From 6353c85c7efc595c645b7f86df04c544c034f2c1 Mon Sep 17 00:00:00 2001
From: Marco Sanchotene <marco.sanchotene@gmail.com>
Date: Mon, 3 Oct 2022 16:46:40 -0300
Subject: [PATCH 1/4] Separate notarizations in jobs and notarize all files
 with vcn

---
 .github/workflows/notarize-immudb-py.yaml | 77 ++++++++++++++++++-----
 1 file changed, 61 insertions(+), 16 deletions(-)

diff --git a/.github/workflows/notarize-immudb-py.yaml b/.github/workflows/notarize-immudb-py.yaml
index 99d2cfb..6f3e659 100644
--- a/.github/workflows/notarize-immudb-py.yaml
+++ b/.github/workflows/notarize-immudb-py.yaml
@@ -1,32 +1,77 @@
 name: Notarize immudb-py
 
 on:
-  push:
+  pull_request:
     branches:
-      - master
+      - main
+      - develop
+    types:
+      - closed
 
 jobs:
-  notarize:
-    name: Notarize immudb-py directory and repository
+  checkout-repository:
+    name: Checkout repository
+    if: github.event.pull_request.merged == true
     runs-on: [self-hosted, linux]
-
     steps:
       - name: Checkout repository
         uses: actions/checkout@v2
 
-      - name: Notarize immudb-py repository with latest cas
-        uses: codenotary/cas-notarize-asset-github-action@main
+  notarize-with-cas:
+    name: Notarize repository with cas
+    runs-on: [self-hosted, linux]
+    needs: checkout-repository
+    steps:
+      - name: Get latest released cas version
+        id: cas-version
+        run: >
+          echo "::set-output name=latest::$(
+          curl -s -H 'Accept: application/vnd.github+json'
+          -H 'Authorization: token ${{ secrets.GITHUB_TOKEN }}'
+          https://api.github.com/repos/codenotary/cas/releases/latest | jq -r '.name'
+          )"
+
+      - name: Cache cas binary
+        id: cache-cas
+        uses: actions/cache@v3
         with:
-          asset: git://./
-          cas_api_key: ${{ secrets.CAS_API_KEY_ATTEST }}
+          path: cas
+          key: cas-${{ steps.cas-version.outputs.latest }}
 
-      - name: Download vcn
-        uses: codenotary/vcn-github-action@v2
+      - name: Download cas
+        if: steps.cache-cas.outputs.cache-hit != 'true'
+        run: |
+          curl -s -o cas -L https://github.com/codenotary/cas/releases/download/${{ steps.cas-version.outputs.latest }}/cas-${{ steps.cas-version.outputs.latest }}-linux-amd64-static
+          chmod +x cas
+
+      # Notarize only repository as cas cannot notarize all files recursively
+      - name: Notarize git repository with cas
+        run: ./cas n git://$GITHUB_WORKSPACE --api-key ${{ secrets.CAS_API_KEY_ATTEST }} --host=cas.codenotary.com
+
+  notarize-with-vcn:
+    name: Notarize repository with vcn
+    runs-on: [self-hosted, linux]
+    needs: checkout-repository
+    steps:
+      - name: Cache vcn binary
+        id: cache-vcn
+        uses: actions/cache@v3
         with:
-            standard_usage: false
+          path: vcn
+          key: vcn-${{ steps.vcn-version.outputs.latest }}
+
+      - name: Download vcn
+        if: steps.cache-vcn.outputs.cache-hit != 'true'
+        run: |
+          curl -s -o vcn -L https://vcn-releases.codenotary.com/vcn-latest-linux-amd64-static
+          chmod +x vcn
 
-      - name: Notarize immudb-py directory and dependencies with latest vcn
-        run: ./vcn n ./ --bom --lc-host ${{ secrets.CI_TEST_HOST }} --lc-api-key ${{ secrets.CICD_LEDGER1_ACTION_KEY }}
+      - name: Notarize git repository with vcn
+        run: >
+          ./vcn n git://$GITHUB_WORKSPACE --bom --lc-host ${{ secrets.CI_TEST_HOST }}
+          --lc-api-key ${{secrets.CICD_LEDGER1_ACTION_KEY}}
 
-      - name: Notarize immudb-py repository and dependencies with latest vcn
-        run: ./vcn n git://./ --bom --lc-host ${{ secrets.CI_TEST_HOST }} --lc-api-key ${{ secrets.CICD_LEDGER1_ACTION_KEY }}
+      - name: Notarize all files in git repository with latest vcn
+        run: >
+          ./vcn n wildcard://$GITHUB_WORKSPACE/"*" -r --lc-host ${{ secrets.CI_TEST_HOST }}
+          --lc-api-key ${{secrets.CICD_LEDGER1_ACTION_KEY}}

From 7a1919634c6005831550bd957f150520ccbf8aa6 Mon Sep 17 00:00:00 2001
From: Marco Sanchotene <marco.sanchotene@gmail.com>
Date: Mon, 3 Oct 2022 22:01:15 -0300
Subject: [PATCH 2/4] Remove cache as it doesn't make any difference

---
 .github/workflows/notarize-immudb-py.yaml | 16 ----------------
 1 file changed, 16 deletions(-)

diff --git a/.github/workflows/notarize-immudb-py.yaml b/.github/workflows/notarize-immudb-py.yaml
index 6f3e659..641d82c 100644
--- a/.github/workflows/notarize-immudb-py.yaml
+++ b/.github/workflows/notarize-immudb-py.yaml
@@ -31,15 +31,7 @@ jobs:
           https://api.github.com/repos/codenotary/cas/releases/latest | jq -r '.name'
           )"
 
