diff --git a/.github/workflows/commitlint.yaml b/.github/workflows/commitlint.yaml index 39e81ecb..6666151a 100644 --- a/.github/workflows/commitlint.yaml +++ b/.github/workflows/commitlint.yaml @@ -12,4 +12,4 @@ on: jobs: validate: name: Validate - uses: defenseunicorns/uds-common/.github/workflows/commitlint.yaml@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3 + uses: defenseunicorns/uds-common/.github/workflows/commitlint.yaml@264ec430c4079129870820e70c4439f3f3d57cbc # v0.3.9 diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index c5638525..502a3bd7 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -20,10 +20,11 @@ jobs: fetch-depth: 0 - name: Environment setup - uses: defenseunicorns/uds-common/.github/actions/setup@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3 + uses: defenseunicorns/uds-common/.github/actions/setup@264ec430c4079129870820e70c4439f3f3d57cbc # v0.3.9 with: - username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} - password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} + registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} + registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} + ghToken: ${{ secrets.GITHUB_TOKEN }} - name: Install lint deps run: | diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml index 91ae9dd3..06efcfe0 100644 --- a/.github/workflows/scorecard.yaml +++ b/.github/workflows/scorecard.yaml @@ -45,6 +45,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@05963f47d870e2cb19a537396c1f668a348c7d8f # v3.24.8 + uses: github/codeql-action/upload-sarif@1b1aada464948af03b950897e5eb522f92603cc2 # v3.24.9 with: sarif_file: results.sarif diff --git a/.github/workflows/tag-and-release.yaml b/.github/workflows/tag-and-release.yaml index e488f269..9e8638c8 100644 --- a/.github/workflows/tag-and-release.yaml +++ b/.github/workflows/tag-and-release.yaml @@ -15,7 +15,7 @@ jobs: steps: - name: Create release tag id: tag - uses: google-github-actions/release-please-action@v4.1.0 + uses: google-github-actions/release-please-action@a37ac6e4f6449ce8b3f7607e4d97d0146028dc0b # v4.1.0 - id: release-flag run: echo "release_created=${{ steps.tag.outputs.release_created || false }}" >> $GITHUB_OUTPUT @@ -36,17 +36,11 @@ jobs: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Environment setup - uses: defenseunicorns/uds-common/.github/actions/setup@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3 + uses: defenseunicorns/uds-common/.github/actions/setup@264ec430c4079129870820e70c4439f3f3d57cbc # v0.3.9 with: - username: ${{secrets.IRON_BANK_ROBOT_USERNAME}} - password: ${{secrets.IRON_BANK_ROBOT_PASSWORD}} - - - name: Login to GHCR - uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3 - with: - registry: ghcr.io - username: dummy - password: ${{ secrets.GITHUB_TOKEN }} + registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} + registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} + ghToken: ${{ secrets.GITHUB_TOKEN }} - name: Publish Package run: uds run -f tasks/publish.yaml package --set FLAVOR=${{ matrix.flavor }} @@ -57,6 +51,6 @@ jobs: - name: Save logs if: always() - uses: defenseunicorns/uds-common/.github/actions/save-logs@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3 + uses: defenseunicorns/uds-common/.github/actions/save-logs@264ec430c4079129870820e70c4439f3f3d57cbc # v0.3.9 with: suffix: '${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }}' diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 68c56687..23c5fc77 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -46,19 +46,20 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Environment setup - uses: defenseunicorns/uds-common/.github/actions/setup@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3 + uses: defenseunicorns/uds-common/.github/actions/setup@264ec430c4079129870820e70c4439f3f3d57cbc # v0.3.9 with: - username: ${{secrets.IRON_BANK_ROBOT_USERNAME}} - password: ${{secrets.IRON_BANK_ROBOT_PASSWORD}} + registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} + registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} + ghToken: ${{ secrets.GITHUB_TOKEN }} - name: Test - uses: defenseunicorns/uds-common/.github/actions/test@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3 + uses: defenseunicorns/uds-common/.github/actions/test@264ec430c4079129870820e70c4439f3f3d57cbc # v0.3.9 with: flavor: ${{ matrix.flavor }} type: ${{ matrix.type }} - name: Save logs if: always() - uses: defenseunicorns/uds-common/.github/actions/save-logs@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3 + uses: defenseunicorns/uds-common/.github/actions/save-logs@264ec430c4079129870820e70c4439f3f3d57cbc # v0.3.9 with: suffix: ${{ matrix.type }}-${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }} diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 