From 89c5bd391e2961c2aa18bcd6b888449533ed022e Mon Sep 17 00:00:00 2001 From: Will Dollman Date: Wed, 28 Feb 2024 14:15:04 +0000 Subject: [PATCH] Bump all packages to sign them (#60780) * Bump all packages to sign them * Update hashes and other minor issues * Remove unused syntect-server package * Revert "Remove unused syntect-server package" This reverts commit 073e7b38da4aaa67bc8f6644c4a9c3bc2742d029. * Undo syntect-server epoch bump --- dev/ci/scripts/wolfi/build-base-image.sh | 2 +- wolfi-packages/comby.yaml | 2 +- wolfi-packages/coursier.yaml | 2 +- wolfi-packages/ctags.yaml | 2 +- wolfi-packages/docker-client.yaml | 2 +- wolfi-packages/gke-gcloud-auth-plugin.yaml | 2 +- wolfi-packages/http-server-stabilizer.yaml | 2 +- wolfi-packages/jaeger.yaml | 2 +- wolfi-packages/opentelemetry-collector.yaml | 2 +- wolfi-packages/p4-fusion-sg.yaml | 6 +++--- wolfi-packages/p4-fusion.yaml | 2 +- wolfi-packages/p4cli.yaml | 4 ++-- wolfi-packages/prometheus-gcp.yaml | 2 +- wolfi-packages/qdrant.yaml | 2 +- wolfi-packages/redis_exporter.yaml | 2 +- wolfi-packages/s3proxy.yaml | 5 +++-- wolfi-packages/terraform.yaml | 2 +- wolfi-packages/xmlstarlet.yaml | 2 +- 18 files changed, 23 insertions(+), 22 deletions(-) diff --git a/dev/ci/scripts/wolfi/build-base-image.sh b/dev/ci/scripts/wolfi/build-base-image.sh index b89f81390e6..ddb25efc9d8 100755 --- a/dev/ci/scripts/wolfi/build-base-image.sh +++ b/dev/ci/scripts/wolfi/build-base-image.sh @@ -93,7 +93,7 @@ if [[ "$IS_MAIN" != "true" && "$branch_repo_exists" == "true" ]]; then modified_packages=() while IFS= read -r line; do modified_packages+=("$line") - done < <(gsutil ls gs://package-repository/"$BRANCH_PATH"/x86_64/\*.apk | sed -E 's/.*\/x86_64\/([a-zA-Z0-9-]+)-[0-9]+\..*/\1/') + done < <(gsutil ls gs://package-repository/"$BRANCH_PATH"/x86_64/\*.apk | sed -E 's/.*\/x86_64\/([a-zA-Z0-9_-]+)-[0-9]+\..*/\1/') echo "List of modified packages to include in branch image: ${modified_packages[*]}" diff --git a/wolfi-packages/comby.yaml b/wolfi-packages/comby.yaml index f5de17d5689..845f73c19b3 100644 --- a/wolfi-packages/comby.yaml +++ b/wolfi-packages/comby.yaml @@ -1,7 +1,7 @@ package: name: comby version: 1.8.1 - epoch: 2 + epoch: 3 description: "A code rewrite tool for structural search and replace that supports ~every language." target-architecture: - x86_64 diff --git a/wolfi-packages/coursier.yaml b/wolfi-packages/coursier.yaml index a5e23607c6b..f21553e3d59 100644 --- a/wolfi-packages/coursier.yaml +++ b/wolfi-packages/coursier.yaml @@ -4,7 +4,7 @@ package: name: coursier version: 2.0.13 # IMPORTANT: Coursier uses a non-standard release model, so updating this version alone will not update the package - epoch: 1 + epoch: 2 description: "Java dependency resolver" target-architecture: - x86_64 diff --git a/wolfi-packages/ctags.yaml b/wolfi-packages/ctags.yaml index 0a1097c27c4..9c59584e950 100644 --- a/wolfi-packages/ctags.yaml +++ b/wolfi-packages/ctags.yaml @@ -4,7 +4,7 @@ package: name: ctags version: 6.0.0 - epoch: 3 + epoch: 4 description: "A maintained ctags implementation" target-architecture: - x86_64 diff --git a/wolfi-packages/docker-client.yaml b/wolfi-packages/docker-client.yaml index 1d20bab4275..794304a441b 100644 --- a/wolfi-packages/docker-client.yaml +++ b/wolfi-packages/docker-client.yaml @@ -1,7 +1,7 @@ package: name: docker-client version: 24.0.0 - epoch: 1 + epoch: 2 description: "Docker client binary - excludes container runtime" target-architecture: - x86_64 diff --git a/wolfi-packages/gke-gcloud-auth-plugin.yaml b/wolfi-packages/gke-gcloud-auth-plugin.yaml index 33a551b3955..c1b540a29d3 100644 --- a/wolfi-packages/gke-gcloud-auth-plugin.yaml +++ b/wolfi-packages/gke-gcloud-auth-plugin.yaml @@ -8,7 +8,7 @@ package: name: gke-gcloud-auth-plugin version: 0.0.2 - epoch: 0 + epoch: 1 description: 'kubectl plugin for GKE authentication' copyright: - license: Apache-2.0 diff --git a/wolfi-packages/http-server-stabilizer.yaml b/wolfi-packages/http-server-stabilizer.yaml index 075eab6c7b4..ec298ad93c2 100644 --- a/wolfi-packages/http-server-stabilizer.yaml +++ b/wolfi-packages/http-server-stabilizer.yaml @@ -3,7 +3,7 @@ package: name: http-server-stabilizer version: 1.1.0 - epoch: 1 + epoch: 2 description: "HTTP server stabilizer for unruly servers" target-architecture: - x86_64 diff --git a/wolfi-packages/jaeger.yaml b/wolfi-packages/jaeger.yaml index 93f6b53d30c..4442f8c67ae 100644 --- a/wolfi-packages/jaeger.yaml +++ b/wolfi-packages/jaeger.yaml @@ -4,7 +4,7 @@ package: name: jaeger version: 1.45.0 # Keep in sync with version in sg.config.yaml - epoch: 5 + epoch: 6 description: "Distributed Tracing Platform" target-architecture: - x86_64 diff --git a/wolfi-packages/opentelemetry-collector.yaml b/wolfi-packages/opentelemetry-collector.yaml index 6eb23c46d4a..06bb7556696 100644 --- a/wolfi-packages/opentelemetry-collector.yaml +++ b/wolfi-packages/opentelemetry-collector.yaml @@ -1,7 +1,7 @@ package: name: opentelemetry-collector version: 0.92.0 # Keep in sync with go.opentelemetry.io/collector version in go.mod - epoch: 4 + epoch: 5 description: "Vendor-agnostic implementation on how to receive, process and export telemetry data" target-architecture: - x86_64 diff --git a/wolfi-packages/p4-fusion-sg.yaml b/wolfi-packages/p4-fusion-sg.yaml index da90ad83564..a79d70df66d 100644 --- a/wolfi-packages/p4-fusion-sg.yaml +++ b/wolfi-packages/p4-fusion-sg.yaml @@ -3,7 +3,7 @@ package: name: p4-fusion-sg version: 1.13.2 - epoch: 0 + epoch: 1 description: "A fast Perforce to Git conversion tool, Sourcegraph fork" target-architecture: - x86_64 @@ -56,8 +56,8 @@ pipeline: - uses: fetch with: uri: https://cdist2.perforce.com/perforce/r23.1/bin.linux26x86_64/p4api-glibc2.3-openssl1.1.1.tgz - # Hash occasionally changes, available at https://filehost.perforce.com/perforce/r22.1/bin.linux26x86_64/SHA256SUMS (check version) - expected-sha256: 640898f7d001ab7d071db17fb41442dce319203e636550d562eaab6212f6a595 + # Hash occasionally changes, available at https://filehost.perforce.com/perforce/r23.1/bin.linux26x86_64/SHA256SUMS (check version) + expected-sha256: bc4d81e8d594d50645a573c75a75cf5e3140d987eba3d14ffc775dc704fb400b # based on url extract: false - runs: | mkdir -p p4-fusion-src/vendor/helix-core-api/linux diff --git a/wolfi-packages/p4-fusion.yaml b/wolfi-packages/p4-fusion.yaml index 6dc93baf05a..dbf83c9c20c 100644 --- a/wolfi-packages/p4-fusion.yaml +++ b/wolfi-packages/p4-fusion.yaml @@ -3,7 +3,7 @@ package: name: p4-fusion version: 1.12 - epoch: 8 + epoch: 9 description: "A fast Perforce to Git conversion