fix: correct typo

.github/workflows/build-pr.yml

@@ -91,10 +91,10 @@ jobs:
       - name: Save logs
         if: ${{ always() }}
         run: |
-          kubectl logs -n gatekeeper-system -l control-plane=controller-manager --tail=-1 > logs-externaldata-controller.json
-          kubectl logs -n gatekeeper-system -l control-plane=audit-controller --tail=-1 > logs-externaldata-audit.json
-          kubectl logs -n gatekeeper-system -l app=ratify --tail=-1 > logs-ratify-preinstall.json
-          kubectl logs -n gatekeeper-system -l app.kubernetes.io/name=ratify --tail=-1 > logs-ratify.json
+          kubectl logs -n gatekeeper-system -l control-plane=controller-manager --tail=-1 > logs-externaldata-controller-${{ matrix.KUBERNETES_VERSION }}-${{ matrix.GATEKEEPER_VERSION }}.json
+          kubectl logs -n gatekeeper-system -l control-plane=audit-controller --tail=-1 > logs-externaldata-audit-${{ matrix.KUBERNETES_VERSION }}-${{ matrix.GATEKEEPER_VERSION }}.json
+          kubectl logs -n gatekeeper-system -l app=ratify --tail=-1 > logs-ratify-preinstall-${{ matrix.KUBERNETES_VERSION }}-${{ matrix.GATEKEEPER_VERSION }}.json
+          kubectl logs -n gatekeeper-system -l app.kubernetes.io/name=ratify --tail=-1 > logs-ratify-${{ matrix.KUBERNETES_VERSION }}-${{ matrix.GATEKEEPER_VERSION }}.json
       - name: Upload artifacts
         uses: actions/upload-artifact@v3
         if: ${{ always() }}

api/v1alpha1/certificatestore_types.go

@@ -40,9 +40,9 @@ type CertificateStoreStatus struct {
 	// Important: Run "make" to regenerate code after modifying this file
 }
 
-//+kubebuilder:object:root=true
-//+kubebuilder:subresource:status
-// +kubebuilder:deprecatedversion:warning="v1alpha1 of the eraser API has been deprecated. Please migrate to v1beta1."
+// +kubebuilder:object:root=true
+// +kubebuilder:subresource:status
+// +kubebuilder:deprecatedversion:warning="v1alpha1 of the CertificateStore API has been deprecated. Please migrate to v1beta1."
 
 // CertificateStore is the Schema for the certificatestores API
 type CertificateStore struct {

api/v1alpha1/store_types.go

@@ -44,7 +44,7 @@ type StoreStatus struct {
 
 // +kubebuilder:object:root=true
 // +kubebuilder:resource:scope="Cluster"
-// +kubebuilder:deprecatedversion:warning="v1alpha1 of the eraser API has been deprecated. Please migrate to v1beta1."
+// +kubebuilder:deprecatedversion:warning="v1alpha1 of the Store API has been deprecated. Please migrate to v1beta1."
 
 // Store is the Schema for the stores API
 type Store struct {

api/v1alpha1/verifier_types.go

@@ -50,7 +50,7 @@ type VerifierStatus struct {
 
 // +kubebuilder:object:root=true
 // +kubebuilder:resource:scope="Cluster"
-// +kubebuilder:deprecatedversion:warning="v1alpha1 of the eraser API has been deprecated. Please migrate to v1beta1."
+// +kubebuilder:deprecatedversion:warning="v1alpha1 of the Verifier API has been deprecated. Please migrate to v1beta1."
 
 // Verifier is the Schema for the verifiers API
 type Verifier struct {

config/crd/bases/config.ratify.deislabs.io_certificatestores.yaml

@@ -16,8 +16,8 @@ spec:
   scope: Namespaced
   versions:
   - deprecated: true
-    deprecationWarning: v1alpha1 of the eraser API has been deprecated. Please migrate
-      to v1beta1.
+    deprecationWarning: v1alpha1 of the CertificateStore API has been deprecated.
+      Please migrate to v1beta1.
     name: v1alpha1
     schema:
       openAPIV3Schema:

config/crd/bases/config.ratify.deislabs.io_stores.yaml

@@ -16,7 +16,7 @@ spec:
   scope: Cluster
   versions:
   - deprecated: true
-    deprecationWarning: v1alpha1 of the eraser API has been deprecated. Please migrate
+    deprecationWarning: v1alpha1 of the Store API has been deprecated. Please migrate
       to v1beta1.
     name: v1alpha1
     schema:

