From 6ede6db428650f6a20db1929e47f9ca1efffdfe0 Mon Sep 17 00:00:00 2001 From: Binbin Li Date: Wed, 17 Aug 2022 10:26:41 +0800 Subject: [PATCH 1/5] doc: add missing username/password options to commands (#293) Signed-off-by: Binbin Li --- specs/notation-cli.md | 37 +++++++++++++++++++++++++++++++++++-- 1 file changed, 35 insertions(+), 2 deletions(-) diff --git a/specs/notation-cli.md b/specs/notation-cli.md index 502e052e1..c2ef3ea7e 100644 --- a/specs/notation-cli.md +++ b/specs/notation-cli.md @@ -67,7 +67,12 @@ COMMANDS: help, h Shows a list of commands or help for one command OPTIONS: - --help, -h show help (default: false) + --username value, -u value Username for registry operations [$NOTATION_USERNAME] + --password value, -p value Password for registry operations [$NOTATION_PASSWORD] + --help, -h show help (default: false) + +GLOBAL ARGUMENTS + --plain-http Registry access via plain HTTP (default: false) ``` ## certificate @@ -123,7 +128,12 @@ USAGE: notation list [command options] OPTIONS: - --help, -h show help (default: false) + --username value, -u value Username for registry operations [$NOTATION_USERNAME] + --password value, -p value Password for registry operations [$NOTATION_PASSWORD] + --help, -h show help (default: false) + +GLOBAL ARGUMENTS + --plain-http Registry access via plain HTTP (default: false) ``` ## login @@ -154,6 +164,9 @@ notation login -u -p registry.example.com # Login using $NOTATION_USERNAME $NOTATION_PASSWORD variables notation login registry.example.com + +NOTES +Once login is completed, then -u -p is no longer required for any notation commands against the registry server authenticated. ``` ## plugin @@ -185,9 +198,14 @@ USAGE: notation pull [command options] OPTIONS: + --username value, -u value Username for registry operations [$NOTATION_USERNAME] + --password value, -p value Password for registry operations [$NOTATION_PASSWORD] --strict Pull the signature without lookup the manifest (default: false) --output value, -o value Write signature to a specific path --help, -h Show help (default: false) + +GLOBAL ARGUMENTS + --plain-http Registry access via plain HTTP (default: false) ``` ## push @@ -201,8 +219,13 @@ USAGE: notation push [command options] OPTIONS: + --username value, -u value Username for registry operations [$NOTATION_USERNAME] + --password value, -p value Password for registry operations [$NOTATION_PASSWORD] --signature value, -s value, -f value signature files (accepts multiple inputs) --help, -h show help (default: false) + +GLOBAL ARGUMENTS + --plain-http Registry access via plain HTTP (default: false) ``` ## sign @@ -227,7 +250,12 @@ OPTIONS: --push push after successful signing (default: true) --push-reference value different remote to store signature --media-type value specify the media type of the manifest read from file or stdin (default: "application/vnd.docker.distribution.manifest.v2+json") + --username value, -u value Username for registry operations [$NOTATION_USERNAME] + --password value, -p value Password for registry operations [$NOTATION_PASSWORD] --help, -h show help (default: false) + +GLOBAL ARGUMENTS + --plain-http Registry access via plain HTTP (default: false) ``` ## verify @@ -247,5 +275,10 @@ OPTIONS: --pull pull remote signatures before verification (default: true) --local, -l reference is a local file (default: false) --media-type value specify the media type of the manifest read from file or stdin (default: "application/vnd.docker.distribution.manifest.v2+json") + --username value, -u value Username for registry operations [$NOTATION_USERNAME] + --password value, -p value Password for registry operations [$NOTATION_PASSWORD] --help, -h show help (default: false) + +GLOBAL ARGUMENTS + --plain-http Registry access via plain HTTP (default: false) ``` From 87aa9c58c1db9acb51aecb056c292741e02837a1 Mon Sep 17 00:00:00 2001 From: Yi Zha <107919912+yizha1@users.noreply.github.com> Date: Thu, 18 Aug 2022 06:07:04 +0800 Subject: [PATCH 2/5] bump up version to v0.10.0-alpha.3 (#301) * bump up version to v1.0.0-alpha.3 * revise version to v0.10.0-alpha.3 Signed-off-by: Yi Zha --- internal/version/version.