From 0e168c2f8fc6ccbd9989493d5d2ec51e0c52bc74 Mon Sep 17 00:00:00 2001 From: Daniel Mikusa Date: Mon, 30 Jan 2023 23:06:54 -0500 Subject: [PATCH] Update `pipeline-descriptor.yml` Update `pipeline-descriptor.yml` to use new tokens, codeowners, and to publish to DockerHub as well as GCR.io --- .github/CODEOWNERS | 2 +- .github/pipeline-descriptor.yml | 15 ++++++----- .github/workflows/pb-create-package.yml | 25 ++++++++++++------- .github/workflows/pb-minimal-labels.yml | 4 +-- .github/workflows/pb-synchronize-labels.yml | 2 +- .github/workflows/pb-tests.yml | 8 +++--- .github/workflows/pb-update-draft-release.yml | 4 +-- .github/workflows/pb-update-go.yml | 10 ++++---- ...pdate-google-stackdriver-debugger-java.yml | 12 ++++----- ...ate-google-stackdriver-debugger-nodejs.yml | 10 ++++---- ...pdate-google-stackdriver-profiler-java.yml | 10 ++++---- ...ate-google-stackdriver-profiler-nodejs.yml | 10 ++++---- .github/workflows/pb-update-pipeline.yml | 12 +++++---- 13 files changed, 68 insertions(+), 56 deletions(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index c3b2fc0..ad7caf9 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1 +1 @@ -* @paketo-buildpacks/java-buildpacks \ No newline at end of file +* @paketo-buildpacks/java-maintainers \ No newline at end of file diff --git a/.github/pipeline-descriptor.yml b/.github/pipeline-descriptor.yml index c779668..c305cc0 100644 --- a/.github/pipeline-descriptor.yml +++ b/.github/pipeline-descriptor.yml @@ -1,20 +1,23 @@ github: username: ${{ secrets.JAVA_GITHUB_USERNAME }} - token: ${{ secrets.JAVA_GITHUB_TOKEN }} + token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} codeowners: - path: "*" - owner: "@paketo-buildpacks/java-buildpacks" + owner: "@paketo-buildpacks/java-maintainers" package: - repository: gcr.io/paketo-buildpacks/google-stackdriver + repositories: ["docker.io/paketobuildpacks/google-stackdriver","gcr.io/paketo-buildpacks/google-stackdriver"] register: true - registry_token: ${{ secrets.JAVA_GITHUB_TOKEN }} + registry_token: ${ secrets.PAKETO_BOT_GITHUB_TOKEN } docker_credentials: - registry: gcr.io username: _json_key - password: ${{ secrets.JAVA_GCLOUD_SERVICE_ACCOUNT_KEY }} + password: ${{ secrets.GCR_PUSH_BOT_JSON_KEY }} +- registry: docker.io + username: ${{ secrets.PAKETO_BUILDPACKS_DOCKERHUB_USERNAME }} + password: ${{ secrets.PAKETO_BUILDPACKS_DOCKERHUB_PASSWORD }} dependencies: - id: google-stackdriver-debugger-java @@ -23,7 +26,7 @@ dependencies: glob: cdbg_java_agent_gce\.tar\.gz owner: GoogleCloudPlatform repository: cloud-debug-java - token: ${{ secrets.JAVA_GITHUB_TOKEN }} + token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} - id: google-stackdriver-debugger-nodejs uses: docker://ghcr.io/paketo-buildpacks/actions/npm-dependency:main with: diff --git a/.github/workflows/pb-create-package.yml b/.github/workflows/pb-create-package.yml index 1040da3..be36dd1 100644 --- a/.github/workflows/pb-create-package.yml +++ b/.github/workflows/pb-create-package.yml @@ -13,9 +13,16 @@ jobs: if: ${{ (github.event_name != 'pull_request' || ! github.event.pull_request.head.repo.fork) && (github.actor != 'dependabot[bot]') }} uses: docker/login-action@v2 with: - password: ${{ secrets.JAVA_GCLOUD_SERVICE_ACCOUNT_KEY }} + password: ${{ secrets.GCR_PUSH_BOT_JSON_KEY }} registry: gcr.io username: _json_key + - name: Docker login docker.io + if: ${{ (github.event_name != 'pull_request' || ! github.event.pull_request.head.repo.fork) && (github.actor != 'dependabot[bot]') }} + uses: docker/login-action@v2 + with: + password: ${{ secrets.PAKETO_BUILDPACKS_DOCKERHUB_PASSWORD }} + registry: docker.io + username: ${{ secrets.PAKETO_BUILDPACKS_DOCKERHUB_USERNAME }} - uses: actions/setup-go@v3 with: go-version: "1.18" @@ -102,15 +109,15 @@ jobs: MAJOR_VERSION="$(echo "${VERSION}" | awk -F '.' '{print $1 }')" MINOR_VERSION="$(echo "${VERSION}" | awk -F '.' '{print $1 "." $2 }')" - echo "::set-output name=version-major::${MAJOR_VERSION}" - echo "::set-output name=version-minor::${MINOR_VERSION}" + echo "version-major=${MAJOR_VERSION}" >> "$GITHUB_OUTPUT" + echo "version-minor=${MINOR_VERSION}" >> "$GITHUB_OUTPUT" elif [[ ${GITHUB_REF} =~ refs/heads/(.+) ]]; then VERSION=${BASH_REMATCH[1]} else VERSION=$(git rev-parse --short HEAD) fi - echo "::set-output name=version::${VERSION}" + echo "version=${VERSION}" >> "$GITHUB_OUTPUT" echo "Selected ${VERSION} from * ref: ${GITHUB_REF} * sha: ${GITHUB_SHA} @@ -166,7 +173,7 @@ jobs: crane tag "${PACKAGE}:${VERSION}" "${VERSION_MAJOR}" fi crane tag "${PACKAGE}:${VERSION}" latest - echo "::set-output name=digest::$(crane digest "${PACKAGE}:${VERSION}")" + echo "digest=$(crane digest "${PACKAGE}:${VERSION}")" >> "$GITHUB_OUTPUT" # copy to other repositories specified for P in "${PACKAGE_LIST[@]}" @@ -188,7 +195,7 @@ jobs: --format "${FORMAT}" fi env: - PACKAGES: gcr.io/paketo-buildpacks/google-stackdriver + PACKAGES: docker.io/paketobuildpacks/google-stackdriver gcr.io/paketo-buildpacks/google-stackdriver PUBLISH: "true" VERSION: ${{ steps.version.outputs.version }} VERSION_MAJOR: ${{ steps.version.outputs.version-major }} @@ -214,11 +221,11 @@ jobs: --field "body=${RELEASE_BODY///\`${DIGEST}\`}" env: DIGEST: ${{ steps.package.outputs.digest }} - GITHUB_TOKEN: ${{ secrets.JAVA_GITHUB_TOKEN }} + GITHUB_TOKEN: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} - if: ${{ true }} uses: docker://ghcr.io/buildpacks/actions/registry/request-add-entry:4.0.1 with: - address: gcr.io/paketo-buildpacks/google-stackdriver@${{ steps.package.outputs.digest }} + address: docker.io/paketobuildpacks/google-stackdriver@${{ steps.package.outputs.digest }} id: paketo-buildpacks/google-stackdriver - token: ${{ secrets.JAVA_GITHUB_TOKEN }} + token: ${ secrets.PAKETO_BOT_GITHUB_TOKEN } version: ${{ steps.version.outputs.version }} diff --git a/.github/workflows/pb-minimal-labels.yml b/.github/workflows/pb-minimal-labels.yml index 8f4aab5..39c568e 100644 --- a/.github/workflows/pb-minimal-labels.yml +++ b/.github/workflows/pb-minimal-labels.yml @@ -12,7 +12,7 @@ jobs: runs-on: - ubuntu-latest steps: - - uses: mheap/github-action-required-labels@v2 + - uses: mheap/github-action-required-labels@v3 with: count: 1 labels: semver:major, semver:minor, semver:patch @@ -22,7 +22,7 @@ jobs: runs-on: - ubuntu-latest steps: - - uses: mheap/github-action-required-labels@v2 + - uses: mheap/github-action-required-labels@v3 with: count: 1 labels: type:bug, type:dependency-upgrade, type:documentation, type:enhancement, type:question, type:task diff --git a/.github/workflows/pb-synchronize-labels.yml b/.github/workflows/pb-synchronize-labels.yml index 86241f8..8f93206 100644 --- a/.github/workflows/pb-synchronize-labels.yml +++ b/.github/workflows/pb-synchronize-labels.yml @@ -14,4 +14,4 @@ jobs: - uses: actions/checkout@v3 - uses: micnncim/action-label-syncer@v1 env: - GITHUB_TOKEN: ${{ secrets.JAVA_GITHUB_TOKEN }} + GITHUB_TOKEN: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} diff --git a/.github/workflows/pb-tests.yml b/.github/workflows/pb-tests.yml index 98eff15..0075abc 100644 --- a/.github/workflows/pb-tests.yml +++ b/.github/workflows/pb-tests.yml @@ -76,15 +76,15 @@ jobs: MAJOR_VERSION="$(echo "${VERSION}" | awk -F '.' '{print $1 }')" MINOR_VERSION="$(echo "${VERSION}" | awk -F '.' '{print $1 "." $2 }')" - echo "::set-output name=version-major::${MAJOR_VERSION}" - echo "::set-output name=version-minor::${MINOR_VERSION}" + echo "version-major=${MAJOR_VERSION}" >> "$GITHUB_OUTPUT" + echo "version-minor=${MINOR_VERSION}" >> "$GITHUB_OUTPUT" elif [[ ${GITHUB_REF} =~ refs/heads/(.+) ]]; then VERSION=${BASH_REMATCH[1]} else VERSION=$(git rev-parse --short HEAD) fi - echo "::set-output name=version::${VERSION}" + echo "version=${VERSION}" >> "$GITHUB_OUTPUT" echo "Selected ${VERSION} from * ref: ${GITHUB_REF} * sha: ${GITHUB_SHA} @@ -138,7 +138,7 @@ jobs: crane tag "${PACKAGE}:${VERSION}" "${VERSION_MAJOR}" fi crane tag "${PACKAGE}:${VERSION}" latest - echo "::set-output name=digest::$(crane digest "${PACKAGE}:${VERSION}")" + echo "digest=$(crane digest "${PACKAGE}:${VERSION}")" >> "$GITHUB_OUTPUT" # copy to other repositories specified for P in "${PACKAGE_LIST[@]}" diff --git a/.github/workflows/pb-update-draft-release.yml b/.github/workflows/pb-update-draft-release.yml index f053bd7..2aae7bf 100644 --- a/.github/workflows/pb-update-draft-release.yml +++ b/.github/workflows/pb-update-draft-release.yml @@ -12,12 +12,12 @@ jobs: - id: release-drafter uses: release-drafter/release-drafter@v5 env: - GITHUB_TOKEN: ${{ secrets.JAVA_GITHUB_TOKEN }} + GITHUB_TOKEN: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} - uses: actions/checkout@v3 - name: Update draft release with buildpack information uses: docker://ghcr.io/paketo-buildpacks/actions/draft-release:main with: - github_token: ${{ secrets.JAVA_GITHUB_TOKEN }} + github_token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} release_body: ${{ steps.release-drafter.outputs.body }} release_id: ${{ steps.release-drafter.outputs.id }} release_name: ${{ steps.release-drafter.outputs.name }} diff --git a/.github/workflows/pb-update-go.yml b/.github/workflows/pb-update-go.yml index 9ca77d9..588d73f 100644 --- a/.github/workflows/pb-update-go.yml +++ b/.github/workflows/pb-update-go.yml @@ -1,7 +1,7 @@ name: Update Go "on": schedule: - - cron: 0 2 * * 1 + - cron: 14 2 * * 1 workflow_dispatch: {} jobs: update: @@ -45,9 +45,9 @@ jobs: COMMIT_SEMVER="semver:minor" fi - echo "::set-output name=commit-title::${COMMIT_TITLE}" - echo "::set-output name=commit-body::${COMMIT_BODY}" - echo "::set-output name=commit-semver::${COMMIT_SEMVER}" + echo "commit-title=${COMMIT_TITLE}" >> "$GITHUB_OUTPUT" + echo "commit-body=${COMMIT_BODY}" >> "$GITHUB_OUTPUT" + echo "commit-semver=${COMMIT_SEMVER}" >> "$GITHUB_OUTPUT" env: GO_VERSION: "1.18" - uses: peter-evans/create-pull-request@v4 @@ -69,4 +69,4 @@ jobs: labels: ${{ steps.update-go.outputs.commit-semver }}, type:task signoff: true title: ${{ steps.update-go.outputs.commit-title }} - token: ${{ secrets.JAVA_GITHUB_TOKEN }} + token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} diff --git a/.github/workflows/pb-update-google-stackdriver-debugger-java.yml b/.github/workflows/pb-update-google-stackdriver-debugger-java.yml index c1f6cde..329d26c 100644 --- a/.github/workflows/pb-update-google-stackdriver-debugger-java.yml +++ b/.github/workflows/pb-update-google-stackdriver-debugger-java.yml @@ -47,10 +47,10 @@ jobs: glob: cdbg_java_agent_gce\.tar\.gz owner: GoogleCloudPlatform repository: cloud-debug-java - token: ${{ secrets.JAVA_GITHUB_TOKEN }} + token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} - name: Update Buildpack Dependency id: buildpack - run: |- + run: | #!/usr/bin/env bash set -euo pipefail @@ -84,9 +84,9 @@ jobs: LABEL="semver:patch" fi - echo "::set-output name=old-version::${OLD_VERSION}" - echo "::set-output name=new-version::${VERSION}" - echo "::set-output name=version-label::${LABEL}" + echo "old-version=${OLD_VERSION}" >> "$GITHUB_OUTPUT" + echo "new-version=${VERSION}" >> "$GITHUB_OUTPUT" + echo "version-label=${LABEL}" >> "$GITHUB_OUTPUT" env: CPE: ${{ steps.dependency.outputs.cpe }} CPE_PATTERN: "" @@ -110,4 +110,4 @@ jobs: labels: ${{ steps.buildpack.outputs.version-label }}, type:dependency-upgrade signoff: true title: Bump google-stackdriver-debugger-java from ${{ steps.buildpack.outputs.old-version }} to ${{ steps.buildpack.outputs.new-version }} - token: ${{ secrets.JAVA_GITHUB_TOKEN }} + token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} diff --git a/.github/workflows/pb-update-google-stackdriver-debugger-nodejs.yml b/.github/workflows/pb-update-google-stackdriver-debugger-nodejs.yml index b00f076..60b0fc4 100644 --- a/.github/workflows/pb-update-google-stackdriver-debugger-nodejs.yml +++ b/.github/workflows/pb-update-google-stackdriver-debugger-nodejs.yml @@ -47,7 +47,7 @@ jobs: package: '@google-cloud/debug-agent' - name: Update Buildpack Dependency id: buildpack - run: |- + run: | #!/usr/bin/env bash set -euo pipefail @@ -81,9 +81,9 @@ jobs: LABEL="semver:patch" fi - echo "::set-output name=old-version::${OLD_VERSION}" - echo "::set-output name=new-version::${VERSION}" - echo "::set-output name=version-label::${LABEL}" + echo "old-version=${OLD_VERSION}" >> "$GITHUB_OUTPUT" + echo "new-version=${VERSION}" >> "$GITHUB_OUTPUT" + echo "version-label=${LABEL}" >> "$GITHUB_OUTPUT" env: CPE: ${{ steps.dependency.outputs.cpe }} CPE_PATTERN: "" @@ -107,4 +107,4 @@ jobs: labels: ${{ steps.buildpack.outputs.version-label }}, type:dependency-upgrade signoff: true title: Bump google-stackdriver-debugger-nodejs from ${{ steps.buildpack.outputs.old-version }} to ${{ steps.buildpack.outputs.new-version }} - token: ${{ secrets.JAVA_GITHUB_TOKEN }} + token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} diff --git a/.github/workflows/pb-update-google-stackdriver-profiler-java.yml b/.github/workflows/pb-update-google-stackdriver-profiler-java.yml index 1c34744..44a8478 100644 --- a/.github/workflows/pb-update-google-stackdriver-profiler-java.yml +++ b/.github/workflows/pb-update-google-stackdriver-profiler-java.yml @@ -45,7 +45,7 @@ jobs: uses: docker://ghcr.io/paketo-buildpacks/actions/google-stackdriver-profiler-dependency:main - name: Update Buildpack Dependency id: buildpack - run: |- + run: | #!