Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: v.2.0.0 - tracking #3576

Closed
ramonpetgrave64 opened this issue Apr 18, 2024 · 4 comments
Closed

chore: v.2.0.0 - tracking #3576

ramonpetgrave64 opened this issue Apr 18, 2024 · 4 comments
Labels
status:triage Issue that has not been triaged type:feature New feature or request

Comments

@ramonpetgrave64
Copy link
Collaborator

ramonpetgrave64 commented Apr 18, 2024
edited

Tracking PRs for the v2.0.0 release
@ramonpetgrave64 ramonpetgrave64 added type:feature New feature or request status:triage Issue that has not been triaged labels Apr 18, 2024
@ramonpetgrave64 ramonpetgrave64 mentioned this issue Apr 18, 2024
Merged
5 tasks
@ramonpetgrave64 ramonpetgrave64 changed the title chore: v.111.0 - tracking chore: v.2.0.0 - tracking Apr 18, 2024
ramonpetgrave64 added a commit that referenced this issue Apr 18, 2024
@ramonpetgrave64
docs: v.2.0.0: finalize CHANGELOG.md (#3577)
3789345 
# Summary

#3576 

First step before a release, marking all "Unreleased" changes in
CHANGELOG.md as "v2.0.0"

## Testing Process

...

## Checklist

- [x] Review the contributing [guidelines](./../CONTRIBUTING.md)
- [x] Add a reference to related issues in the PR description.
- [ ] Update documentation if applicable.
- [ ] Add unit tests if applicable.
- [x] Add changes to the [CHANGELOG](./../CHANGELOG.md) if applicable.

---------

Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
ramonpetgrave64 added a commit to slsa-framework/example-package that referenced this issue Apr 18, 2024
@ramonpetgrave64
chore: v2.0.0-rc.0: update adversarial test
fcea9c9 
next step in release process 
https://github.com/slsa-framework/slsa-github-generator/blob/main/RELEASE.md#go-builder-verifier-test

slsa-framework/slsa-github-generator#3576

Signed-off-by: Ramon Petgrave <32398091+ramonpetgrave64@users.noreply.github.com>
@ramonpetgrave64 ramonpetgrave64 mentioned this issue Apr 18, 2024
Merged
ramonpetgrave64 added a commit to slsa-framework/example-package that referenced this issue Apr 18, 2024
@ramonpetgrave64
chore: v2.0.0-rc.0: update adversarial test: generic_generator
37bafc5 
next step in release process
https://github.com/slsa-framework/slsa-github-generator/blob/main/RELEASE.md#generic-generator-verifier-test

slsa-framework/slsa-github-generator#3576

Signed-off-by: Ramon Petgrave <32398091+ramonpetgrave64@users.noreply.github.com>
@ramonpetgrave64 ramonpetgrave64 mentioned this issue Apr 18, 2024
Merged
ramonpetgrave64 added a commit to slsa-framework/example-package that referenced this issue Apr 18, 2024
@ramonpetgrave64
chore: v2.0.0-rc.0: update adversarial test: generic generator
b530c4c 
next step in release process
https://github.com/slsa-framework/slsa-github-generator/blob/main/RELEASE.md#generic-generator-verifier-test

slsa-framework/slsa-github-generator#3576

Signed-off-by: Ramon Petgrave <32398091+ramonpetgrave64@users.noreply.github.com>
@ramonpetgrave64 ramonpetgrave64 mentioned this issue Apr 18, 2024
Merged
ramonpetgrave64 added a commit to slsa-framework/example-package that referenced this issue Apr 18, 2024
@ramonpetgrave64
chore: v2.0.0-rc.0: update adversarial test: generic generator
b48c439 
next step in release process
https://github.com/slsa-framework/slsa-github-generator/blob/main/RELEASE.md#generic-generator-verifier-test