tool" target-architecture: - x86_64 diff --git a/wolfi-packages/p4cli.yaml b/wolfi-packages/p4cli.yaml index dc305051701..864cfa32ad6 100644 --- a/wolfi-packages/p4cli.yaml +++ b/wolfi-packages/p4cli.yaml @@ -1,7 +1,7 @@ package: name: p4cli version: 23.1 - epoch: 0 + epoch: 1 description: "Command line interface for Perforce" target-architecture: - x86_64 @@ -27,7 +27,7 @@ pipeline: with: uri: https://cdist2.perforce.com/perforce/r${{package.version}}/bin.linux26x86_64/p4 # Hash occasionally changes, available at https://filehost.perforce.com/perforce/r23.1/bin.linux26x86_64/SHA256SUMS (check version) - expected-sha256: d63f0e38c6c6bce469ce584d64792ea06112ba7dfbe8bcdffd216c5b710421e8 + expected-sha256: 1c053276f9379a55cfe98b0c191e03bec7d1d1673b416c7b9e1613cff699833a extract: false - runs: | chmod +x p4 diff --git a/wolfi-packages/prometheus-gcp.yaml b/wolfi-packages/prometheus-gcp.yaml index d19e0fa21a8..e5d3f8e2f8f 100644 --- a/wolfi-packages/prometheus-gcp.yaml +++ b/wolfi-packages/prometheus-gcp.yaml @@ -3,7 +3,7 @@ package: name: prometheus-gcp version: 2.35.0-gmp.6 - epoch: 1 + epoch: 2 description: "Prometheus for Google Cloud Platform metrics" target-architecture: - x86_64 diff --git a/wolfi-packages/qdrant.yaml b/wolfi-packages/qdrant.yaml index b7079bdfae9..1a61dfb72f7 100644 --- a/wolfi-packages/qdrant.yaml +++ b/wolfi-packages/qdrant.yaml @@ -1,7 +1,7 @@ package: name: qdrant version: 1.5.1 - epoch: 1 + epoch: 2 description: "Qdrant vector database" target-architecture: - x86_64 diff --git a/wolfi-packages/redis_exporter.yaml b/wolfi-packages/redis_exporter.yaml index 57c230471e8..f1b36af845f 100644 --- a/wolfi-packages/redis_exporter.yaml +++ b/wolfi-packages/redis_exporter.yaml @@ -1,7 +1,7 @@ package: name: redis_exporter version: 1.35.0 - epoch: 1 + epoch: 2 description: "Prometheus Exporter for Redis Metrics" target-architecture: - x86_64 diff --git a/wolfi-packages/s3proxy.yaml b/wolfi-packages/s3proxy.yaml index f37af0f79e3..519ea8f1210 100644 --- a/wolfi-packages/s3proxy.yaml +++ b/wolfi-packages/s3proxy.yaml @@ -1,7 +1,7 @@ package: name: s3proxy version: 2.0.0 - epoch: 2 + epoch: 3 # Independent from repo epoch description: "Access other storage backends via the S3 API" target-architecture: - x86_64 @@ -32,7 +32,8 @@ environment: pipeline: - uses: fetch with: - uri: https://github.com/sourcegraph/s3proxy/archive/refs/tags/s3proxy-${{package.version}}-${{package.epoch}}.tar.gz + # Package epoch is independent from repo epoch + uri: https://github.com/sourcegraph/s3proxy/archive/refs/tags/s3proxy-${{package.version}}-2.tar.gz expected-sha256: efeda0b7e2d87dbfb053510d706b109f8dcbf83fb7833e9d43b2231a2beaf247 extract: true - runs: | diff --git a/wolfi-packages/terraform.yaml b/wolfi-packages/terraform.yaml index b82300d40a0..dd082d2718a 100644 --- a/wolfi-packages/terraform.yaml +++ b/wolfi-packages/terraform.yaml @@ -19,7 +19,7 @@ package: name: terraform version: 1.5.6 - epoch: 0 + epoch: 1 copyright: - license: BUSL-1.1 diff --git a/wolfi-packages/xmlstarlet.yaml b/wolfi-packages/xmlstarlet.yaml index e4c59ff44ac..6f403bf834e 100644 --- a/wolfi-packages/xmlstarlet.yaml +++ b/wolfi-packages/xmlstarlet.yaml @@ -1,7 +1,7 @@ package: name: xmlstarlet version: 1.6.1 - epoch: 1 + epoch: 2 description: "" target-architecture: - x86_64