yaml b/ddp-tool.yaml index 3e724ba7931..c2fee13774d 100644 --- a/ddp-tool.yaml +++ b/ddp-tool.yaml @@ -1,7 +1,7 @@ #nolint:valid-pipeline-git-checkout-commit,valid-pipeline-git-checkout-tag package: name: ddp-tool - version: 1.0.34.0_git20241124 + version: 1.0.34.0_git20241126 epoch: 0 description: Intel Dynamic Device Personalization Tool copyright: @@ -18,7 +18,7 @@ environment: pipeline: - uses: git-checkout with: - expected-commit: 3868a732013b8e8817f6453b58a170f669d99a68 + expected-commit: 3c9d350737420f943a57cf9ab67af6cc78a4024b repository: https://github.com/intel/ddp-tool/ branch: master From c58771eff8f74fde5f3551380eb49ac940622c07 Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 14:05:06 +0000 Subject: [PATCH 54/61] rancher-helm3-charts/0_git20241126 package update (#35237)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- rancher-helm3-charts.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rancher-helm3-charts.yaml b/rancher-helm3-charts.yaml index 337adbd154c..78bc102ab4e 100644 --- a/rancher-helm3-charts.yaml +++ b/rancher-helm3-charts.yaml @@ -1,7 +1,7 @@ #nolint:git-checkout-must-use-github-updates,valid-pipeline-git-checkout-tag package: name: rancher-helm3-charts - version: 0_git20241124 + version: 0_git20241126 epoch: 0 description: Complete container management platform - helm3 charts copyright: From d24812d1583551c39aadbf97d507dc7b3bd4bf36 Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 15:03:46 +0000 Subject: [PATCH 55/61] gitlab-kas-17.5/17.5.3 package update (#35251)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- gitlab-kas-17.5.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gitlab-kas-17.5.yaml b/gitlab-kas-17.5.yaml index 843d8aefe0e..2757f3be01f 100644 --- a/gitlab-kas-17.5.yaml +++ b/gitlab-kas-17.5.yaml @@ -1,6 +1,6 @@ package: name: gitlab-kas-17.5 - version: 17.5.2 + version: 17.5.3 epoch: 0 description: GitLab KAS is a component installed together with GitLab. It is required to manage the GitLab agent for Kubernetes. copyright: @@ -20,7 +20,7 @@ pipeline: with: repository: https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent tag: v${{package.version}} - expected-commit: 847d7deea3b9937a8824fe8e783fd142ba426d8f + expected-commit: 08f9a6ed41a4f5e348ffefa87e5694a7c3dccb79 - uses: go/build with: From 7c41aa11710d1e23749662ba42ad68dd76db8f34 Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 15:04:02 +0000 Subject: [PATCH 56/61] renovate/39.31.3 package update (#35248)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- renovate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/renovate.yaml b/renovate.yaml index 490247ac21d..405a1b83f3e 100644 --- a/renovate.yaml +++ b/renovate.yaml @@ -1,6 +1,6 @@ package: name: renovate - version: 39.27.0 + version: 39.31.3 epoch: 0 description: "Automated dependency updates. Multi-platform and multi-language." copyright: From 5a9c21c5175a6e8f862fc92b125eb50332a0948d Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 15:04:22 +0000 Subject: [PATCH 57/61] gitaly-17.5/17.5.3 package update (#35238)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- gitaly-17.5.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gitaly-17.5.yaml b/gitaly-17.5.yaml index 0bd64484c3e..aaac6fdb720 100644 --- a/gitaly-17.5.yaml +++ b/gitaly-17.5.yaml @@ -1,6 +1,6 @@ package: name: gitaly-17.5 - version: 17.5.2 + version: 17.5.3 epoch: 0 description: copyright: @@ -36,7 +36,7 @@ pipeline: with: repository: https://gitlab.com/gitlab-org/gitaly.git tag: v${{package.version}} - expected-commit: cdf74a7601c8b2902eab0e674f9ec656b9929191 + expected-commit: 57d16586a4030ed1bddc4ce958f475ddf07954d0 - runs: | make install DESTDIR="${{targets.destdir}}" PREFIX=/usr From dd1b50021cce904ea278b7cac8331c14cdc7e9b9 Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 15:04:41 +0000 Subject: [PATCH 58/61] rancher-charts-2.9/0_git20241126 package update (#35245)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- rancher-charts-2.9.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rancher-charts-2.9.yaml b/rancher-charts-2.9.yaml index 8e0dba2bcbb..1aa2ac29a35 100644 --- a/rancher-charts-2.9.yaml +++ b/rancher-charts-2.9.yaml @@ -1,7 +1,7 @@ #nolint:git-checkout-must-use-github-updates,valid-pipeline-git-checkout-tag package: name: rancher-charts-2.9 - version: 0_git20241124 + version: 0_git20241126 epoch: 0 description: Complete container management platform - charts copyright: From 5e99fc133a46aad61166c22f3a8193abf042ba46 Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 15:04:55 +0000 Subject: [PATCH 59/61] rtmpdump/2.6_git20241126 package update (#35249)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- rtmpdump.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rtmpdump.yaml b/rtmpdump.yaml index 415fdca62ac..cdf017a3677 100644 --- a/rtmpdump.yaml +++ b/rtmpdump.yaml @@ -1,7 +1,7 @@ #nolint:valid-pipeline-git-checkout-tag package: name: rtmpdump - version: 2.6_git20241124 + version: 2.6_git20241126 epoch: 0 description: rtmpdump is a toolkit for RTMP streams copyright: From e09c120397234969c91a5cf7fc70a9c5a041cd40 Mon Sep 17 00:00:00 2001 From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com> Date: Tue, 26 Nov 2024 16:04:28 +0000 Subject: [PATCH 60/61] pixi/0.38.0 package update (#35254)

