From 2864b08753359dd5f481eb81285a8b5d7c0b9e28 Mon Sep 17 00:00:00 2001 From: Patrick Zheng Date: Mon, 18 Sep 2023 14:17:31 +0800 Subject: [PATCH 01/11] initial commit Signed-off-by: Patrick Zheng --- action.yml | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 action.yml diff --git a/action.yml b/action.yml new file mode 100644 index 0000000..9a8ed69 --- /dev/null +++ b/action.yml @@ -0,0 +1,32 @@ +# Copyright The Notary Project Authors. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +name: 'Notation: Setup' +description: Setup Notation CLI on GitHub Action runners +branding: + icon: check-circle + color: blue +inputs: + version: + description: version of official Notation CLI [release](https://github.com/notaryproject/notation/releases). This field is ignored if 'url' is present. + required: false + default: "1.0.0" + url: + description: url of customized Notation CLI to install + required: false + checksum: + description: SHA256 of the customized Notation CLI. Required if 'url' is present. + required: false +runs: + using: node16 + main: ./dist/setup.js From f7421697d637a12ffcd161797c76e73da3c242d9 Mon Sep 17 00:00:00 2001 From: Patrick Zheng Date: Mon, 18 Sep 2023 14:50:35 +0800 Subject: [PATCH 02/11] update Signed-off-by: Patrick Zheng --- action.yml | 2 +- setup/action.yml | 2 +- verify/action.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/action.yml b/action.yml index 9a8ed69..f559b24 100644 --- a/action.yml +++ b/action.yml @@ -14,7 +14,7 @@ name: 'Notation: Setup' description: Setup Notation CLI on GitHub Action runners branding: - icon: check-circle + icon: shield color: blue inputs: version: diff --git a/setup/action.yml b/setup/action.yml index 29f4b08..d7040fc 100644 --- a/setup/action.yml +++ b/setup/action.yml @@ -14,7 +14,7 @@ name: 'Notation: Setup' description: Setup Notation CLI on GitHub Action runners branding: - icon: check-circle + icon: shield color: blue inputs: version: diff --git a/verify/action.yml b/verify/action.yml index a07a9ae..07f01eb 100644 --- a/verify/action.yml +++ b/verify/action.yml @@ -14,7 +14,7 @@ name: 'Notation: Verify' description: notation verify target artifact branding: - icon: check-circle + icon: shield color: blue inputs: target_artifact_reference: From 100d10f0853f0e0949d53b3f0fb37cb41e6e8feb Mon Sep 17 00:00:00 2001 From: Patrick Zheng Date: Mon, 18 Sep 2023 16:18:00 +0800 Subject: [PATCH 03/11] prepare for release Signed-off-by: Patrick Zheng --- .github/workflows/e2e-test-setup.yml | 2 +- .github/workflows/e2e-test-sign.yml | 2 +- .github/workflows/e2e-test-verify.yml | 2 +- README.md | 6 +++--- action.yml | 4 ++-- setup/action.yml | 4 ++-- sign/action.yml | 4 ++-- verify/action.yml | 2 +- 8 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/e2e-test-setup.yml b/.github/workflows/e2e-test-setup.yml index 2bd9958..4404818 100644 --- a/.github/workflows/e2e-test-setup.yml +++ b/.github/workflows/e2e-test-setup.yml @@ -24,7 +24,7 @@ jobs: - name: Checkout uses: actions/checkout@v3 - # E2E test cases on Notation: Setup + # E2E test cases on Notation Setup - name: Setup Notation uses: ./setup diff --git a/.github/workflows/e2e-test-sign.yml b/.github/workflows/e2e-test-sign.yml index 56b8e36..838d9e5 100644 --- a/.github/workflows/e2e-test-sign.yml +++ b/.github/workflows/e2e-test-sign.yml @@ -52,7 +52,7 @@ jobs: run: | notation cert generate-test "e2e-test" - # E2E test cases on Notation: Sign + # E2E test cases on Notation Sign - name: Sign artifact using notation plugin uses: ./sign with: diff --git a/.github/workflows/e2e-test-verify.yml b/.github/workflows/e2e-test-verify.yml index 2b054de..57bb0eb 100644 --- a/.github/workflows/e2e-test-verify.yml +++ b/.github/workflows/e2e-test-verify.yml @@ -68,7 +68,7 @@ jobs: plugin_config: |- keyFile=${{ env.E2E_KEY }} - # E2E test cases on Notation: Verify + # E2E test cases on Notation Verify - name: Verify released artifact uses: ./verify with: diff --git a/README.md b/README.md index 04ac6ab..ca77080 100644 --- a/README.md +++ b/README.md @@ -12,7 +12,7 @@ The following three