cloudfoundry-community
diff --git a/‎.dockerignore‎
Lines changed: 4 additions & 0 deletions b/‎.dockerignore‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎README.md‎
Lines changed: 9 additions & 3 deletions b/‎README.md‎
Lines changed: 9 additions & 3 deletions
diff --git a/‎ci/pipeline.yml‎
Lines changed: 10 additions & 3 deletions b/‎ci/pipeline.yml‎
Lines changed: 10 additions & 3 deletions
diff --git a/‎ci/repipe‎
Lines changed: 55 additions & 52 deletions b/‎ci/repipe‎
Lines changed: 55 additions & 52 deletions
diff --git a/‎ci/scripts/release‎
Lines changed: 34 additions & 31 deletions b/‎ci/scripts/release‎
Lines changed: 34 additions & 31 deletions
diff --git a/‎ci/scripts/update-dockerhub-readme‎
Lines changed: 12 additions & 7 deletions b/‎ci/scripts/update-dockerhub-readme‎
Lines changed: 12 additions & 7 deletions
@@ -14,11 +14,15 @@
 
 # Resources for the 'build-docker-image' task of the 'build' job
 /git/
+/golang-latest/
+/alpine-latest/
 /image/
 /cache/
 
 # Resources for the 'build-docker-image' task of the 'build-pr' job
 /git-pull-requests/
+/golang-latest/
+/alpine-latest/
 /image/
 /cache/
 
 
@@ -37,9 +37,9 @@ automated tests.
 ## Source Configuration
 
 | Parameter                   | Required | Example                          | Description                                                                                                                                                                                                        |
-|-----------------------------|----------|----------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| --------------------------- | -------- | -------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
 | `repository`                | Yes      | `itsdalmo/test-repository`       | The repository to target.                                                                                                                                                                                          |
-| `access_token`              | Yes      |                                  | A Github Access Token with repository access (required for setting status on commits). N.B. If you want github-pr-resource to work with a private repository. Set `repo:full` permissions on the access token you create on GitHub. If it is a public repository, `repo:status` is enough. When using `trusted_teams`, the `read:org` scope has to be enabled. |
+| `access_token`              | Yes      |                                  | A Github Access Token with repository access, which is required for setting status on commits. (See also the note below about required permissions.)                                                               |
 | `v3_endpoint`               | No       | `https://api.github.com`         | Endpoint to use for the V3 Github API (Restful).                                                                                                                                                                   |
 | `v4_endpoint`               | No       | `https://api.github.com/graphql` | Endpoint to use for the V4 Github API (Graphql).                                                                                                                                                                   |
 | `paths`                     | No       | `["terraform/*/*.tf"]`           | Only produce new versions if the PR includes changes to files that match one or more glob patterns or prefixes.                                                                                                    |
@@ -62,7 +62,13 @@ automated tests.
 | `installation_id`           | No       |  `12356`                         | Installation id for your github app.
 | `application_id`            | No       |  `12356`                         | Application id for your github app.
 
-Notes:
+**Notes:**
+
+- Required permissions for `access_token`:
+    - if you want github-pr-resource to work with a private repository, set
+      `repo:full` permissions on the access token you create on GitHub.
+    - If it is a public repository, `repo:status` is enough.
+    - When using `trusted_teams`, the `read:org` scope has to be enabled.
  - If `v3_endpoint` is set, `v4_endpoint` must also be set (and the other way around).
  - Look at the [Concourse Resources documentation](https://concourse-ci.org/resources.html#resource-webhook-token)
  for webhook token configuration.
 
@@ -8,9 +8,10 @@
 # ci/settings.yml and override what needs overridden.
 # This uses spruce, so you have some options there.
 #
-# author:  James Hunt <[email protected]>
-#          Dennis Bell <[email protected]>
-# created: 2016-03-04
+# original authors: James Hunt <[email protected]>
+#                   Dennis Bell <[email protected]>
+# created:          2016-03-04
+# maintainer:       Benjamin Gandon (Gstack)
 
 meta:
   name:     (( param "Please name your pipeline" ))
@@ -104,6 +105,7 @@ jobs:
       put: notify
       no_get: true
       params:
+        silent:   true
         channel:  (( grab meta.slack.channel ))
         username: (( grab meta.slack.username ))
         icon_url: (( grab meta.slack.icon ))
@@ -173,6 +175,7 @@ jobs:
       put: notify
       no_get: true
       params:
+        silent:   true
         channel:  (( grab meta.slack.channel ))
         username: (( grab meta.slack.username ))
         icon_url: (( grab meta.slack.icon ))
@@ -217,6 +220,7 @@ jobs:
       put: notify
       no_get: true
       params:
+        silent:   true
         channel:  (( grab meta.slack.channel ))
         username: (( grab meta.slack.username ))
         icon_url: (( grab meta.slack.icon ))
@@ -232,6 +236,7 @@ jobs:
       put: notify
       no_get: true
       params:
+        silent:   true
         channel:  (( grab meta.slack.channel ))
         username: (( grab meta.slack.username ))
         icon_url: (( grab meta.slack.icon ))
@@ -247,6 +252,7 @@ jobs:
       put: notify
       no_get: true
       params:
+        silent:   true
         channel:  (( grab meta.slack.channel ))
         username: (( grab meta.slack.username ))
         icon_url: (( grab meta.slack.icon ))
@@ -324,6 +330,7 @@ jobs:
       put: notify
       no_get: true
       params:
+        silent:   true
         channel:  (( grab meta.slack.channel ))
         username: (( grab meta.slack.username ))
         icon_url: (( grab meta.slack.icon ))
 
@@ -5,20 +5,21 @@
 # Script for merging together pipeline configuration files
 # (via Spruce!) and configuring Concourse.
 #
-# author:  James Hunt <[email protected]>
-#          Dennis Bell <[email protected]>
-# created: 2016-03-04
+# original authors: James Hunt <[email protected]>
+#                   Dennis Bell <[email protected]>
+# created:          2016-03-04
+# maintainer:       Benjamin Gandon (Gstack)
 
 need_command() {
-	local cmd=${1:?need_command() - no command name given}
-
-	if [[ ! -x "$(command -v $cmd)" ]]; then
-		echo >&2 "${cmd} is not installed."
-		if [[ "${cmd}" == "spruce" ]]; then
-			echo >&2 "Please download it from https://github.com/geofffranks/spruce/releases"
-		fi
-		exit 2
-	fi
+    local cmd=${1:?"need_command() - no command name given"}
+
+    if [[ ! -x "$(command -v ${cmd})" ]]; then
+        echo >&2 "${cmd} is not installed."
+        if [[ "${cmd}" == "spruce" ]]; then
+            echo >&2 "Please download it from https://github.com/geofffranks/spruce/releases"
+        fi
+        exit 2
+    fi
 }
 
 NO_FLY=
@@ -45,33 +46,35 @@ usage() {
 }
 
 open_pipeline() {
-	url=$(show_pipeline_url)
+    url=$(show_pipeline_url)
     cleanup
-	if [[ -x /usr/bin/open ]]; then
-		exec /usr/bin/open "$url"
-	else
-		echo "Sorry, but I was not able to automagically open"
-		echo "your Concourse Pipeline in the browser."
-		echo
-		echo "Here's a link you can click on, though:"
-		echo
-		echo "  $url"
-		echo
-		exit 0;
-	fi
+    if [[ -x /usr/bin/open ]]; then
+        exec /usr/bin/open "${url}"
+    else
+        echo "Sorry, but I was not able to automagically open"
+        echo "your Concourse Pipeline in the browser."
+        echo
+        echo "Here's a link you can click on, though:"
+        echo
+        echo "  ${url}"
+        echo
+        exit 0;
+    fi
 }
 
 show_pipeline_url() {
-	spruce merge --skip-eval pipeline.yml ${settings_file} > .deploy.yml
-	concourse_url=$(spruce json .deploy.yml | jq -r ".meta.url")
-	team=$(spruce json .deploy.yml | jq -r ".meta.team // \"main\"")
-	pipeline=$(spruce merge --skip-eval \
-		--cherry-pick meta.pipeline \
-		--cherry-pick meta.name \
-		.deploy.yml | spruce merge - | spruce json | jq -r ".meta.pipeline")
-
-	echo "$concourse_url/teams/$team/pipelines/$pipeline"
-	exit 0
+    spruce merge --skip-eval pipeline.yml ${settings_file} > .deploy.yml
+    concourse_url=$(spruce json .deploy.yml | jq -r ".meta.url")
+    team=$(spruce json .deploy.yml | jq -r ".meta.team // \"main\"")
+    pipeline=$(
+        spruce merge --skip-eval \
+            --cherry-pick meta.pipeline \
+            --cherry-pick meta.name \
+            .deploy.yml \
+        | spruce merge - | spruce json | jq -r ".meta.pipeline"
+    )
+    echo "${concourse_url}/teams/${team}/pipelines/${pipeline}"
+    exit 0
 }
 
 for arg do
@@ -90,16 +93,16 @@ for arg do
     esac
 done
 
-cd $(dirname $BASH_SOURCE[0])
+cd "$(dirname "${BASH_SOURCE[0]}")"
 echo >&2 "Working in $(pwd)"
 need_command spruce
 