config/crd/bases/config.ratify.deislabs.io_verifiers.yaml

@@ -16,7 +16,7 @@ spec:
   scope: Cluster
   versions:
   - deprecated: true
-    deprecationWarning: v1alpha1 of the eraser API has been deprecated. Please migrate
+    deprecationWarning: v1alpha1 of the Verifier API has been deprecated. Please migrate
       to v1beta1.
     name: v1alpha1
     schema:

config/samples/config_v1alpha1_store_oras.yaml

@@ -0,0 +1,13 @@
+apiVersion: config.ratify.deislabs.io/v1alpha1
+kind: Store
+metadata:
+  name: store-oras
+spec:
+  name: oras
+  parameters:
+    cacheEnabled: true
+    capacity: 100
+    cosignEnabled: true
+    keyNumber: 10000
+    ttl: 10
+    useHttp: true

config/samples/config_v1alpha1_verifier_notary.yaml

@@ -0,0 +1,23 @@
+apiVersion: config.ratify.deislabs.io/v1alpha1
+kind: Verifier
+metadata:
+  name: verifier-notary
+spec:
+  name: notaryv2
+  artifactTypes: application/vnd.cncf.notary.signature
+  parameters:
+     verificationCertStores:
+       certs:
+         - ratify-notary-inline-cert
+     trustPolicyDoc:
+      version: "1.0"
+      trustPolicies:
+        - name: default
+          registryScopes:
+            - "*"
+          signatureVerification:
+            level: strict
+          trustStores:
+            - ca:certs
+          trustedIdentities:
+            - "*"

test/bats/azure-test.bats

@@ -7,7 +7,7 @@ WAIT_TIME=60
 SLEEP_TIME=1
 
 @test "dynamic plugins enabled test" {
-    # only run this test against a live cluster 
+    # only run this test against a live cluster
 
     # ensure that the chart deployment is reset to a clean state for other tests
     teardown() {
@@ -97,7 +97,7 @@ SLEEP_TIME=1
 }
 
 @test "sbom verifier test" {
-     teardown() {
+    teardown() {
         echo "cleaning up"
         wait_for_process ${WAIT_TIME} ${SLEEP_TIME} 'kubectl delete pod sbom --namespace default --force --ignore-not-found=true'
         wait_for_process ${WAIT_TIME} ${SLEEP_TIME} 'kubectl delete pod sbom2 --namespace default --force --ignore-not-found=true'

test/bats/test.bats

@@ -6,6 +6,22 @@ BATS_TESTS_DIR=${BATS_TESTS_DIR:-test/bats/tests}
 WAIT_TIME=60
 SLEEP_TIME=1
 
+@test "crd version test" {
+    run kubectl delete verifiers.config.ratify.deislabs.io/verifier-notary
+    assert_success
+    run kubectl apply -f ./config/samples/config_v1alpha1_verifier_notary.yaml
+    assert_success
+    run bash -c "kubectl get verifiers.config.ratify.deislabs.io/verifier-notary -o yaml | grep 'apiVersion: config.ratify.deislabs.io/v1beta1'"
+    assert_success
+
+    run kubectl delete stores.config.ratify.deislabs.io/store-oras
+    assert_success
+    run kubectl apply -f ./config/samples/config_v1alpha1_store_oras.yaml
+    assert_success
+    run bash -c "kubectl get stores.config.ratify.deislabs.io/store-oras -o yaml | grep 'apiVersion: config.ratify.deislabs.io/v1beta1'"
+    assert_success
+}
+
 @test "notary test" {
     teardown() {
         echo "cleaning up"
@@ -50,7 +66,7 @@ SLEEP_TIME=1
         wait_for_process ${WAIT_TIME} ${SLEEP_TIME} 'kubectl delete pod cosign-demo-keyless --namespace default --force --ignore-not-found=true'
         wait_for_process ${WAIT_TIME} ${SLEEP_TIME} 'kubectl delete verifiers.config.ratify.deislabs.io/verifier-cosign --namespace default --ignore-not-found=true'
     }
-     # update the config to use the keyless verifier since ratify doesn't support multiple verifiers of same type
+    # update the config to use the keyless verifier since ratify doesn't support multiple verifiers of same type
     sed -i 's/\/usr\/local\/ratify-certs\/cosign\/cosign.pub/""/g' ./config/samples/config_v1beta1_verifier_cosign.yaml
     run kubectl apply -f ./config/samples/config_v1beta1_verifier_cosign.yaml
     sleep 5