Skip to content

Commit 3f824b2

Browse files
AlexFenlonAlexFenlon
committed
Merge remote-tracking branch 'origin/main' into feat/client-body-buffer-size
2 parents c505860 + 1ca073d commit 3f824b2

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

44 files changed

+768
-461
lines changed

.github/actions/certify-openshift-image/action.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@ inputs:
2020
required: false
2121
default: "amd64,arm64"
2222
submit:
23-
description: Submit results to Redhat PYAXIS
23+
description: Submit results to Redhat PYXIS
2424
required: false
2525
default: true
2626

.github/workflows/build-artifacts.yml

Lines changed: 8 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -62,7 +62,7 @@ jobs:
6262
json: ${{ steps.nic_binaries.outputs.json }}
6363
steps:
6464
- name: Checkout Repository
65-
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
65+
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
6666
with:
6767
ref: ${{ inputs.branch }}
6868

@@ -91,14 +91,6 @@ jobs:
9191
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
9292
GOPATH: ${{ inputs.go-path }}
9393
GOPROXY: ${{ inputs.go-proxy }}
94-
AWS_PRODUCT_CODE: ${{ secrets.AWS_PRODUCT_CODE }}
95-
AWS_PUB_KEY: ${{ secrets.AWS_PUB_KEY }}
96-
AWS_NAP_DOS_PRODUCT_CODE: ${{ secrets.AWS_NAP_DOS_PRODUCT_CODE }}
97-
AWS_NAP_DOS_PUB_KEY: ${{ secrets.AWS_NAP_DOS_PUB_KEY }}
98-
AWS_NAP_WAF_PRODUCT_CODE: ${{ secrets.AWS_NAP_WAF_PRODUCT_CODE }}
99-
AWS_NAP_WAF_PUB_KEY: ${{ secrets.AWS_NAP_WAF_PUB_KEY }}
100-
AWS_NAP_WAF_DOS_PRODUCT_CODE: ${{ secrets.AWS_NAP_WAF_DOS_PRODUCT_CODE }}
101-
AWS_NAP_WAF_DOS_PUB_KEY: ${{ secrets.AWS_NAP_WAF_DOS_PUB_KEY }}
10294
GORELEASER_CURRENT_TAG: "v${{ inputs.ic-version }}"
10395
if: ${{ inputs.force }}
10496

@@ -115,6 +107,10 @@ jobs:
115107
key: nginx-ingress-${{ inputs.go-md5 }}
116108
if: ${{ inputs.force }}
117109

110+
- name: Cleanup netrc
111+
run: rm -f $HOME/.netrc
112+
if: ${{ always() }}
113+
118114
# generate-assertion-doc:
119115
# if: ${{ github.event_name != 'pull_request' }}
120116
# name: Assertion Doc ${{ matrix.nic.arch }}
@@ -190,9 +186,9 @@ jobs:
190186
# with:
191187
# assertion-doc: ${{ steps.assertiondoc.outputs.assertion-document-path }}
192188

193-
- name: Cleanup netrc
194-
run: rm -f $HOME/.netrc
195-
if: ${{ always() }}
189+
#  - name: Cleanup netrc
190+
# run: rm -f $HOME/.netrc
191+
# if: ${{ always() }}
196192

197193
build-docker:
198194
name: Build Docker OSS

.github/workflows/build-base-images.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@ jobs:
2929
image_matrix_nap: ${{ steps.vars.outputs.image_matrix_nap }}
3030
steps:
3131
- name: Checkout Repository
32-
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
32+
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
3333

3434
- name: Output Variables
3535
id: vars
@@ -55,7 +55,7 @@ jobs:
5555
matrix: ${{ fromJSON( needs.checks.outputs.image_matrix_oss ) }}
5656
steps:
5757
- name: Checkout Repository
58-
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
58+
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
5959

6060
- name: Docker Buildx
6161
uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
@@ -120,7 +120,7 @@ jobs:
120120
matrix: ${{ fromJSON( needs.checks.outputs.image_matrix_plus ) }}
121121
steps:
122122
- name: Checkout Repository
123-
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
123+
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
124124

125125
- name: Docker Buildx
126126
uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
@@ -188,7 +188,7 @@ jobs:
188188
matrix: ${{ fromJSON( needs.checks.outputs.image_matrix_nap ) }}
189189
steps:
190190
- name: Checkout Repository
191-
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
191+
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
192192

193193
- name: Docker Buildx
194194
uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1

.github/workflows/build-oss.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -56,7 +56,7 @@ jobs:
5656
image_digest: ${{ steps.build-push.outputs.digest }}
5757
steps:
5858
- name: Checkout Repository
59-
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
59+
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
6060
with:
6161
ref: ${{ inputs.branch }}
6262
fetch-depth: 0

.github/workflows/build-plus.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -58,7 +58,7 @@ jobs:
5858
runs-on: ${{ inputs.runner }}
5959
steps:
6060
- name: Checkout Repository
61-
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
61+
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
6262
with:
6363
ref: ${{ inputs.branch }}
6464
fetch-depth: 0

