Merge pull request #1 from initializ-buildpacks/automation/github-con…

…fig/update Updates github-config
initializ-buildpacks · May 14, 2024 · 4685dfd · 4685dfd
2 parents 5709008 + a3a2532
commit 4685dfd
Show file tree

Hide file tree

Showing 11 changed files with 87 additions and 84 deletions.
diff --git a/.github/workflows/approve-bot-pr.yml b/.github/workflows/approve-bot-pr.yml
@@ -16,13 +16,13 @@ jobs:
       pr-number: ${{ steps.pr-data.outputs.number }}
     steps:
     - name: 'Download artifact'
-      uses: paketo-buildpacks/github-config/actions/pull-request/download-artifact@main
+      uses: initializ-buildpacks/github-config/actions/pull-request/download-artifact@main
       with:
         name: "event-payload"
         repo: ${{ github.repository }}
         run_id: ${{ github.event.workflow_run.id }}
         workspace: "/github/workspace"
-        token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }}
+        token: ${{ secrets.PAT }}
     - id: pr-data
       run: |
         echo "author=$(cat event.json | jq -r '.pull_request.user.login')" >> "$GITHUB_OUTPUT"
@@ -31,22 +31,22 @@ jobs:
   approve:
     name: Approve Bot PRs
     needs: download
-    if: ${{ needs.download.outputs.pr-author == 'paketo-bot' || needs.download.outputs.pr-author == 'dependabot[bot]' }}
+    if: ${{ needs.download.outputs.pr-author == 'initializ-bot' || needs.download.outputs.pr-author == 'dependabot[bot]' }}
     runs-on: ubuntu-22.04
     steps:
     - name: Check Commit Verification
       id: unverified-commits
-      uses: paketo-buildpacks/github-config/actions/pull-request/check-unverified-commits@main
+      uses: initializ-buildpacks/github-config/actions/pull-request/check-unverified-commits@main
       with:
-        token: ${{ secrets.PAKETO_BOT_REVIEWER_GITHUB_TOKEN }}
+        token: ${{ secrets.PAT }}
         repo: ${{ github.repository }}
         number: ${{ needs.download.outputs.pr-number }}
 
     - name: Check for Human Commits
       id: human-commits
-      uses: paketo-buildpacks/github-config/actions/pull-request/check-human-commits@main
+      uses: initializ-buildpacks/github-config/actions/pull-request/check-human-commits@main
       with:
-        token: ${{ secrets.PAKETO_BOT_REVIEWER_GITHUB_TOKEN }}
+        token: ${{ secrets.PAT }}
         repo: ${{ github.repository }}
         number: ${{ needs.download.outputs.pr-number }}
 
@@ -56,14 +56,14 @@ jobs:
 
     - name: Approve
       if: steps.human-commits.outputs.human_commits == 'false' && steps.unverified-commits.outputs.unverified_commits == 'false'
-      uses: paketo-buildpacks/github-config/actions/pull-request/approve@main
+      uses: initializ-buildpacks/github-config/actions/pull-request/approve@main
       with:
-        token: ${{ secrets.PAKETO_BOT_REVIEWER_GITHUB_TOKEN }}
+        token: ${{ secrets.PAT }}
         number: ${{ needs.download.outputs.pr-number }}
 
