Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: sign checksum file for release binaries #10963

Merged
merged 1 commit into from Oct 15, 2022
Merged

chore: sign checksum file for release binaries #10963

merged 1 commit into from Oct 15, 2022

Conversation

34fathombelow
Copy link
Member

Signed-off-by: Justin Marquis 34fathombelow@protonmail.com

This PR signs the checksum file for release binaries. Also removes adding a signature to the Dockerhub image since we know Quay is working well. We can add this back at a later time. Once we know if the images should still be pushed Dockerhub.

Follow up PR coming soon. It will contain user documentation on how to verify the signatures for containers and release notes containing our public key.

@34fathombelow
chore: sign checksums file for release binaries
abac7cb 
Signed-off-by: Justin Marquis <34fathombelow@protonmail.com>
@34fathombelow
Copy link
Member Author

Once merged we can [x]Signed releases on #10852

@codecov
Copy link

codecov bot commented Oct 15, 2022

Codecov Report

Base: 45.83% // Head: 45.83% // No change to project coverage 👍

Coverage data is based on head (abac7cb) compared to base (7cb9d40).
Patch coverage: 100.00% of modified lines in pull request are covered.

Additional details and impacted files 
@@           Coverage Diff           @@
##           master   #10963   +/-   ##
=======================================
  Coverage   45.83%   45.83%           
=======================================
  Files         237      237           
  Lines       28720    28720           
=======================================
  Hits        13165    13165           
  Misses      13742    13742           
  Partials     1813     1813
Impacted Files Coverage Δ
util/io/path/resolved.go 76.92% <100.00%> (ø)
util/settings/settings.go 51.25% <0.00%> (ø)

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report at Codecov.
📢 Do you have feedback about the report comment? Let us know in this issue.

crenshaw-dev
crenshaw-dev approved these changes Oct 15, 2022
View reviewed changes
Copy link
Collaborator

@crenshaw-dev crenshaw-dev left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm, thanks @34fathombelow!

Aside, I wonder if it would be worth it to get a checksum of the sbom and sign that as well.

@crenshaw-dev crenshaw-dev merged commit 193cb14 into argoproj:master Oct 15, 2022
@crenshaw-dev
Copy link
Collaborator

I expect to push some releases Monday, so this will get tested then.

@34fathombelow 34fathombelow deleted the signed-checksums branch October 15, 2022 14:28
@crenshaw-dev crenshaw-dev added cherry-pick/2.2 Candidate for cherry picking into the 2.2 release branch cherry-pick/2.3 Candidate for cherry picking into the 2.3 release branch cherry-pick/2.4 Candidate for cherry picking into the 2.4 release branch cherry-pick/2.5 labels Oct 17, 2022
crenshaw-dev pushed a commit that referenced this pull request Oct 17, 2022
@34fathombelow @crenshaw-dev
chore: sign checksums file for release binaries (#10963)
df8f70a 
Signed-off-by: Justin Marquis <34fathombelow@protonmail.com>

Signed-off-by: Justin Marquis <34fathombelow@protonmail.com>
crenshaw-dev pushed a commit that referenced this pull request Oct 17, 2022
@34fathombelow @crenshaw-dev
chore: sign checksums file for release binaries (#10963)
1a50f79 
Signed-off-by: Justin Marquis <34fathombelow@protonmail.com>

Signed-off-by: Justin Marquis <34fathombelow@protonmail.com>
crenshaw-dev pushed a commit that referenced this pull request Oct 17, 2022
@34fathombelow @crenshaw-dev
chore: sign checksums file for release binaries (#10963)
f57fdec 
Signed-off-by: Justin Marquis <34fathombelow@protonmail.com>

Signed-off-by: Justin Marquis <34fathombelow@protonmail.com>
@crenshaw-dev
Copy link
Collaborator

Cherry-picked onto release-2.2 for 2.2.15, release-2.3 for 2.3.10, release-2.4 for 2.4.15, and release-2.5 for 2.5.0-rc3.

crenshaw-dev added a commit that referenced this pull request Oct 18, 2022
@smriti0710 @alexmt
@wujunwei @ameytotawar @crenshaw-dev @34fathombelow @RyanTalbot @nsahai8 @chris-codeflow @github-actions @toVersus @shawntoffel
chore: improve error logs (#10944)
d021690 
* fix: Resource list loading slowly due to Sync Wave sorting (#10932)

Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com>
Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

* chore: fix wrong annotation in function (#10923)

Signed-off-by: wujunwei <wjw3323@live.com>

Signed-off-by: wujunwei <wjw3323@live.com>
Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

* feat: add bcrypt support for argocd CLI (#10934)

* Adding bcrypt support for argocd CLI

Signed-off-by: Amey Totawar <ameysanjaykumar_totawar@intuit.com>

* Fixing linter issues

Signed-off-by: Amey Totawar <ameysanjaykumar_totawar@intuit.com>

* Nesting bcrypt under account instead of admin

Signed-off-by: Amey Totawar <ameysanjaykumar_totawar@intuit.com>

* Removing admin bcrypt docs

Signed-off-by: Amey Totawar <ameysanjaykumar_totawar@intuit.com>

* Update docs/faq.md

Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>
Signed-off-by: Amey Totawar <ameytotawar@gmail.com>

Signed-off-by: Amey Totawar <ameysanjaykumar_totawar@intuit.com>
Signed-off-by: Amey Totawar <ameytotawar@gmail.com>
Co-authored-by: Amey Totawar <ameysanjaykumar_totawar@intuit.com>
Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>
Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

* chore: improve error logs

Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

* chore: improve error logs

Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

* chore: implement signed images (#10925)

* consolidate checksums into one file

Signed-off-by: Justin Marquis <34fathombelow@protonmail.com>

* sign container images

Signed-off-by: Justin Marquis <34fathombelow@protonmail.com>

* sign container images

Signed-off-by: Justin Marquis <34fathombelow@protonmail.com>

* remove id-token permissions

Signed-off-by: Justin Marquis <34fathombelow@protonmail.com>

Signed-off-by: Justin Marquis <34fathombelow@protonmail.com>
Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

* chore: delete old snyk reports (#10938)

Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>

Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>
Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

* chore: rewording of misleading message (#10407)

Signed-off-by: Ryan Talbot <ryan-talbot@outlook.com>

Signed-off-by: Ryan Talbot <ryan-talbot@outlook.com>
Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

* chore: delete old snyk reports, 2nd attempt (#10950)

Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>

Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>
Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

* chore: wrap error objects to include context (#10592) (#10940)

Signed-off-by: Niharika <ns8gupta@gmail.com>
Signed-off-by: Niharika <niharika_sahai@intuit.com>

Signed-off-by: Niharika <ns8gupta@gmail.com>
Signed-off-by: Niharika <niharika_sahai@intuit.com>
Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

* fix: Use os.PathSeparator instead of hard-coded string to resolve local file paths (#10945) (#10946)

fix: Use os.PathSeparator instead of hard-coded string to resolve local file paths (#10945) (#10946)
Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

* chore: improve error logs

Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

* chore: covered error log in controllers

 Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

* chore: sign checksums file for release binaries (#10963)

Signed-off-by: Justin Marquis <34fathombelow@protonmail.com>

Signed-off-by: Justin Marquis <34fathombelow@protonmail.com>
Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

* [Bot] Update Snyk reports (#10953)

Signed-off-by: CI <ci@argoproj.com>

Signed-off-by: CI <ci@argoproj.com>
Co-authored-by: CI <ci@argoproj.com>
Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

* feat: make applicationset controller configurable in argocd-cmd-params (#10961)

Signed-off-by: toVersus <toversus2357@gmail.com>

Signed-off-by: toVersus <toversus2357@gmail.com>
Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

* docs: message is no longer truncated (#10962)

Signed-off-by: Shawn Toffel <shawn.toffel@gmail.com>

Signed-off-by: Shawn Toffel <shawn.toffel@gmail.com>
Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