actions are available: ## Usage -### Notation: Setup +### Notation Setup ```yaml - name: setup Notation CLI uses: notaryproject/notation-action/setup@main @@ -29,7 +29,7 @@ For example, version: "1.0.0" ``` -### Notation: Sign +### Notation Sign ```yaml - name: sign releasd artifact with signing plugin uses: notaryproject/notation-action/sign@main @@ -77,7 +77,7 @@ Example of using the [Referrers API](https://github.com/opencontainers/distribut self_signed=false ``` -### Notation: Verify +### Notation Verify ```yaml - name: verify released artifact uses: notaryproject/notation-action/verify@main diff --git a/action.yml b/action.yml index f559b24..b66a8a1 100644 --- a/action.yml +++ b/action.yml @@ -11,8 +11,8 @@ # See the License for the specific language governing permissions and # limitations under the License. -name: 'Notation: Setup' -description: Setup Notation CLI on GitHub Action runners +name: 'Notation Setup' +description: Set up Notation CLI on GitHub Action runners for signing and verifying OCI artifacts branding: icon: shield color: blue diff --git a/setup/action.yml b/setup/action.yml index d7040fc..2da0af0 100644 --- a/setup/action.yml +++ b/setup/action.yml @@ -11,8 +11,8 @@ # See the License for the specific language governing permissions and # limitations under the License. -name: 'Notation: Setup' -description: Setup Notation CLI on GitHub Action runners +name: 'Notation Setup' +description: Set up Notation CLI on GitHub Action runners for signing and verifying OCI artifacts branding: icon: shield color: blue diff --git a/sign/action.yml b/sign/action.yml index 0eec769..0d5db43 100644 --- a/sign/action.yml +++ b/sign/action.yml @@ -11,10 +11,10 @@ # See the License for the specific language governing permissions and # limitations under the License. -name: 'Notation: Sign' +name: 'Notation Sign' description: notation sign target artifact with plugin branding: - icon: check-circle + icon: shield color: blue inputs: plugin_name: diff --git a/verify/action.yml b/verify/action.yml index 07f01eb..580af17 100644 --- a/verify/action.yml +++ b/verify/action.yml @@ -11,7 +11,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -name: 'Notation: Verify' +name: 'Notation Verify' description: notation verify target artifact branding: icon: shield From d453b5dfff7add7ee70dc8abc95a6e9bc439c772 Mon Sep 17 00:00:00 2001 From: Patrick Zheng Date: Mon, 18 Sep 2023 16:50:05 +0800 Subject: [PATCH 04/11] added workflow to update major/minor versions Signed-off-by: Patrick Zheng --- .../update-major-and-minor-version.yml | 39 +++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 .github/workflows/update-major-and-minor-version.yml diff --git a/.github/workflows/update-major-and-minor-version.yml b/.github/workflows/update-major-and-minor-version.yml new file mode 100644 index 0000000..7f48d6f --- /dev/null +++ b/.github/workflows/update-major-and-minor-version.yml @@ -0,0 +1,39 @@ +# Trigger the workflow after publishing releases +name: Update major and minor versions +run-name: Move ${{ github.event.inputs.major_version }} to ${{ github.event.inputs.target }} + +on: + workflow_dispatch: + inputs: + target: + description: The tag or reference to use + required: true + major_version: + type: choice + description: The major version to update + required: true + options: + - v1 + minor_version: + description: The minor version to update + required: true + +jobs: + tag: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 0 + - name: Git config + run: | + git config user.name github-actions + git config user.email github-actions@github.com + - name: Tag new target + run: | + git tag -f ${{ github.event.inputs.major_version }} ${{ github.event.inputs.target }} + git tag -f ${{ github.event.inputs.minor_version }} ${{ github.event.inputs.target }} + - name: Push new tag + run: | + git push origin ${{ github.event.inputs.major_version }} --force + git push origin ${{ github.event.inputs.minor_version }} --force \ No newline at end of file From e83e4366d89bcb0e0dba10e3fa1850d751d56d28 Mon Sep 17 00:00:00 2001 