slsa-framework/slsa-github-generator#3576

Signed-off-by: Ramon Petgrave <32398091+ramonpetgrave64@users.noreply.github.com>
@ramonpetgrave64 ramonpetgrave64 mentioned this issue Apr 18, 2024
Merged
ramonpetgrave64 added a commit to slsa-framework/example-package that referenced this issue Apr 18, 2024
@ramonpetgrave64
chore: v2.0.0-rc.0: update adversarial test: builder container based
4d9f413 
next step in release process
https://github.com/slsa-framework/slsa-github-generator/blob/main/RELEASE.md#container-based-builder-verifier-test

slsa-framework/slsa-github-generator#3576

Signed-off-by: Ramon Petgrave <32398091+ramonpetgrave64@users.noreply.github.com>
@ramonpetgrave64 ramonpetgrave64 mentioned this issue Apr 18, 2024
Merged
ramonpetgrave64 added a commit to slsa-framework/example-package that referenced this issue Apr 18, 2024
@ramonpetgrave64
chore: v2.0.0-rc.0: update adversarial test: builder binary
15cb242 
next step in release process
https://github.com/slsa-framework/slsa-github-generator/blob/main/RELEASE.md#adversarial-go-builder

slsa-framework/slsa-github-generator#3576

Signed-off-by: Ramon Petgrave <32398091+ramonpetgrave64@users.noreply.github.com>
@ramonpetgrave64 ramonpetgrave64 mentioned this issue Apr 18, 2024
Merged
ramonpetgrave64 added a commit to slsa-framework/example-package that referenced this issue Apr 18, 2024
@ramonpetgrave64
chore: v2.0.0-rc.0: update adversarial test: Adversarial generic gene…
7be5eb7 
…rator

next step in release process
https://github.com/slsa-framework/slsa-github-generator/blob/main/RELEASE.md#adversarial-generic-generator

slsa-framework/slsa-github-generator#3576

Signed-off-by: Ramon Petgrave <32398091+ramonpetgrave64@users.noreply.github.com>
@ramonpetgrave64 ramonpetgrave64 mentioned this issue Apr 18, 2024
Merged
ramonpetgrave64 added a commit to slsa-framework/example-package that referenced this issue Apr 18, 2024
@ramonpetgrave64
chore: v2.0.0-rc.0: update adversarial test: Adversarial container ge…
2ef973f 
…nerator

next step in release process
https://github.com/slsa-framework/slsa-github-generator/blob/main/RELEASE.md#adversarial-container-generator

slsa-framework/slsa-github-generator#3576

Signed-off-by: Ramon Petgrave <32398091+ramonpetgrave64@users.noreply.github.com>
@ramonpetgrave64 ramonpetgrave64 mentioned this issue Apr 18, 2024
Merged
ramonpetgrave64 added a commit to slsa-framework/example-package that referenced this issue Apr 18, 2024
@ramonpetgrave64
chore: v2.0.0-rc.0: update adversarial test: Adversarial container ge…
eabefbd 
…nerator

next step in release process
https://github.com/slsa-framework/slsa-github-generator/blob/main/RELEASE.md#adversarial-container-generator

slsa-framework/slsa-github-generator#3576

Signed-off-by: Ramon Petgrave <32398091+ramonpetgrave64@users.noreply.github.com>
@ramonpetgrave64 ramonpetgrave64 mentioned this issue Apr 18, 2024
Merged
ramonpetgrave64 added a commit to slsa-framework/example-package that referenced this issue Apr 18, 2024
@ramonpetgrave64
chore: v2.0.0-rc.0: update adversarial test: Adversarial container-ba…
11d7c2a 
…sed builder

next step in release process
https://github.com/slsa-framework/slsa-github-generator/blob/main/RELEASE.md#adversarial-container-based-builder

slsa-framework/slsa-github-generator#3576

Signed-off-by: Ramon Petgrave <32398091+ramonpetgrave64@users.noreply.github.com>
@ramonpetgrave64 ramonpetgrave64 mentioned this issue Apr 18, 2024
Merged
@ramonpetgrave64
Copy link
Collaborator Author