.github/workflows/build-single-image.yml

Lines changed: 1 addition & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -45,7 +45,7 @@ jobs:
4545
runs-on: ubuntu-24.04
4646
steps:
4747
- name: Checkout Repository
48-
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
48+
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
4949
with:
5050
ref: ${{ inputs.branch }}
5151
fetch-depth: 0
@@ -107,14 +107,6 @@ jobs:
107107
env:
108108
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
109109
GOPATH: ${{ steps.vars.outputs.go_path }}
110-
AWS_PRODUCT_CODE: ${{ secrets.AWS_PRODUCT_CODE }}
111-
AWS_PUB_KEY: ${{ secrets.AWS_PUB_KEY }}
112-
AWS_NAP_DOS_PRODUCT_CODE: ${{ secrets.AWS_NAP_DOS_PRODUCT_CODE }}
113-
AWS_NAP_DOS_PUB_KEY: ${{ secrets.AWS_NAP_DOS_PUB_KEY }}
114-
AWS_NAP_WAF_PRODUCT_CODE: ${{ secrets.AWS_NAP_WAF_PRODUCT_CODE }}
115-
AWS_NAP_WAF_PUB_KEY: ${{ secrets.AWS_NAP_WAF_PUB_KEY }}
116-
AWS_NAP_WAF_DOS_PRODUCT_CODE: ${{ secrets.AWS_NAP_WAF_DOS_PRODUCT_CODE }}
117-
AWS_NAP_WAF_DOS_PUB_KEY: ${{ secrets.AWS_NAP_WAF_DOS_PUB_KEY }}
118110
GORELEASER_CURRENT_TAG: "v${{ steps.vars.outputs.ic_version }}"
119111
if: ${{ steps.binary-cache.outputs.binary_cache_hit != 'true' }}
120112

.github/workflows/build-test-image.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,7 @@ jobs:
2828
runs-on: ubuntu-24.04
2929
steps:
3030
- name: Checkout Repository
31-
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
31+
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
3232

3333
- name: Docker Buildx
3434
uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1

.github/workflows/build-ubi-dependency.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,7 @@ jobs:
3333
tag: ["ubi8", "ubi9"]
3434
steps:
3535
- name: Checkout Repository
36-
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
36+
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
3737

3838
- name: Setup QEMU
3939
uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0

.github/workflows/cache-update.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@ jobs:
2626
image_matrix_nap: ${{ steps.vars.outputs.image_matrix_nap }}
2727
steps:
2828
- name: Checkout Repository
29-
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
29+
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
3030

3131
- name: Output Variables
3232
id: vars

.github/workflows/certify-ubi-image.yml

Lines changed: 24 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -34,16 +34,37 @@ jobs:
3434
certify-ubi-images:
3535
name: Certify OpenShift UBI images
3636
runs-on: ubuntu-24.04
37+
permissions:
38+
contents: read
39+
id-token: write
3740
steps:
3841
- name: Checkout
39-
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
42+
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
43+
44+
- name: Azure login
45+
uses: azure/login@a457da9ea143d694b1b9c7c869ebb04ebe844ef5 # v2.3.0
46+
with:
47+
client-id: ${{ secrets.AZURE_VAULT_CLIENT_ID }}
48+
tenant-id: ${{ secrets.AZURE_VAULT_TENANT_ID }}
49+
subscription-id: ${{ secrets.AZURE_VAULT_SUBSCRIPTION_ID }}
50+
51+
- name: Setup secrets
52+
id: secrets
53+
run: |
54+
echo "Setting secrets for job"
55+
PYXIS_TOKEN=$(az keyvault secret show --name nic-pyxis-token --vault-name ${{ secrets.NIC_KEYVAULT_NAME }} --query value -o tsv)
56+
echo "::add-mask::$PYXIS_TOKEN"
57+
echo "PYXIS_TOKEN=$PYXIS_TOKEN" >> $GITHUB_OUTPUT
58+
PYXIS_CERTIFICATION_PROJECT_ID=$(az keyvault secret show --name nic-pyxis-certification-pid --vault-name ${{ secrets.NIC_KEYVAULT_NAME }} --query value -o tsv)
59+
echo "::add-mask::$PYXIS_CERTIFICATION_PROJECT_ID"
60+
echo "PYXIS_CERTIFICATION_PROJECT_ID=$PYXIS_CERTIFICATION_PROJECT_ID" >> $GITHUB_OUTPUT
4061
4162
- name: Certify UBI OSS images in quay
4263
uses: ./.github/actions/certify-openshift-image
4364
with:
4465
image: ${{ inputs.image }}
45-
project_id: ${{ secrets.CERTIFICATION_PROJECT_ID }}
46-
pyxis_token: ${{ secrets.PYXIS_API_TOKEN }}
66+
project_id: ${{ steps.secrets.outputs.PYXIS_CERTIFICATION_PROJECT_ID }}
67+
pyxis_token: ${{ steps.secrets.outputs.PYXIS_TOKEN }}
4768
preflight_version: ${{ inputs.preflight_version }}
4869
submit: ${{ inputs.submit || true }}
4970
platforms: ${{ inputs.platforms }}

0 commit comments

Comments
 (0)