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/version/version.go b/internal/version/version.go index f80840ecd..bdeeb9222 100644 --- a/internal/version/version.go +++ b/internal/version/version.go @@ -2,7 +2,7 @@ package version var ( // Version shows the current notation version, optionally with pre-release. - Version = "v0.7.1-alpha.1" + Version = "v0.10.0-alpha.3" // BuildMetadata stores the build metadata. BuildMetadata = "unreleased" From 44015dc2832211bbe7223c65d67743848c9b16cf Mon Sep 17 00:00:00 2001 From: Junjie Gao <43160897+JeyJeyGao@users.noreply.github.com> Date: Thu, 18 Aug 2022 13:27:13 +0800 Subject: [PATCH 3/5] fix: update notation-go (#294) Signed-off-by: Junjie Gao --- cmd/notation/cert_gen.go | 3 +-- go.mod | 4 ++-- go.sum | 8 ++++---- 3 files changed, 7 insertions(+), 8 deletions(-) diff --git a/cmd/notation/cert_gen.go b/cmd/notation/cert_gen.go index f6d49519c..d59164040 100644 --- a/cmd/notation/cert_gen.go +++ b/cmd/notation/cert_gen.go @@ -43,14 +43,13 @@ func generateTestCert(opts *certGenerateTestOpts) error { fmt.Println("generated certificates expiring on", rsaLeafCertTuple.Cert.NotAfter.Format(time.RFC3339)) // write private key - keyPath := dir.Path.Localkey(name, dir.KeyExtension) + keyPath, certPath := dir.Path.Localkey(name) if err := osutil.WriteFileWithPermission(keyPath, keyBytes, 0600, false); err != nil { return fmt.Errorf("failed to write key file: %v", err) } fmt.Println("wrote key:", keyPath) // write self-signed certificate - certPath := dir.Path.Localkey(name, dir.CertificateExtension) if err := osutil.WriteFileWithPermission(certPath, append(leafBytes, rootBytes...), 0644, false); err != nil { return fmt.Errorf("failed to write certificate file: %v", err) } diff --git a/go.mod b/go.mod index a003b368e..947a2fcc2 100644 --- a/go.mod +++ b/go.mod @@ -5,8 +5,8 @@ go 1.18 require ( github.com/distribution/distribution/v3 v3.0.0-20220729163034-26163d82560f github.com/docker/docker-credential-helpers v0.6.4 - github.com/notaryproject/notation-core-go v0.0.0-20220728174113-1d963fd57141 - github.com/notaryproject/notation-go v0.9.0-alpha.1.0.20220802200409-6312370a3526 + github.com/notaryproject/notation-core-go v0.0.0-20220809210532-f0a54093ba32 + github.com/notaryproject/notation-go v0.9.0-alpha.1.0.20220816013743-c350ef73e5f0 github.com/opencontainers/go-digest v1.0.0 github.com/spf13/cobra v1.5.0 github.com/spf13/pflag v1.0.5 diff --git a/go.sum b/go.sum index aa0570177..2e5ab4a73 100644 --- a/go.sum +++ b/go.sum @@ -9,10 +9,10 @@ github.com/golang-jwt/jwt/v4 v4.4.2 h1:rcc4lwaZgFMCZ5jxF9ABolDcIHdBytAFgqFPbSJQA github.com/golang-jwt/jwt/v4 v4.4.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM= github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= -github.com/notaryproject/notation-core-go v0.0.0-20220728174113-1d963fd57141 h1:VtrElctZUBC9bJlvELU16v7BrElZm8lZYFY1F71rfRg= -github.com/notaryproject/notation-core-go v0.0.0-20220728174113-1d963fd57141/go.mod h1:n+UjcUoYhvawO/JW5JfZerUUsGbHYTd4wH8ndGeeyas= -github.com/notaryproject/notation-go v0.9.0-alpha.1.0.20220802200409-6312370a3526 h1:fS+KCElDiaIE8fJLS/gB9vN6bkiNoh9GOEoAIrKgTWU= -github.com/notaryproject/notation-go v0.9.0-alpha.1.0.20220802200409-6312370a3526/go.mod