Finished the initial adversarial tests. We're now doing the 2-day code freeze.
https://github.com/slsa-framework/slsa-github-generator/blob/main/RELEASE.md#code-freeze

@ramonpetgrave64 ramonpetgrave64 mentioned this issue Apr 19, 2024
Merged
5 tasks
@ramonpetgrave64
Copy link
Collaborator Author

Existing tests are still passing, except for some old recurring failures

This was referenced Apr 22, 2024
Merged
Merged
@ramonpetgrave64
Copy link
Collaborator Author

Step

https://github.com/slsa-framework/slsa-github-generator/blob/main/RELEASE.md#verify-final-version-references

➜  slsa-github-generator git:(main) git tag $BUILDER_TAG -f
git push upstream $BUILDER_TAG -f
error: src refspec v2.0.0 matches more than one

Can't push a new tag, so the steps might need re-ordering

Since this step is meant to trigger the release worrkflow, I manually invoke it instead.
https://github.com/slsa-framework/slsa-github-generator/actions/runs/8790065191

ramonpetgrave64 added a commit to slsa-framework/example-package that referenced this issue Apr 22, 2024
@ramonpetgrave64
chore: v2.0.0-rc.0: update adversarial test: Adversarial Go builde
6d8f08e 
next step in release process
https://github.com/slsa-framework/slsa-github-generator/blob/main/RELEASE.md#adversarial-go-builder

slsa-framework/slsa-github-generator#3576

Signed-off-by: Ramon Petgrave <32398091+ramonpetgrave64@users.noreply.github.com>
@ramonpetgrave64 ramonpetgrave64 mentioned this issue Apr 22, 2024
Merged
ramonpetgrave64 added a commit to slsa-framework/example-package that referenced this issue Apr 22, 2024
@ramonpetgrave64
chore: v2.0.0: update adversarial test: Adversarial generic generator
c1d54b1 
next step in release process
https://github.com/slsa-framework/slsa-github-generator/blob/main/RELEASE.md#generic-generator-verifier-test

slsa-framework/slsa-github-generator#3576

Signed-off-by: Ramon Petgrave <32398091+ramonpetgrave64@users.noreply.github.com>
@ramonpetgrave64 ramonpetgrave64 mentioned this issue Apr 22, 2024
Merged
ramonpetgrave64 added a commit to slsa-framework/example-package that referenced this issue Apr 22, 2024
@ramonpetgrave64
chore: v2.0.0: update adversarial test: Adversarial container generator
20bf2eb 
next step in release process
https://github.com/slsa-framework/slsa-github-generator/blob/main/RELEASE.md#adversarial-container-generator

slsa-framework/slsa-github-generator#3576

Signed-off-by: Ramon Petgrave <32398091+ramonpetgrave64@users.noreply.github.com>
@ramonpetgrave64 ramonpetgrave64 mentioned this issue Apr 22, 2024
Merged
ramonpetgrave64 added a commit to slsa-framework/example-package that referenced this issue Apr 22, 2024
@ramonpetgrave64
chore: v2.0.0-rc.0: update adversarial test: Adversarial container-based
372c93c 
next step in release process
https://github.com/slsa-framework/slsa-github-generator/blob/main/RELEASE.md#adversarial-container-based-builder

slsa-framework/slsa-github-generator#3576

Signed-off-by: Ramon Petgrave <32398091+ramonpetgrave64@users.noreply.github.com>
This was referenced Apr 22, 2024
Merged
Merged
Merged
Merged
ramonpetgrave64 added a commit to slsa-framework/example-package that referenced this issue Apr 22, 2024
@ramonpetgrave64
chore: v2.0.0: update verifier e2e refs
4e6c23f 
slsa-framework/slsa-github-generator#3576