/usr/bin/env bash set -euo pipefail @@ -79,9 +79,9 @@ jobs: LABEL="semver:patch" fi - echo "::set-output name=old-version::${OLD_VERSION}" - echo "::set-output name=new-version::${VERSION}" - echo "::set-output name=version-label::${LABEL}" + echo "old-version=${OLD_VERSION}" >> "$GITHUB_OUTPUT" + echo "new-version=${VERSION}" >> "$GITHUB_OUTPUT" + echo "version-label=${LABEL}" >> "$GITHUB_OUTPUT" env: CPE: ${{ steps.dependency.outputs.cpe }} CPE_PATTERN: "" @@ -105,4 +105,4 @@ jobs: labels: ${{ steps.buildpack.outputs.version-label }}, type:dependency-upgrade signoff: true title: Bump google-stackdriver-profiler-java from ${{ steps.buildpack.outputs.old-version }} to ${{ steps.buildpack.outputs.new-version }} - token: ${{ secrets.JAVA_GITHUB_TOKEN }} + token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} diff --git a/.github/workflows/pb-update-google-stackdriver-profiler-nodejs.yml b/.github/workflows/pb-update-google-stackdriver-profiler-nodejs.yml index 7059eec..e1a2f27 100644 --- a/.github/workflows/pb-update-google-stackdriver-profiler-nodejs.yml +++ b/.github/workflows/pb-update-google-stackdriver-profiler-nodejs.yml @@ -47,7 +47,7 @@ jobs: package: '@google-cloud/profiler' - name: Update Buildpack Dependency id: buildpack - run: |- + run: | #!/usr/bin/env bash set -euo pipefail @@ -81,9 +81,9 @@ jobs: LABEL="semver:patch" fi - echo "::set-output name=old-version::${OLD_VERSION}" - echo "::set-output name=new-version::${VERSION}" - echo "::set-output name=version-label::${LABEL}" + echo "old-version=${OLD_VERSION}" >> "$GITHUB_OUTPUT" + echo "new-version=${VERSION}" >> "$GITHUB_OUTPUT" + echo "version-label=${LABEL}" >> "$GITHUB_OUTPUT" env: CPE: ${{ steps.dependency.outputs.cpe }} CPE_PATTERN: "" @@ -107,4 +107,4 @@ jobs: labels: ${{ steps.buildpack.outputs.version-label }}, type:dependency-upgrade signoff: true title: Bump google-stackdriver-profiler-nodejs from ${{ steps.buildpack.outputs.old-version }} to ${{ steps.buildpack.outputs.new-version }} - token: ${{ secrets.JAVA_GITHUB_TOKEN }} + token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} diff --git a/.github/workflows/pb-update-pipeline.yml b/.github/workflows/pb-update-pipeline.yml index 598f5fc..710c660 100644 --- a/.github/workflows/pb-update-pipeline.yml +++ b/.github/workflows/pb-update-pipeline.yml @@ -57,12 +57,14 @@ jobs: git add .github/ git checkout -- . - echo "::set-output name=old-version::${OLD_VERSION}" - echo "::set-output name=new-version::${NEW_VERSION}" - echo "::set-output name=release-notes::${RELEASE_NOTES//$'\n'/%0A}" + echo "old-version=${OLD_VERSION}" >> "$GITHUB_OUTPUT" + echo "new-version=${NEW_VERSION}" >> "$GITHUB_OUTPUT" + + DELIMITER=$(openssl rand -hex 16) # roughly the same entropy as uuid v4 used in https://github.com/actions/toolkit/blob/b36e70495fbee083eb20f600eafa9091d832577d/packages/core/src/file-command.ts#L28 + printf "release-notes<<%s\n%s\n%s\n" "${DELIMITER}" "${RELEASE_NOTES}" "${DELIMITER}" >> "${GITHUB_OUTPUT}" # see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings env: DESCRIPTOR: .github/pipeline-descriptor.yml - GITHUB_TOKEN: ${{ secrets.JAVA_GITHUB_TOKEN }} + GITHUB_TOKEN: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} - uses: peter-evans/create-pull-request@v4 with: author: ${{ secrets.JAVA_GITHUB_USERNAME }} <${{ secrets.JAVA_GITHUB_USERNAME }}@users.noreply.github.com> @@ -82,4 +84,4 @@ jobs: labels: semver:patch, type:task signoff: true title: Bump pipeline from ${{ steps.pipeline.outputs.old-version }} to ${{ steps.pipeline.outputs.new-version }} - token: ${{ secrets.JAVA_GITHUB_TOKEN }} + token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }}