Skip to content

Commit c9bd9e9

Browse files
k8s-ci-robotk8s-ci-robot
authored
Merge pull request #928 from saschagrunert/sign-id
Use production registry as sign identity
2 parents bfda861 + 16f5dde commit c9bd9e9

File tree

8 files changed

+220
-107
lines changed

8 files changed

+220
-107
lines changed

cmd/kpromo/cmd/pr/pr.go

Lines changed: 7 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -33,14 +33,15 @@ import (
3333
"sigs.k8s.io/release-utils/util"
3434

3535
"sigs.k8s.io/promo-tools/v4/image"
36+
"sigs.k8s.io/promo-tools/v4/image/consts"
3637
"sigs.k8s.io/promo-tools/v4/image/manifest"
3738
)
3839

3940
const (
4041
k8sioRepo = "k8s.io"
4142
k8sioDefaultBranch = "main"
4243
promotionBranchSuffix = "-image-promotion"
43-
defaultProject = image.StagingRepoSuffix
44+
defaultProject = consts.StagingRepoSuffix
4445
defaultReviewers = "@kubernetes/release-engineering"
4546
)
4647

@@ -203,9 +204,9 @@ func runPromote(opts *promoteOptions) error {
203204

204205
// Path to the promoter image list
205206
imagesListPath := filepath.Join(
206-
image.ProdRegistry,
207+
consts.ProdRegistry,
207208
"images",
208-
filepath.Base(image.StagingRepoPrefix)+opts.project,
209+
filepath.Base(consts.StagingRepoPrefix)+opts.project,
209210
"images.yaml",
210211
)
211212

@@ -224,8 +225,8 @@ func runPromote(opts *promoteOptions) error {
224225

225226
opt := manifest.GrowOptions{}
226227
if err := opt.Populate(
227-
filepath.Join(repo.Dir(), image.ProdRegistry),
228-
image.StagingRepoPrefix+opts.project, opts.images, opts.digests, opts.tags); err != nil {
228+
filepath.Join(repo.Dir(), consts.ProdRegistry),
229+
consts.StagingRepoPrefix+opts.project, opts.images, opts.digests, opts.tags); err != nil {
229230
return fmt.Errorf("populating image promoter options for tag %s with image filter %s: %w", opts.tags, opts.images, err)
230231
}
231232

@@ -283,7 +284,7 @@ func runPromote(opts *promoteOptions) error {
283284
}
284285

285286
commitMessage := "Image promotion for " + opts.project + " " + strings.Join(opts.tags, " / ")
286-
if opts.project == image.StagingRepoSuffix {
287+
if opts.project == consts.StagingRepoSuffix {
287288
commitMessage = "releng: " + commitMessage
288289
}
289290

go.mod

Lines changed: 26 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,7 @@ require (
2828
gopkg.in/src-d/go-git.v4 v4.13.1
2929
gopkg.in/yaml.v2 v2.4.0
3030
k8s.io/utils v0.0.0-20230406110748-d93618cff8a2
31-
sigs.k8s.io/release-sdk v0.10.2-0.20230531091346-659609bc7879
31+
sigs.k8s.io/release-sdk v0.10.2
3232
sigs.k8s.io/release-utils v0.7.4
3333
sigs.k8s.io/yaml v1.3.0
3434
)
@@ -69,24 +69,24 @@ require (
6969
github.com/alibabacloud-go/tea-xml v1.1.2 // indirect
7070
github.com/aliyun/credentials-go v1.2.3 // indirect
7171
github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
72-
github.com/aws/aws-sdk-go-v2 v1.18.0 // indirect
73-
github.com/aws/aws-sdk-go-v2/config v1.18.23 // indirect
74-
github.com/aws/aws-sdk-go-v2/credentials v1.13.22 // indirect
75-
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.3 // indirect
76-
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.33 // indirect
77-
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.27 // indirect
78-
github.com/aws/aws-sdk-go-v2/internal/ini v1.3.34 // indirect
72+
github.com/aws/aws-sdk-go-v2 v1.18.1 // indirect
73+
github.com/aws/aws-sdk-go-v2/config v1.18.26 // indirect
74+
github.com/aws/aws-sdk-go-v2/credentials v1.13.25 // indirect
75+
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.4 // indirect
76+
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.34 // indirect
77+
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.28 // indirect
78+
github.com/aws/aws-sdk-go-v2/internal/ini v1.3.35 // indirect
7979
github.com/aws/aws-sdk-go-v2/service/ecr v1.15.0 // indirect
8080
github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.12.0 // indirect
81-
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.27 // indirect
82-
github.com/aws/aws-sdk-go-v2/service/sso v1.12.10 // indirect
83-
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.10 // indirect
84-
github.com/aws/aws-sdk-go-v2/service/sts v1.18.11 // indirect
81+
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.28 // indirect
82+
github.com/aws/aws-sdk-go-v2/service/sso v1.12.11 // indirect
83+
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.11 // indirect
84+
github.com/aws/aws-sdk-go-v2/service/sts v1.19.1 // indirect
8585
github.com/aws/smithy-go v1.13.5 // indirect
8686
github.com/awslabs/amazon-ecr-credential-helper/ecr-login v0.0.0-20220228164355-396b2034c795 // indirect
8787
github.com/blang/semver v3.5.1+incompatible // indirect
8888
github.com/blang/semver/v4 v4.0.0 // indirect
89-
github.com/buildkite/agent/v3 v3.46.1 // indirect
89+
github.com/buildkite/agent/v3 v3.48.0 // indirect
9090
github.com/chrismellard/docker-credential-acr-env v0.0.0-20220119192733-fe33c00cee21 // indirect
9191
github.com/clbanning/mxj/v2 v2.5.6 // indirect
9292
github.com/cloudflare/circl v1.3.3 // indirect
@@ -124,7 +124,7 @@ require (
124124
github.com/go-openapi/runtime v0.26.0 // indirect
125125
github.com/go-openapi/spec v0.20.9 // indirect
126126
github.com/go-openapi/strfmt v0.21.7 // indirect
127-
github.com/go-openapi/swag v0.22.3 // indirect
127+
github.com/go-openapi/swag v0.22.4 // indirect
128128
github.com/go-openapi/validate v0.22.1 // indirect
129129
github.com/go-piv/piv-go v1.11.0 // indirect
130130
github.com/go-playground/locales v0.14.1 // indirect
@@ -179,7 +179,7 @@ require (
179179
github.com/opencontainers/image-spec v1.1.0-rc3 // indirect
180180
github.com/opentracing/opentracing-go v1.2.0 // indirect
181181
github.com/pborman/uuid v1.2.1 // indirect
182-
github.com/pelletier/go-toml/v2 v2.0.6 // indirect
182+
github.com/pelletier/go-toml/v2 v2.0.8 // indirect
183183
github.com/pjbgf/sha1cd v0.3.0 // indirect
184184
github.com/pkg/errors v0.9.1 // indirect
185185
github.com/pmezard/go-difflib v1.0.0 // indirect
@@ -190,18 +190,18 @@ require (
190190
github.com/segmentio/ksuid v1.0.4 // indirect
191191
github.com/sergi/go-diff v1.3.1 // indirect
192192
github.com/shibumi/go-pathspec v1.3.0 // indirect
193-
github.com/sigstore/cosign/v2 v2.0.3-0.20230517070756-fc61f43262cb // indirect
193+
github.com/sigstore/cosign/v2 v2.0.3-0.20230614173616-4a2f67e796b9 // indirect
194194
github.com/sigstore/fulcio v1.3.1 // indirect
195195
github.com/sigstore/protobuf-specs v0.1.0 // indirect
196196
github.com/sigstore/rekor v1.2.1 // indirect
197197
github.com/sigstore/timestamp-authority v1.1.1 // indirect
198198
github.com/skeema/knownhosts v1.1.1 // indirect
199199
github.com/skratchdot/open-golang v0.0.0-20200116055534-eef842397966 // indirect
200-
github.com/spf13/afero v1.9.3 // indirect
201-
github.com/spf13/cast v1.5.0 // indirect
200+
github.com/spf13/afero v1.9.5 // indirect
201+
github.com/spf13/cast v1.5.1 // indirect
202202
github.com/spf13/jwalterweatherman v1.1.0 // indirect
203-
github.com/spf13/viper v1.15.0 // indirect
204-
github.com/spiffe/go-spiffe/v2 v2.1.4 // indirect
203+
github.com/spf13/viper v1.16.0 // indirect
204+
github.com/spiffe/go-spiffe/v2 v2.1.6 // indirect
205205
github.com/src-d/gcfg v1.4.0 // indirect
206206
github.com/subosito/gotenv v1.4.2 // indirect
207207
github.com/syndtr/goleveldb v1.0.1-0.20220721030215-126854af5e6d // indirect
@@ -212,25 +212,26 @@ require (
212212
github.com/tjfoc/gmsm v1.3.2 // indirect
213213
github.com/transparency-dev/merkle v0.0.2 // indirect
214214
github.com/vbatts/tar-split v0.11.3 // indirect
215-
github.com/xanzy/go-gitlab v0.83.0 // indirect
215+
github.com/xanzy/go-gitlab v0.85.0 // indirect
216216
github.com/xanzy/ssh-agent v0.3.3 // indirect
217217
github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect
218218
github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
219219
github.com/yashtewari/glob-intersection v0.1.0 // indirect
220220
github.com/zeebo/errs v1.3.0 // indirect
221221
go.mongodb.org/mongo-driver v1.11.3 // indirect
222222
go.opencensus.io v0.24.0 // indirect
223-
go.opentelemetry.io/otel v1.15.0 // indirect
224-
go.opentelemetry.io/otel/trace v1.15.0 // indirect
225-
go.step.sm/crypto v0.30.0 // indirect
223+
go.opentelemetry.io/otel v1.16.0 // indirect
224+
go.opentelemetry.io/otel/metric v1.16.0 // indirect
225+
go.opentelemetry.io/otel/trace v1.16.0 // indirect
226+
go.step.sm/crypto v0.32.0 // indirect
226227
go.uber.org/atomic v1.10.0 // indirect
227228
go.uber.org/multierr v1.11.0 // indirect
228229
go.uber.org/zap v1.24.0 // indirect
229230
golang.org/x/crypto v0.10.0 // indirect
230231
golang.org/x/exp v0.0.0-20230321023759-10a507213a29 // indirect
231232
golang.org/x/mod v0.11.0 // indirect
232233
golang.org/x/net v0.11.0 // indirect
233-
golang.org/x/sync v0.2.0 // indirect
234+
golang.org/x/sync v0.3.0 // indirect
234235
golang.org/x/sys v0.9.0 // indirect
235236
golang.org/x/term v0.9.0 // indirect
236237
golang.org/x/text v0.10.0 // indirect

0 commit comments

Comments
 (0)