Merge pull request #158 from stefanprodan/release-6.0.2

Release v6.0.2
2026-04-07 03:26:54 +00:00 · 2021-10-21 16:40:23 +03:00 · 2021-10-21 16:35:25 +03:00 · 2021-10-21 16:31:26 +03:00 · 2021-10-21 16:26:10 +03:00
12 changed files with 70 additions and 10 deletions
--- a/.cosign/README.md
+++ b/.cosign/README.md
@@ -0,0 +1,39 @@
+# Podinfo signed releases
+
+Podinfo deployment manifests are published to GitHub Container Registry as OCI artifacts
+and are signed using [cosign](https://github.com/sigstore/cosign).
+
+## Verify the artifacts with cosign
+
+Install the [cosign](https://github.com/sigstore/cosign) CLI:
+
+```sh
+brew install sigstore/tap/cosign
+```
+
+Verify a podinfo release with cosign CLI:
+
+```sh
+cosign verify -key https://raw.githubusercontent.com/stefanprodan/podinfo/master/cosign/cosign.pub \
+ghcr.io/stefanprodan/podinfo-config:latest
+```
+
+## Download the artifacts with crane
+
+Install the [crane](https://github.com/google/go-containerregistry/tree/main/cmd/crane) CLI:
+
+```sh
+brew install crane
+```
+
+Download the podinfo deployment manifests with crane CLI:
+
+```console
+$ crane export ghcr.io/stefanprodan/podinfo-deploy:latest -| tar -xf - 
+
+$ ls -1
+deployment.yaml
+hpa.yaml
+kustomization.yaml
+service.yaml
+```
--- a/.cosign/cosign.pub
+++ b/.cosign/cosign.pub
@@ -0,0 +1,4 @@
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEST+BqQ1XZhhVYx0YWQjdUJYIG5Lt
+iz2+UxRIqmKBqNmce2T+l45qyqOs99qfD7gLNGmkVZ4vtJ9bM7FxChFczg==
+-----END PUBLIC KEY-----
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -9,6 +9,8 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
+      - uses: imjasonh/setup-crane@v0.1
+      - uses: sigstore/cosign-installer@main
      - name: Setup QEMU
        uses: docker/setup-qemu-action@v1
        with:
@@ -71,6 +73,21 @@ jobs:
        uses: stefanprodan/helm-gh-pages@master
        with:
          token: ${{ secrets.GITHUB_TOKEN }}
+      - name: Publish config artifact
+        run: |
+          cd kustomize
+          tar -cf config.tar * --numeric-owner --owner=0 --group=0
+          crane append -f config.tar -t ghcr.io/stefanprodan/podinfo-config:${{ steps.prep.outputs.VERSION }}
+          crane tag ghcr.io/stefanprodan/podinfo-config:${{ steps.prep.outputs.VERSION }} latest
+          rm config.tar
+      - name: Sign config artifact
+        run: |
+          echo "$COSIGN_KEY" > /tmp/cosign.key
+          cosign sign -key /tmp/cosign.key ghcr.io/stefanprodan/podinfo-config:${{ steps.prep.outputs.VERSION }}
+          cosign sign -key /tmp/cosign.key ghcr.io/stefanprodan/podinfo-config:latest
+        env:
+          COSIGN_PASSWORD: ${{secrets.COSIGN_PASSWORD}}
+          COSIGN_KEY: ${{secrets.COSIGN_KEY}}
      - uses: ./.github/actions/release-notes
      - name: Generate release notes
        run: |
--- a/charts/podinfo/Chart.yaml
+++ b/charts/podinfo/Chart.yaml
@@ -1,6 +1,6 @@
 apiVersion: v1
-version: 6.0.1
-appVersion: 6.0.1
+version: 6.0.2
+appVersion: 6.0.2
 name: podinfo
 engine: gotpl
 description: Podinfo Helm chart for Kubernetes
--- a/charts/podinfo/values-prod.yaml
+++ b/charts/podinfo/values-prod.yaml
@@ -8,7 +8,7 @@ backends: []

