From da777fa28a2ff04141d2a9b77aee2016e4fc62ac Mon Sep 17 00:00:00 2001 From: Billy Zha Date: Tue, 12 Sep 2023 13:22:21 +0800 Subject: [PATCH 1/3] fix: use committed node modules (#40) --- .github/workflows/check-dist.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/check-dist.yml b/.github/workflows/check-dist.yml index e091b78..3741ac3 100644 --- a/.github/workflows/check-dist.yml +++ b/.github/workflows/check-dist.yml @@ -32,8 +32,6 @@ jobs: with: node-version: 16.x cache: npm - - name: Install dependencies - run: npm install - name: Rebuild the dist/ directory run: npm run build - name: Compare the expected and actual dist/ directories From 8a6950e5901002d2c346941a90e3efbedf1ebcbc Mon Sep 17 00:00:00 2001 From: Feynman Zhou Date: Tue, 12 Sep 2023 18:36:26 +0800 Subject: [PATCH 2/3] doc: update README to align with the new brand name (#18) --- README.md | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index a4af574..04ac6ab 100644 --- a/README.md +++ b/README.md @@ -1,9 +1,17 @@ -# Notation Github Actions -Github Actions for [Notation](https://notaryproject.dev/). +# GitHub Actions for Notation -Supported actions: `Notation: Setup`, `Notation: Sign` and `Notation: Verify`. +This repository contains the implementation of [GitHub Actions](https://docs.github.com/en/actions) for [Notation](https://github.com/notaryproject/notation). It provides actions for signing and verifying OCI artifacts with Notation in CI/CD. + +The following three actions are available: + +- `setup`: Install Notation +- `sign`: Sign an OCI artifact with a specified plugin +- `verify`: Verify a signature + +> **Note** The Notary Project documentation is available [here](https://notaryproject.dev/docs/). You can also find the Notary Project [README](https://github.com/notaryproject/.github/blob/main/README.md) to learn about the overall Notary Project. ## Usage + ### Notation: Setup ```yaml - name: setup Notation CLI From 5bbdad0193e7c1a3c5082d1dda244be3cc7e4c00 Mon Sep 17 00:00:00 2001 From: Patrick Zheng Date: Tue, 19 Sep 2023 15:33:08 +0800 Subject: [PATCH 3/3] fix: publish release and to GitHub Actions Marketplace (#41) --- .github/workflows/e2e-test-setup.yml | 2 +- .github/workflows/e2e-test-sign.yml | 2 +- .github/workflows/e2e-test-verify.yml | 2 +- .../update-major-and-minor-version.yml | 61 +++++++++++++++++++ README.md | 6 +- action.yml | 32 ++++++++++ setup/action.yml | 6 +- sign/action.yml | 4 +- verify/action.yml | 4 +- 9 files changed, 106 insertions(+), 13 deletions(-) create mode 100644 .github/workflows/update-major-and-minor-version.yml create mode 100644 action.yml diff --git a/.github/workflows/e2e-test-setup.yml b/.github/workflows/e2e-test-setup.yml index 2bd9958..4404818 100644 --- a/.github/workflows/e2e-test-setup.yml +++ b/.github/workflows/e2e-test-setup.yml @@ -24,7 +24,7 @@ jobs: - name: Checkout uses: actions/checkout@v3 - # E2E test cases on Notation: Setup + # E2E test cases on Notation Setup - name: Setup Notation uses: ./setup diff --git a/.github/workflows/e2e-test-sign.yml b/.github/workflows/e2e-test-sign.yml index 56b8e36..838d9e5 100644 --- a/.github/workflows/e2e-test-sign.yml +++ b/.github/workflows/e2e-test-sign.yml @@ -52,7 +52,7 @@ jobs: run: | notation cert generate-test "e2e-test" - # E2E test cases on Notation: Sign + # E2E test cases on Notation Sign - name: Sign artifact using notation plugin uses: ./sign with: diff --git a/.github/workflows/e2e-test-verify.yml b/.github/workflows/e2e-test-verify.yml index 2b054de..57bb0eb 100644 --- a/.github/workflows/e2e-test-verify.yml +++ b/.github/workflows/e2e-test-verify.yml @@ -68,7 +68,7 @@ jobs: plugin_config: |- keyFile=${{ env.E2E_KEY }} - # E2E test cases on Notation: Verify + # E2E test cases on Notation Verify - name: Verify released artifact uses: ./verify with: diff --git a/.github/workflows/update-major-and-minor-version.yml b/.github/workflows/update-major-and-minor-version.yml new file mode 100644 index 0000000..f1f8645 --- /dev/null +++ b/.github/workflows/update-major-and-minor-version.yml @@ -0,0 +1,61 @@ +# Copyright The Notary Project Authors. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +name: Update major and minor tags + +on: + release: + types: [published] + +jobs: + update-major-minor-tags: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + ref: ${{ github.event.release.tag_name }} + - name: Git config + run: | + git config user.name github-actions + git config user.email github-actions@github.com + - name: Tag and push new major and minor versions + run: | + VERSION=${{ github.event.release.tag_name }} + MAJOR=$(echo ${VERSION} | cut -d '.' -f 1) + MINOR=${MAJOR}.$(echo ${VERSION} | cut -d '.' -f 2) + if [ -z ${VERSION} ] + then + echo "released tag cannot be empty" + exit 1 + else + echo "released tag is ${VERSION}" + fi + if [ -z ${MAJOR} ] + then + echo "major tag cannot be empty" + exit 1 + else + echo "major tag is ${MAJOR}" + fi + if [ -z ${MINOR} ] + then + echo "minor tag cannot be empty" + exit 1 + else + echo "minor tag is ${MINOR}" + fi + git tag -f ${MAJOR} ${VERSION} + git tag -f ${MINOR} ${VERSION} + git push origin ${MAJOR} --force + git push origin ${MINOR} --force \ No newline at end of file diff --git a/README.md b/README.md index 04ac6ab..ca77080 100644 --- a/README.md +++ b/README.md @@ -12,7 +12,7 @@ The following three actions are available: ## Usage -### Notation: Setup +### Notation Setup ```yaml - name: setup Notation CLI uses: notaryproject/notation-action/setup@main @@ -29,7 +29,7 @@ For example, version: "1.0.0" ``` -### Notation: Sign +### Notation Sign ```yaml - name: sign releasd artifact with signing plugin uses: notaryproject/notation-action/sign@main @@ -77,7 +77,7 @@ Example of using the [Referrers API](https://github.com/opencontainers/distribut self_signed=false ``` -### Notation: Verify +### Notation Verify ```yaml - name: verify released artifact uses: notaryproject/notation-action/verify@main diff --git a/action.yml b/action.yml new file mode 100644 index 0000000..b66a8a1 --- /dev/null +++ b/action.yml @@ -0,0 +1,32 @@ +# Copyright The Notary Project Authors. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +name: 'Notation Setup' +description: Set up Notation CLI on GitHub Action runners for signing and verifying OCI artifacts +branding: + icon: shield + color: blue +inputs: + version: + description: version of official Notation CLI [release](https://github.com/notaryproject/notation/releases). This field is ignored if 'url' is present. + required: false + default: "1.0.0" + url: + description: url of customized Notation CLI to install + required: false + checksum: + description: SHA256 of the customized Notation CLI. Required if 'url' is present. + required: false +runs: + using: node16 + main: ./dist/setup.js diff --git a/setup/action.yml b/setup/action.yml index 29f4b08..2da0af0 100644 --- a/setup/action.yml +++ b/setup/action.yml @@ -11,10 +11,10 @@ # See the License for the specific language governing permissions and # limitations under the License. -name: 'Notation: Setup' -description: Setup Notation CLI on GitHub Action runners +name: 'Notation Setup' +description: Set up Notation CLI on GitHub Action runners for signing and verifying OCI artifacts branding: - icon: check-circle + icon: shield color: blue inputs: version: diff --git a/sign/action.yml b/sign/action.yml index 0eec769..0d5db43 100644 --- a/sign/action.yml +++ b/sign/action.yml @@ -11,10 +11,10 @@ # See the License for the specific language governing permissions and # limitations under the License. -name: 'Notation: Sign' +name: 'Notation Sign' description: notation sign target artifact with plugin branding: - icon: check-circle + icon: shield color: blue inputs: plugin_name: diff --git a/verify/action.yml b/verify/action.yml index a07a9ae..580af17 100644 --- a/verify/action.yml +++ b/verify/action.yml @@ -11,10 +11,10 @@ # See the License for the specific language governing permissions and # limitations under the License. -name: 'Notation: Verify' +name: 'Notation Verify' description: notation verify target artifact branding: - icon: check-circle + icon: shield color: blue inputs: target_artifact_reference: