diff --git a/.github/workflows/tests.yaml b/.github/workflows/tests.yaml index 3ab50bb..4980d20 100644 --- a/.github/workflows/tests.yaml +++ b/.github/workflows/tests.yaml @@ -5,12 +5,10 @@ on: [push, workflow_dispatch, pull_request] env: KIND_VERSION: "v0.23.0" BATS_VERSION: "1.11.0" - NODE_VERSION: "19.9.0" + NODE_VERSION: "22.0.0" TARBALL_FILE: openbao-csi-provider.docker.tar jobs: - copyright: - uses: hashicorp/vault-workflows-common/.github/workflows/copyright-headers.yaml@main go-checks: uses: hashicorp/vault-workflows-common/.github/workflows/go-checks.yaml@main lint: diff --git a/.gitignore b/.gitignore index 178135c..db5318f 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,3 @@ /dist/ + +dist/ diff --git a/.goreleaser.yaml b/.goreleaser.yaml new file mode 100644 index 0000000..cd4048c --- /dev/null +++ b/.goreleaser.yaml @@ -0,0 +1,266 @@ +# This is an example .goreleaser.yml file with some sensible defaults. +# Make sure to check the documentation at https://goreleaser.com + +# The lines below are called `modelines`. See `:help modeline` +# Feel free to remove those if you don't want/need to use them. +# yaml-language-server: $schema=https://goreleaser.com/static/schema.json +# vim: set ts=2 sw=2 tw=0 fo=cnqoj + +version: 2 + +before: + hooks: + # You may remove this if you don't use go modules. + - go mod tidy + # you may remove this if you don't need go generate + - go generate ./... + +builds: + - env: + - CGO_ENABLED=0 + goos: + - linux + - darwin + +dockers: + - id: alpine-amd64 + use: buildx + goos: linux + goarch: amd64 + skip_push: false + ids: + - builds-linux + build_flag_templates: + - "--pull" + - "--build-arg=BIN_NAME={{.ProjectName}}" + - "--build-arg=REVISION={{.FullCommit}}" + - "--build-arg=VERSION={{.Version}}" + - "--platform=linux/amd64" + - "--label=org.opencontainers.image.title={{ .ProjectName }}" + - "--label=org.opencontainers.image.vendor=OpenBao" + - "--label=org.opencontainers.image.description=OpenBao CSI Provider {{ .Version }}" + - "--label=org.opencontainers.image.url=https://github.com/openbao/openbao-csi-provider" + - "--label=org.opencontainers.image.documentation=https://github.com/openbao/openbao-csi-provider/blob/main/README.md" + - "--label=org.opencontainers.image.source=https://github.com/openbao/openbao-csi-provider" + - "--label=org.opencontainers.image.licenses=MPL-2.0" + - "--label=org.opencontainers.image.version={{ .Version }}" + - "--label=org.opencontainers.image.revision={{ .FullCommit }}" + - '--label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }}' + - "--label=release={{ .Version }}" + - "--label=revision={{ .FullCommit }}" + - "--label=version={{ .Version }}" + - "--target=default" + image_templates: + - "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-amd64" + - "quay.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-amd64" + - "docker.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-amd64" + extra_files: + - ./LICENSE + - ./.release/docker/docker-entrypoint.sh + - ./CHANGELOG.md + - id: alpine-arm + use: buildx + goos: linux + goarch: arm + goarm: "6" + skip_push: false + ids: + - builds-linux + build_flag_templates: + - "--pull" + - "--build-arg=BIN_NAME={{ .ProjectName }}" + - "--build-arg=REVISION={{ .FullCommit }}" + - "--build-arg=VERSION={{ .Version }}" + - "--platform=linux/arm" + - "--label=org.opencontainers.image.title={{ .ProjectName }}" + - "--label=org.opencontainers.image.vendor=OpenBao" + - "--label=org.opencontainers.image.description=OpenBao CSI Provider {{ .Version }}" + - "--label=org.opencontainers.image.url=https://github.com/openbao/openbao-csi-provider" + - "--label=org.opencontainers.image.documentation=https://github.com/openbao/openbao-csi-provider/blob/main/README.md" + - "--label=org.opencontainers.image.source=https://github.com/openbao/openbao-csi-provider" + - "--label=org.opencontainers.image.licenses=MPL-2.0" + - "--label=org.opencontainers.image.version={{ .Version }}" + - "--label=org.opencontainers.image.revision={{ .FullCommit }}" + - '--label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }}' + - "--label=release={{ .Version }}" + - "--label=revision={{ .FullCommit }}" + - "--label=version={{ .Version }}" + - "--target=default" + image_templates: + - "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-arm" + - "quay.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-arm" + - "docker.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-arm" + extra_files: + - ./LICENSE + - ./.release/docker/docker-entrypoint.sh + - ./CHANGELOG.md + - id: alpine-arm64 + use: buildx + goos: linux + goarch: arm64 + goarm: "8" + skip_push: false + ids: + - builds-linux + build_flag_templates: + - "--pull" + - "--build-arg=BIN_NAME={{ .ProjectName }}" + - "--build-arg=REVISION={{ .FullCommit }}" + - "--build-arg=VERSION={{ .Version }}" + - "--platform=linux/arm64" + - "--label=org.opencontainers.image.title={{ .ProjectName }}" + - "--label=org.opencontainers.image.vendor=OpenBao" + - "--label=org.opencontainers.image.description=OpenBao CSI Provider {{ .Version }}" + - "--label=org.opencontainers.image.url=https://github.com/openbao/openbao-csi-provider" + - "--label=org.opencontainers.image.documentation=https://github.com/openbao/openbao-csi-provider/blob/main/README.md" + - "--label=org.opencontainers.image.source=https://github.com/openbao/openbao-csi-provider" + - "--label=org.opencontainers.image.licenses=MPL-2.0" + - "--label=org.opencontainers.image.version={{ .Version }}" + - "--label=org.opencontainers.image.revision={{ .FullCommit }}" + - '--label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }}' + - "--label=release={{ .Version }}" + - "--label=revision={{ .FullCommit }}" + - "--label=version={{ .Version }}" + - "--target=default" + image_templates: + - "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-arm64" + - "quay.