Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update sigstore/cosign-installer action to v3 (v1.13) #26704

Merged
merged 3 commits into from
Jul 11, 2023
Merged

chore(deps): update sigstore/cosign-installer action to v3 (v1.13) #26704

merged 3 commits into from
Jul 11, 2023

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jul 7, 2023

Mend Renovate

This PR contains the following updates:

Package Type Update Change
sigstore/cosign-installer action major v2.8.1 -> v3.1.1

Release Notes

sigstore/cosign-installer (sigstore/cosign-installer)

v3.1.1

Compare Source

What's Changed

Full Changelog: sigstore/cosign-installer@v3.1.0...v3.1.1

v3.1.0

Compare Source

What's Changed

New Contributors

Full Changelog: sigstore/cosign-installer@v3.0.5...v3.1.0

v3.0.5

Compare Source

What's Changed

Full Changelog: sigstore/cosign-installer@v3.0.4...v3.0.5

v3.0.4

Compare Source

v3.0.3

Compare Source

What's Changed

Full Changelog: sigstore/cosign-installer@v3.0.2...v3.0.3

v3.0.2

Compare Source

What's Changed

New Contributors

Full Changelog: sigstore/cosign-installer@v3...v3.0.2

v3.0.1

Compare Source

What's Changed

Full Changelog: sigstore/cosign-installer@v3.0.0...v3.0.1

v3.0.0

Compare Source

Breaking change

Cosign v2 has some breaking changes. Please check those: https://blog.sigstore.dev/cosign-2-0-released/

What's Changed

New Contributors

Full Changelog: sigstore/cosign-installer@v2...v3.0.0

Configuration

📅 Schedule: Branch creation - "on friday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate
chore(deps): update sigstore/cosign-installer action to v3
f5d5c18 
Signed-off-by: renovate[bot] <bot@renovateapp.com>
@renovate renovate bot requested review from a team as code owners July 7, 2023 10:37
@renovate renovate bot added the kind/enhancement This would improve or streamline existing functionality. label Jul 7, 2023
@renovate renovate bot requested a review from aanm July 7, 2023 10:37
@renovate renovate bot added release-note/misc This PR makes changes that have no direct user impact. renovate/stop-updating Tell Renovate to stop updating PR labels Jul 7, 2023
@renovate renovate bot requested a review from tklauser July 7, 2023 10:37
@maintainer-s-little-helper maintainer-s-little-helper bot added backport/1.13 This PR represents a backport for Cilium 1.13.x of a PR that was merged to main. kind/backports This PR provides functionality previously merged into master. labels Jul 7, 2023
@github-actions github-actions bot added the kind/community-contribution This was a contribution made by a community member. label Jul 7, 2023
@tklauser
Copy link
Member

tklauser commented Jul 7, 2023
edited by maintainer-s-little-helper bot

/test-backport-1.13

Job 'Cilium-PR-K8s-1.21-kernel-4.19' failed:

Click to show.

Test Name

K8sDatapathServicesTest Checks E/W loadbalancing (ClusterIP, NodePort from inside cluster, etc) Tests NodePort inside cluster (kube-proxy)

Failure Output

FAIL: Request from testclient-lqfs9 pod to service tftp://[fd04::12]:31314/hello failed

Jenkins URL: https://jenkins.cilium.io/job/Cilium-PR-K8s-1.21-kernel-4.19/65/

If it is a flake and a GitHub issue doesn't already exist to track it, comment /mlh new-flake Cilium-PR-K8s-1.21-kernel-4.19 so I can create one.

Then please upload the Jenkins artifacts to that issue.

Job 'Cilium-PR-K8s-1.18-kernel-4.19' failed:

Click to show.

Test Name

K8sAgentPolicyTest Multi-node policy test with L7 policy using connectivity-check to check datapath

Failure Output

FAIL: cannot install connectivity-check

Jenkins URL: https://jenkins.cilium.io/job/Cilium-PR-K8s-1.18-kernel-4.19/66/

If it is a flake and a GitHub issue doesn't already exist to track it, comment /mlh new-flake Cilium-PR-K8s-1.18-kernel-4.19 so I can create one.

Then please upload the Jenkins artifacts to that issue.

@aanm
Copy link
Member

aanm commented Jul 7, 2023

FYI this broke the CI and had to be reverted #26690 /cc @nbusseneau

@nbusseneau
Copy link
Member

nbusseneau commented Jul 7, 2023
edited

@aanm What broke, specifically? 🤔 We did this upgrade already in main, and AFAIK the only thing needed was to remove the experimental flag as was done in the PR by custom commit, so I guess we need to check the logs to determine where the issue lies.

@nbusseneau
Copy link
Member

OK found it:

 By typing 'y', you attest that (1) you are not submitting the personal data of any other person; and (2) you understand and agree to the statement and the Agreement terms at the URLs listed above.
Are you sure you would like to continue? [y/N] Error: signing [quay.io/cilium/docker-plugin-ci@sha256:8bc27adba838d338a61a1728dd40b76f097a3c689390fa3402748228c3a560d1]: signing digest: should upload to tlog: user declined the prompt
main.go:74: error during command execution: signing [quay.io/cilium/docker-plugin-ci@sha256:8bc27adba838d338a61a1728dd40b76f097a3c689390fa3402748228c3a560d1]: signing digest: should upload to tlog: user declined the prompt

We were missing 3fcaa50...

nbusseneau and others added 2 commits July 7, 2023 19:31
@nbusseneau
ci: remove COSIGN_EXPERIMENTAL
5bf2273 
This variable is now obsolete as sigstore/cosign-installer v3 and above
have switched to Cosign 2.0, cf.
https://blog.sigstore.dev/cosign-2-0-released/

Signed-off-by: Nicolas Busseneau <nicolas@isovalent.com>
@aanm @nbusseneau
.github: skip confirmation prompts on cosign
7fb29a3 
[ upstream commit 3fcaa50 ]

With the upgrade of cosign to v3.0.0, a user needs to confirm the
following prompt:

```
Note that there may be personally identifiable information associated with this signed artifact.
This may include the email address associated with the account with which you authenticate.
This information will be used for signing this artifact and will be stored in public transparency logs and cannot be removed later.

By typing 'y', you attest that you grant (or have permission to grant) and agree to have this information stored permanently in transparency logs.
```

This commit adds a flag to skip any confirmation prompts that cosign
will perform.

Signed-off-by: André Martins <andre@cilium.io>
Signed-off-by: Nicolas Busseneau <nicolas@isovalent.com>
@nbusseneau
Copy link
Member

Pushed the commits, please review.

@aanm aanm added the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label Jul 7, 2023
@julianwiedmann julianwiedmann merged commit b37ae8c into v1.13 Jul 11, 2023
39 checks passed
@julianwiedmann julianwiedmann deleted the renovate/v1.13-major-3-all-github-action branch July 11, 2023 14:21
@gandro gandro mentioned this pull request Jul 20, 2023
Merged
@gentoo-root gentoo-root mentioned this pull request Jul 26, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tklauser tklauser tklauser approved these changes

@aanm aanm aanm approved these changes

Assignees
No one assigned
Labels
backport/1.13 This PR represents a backport for Cilium 1.13.x of a PR that was merged to main. kind/backports This PR provides functionality previously merged into master. kind/community-contribution This was a contribution made by a community member. kind/enhancement This would improve or streamline existing functionality. ready-to-merge This PR has passed all tests and received consensus from code owners to merge. release-note/misc This PR makes changes that have no direct user impact. renovate/stop-updating Tell Renovate to stop updating PR
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@tklauser @aanm @nbusseneau @julianwiedmann