     - name: Enable Auto-Merge
       if: steps.human-commits.outputs.human_commits == 'false' && steps.unverified-commits.outputs.unverified_commits == 'false'
       run: |
         gh pr merge ${{ needs.download.outputs.pr-number }} --auto --rebase
       env:
-        GITHUB_TOKEN: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }}
+        GITHUB_TOKEN: ${{ secrets.PAT }}
diff --git a/.github/workflows/create-draft-release.yml b/.github/workflows/create-draft-release.yml
@@ -72,14 +72,14 @@ jobs:
         fetch-tags: true
     - name: Reset Draft Release
       id: reset
-      uses: paketo-buildpacks/github-config/actions/release/reset-draft@main
+      uses: initializ-buildpacks/github-config/actions/release/reset-draft@main
       with:
         repo: ${{ github.repository }}
         token: ${{ github.token }}
     - name: Calculate Semver Tag
       if: github.event.inputs.version == ''
       id: semver
-      uses: paketo-buildpacks/github-config/actions/tag/calculate-semver@main
+      uses: initializ-buildpacks/github-config/actions/tag/calculate-semver@main
       with:
         repo: ${{ github.repository }}
         token: ${{ github.token }}
@@ -96,15 +96,15 @@ jobs:
       run: ./scripts/package.sh --version "${{ steps.tag.outputs.tag }}"
     - name: Create Release Notes
       id: create-release-notes
-      uses: paketo-buildpacks/github-config/actions/release/notes@main
+      uses: initializ-buildpacks/github-config/actions/release/notes@main
       with:
         repo: ${{ github.repository }}
-        token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }}
+        token: ${{ secrets.PAT }}
     - name: Create Release
-      uses: paketo-buildpacks/github-config/actions/release/create@main
+      uses: initializ-buildpacks/github-config/actions/release/create@main
       with:
         repo: ${{ github.repository }}
-        token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }}
+        token: ${{ secrets.PAT }}
         tag_name: v${{ steps.tag.outputs.tag }}
         target_commitish: ${{ github.sha }}
         name: v${{ steps.tag.outputs.tag }}
@@ -131,7 +131,7 @@ jobs:
     if: ${{ always() && needs.unit.result == 'failure' || needs.integration.result == 'failure' || needs.release.result == 'failure' }}
     steps:
     - name: File Failure Alert Issue
-      uses: paketo-buildpacks/github-config/actions/issue/file@main
+      uses: initializ-buildpacks/github-config/actions/issue/file@main
       with:
         token: ${{ secrets.GITHUB_TOKEN }}
         repo: ${{ github.repository }}

diff --git a/.github/workflows/label-pr.yml b/.github/workflows/label-pr.yml
@@ -28,6 +28,6 @@ jobs:
 
     - name: Auto-label Semver
       if: ${{ failure() }}
-      uses: paketo-buildpacks/github-config/actions/pull-request/auto-semver-label@main
+      uses: initializ-buildpacks/github-config/actions/pull-request/auto-semver-label@main
       env:
-        GITHUB_TOKEN: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }}
+        GITHUB_TOKEN: ${{ secrets.PAT }}
diff --git a/.github/workflows/lint-yaml.yml b/.github/workflows/lint-yaml.yml
@@ -15,7 +15,7 @@ jobs:
     - name: Checkout github-config
       uses: actions/checkout@v3
       with:
-        repository: paketo-buildpacks/github-config
+        repository: initializ-buildpacks/github-config
         path: github-config
 
     - name: Set up Python

diff --git a/.github/workflows/push-buildpackage.yml b/.github/workflows/push-buildpackage.yml
@@ -5,6 +5,10 @@ on:
     types:
     - published
 
+permissions:
+  id-token: write 
+  contents: read
+
 jobs:
   push:
     name: Push
@@ -24,11 +28,11 @@ jobs:
 
     - name: Download
       id: download
-      uses: paketo-buildpacks/github-config/actions/release/download-asset@main
+      uses: initializ-buildpacks/github-config/actions/release/download-asset@main
       with:
         url: ${{ steps.event.outputs.download_url }}
         output: "/github/workspace/buildpackage.cnb"
-        token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }}
+        token: ${{ secrets.PAT }}
 
     - name: Validate version
       run: |
@@ -39,24 +43,15 @@ jobs:
           exit 1
         fi
 