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> --- pixi.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pixi.yaml b/pixi.yaml index 4a00e605c8b..0cc0475c736 100644 --- a/pixi.yaml +++ b/pixi.yaml @@ -1,7 +1,7 @@ package: name: pixi - version: 0.37.0 - epoch: 1 + version: 0.38.0 + epoch: 0 description: "Package management made easy" copyright: - license: BSD-3-Clause @@ -23,7 +23,7 @@ pipeline: - uses: git-checkout with: repository: https://github.com/prefix-dev/pixi - expected-commit: fc901915c65c1a48c665d60a4c5c5bb4d6714b34 + expected-commit: 67f3830b0d41c90b2c0b5ea69607f9097e31808e tag: v${{package.version}} - uses: rust/cargobump From 6bb2b97ae434f125050eb203ecf94f148773804d Mon Sep 17 00:00:00 2001 From: Kai <69760884+kz3640@users.noreply.github.com> Date: Tue, 26 Nov 2024 10:38:11 -0600 Subject: [PATCH 61/61] Update grafana-image-renderer to work with grafana helm chart (#35197) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fixes: Related: ### Pre-review Checklist #### For new package PRs only - [ ] This PR is marked as fixing a pre-existing package request bug - [ ] Alternatively, the PR is marked as related to a pre-existing package request bug, such as a dependency - [ ] REQUIRED - The package is available under an OSI-approved or FSF-approved license - [ ] REQUIRED - The version of the package is still receiving security updates - [ ] This PR links to the upstream project's support policy (e.g. `endoflife.date`) #### For new version streams - [ ] The upstream project actually supports multiple concurrent versions. - [ ] Any subpackages include the version string in their package name (e.g. `name: ${{package.name}}-compat`) - [ ] The package (and subpackages) `provides:` logical unversioned forms of the package (e.g. `nodejs`, `nodejs-lts`) - [ ] If non-streamed package names no longer built, open PR to withdraw them (see [WITHDRAWING PACKAGES](https://github.com/wolfi-dev/os/blob/main/WITHDRAWING_PACKAGES.md)) #### For package updates (renames) in the base images When updating packages part of base images (i.e. cgr.dev/chainguard/wolfi-base or ghcr.io/wolfi-dev/sdk) - [ ] REQUIRED cgr.dev/chainguard/wolfi-base and ghcr.io/wolfi-dev/sdk images successfully build - [ ] REQUIRED cgr.dev/chainguard/wolfi-base and ghcr.io/wolfi-dev/sdk contain no obsolete (no longer built) packages - [ ] Upon launch, does `apk upgrade --latest` successfully upgrades packages or performs no actions #### For security-related PRs - [ ] The security fix is recorded in the [advisories](https://github.com/wolfi-dev/advisories) repo #### For version bump PRs - [ ] The `epoch` field is reset to 0 #### For PRs that add patches - [ ] Patch source is documented Signed-off-by: kz3640 --- grafana-image-renderer.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/grafana-image-renderer.yaml b/grafana-image-renderer.yaml index faf448568cd..85f1e98f181 100644 --- a/grafana-image-renderer.yaml +++ b/grafana-image-renderer.yaml @@ -1,7 +1,7 @@ package: name: grafana-image-renderer version: 3.11.6 - epoch: 0 + epoch: 1 description: A Grafana backend plugin that handles rendering of panels & dashboards to PNGs using headless browser (Chromium/Chrome) copyright: - license: Apache-2.0 @@ -9,6 +9,7 @@ package: - x86_64 dependencies: runtime: + - busybox - chromium - dumb-init - nodejs @@ -22,7 +23,6 @@ environment: - nodejs - scanelf - ttf-dejavu - - vim - yarn pipeline: @@ -47,7 +47,7 @@ pipeline: cp -r ./proto ${{targets.destdir}}/usr/src/app/ cp -r ./build ${{targets.destdir}}/usr/src/app/ cp -r ./node_modules ${{targets.destdir}}/usr/src/app/ - cp ./devenv/docker/custom-config/config.json ${{targets.destdir}}/usr/src/app/ + cp ./default.json ${{targets.destdir}}/usr/src/app/config.json cp ./plugin.json ${{targets.destdir}}/usr/src/app/ update: @@ -62,7 +62,7 @@ test: working-directory: /usr/src/app uses: test/daemon-check-output with: - start: "env CHROME_BIN=/usr/bin/chromium-browser dumb-init -- node build/app.js server --config=config.json" + start: "dumb-init -- node build/app.js server --config=config.json" timeout: 5 expected_output: | {"level":"info","message":"HTTP Server started, listening at http://localhost:8081"}