 # Allow for target-specific settings
 settings_file="$(ls -1 settings.yml ${CONCOURSE_TARGET:+"settings-${CONCOURSE_TARGET}.yml"} 2>/dev/null | head -n1)"
-if [[ -z "$settings_file" ]]
+if [[ -z "${settings_file}" ]]
 then
-  echo >&2 "Missing local settings in ci/settings.yml${CONCOURSE_TARGET:+" or ci/settings-${CONCOURSE_TARGET}.yml"}!"
-  exit 1
+    echo >&2 "Missing local settings in ci/settings.yml${CONCOURSE_TARGET:+" or ci/settings-${CONCOURSE_TARGET}.yml"}!"
+    exit 1
 fi
 
 echo >&2 "Using settings found in ${settings_file}"
@@ -113,26 +116,26 @@ trap "cleanup" QUIT TERM EXIT INT
 spruce merge pipeline.yml ${settings_file} > .deploy.yml
 PIPELINE=$(spruce json .deploy.yml | jq -r '.meta.pipeline // ""')
 if [[ -z ${PIPELINE} ]]; then
-	echo >&2 "Missing pipeline name in ci/settings.yml!"
-	exit 1
+    echo >&2 "Missing pipeline name in ci/settings.yml!"
+    exit 1
 fi
 
 TARGET_FROM_SETTINGS=$(spruce json .deploy.yml | jq -r '.meta.target // ""')
 if [[ -z ${CONCOURSE_TARGET} ]]; then
-  TARGET=${TARGET_FROM_SETTINGS}
-elif [[ "$CONCOURSE_TARGET" != "$TARGET_FROM_SETTINGS" ]]
+    TARGET=${TARGET_FROM_SETTINGS}
+elif [[ "${CONCOURSE_TARGET}" != "${TARGET_FROM_SETTINGS}" ]]
 then
-  echo >&2 "Target in {$settings_file} differs from target in \$CONCOURSE_TARGET"
-  echo >&2 "  \$CONCOURSE_TARGET: $CONCOURSE_TARGET"
-  echo >&2 "  Target in file:    $TARGET_FROM_SETTINGS"
-  exit 1
+    echo >&2 "Target in {${settings_file}} differs from target in \$CONCOURSE_TARGET"
+    echo >&2 "  \$CONCOURSE_TARGET: ${CONCOURSE_TARGET}"
+    echo >&2 "  Target in file:    ${TARGET_FROM_SETTINGS}"
+    exit 1
 else
-  TARGET=${CONCOURSE_TARGET}
+    TARGET=${CONCOURSE_TARGET}
 fi
 
 if [[ -z ${TARGET} ]]; then
-	echo >&2 "Missing Concourse Target in ci/settings.yml!"
-	exit 1
+    echo >&2 "Missing Concourse Target in ci/settings.yml!"
+    exit 1
 fi
 
 fly_cmd="${FLY_CMD:-fly}"
@@ -146,6 +149,6 @@ case "${VALIDATE_PIPELINE}" in
 esac
 
 set +x
-$fly_cmd --target ${TARGET} ${fly_opts} --config .deploy.yml
+${fly_cmd} --target ${TARGET} ${fly_opts} --config .deploy.yml
 [[ -n ${VALIDATE_PIPELINE} ]] && exit 0
-$fly_cmd --target ${TARGET} unpause-pipeline --pipeline ${PIPELINE}
+${fly_cmd} --target ${TARGET} unpause-pipeline --pipeline ${PIPELINE}
@@ -5,60 +5,63 @@
 # Script for generating Github release / tag assets
 # and managing release notes for a Docker Image pipeline
 #
-# author:  James Hunt <[email protected]>
-#          Dennis Bell <[email protected]>
-# created: 2016-03-04
+# original authors: James Hunt <[email protected]>
+#                   Dennis Bell <[email protected]>
+# created:          2016-03-04
+# maintainer:       Benjamin Gandon (Gstack)
 
 set -eu
 
-: ${REPO_ROOT:?required}
-: ${RELEASE_ROOT:?required}
-: ${RELEASE_NAME:?required}
-: ${GIT_EMAIL:?required}
-: ${GIT_NAME:?required}
+: ${REPO_ROOT:?"required"}
+: ${RELEASE_ROOT:?"required"}
+: ${RELEASE_NAME:?"required"}
+: ${GIT_EMAIL:?"required"}
+: ${GIT_NAME:?"required"}
 RELEASE_BRANCH=${RELEASE_BRANCH:-"master"}
-: ${REPO_OUT:?required}
+: ${REPO_OUT:?"required"}
 
 if [[ ! -f ${REPO_ROOT}/ci/release_notes.md ]]; then
-  echo >&2 "ci/release_notes.md not found.  Did you forget to write them?"
-  exit 1
+    echo >&2 "ci/release_notes.md not found. Did you forget to write them?"
+    exit 1
 fi
 
