-
Notifications
You must be signed in to change notification settings - Fork 5.4k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
e7e6f5b
commit 9fc06ff
Showing
730 changed files
with
8,321 additions
and
38,378 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -10,8 +10,7 @@ on: | |
permissions: {} | ||
|
||
env: | ||
# renovate: datasource=golang-version packageName=golang | ||
GOLANG_VERSION: '1.23.2' # Note: go-version must also be set in job argocd-image.with.go-version | ||
GOLANG_VERSION: '1.22' # Note: go-version must also be set in job argocd-image.with.go-version | ||
|
||
jobs: | ||
argocd-image: | ||
|
@@ -24,8 +23,7 @@ jobs: | |
with: | ||
quay_image_name: quay.io/argoproj/argocd:${{ github.ref_name }} | ||
# Note: cannot use env variables to set go-version (https://docs.github.com/en/actions/using-workflows/reusing-workflows#limitations) | ||
# renovate: datasource=golang-version packageName=golang | ||
go-version: 1.23.2 | ||
go-version: 1.22 | ||
platforms: linux/amd64,linux/arm64,linux/s390x,linux/ppc64le | ||
push: true | ||
secrets: | ||
|
@@ -69,16 +67,20 @@ jobs: | |
- name: Fetch all tags | ||
run: git fetch --force --tags | ||
|
||
- name: Set GORELEASER_PREVIOUS_TAG # Workaround, GoReleaser uses 'git-describe' to determine a previous tag. Our tags are created in realease branches. | ||
run: | | ||
set -xue | ||
if echo ${{ github.ref_name }} | grep -E -- '-rc1+$';then | ||
echo "GORELEASER_PREVIOUS_TAG=$(git -c 'versionsort.suffix=-rc' tag --list --sort=version:refname | tail -n 2 | head -n 1)" >> $GITHUB_ENV | ||
else | ||
echo "This is not the first release on the branch, Using GoReleaser defaults" | ||
fi | ||
- name: Setup Golang | ||
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 | ||
with: | ||
go-version: ${{ env.GOLANG_VERSION }} | ||
|
||
- name: Set GORELEASER_PREVIOUS_TAG # Workaround, GoReleaser uses 'git-describe' to determine a previous tag. Our tags are created in release branches. | ||
run: | | ||
set -xue | ||
echo "GORELEASER_PREVIOUS_TAG=$(go run hack/get-previous-release/get-previous-version-for-release-notes.go ${{ github.ref_name }})" >> $GITHUB_ENV | ||
- name: Set environment variables for ldflags | ||
id: set_ldflag | ||
run: | | ||
|
@@ -101,7 +103,7 @@ jobs: | |
args: release --clean --timeout 55m | ||
env: | ||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
KUBECTL_VERSION: ${{ env.KUBECTL_VERSION }} | ||
KUBECTL_VERSION: ${{ env.KUBECTL_VERSION }} | ||
GIT_TREE_STATE: ${{ env.GIT_TREE_STATE }} | ||
|
||
- name: Generate subject for provenance | ||
|
@@ -184,7 +186,7 @@ jobs: | |
fi | ||
cd /tmp && tar -zcf sbom.tar.gz *.spdx | ||
- name: Generate SBOM hash | ||
shell: bash | ||
id: sbom-hash | ||
|
@@ -193,29 +195,29 @@ jobs: | |
# base64 -w0 encodes to base64 and outputs on a single line. | ||
# sha256sum /tmp/sbom.tar.gz ... | base64 -w0 | ||
echo "hashes=$(sha256sum /tmp/sbom.tar.gz | base64 -w0)" >> "$GITHUB_OUTPUT" | ||
- name: Upload SBOM | ||
uses: softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191 # v2.0.8 | ||
env: | ||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
with: | ||
files: | | ||
/tmp/sbom.tar.gz | ||
sbom-provenance: | ||
needs: [generate-sbom] | ||
permissions: | ||
actions: read # for detecting the Github Actions environment | ||
id-token: write # Needed for provenance signing and ID | ||
contents: write # Needed for release uploads | ||
if: github.repository == 'argoproj/argo-cd' | ||
# Must be referenced by a tag. https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/container/README.md#referencing-the-slsa-generator | ||
# Must be refernced by a tag. https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/container/README.md#referencing-the-slsa-generator | ||
uses: slsa-framework/slsa-github-generator/.github/workflows/[email protected] | ||
with: | ||
base64-subjects: "${{ needs.generate-sbom.outputs.hashes }}" | ||
provenance-name: "argocd-sbom.intoto.jsonl" | ||
upload-assets: true | ||
|
||
post-release: | ||
needs: | ||
- argocd-image | ||
|
@@ -293,7 +295,7 @@ jobs: | |
if: ${{ env.UPDATE_VERSION == 'true' }} | ||
|
||
- name: Create PR to update VERSION on master branch | ||
uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5 | ||
uses: peter-evans/create-pull-request@d121e62763d8cc35b5fb1710e887d6e69a52d3a4 # v7.0.2 | ||
with: | ||
commit-message: Bump version in master | ||
title: "chore: Bump version in master" | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -8,4 +8,4 @@ python: | |
build: | ||
os: "ubuntu-22.04" | ||
tools: | ||
python: "3.12" | ||
python: "3.7" |
Oops, something went wrong.