diff --git a/.github/workflows/approve-bot-pr.yml b/.github/workflows/approve-bot-pr.yml index c798e647..f8a757e8 100644 --- a/.github/workflows/approve-bot-pr.yml +++ b/.github/workflows/approve-bot-pr.yml @@ -16,13 +16,13 @@ jobs: pr-number: ${{ steps.pr-data.outputs.number }} steps: - name: 'Download artifact' - uses: paketo-buildpacks/github-config/actions/pull-request/download-artifact@main + uses: initializ-buildpacks/github-config/actions/pull-request/download-artifact@main with: name: "event-payload" repo: ${{ github.repository }} run_id: ${{ github.event.workflow_run.id }} workspace: "/github/workspace" - token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} + token: ${{ secrets.PAT }} - id: pr-data run: | echo "author=$(cat event.json | jq -r '.pull_request.user.login')" >> "$GITHUB_OUTPUT" @@ -31,22 +31,22 @@ jobs: approve: name: Approve Bot PRs needs: download - if: ${{ needs.download.outputs.pr-author == 'paketo-bot' || needs.download.outputs.pr-author == 'dependabot[bot]' }} + if: ${{ needs.download.outputs.pr-author == 'initializ-bot' || needs.download.outputs.pr-author == 'dependabot[bot]' }} runs-on: ubuntu-22.04 steps: - name: Check Commit Verification id: unverified-commits - uses: paketo-buildpacks/github-config/actions/pull-request/check-unverified-commits@main + uses: initializ-buildpacks/github-config/actions/pull-request/check-unverified-commits@main with: - token: ${{ secrets.PAKETO_BOT_REVIEWER_GITHUB_TOKEN }} + token: ${{ secrets.PAT }} repo: ${{ github.repository }} number: ${{ needs.download.outputs.pr-number }} - name: Check for Human Commits id: human-commits - uses: paketo-buildpacks/github-config/actions/pull-request/check-human-commits@main + uses: initializ-buildpacks/github-config/actions/pull-request/check-human-commits@main with: - token: ${{ secrets.PAKETO_BOT_REVIEWER_GITHUB_TOKEN }} + token: ${{ secrets.PAT }} repo: ${{ github.repository }} number: ${{ needs.download.outputs.pr-number }} @@ -56,9 +56,9 @@ jobs: - name: Approve if: steps.human-commits.outputs.human_commits == 'false' && steps.unverified-commits.outputs.unverified_commits == 'false' - uses: paketo-buildpacks/github-config/actions/pull-request/approve@main + uses: initializ-buildpacks/github-config/actions/pull-request/approve@main with: - token: ${{ secrets.PAKETO_BOT_REVIEWER_GITHUB_TOKEN }} + token: ${{ secrets.PAT }} number: ${{ needs.download.outputs.pr-number }} - name: Enable Auto-Merge @@ -66,4 +66,4 @@ jobs: run: | gh pr merge ${{ needs.download.outputs.pr-number }} --auto --rebase env: - GITHUB_TOKEN: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} + GITHUB_TOKEN: ${{ secrets.PAT }} diff --git a/.github/workflows/create-draft-release.yml b/.github/workflows/create-draft-release.yml index 8474cabe..b5a60094 100644 --- a/.github/workflows/create-draft-release.yml +++ b/.github/workflows/create-draft-release.yml @@ -72,14 +72,14 @@ jobs: fetch-tags: true - name: Reset Draft Release id: reset - uses: paketo-buildpacks/github-config/actions/release/reset-draft@main + uses: initializ-buildpacks/github-config/actions/release/reset-draft@main with: repo: ${{ github.repository }} token: ${{ github.token }} - name: Calculate Semver Tag if: github.event.inputs.version == '' id: semver - uses: paketo-buildpacks/github-config/actions/tag/calculate-semver@main + uses: initializ-buildpacks/github-config/actions/tag/calculate-semver@main with: repo: ${{ github.repository }} token: ${{ github.token }} @@ -96,15 +96,15 @@ jobs: run: ./scripts/package.sh --version "${{ steps.tag.outputs.tag }}" - name: Create Release Notes id: create-release-notes - uses: paketo-buildpacks/github-config/actions/release/notes@main + uses: initializ-buildpacks/github-config/actions/release/notes@main with: repo: ${{ github.repository }} - token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} + token: ${{ secrets.PAT }} - name: Create Release - uses: paketo-buildpacks/github-config/actions/release/create@main + uses: initializ-buildpacks/github-config/actions/release/create@main with: repo: ${{ github.repository }} - token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} + token: ${{ secrets.PAT }} tag_name: v${{ steps.tag.outputs.tag }} target_commitish: ${{ github.sha }} name: v${{ steps.tag.outputs.tag }} @@ -131,7 +131,7 @@ jobs: if: ${{ always() && needs.unit.result == 'failure' || needs.integration.result == 'failure' || needs.release.result == 'failure' }} steps: - name: File Failure Alert Issue - uses: paketo-buildpacks/github-config/actions/issue/file@main + uses: initializ-buildpacks/github-config/actions/issue/file@main with: token: ${{ secrets.GITHUB_TOKEN }} repo: ${{ github.repository }} diff --git a/.github/workflows/label-pr.yml b/.github/workflows/label-pr.yml index b09cdf09..6c67f05c 100644 --- a/.github/workflows/label-pr.yml +++ b/.github/workflows/label-pr.yml @@ -28,6 +28,6 @@ jobs: - name: Auto-label Semver if: ${{ failure() }} - uses: paketo-buildpacks/github-config/actions/pull-request/auto-semver-label@main + uses: initializ-buildpacks/github-config/actions/pull-request/auto-semver-label@main env: - GITHUB_TOKEN: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} + GITHUB_TOKEN: ${{ secrets.PAT }} diff --git a/.github/workflows/lint-yaml.yml b/.github/workflows/lint-yaml.yml index e6f4a8b1..21e9575a 100644 --- a/.github/workflows/lint-yaml.yml +++ b/.github/workflows/lint-yaml.yml @@ -15,7 +15,7 @@ jobs: - name: Checkout github-config uses: actions/checkout@v3 with: - repository: paketo-buildpacks/github-config + repository: initializ-buildpacks/github-config path: github-config - name: Set up Python diff --git a/.github/workflows/push-buildpackage.yml b/.github/workflows/push-buildpackage.yml index f96478ec..cc848783 100644 --- a/.github/workflows/push-buildpackage.yml +++ b/.github/workflows/push-buildpackage.yml @@ -5,6 +5,10 @@ on: types: - published +permissions: + id-token: write + contents: read + jobs: push: name: Push @@ -24,11 +28,11 @@ jobs: - name: Download id: download - uses: paketo-buildpacks/github-config/actions/release/download-asset@main + uses: initializ-buildpacks/github-config/actions/release/download-asset@main with: url: ${{ steps.event.outputs.download_url }} output: "/github/workspace/buildpackage.cnb" - token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} + token: ${{ secrets.PAT }} - name: Validate version run: | @@ -39,24 +43,15 @@ jobs: exit 1 fi - - name: Push to GCR - env: - GCR_PUSH_BOT_JSON_KEY: ${{ secrets.GCR_PUSH_BOT_JSON_KEY }} - run: | - echo "${GCR_PUSH_BOT_JSON_KEY}" | sudo skopeo login --username _json_key --password-stdin gcr.io - sudo skopeo copy "oci-archive:${GITHUB_WORKSPACE}/buildpackage.cnb" "docker://gcr.io/${{ github.repository }}:${{ steps.event.outputs.tag_full }}" - sudo skopeo copy "oci-archive:${GITHUB_WORKSPACE}/buildpackage.cnb" "docker://gcr.io/${{ github.repository }}:${{ steps.event.outputs.tag_minor }}" - sudo skopeo copy "oci-archive:${GITHUB_WORKSPACE}/buildpackage.cnb" "docker://gcr.io/${{ github.repository }}:${{ steps.event.outputs.tag_major }}" - sudo skopeo copy "oci-archive:${GITHUB_WORKSPACE}/buildpackage.cnb" "docker://gcr.io/${{ github.repository }}:latest" - name: Push to DockerHub id: push env: - DOCKERHUB_USERNAME: ${{ secrets.PAKETO_BUILDPACKS_DOCKERHUB_USERNAME }} - DOCKERHUB_PASSWORD: ${{ secrets.PAKETO_BUILDPACKS_DOCKERHUB_PASSWORD }} + DOCKERHUB_USERNAME: ${{ secrets.INITIALIZ_BUILDPACKS_DOCKERHUB_USERNAME }} + DOCKERHUB_PASSWORD: ${{ secrets.INITIALIZ_BUILDPACKS_DOCKERHUB_PASSWORD }} GITHUB_REPOSITORY_OWNER: ${{ github.repository_owner }} run: | - REPOSITORY="${GITHUB_REPOSITORY_OWNER/-/}/${GITHUB_REPOSITORY#${GITHUB_REPOSITORY_OWNER}/}" # translates 'paketo-buildpacks/bundle-install' to 'paketobuildpacks/bundle-install' + REPOSITORY="${GITHUB_REPOSITORY_OWNER/-/}/${GITHUB_REPOSITORY#${GITHUB_REPOSITORY_OWNER}/}" # translates 'initializ-buildpacks/bundle-install' to 'initializbuildpacks/bundle-install' IMAGE="index.docker.io/${REPOSITORY}" echo "${DOCKERHUB_PASSWORD}" | sudo skopeo login --username "${DOCKERHUB_USERNAME}" --password-stdin index.docker.io sudo skopeo copy "oci-archive:${GITHUB_WORKSPACE}/buildpackage.cnb" "docker://${IMAGE}:${{ steps.event.outputs.tag_full }}" @@ -72,7 +67,7 @@ jobs: id: ${{ github.repository }} version: ${{ steps.event.outputs.tag_full }} address: ${{ steps.push.outputs.image }}@${{ steps.push.outputs.digest }} - token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} + token: ${{ secrets.PAT }} failure: name: Alert on Failure @@ -81,7 +76,7 @@ jobs: if: ${{ always() && needs.push.result == 'failure' }} steps: - name: File Failure Alert Issue - uses: paketo-buildpacks/github-config/actions/issue/file@main + uses: initializ-buildpacks/github-config/actions/issue/file@main with: token: ${{ secrets.GITHUB_TOKEN }} repo: ${{ github.repository }} diff --git a/.github/workflows/update-dependencies-from-metadata.yml b/.github/workflows/update-dependencies-from-metadata.yml index fc7008a0..1b25cff6 100644 --- a/.github/workflows/update-dependencies-from-metadata.yml +++ b/.github/workflows/update-dependencies-from-metadata.yml @@ -221,21 +221,6 @@ jobs: echo "artifact-file=$(basename ./*.tgz)" >> "$GITHUB_OUTPUT" echo "checksum-file=$(basename ./*.tgz.checksum)" >> "$GITHUB_OUTPUT" - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v2 - with: - aws-access-key-id: ${{ secrets.AWS_S3_DEPENDENCIES_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_S3_DEPENDENCIES_SECRET_ACCESS_KEY }} - aws-region: us-east-1 - - - name: Upload to S3 - id: upload - uses: paketo-buildpacks/github-config/actions/dependency/upload-to-s3@main - with: - bucket-name: "paketo-buildpacks" - dependency-name: ${{ needs.retrieve.outputs.id }} - artifact-path: ${{ steps.get-file-names.outputs.artifact-file }} - - name: Get Checksum id: get-checksum run: echo "checksum=$(cat ${{ steps.get-file-names.outputs.checksum-file }})" >> "$GITHUB_OUTPUT" @@ -247,7 +232,7 @@ jobs: - name: Update `checksum` and `uri` in metadata for ${{ matrix.includes.target }} ${{ matrix.includes.version }} if: ${{ matrix.includes.checksum == '' && matrix.includes.uri == '' }} - uses: paketo-buildpacks/github-config/actions/dependency/update-metadata-json@main + uses: initializ-buildpacks/github-config/actions/dependency/update-metadata-json@main with: version: ${{ matrix.includes.version }} target: ${{ matrix.includes.target }} @@ -280,9 +265,9 @@ jobs: uses: actions/checkout@v3 - name: Checkout