-if [[ -z ${VERSION_FROM} ]]; then
-  echo >&2 "VERSION_FROM environment variable not set, or empty.  Did you misconfigure Concourse?"
-  exit 2
+if [[ -z "${VERSION_FROM}" ]]; then
+    echo >&2 "VERSION_FROM environment variable not set, or empty. Did you misconfigure Concourse?"
+    exit 2
 fi
 if [[ ! -f ${VERSION_FROM} ]]; then
-  echo >&2 "Version file (${VERSION_FROM}) not found.  Did you misconfigure Concourse?"
-  exit 2
+    echo >&2 "Version file (${VERSION_FROM}) not found. Did you misconfigure Concourse?"
+    exit 2
 fi
-VERSION=$(cat ${VERSION_FROM})
-if [[ -z ${VERSION} ]]; then
-  echo >&2 "Version file (${VERSION_FROM}) was empty.  Did you misconfigure Concourse?"
-  exit 2
+version=$(cat ${VERSION_FROM})
+if [[ -z "${version}" ]]; then
+    echo >&2 "Version file (${VERSION_FROM}) was empty. Did you misconfigure Concourse?"
+    exit 2
 fi
 
-echo "v${VERSION}"                  > ${RELEASE_ROOT}/tag
-echo "${RELEASE_NAME} v${VERSION}"  > ${RELEASE_ROOT}/name
+echo "v${version}"                  > ${RELEASE_ROOT}/tag
+echo "${RELEASE_NAME} v${version}"  > ${RELEASE_ROOT}/name
 mv ${REPO_ROOT}/ci/release_notes.md   ${RELEASE_ROOT}/notes.md
 
 # GIT!
 if [[ -z $(git config --global user.email) ]]; then
-  git config --global user.email "${GIT_EMAIL}"
+    git config --global user.email "${GIT_EMAIL}"
 fi
 if [[ -z $(git config --global user.name) ]]; then
-  git config --global user.name "${GIT_NAME}"
+    git config --global user.name "${GIT_NAME}"
 fi
 
-(cd ${REPO_ROOT}
- git merge --no-edit "${RELEASE_BRANCH}"
- git add -A
- git status
- git commit -m "release v${VERSION} [skip ci]")
+(
+    cd ${REPO_ROOT}
+    git merge --no-edit "${RELEASE_BRANCH}"
+    git add -A
+    git status
+    git commit -m "release v${version} [skip ci]"
+)
 
 # so that future steps in the pipeline can push our changes
 cp -a ${REPO_ROOT} ${REPO_OUT}
 
 sed -e '/START_OF_DOCKERHUB_STRIP/,/END_OF_DOCKERHUB_STRIP/d' \
-  git/README.md \
-  > dockerhub/README.md
+        git/README.md \
+    > dockerhub/README.md
@@ -1,5 +1,8 @@
 #!/usr/bin/env bash
 
+# author:  Benjamin Gandon (Gstack)
+# created: 2021-12-13
+
 set -euo pipefail
 
 : ${DOCKERHUB_USERNAME:?"required"}
@@ -10,18 +13,20 @@ set -euo pipefail
 payload=$(jq --null-input \
     --arg "username" "${DOCKERHUB_USERNAME}" \
     --arg "password" "${DOCKERHUB_PASSWORD}" \
-    '{ "username": $username, "password": $password }')
+    '{ "username": $username, "password": $password }'
+)
 
 curl --silent --fail --show-error --location \
-    --request "POST" \
-    --url "https://hub.docker.com/v2/users/login" \
-    --header "Content-Type: application/json" \
-    --data-raw "${payload}" \
-  > ./token.json
+        --request "POST" \
+        --url "https://hub.docker.com/v2/users/login" \
+        --header "Content-Type: application/json" \
+        --data-raw "${payload}" \
+    > ./token.json
 
 payload=$(jq --null-input \
     --arg "full_description" "$(cat dockerhub/README.md)" \
-    '{ "full_description": $full_description }')
+    '{ "full_description": $full_description }'
+)
 
 curl --silent --fail --show-error --location --include \
     --request "PATCH" \