From 82698a0c51bd06b6e2ce7fcf2fe618aa2b3e66bb Mon Sep 17 00:00:00 2001 From: Daniel Pimenta <105205108+daniel-pimenta-DME@users.noreply.github.com> Date: Mon, 6 Nov 2023 11:40:28 +0000 Subject: [PATCH] Release (#15) * Add helm charts * Rename to identity portal * Add portal components * Fix ci * Fix ci * Update configs * Update keycloak realm * Revert realm to master * Add service calls and cookies * Clear request uri on service change * Fix cookie delete * Add more service links * Update ci * Update ci * Fix issue * Fix ci --- .github/workflows/docker-publish-develop.yml | 11 ++++++----- .github/workflows/docker-publish-master.yml | 11 ++++++----- src/app/features/home/home.component.html | 1 - 3 files changed, 12 insertions(+), 11 deletions(-) diff --git a/.github/workflows/docker-publish-develop.yml b/.github/workflows/docker-publish-develop.yml index 44e8ffa..9fb62bc 100644 --- a/.github/workflows/docker-publish-develop.yml +++ b/.github/workflows/docker-publish-develop.yml @@ -38,10 +38,9 @@ jobs: # https://github.com/sigstore/cosign-installer - name: Install cosign if: github.event_name != 'pull_request' - uses: sigstore/cosign-installer@f3c664df7af409cb4873aa5068053ba9d61a57b6 #v2.6.0 + uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 #v3.1.1 with: - cosign-release: 'v1.13.1' - + cosign-release: 'v2.1.1' # Workaround: https://github.com/docker/build-push-action/issues/461 - name: Setup Docker buildx @@ -88,10 +87,12 @@ jobs: - name: Sign the published Docker image if: ${{ github.event_name != 'pull_request' }} env: - COSIGN_EXPERIMENTAL: "true" + # https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable + TAGS: ${{ steps.meta.outputs.tags }} + DIGEST: ${{ steps.build-and-push.outputs.digest }} # This step uses the identity token to provision an ephemeral certificate # against the sigstore community Fulcio instance. - run: echo "${{ steps.meta.outputs.tags }}" | xargs -I {} cosign sign {}@${{ steps.build-and-push.outputs.digest }} + run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST} - name: Log into registry ${{ env.DOCKER_REGISTRY }} uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9 diff --git a/.github/workflows/docker-publish-master.yml b/.github/workflows/docker-publish-master.yml index b917211..2ae1249 100644 --- a/.github/workflows/docker-publish-master.yml +++ b/.github/workflows/docker-publish-master.yml @@ -38,10 +38,9 @@ jobs: # https://github.com/sigstore/cosign-installer - name: Install cosign if: github.event_name != 'pull_request' - uses: sigstore/cosign-installer@f3c664df7af409cb4873aa5068053ba9d61a57b6 #v2.6.0 + uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 #v3.1.1 with: - cosign-release: 'v1.13.1' - + cosign-release: 'v2.1.1' # Workaround: https://github.com/docker/build-push-action/issues/461 - name: Setup Docker buildx @@ -88,10 +87,12 @@ jobs: - name: Sign the published Docker image if: ${{ github.event_name != 'pull_request' }} env: - COSIGN_EXPERIMENTAL: "true" + # https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable + TAGS: ${{ steps.meta.outputs.tags }} + DIGEST: ${{ steps.build-and-push.outputs.digest }} # This step uses the identity token to provision an ephemeral certificate # against the sigstore community Fulcio instance. - run: echo "${{ steps.meta.outputs.tags }}" | xargs -I {} cosign sign {}@${{ steps.build-and-push.outputs.digest }} + run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST} - name: Log into registry ${{ env.DOCKER_REGISTRY }} uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9 diff --git a/src/app/features/home/home.component.html b/src/app/features/home/home.component.html index f9b34fa..9922759 100644 --- a/src/app/features/home/home.component.html +++ b/src/app/features/home/home.component.html @@ -14,7 +14,6 @@ [link]="getIdentityApiLink()" class="w-full h-full items-center" > - -->