chore: Add release commits (#29)

These are commits that we've used to get the release process for the fork of argo-workflows working. We will squash these into one and note for future releases Signed-off-by: J.P. Zivalich <jp@pipekit.io> Co-authored-by: Tim Collins <tim@thecollins.team>
pipekit · Jul 11, 2023 · c06fdf1 · c06fdf1
1 parent 75449b0
commit c06fdf1
Show file tree

Hide file tree

Showing 12 changed files with 125 additions and 129 deletions.
diff --git a/.github/workflows/changelog.yaml b/.github/workflows/changelog.yaml
@@ -13,7 +13,7 @@ jobs:
     permissions:
       contents: write  # for peter-evans/create-pull-request to create branch
       pull-requests: write  # for peter-evans/create-pull-request to create a PR
-    if: github.repository == 'argoproj/argo-workflows'
+    if: github.repository == 'pipekit/argo-workflows'
     runs-on: ubuntu-latest
     name: Generate changelog
     steps:
@@ -30,4 +30,3 @@ jobs:
           title: 'docs: updated CHANGELOG.md'
           commit-message: 'docs: updated CHANGELOG.md'
           branch: create-pull-request/changelog
-          signoff: true
diff --git a/.github/workflows/ci-build.yaml b/.github/workflows/ci-build.yaml
@@ -44,7 +44,7 @@ jobs:
         uses: docker/build-push-action@v4
         with:
           context: .
-          tags: quay.io/argoproj/argoexec:latest
+          tags: quay.io/pipekitdev/argoexec:latest
           outputs: type=docker,dest=/tmp/argoexec_image.tar
           target: argoexec
           cache-from: type=gha

diff --git a/.github/workflows/gh-pages.yaml → .github/workflows/gh-pages.yaml.norun b/.github/workflows/gh-pages.yaml → .github/workflows/gh-pages.yaml.norun
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -22,7 +22,7 @@ permissions:
 jobs:
   build-linux-amd64:
     name: Build & push linux/amd64
-    if: github.repository == 'argoproj/argo-workflows'
+    if: github.repository == 'pipekit/argo-workflows'
     runs-on: ubuntu-latest
     strategy:
       matrix:
@@ -103,7 +103,7 @@ jobs:
 
   build-linux-arm64:
     name: Build & push linux/arm64
-    if: github.repository == 'argoproj/argo-workflows'
+    if: github.repository == 'pipekit/argo-workflows'
     runs-on: ubuntu-latest
     strategy:
       matrix:
@@ -151,6 +151,7 @@ jobs:
           TARGET: ${{ matrix.target }}
         run: |
           set -eux
+
           tag=$(basename $GITHUB_REF)
           if [ $tag = "master" ]; then
             tag="latest"
@@ -159,7 +160,6 @@ jobs:
           GIT_COMMIT=$(git rev-parse HEAD || echo unknown)
           GIT_TAG=$(git describe --exact-match --tags --abbrev=0  2> /dev/null || echo untagged)
           GIT_TREE_STATE=$(if [ -z "`git status --porcelain`" ]; then echo "clean" ; else echo "dirty"; fi)
-          
           tag_suffix=$(echo $PLATFORM | sed -r "s/\//-/g")
           image_name="${DOCKERIO_ORG}/${TARGET}:${tag}-${tag_suffix}"
 
@@ -187,60 +187,53 @@ jobs:
             --provenance=false \
             --tag quay.io/$image_name .
 