 image:
  repository: ghcr.io/stefanprodan/podinfo
-  tag: 6.0.1
+  tag: 6.0.2
  pullPolicy: IfNotPresent

 ui:
--- a/charts/podinfo/values.yaml
+++ b/charts/podinfo/values.yaml
@@ -8,7 +8,7 @@ backends: []

 image:
  repository: ghcr.io/stefanprodan/podinfo
-  tag: 6.0.1
+  tag: 6.0.2
  pullPolicy: IfNotPresent

 ui:
--- a/deploy/bases/backend/deployment.yaml
+++ b/deploy/bases/backend/deployment.yaml
@@ -23,7 +23,7 @@ spec:
    spec:
      containers:
      - name: backend
-        image: ghcr.io/stefanprodan/podinfo:6.0.1
+        image: ghcr.io/stefanprodan/podinfo:6.0.2
        imagePullPolicy: IfNotPresent
        ports:
        - name: http
--- a/deploy/bases/frontend/deployment.yaml
+++ b/deploy/bases/frontend/deployment.yaml
@@ -23,7 +23,7 @@ spec:
    spec:
      containers:
      - name: frontend
-        image: ghcr.io/stefanprodan/podinfo:6.0.1
+        image: ghcr.io/stefanprodan/podinfo:6.0.2
        imagePullPolicy: IfNotPresent
        ports:
        - name: http
--- a/deploy/webapp/backend/deployment.yaml
+++ b/deploy/webapp/backend/deployment.yaml
@@ -25,7 +25,7 @@ spec:
      serviceAccountName: webapp
      containers:
      - name: backend
-        image: ghcr.io/stefanprodan/podinfo:6.0.1
+        image: ghcr.io/stefanprodan/podinfo:6.0.2
        imagePullPolicy: IfNotPresent
        ports:
        - name: http
--- a/deploy/webapp/frontend/deployment.yaml
+++ b/deploy/webapp/frontend/deployment.yaml
@@ -25,7 +25,7 @@ spec:
      serviceAccountName: webapp
      containers:
      - name: frontend
-        image: ghcr.io/stefanprodan/podinfo:6.0.1
+        image: ghcr.io/stefanprodan/podinfo:6.0.2
        imagePullPolicy: IfNotPresent
        ports:
        - name: http
--- a/kustomize/deployment.yaml
+++ b/kustomize/deployment.yaml
@@ -23,7 +23,7 @@ spec:
    spec:
      containers:
      - name: podinfod
-        image: ghcr.io/stefanprodan/podinfo:6.0.1
+        image: ghcr.io/stefanprodan/podinfo:6.0.2
        imagePullPolicy: IfNotPresent
        ports:
        - name: http
--- a/pkg/version/version.go
+++ b/pkg/version/version.go
@@ -1,4 +1,4 @@
 package version

-var VERSION = "6.0.1"
+var VERSION = "6.0.2"
 var REVISION = "unknown"
Author	SHA1	Message	Date
Stefan Prodan	693ffa9d28	Merge pull request #158 from stefanprodan/release-6.0.2 Release v6.0.2	2021-10-21 16:40:23 +03:00
Stefan Prodan	1c39c04ac9	Release v6.0.2 Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>	2021-10-21 16:35:25 +03:00
Stefan Prodan	a27ef20cb7	Merge pull request #157 from stefanprodan/pub-config-to-ghcr Publish the deploy manifests to GHCR	2021-10-21 16:31:26 +03:00
Stefan Prodan	5e2089eafb	Publish the deploy manifests to GHCR - bundle the kustomize overlay as an OCI artifact - push the artifact to `ghcr.io/stefanprodan/podinfo-config` with crane - sign the artifact with cosign Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>	2021-10-21 16:26:10 +03:00