Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #21 from cpanato/update
Add release job and configurations and general housekeeping
- Loading branch information
Showing
16 changed files
with
470 additions
and
16 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
--- | ||
name: Bug Report | ||
about: Report a bug encountered while using zeitgeist | ||
labels: kind/bug, sig/release, area/release-eng | ||
|
||
--- | ||
|
||
<!-- Please use this template while reporting a bug and provide as much info as | ||
possible. Not doing so may result in your bug not being addressed in a timely | ||
manner. Thanks! | ||
If the matter is security related, please disclose it privately | ||
via https://kubernetes.io/security/ | ||
--> | ||
|
||
#### What happened: | ||
|
||
#### What you expected to happen: | ||
|
||
#### How to reproduce it (as minimally and precisely as possible): | ||
|
||
#### Anything else we need to know?: | ||
|
||
#### Environment: | ||
|
||
- Cloud provider or hardware configuration: | ||
- OS (e.g: `cat /etc/os-release`): | ||
- Kernel (e.g. `uname -a`): | ||
- Others: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
--- | ||
name: Feature Request | ||
about: Suggest a feature for zeitgeist | ||
labels: kind/feature, sig/release, area/release-eng | ||
|
||
--- | ||
<!-- Please only use this template for submitting feature requests --> | ||
|
||
#### What would you like to be added: | ||
|
||
#### Why is this needed: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,66 @@ | ||
<!-- Thanks for sending a pull request! Here are some tips for you: | ||
- If this is your first time, please read our contributor guidelines: | ||
https://git.k8s.io/community/contributors/guide#your-first-contribution and | ||
developer guide https://git.k8s.io/community/contributors/devel/development.md#development-guide | ||
- Please label this pull request according to what type of issue you are | ||
addressing, especially if this is a release targeted pull request. For | ||
reference on required PR/issue labels, read here: | ||
https://git.k8s.io/community/contributors/devel/sig-release/release.md#issuepr-kind-label | ||
- If you want *faster* PR reviews, read how: | ||
https://git.k8s.io/community/contributors/guide/pull-requests.md#best-practices-for-faster-reviews | ||
- If the PR is unfinished, see how to mark it: | ||
https://git.k8s.io/community/contributors/guide/pull-requests.md#marking-unfinished-pull-requests | ||
--> | ||
|
||
#### What type of PR is this? | ||
|
||
<!-- | ||
Add one of the following kinds: | ||
/kind bug | ||
/kind cleanup | ||
/kind documentation | ||
/kind feature | ||
/kind design | ||
Optionally add one or more of the following kinds if applicable: | ||
/kind api-change | ||
/kind deprecation | ||
/kind failing-test | ||
/kind flake | ||
/kind regression | ||
--> | ||
|
||
#### What this PR does / why we need it: | ||
|
||
#### Which issue(s) this PR fixes: | ||
|
||
<!-- | ||
*Automatically closes linked issue when PR is merged. | ||
Usage: `Fixes #<issue number>`, or `Fixes (paste link of issue)`. | ||
Fixes # | ||
or | ||
None | ||
--> | ||
|
||
#### Special notes for your reviewer: | ||
|
||
#### Does this PR introduce a user-facing change? | ||
|
||
<!-- | ||
If no, just write "NONE" in the release-note block below. | ||
If yes, a release note is required: | ||
Enter your extended release note in the block below. If the PR requires | ||
additional action from users switching to the new release, include the | ||
string "action required". | ||
For more information on release notes see: | ||
https://git.k8s.io/community/contributors/guide/release-notes.md | ||
--> | ||
|
||
```release-note | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
# Security Policy | ||
|
||
## Supported Versions | ||
|
||
Information about supported Kubernetes versions can be found on the | ||
[Kubernetes version and version skew support policy] page on the Kubernetes | ||
website. | ||
|
||
## Reporting a Vulnerability | ||
|
||
Instructions for reporting a vulnerability can be found on the | ||
[Kubernetes Security and Disclosure Information] page. | ||
|
||
[Kubernetes version and version skew support policy]: https://kubernetes.io/docs/setup/release/version-skew-policy/#supported-versions | ||
[Kubernetes Security and Disclosure Information]: https://kubernetes.io/docs/reference/issues-security/security/#report-a-vulnerability |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
--- | ||
version: 2 | ||
updates: | ||
- package-ecosystem: gomod | ||
directory: "/" | ||
schedule: | ||
interval: "weekly" | ||
open-pull-requests-limit: 10 | ||
groups: | ||
all: | ||
update-types: | ||
- "minor" | ||
- "patch" | ||
|
||
- package-ecosystem: "github-actions" | ||
directory: "/" | ||
schedule: | ||
interval: "weekly" | ||
open-pull-requests-limit: 10 | ||
groups: | ||
all: | ||
update-types: | ||
- "minor" | ||
- "patch" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,86 @@ | ||
name: Release | ||
|
||
on: | ||
push: | ||
tags: | ||
- 'v*' # Push events to matching v*, i.e. v1.0, v20.15.10 | ||
|
||
jobs: | ||
release: | ||
runs-on: ubuntu-latest | ||
|
||
permissions: | ||
id-token: write | ||
contents: write | ||
|
||
env: | ||
COSIGN_YES: "true" | ||
|
||
steps: | ||
- name: Check out code onto GOPATH | ||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | ||
with: | ||
fetch-depth: 1 | ||
|
||
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 | ||
with: | ||
go-version-file: './go.mod' | ||
check-latest: true | ||
|
||
- name: Install cosign | ||
uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 # v3.4.0 | ||
|
||
- name: Install bom | ||
uses: kubernetes-sigs/release-actions/setup-bom@10fecc1c66829d291b2f2fb1a27329d152f212e6 # v0.1.3 | ||
|
||
- name: Install GoReleaser | ||
uses: goreleaser/goreleaser-action@7ec5c2b0c6cdda6e8bbb49444bc797dd33d74dd8 # v5.0.0 | ||
with: | ||
install-only: true | ||
|
||
- name: Get TAG | ||
id: get_tag | ||
run: echo "TAG=${GITHUB_REF#refs/*/}" >> "$GITHUB_OUTPUT" | ||
|
||
- name: Run Mage | ||
uses: magefile/mage-action@6a5dcb5fe61f43d7c08a98bc3cf9bc63c308c08e # v3.0.0 | ||
with: | ||
version: latest | ||
args: buildBinaries | ||
env: | ||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
|
||
attestation: | ||
runs-on: ubuntu-latest | ||
|
||
permissions: | ||
id-token: write | ||
contents: write | ||
|
||
needs: | ||
- release | ||
|
||
steps: | ||
- name: Check out code onto GOPATH | ||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | ||
with: | ||
fetch-depth: 1 | ||
|
||
- name: Set tag output | ||
id: tag | ||
run: echo "tag_name=${GITHUB_REF#refs/*/}" >> "$GITHUB_OUTPUT" | ||
|
||
- name: Install tejolote | ||
uses: kubernetes-sigs/release-actions/setup-tejolote@10fecc1c66829d291b2f2fb1a27329d152f212e6 # v0.1.3 | ||
|
||
- run: | | ||
tejolote attest --artifacts github://kubernetes-sigs/tejolote/${{ steps.tag.outputs.tag_name }} github://kubernetes-sigs/tejolote/"${GITHUB_RUN_ID}" --output tejolote.intoto.json --sign | ||
- name: Release | ||
uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v0.1.15 | ||
with: | ||
files: tejolote.intoto.json | ||
tag_name: "${{ steps.tag.outputs.tag_name }}" | ||
token: ${{ secrets.GITHUB_TOKEN }} | ||
env: | ||
GITHUB_REPOSITORY: kubernetes-sigs/tejolote |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
name: Snapshot | ||
|
||
on: | ||
push: | ||
branches: | ||
- 'master' | ||
pull_request: | ||
|
||
jobs: | ||
snapshot: | ||
runs-on: ubuntu-latest | ||
|
||
steps: | ||
- name: Check out code onto GOPATH | ||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | ||
|
||
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 | ||
with: | ||
go-version-file: './go.mod' | ||
check-latest: true | ||
|
||
- name: Install bom | ||
uses: kubernetes-sigs/release-actions/setup-bom@10fecc1c66829d291b2f2fb1a27329d152f212e6 # v0.1.3 | ||
|
||
- name: Install GoReleaser | ||
uses: goreleaser/goreleaser-action@7ec5c2b0c6cdda6e8bbb49444bc797dd33d74dd8 # v5.0.0 | ||
with: | ||
install-only: true | ||
|
||
- name: check binary | ||
run: ./dist/mdtoc-amd64-linux -version |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,4 @@ | ||
./mdtoc | ||
coverage* | ||
dist/ | ||
output/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,82 @@ | ||
project_name: mdtoc | ||
|
||
env: | ||
- CGO_ENABLED=0 | ||
- COSIGN_YES=true | ||
|
||
before: | ||
hooks: | ||
- go mod tidy | ||
# - /bin/bash -c 'if [ -n "$(git --no-pager diff --exit-code go.mod go.sum)" ]; then exit 1; fi' | ||
|
||
gomod: | ||
proxy: true | ||
|
||
builds: | ||
- id: mdtoc | ||
dir: . | ||
no_unique_dist_dir: true | ||
binary: mdtoc-{{ .Arch }}-{{ .Os }} | ||
goos: | ||
- darwin | ||
- linux | ||
- windows | ||
goarch: | ||
- amd64 | ||
- arm64 | ||
- arm | ||
goarm: | ||
- '7' | ||
ignore: | ||
- goos: windows | ||
goarch: arm | ||
flags: | ||
- -trimpath | ||
ldflags: | ||
- "{{ .Env.LDFLAGS }}" | ||
|
||
archives: | ||
- format: binary | ||
name_template: "{{ .Binary }}" | ||
allow_different_binary_count: true | ||
|
||
signs: | ||
# Keyless | ||
- id: mdtoc-keyless | ||
signature: "${artifact}.sig" | ||
certificate: "${artifact}.pem" | ||
cmd: cosign | ||
args: ["sign-blob", "--output-signature", "${artifact}.sig", "--output-certificate", "${artifact}.pem", "${artifact}"] | ||
artifacts: all | ||
|
||
sboms: | ||
- id: mdtoc | ||
cmd: bom | ||
args: | ||
- generate | ||
- "--output" | ||
- "mdtoc-bom.json.spdx" | ||
- "-d" | ||
- "../" | ||
- "-c" | ||
- "../.mdtoc-bom-config.yaml" | ||
- "--format" | ||
- "json" | ||
artifacts: any | ||
documents: | ||
- "mdtoc-bom.json.spdx" | ||
|
||
checksum: | ||
name_template: 'checksums.txt' | ||
|
||
snapshot: | ||
name_template: "{{ .Tag }}-next" | ||
|
||
release: | ||
github: | ||
owner: kubernetes-sigs | ||
name: mdtoc | ||
prerelease: auto | ||
|
||
changelog: | ||
skip: true |
Oops, something went wrong.