diff --git a/.github/actions/release-notes/Dockerfile b/.github/actions/release-notes/Dockerfile deleted file mode 100644 index 97429a0..0000000 --- a/.github/actions/release-notes/Dockerfile +++ /dev/null @@ -1,6 +0,0 @@ -FROM stefanprodan/alpine-base:latest - -COPY entrypoint.sh /entrypoint.sh -RUN chmod +x /entrypoint.sh - -ENTRYPOINT ["/entrypoint.sh"] diff --git a/.github/actions/release-notes/action.yml b/.github/actions/release-notes/action.yml deleted file mode 100644 index 305dccc..0000000 --- a/.github/actions/release-notes/action.yml +++ /dev/null @@ -1,9 +0,0 @@ -name: 'github-release-notes' -description: 'A GitHub Action to run github-release-notes commands' -author: 'Stefan Prodan' -branding: - icon: 'command' - color: 'blue' -runs: - using: 'docker' - image: 'Dockerfile' diff --git a/.github/actions/release-notes/entrypoint.sh b/.github/actions/release-notes/entrypoint.sh deleted file mode 100644 index 55ee6d2..0000000 --- a/.github/actions/release-notes/entrypoint.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/usr/bin/env bash - -set -o errexit -set -o pipefail - -VERSION=0.2.0 -BIN_DIR="$GITHUB_WORKSPACE/bin" - -main() { - mkdir -p ${BIN_DIR} - tmpDir=$(mktemp -d) - - pushd $tmpDir >& /dev/null - - curl -sSL https://github.com/buchanae/github-release-notes/releases/download/${VERSION}/github-release-notes-linux-amd64-${VERSION}.tar.gz | tar xz - cp github-release-notes ${BIN_DIR}/github-release-notes - - popd >& /dev/null - rm -rf $tmpDir -} - -main - -echo "$BIN_DIR" >> $GITHUB_PATH -echo "$RUNNER_WORKSPACE/$(basename $GITHUB_REPOSITORY)/bin" >> $GITHUB_PATH diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml new file mode 100644 index 0000000..59c0aed --- /dev/null +++ b/.github/dependabot.yaml @@ -0,0 +1,11 @@ +version: 2 + +updates: + - package-ecosystem: "github-actions" + directory: "/" + groups: + actions: + patterns: + - "*" + schedule: + interval: "weekly" diff --git a/.github/workflows/cve-scan.yml b/.github/workflows/cve-scan.yml index 266e266..407da44 100644 --- a/.github/workflows/cve-scan.yml +++ b/.github/workflows/cve-scan.yml @@ -21,7 +21,7 @@ jobs: docker build -t ${IMAGE} . echo "image=$IMAGE" >> $GITHUB_OUTPUT - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@master + uses: aquasecurity/trivy-action@v0.30.0 with: image-ref: ${{ steps.build.outputs.image }} format: table diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml index dbab24c..90f4b5e 100644 --- a/.github/workflows/e2e.yml +++ b/.github/workflows/e2e.yml @@ -26,7 +26,7 @@ jobs: - name: Setup Helm uses: azure/setup-helm@v3 with: - version: v3.16.1 + version: v3.17.3 - name: Deploy run: ./test/deploy.sh - name: Run integration tests diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 01a4fe3..ec03ed8 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -18,8 +18,8 @@ jobs: steps: - uses: actions/checkout@v4 - uses: sigstore/cosign-installer@v3 - - uses: fluxcd/flux2/action@main - - uses: stefanprodan/timoni/actions/setup@main + - uses: fluxcd/flux2/action@v2.5.1 + - uses: stefanprodan/timoni/actions/setup@v0.24.0 - name: Setup Notation CLI uses: notaryproject/notation-action/setup@v1 with: @@ -39,7 +39,7 @@ jobs: - name: Setup Helm uses: azure/setup-helm@v3 with: - version: v3.16.1 + version: v3.17.3 - name: Setup QEMU uses: docker/setup-qemu-action@v3 with: @@ -156,15 +156,10 @@ jobs: notation sign --signature-format cose ghcr.io/stefanprodan/manifests/podinfo:${{ steps.prep.outputs.VERSION }} notation sign --signature-format cose ghcr.io/stefanprodan/podinfo-deploy:${{ steps.prep.outputs.VERSION }} notation sign --signature-format cose ghcr.io/stefanprodan/podinfo-deploy:latest - - uses: ./.github/actions/release-notes - - name: Generate release notes - run: | - echo 'CHANGELOG' > /tmp/release.txt - github-release-notes -org stefanprodan -repo podinfo -since-latest-release >> /tmp/release.txt - name: Publish release uses: goreleaser/goreleaser-action@v6 with: version: latest - args: release --release-notes=/tmp/release.txt --skip=validate + args: release --skip=validate env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index cbd26fc..aa2bdf8 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -11,6 +11,7 @@ permissions: env: KUBERNETES_VERSION: 1.31.0 + HELM_VERSION: 3.17.3 jobs: test: @@ -34,11 +35,11 @@ jobs: - name: Setup Helm uses: azure/setup-helm@v3 with: - version: v3.16.1 + version: v${{ env.HELM_VERSION }} - name: Setup CUE uses: cue-lang/setup-cue@v1.0.0 - name: Setup Timoni - uses: stefanprodan/timoni/actions/setup@main + uses: stefanprodan/timoni/actions/setup@v0.24.0 - name: Run unit tests run: make test - name: Validate Helm chart diff --git a/.goreleaser.yml b/.goreleaser.yml index 47b5030..0b397fa 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -1,3 +1,18 @@ +version: 2 + +# xref: https://goreleaser.com/customization/project/ +project_name: podinfo + +# xref: https://goreleaser.com/customization/hooks/ +before: + hooks: + - go mod download + +# xref: https://goreleaser.com/customization/env/ +env: + - CGO_ENABLED=0 + +# xref: https://goreleaser.com/customization/build/ builds: - main: ./cmd/podcli binary: podcli @@ -8,9 +23,13 @@ builds: - linux goarch: - amd64 - env: - - CGO_ENABLED=0 + +# xref: https://goreleaser.com/customization/archive/ archives: - name_template: "{{ .Binary }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}" files: - - none* + - LICENSE + +# xref: https://goreleaser.com/customization/changelog/ +changelog: + use: github-native