-      - name: Cache cas binary
-        id: cache-cas
-        uses: actions/cache@v3
-        with:
-          path: cas
-          key: cas-${{ steps.cas-version.outputs.latest }}
-
       - name: Download cas
-        if: steps.cache-cas.outputs.cache-hit != 'true'
         run: |
           curl -s -o cas -L https://github.com/codenotary/cas/releases/download/${{ steps.cas-version.outputs.latest }}/cas-${{ steps.cas-version.outputs.latest }}-linux-amd64-static
           chmod +x cas
@@ -53,15 +45,7 @@ jobs:
     runs-on: [self-hosted, linux]
     needs: checkout-repository
     steps:
-      - name: Cache vcn binary
-        id: cache-vcn
-        uses: actions/cache@v3
-        with:
-          path: vcn
-          key: vcn-${{ steps.vcn-version.outputs.latest }}
-
       - name: Download vcn
-        if: steps.cache-vcn.outputs.cache-hit != 'true'
         run: |
           curl -s -o vcn -L https://vcn-releases.codenotary.com/vcn-latest-linux-amd64-static
           chmod +x vcn

From f31bc75b35ddb2ad9010e70a81b864e8969f5ad8 Mon Sep 17 00:00:00 2001
From: Marco Sanchotene <marco.sanchotene@gmail.com>
Date: Wed, 5 Oct 2022 13:51:24 -0300
Subject: [PATCH 3/4] Call reusable workflow

---
 .github/workflows/notarize-immudb-py.yaml | 57 +++--------------------
 1 file changed, 7 insertions(+), 50 deletions(-)

diff --git a/.github/workflows/notarize-immudb-py.yaml b/.github/workflows/notarize-immudb-py.yaml
index 641d82c..17ded56 100644
--- a/.github/workflows/notarize-immudb-py.yaml
+++ b/.github/workflows/notarize-immudb-py.yaml
@@ -9,53 +9,10 @@ on:
       - closed
 
 jobs:
-  checkout-repository:
-    name: Checkout repository
-    if: github.event.pull_request.merged == true
-    runs-on: [self-hosted, linux]
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v2
-
-  notarize-with-cas:
-    name: Notarize repository with cas
-    runs-on: [self-hosted, linux]
-    needs: checkout-repository
-    steps:
-      - name: Get latest released cas version
-        id: cas-version
-        run: >
-          echo "::set-output name=latest::$(
-          curl -s -H 'Accept: application/vnd.github+json'
-          -H 'Authorization: token ${{ secrets.GITHUB_TOKEN }}'
-          https://api.github.com/repos/codenotary/cas/releases/latest | jq -r '.name'
-          )"
-
-      - name: Download cas
-        run: |
-          curl -s -o cas -L https://github.com/codenotary/cas/releases/download/${{ steps.cas-version.outputs.latest }}/cas-${{ steps.cas-version.outputs.latest }}-linux-amd64-static
-          chmod +x cas
-
-      # Notarize only repository as cas cannot notarize all files recursively
-      - name: Notarize git repository with cas
-        run: ./cas n git://$GITHUB_WORKSPACE --api-key ${{ secrets.CAS_API_KEY_ATTEST }} --host=cas.codenotary.com
-
-  notarize-with-vcn:
-    name: Notarize repository with vcn
-    runs-on: [self-hosted, linux]
-    needs: checkout-repository
-    steps:
-      - name: Download vcn
-        run: |
-          curl -s -o vcn -L https://vcn-releases.codenotary.com/vcn-latest-linux-amd64-static
-          chmod +x vcn
-
-      - name: Notarize git repository with vcn
-        run: >
-          ./vcn n git://$GITHUB_WORKSPACE --bom --lc-host ${{ secrets.CI_TEST_HOST }}
-          --lc-api-key ${{secrets.CICD_LEDGER1_ACTION_KEY}}
-
-      - name: Notarize all files in git repository with latest vcn
-        run: >
-          ./vcn n wildcard://$GITHUB_WORKSPACE/"*" -r --lc-host ${{ secrets.CI_TEST_HOST }}
-          --lc-api-key ${{secrets.CICD_LEDGER1_ACTION_KEY}}
+  notarize-repository:
+    name: Notarize cas repository with cas and vcn
+    uses: codenotary/notarize-with-cas-and-vcn/.github/workflows/notarize-with-cas-and-vcn.yml@main
+    secrets:
+      cas-api-key: ${{ secrets.CAS_API_KEY_ATTEST }}
+      vcn-api-key: ${{ secrets.CICD_LEDGER1_ACTION_KEY }}
+      vcn-host: ${{ secrets.CI_TEST_HOST }}

From 697d28e4bda07e245c593c1e15b9dea69edf4525 Mon Sep 17 00:00:00 2001
From: Marco Sanchotene <marco.sanchotene@gmail.com>
Date: Wed, 5 Oct 2022 13:53:36 -0300
Subject: [PATCH 4/4] Fix name of repository

---
 .github/workflows/notarize-immudb-py.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/notarize-immudb-py.yaml b/.github/workflows/notarize-immudb-py.yaml
index 17ded56..aaaf6fc 100644
--- a/.github/workflows/notarize-immudb-py.yaml
+++ b/.github/workflows/notarize-immudb-py.yaml
@@ -10,7 +10,7 @@ on:
 
 jobs:
   notarize-repository:
-    name: Notarize cas repository with cas and vcn
+    name: Notarize immudb-py repository with cas and vcn
     uses: codenotary/notarize-with-cas-and-vcn/.github/workflows/notarize-with-cas-and-vcn.yml@main
     secrets:
       cas-api-key: ${{ secrets.CAS_API_KEY_ATTEST }}