-  build-windows:
-    name: Build & push windows
-    if: github.repository == 'argoproj/argo-workflows'
-    runs-on: windows-2019
-    steps:
-      - uses: actions/checkout@v3
-      - name: Docker Login
-        uses: Azure/docker-login@v1
-        with:
-          username: ${{ secrets.DOCKERIO_USERNAME }}
-          password: ${{ secrets.DOCKERIO_PASSWORD }}
-
-      - name: Login to Quay
-        uses: Azure/docker-login@v1
-        with:
-          login-server: quay.io
-          username: ${{ secrets.QUAYIO_USERNAME }}
-          password: ${{ secrets.QUAYIO_PASSWORD }}
+  # build-windows:
+  #   name: Build & push windows
+  #   if: github.repository == 'pipekit/argo-workflows'
+  #   runs-on: windows-2019
+  #   steps:
+  #     - uses: actions/checkout@v3
+  #     - name: Docker Login
+  #       uses: Azure/docker-login@v1
+  #       with:
+  #         username: ${{ secrets.DOCKERIO_USERNAME }}
+  #         password: ${{ secrets.DOCKERIO_PASSWORD }}
+
+  #     - name: Login to Quay
+  #       uses: Azure/docker-login@v1
+  #       with:
+  #         login-server: quay.io
+  #         username: ${{ secrets.QUAYIO_USERNAME }}
+  #         password: ${{ secrets.QUAYIO_PASSWORD }}
 
-      - name: Build & Push Windows Docker Images
-        env:
-          DOCKERIO_ORG: ${{ secrets.DOCKERIO_ORG }}
-        run: |
-          docker_org=$DOCKERIO_ORG
+  #     - name: Build & Push Windows Docker Images
+  #       env:
+  #         DOCKERIO_ORG: ${{ secrets.DOCKERIO_ORG }}
+  #       run: |
+  #         docker_org=$DOCKERIO_ORG
 
-          tag=$(basename $GITHUB_REF)
-          if [ $tag = "master" ]; then
-            tag="latest"
-          fi
+  #         tag=$(basename $GITHUB_REF)
+  #         if [ $tag = "master" ]; then
+  #           tag="latest"
+  #         fi
 
-          targets="argoexec"
-          for target in $targets; do
-            image_name="${docker_org}/${target}:${tag}-windows"
-            docker build \
-              --build-arg GIT_COMMIT=$tag \
-              --build-arg GIT_BRANCH=$branch \
-              --build-arg GIT_TREE_STATE=$tree_state \
-              --target $target \
-              -t $image_name \
-              -f Dockerfile.windows \
-              .
-          
-            docker push $image_name
-
-            docker tag $image_name quay.io/$image_name
-            docker push quay.io/$image_name
+  #         targets="argoexec"
+  #         for target in $targets; do
+  #           image_name="${docker_org}/${target}:${tag}-windows"
+  #           docker build --target $target -t $image_name -f Dockerfile.windows .
+  #           docker push $image_name
 
-          done
+  #           docker tag $image_name quay.io/$image_name
+  #           docker push quay.io/$image_name
+
+  #         done
 
   push-images:
     name: Push manifest with all images
-    if: github.repository == 'argoproj/argo-workflows'
+    if: github.repository == 'pipekit/argo-workflows'
     runs-on: ubuntu-latest
-    needs: [ build-linux-amd64, build-linux-arm64, build-windows ]
+    # needs: [ build-linux-amd64, build-linux-arm64, build-windows ]
+    needs: [ build-linux-amd64, build-linux-arm64 ]
     steps:
       - uses: actions/checkout@v3
       - name: Docker Login
@@ -256,16 +249,16 @@ jobs:
           username: ${{ secrets.QUAYIO_USERNAME }}
           password: ${{ secrets.QUAYIO_PASSWORD }}
 
-      - name: Install cosign
-        uses: sigstore/cosign-installer@main
-        with:
-          cosign-release: 'v1.13.0'
+      # - name: Install cosign
+      #   uses: sigstore/cosign-installer@main
+      #   with:
+      #     cosign-release: 'v1.13.0'
 
       - name: Push Multiarch Image
         env:
           DOCKERIO_ORG: ${{ secrets.DOCKERIO_ORG }}
-          COSIGN_PRIVATE_KEY: ${{secrets.COSIGN_PRIVATE_KEY}}
-          COSIGN_PASSWORD: ${{secrets.COSIGN_PASSWORD}}
+          # COSIGN_PRIVATE_KEY: ${{secrets.COSIGN_PRIVATE_KEY}}
+          # COSIGN_PASSWORD: ${{secrets.COSIGN_PASSWORD}}
         run: |
           echo $(jq -c '. + { "experimental": "enabled" }' ${DOCKER_CONFIG}/config.json) > ${DOCKER_CONFIG}/config.json
 
@@ -281,8 +274,10 @@ jobs:
             image_name="${docker_org}/${target}:${tag}"
 
             if [ $target = "argoexec" ]; then
-              docker manifest create $image_name ${image_name}-linux-arm64 ${image_name}-linux-amd64 ${image_name}-windows
-              docker manifest create quay.io/$image_name quay.io/${image_name}-linux-arm64 quay.io/${image_name}-linux-amd64 quay.io/${image_name}-windows
+              # docker manifest create $image_name ${image_name}-linux-arm64 ${image_name}-linux-amd64 ${image_name}-windows
+              # docker manifest create quay.io/$image_name quay.io/${image_name}-linux-arm64 quay.io/${image_name}-linux-amd64 quay.io/${image_name}-windows
+              docker manifest create $image_name ${image_name}-linux-amd64 ${image_name}-linux-arm64
+              docker manifest create quay.io/$image_name quay.io/${image_name}-linux-amd64 quay.io/${image_name}-linux-arm64
             else
               docker manifest create $image_name ${image_name}-linux-arm64 ${image_name}-linux-amd64
               docker manifest create quay.io/$image_name quay.io/${image_name}-linux-arm64 quay.io/${image_name}-linux-amd64
@@ -291,13 +286,13 @@ jobs:
             docker manifest push $image_name
             docker manifest push quay.io/$image_name
 
-            cosign sign --key env://COSIGN_PRIVATE_KEY quay.io/$image_name
+            # cosign sign --key env://COSIGN_PRIVATE_KEY quay.io/$image_name
 
           done
 
   test-images-linux-amd64:
     name: Try pulling linux/amd64
-    if: github.repository == 'argoproj/argo-workflows'
+    if: github.repository == 'pipekit/argo-workflows'
     runs-on: ubuntu-latest
     needs: [ push-images ]
     strategy:
@@ -333,51 +328,52 @@ jobs:
           docker pull $image_name
           docker pull quay.io/$image_name
 
-  test-images-windows:
-    name: Try pulling windows
-    if: github.repository == 'argoproj/argo-workflows'
-    runs-on: windows-2019
-    needs: [ push-images ]
-    steps:
-      - name: Docker Login
-        uses: Azure/docker-login@v1
-        with:
-          username: ${{ secrets.DOCKERIO_USERNAME }}
-          password: ${{ secrets.DOCKERIO_PASSWORD }}
-
-      - name: Login to Quay
-        uses: Azure/docker-login@v1
-        with:
-          login-server: quay.io
-          username: ${{ secrets.QUAYIO_USERNAME }}
-          password: ${{ secrets.QUAYIO_PASSWORD }}
-      - name: Try pulling
-        env:
-          DOCKERIO_ORG: ${{ secrets.DOCKERIO_ORG }}
-        run: |
-          docker_org=$DOCKERIO_ORG
-          tag=$(basename $GITHUB_REF)
-          if [ $tag = "master" ]; then
-            tag="latest"
-          fi
-
-          targets="argoexec"
-          for target in $targets; do
-            image_name="${docker_org}/${target}:${tag}"
-            docker pull $image_name
-            docker pull quay.io/$image_name
-          done
+  # test-images-windows:
+  #   name: Try pulling windows
+  #   if: github.repository == 'pipekit/argo-workflows'
+  #   runs-on: windows-2019
+  #   needs: [ push-images ]
+  #   steps:
+  #     - name: Docker Login
+  #       uses: Azure/docker-login@v1
+  #       with:
+  #         username: ${{ secrets.DOCKERIO_USERNAME }}
+  #         password: ${{ secrets.DOCKERIO_PASSWORD }}
+
+  #     - name: Login to Quay
+  #       uses: Azure/docker-login@v1
+  #       with:
+  #         login-server: quay.io
+  #         username: ${{ secrets.QUAYIO_USERNAME }}
+  #         password: ${{ secrets.QUAYIO_PASSWORD }}
+  #     - name: Try pulling
+  #       env:
+  #         DOCKERIO_ORG: ${{ secrets.DOCKERIO_ORG }}
+  #       run: |
+  #         docker_org=$DOCKERIO_ORG
+  #         tag=$(basename $GITHUB_REF)
+  #         if [ $tag = "master" ]; then
+  #           tag="latest"
+  #         fi
+
+  #         targets="argoexec"
+  #         for target in $targets; do
+  #           image_name="${docker_org}/${target}:${tag}"
+  #           docker pull $image_name
+  #           docker pull quay.io/$image_name
+  #         done
 
   publish-release:
     permissions:
       contents: write  # for softprops/action-gh-release to create GitHub release
     runs-on: ubuntu-latest
-    if: github.repository == 'argoproj/argo-workflows'
-    needs: [ push-images, test-images-linux-amd64, test-images-windows ]
+    if: github.repository == 'pipekit/argo-workflows'
+    # needs: [ push-images, test-images-linux-amd64, test-images-windows ]
+    needs: [ push-images, test-images-linux-amd64 ]
     env:
       NODE_OPTIONS: --max-old-space-size=4096
-      COSIGN_PRIVATE_KEY: ${{secrets.COSIGN_PRIVATE_KEY}}
-      COSIGN_PASSWORD: ${{secrets.COSIGN_PASSWORD}}
+      # COSIGN_PRIVATE_KEY: ${{secrets.COSIGN_PRIVATE_KEY}}
+      # COSIGN_PASSWORD: ${{secrets.COSIGN_PASSWORD}}
     steps:
       - uses: actions/checkout@v3
       - uses: actions/setup-node@v3
@@ -398,10 +394,10 @@ jobs:
         with:
           path: /home/runner/go/pkg/mod
           key: GOMODCACHE-v2-${{ hashFiles('**/go.mod') }}
-      - name: Install cosign
-        uses: sigstore/cosign-installer@main
-        with:
-          cosign-release: 'v1.13.0'
+      # - name: Install cosign
+      #   uses: sigstore/cosign-installer@main
+      #   with:
+      #     cosign-release: 'v1.13.0'
       # https://stackoverflow.com/questions/58033366/how-to-get-current-branch-within-github-actions
       - run: |
           if [ ${GITHUB_REF##*/} = master ]; then
@@ -415,9 +411,9 @@ jobs:
       - run: generator -o dist -p .
       - run: yarn --cwd ui install
       - run: generator -o dist -p ui
-      - run: bom generate --image quay.io/argoproj/workflow-controller:$VERSION -o dist/workflow-controller.spdx
-      - run: bom generate --image quay.io/argoproj/argocli:$VERSION -o dist/argocli.spdx
-      - run: bom generate --image quay.io/argoproj/argoexec:$VERSION -o dist/argoexec.spdx
+      - run: bom generate --image quay.io/pipekitdev/workflow-controller:$VERSION -o dist/workflow-controller.spdx
+      - run: bom generate --image quay.io/pipekitdev/argocli:$VERSION -o dist/argocli.spdx
+      - run: bom generate --image quay.io/pipekitdev/argoexec:$VERSION -o dist/argoexec.spdx
       # pack the boms into one file to make it easy to download
       - run: tar -zcf dist/sbom.tar.gz dist/*.spdx
       - run: make release-notes VERSION=$VERSION
@@ -431,11 +427,11 @@ jobs:
       - name: Print version (please check it is not dirty)
         run: dist/argo-linux-amd64 version
       - run: make checksums
-      - name: Sign checksums and create public key for release assets
-        run: |
-          cosign sign-blob --key env://COSIGN_PRIVATE_KEY ./dist/argo-workflows-cli-checksums.txt > ./dist/argo-workflows-cli-checksums.sig
-          # Retrieves the public key to release as an asset
-          cosign public-key --key env://COSIGN_PRIVATE_KEY > ./dist/argo-workflows-cosign.pub
+      # - name: Sign checksums and create public key for release assets
+      #   run: |
+      #     cosign sign-blob --key env://COSIGN_PRIVATE_KEY ./dist/argo-workflows-cli-checksums.txt > ./dist/argo-workflows-cli-checksums.sig
+      #     # Retrieves the public key to release as an asset
+      #     cosign public-key --key env://COSIGN_PRIVATE_KEY > ./dist/argo-workflows-cosign.pub
 
