From 12dcf4a513baafc81ac657bd02f7ce8296fb9555 Mon Sep 17 00:00:00 2001 From: Hidde Beydals Date: Tue, 7 Mar 2023 18:42:20 +0100 Subject: [PATCH 1/3] build: update release workflow - docker/build-push-action to v4 - sigstore/cosign-installer to v3 - goreleaser/goreleaser-action to v4 Signed-off-by: Hidde Beydals --- .github/workflows/release.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index adaab1f78..e72820834 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -60,7 +60,7 @@ jobs: tags: | type=raw,value=${{ steps.prep.outputs.VERSION }} - name: Publish images - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v4 with: sbom: true provenance: true @@ -77,13 +77,13 @@ jobs: docker buildx imagetools inspect ghcr.io/fluxcd/${{ env.CONTROLLER }}:${{ steps.prep.outputs.VERSION }} docker pull docker.io/fluxcd/${{ env.CONTROLLER }}:${{ steps.prep.outputs.VERSION }} docker pull ghcr.io/fluxcd/${{ env.CONTROLLER }}:${{ steps.prep.outputs.VERSION }} - - uses: sigstore/cosign-installer@main + - uses: sigstore/cosign-installer@v3 - name: Sign images env: COSIGN_EXPERIMENTAL: 1 run: | - cosign sign fluxcd/${{ env.CONTROLLER }}:${{ steps.prep.outputs.VERSION }} - cosign sign ghcr.io/fluxcd/${{ env.CONTROLLER }}:${{ steps.prep.outputs.VERSION }} + cosign sign --yes fluxcd/${{ env.CONTROLLER }}:${{ steps.prep.outputs.VERSION }} + cosign sign --yes ghcr.io/fluxcd/${{ env.CONTROLLER }}:${{ steps.prep.outputs.VERSION }} - name: Generate release artifacts if: startsWith(github.ref, 'refs/tags/v') run: | @@ -94,7 +94,7 @@ jobs: - uses: anchore/sbom-action/download-syft@v0 - name: Create release and SBOM if: startsWith(github.ref, 'refs/tags/v') - uses: goreleaser/goreleaser-action@v3 + uses: goreleaser/goreleaser-action@v4 with: version: latest args: release --release-notes=config/release/notes.md --rm-dist --skip-validate From 75fbb909c9acddbf45912924608e6336035e3e77 Mon Sep 17 00:00:00 2001 From: Hidde Beydals Date: Tue, 7 Mar 2023 18:42:57 +0100 Subject: [PATCH 2/3] build: update nightly workflow - docker/build-push-action to v4 - Drop `platforms` from `docker/setup-qemu-action` step, as this is the default. Signed-off-by: Hidde Beydals --- .github/workflows/nightly.yaml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/nightly.yaml b/.github/workflows/nightly.yaml index 1ed01c087..37824e6d8 100644 --- a/.github/workflows/nightly.yaml +++ b/.github/workflows/nightly.yaml @@ -17,15 +17,13 @@ jobs: - uses: actions/checkout@v3 - name: Setup QEMU uses: docker/setup-qemu-action@v2 - with: - platforms: all - name: Setup Docker Buildx id: buildx uses: docker/setup-buildx-action@v2 with: buildkitd-flags: "--debug" - name: Build multi-arch container image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v4 with: push: false builder: ${{ steps.buildx.outputs.name }} From 2a75c332059e00384567c28ab0e72b1612602411 Mon Sep 17 00:00:00 2001 From: Hidde Beydals Date: Tue, 7 Mar 2023 18:45:59 +0100 Subject: [PATCH 3/3] build: update scan workflow - fossa-contrib/fossa-action to v2 Signed-off-by: Hidde Beydals --- .github/workflows/scan.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scan.yaml b/.github/workflows/scan.yaml index a1aeba26a..d78894e91 100644 --- a/.github/workflows/scan.yaml +++ b/.github/workflows/scan.yaml @@ -18,7 +18,7 @@ jobs: steps: - uses: actions/checkout@v3 - name: Run FOSSA scan and upload build data - uses: fossa-contrib/fossa-action@v1 + uses: fossa-contrib/fossa-action@v2 with: # FOSSA Push-Only API Token fossa-api-key: 5ee8bf422db1471e0bcf2bcb289185de