-    - name: Push to GCR
-      env:
-        GCR_PUSH_BOT_JSON_KEY: ${{ secrets.GCR_PUSH_BOT_JSON_KEY }}
-      run: |
-        echo "${GCR_PUSH_BOT_JSON_KEY}" | sudo skopeo login --username _json_key --password-stdin gcr.io
-        sudo skopeo copy "oci-archive:${GITHUB_WORKSPACE}/buildpackage.cnb" "docker://gcr.io/${{ github.repository }}:${{ steps.event.outputs.tag_full }}"
-        sudo skopeo copy "oci-archive:${GITHUB_WORKSPACE}/buildpackage.cnb" "docker://gcr.io/${{ github.repository }}:${{ steps.event.outputs.tag_minor }}"
-        sudo skopeo copy "oci-archive:${GITHUB_WORKSPACE}/buildpackage.cnb" "docker://gcr.io/${{ github.repository }}:${{ steps.event.outputs.tag_major }}"
-        sudo skopeo copy "oci-archive:${GITHUB_WORKSPACE}/buildpackage.cnb" "docker://gcr.io/${{ github.repository }}:latest"
 
     - name: Push to DockerHub
       id: push
       env:
-        DOCKERHUB_USERNAME: ${{ secrets.PAKETO_BUILDPACKS_DOCKERHUB_USERNAME }}
-        DOCKERHUB_PASSWORD: ${{ secrets.PAKETO_BUILDPACKS_DOCKERHUB_PASSWORD }}
+        DOCKERHUB_USERNAME: ${{ secrets.INITIALIZ_BUILDPACKS_DOCKERHUB_USERNAME }}
+        DOCKERHUB_PASSWORD: ${{ secrets.INITIALIZ_BUILDPACKS_DOCKERHUB_PASSWORD }}
         GITHUB_REPOSITORY_OWNER: ${{ github.repository_owner }}
       run: |
-        REPOSITORY="${GITHUB_REPOSITORY_OWNER/-/}/${GITHUB_REPOSITORY#${GITHUB_REPOSITORY_OWNER}/}" # translates 'paketo-buildpacks/bundle-install' to 'paketobuildpacks/bundle-install'
+        REPOSITORY="${GITHUB_REPOSITORY_OWNER/-/}/${GITHUB_REPOSITORY#${GITHUB_REPOSITORY_OWNER}/}" # translates 'initializ-buildpacks/bundle-install' to 'initializbuildpacks/bundle-install'
         IMAGE="index.docker.io/${REPOSITORY}"
         echo "${DOCKERHUB_PASSWORD}" | sudo skopeo login --username "${DOCKERHUB_USERNAME}" --password-stdin index.docker.io
         sudo skopeo copy "oci-archive:${GITHUB_WORKSPACE}/buildpackage.cnb" "docker://${IMAGE}:${{ steps.event.outputs.tag_full }}"
@@ -72,7 +67,7 @@ jobs:
         id: ${{ github.repository }}
         version: ${{ steps.event.outputs.tag_full }}
         address: ${{ steps.push.outputs.image }}@${{ steps.push.outputs.digest }}
-        token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }}
+        token: ${{ secrets.PAT }}
 
   failure:
     name: Alert on Failure
@@ -81,7 +76,7 @@ jobs:
     if: ${{ always() && needs.push.result == 'failure' }}
     steps:
     - name: File Failure Alert Issue
-      uses: paketo-buildpacks/github-config/actions/issue/file@main
+      uses: initializ-buildpacks/github-config/actions/issue/file@main
       with:
         token: ${{ secrets.GITHUB_TOKEN }}
         repo: ${{ github.repository }}

diff --git a/.github/workflows/update-dependencies-from-metadata.yml b/.github/workflows/update-dependencies-from-metadata.yml
@@ -221,21 +221,6 @@ jobs:
           echo "artifact-file=$(basename ./*.tgz)" >> "$GITHUB_OUTPUT"
           echo "checksum-file=$(basename ./*.tgz.checksum)" >> "$GITHUB_OUTPUT"
 