       # https://github.com/softprops/action-gh-release
       # This will publish the release and upload assets.
@@ -452,7 +448,7 @@ jobs:
             dist/argo-workflows-cli-checksums.txt
             dist/argo-workflows-cli-checksums.sig
             dist/manifests/*.yaml
-            dist/argo-workflows-cosign.pub
+            # dist/argo-workflows-cosign.pub
             dist/sbom.tar.gz
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/Makefile b/Makefile
@@ -18,8 +18,9 @@ DEV_BRANCH            := $(shell [ "$(GIT_BRANCH)" = master ] || [ `echo $(GIT_B
 SRC                   := $(GOPATH)/src/github.com/argoproj/argo-workflows
 
 
+
 # docker image publishing options
-IMAGE_NAMESPACE       ?= quay.io/argoproj
+IMAGE_NAMESPACE       ?= quay.io/pipekitdev
 DEV_IMAGE             ?= $(shell [ `uname -s` = Darwin ] && echo true || echo false)
 
 # declares which cluster to import to in case it's not the default name
@@ -103,6 +104,7 @@ override LDFLAGS += \
   -X github.com/argoproj/argo-workflows/v3.gitCommit=$(GIT_COMMIT) \
   -X github.com/argoproj/argo-workflows/v3.gitTreeState=$(GIT_TREE_STATE)
 
+
 ifneq ($(GIT_TAG),)
 override LDFLAGS += -X github.com/argoproj/argo-workflows/v3.gitTag=${GIT_TAG}
 endif
@@ -245,7 +247,7 @@ argoexec-image:
 	[ ! -e $* ] || mv $* dist/
 	docker run --rm -t $(IMAGE_NAMESPACE)/$*:$(VERSION) version
 	if [ $(K3D) = true ]; then k3d image import -c $(K3D_CLUSTER_NAME) $(IMAGE_NAMESPACE)/$*:$(VERSION); fi
-	if [ $(DOCKER_PUSH) = true ] && [ $(IMAGE_NAMESPACE) != argoproj ] ; then docker push $(IMAGE_NAMESPACE)/$*:$(VERSION) ; fi
+	if [ $(DOCKER_PUSH) = true ] && [ $(IMAGE_NAMESPACE) != pipekitdev ] ; then docker push $(IMAGE_NAMESPACE)/$*:$(VERSION) ; fi
 
 .PHONY: codegen
 codegen: types swagger manifests $(GOPATH)/bin/mockery docs/fields.md docs/cli/argo.md
@@ -431,7 +433,7 @@ install: githooks
 	kubectl get ns $(KUBE_NAMESPACE) || kubectl create ns $(KUBE_NAMESPACE)
 	kubectl config set-context --current --namespace=$(KUBE_NAMESPACE)
 	@echo "installing PROFILE=$(PROFILE)"
-	kubectl kustomize --load-restrictor=LoadRestrictionsNone test/e2e/manifests/$(PROFILE) | sed 's|quay.io/argoproj/|$(IMAGE_NAMESPACE)/|' | sed 's/namespace: argo/namespace: $(KUBE_NAMESPACE)/' | kubectl -n $(KUBE_NAMESPACE) apply --prune -l app.kubernetes.io/part-of=argo -f -
+	kubectl kustomize --load-restrictor=LoadRestrictionsNone test/e2e/manifests/$(PROFILE) | sed 's|quay.io/pipekitdev/|$(IMAGE_NAMESPACE)/|' | sed 's/namespace: argo/namespace: $(KUBE_NAMESPACE)/' | kubectl -n $(KUBE_NAMESPACE) apply --prune -l app.kubernetes.io/part-of=argo -f -
 ifeq ($(PROFILE),stress)
 	kubectl -n $(KUBE_NAMESPACE) apply -f test/stress/massive-workflow.yaml
 endif
@@ -682,4 +684,3 @@ release-notes: /dev/null
 .PHONY: checksums
 checksums:
 	sha256sum ./dist/argo-*.gz | awk -F './dist/' '{print $$1 $$2}' > ./dist/argo-workflows-cli-checksums.txt
-