h1:Rls6mRUjflVG0sVjVp6L9GpWFB/q0N3Aws7fI/Am0hc= +github.com/notaryproject/notation-core-go v0.0.0-20220809210532-f0a54093ba32 h1:dMZIRt5CMjl9eLJFywlBDDps3AWjgyy6axFnYONak8g= +github.com/notaryproject/notation-core-go v0.0.0-20220809210532-f0a54093ba32/go.mod h1:n+UjcUoYhvawO/JW5JfZerUUsGbHYTd4wH8ndGeeyas= +github.com/notaryproject/notation-go v0.9.0-alpha.1.0.20220816013743-c350ef73e5f0 h1:YQS5UhcYc0O7vVoIE2kdeXbZKGVoxEiLJwnm6C8PgQo= +github.com/notaryproject/notation-go v0.9.0-alpha.1.0.20220816013743-c350ef73e5f0/go.mod h1:crBca+qGBV39lmSnmyJM0L/2gAa/XlEWrID3rXYENXo= github.com/opencontainers/distribution-spec/specs-go v0.0.0-20220620172159-4ab4752c3b86 h1:Oumw+lPnO8qNLTY2mrqPJZMoGExLi/0h/DdikoLTXVU= github.com/opencontainers/distribution-spec/specs-go v0.0.0-20220620172159-4ab4752c3b86/go.mod h1:aA4vdXRS8E1TG7pLZOz85InHi3BiPdErh8IpJN6E0x4= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= From e73bfc38b738a49055e260998e67308974fbcbfc Mon Sep 17 00:00:00 2001 From: Yi Zha <107919912+yizha1@users.noreply.github.com> Date: Thu, 18 Aug 2022 17:05:09 +0800 Subject: [PATCH 4/5] Build: Bump dependencies (#306) Signed-off-by: Yi Zha --- go.mod | 6 +++--- go.sum | 12 ++++++------ 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/go.mod b/go.mod index 947a2fcc2..abf82bccb 100644 --- a/go.mod +++ b/go.mod @@ -5,12 +5,12 @@ go 1.18 require ( github.com/distribution/distribution/v3 v3.0.0-20220729163034-26163d82560f github.com/docker/docker-credential-helpers v0.6.4 - github.com/notaryproject/notation-core-go v0.0.0-20220809210532-f0a54093ba32 - github.com/notaryproject/notation-go v0.9.0-alpha.1.0.20220816013743-c350ef73e5f0 + github.com/notaryproject/notation-core-go v0.1.0-alpha.3 + github.com/notaryproject/notation-go v0.10.0-alpha.3 github.com/opencontainers/go-digest v1.0.0 github.com/spf13/cobra v1.5.0 github.com/spf13/pflag v1.0.5 - oras.land/oras-go/v2 v2.0.0-rc.1.0.20220727034506-eb13fdfeefa6 + oras.land/oras-go/v2 v2.0.0-rc.2 ) require ( diff --git a/go.sum b/go.sum index 2e5ab4a73..0258b2107 100644 --- a/go.sum +++ b/go.sum @@ -9,10 +9,10 @@ github.com/golang-jwt/jwt/v4 v4.4.2 h1:rcc4lwaZgFMCZ5jxF9ABolDcIHdBytAFgqFPbSJQA github.com/golang-jwt/jwt/v4 v4.4.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM= github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= -github.com/notaryproject/notation-core-go v0.0.0-20220809210532-f0a54093ba32 h1:dMZIRt5CMjl9eLJFywlBDDps3AWjgyy6axFnYONak8g= -github.com/notaryproject/notation-core-go v0.0.0-20220809210532-f0a54093ba32/go.mod h1:n+UjcUoYhvawO/JW5JfZerUUsGbHYTd4wH8ndGeeyas= -github.com/notaryproject/notation-go v0.9.0-alpha.1.0.20220816013743-c350ef73e5f0 h1:YQS5UhcYc0O7vVoIE2kdeXbZKGVoxEiLJwnm6C8PgQo= -github.com/notaryproject/notation-go v0.9.0-alpha.1.0.20220816013743-c350ef73e5f0/go.mod h1:crBca+qGBV39lmSnmyJM0L/2gAa/XlEWrID3rXYENXo= +github.com/notaryproject/notation-core-go v0.1.0-alpha.3 h1:gzB+h5TGzuocWiJxuYZgE/FwUIbJyKAHfk2hWSBbCGg= +github.com/notaryproject/notation-core-go v0.1.0-alpha.3/go.mod h1:Wfyh5SrQ718JegKPhTs7y74rXg86tWd5NfOx2uHK1nI= +github.com/notaryproject/notation-go v0.10.0-alpha.3 h1:jDIwUzGHsxwXuIFYLwQ1pPzpO5GFcoaA1X78EixIBo4= +github.com/notaryproject/notation-go v0.10.0-alpha.3/go.mod h1:PQuu7OZweVU5erEyqriguCvK7CCGF+X5psDj63iEvGk= github.com/opencontainers/distribution-spec/specs-go v0.0.0-20220620172159-4ab4752c3b86 h1:Oumw+lPnO8qNLTY2mrqPJZMoGExLi/0h/DdikoLTXVU= github.com/opencontainers/distribution-spec/specs-go v0.0.0-20220620172159-4ab4752c3b86/go.mod h1:aA4vdXRS8E1TG7pLZOz85InHi3BiPdErh8IpJN6E0x4= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= @@ -37,5 +37,5 @@ golang.org/x/sys v0.0.0-20220731174439-a90be440212d/go.mod h1:oPkhp1MJrh7nUepCBc gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= -oras.land/oras-go/v2 v2.0.0-rc.1.0.20220727034506-eb13fdfeefa6 h1:fbJtzJbpZCtdaAvjPvjlTf8CGsUE1+mClxyh/MPne6I= -oras.land/oras-go/v2 v2.0.0-rc.1.0.20220727034506-eb13fdfeefa6/go.mod h1:IZRIoIJqkAH6x0pL3tVnpyPUyZgthjSyPcH2kgJvBMo= +oras.land/oras-go/v2 v2.0.0-rc.2 h1:dks9BxPg6HQOxn5+jVNuTFl45FuYvHfLQ6wcP7hVRdE= +oras.land/oras-go/v2 v2.0.0-rc.2/go.mod h1:IZRIoIJqkAH6x0pL3tVnpyPUyZgthjSyPcH2kgJvBMo= From 4bf25dfacf0239823311e470b702ceb0435a0299 Mon Sep 17 00:00:00 2001 From: Junjie Gao <43160897+JeyJeyGao@users.noreply.github.com> Date: Thu, 18 Aug 2022 22:18:05 +0800 Subject: [PATCH 5/5] feat: add weekly release (#282) Signed-off-by: Junjie Gao --- .dev.goreleaser.yml | 31 ++++++++++++++++++++ .github/workflows/dev-release.yml | 43 ++++++++++++++++++++++++++++ .github/workflows/release-github.yml | 6 ++++ 3 files changed, 80 insertions(+) create mode 100644 .dev.goreleaser.yml create mode 100644 .github/workflows/dev-release.yml diff --git a/.dev.goreleaser.yml b/.dev.goreleaser.yml new file mode 100644 index 000000000..aadf0b05d --- /dev/null +++ b/.dev.goreleaser.yml @@ -0,0 +1,31 @@ +builds: + - main: ./cmd/notation + id: notation + binary: notation + env: + - CGO_ENABLED=0 + goos: + - linux + - darwin + - windows + goarch: + - amd64 + - arm64 + ignore: + - goos: windows + goarch: arm64 + ldflags: + - -s -w -X {{.ModulePath}}/internal/version.Version={{.Version}} -X {{.ModulePath}}/internal/version.BuildMetadata= +archives: + - format: tar.gz + format_overrides: + - goos: windows + format: zip + files: + - LICENSE +release: + prerelease: true + header: | + ## Notation Weekly Dev Build ({{ .Date }}) + + Welcome to this Weekly Dev Build! \ No newline at end of file diff --git a/.github/workflows/dev-release.yml b/.github/workflows/dev-release.yml new file mode 100644 index 000000000..2870afe8e --- /dev/null +++ b/.github/workflows/dev-release.yml @@ -0,0 +1,43 @@ +name: dev-release + +on: + schedule: + - cron: '0 16 * * 0' # at 16:00 on Sunday (UTC) + +jobs: + build: + name: Weekly Release Notation Binaries + runs-on: ubuntu-20.04 + strategy: + matrix: + go-version: [1.18] + fail-fast: true + steps: + - name: Set up Go ${{ matrix.go-version }} + uses: actions/setup-go@v3 + with: + go-version: ${{ matrix.go-version }} + - name: Checkout + uses: actions/checkout@v3 + with: + fetch-depth: 0 + - name: Set Git User + run: | + git config user.name "${GITHUB_ACTOR}" + git config user.email "${GITHUB_ACTOR}@users.noreply.github.com" + - name: Create Version Tag + run: | + # get project version: .dev. + export TAG_VERSION=`cat ./internal/version/version.go | grep "Version = " | awk -F '"' '{print $2}'`.dev.`date +%Y%m%d` + + # create new tag + git tag -af $TAG_VERSION -m "For weekly build" + git push origin $TAG_VERSION + - name: Run GoReleaser + uses: goreleaser/goreleaser-action@v3 + with: + distribution: goreleaser + version: latest + args: release -f ./.dev.goreleaser.yml --rm-dist + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/release-github.yml b/.github/workflows/release-github.yml index e46a03ad4..501ddb4a9 100644 --- a/.github/workflows/release-github.yml +++ b/.github/workflows/release-github.yml @@ -20,6 +20,12 @@ jobs: go-version: ${{ matrix.go-version }} - name: Checkout uses: actions/checkout@v3 + with: + fetch-depth: 0 + - name: Set GoReleaser Previous Tag To Be Last Non Weekly Release + run: | + pre_tag=`git tag --sort=-creatordate --list 'v*' | grep -v dev | head -2 | tail -1` + echo "GORELEASER_PREVIOUS_TAG=$pre_tag" >> $GITHUB_ENV - name: Run GoReleaser uses: goreleaser/goreleaser-action@v3 with: