The latest version of gren (0.17.3) has a bug [0] which causes
it to include all issues rather than just than since the last
tag. This pins to 0.17.1 to avoid this bug.
This also limits the previous tag search to airshipctl semver tags,
that is those without a krm function prefix.
[0]: https://github.com/github-tools/github-release-notes/issues/279
Change-Id: Ib3524bef7a52da97a89f0bc408a1b2e1072e64b1
Signed-off-by: Sean Eagan <seaneagan1@gmail.com>
This adds some context e.g. `v1` instead of just `1`, and matches
what some nearby projects use, such as the kpt container functions [0].
[0]: https://github.com/GoogleContainerTools/kpt/issues/1358
Change-Id: I2026fba873a0f074233e7628de35e53f1f880027
Signed-off-by: Sean Eagan <seaneagan1@gmail.com>
Instead of a static list, read list of krm-functions from containing directory.
This mirrors what we do for git SHA tag publishing for these images upon merge.
Before this, the cloud-init krm function was missing from the list.
Change-Id: Iacb5bbcc84c5eeb9a6bb6cebbf674c3068f103b0
Signed-off-by: Sean Eagan <seaneagan1@gmail.com>
The gren tool expects the tag name to not include the refs/tags prefix,
so this removes that from the `github.ref` variable.
Change-Id: Ied065b3e021841d0a04d2ccfd6e743171f2a8f54
Signed-off-by: Sean Eagan <seaneagan1@gmail.com>
The previous fix [0] did not account for permissions to create the
symlink at /usr/local/bin/gren. Running the full npm install
with sudo should solve any further permissions issues.
[0]: https://review.opendev.org/c/airship/airshipctl/+/776697
Change-Id: Ieb9dfbc699504e341306cb5b7a7a9e2ee90b637f
Signed-off-by: Sean Eagan <seaneagan1@gmail.com>
When release git tags are pushed for:
airshipctl e.g. v1.2.3
krm functions e.g. replacement-transformer-v1.2.3
This publishes corresponding image tags to the corresponding quay repo
e.g. 1.2.3 (full), 1.2 (minor), 1 (major).
This follows common practice [0] allowing consumers to keep up to date with
latest changes, while at the same time avoiding risk i.e. breaking changes.
The quay secrets have been imported into github [1] to be accessed
by this github action.
[0]: https://medium.com/@mccode/using-semantic-versioning-for-docker-image-tags-dfde8be06699
[1]: https://docs.github.com/en/free-pro-team@latest/actions/reference/encrypted-secrets
Closes: #418
Change-Id: Iba2522bcb5d5693fa0e98126bcf31551bb37fc85
When a new tag is pushed (and mirrored to github), this github action
generates release notes, and creates a draft release which can be
published via the github UI after any manual verification or edits.
An example draft release, generated using act [0] is available for review
for those with sufficient access:
https://github.com/airshipit/airshipctl/releases
This could be extended in the future to accomplish other release tasks:
- add version-tagged image to quay
- integrate with goreleaser[1] (publish go binaries)
- publish documentation
[0]: https://github.com/nektos/act
[1]: https://goreleaser.com
Change-Id: Iedb70b0c330df0356fa74d94c1d4a45c3343cc2e
Relates-To: #354
Closes: #390
The Airship vulnerability documentation has moved [0]. This change
updates SECURITY.md to point to the correct location.
[0] https://docs.airshipit.org/learn/vulnerabilities.html
Change-Id: Iea843a3399bc7836f5645c3ca81603e2e9ca7356
Signed-off-by: Drew Walters <andrew.walters@att.com>
All Airship projects are moving to GitHub issues. This change adds a
GitHub security policy that links to the official Airship vulnerability
management process [0]. When users on GitHub click "New Issue" on this
GitHub repository, they will see an option to report a security
vulnerability, which will direct them to our official policy.
[0] https://airship-docs.readthedocs.io/en/latest/security/vulnerabilities.html
Change-Id: Iaf060dd0085c21f0c4f18f100e3e053b5ceedbed
Signed-off-by: Drew Walters <andrew.walters@att.com>
Adds a triage label by default to the issue templates for project
maintainers to identify new issues that still need to be evaluated,
labeled, and addressed.
Change-Id: I9508cce273e7834ccff5eb77c0dd6a1e028dc299
