From afe725007dacb8ae53e6ba6ed1009cd211193f8b Mon Sep 17 00:00:00 2001 From: initializ-bot Date: Thu, 27 Jun 2024 11:00:59 +0000 Subject: [PATCH] Updating github-config --- .github/workflows/approve-bot-pr.yml | 20 +++++++------- .github/workflows/create-draft-release.yml | 14 +++++----- .github/workflows/label-pr.yml | 4 +-- .github/workflows/lint-yaml.yml | 2 +- .github/workflows/publish-releases.yml | 8 +++--- .github/workflows/push-buildpackage.yml | 27 ++++++++----------- .github/workflows/update-github-config.yml | 6 ++--- ...d-version.yml => update-go-mod-version.ym} | 20 +++++++------- scripts/.util/builders.sh | 2 +- scripts/.util/tools.json | 2 +- scripts/.util/tools.sh | 2 +- scripts/build.sh | 2 +- 12 files changed, 52 insertions(+), 57 deletions(-) rename .github/workflows/{update-go-mod-version.yml => update-go-mod-version.ym} (77%) diff --git a/.github/workflows/approve-bot-pr.yml b/.github/workflows/approve-bot-pr.yml index c798e64..f8a757e 100644 --- a/.github/workflows/approve-bot-pr.yml +++ b/.github/workflows/approve-bot-pr.yml @@ -16,13 +16,13 @@ jobs: pr-number: ${{ steps.pr-data.outputs.number }} steps: - name: 'Download artifact' - uses: paketo-buildpacks/github-config/actions/pull-request/download-artifact@main + uses: initializ-buildpacks/github-config/actions/pull-request/download-artifact@main with: name: "event-payload" repo: ${{ github.repository }} run_id: ${{ github.event.workflow_run.id }} workspace: "/github/workspace" - token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} + token: ${{ secrets.PAT }} - id: pr-data run: | echo "author=$(cat event.json | jq -r '.pull_request.user.login')" >> "$GITHUB_OUTPUT" @@ -31,22 +31,22 @@ jobs: approve: name: Approve Bot PRs needs: download - if: ${{ needs.download.outputs.pr-author == 'paketo-bot' || needs.download.outputs.pr-author == 'dependabot[bot]' }} + if: ${{ needs.download.outputs.pr-author == 'initializ-bot' || needs.download.outputs.pr-author == 'dependabot[bot]' }} runs-on: ubuntu-22.04 steps: - name: Check Commit Verification id: unverified-commits - uses: paketo-buildpacks/github-config/actions/pull-request/check-unverified-commits@main + uses: initializ-buildpacks/github-config/actions/pull-request/check-unverified-commits@main with: - token: ${{ secrets.PAKETO_BOT_REVIEWER_GITHUB_TOKEN }} + token: ${{ secrets.PAT }} repo: ${{ github.repository }} number: ${{ needs.download.outputs.pr-number }} - name: Check for Human Commits id: human-commits - uses: paketo-buildpacks/github-config/actions/pull-request/check-human-commits@main + uses: initializ-buildpacks/github-config/actions/pull-request/check-human-commits@main with: - token: ${{ secrets.PAKETO_BOT_REVIEWER_GITHUB_TOKEN }} + token: ${{ secrets.PAT }} repo: ${{ github.repository }} number: ${{ needs.download.outputs.pr-number }} @@ -56,9 +56,9 @@ jobs: - name: Approve if: steps.human-commits.outputs.human_commits == 'false' && steps.unverified-commits.outputs.unverified_commits == 'false' - uses: paketo-buildpacks/github-config/actions/pull-request/approve@main + uses: initializ-buildpacks/github-config/actions/pull-request/approve@main with: - token: ${{ secrets.PAKETO_BOT_REVIEWER_GITHUB_TOKEN }} + token: ${{ secrets.PAT }} number: ${{ needs.download.outputs.pr-number }} - name: Enable Auto-Merge @@ -66,4 +66,4 @@ jobs: run: | gh pr merge ${{ needs.download.outputs.pr-number }} --auto --rebase env: - GITHUB_TOKEN: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} + GITHUB_TOKEN: ${{ secrets.PAT }} diff --git a/.github/workflows/create-draft-release.yml b/.github/workflows/create-draft-release.yml index 8474cab..b5a6009 100644 --- a/.github/workflows/create-draft-release.yml +++ b/.github/workflows/create-draft-release.yml @@ -72,14 +72,14 @@ jobs: fetch-tags: true - name: Reset Draft Release id: reset - uses: paketo-buildpacks/github-config/actions/release/reset-draft@main + uses: initializ-buildpacks/github-config/actions/release/reset-draft@main with: repo: ${{ github.repository }} token: ${{ github.token }} - name: Calculate Semver Tag if: github.event.inputs.version == '' id: semver - uses: paketo-buildpacks/github-config/actions/tag/calculate-semver@main + uses: initializ-buildpacks/github-config/actions/tag/calculate-semver@main with: repo: ${{ github.repository }} token: ${{ github.token }} @@ -96,15 +96,15 @@ jobs: run: ./scripts/package.sh --version "${{ steps.tag.outputs.tag }}" - name: Create Release Notes id: create-release-notes - uses: paketo-buildpacks/github-config/actions/release/notes@main + uses: initializ-buildpacks/github-config/actions/release/notes@main with: repo: ${{ github.repository }} - token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} + token: ${{ secrets.PAT }} - name: Create Release - uses: paketo-buildpacks/github-config/actions/release/create@main + uses: initializ-buildpacks/github-config/actions/release/create@main with: repo: ${{ github.repository }} - token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} + token: ${{ secrets.PAT }} tag_name: v${{ steps.tag.outputs.tag }} target_commitish: ${{ github.sha }} name: v${{ steps.tag.outputs.tag }} @@ -131,7 +131,7 @@ jobs: if: ${{ always() && needs.unit.result == 'failure' || needs.integration.result == 'failure' || needs.release.result == 'failure' }} steps: - name: File Failure Alert Issue - uses: paketo-buildpacks/github-config/actions/issue/file@main + uses: initializ-buildpacks/github-config/actions/issue/file@main with: token: ${{ secrets.GITHUB_TOKEN }} repo: ${{ github.repository }} diff --git a/.github/workflows/label-pr.yml b/.github/workflows/label-pr.yml index b09cdf0..6c67f05 100644 --- a/.github/workflows/label-pr.yml +++ b/.github/workflows/label-pr.yml @@ -28,6 +28,6 @@ jobs: - name: Auto-label Semver if: ${{ failure() }} - uses: paketo-buildpacks/github-config/actions/pull-request/auto-semver-label@main + uses: initializ-buildpacks/github-config/actions/pull-request/auto-semver-label@main env: - GITHUB_TOKEN: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} + GITHUB_TOKEN: ${{ secrets.PAT }} diff --git a/.github/workflows/lint-yaml.yml b/.github/workflows/lint-yaml.yml index e6f4a8b..21e9575 100644 --- a/.github/workflows/lint-yaml.yml +++ b/.github/workflows/lint-yaml.yml @@ -15,7 +15,7 @@ jobs: - name: Checkout github-config uses: actions/checkout@v3 with: - repository: paketo-buildpacks/github-config + repository: initializ-buildpacks/github-config path: github-config - name: Set up Python diff --git a/.github/workflows/publish-releases.yml b/.github/workflows/publish-releases.yml index 495341a..4f85719 100644 --- a/.github/workflows/publish-releases.yml +++ b/.github/workflows/publish-releases.yml @@ -16,8 +16,8 @@ jobs: - name: Publish Draft Release With Highest Semantic Version id: drafts env: - GITHUB_TOKEN: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} - uses: paketo-buildpacks/github-config/actions/release/publish-drafts@main + GITHUB_TOKEN: ${{ secrets.PAT }} + uses: initializ-buildpacks/github-config/actions/release/publish-drafts@main with: repo: ${{ github.repository }} @@ -28,7 +28,7 @@ jobs: if: ${{ always() && needs.publish.result == 'failure' }} steps: - name: File Failure Alert Issue - uses: paketo-buildpacks/github-config/actions/issue/file@main + uses: initializ-buildpacks/github-config/actions/issue/file@main with: token: ${{ secrets.GITHUB_TOKEN }} repo: ${{ github.repository }} @@ -38,4 +38,4 @@ jobs: issue_body: | Publish All Draft Releases workflow [failed](https://github.com/${{github.repository}}/actions/runs/${{github.run_id}}). comment_body: | - Another failure occurred: https://github.com/${{github.repository}}/actions/runs/${{github.run_id}} + Another failure occurred: https://github.com/${{github.repository}}/actions/runs/${{github.run_id}} \ No newline at end of file diff --git a/.github/workflows/push-buildpackage.yml b/.github/workflows/push-buildpackage.yml index f96478e..cc84878 100644 --- a/.github/workflows/push-buildpackage.yml +++ b/.github/workflows/push-buildpackage.yml @@ -5,6 +5,10 @@ on: types: - published +permissions: + id-token: write + contents: read + jobs: push: name: Push @@ -24,11 +28,11 @@ jobs: - name: Download id: download - uses: paketo-buildpacks/github-config/actions/release/download-asset@main + uses: initializ-buildpacks/github-config/actions/release/download-asset@main with: url: ${{ steps.event.outputs.download_url }} output: "/github/workspace/buildpackage.cnb" - token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} + token: ${{ secrets.PAT }} - name: Validate version run: | @@ -39,24 +43,15 @@ jobs: exit 1 fi - - name: Push to GCR - env: - GCR_PUSH_BOT_JSON_KEY: ${{ secrets.GCR_PUSH_BOT_JSON_KEY }} - run: | - echo "${GCR_PUSH_BOT_JSON_KEY}" | sudo skopeo login --username _json_key --password-stdin gcr.io - sudo skopeo copy "oci-archive:${GITHUB_WORKSPACE}/buildpackage.cnb" "docker://gcr.io/${{ github.repository }}:${{ steps.event.outputs.tag_full }}" - sudo skopeo copy "oci-archive:${GITHUB_WORKSPACE}/buildpackage.cnb" "docker://gcr.io/${{ github.repository }}:${{ steps.event.outputs.tag_minor }}" - sudo skopeo copy "oci-archive:${GITHUB_WORKSPACE}/buildpackage.cnb" "docker://gcr.io/${{ github.repository }}:${{ steps.event.outputs.tag_major }}" - sudo skopeo copy "oci-archive:${GITHUB_WORKSPACE}/buildpackage.cnb" "docker://gcr.io/${{ github.repository }}:latest" - name: Push to DockerHub id: push env: - DOCKERHUB_USERNAME: ${{ secrets.PAKETO_BUILDPACKS_DOCKERHUB_USERNAME }} - DOCKERHUB_PASSWORD: ${{ secrets.PAKETO_BUILDPACKS_DOCKERHUB_PASSWORD }} + DOCKERHUB_USERNAME: ${{ secrets.INITIALIZ_BUILDPACKS_DOCKERHUB_USERNAME }} + DOCKERHUB_PASSWORD: ${{ secrets.INITIALIZ_BUILDPACKS_DOCKERHUB_PASSWORD }} GITHUB_REPOSITORY_OWNER: ${{ github.repository_owner }} run: | - REPOSITORY="${GITHUB_REPOSITORY_OWNER/-/}/${GITHUB_REPOSITORY#${GITHUB_REPOSITORY_OWNER}/}" # translates 'paketo-buildpacks/bundle-install' to 'paketobuildpacks/bundle-install' + REPOSITORY="${GITHUB_REPOSITORY_OWNER/-/}/${GITHUB_REPOSITORY#${GITHUB_REPOSITORY_OWNER}/}" # translates 'initializ-buildpacks/bundle-install' to 'initializbuildpacks/bundle-install' IMAGE="index.docker.io/${REPOSITORY}" echo "${DOCKERHUB_PASSWORD}" | sudo skopeo login --username "${DOCKERHUB_USERNAME}" --password-stdin index.docker.io sudo skopeo copy "oci-archive:${GITHUB_WORKSPACE}/buildpackage.cnb" "docker://${IMAGE}:${{ steps.event.outputs.tag_full }}" @@ -72,7 +67,7 @@ jobs: id: ${{ github.repository }} version: ${{ steps.event.outputs.tag_full }} address: ${{ steps.push.outputs.image }}@${{ steps.push.outputs.digest }} - token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} + token: ${{ secrets.PAT }} failure: name: Alert on Failure @@ -81,7 +76,7 @@ jobs: if: ${{ always() && needs.push.result == 'failure' }} steps: - name: File Failure Alert Issue - uses: paketo-buildpacks/github-config/actions/issue/file@main + uses: initializ-buildpacks/github-config/actions/issue/file@main with: token: ${{ secrets.GITHUB_TOKEN }} repo: ${{ github.repository }} diff --git a/.github/workflows/update-github-config.yml b/.github/workflows/update-github-config.yml index 0807300..9e36c0d 100644 --- a/.github/workflows/update-github-config.yml +++ b/.github/workflows/update-github-config.yml @@ -27,7 +27,7 @@ jobs: - name: Checkout Branch uses: initializ-buildpacks/github-config/actions/pull-request/checkout-branch@main with: - branch: automation/github-config/update + branch: automations/github-config/update - name: Run the sync action uses: initializ-buildpacks/github-config/actions/sync@main @@ -51,7 +51,7 @@ jobs: if: ${{ steps.commit.outputs.commit_sha != '' }} uses: initializ-buildpacks/github-config/actions/pull-request/push-branch@main with: - branch: automation/github-config/update + branch: automations/github-config/update - name: Open Pull Request if: ${{ steps.commit.outputs.commit_sha != '' }} @@ -59,7 +59,7 @@ jobs: with: token: ${{ secrets.PAT }} title: "Updates github-config" - branch: automation/github-config/update + branch: automations/github-config/update failure: name: Alert on Failure diff --git a/.github/workflows/update-go-mod-version.yml b/.github/workflows/update-go-mod-version.ym similarity index 77% rename from .github/workflows/update-go-mod-version.yml rename to .github/workflows/update-go-mod-version.ym index 2cc949c..35455ac 100644 --- a/.github/workflows/update-go-mod-version.yml +++ b/.github/workflows/update-go-mod-version.ym @@ -15,7 +15,7 @@ jobs: - name: Check out code uses: actions/checkout@v4 - name: Checkout PR Branch - uses: paketo-buildpacks/github-config/actions/pull-request/checkout-branch@main + uses: initializ-buildpacks/github-config/actions/pull-request/checkout-branch@main with: branch: automation/go-mod-update/update-main - name: Setup Go @@ -25,7 +25,7 @@ jobs: go-version: 'stable' - name: Get current go toolchain version id: current-go-version - uses: paketo-buildpacks/github-config/actions/update-go-mod-version@main + uses: initializ-buildpacks/github-config/actions/update-go-mod-version@main with: toolchain-version: ${{ steps.setup-go.outputs.go-version }} - name: Go mod tidy @@ -52,24 +52,24 @@ jobs: git diff - name: Commit id: commit - uses: paketo-buildpacks/github-config/actions/pull-request/create-commit@main + uses: initializ-buildpacks/github-config/actions/pull-request/create-commit@main with: message: "Updates go mod toolchain version to ${{ steps.setup-go.outputs.go-version }}" pathspec: "." - keyid: ${{ secrets.PAKETO_BOT_GPG_SIGNING_KEY_ID }} - key: ${{ secrets.PAKETO_BOT_GPG_SIGNING_KEY }} + keyid: ${{ secrets.INITIALIZ_BOT_GPG_SIGNING_KEY_ID }} + key: ${{ secrets.INITIALIZ_BOT_GPG_SIGNING_KEY }} - name: Push Branch if: ${{ steps.commit.outputs.commit_sha != '' }} - uses: paketo-buildpacks/github-config/actions/pull-request/push-branch@main + uses: initializ-buildpacks/github-config/actions/pull-request/push-branch@main with: branch: automation/go-mod-update/update-main - name: Open Pull Request if: ${{ steps.commit.outputs.commit_sha != '' }} - uses: paketo-buildpacks/github-config/actions/pull-request/open@main + uses: initializ-buildpacks/github-config/actions/pull-request/open@main with: - token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} + token: ${{ secrets.PAT }} title: "Updates go mod toolchain version to ${{ steps.setup-go.outputs.go-version }}" branch: automation/go-mod-update/update-main @@ -80,7 +80,7 @@ jobs: if: ${{ always() && needs.update-go.result == 'failure' }} steps: - name: File Failure Alert Issue - uses: paketo-buildpacks/github-config/actions/issue/file@main + uses: initializ-buildpacks/github-config/actions/issue/file@main with: token: ${{ secrets.GITHUB_TOKEN }} repo: ${{ github.repository }} @@ -90,4 +90,4 @@ jobs: issue_body: | Update Go Mod Version workflow [failed](https://github.com/${{github.repository}}/actions/runs/${{github.run_id}}). comment_body: | - Another failure occurred: https://github.com/${{github.repository}}/actions/runs/${{github.run_id}} + Another failure occurred: https://github.com/${{github.repository}}/actions/runs/${{github.run_id}} \ No newline at end of file diff --git a/scripts/.util/builders.sh b/scripts/.util/builders.sh index a4b3e9a..fd2a9b3 100644 --- a/scripts/.util/builders.sh +++ b/scripts/.util/builders.sh @@ -19,7 +19,7 @@ function util::builders::list() { if [[ -z "${builders}" ]]; then util::print::info "No builders specified. Falling back to default builder..." - builders="$(jq --compact-output --null-input '["index.docker.io/paketobuildpacks/builder-jammy-buildpackless-base:latest"]')" + builders="$(jq --compact-output --null-input '["index.docker.io/initializbuildpacks/securepacks-initzbuilder:latest"]')" fi echo "${builders}" diff --git a/scripts/.util/tools.json b/scripts/.util/tools.json index 2d003a6..080b0e2 100644 --- a/scripts/.util/tools.json +++ b/scripts/.util/tools.json @@ -1,5 +1,5 @@ { "createpackage": "v1.70.0", - "jam": "v2.7.3", + "jam": "v2.7.2", "pack": "v0.34.2" } diff --git a/scripts/.util/tools.sh b/scripts/.util/tools.sh index 801e6ac..547808d 100644 --- a/scripts/.util/tools.sh +++ b/scripts/.util/tools.sh @@ -235,4 +235,4 @@ function util::tools::tests::checkfocus() { util::print::success "** GO Test Succeeded **" 197 fi rm "${testout}" -} +} \ No newline at end of file diff --git a/scripts/build.sh b/scripts/build.sh index c6e1413..f603604 100755 --- a/scripts/build.sh +++ b/scripts/build.sh @@ -99,4 +99,4 @@ function cmd::build() { fi } -main "${@:-}" +main "${@:-}" \ No newline at end of file