Branch - uses: paketo-buildpacks/github-config/actions/pull-request/checkout-branch@main + uses: initializ-buildpacks/github-config/actions/pull-request/checkout-branch@main with: - branch: automation/dependencies/update-from-metadata + branch: automations/dependencies/update-from-metadata - name: Make Temporary Artifact Directory id: make-outputdir @@ -297,7 +282,7 @@ jobs: - name: Update dependencies from metadata.json id: update - uses: paketo-buildpacks/github-config/actions/dependency/update-from-metadata@main + uses: initializ-buildpacks/github-config/actions/dependency/update-from-metadata@main with: buildpack_toml_path: "${{ github.workspace }}/buildpack.toml" metadata_file_path: "${{ steps.make-outputdir.outputs.outputdir }}/metadata.json" @@ -308,26 +293,26 @@ jobs: - name: Commit id: commit - uses: paketo-buildpacks/github-config/actions/pull-request/create-commit@main + uses: initializ-buildpacks/github-config/actions/pull-request/create-commit@main with: message: "Updating buildpack.toml with new versions ${{ steps.update.outputs.new-versions }}" pathspec: "." - keyid: ${{ secrets.PAKETO_BOT_GPG_SIGNING_KEY_ID }} - key: ${{ secrets.PAKETO_BOT_GPG_SIGNING_KEY }} + keyid: ${{ secrets.INITIALIZ_BOT_GPG_SIGNING_KEY_ID }} + key: ${{ secrets.INITIALIZ_BOT_GPG_SIGNING_KEY }} - - name: Push Branch 'automation/dependencies/update-from-metadata' + - name: Push Branch 'automations/dependencies/update-from-metadata' if: ${{ steps.commit.outputs.commit_sha != '' }} - uses: paketo-buildpacks/github-config/actions/pull-request/push-branch@main + uses: initializ-buildpacks/github-config/actions/pull-request/push-branch@main with: - branch: automation/dependencies/update-from-metadata + branch: automations/dependencies/update-from-metadata - name: Open Pull Request if: ${{ steps.commit.outputs.commit_sha != '' }} - uses: paketo-buildpacks/github-config/actions/pull-request/open@main + uses: initializ-buildpacks/github-config/actions/pull-request/open@main with: - token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} + token: ${{ secrets.PAT }} title: "Updates buildpack.toml with ${{ steps.update.outputs.new-versions }}" - branch: automation/buildpack.toml/update-from-metadata + branch: automations/buildpack.toml/update-from-metadata failure: name: Alert on Failure @@ -336,7 +321,7 @@ jobs: if: ${{ always() && needs.retrieve.result == 'failure' || needs.get-compile-and-test.result == 'failure' || needs.test.result == 'failure' || needs.compile.result == 'failure' || needs.update-metadata.result == 'failure' || needs.assemble.result == 'failure' }} steps: - name: File Failure Alert Issue - uses: paketo-buildpacks/github-config/actions/issue/file@main + uses: initializ-buildpacks/github-config/actions/issue/file@main with: token: ${{ secrets.GITHUB_TOKEN }} repo: ${{ github.repository }} diff --git a/.github/workflows/update-github-config.yml b/.github/workflows/update-github-config.yml index 08073006..9e36c0d6 100644 --- a/.github/workflows/update-github-config.yml +++ b/.github/workflows/update-github-config.yml @@ -27,7 +27,7 @@ jobs: - name: Checkout Branch uses: initializ-buildpacks/github-config/actions/pull-request/checkout-branch@main with: - branch: automation/github-config/update + branch: automations/github-config/update - name: Run the sync action uses: initializ-buildpacks/github-config/actions/sync@main @@ -51,7 +51,7 @@ jobs: if: ${{ steps.commit.outputs.commit_sha != '' }} uses: initializ-buildpacks/github-config/actions/pull-request/push-branch@main with: - branch: automation/github-config/update + branch: automations/github-config/update - name: Open Pull Request if: ${{ steps.commit.outputs.commit_sha != '' }} @@ -59,7 +59,7 @@ jobs: with: token: ${{ secrets.PAT }} title: "Updates github-config" - branch: automation/github-config/update + branch: automations/github-config/update failure: name: Alert on Failure diff --git a/scripts/.util/builders.sh b/scripts/.util/builders.sh index a4b3e9a8..fd2a9b39 100644 --- a/scripts/.util/builders.sh +++ b/scripts/.util/builders.sh @@ -19,7 +19,7 @@ function util::builders::list() { if [[ -z "${builders}" ]]; then util::print::info "No builders specified. Falling back to default builder..." - builders="$(jq --compact-output --null-input '["index.docker.io/paketobuildpacks/builder-jammy-buildpackless-base:latest"]')" + builders="$(jq --compact-output --null-input '["index.docker.io/initializbuildpacks/securepacks-initzbuilder:latest"]')" fi echo "${builders}" diff --git a/scripts/.util/tools.json b/scripts/.util/tools.json index d0bb37a8..c1e221c9 100644 --- a/scripts/.util/tools.json +++ b/scripts/.util/tools.json @@ -1,5 +1,5 @@ { - "createpackage": "v1.68.1", - "jam": "v2.7.0", - "pack": "v0.32.1" -} + "createpackage": "v1.69.1", + "jam": "v2.7.2", + "pack": "v0.33.2" +} \ No newline at end of file diff --git a/scripts/.util/tools.sh b/scripts/.util/tools.sh index 35addb02..547808de 100644 --- a/scripts/.util/tools.sh +++ b/scripts/.util/tools.sh @@ -135,6 +135,13 @@ function util::tools::pack::install() { version="$(jq -r .pack "$(dirname "${BASH_SOURCE[0]}")/tools.json")" + local pack_config_enable_experimental + if [ -f "$(dirname "${BASH_SOURCE[0]}")/../options.json" ]; then + pack_config_enable_experimental="$(jq -r .pack_config_enable_experimental "$(dirname "${BASH_SOURCE[0]}")/../options.json")" + else + pack_config_enable_experimental="false" + fi + tmp_location="/tmp/pack.tgz" curl_args=( "--fail" @@ -158,6 +165,10 @@ function util::tools::pack::install() { tar xzf "${tmp_location}" -C "${dir}" chmod +x "${dir}/pack" + if [[ "${pack_config_enable_experimental}" == "true" ]]; then + "${dir}"/pack config experimental true + fi + rm "${tmp_location}" else util::print::info "Using pack $("${dir}"/pack version)" @@ -224,4 +235,4 @@ function util::tools::tests::checkfocus() { util::print::success "** GO Test Succeeded **" 197 fi rm "${testout}" -} +} \ No newline at end of file diff --git a/scripts/build.sh b/scripts/build.sh index a3e1d3d5..a42012e3 100755 --- a/scripts/build.sh +++ b/scripts/build.sh @@ -56,7 +56,15 @@ function run::build() { echo "Success!" - for name in detect build; do + names=("detect") + + if [ -f "extension.toml" ]; then + names+=("generate") + else + names+=("build") + fi + + for name in "${names[@]}"; do printf "%s" "Linking ${name}... " ln -sf "run" "${name}" @@ -73,18 +81,22 @@ function cmd::build() { for src in "${BUILDPACKDIR}"/cmd/*; do name="$(basename "${src}")" - printf "%s" "Building ${name}... " + if [[ -f "${src}/main.go" ]]; then + printf "%s" "Building ${name}... " - GOOS="linux" \ - CGO_ENABLED=0 \ - go build \ - -ldflags="-s -w" \ - -o "${BUILDPACKDIR}/bin/${name}" \ - "${src}/main.go" + GOOS="linux" \ + CGO_ENABLED=0 \ + go build \ + -ldflags="-s -w" \ + -o "${BUILDPACKDIR}/bin/${name}" \ + "${src}/main.go" - echo "Success!" + echo "Success!" + else + printf "%s" "Skipping ${name}... " + fi done fi } -main "${@:-}" +main "${@:-}" \ No newline at end of file