-      - name: Configure AWS Credentials
-        uses: aws-actions/configure-aws-credentials@v2
-        with:
-          aws-access-key-id: ${{ secrets.AWS_S3_DEPENDENCIES_ACCESS_KEY_ID }}
-          aws-secret-access-key: ${{ secrets.AWS_S3_DEPENDENCIES_SECRET_ACCESS_KEY }}
-          aws-region: us-east-1
-
-      - name: Upload to S3
-        id: upload
-        uses: paketo-buildpacks/github-config/actions/dependency/upload-to-s3@main
-        with:
-          bucket-name: "paketo-buildpacks"
-          dependency-name: ${{ needs.retrieve.outputs.id }}
-          artifact-path: ${{ steps.get-file-names.outputs.artifact-file }}
-
       - name: Get Checksum
         id: get-checksum
         run: echo "checksum=$(cat ${{ steps.get-file-names.outputs.checksum-file }})" >> "$GITHUB_OUTPUT"
@@ -247,7 +232,7 @@ jobs:
 
       - name: Update `checksum` and `uri` in metadata for ${{ matrix.includes.target }} ${{ matrix.includes.version }}
         if: ${{ matrix.includes.checksum == '' && matrix.includes.uri == '' }}
-        uses: paketo-buildpacks/github-config/actions/dependency/update-metadata-json@main
+        uses: initializ-buildpacks/github-config/actions/dependency/update-metadata-json@main
         with:
           version: ${{ matrix.includes.version }}
           target: ${{ matrix.includes.target }}
@@ -280,9 +265,9 @@ jobs:
         uses: actions/checkout@v3
 
       - name: Checkout Branch
-        uses: paketo-buildpacks/github-config/actions/pull-request/checkout-branch@main
+        uses: initializ-buildpacks/github-config/actions/pull-request/checkout-branch@main
         with:
-          branch: automation/dependencies/update-from-metadata
+          branch: automations/dependencies/update-from-metadata
 
       - name: Make Temporary Artifact Directory
         id: make-outputdir
@@ -297,7 +282,7 @@ jobs:
 
       - name: Update dependencies from metadata.json
         id: update
-        uses: paketo-buildpacks/github-config/actions/dependency/update-from-metadata@main
+        uses: initializ-buildpacks/github-config/actions/dependency/update-from-metadata@main
         with:
           buildpack_toml_path: "${{ github.workspace }}/buildpack.toml"
           metadata_file_path: "${{ steps.make-outputdir.outputs.outputdir }}/metadata.json"
@@ -308,26 +293,26 @@ jobs:
 
       - name: Commit
         id: commit
-        uses: paketo-buildpacks/github-config/actions/pull-request/create-commit@main
+        uses: initializ-buildpacks/github-config/actions/pull-request/create-commit@main
         with:
           message: "Updating buildpack.toml with new versions ${{ steps.update.outputs.new-versions }}"
           pathspec: "."
-          keyid: ${{ secrets.PAKETO_BOT_GPG_SIGNING_KEY_ID }}
-          key: ${{ secrets.PAKETO_BOT_GPG_SIGNING_KEY }}
+          keyid: ${{ secrets.INITIALIZ_BOT_GPG_SIGNING_KEY_ID }}
+          key: ${{ secrets.INITIALIZ_BOT_GPG_SIGNING_KEY }}
 
-      - name: Push Branch 'automation/dependencies/update-from-metadata'
+      - name: Push Branch 'automations/dependencies/update-from-metadata'
         if: ${{ steps.commit.outputs.commit_sha != '' }}
-        uses: paketo-buildpacks/github-config/actions/pull-request/push-branch@main
+        uses: initializ-buildpacks/github-config/actions/pull-request/push-branch@main
         with:
-          branch: automation/dependencies/update-from-metadata
+          branch: automations/dependencies/update-from-metadata
 