0f9263e8..e9444ef6 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -40,14 +40,14 @@ repos: args: [ "--schemafile", - "https://raw.githubusercontent.com/defenseunicorns/zarf/v0.32.5/zarf.schema.json", + "https://raw.githubusercontent.com/defenseunicorns/zarf/v0.32.6/zarf.schema.json", "--no-cache" ] - repo: https://github.com/golangci/golangci-lint - rev: v1.57.1 + rev: v1.57.2 hooks: - id: golangci-lint - repo: https://github.com/renovatebot/pre-commit-hooks - rev: 37.262.0 + rev: 37.275.0 hooks: - id: renovate-config-validator diff --git a/.vscode/settings.json b/.vscode/settings.json index fe7082af..9eeb1594 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -8,15 +8,15 @@ ] }, "yaml.schemas": { - "https://raw.githubusercontent.com/defenseunicorns/uds-cli/v0.9.4/uds.schema.json": [ + "https://raw.githubusercontent.com/defenseunicorns/uds-cli/v0.10.1/uds.schema.json": [ "uds-bundle.yaml" ], - "https://raw.githubusercontent.com/defenseunicorns/uds-cli/v0.9.4/tasks.schema.json": [ + "https://raw.githubusercontent.com/defenseunicorns/uds-cli/v0.10.1/tasks.schema.json": [ "tasks.yaml", "tasks/**/*.yaml", "src/**/validate.yaml" ], - "https://raw.githubusercontent.com/defenseunicorns/zarf/v0.32.5/zarf.schema.json": [ + "https://raw.githubusercontent.com/defenseunicorns/zarf/v0.32.6/zarf.schema.json": [ "zarf.yaml" ] }, diff --git a/tasks.yaml b/tasks.yaml index a0ed0cbd..854f1d9d 100644 --- a/tasks.yaml +++ b/tasks.yaml @@ -2,11 +2,11 @@ includes: - cleanup: ./tasks/cleanup.yaml - dependencies: ./tasks/dependencies.yaml - test: ./tasks/test.yaml - - create: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.3/tasks/create.yaml - - lint: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.3/tasks/lint.yaml - - pull: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.3/tasks/pull.yaml - - deploy: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.3/tasks/deploy.yaml - - setup: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.3/tasks/setup.yaml + - create: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.9/tasks/create.yaml + - lint: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.9/tasks/lint.yaml + - pull: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.9/tasks/pull.yaml + - deploy: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.9/tasks/deploy.yaml + - setup: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.9/tasks/setup.yaml tasks: - name: default @@ -34,13 +34,8 @@ tasks: description: Create UDS Gitlab bundle with dependencies based on the latest release actions: - task: pull:latest-package-release - # TODO (@WSTARR): This is currently needed to get around the chicken+egg condition when release please updates the version in GH - - description: Get the current Zarf package name - cmd: cat zarf.yaml | yq .metadata.version - setVariables: - - name: CURRENT_VERSION - - description: Move the latest to the current (needed to make this work on release-please PRs) - cmd: test -f zarf-package-gitlab-${UDS_ARCH}-${CURRENT_VERSION}.tar.zst || mv zarf-package-gitlab-${UDS_ARCH}-*.tar.zst zarf-package-gitlab-${UDS_ARCH}-${CURRENT_VERSION}.tar.zst + with: + spoof_release: "true" - task: dependencies:create - task: create:test-bundle diff --git a/tasks/cleanup.yaml b/tasks/cleanup.yaml index c8ac5602..2208b09b 100644 --- a/tasks/cleanup.yaml +++ b/tasks/cleanup.yaml @@ -7,4 +7,4 @@ tasks: - name: bundle actions: - description: Remove the Deployed UDS Gitlab Bundle - cmd: uds remove ./bundle/uds-bundle-gitlab-test*.tar.zst --confirm --no-progress + cmd: ./uds remove ./bundle/uds-bundle-gitlab-test*.tar.zst --confirm --no-progress diff --git a/tasks/dependencies.yaml b/tasks/dependencies.yaml index 9c023a03..a03ad66c 100644 --- a/tasks/dependencies.yaml +++ b/tasks/dependencies.yaml @@ -8,4 +8,4 @@ tasks: description: The architecture of the package to create default: ${UDS_ARCH} actions: - - cmd: uds zarf package create src/dev-secrets/ --confirm --no-progress --architecture=${{ .inputs.architecture }} --skip-sbom ${{ .inputs.options }} + - cmd: ./uds zarf package create src/dev-secrets/ --confirm --no-progress --architecture=${{ .inputs.architecture }} --skip-sbom ${{ .inputs.options }} diff --git a/tasks/publish.yaml b/tasks/publish.yaml index f4c9be87..919dd155 100644 --- a/tasks/publish.yaml +++ b/tasks/publish.yaml @@ -1,7 +1,7 @@ includes: - dependencies: ./dependencies.yaml - - create: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.3/tasks/create.yaml - - publish: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.3/tasks/publish.yaml + - create: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.9/tasks/create.yaml + - publish: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.9/tasks/publish.yaml tasks: - name: package