* fix: addressed review comments

Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com>
Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>
Signed-off-by: wujunwei <wjw3323@live.com>
Signed-off-by: Amey Totawar <ameysanjaykumar_totawar@intuit.com>
Signed-off-by: Amey Totawar <ameytotawar@gmail.com>
Signed-off-by: Justin Marquis <34fathombelow@protonmail.com>
Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>
Signed-off-by: Ryan Talbot <ryan-talbot@outlook.com>
Signed-off-by: Niharika <ns8gupta@gmail.com>
Signed-off-by: Niharika <niharika_sahai@intuit.com>
Signed-off-by: CI <ci@argoproj.com>
Signed-off-by: toVersus <toversus2357@gmail.com>
Signed-off-by: Shawn Toffel <shawn.toffel@gmail.com>
Co-authored-by: Alexander Matyushentsev <AMatyushentsev@gmail.com>
Co-authored-by: Adam <wjw3323@live.com>
Co-authored-by: Amey Totawar <ameytotawar@gmail.com>
Co-authored-by: Amey Totawar <ameysanjaykumar_totawar@intuit.com>
Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>
Co-authored-by: Smriti Prakash <smriti_prakash@intuit.com>
Co-authored-by: 34FathomBelow <34fathombelow@protonmail.com>
Co-authored-by: Ryan Talbot <4523072+RyanTalbot@users.noreply.github.com>
Co-authored-by: nsahai8 <ns8gupta@gmail.com>
Co-authored-by: Chris Davis <chris@codeflow.org.uk>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: CI <ci@argoproj.com>
Co-authored-by: Tsubasa Nagasawa <toversus2357@gmail.com>
Co-authored-by: Shawn Toffel <shawn.toffel+github@gmail.com>
nbjohnson pushed a commit to nbjohnson/argo-cd that referenced this pull request Oct 18, 2022
@34fathombelow @nbjohnson
chore: sign checksums file for release binaries (argoproj#10963)
94d1c22 
Signed-off-by: Justin Marquis <34fathombelow@protonmail.com>

Signed-off-by: Justin Marquis <34fathombelow@protonmail.com>
Signed-off-by: Nicholas Johnson <nbjohnson10@gmail.com>
nbjohnson pushed a commit to nbjohnson/argo-cd that referenced this pull request Oct 18, 2022
@smriti0710 @alexmt
@wujunwei @ameytotawar @crenshaw-dev @34fathombelow @RyanTalbot @nsahai8 @chris-codeflow @github-actions @toVersus @shawntoffel @nbjohnson
chore: improve error logs (argoproj#10944)
876c87f 
* fix: Resource list loading slowly due to Sync Wave sorting (argoproj#10932)

Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com>
Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

* chore: fix wrong annotation in function (argoproj#10923)

Signed-off-by: wujunwei <wjw3323@live.com>

Signed-off-by: wujunwei <wjw3323@live.com>
Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

* feat: add bcrypt support for argocd CLI (argoproj#10934)

* Adding bcrypt support for argocd CLI

Signed-off-by: Amey Totawar <ameysanjaykumar_totawar@intuit.com>

* Fixing linter issues

Signed-off-by: Amey Totawar <ameysanjaykumar_totawar@intuit.com>

* Nesting bcrypt under account instead of admin

Signed-off-by: Amey Totawar <ameysanjaykumar_totawar@intuit.com>

* Removing admin bcrypt docs

Signed-off-by: Amey Totawar <ameysanjaykumar_totawar@intuit.com>

* Update docs/faq.md

Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>
Signed-off-by: Amey Totawar <ameytotawar@gmail.com>

Signed-off-by: Amey Totawar <ameysanjaykumar_totawar@intuit.com>
Signed-off-by: Amey Totawar <ameytotawar@gmail.com>
Co-authored-by: Amey Totawar <ameysanjaykumar_totawar@intuit.com>
Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>
Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

* chore: improve error logs

Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

* chore: improve error logs

Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

* chore: implement signed images (argoproj#10925)

* consolidate checksums into one file

Signed-off-by: Justin Marquis <34fathombelow@protonmail.com>

* sign container images

Signed-off-by: Justin Marquis <34fathombelow@protonmail.com>

* sign container images

Signed-off-by: Justin Marquis <34fathombelow@protonmail.com>

* remove id-token permissions

Signed-off-by: Justin Marquis <34fathombelow@protonmail.com>

Signed-off-by: Justin Marquis <34fathombelow@protonmail.com>
Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

* chore: delete old snyk reports (argoproj#10938)

Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>

Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>
Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