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-arm64" + - "docker.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-arm64" + extra_files: + - ./LICENSE + - ./.release/docker/docker-entrypoint.sh + - ./CHANGELOG.md + +docker_manifests: + - name_template: ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }} + skip_push: false + image_templates: + - ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-amd64 + - ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-arm + - ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-arm64 + - name_template: ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Major }}.{{ .Minor }} + skip_push: false + image_templates: + - ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-amd64 + - ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-arm + - ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-arm64 + - name_template: ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Major }} + skip_push: false + image_templates: + - ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-amd64 + - ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-arm + - ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-arm64 + - name_template: ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:latest + skip_push: false + image_templates: + - ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-amd64 + - ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-arm + - ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-arm64 + - name_template: docker.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }} + skip_push: false + image_templates: + - docker.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-amd64 + - docker.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-arm + - docker.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-arm64 + - name_template: docker.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Major }}.{{ .Minor }} + skip_push: false + image_templates: + - docker.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-amd64 + - docker.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-arm + - docker.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-arm64 + - name_template: docker.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Major }} + skip_push: false + image_templates: + - docker.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-amd64 + - docker.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-arm + - docker.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-arm64 + - name_template: docker.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:latest + skip_push: false + image_templates: + - docker.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-amd64 + - docker.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-arm + - docker.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-arm64 + - name_template: quay.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }} + skip_push: false + image_templates: + - quay.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-amd64 + - quay.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-arm + - quay.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-arm64 + - name_template: quay.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Major }}.{{ .Minor }} + skip_push: false + image_templates: + - quay.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-amd64 + - quay.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-arm + - quay.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-arm64 + - name_template: quay.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Major }} + skip_push: false + image_templates: + - quay.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-amd64 + - quay.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-arm + - quay.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-arm64 + - name_template: quay.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:latest + skip_push: false + image_templates: + - quay.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-amd64 + - quay.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-arm + - quay.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/openbao-csi-provider:{{ .Version }}-arm64 + +archives: + - format: tar.gz + # this name template makes the OS and Arch compatible with the results of `uname`. + name_template: >- + {{ .ProjectName }}_ + {{- title .Os }}_ + {{- if eq .Arch "amd64" }}x86_64 + {{- else if eq .Arch "386" }}i386 + {{- else }}{{ .Arch }}{{ end }} + {{- if .Arm }}v{{ .Arm }}{{ end }} + +changelog: + sort: asc + filters: + exclude: + - "^docs:" + - "^test:" + +signs: + - id: cosign + artifacts: all + cmd: cosign + certificate: "${artifact}.pem" + args: + - "sign-blob" + - "--oidc-issuer=https://token.actions.githubusercontent.com" + - "--output-certificate=${certificate}" + - "--output-signature=${signature}" + - "${artifact}" + - "--yes" # needed on cosign 2.0.0+ + - id: gpg + artifacts: all + signature: "${artifact}.gpgsig" + cmd: gpg + stdin: "{{ .Env.GPG_PASSWORD }}" + args: + - "--batch" + - "--default-key={{ .Env.GPG_FINGERPRINT }}" + - "--output=${signature}" + - "--detach-sign" + - "${artifact}" + +docker_signs: + - artifacts: all + args: + - "sign" + - "--oidc-issuer=https://token.actions.githubusercontent.com" + - "${artifact}@${digest}" + - "--yes" # needed on cosign 2.0.0+ + +release: + github: + owner: openbao + name: openbao-csi-provider + draft: true #${{ .Env.GITHUB_RELEASE_DRAFT }} + replace_existing_draft: false + prerelease: ${{ .Env.GITHUB_PRERELEASE }} + make_latest: ${{ .Env.GITHUB_RELEASE_MAKE_LATEST }} + disable: false