Next step in https://github.com/slsa-framework/slsa-github-generator/blob/main/RELEASE.md#update-verifier

Signed-off-by: Ramon Petgrave <32398091+ramonpetgrave64@users.noreply.github.com>
@ramonpetgrave64 ramonpetgrave64 mentioned this issue Apr 22, 2024
Merged
ramonpetgrave64 added a commit that referenced this issue Apr 22, 2024
@ramonpetgrave64
chore: v2.0.0: update tags to v2.0.0 (#3584)
472fb17 
# Summary

#3576

followup to
#3578

next step in
https://github.com/slsa-framework/slsa-github-generator/blob/main/RELEASE.md#reference-actions-at-main

Changing all the actions to point back to main.

## Testing Process

pre-submit workflows

## Checklist

- [ ] Review the contributing [guidelines](./../CONTRIBUTING.md)
- [ ] Add a reference to related issues in the PR description.
- [ ] Update documentation if applicable.
- [ ] Add unit tests if applicable.
- [ ] Add changes to the [CHANGELOG](./../CHANGELOG.md) if applicable.

Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
@ramonpetgrave64 ramonpetgrave64 mentioned this issue Apr 23, 2024
Merged
ramonpetgrave64 added a commit to slsa-framework/slsa-verifier that referenced this issue Apr 23, 2024
@ramonpetgrave64
chore: slsa-framework/slsa-github-generator@v2.0.0: add testdata (#758)
637b07f 
slsa-framework/slsa-github-generator#3576

Next step in 

https://github.com/slsa-framework/slsa-github-generator/blob/main/RELEASE.md#update-verifier

Creating new test data for slsa-github-generator@v2.0.0

# Instructions:

## diff to download-artifacts.sh

```
diff --git a/download-artifacts.sh b/download-artifacts.sh
old mode 100644
new mode 100755
index e5e218e8..49257ea6
--- a/download-artifacts.sh
+++ b/download-artifacts.sh
@@ -88,6 +88,10 @@ unzip_files() {
         rm -rf "${tmp_dir}"
         ;;
 
+    ./*.zip)
+        unzip -o "${zip_path}" -d "${output_path}"
+        ;;
+
     *)
         echo "unexpected file path: ${zip_path}"
         exit 1
@@ -167,7 +171,7 @@ rename_java_files "test-java-project-" "maven"
 rename_java_files "workflow_dispatch-" "gradle"
 
 # Files downloaded. Now copy them
-repo_path="../.."
+repo_path="/path/to/slsa-verifier"
 
 # Go builder files.
 copy_files "gha_go-binary-linux-amd64-" "${repo_path}/cli/slsa-verifier/testdata/gha_go/${version}"
```

## download the artifacts

```
../slsa-verifier/download-artifacts.sh 8791212155 v2.0.0
../slsa-verifier/download-artifacts.sh 8791219359 v2.0.0
../slsa-verifier/download-artifacts.sh 8791219514 v2.0.0
../slsa-verifier/download-artifacts.sh 8791219607 v2.0.0
```

## docker github auth

```
gh auth login --scopes=read:packages
echo `gh auth token` | docker login ghcr.io -u ramonpetgrave64 --password-stdin
cosign save \
    --dir ./cli/slsa-verifier/testdata/gha_generic_container/v2.0.0/container_workflow_dispatch \
    ghcr.io/slsa-framework/example-package.verifier-e2e.all.tag.main.default.slsa3@sha256:55aee984fd6b1d0e0a19a55265d10d40063a2212bdbabd75b202b1728236548d
```

---------

Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>
@ramonpetgrave64 ramonpetgrave64 mentioned this issue Apr 23, 2024
Open
23 tasks
@laurentsimon
Copy link
Collaborator

This is done, thanks @ramonpetgrave64 . Closing.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
status:triage Issue that has not been triaged type:feature New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ramonpetgrave64 @laurentsimon