       - name: Open Pull Request
         if: ${{ steps.commit.outputs.commit_sha != '' }}
-        uses: paketo-buildpacks/github-config/actions/pull-request/open@main
+        uses: initializ-buildpacks/github-config/actions/pull-request/open@main
         with:
-          token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }}
+          token: ${{ secrets.PAT }}
           title: "Updates buildpack.toml with ${{ steps.update.outputs.new-versions }}"
-          branch: automation/buildpack.toml/update-from-metadata
+          branch: automations/buildpack.toml/update-from-metadata
 
   failure:
     name: Alert on Failure
@@ -336,7 +321,7 @@ jobs:
     if: ${{ always() && needs.retrieve.result == 'failure' || needs.get-compile-and-test.result == 'failure' || needs.test.result == 'failure' || needs.compile.result == 'failure' || needs.update-metadata.result == 'failure' || needs.assemble.result == 'failure' }}
     steps:
       - name: File Failure Alert Issue
-        uses: paketo-buildpacks/github-config/actions/issue/file@main
+        uses: initializ-buildpacks/github-config/actions/issue/file@main
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
           repo: ${{ github.repository }}

diff --git a/.github/workflows/update-github-config.yml b/.github/workflows/update-github-config.yml
@@ -27,7 +27,7 @@ jobs:
     - name: Checkout Branch
       uses: initializ-buildpacks/github-config/actions/pull-request/checkout-branch@main
       with:
-        branch: automation/github-config/update
+        branch: automations/github-config/update
 
     - name: Run the sync action
       uses: initializ-buildpacks/github-config/actions/sync@main
@@ -51,15 +51,15 @@ jobs:
       if: ${{ steps.commit.outputs.commit_sha != '' }}
       uses: initializ-buildpacks/github-config/actions/pull-request/push-branch@main
       with:
-        branch: automation/github-config/update
+        branch: automations/github-config/update
 
     - name: Open Pull Request
       if: ${{ steps.commit.outputs.commit_sha != '' }}
       uses: initializ-buildpacks/github-config/actions/pull-request/open@main
       with:
         token: ${{ secrets.PAT }}
         title: "Updates github-config"
-        branch: automation/github-config/update
+        branch: automations/github-config/update
 
   failure:
     name: Alert on Failure

diff --git a/scripts/.util/builders.sh b/scripts/.util/builders.sh
@@ -19,7 +19,7 @@ function util::builders::list() {
 
   if [[ -z "${builders}" ]]; then
     util::print::info "No builders specified. Falling back to default builder..."
-    builders="$(jq --compact-output --null-input '["index.docker.io/paketobuildpacks/builder-jammy-buildpackless-base:latest"]')"
+    builders="$(jq --compact-output --null-input '["index.docker.io/initializbuildpacks/securepacks-initzbuilder:latest"]')"
   fi
 
   echo "${builders}"

diff --git a/scripts/.util/tools.json b/scripts/.util/tools.json
@@ -1,5 +1,5 @@
 {
-  "createpackage": "v1.68.1",
-  "jam": "v2.7.0",
-  "pack": "v0.32.1"
-}
+  "createpackage": "v1.69.1",
+  "jam": "v2.7.2",
+  "pack": "v0.33.2"
+}
diff --git a/scripts/.util/tools.sh b/scripts/.util/tools.sh
@@ -135,6 +135,13 @@ function util::tools::pack::install() {
 
     version="$(jq -r .pack "$(dirname "${BASH_SOURCE[0]}")/tools.json")"
 
+    local pack_config_enable_experimental
+    if [ -f "$(dirname "${BASH_SOURCE[0]}")/../options.json" ]; then
+      pack_config_enable_experimental="$(jq -r .pack_config_enable_experimental "$(dirname "${BASH_SOURCE[0]}")/../options.json")"
+    else
+      pack_config_enable_experimental="false"
+    fi
+
     tmp_location="/tmp/pack.tgz"
     curl_args=(
       "--fail"
@@ -158,6 +165,10 @@ function util::tools::pack::install() {
     tar xzf "${tmp_location}" -C "${dir}"
     chmod +x "${dir}/pack"
 
+    if [[ "${pack_config_enable_experimental}" == "true" ]]; then
+      "${dir}"/pack config experimental true
+    fi
+
     rm "${tmp_location}"
   else
     util::print::info "Using pack $("${dir}"/pack version)"
@@ -224,4 +235,4 @@ function util::tools::tests::checkfocus() {
     util::print::success "** GO Test Succeeded **" 197
   fi
   rm "${testout}"
-}
+}