* chore: rewording of misleading message (argoproj#10407)

Signed-off-by: Ryan Talbot <ryan-talbot@outlook.com>

Signed-off-by: Ryan Talbot <ryan-talbot@outlook.com>
Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

* chore: delete old snyk reports, 2nd attempt (argoproj#10950)

Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>

Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>
Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

* chore: wrap error objects to include context (argoproj#10592) (argoproj#10940)

Signed-off-by: Niharika <ns8gupta@gmail.com>
Signed-off-by: Niharika <niharika_sahai@intuit.com>

Signed-off-by: Niharika <ns8gupta@gmail.com>
Signed-off-by: Niharika <niharika_sahai@intuit.com>
Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

* fix: Use os.PathSeparator instead of hard-coded string to resolve local file paths (argoproj#10945) (argoproj#10946)

fix: Use os.PathSeparator instead of hard-coded string to resolve local file paths (argoproj#10945) (argoproj#10946)
Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

* chore: improve error logs

Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

* chore: covered error log in controllers

 Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

* chore: sign checksums file for release binaries (argoproj#10963)

Signed-off-by: Justin Marquis <34fathombelow@protonmail.com>

Signed-off-by: Justin Marquis <34fathombelow@protonmail.com>
Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

* [Bot] Update Snyk reports (argoproj#10953)

Signed-off-by: CI <ci@argoproj.com>

Signed-off-by: CI <ci@argoproj.com>
Co-authored-by: CI <ci@argoproj.com>
Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

* feat: make applicationset controller configurable in argocd-cmd-params (argoproj#10961)

Signed-off-by: toVersus <toversus2357@gmail.com>

Signed-off-by: toVersus <toversus2357@gmail.com>
Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

* docs: message is no longer truncated (argoproj#10962)

Signed-off-by: Shawn Toffel <shawn.toffel@gmail.com>

Signed-off-by: Shawn Toffel <shawn.toffel@gmail.com>
Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

* fix: addressed review comments

Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>

Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com>
Signed-off-by: Smriti Prakash <smriti_prakash@intuit.com>
Signed-off-by: wujunwei <wjw3323@live.com>
Signed-off-by: Amey Totawar <ameysanjaykumar_totawar@intuit.com>
Signed-off-by: Amey Totawar <ameytotawar@gmail.com>
Signed-off-by: Justin Marquis <34fathombelow@protonmail.com>
Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>
Signed-off-by: Ryan Talbot <ryan-talbot@outlook.com>
Signed-off-by: Niharika <ns8gupta@gmail.com>
Signed-off-by: Niharika <niharika_sahai@intuit.com>
Signed-off-by: CI <ci@argoproj.com>
Signed-off-by: toVersus <toversus2357@gmail.com>
Signed-off-by: Shawn Toffel <shawn.toffel@gmail.com>
Co-authored-by: Alexander Matyushentsev <AMatyushentsev@gmail.com>
Co-authored-by: Adam <wjw3323@live.com>
Co-authored-by: Amey Totawar <ameytotawar@gmail.com>
Co-authored-by: Amey Totawar <ameysanjaykumar_totawar@intuit.com>
Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>
Co-authored-by: Smriti Prakash <smriti_prakash@intuit.com>
Co-authored-by: 34FathomBelow <34fathombelow@protonmail.com>
Co-authored-by: Ryan Talbot <4523072+RyanTalbot@users.noreply.github.com>
Co-authored-by: nsahai8 <ns8gupta@gmail.com>
Co-authored-by: Chris Davis <chris@codeflow.org.uk>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: CI <ci@argoproj.com>
Co-authored-by: Tsubasa Nagasawa <toversus2357@gmail.com>
Co-authored-by: Shawn Toffel <shawn.toffel+github@gmail.com>
Signed-off-by: Nicholas Johnson <nbjohnson10@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@crenshaw-dev crenshaw-dev crenshaw-dev approved these changes

Assignees
No one assigned
Labels
cherry-pick/2.2 Candidate for cherry picking into the 2.2 release branch cherry-pick/2.3 Candidate for cherry picking into the 2.3 release branch cherry-pick/2.4 Candidate for cherry picking into the 2.4 release branch cherry-pick/2.5
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@34fathombelow @crenshaw-dev