From: Patrick Zheng Date: Tue, 19 Sep 2023 09:34:10 +0800 Subject: [PATCH 05/11] testing Signed-off-by: Patrick Zheng --- .../update-major-and-minor-version.yml | 46 +++++++------------ 1 file changed, 16 insertions(+), 30 deletions(-) diff --git a/.github/workflows/update-major-and-minor-version.yml b/.github/workflows/update-major-and-minor-version.yml index 7f48d6f..404a8f7 100644 --- a/.github/workflows/update-major-and-minor-version.yml +++ b/.github/workflows/update-major-and-minor-version.yml @@ -1,39 +1,25 @@ -# Trigger the workflow after publishing releases name: Update major and minor versions run-name: Move ${{ github.event.inputs.major_version }} to ${{ github.event.inputs.target }} on: - workflow_dispatch: - inputs: - target: - description: The tag or reference to use - required: true - major_version: - type: choice - description: The major version to update - required: true - options: - - v1 - minor_version: - description: The minor version to update - required: true + release: + types: [published] jobs: tag: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - with: - fetch-depth: 0 - - name: Git config - run: | - git config user.name github-actions - git config user.email github-actions@github.com - - name: Tag new target - run: | - git tag -f ${{ github.event.inputs.major_version }} ${{ github.event.inputs.target }} - git tag -f ${{ github.event.inputs.minor_version }} ${{ github.event.inputs.target }} - - name: Push new tag - run: | - git push origin ${{ github.event.inputs.major_version }} --force - git push origin ${{ github.event.inputs.minor_version }} --force \ No newline at end of file + - name: Checkout + uses: actions/checkout@v2 + with: + ref: ${{ github.event.release.tag_name }} + - name: Git config + run: | + git config user.name github-actions + git config user.email github-actions@github.com + - name: Tag new target + run: | + VERSION=${GITHUB_REF#refs/tags/} + MAJOR=${VERSION%%.*} + git tag -f ${MAJOR} ${VERSION} + git push origin ${MAJOR} --force \ No newline at end of file From 540d6e3602f4c91e7c74adde23261f811e2a31cc Mon Sep 17 00:00:00 2001 From: Patrick Zheng Date: Tue, 19 Sep 2023 09:35:21 +0800 Subject: [PATCH 06/11] testing Signed-off-by: Patrick Zheng --- .../workflows/update-major-and-minor-version.yml | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/.github/workflows/update-major-and-minor-version.yml b/.github/workflows/update-major-and-minor-version.yml index 404a8f7..44aa611 100644 --- a/.github/workflows/update-major-and-minor-version.yml +++ b/.github/workflows/update-major-and-minor-version.yml @@ -1,3 +1,16 @@ +# Copyright The Notary Project Authors. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + name: Update major and minor versions run-name: Move ${{ github.event.inputs.major_version }} to ${{ github.event.inputs.target }} From 44b080a1e9b22af37f56127cdfb08caf0863d713 Mon Sep 17 00:00:00 2001 From: Patrick Zheng Date: Tue, 19 Sep 2023 09:41:32 +0800 Subject: [PATCH 07/11] testing Signed-off-by: Patrick Zheng --- .github/workflows/update-major-and-minor-version.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/update-major-and-minor-version.yml b/.github/workflows/update-major-and-minor-version.yml index 44aa611..8066cb5 100644 --- a/.github/workflows/update-major-and-minor-version.yml +++ b/.github/workflows/update-major-and-minor-version.yml @@ -12,7 +12,6 @@ # limitations under the License. name: Update major and minor versions -run-name: Move ${{ github.event.inputs.major_version }} to ${{ github.event.inputs.target }} on: release: @@ -33,6 +32,8 @@ jobs: - name: Tag new target run: | VERSION=${GITHUB_REF#refs/tags/} - MAJOR=${VERSION%%.*} + MAJOR=${VERSION%%.*} + echo ${VERSION} + echo ${MAJOR} git tag -f ${MAJOR} ${VERSION} git push origin ${MAJOR} --force \ No newline at end of file From ba36e1eae8d080c259ef091086b849ea13723e23 Mon Sep 17 00:00:00 2001 From: Patrick Zheng Date: Tue, 19 Sep 2023 09:50:40 +0800 Subject: [PATCH 08/11] automating major and minor versions Signed-off-by: Patrick Zheng --- .github/workflows/update-major-and-minor-version.yml | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/.github/workflows/update-major-and-minor-version.yml b/.github/workflows/update-major-and-minor-version.yml index 8066cb5..c5e8345 100644 --- a/.github/workflows/update-major-and-minor-version.yml +++ b/.github/workflows/update-major-and-minor-version.yml @@ -29,11 +29,15 @@ jobs: run: | git config user.name github-actions git config user.email github-actions@github.com - - name: Tag new target + - name: Tag and push new major and minor versions run: | - VERSION=${GITHUB_REF#refs/tags/} - MAJOR=${VERSION%%.*} + VERSION=${{ github.event.release.tag_name }} + export MAJOR=$(echo ${VERSION} | cut -d '.' -f 1) + export MINOR=${MAJOR}.$(echo ${VERSION} | cut -d '.' -f 2) echo ${VERSION} echo ${MAJOR} + echo ${MINOR} git tag -f ${MAJOR} ${VERSION} - git push origin ${MAJOR} --force \ No newline at end of file + git tag -f ${MINOR} ${VERSION} + git push origin ${MAJOR} --force + git push origin ${MINOR} --force \ No newline at end of file From b521ed2ca1d1630017b1a4ec9ddca58c0081117c Mon Sep 17 00:00:00 2001 From: Patrick Zheng Date: Tue, 19 Sep 2023 09:55:22 +0800 Subject: [PATCH 09/11] automating major and minor versions Signed-off-by: Patrick Zheng --- .github/workflows/update-major-and-minor-version.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/update-major-and-minor-version.yml b/.github/workflows/update-major-and-minor-version.yml index c5e8345..ef0b0e8 100644 --- a/.github/workflows/update-major-and-minor-version.yml +++ b/.github/workflows/update-major-and-minor-version.yml @@ -11,18 +11,18 @@ # See the License for the specific language governing permissions and # limitations under the License. -name: Update major and minor versions +name: Update major and minor tags on: release: types: [published] jobs: - tag: + update-major-minor-tags: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: ref: ${{ github.event.release.tag_name }} - name: Git config From da53e337b669429a7db209eef53d4f93a1657f37 Mon Sep 17 00:00:00 2001 From: Patrick Zheng Date: Tue, 19 Sep 2023 13:46:35 +0800 Subject: [PATCH 10/11] updated per code review Signed-off-by: Patrick Zheng --- .../update-major-and-minor-version.yml | 28 +++++++++++++++---- 1 file changed, 23 insertions(+), 5 deletions(-) diff --git a/.github/workflows/update-major-and-minor-version.yml b/.github/workflows/update-major-and-minor-version.yml index ef0b0e8..1b54fe9 100644 --- a/.github/workflows/update-major-and-minor-version.yml +++ b/.github/workflows/update-major-and-minor-version.yml @@ -32,11 +32,29 @@ jobs: - name: Tag and push new major and minor versions run: | VERSION=${{ github.event.release.tag_name }} - export MAJOR=$(echo ${VERSION} | cut -d '.' -f 1) - export MINOR=${MAJOR}.$(echo ${VERSION} | cut -d '.' -f 2) - echo ${VERSION} - echo ${MAJOR} - echo ${MINOR} + MAJOR=$(echo ${VERSION} | cut -d '.' -f 1) + MINOR=${MAJOR}.$(echo ${VERSION} | cut -d '.' -f 2) + if [ -z ${VERSION} ] + then + echo "released tag cannot be empty" + exit 1 + else + echo "released tag is ${VERSION}" + fi + if [ -z ${MAJOR} ] + then + echo "major tag cannot be empty" + exit 1 + else + echo "major tag is ${MAJOR}" + fi + if [ -z ${MINOR} ] + then + echo "minor tag cannot be empty" + exit 1 + else + echo "minor tag is ${MINOR}" + fi git tag -f ${MAJOR} ${VERSION} git tag -f ${MINOR} ${VERSION} git push origin ${MAJOR} --force From 6dfe2d3daf9969feba71fe506eafbd9e85491276 Mon Sep 17 00:00:00 2001 From: Patrick Zheng Date: Tue, 19 Sep 2023 14:31:53 +0800 Subject: [PATCH 11/11] updated per code review Signed-off-by: Patrick Zheng --- .github/workflows/update-major-and-minor-version.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-major-and-minor-version.yml b/.github/workflows/update-major-and-minor-version.yml index 1b54fe9..f1f8645 100644 --- a/.github/workflows/update-major-and-minor-version.yml +++ b/.github/workflows/update-major-and-minor-version.yml @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: ref: ${{ github.event.release.tag_name }} - name: Git config