From 7e70da59aa1b91f8fabe0cc97224b7fbff10eeaf Mon Sep 17 00:00:00 2001 From: upodroid Date: Thu, 6 Oct 2022 17:21:57 +0100 Subject: [PATCH 1/3] notarize all nightlies and releases --- .../kn-plugin-admin-main.gen.yaml | 54 ++++++++++++------ .../kn-plugin-event-main.gen.yaml | 54 ++++++++++++------ .../kn-plugin-operator-main.gen.yaml | 54 ++++++++++++------ .../kn-plugin-quickstart-main.gen.yaml | 29 ++++++---- .../kn-plugin-service-log-main.gen.yaml | 55 ++++++++++++------- .../kn-plugin-source-kafka-main.gen.yaml | 54 ++++++++++++------ .../kn-plugin-source-kamelet-main.gen.yaml | 54 ++++++++++++------ .../generated/knative/client-main.gen.yaml | 31 ++++++++--- .../jobs/generated/knative/func-main.gen.yaml | 50 +++++++++++------ .../knative-sandbox/kn-plugin-admin.yaml | 14 +++-- .../knative-sandbox/kn-plugin-event.yaml | 14 +++-- .../knative-sandbox/kn-plugin-operator.yaml | 14 +++-- .../knative-sandbox/kn-plugin-quickstart.yaml | 7 ++- .../kn-plugin-service-log.yaml | 14 +++-- .../kn-plugin-source-kafka.yaml | 14 +++-- .../kn-plugin-source-kamelet.yaml | 14 +++-- prow/jobs_config/knative/client.yaml | 12 +++- prow/jobs_config/knative/func.yaml | 14 +++-- 18 files changed, 376 insertions(+), 176 deletions(-) diff --git a/prow/jobs/generated/knative-sandbox/kn-plugin-admin-main.gen.yaml b/prow/jobs/generated/knative-sandbox/kn-plugin-admin-main.gen.yaml index 93eed0970fd..bf9bded2c05 100644 --- a/prow/jobs/generated/knative-sandbox/kn-plugin-admin-main.gen.yaml +++ b/prow/jobs/generated/knative-sandbox/kn-plugin-admin-main.gen.yaml @@ -67,9 +67,13 @@ periodics: - ./hack/release.sh - --publish - --tag-release + - --apple-codesign-key + - /etc/notary/cert.p12 + - --apple-notary-api-key + - /etc/notary/key.json + - --apple-codesign-password-file + - /etc/notary/password env: - - name: GOOGLE_APPLICATION_CREDENTIALS - value: /etc/nightly-account/service-account.json - name: SIGN_IMAGES value: "true" image: gcr.io/knative-tests/test-infra/prow-tests:v20221005-aef947d7 @@ -78,19 +82,24 @@ periodics: securityContext: privileged: true volumeMounts: - - mountPath: /etc/nightly-account - name: nightly-account + - mountPath: /etc/notary + name: apple-notary-creds readOnly: true nodeSelector: kubernetes.io/arch: amd64 type: testing + serviceAccountName: nightly volumes: - - name: nightly-account + - name: apple-notary-creds secret: items: - - key: nightly.json - path: service-account.json - secretName: prow-google-credentials + - key: notary-api-key + path: key.json + - key: signing-certificate + path: cert.p12 + - key: signing-certificate-password + path: password + secretName: apple-notary-creds - annotations: testgrid-dashboards: kn-plugin-admin testgrid-tab-name: release @@ -115,13 +124,17 @@ periodics: - gcr.io/knative-releases - --github-token - /etc/hub-token/token + - --apple-codesign-key + - /etc/notary/cert.p12 + - --apple-notary-api-key + - /etc/notary/key.json + - --apple-codesign-password-file + - /etc/notary/password env: - - name: GOOGLE_APPLICATION_CREDENTIALS - value: /etc/release-account/service-account.json - name: E2E_CLUSTER_REGION value: us-central1 - - name: ORG_NAME - value: knative-sandbox + - name: SIGN_IMAGES + value: "true" image: gcr.io/knative-tests/test-infra/prow-tests:v20221005-aef947d7 name: "" resources: {} @@ -131,12 +144,13 @@ periodics: - mountPath: /etc/hub-token name: hub-token readOnly: true - - mountPath: /etc/release-account - name: release-account + - mountPath: /etc/notary + name: apple-notary-creds readOnly: true nodeSelector: kubernetes.io/arch: amd64 type: testing + serviceAccountName: release volumes: - name: hub-token secret: @@ -144,12 +158,16 @@ periodics: - key: hub_token path: token secretName: github-credentials - - name: release-account + - name: apple-notary-creds secret: items: - - key: release.json - path: service-account.json - secretName: prow-google-credentials + - key: notary-api-key + path: key.json + - key: signing-certificate + path: cert.p12 + - key: signing-certificate-password + path: password + secretName: apple-notary-creds presubmits: knative-sandbox/kn-plugin-admin: - always_run: true diff --git a/prow/jobs/generated/knative-sandbox/kn-plugin-event-main.gen.yaml b/prow/jobs/generated/knative-sandbox/kn-plugin-event-main.gen.yaml index a4af5d29ee5..155a98f5c3b 100644 --- a/prow/jobs/generated/knative-sandbox/kn-plugin-event-main.gen.yaml +++ b/prow/jobs/generated/knative-sandbox/kn-plugin-event-main.gen.yaml @@ -67,9 +67,13 @@ periodics: - ./hack/release.sh - --publish - --tag-release + - --apple-codesign-key + - /etc/notary/cert.p12 + - --apple-notary-api-key + - /etc/notary/key.json + - --apple-codesign-password-file + - /etc/notary/password env: - - name: GOOGLE_APPLICATION_CREDENTIALS - value: /etc/nightly-account/service-account.json - name: SIGN_IMAGES value: "true" image: gcr.io/knative-tests/test-infra/prow-tests:v20221005-aef947d7 @@ -78,19 +82,24 @@ periodics: securityContext: privileged: true volumeMounts: - - mountPath: /etc/nightly-account - name: nightly-account + - mountPath: /etc/notary + name: apple-notary-creds readOnly: true nodeSelector: kubernetes.io/arch: amd64 type: testing + serviceAccountName: nightly volumes: - - name: nightly-account + - name: apple-notary-creds secret: items: - - key: nightly.json - path: service-account.json - secretName: prow-google-credentials + - key: notary-api-key + path: key.json + - key: signing-certificate + path: cert.p12 + - key: signing-certificate-password + path: password + secretName: apple-notary-creds - annotations: testgrid-dashboards: kn-plugin-event testgrid-tab-name: release @@ -115,13 +124,17 @@ periodics: - gcr.io/knative-releases - --github-token - /etc/hub-token/token + - --apple-codesign-key + - /etc/notary/cert.p12 + - --apple-notary-api-key + - /etc/notary/key.json + - --apple-codesign-password-file + - /etc/notary/password env: - - name: GOOGLE_APPLICATION_CREDENTIALS - value: /etc/release-account/service-account.json - name: E2E_CLUSTER_REGION value: us-central1 - - name: ORG_NAME - value: knative-sandbox + - name: SIGN_IMAGES + value: "true" image: gcr.io/knative-tests/test-infra/prow-tests:v20221005-aef947d7 name: "" resources: {} @@ -131,12 +144,13 @@ periodics: - mountPath: /etc/hub-token name: hub-token readOnly: true - - mountPath: /etc/release-account - name: release-account + - mountPath: /etc/notary + name: apple-notary-creds readOnly: true nodeSelector: kubernetes.io/arch: amd64 type: testing + serviceAccountName: release volumes: - name: hub-token secret: @@ -144,12 +158,16 @@ periodics: - key: hub_token path: token secretName: github-credentials - - name: release-account + - name: apple-notary-creds secret: items: - - key: release.json - path: service-account.json - secretName: prow-google-credentials + - key: notary-api-key + path: key.json + - key: signing-certificate + path: cert.p12 + - key: signing-certificate-password + path: password + secretName: apple-notary-creds presubmits: knative-sandbox/kn-plugin-event: - always_run: true diff --git a/prow/jobs/generated/knative-sandbox/kn-plugin-operator-main.gen.yaml b/prow/jobs/generated/knative-sandbox/kn-plugin-operator-main.gen.yaml index eda220414cb..c5532a1adf5 100644 --- a/prow/jobs/generated/knative-sandbox/kn-plugin-operator-main.gen.yaml +++ b/prow/jobs/generated/knative-sandbox/kn-plugin-operator-main.gen.yaml @@ -67,9 +67,13 @@ periodics: - ./hack/release.sh - --publish - --tag-release + - --apple-codesign-key + - /etc/notary/cert.p12 + - --apple-notary-api-key + - /etc/notary/key.json + - --apple-codesign-password-file + - /etc/notary/password env: - - name: GOOGLE_APPLICATION_CREDENTIALS - value: /etc/nightly-account/service-account.json - name: SIGN_IMAGES value: "true" image: gcr.io/knative-tests/test-infra/prow-tests:v20221005-aef947d7 @@ -78,19 +82,24 @@ periodics: securityContext: privileged: true volumeMounts: - - mountPath: /etc/nightly-account - name: nightly-account + - mountPath: /etc/notary + name: apple-notary-creds readOnly: true nodeSelector: kubernetes.io/arch: amd64 type: testing + serviceAccountName: nightly volumes: - - name: nightly-account + - name: apple-notary-creds secret: items: - - key: nightly.json - path: service-account.json - secretName: prow-google-credentials + - key: notary-api-key + path: key.json + - key: signing-certificate + path: cert.p12 + - key: signing-certificate-password + path: password + secretName: apple-notary-creds - annotations: testgrid-dashboards: kn-plugin-operator testgrid-tab-name: release @@ -115,13 +124,17 @@ periodics: - gcr.io/knative-releases - --github-token - /etc/hub-token/token + - --apple-codesign-key + - /etc/notary/cert.p12 + - --apple-notary-api-key + - /etc/notary/key.json + - --apple-codesign-password-file + - /etc/notary/password env: - - name: GOOGLE_APPLICATION_CREDENTIALS - value: /etc/release-account/service-account.json - name: E2E_CLUSTER_REGION value: us-central1 - - name: ORG_NAME - value: knative-sandbox + - name: SIGN_IMAGES + value: "true" image: gcr.io/knative-tests/test-infra/prow-tests:v20221005-aef947d7 name: "" resources: {} @@ -131,12 +144,13 @@ periodics: - mountPath: /etc/hub-token name: hub-token readOnly: true - - mountPath: /etc/release-account - name: release-account + - mountPath: /etc/notary + name: apple-notary-creds readOnly: true nodeSelector: kubernetes.io/arch: amd64 type: testing + serviceAccountName: release volumes: - name: hub-token secret: @@ -144,12 +158,16 @@ periodics: - key: hub_token path: token secretName: github-credentials - - name: release-account + - name: apple-notary-creds secret: items: - - key: release.json - path: service-account.json - secretName: prow-google-credentials + - key: notary-api-key + path: key.json + - key: signing-certificate + path: cert.p12 + - key: signing-certificate-password + path: password + secretName: apple-notary-creds presubmits: knative-sandbox/kn-plugin-operator: - always_run: true diff --git a/prow/jobs/generated/knative-sandbox/kn-plugin-quickstart-main.gen.yaml b/prow/jobs/generated/knative-sandbox/kn-plugin-quickstart-main.gen.yaml index 8346ee2ca58..00810b0d7ac 100644 --- a/prow/jobs/generated/knative-sandbox/kn-plugin-quickstart-main.gen.yaml +++ b/prow/jobs/generated/knative-sandbox/kn-plugin-quickstart-main.gen.yaml @@ -124,13 +124,17 @@ periodics: - gcr.io/knative-releases - --github-token - /etc/hub-token/token + - --apple-codesign-key + - /etc/notary/cert.p12 + - --apple-notary-api-key + - /etc/notary/key.json + - --apple-codesign-password-file + - /etc/notary/password env: - - name: GOOGLE_APPLICATION_CREDENTIALS - value: /etc/release-account/service-account.json - name: E2E_CLUSTER_REGION value: us-central1 - - name: ORG_NAME - value: knative-sandbox + - name: SIGN_IMAGES + value: "true" image: gcr.io/knative-tests/test-infra/prow-tests:v20221005-aef947d7 name: "" resources: {} @@ -140,12 +144,13 @@ periodics: - mountPath: /etc/hub-token name: hub-token readOnly: true - - mountPath: /etc/release-account - name: release-account + - mountPath: /etc/notary + name: apple-notary-creds readOnly: true nodeSelector: kubernetes.io/arch: amd64 type: testing + serviceAccountName: release volumes: - name: hub-token secret: @@ -153,12 +158,16 @@ periodics: - key: hub_token path: token secretName: github-credentials - - name: release-account + - name: apple-notary-creds secret: items: - - key: release.json - path: service-account.json - secretName: prow-google-credentials + - key: notary-api-key + path: key.json + - key: signing-certificate + path: cert.p12 + - key: signing-certificate-password + path: password + secretName: apple-notary-creds presubmits: knative-sandbox/kn-plugin-quickstart: - always_run: true diff --git a/prow/jobs/generated/knative-sandbox/kn-plugin-service-log-main.gen.yaml b/prow/jobs/generated/knative-sandbox/kn-plugin-service-log-main.gen.yaml index 04d3596a947..6964f152eaa 100644 --- a/prow/jobs/generated/knative-sandbox/kn-plugin-service-log-main.gen.yaml +++ b/prow/jobs/generated/knative-sandbox/kn-plugin-service-log-main.gen.yaml @@ -66,10 +66,13 @@ periodics: - runner.sh - ./hack/release.sh - --publish - - --tag-release + - --tag-release --apple-codesign-key + - /etc/notary/cert.p12 + - --apple-notary-api-key + - /etc/notary/key.json + - --apple-codesign-password-file + - /etc/notary/password env: - - name: GOOGLE_APPLICATION_CREDENTIALS - value: /etc/nightly-account/service-account.json - name: SIGN_IMAGES value: "true" - name: DOCKER_IN_DOCKER_ENABLED @@ -80,8 +83,8 @@ periodics: securityContext: privileged: true volumeMounts: - - mountPath: /etc/nightly-account - name: nightly-account + - mountPath: /etc/notary + name: apple-notary-creds readOnly: true - mountPath: /docker-graph name: docker-graph @@ -92,13 +95,18 @@ periodics: nodeSelector: kubernetes.io/arch: amd64 type: testing + serviceAccountName: nightly volumes: - - name: nightly-account + - name: apple-notary-creds secret: items: - - key: nightly.json - path: service-account.json - secretName: prow-google-credentials + - key: notary-api-key + path: key.json + - key: signing-certificate + path: cert.p12 + - key: signing-certificate-password + path: password + secretName: apple-notary-creds - emptyDir: {} name: docker-graph - hostPath: @@ -133,13 +141,17 @@ periodics: - gcr.io/knative-releases - --github-token - /etc/hub-token/token + - --apple-codesign-key + - /etc/notary/cert.p12 + - --apple-notary-api-key + - /etc/notary/key.json + - --apple-codesign-password-file + - /etc/notary/password env: - - name: GOOGLE_APPLICATION_CREDENTIALS - value: /etc/release-account/service-account.json - name: E2E_CLUSTER_REGION value: us-central1 - - name: ORG_NAME - value: knative-sandbox + - name: SIGN_IMAGES + value: "true" - name: DOCKER_IN_DOCKER_ENABLED value: "true" image: gcr.io/knative-tests/test-infra/prow-tests:v20221005-aef947d7 @@ -151,8 +163,8 @@ periodics: - mountPath: /etc/hub-token name: hub-token readOnly: true - - mountPath: /etc/release-account - name: release-account + - mountPath: /etc/notary + name: apple-notary-creds readOnly: true - mountPath: /docker-graph name: docker-graph @@ -163,6 +175,7 @@ periodics: nodeSelector: kubernetes.io/arch: amd64 type: testing + serviceAccountName: release volumes: - name: hub-token secret: @@ -170,12 +183,16 @@ periodics: - key: hub_token path: token secretName: github-credentials - - name: release-account + - name: apple-notary-creds secret: items: - - key: release.json - path: service-account.json - secretName: prow-google-credentials + - key: notary-api-key + path: key.json + - key: signing-certificate + path: cert.p12 + - key: signing-certificate-password + path: password + secretName: apple-notary-creds - emptyDir: {} name: docker-graph - hostPath: diff --git a/prow/jobs/generated/knative-sandbox/kn-plugin-source-kafka-main.gen.yaml b/prow/jobs/generated/knative-sandbox/kn-plugin-source-kafka-main.gen.yaml index a592bfe476e..401dd4c1d25 100644 --- a/prow/jobs/generated/knative-sandbox/kn-plugin-source-kafka-main.gen.yaml +++ b/prow/jobs/generated/knative-sandbox/kn-plugin-source-kafka-main.gen.yaml @@ -67,9 +67,13 @@ periodics: - ./hack/release.sh - --publish - --tag-release + - --apple-codesign-key + - /etc/notary/cert.p12 + - --apple-notary-api-key + - /etc/notary/key.json + - --apple-codesign-password-file + - /etc/notary/password env: - - name: GOOGLE_APPLICATION_CREDENTIALS - value: /etc/nightly-account/service-account.json - name: SIGN_IMAGES value: "true" - name: DOCKER_IN_DOCKER_ENABLED @@ -80,8 +84,8 @@ periodics: securityContext: privileged: true volumeMounts: - - mountPath: /etc/nightly-account - name: nightly-account + - mountPath: /etc/notary + name: apple-notary-creds readOnly: true - mountPath: /docker-graph name: docker-graph @@ -92,13 +96,18 @@ periodics: nodeSelector: kubernetes.io/arch: amd64 type: testing + serviceAccountName: nightly volumes: - - name: nightly-account + - name: apple-notary-creds secret: items: - - key: nightly.json - path: service-account.json - secretName: prow-google-credentials + - key: notary-api-key + path: key.json + - key: signing-certificate + path: cert.p12 + - key: signing-certificate-password + path: password + secretName: apple-notary-creds - emptyDir: {} name: docker-graph - hostPath: @@ -133,13 +142,17 @@ periodics: - gcr.io/knative-releases - --github-token - /etc/hub-token/token + - --apple-codesign-key + - /etc/notary/cert.p12 + - --apple-notary-api-key + - /etc/notary/key.json + - --apple-codesign-password-file + - /etc/notary/password env: - - name: GOOGLE_APPLICATION_CREDENTIALS - value: /etc/release-account/service-account.json - name: E2E_CLUSTER_REGION value: us-central1 - - name: ORG_NAME - value: knative-sandbox + - name: SIGN_IMAGES + value: "true" - name: DOCKER_IN_DOCKER_ENABLED value: "true" image: gcr.io/knative-tests/test-infra/prow-tests:v20221005-aef947d7 @@ -151,8 +164,8 @@ periodics: - mountPath: /etc/hub-token name: hub-token readOnly: true - - mountPath: /etc/release-account - name: release-account + - mountPath: /etc/notary + name: apple-notary-creds readOnly: true - mountPath: /docker-graph name: docker-graph @@ -163,6 +176,7 @@ periodics: nodeSelector: kubernetes.io/arch: amd64 type: testing + serviceAccountName: release volumes: - name: hub-token secret: @@ -170,12 +184,16 @@ periodics: - key: hub_token path: token secretName: github-credentials - - name: release-account + - name: apple-notary-creds secret: items: - - key: release.json - path: service-account.json - secretName: prow-google-credentials + - key: notary-api-key + path: key.json + - key: signing-certificate + path: cert.p12 + - key: signing-certificate-password + path: password + secretName: apple-notary-creds - emptyDir: {} name: docker-graph - hostPath: diff --git a/prow/jobs/generated/knative-sandbox/kn-plugin-source-kamelet-main.gen.yaml b/prow/jobs/generated/knative-sandbox/kn-plugin-source-kamelet-main.gen.yaml index ea49f93772e..73d71e2c6fc 100644 --- a/prow/jobs/generated/knative-sandbox/kn-plugin-source-kamelet-main.gen.yaml +++ b/prow/jobs/generated/knative-sandbox/kn-plugin-source-kamelet-main.gen.yaml @@ -67,9 +67,13 @@ periodics: - ./hack/release.sh - --publish - --tag-release + - --apple-codesign-key + - /etc/notary/cert.p12 + - --apple-notary-api-key + - /etc/notary/key.json + - --apple-codesign-password-file + - /etc/notary/password env: - - name: GOOGLE_APPLICATION_CREDENTIALS - value: /etc/nightly-account/service-account.json - name: SIGN_IMAGES value: "true" image: gcr.io/knative-tests/test-infra/prow-tests:v20221005-aef947d7 @@ -78,19 +82,24 @@ periodics: securityContext: privileged: true volumeMounts: - - mountPath: /etc/nightly-account - name: nightly-account + - mountPath: /etc/notary + name: apple-notary-creds readOnly: true nodeSelector: kubernetes.io/arch: amd64 type: testing + serviceAccountName: nightly volumes: - - name: nightly-account + - name: apple-notary-creds secret: items: - - key: nightly.json - path: service-account.json - secretName: prow-google-credentials + - key: notary-api-key + path: key.json + - key: signing-certificate + path: cert.p12 + - key: signing-certificate-password + path: password + secretName: apple-notary-creds - annotations: testgrid-dashboards: kn-plugin-source-kamelet testgrid-tab-name: release @@ -115,13 +124,17 @@ periodics: - gcr.io/knative-releases - --github-token - /etc/hub-token/token + - --apple-codesign-key + - /etc/notary/cert.p12 + - --apple-notary-api-key + - /etc/notary/key.json + - --apple-codesign-password-file + - /etc/notary/password env: - - name: GOOGLE_APPLICATION_CREDENTIALS - value: /etc/release-account/service-account.json - name: E2E_CLUSTER_REGION value: us-central1 - - name: ORG_NAME - value: knative-sandbox + - name: SIGN_IMAGES + value: "true" image: gcr.io/knative-tests/test-infra/prow-tests:v20221005-aef947d7 name: "" resources: {} @@ -131,12 +144,13 @@ periodics: - mountPath: /etc/hub-token name: hub-token readOnly: true - - mountPath: /etc/release-account - name: release-account + - mountPath: /etc/notary + name: apple-notary-creds readOnly: true nodeSelector: kubernetes.io/arch: amd64 type: testing + serviceAccountName: release volumes: - name: hub-token secret: @@ -144,12 +158,16 @@ periodics: - key: hub_token path: token secretName: github-credentials - - name: release-account + - name: apple-notary-creds secret: items: - - key: release.json - path: service-account.json - secretName: prow-google-credentials + - key: notary-api-key + path: key.json + - key: signing-certificate + path: cert.p12 + - key: signing-certificate-password + path: password + secretName: apple-notary-creds presubmits: knative-sandbox/kn-plugin-source-kamelet: - always_run: true diff --git a/prow/jobs/generated/knative/client-main.gen.yaml b/prow/jobs/generated/knative/client-main.gen.yaml index 00337872c6b..693f395965e 100644 --- a/prow/jobs/generated/knative/client-main.gen.yaml +++ b/prow/jobs/generated/knative/client-main.gen.yaml @@ -256,6 +256,12 @@ periodics: - ./hack/release.sh - --publish - --tag-release + - --apple-codesign-key + - /etc/notary/cert.p12 + - --apple-notary-api-key + - /etc/notary/key.json + - --apple-codesign-password-file + - /etc/notary/password env: - name: SIGN_IMAGES value: "true" @@ -307,9 +313,13 @@ periodics: - gcr.io/knative-releases - --github-token - /etc/hub-token/token + - --apple-codesign-key + - /etc/notary/cert.p12 + - --apple-notary-api-key + - /etc/notary/key.json + - --apple-codesign-password-file + - /etc/notary/password env: - - name: GOOGLE_APPLICATION_CREDENTIALS - value: /etc/release-account/service-account.json - name: E2E_CLUSTER_REGION value: us-central1 - name: SIGN_IMAGES @@ -323,12 +333,13 @@ periodics: - mountPath: /etc/hub-token name: hub-token readOnly: true - - mountPath: /etc/release-account - name: release-account + - mountPath: /etc/notary + name: apple-notary-creds readOnly: true nodeSelector: kubernetes.io/arch: amd64 type: testing + serviceAccountName: release volumes: - name: hub-token secret: @@ -336,12 +347,16 @@ periodics: - key: hub_token path: token secretName: github-credentials - - name: release-account + - name: apple-notary-creds secret: items: - - key: release.json - path: service-account.json - secretName: prow-google-credentials + - key: notary-api-key + path: key.json + - key: signing-certificate + path: cert.p12 + - key: signing-certificate-password + path: password + secretName: apple-notary-creds presubmits: knative/client: - always_run: true diff --git a/prow/jobs/generated/knative/func-main.gen.yaml b/prow/jobs/generated/knative/func-main.gen.yaml index 238bb6c37e6..7d88a3882ba 100644 --- a/prow/jobs/generated/knative/func-main.gen.yaml +++ b/prow/jobs/generated/knative/func-main.gen.yaml @@ -25,9 +25,13 @@ periodics: - ./hack/release.sh - --publish - --tag-release + - --apple-codesign-key + - /etc/notary/cert.p12 + - --apple-notary-api-key + - /etc/notary/key.json + - --apple-codesign-password-file + - /etc/notary/password env: - - name: GOOGLE_APPLICATION_CREDENTIALS - value: /etc/nightly-account/service-account.json - name: SIGN_IMAGES value: "true" - name: DOCKER_IN_DOCKER_ENABLED @@ -38,8 +42,8 @@ periodics: securityContext: privileged: true volumeMounts: - - mountPath: /etc/nightly-account - name: nightly-account + - mountPath: /etc/notary + name: apple-notary-creds readOnly: true - mountPath: /docker-graph name: docker-graph @@ -50,13 +54,18 @@ periodics: nodeSelector: kubernetes.io/arch: amd64 type: testing + serviceAccountName: nightly volumes: - - name: nightly-account + - name: apple-notary-creds secret: items: - - key: nightly.json - path: service-account.json - secretName: prow-google-credentials + - key: notary-api-key + path: key.json + - key: signing-certificate + path: cert.p12 + - key: signing-certificate-password + path: password + secretName: apple-notary-creds - emptyDir: {} name: docker-graph - hostPath: @@ -91,9 +100,13 @@ periodics: - gcr.io/knative-releases - --github-token - /etc/hub-token/token + - --apple-codesign-key + - /etc/notary/cert.p12 + - --apple-notary-api-key + - /etc/notary/key.json + - --apple-codesign-password-file + - /etc/notary/password env: - - name: GOOGLE_APPLICATION_CREDENTIALS - value: /etc/release-account/service-account.json - name: E2E_CLUSTER_REGION value: us-central1 - name: SIGN_IMAGES @@ -109,8 +122,8 @@ periodics: - mountPath: /etc/hub-token name: hub-token readOnly: true - - mountPath: /etc/release-account - name: release-account + - mountPath: /etc/notary + name: apple-notary-creds readOnly: true - mountPath: /docker-graph name: docker-graph @@ -121,6 +134,7 @@ periodics: nodeSelector: kubernetes.io/arch: amd64 type: testing + serviceAccountName: release volumes: - name: hub-token secret: @@ -128,12 +142,16 @@ periodics: - key: hub_token path: token secretName: github-credentials - - name: release-account + - name: apple-notary-creds secret: items: - - key: release.json - path: service-account.json - secretName: prow-google-credentials + - key: notary-api-key + path: key.json + - key: signing-certificate + path: cert.p12 + - key: signing-certificate-password + path: password + secretName: apple-notary-creds - emptyDir: {} name: docker-graph - hostPath: diff --git a/prow/jobs_config/knative-sandbox/kn-plugin-admin.yaml b/prow/jobs_config/knative-sandbox/kn-plugin-admin.yaml index dfd4f10e2c5..3e2d142141b 100644 --- a/prow/jobs_config/knative-sandbox/kn-plugin-admin.yaml +++ b/prow/jobs_config/knative-sandbox/kn-plugin-admin.yaml @@ -24,12 +24,18 @@ jobs: - name: nightly types: [periodic] - command: [runner.sh, ./hack/release.sh, --publish, --tag-release] - requirements: [nightly] + command: [runner.sh, ./hack/release.sh, --publish, --tag-release, + --apple-codesign-key, /etc/notary/cert.p12, + --apple-notary-api-key, /etc/notary/key.json, + --apple-codesign-password-file, /etc/notary/password] + requirements: [nightly-notary] excluded_requirements: [gcp] - name: release types: [periodic] - command: [runner.sh, ./hack/release.sh, --auto-release, --release-gcs, knative-releases/kn-plugin-admin, --release-gcr, gcr.io/knative-releases, --github-token, /etc/hub-token/token] - requirements: [release] + command: [runner.sh, ./hack/release.sh, --auto-release, --release-gcs, knative-releases/kn-plugin-admin, --release-gcr, gcr.io/knative-releases, --github-token, /etc/hub-token/token, + --apple-codesign-key, /etc/notary/cert.p12, + --apple-notary-api-key, /etc/notary/key.json, + --apple-codesign-password-file, /etc/notary/password] + requirements: [release-notary] excluded_requirements: [gcp] diff --git a/prow/jobs_config/knative-sandbox/kn-plugin-event.yaml b/prow/jobs_config/knative-sandbox/kn-plugin-event.yaml index 7c4d736629f..895fce66455 100644 --- a/prow/jobs_config/knative-sandbox/kn-plugin-event.yaml +++ b/prow/jobs_config/knative-sandbox/kn-plugin-event.yaml @@ -24,12 +24,18 @@ jobs: - name: nightly types: [periodic] - command: [runner.sh, ./hack/release.sh, --publish, --tag-release] - requirements: [nightly] + command: [runner.sh, ./hack/release.sh, --publish, --tag-release, + --apple-codesign-key, /etc/notary/cert.p12, + --apple-notary-api-key, /etc/notary/key.json, + --apple-codesign-password-file, /etc/notary/password] + requirements: [nightly-notary] excluded_requirements: [gcp] - name: release types: [periodic] - command: [runner.sh, ./hack/release.sh, --auto-release, --release-gcs, knative-releases/kn-plugin-event, --release-gcr, gcr.io/knative-releases, --github-token, /etc/hub-token/token] - requirements: [release] + command: [runner.sh, ./hack/release.sh, --auto-release, --release-gcs, knative-releases/kn-plugin-event, --release-gcr, gcr.io/knative-releases, --github-token, /etc/hub-token/token, + --apple-codesign-key, /etc/notary/cert.p12, + --apple-notary-api-key, /etc/notary/key.json, + --apple-codesign-password-file, /etc/notary/password] + requirements: [release-notary] excluded_requirements: [gcp] diff --git a/prow/jobs_config/knative-sandbox/kn-plugin-operator.yaml b/prow/jobs_config/knative-sandbox/kn-plugin-operator.yaml index c1f211e9b76..280b98945f4 100644 --- a/prow/jobs_config/knative-sandbox/kn-plugin-operator.yaml +++ b/prow/jobs_config/knative-sandbox/kn-plugin-operator.yaml @@ -24,12 +24,18 @@ jobs: - name: nightly types: [periodic] - command: [runner.sh, ./hack/release.sh, --publish, --tag-release] - requirements: [nightly] + command: [runner.sh, ./hack/release.sh, --publish, --tag-release, + --apple-codesign-key, /etc/notary/cert.p12, + --apple-notary-api-key, /etc/notary/key.json, + --apple-codesign-password-file, /etc/notary/password] + requirements: [nightly-notary] excluded_requirements: [gcp] - name: release types: [periodic] - command: [runner.sh, ./hack/release.sh, --auto-release, --release-gcs, knative-releases/kn-plugin-operator, --release-gcr, gcr.io/knative-releases, --github-token, /etc/hub-token/token] - requirements: [release] + command: [runner.sh, ./hack/release.sh, --auto-release, --release-gcs, knative-releases/kn-plugin-operator, --release-gcr, gcr.io/knative-releases, --github-token, /etc/hub-token/token, + --apple-codesign-key, /etc/notary/cert.p12, + --apple-notary-api-key, /etc/notary/key.json, + --apple-codesign-password-file, /etc/notary/password] + requirements: [release-notary] excluded_requirements: [gcp] diff --git a/prow/jobs_config/knative-sandbox/kn-plugin-quickstart.yaml b/prow/jobs_config/knative-sandbox/kn-plugin-quickstart.yaml index 7729930e1c9..a766c7dd6f7 100644 --- a/prow/jobs_config/knative-sandbox/kn-plugin-quickstart.yaml +++ b/prow/jobs_config/knative-sandbox/kn-plugin-quickstart.yaml @@ -33,6 +33,9 @@ jobs: - name: release types: [periodic] - command: [runner.sh, ./hack/release.sh, --auto-release, --release-gcs, knative-releases/kn-plugin-quickstart, --release-gcr, gcr.io/knative-releases, --github-token, /etc/hub-token/token] - requirements: [release] + command: [runner.sh, ./hack/release.sh, --auto-release, --release-gcs, knative-releases/kn-plugin-quickstart, --release-gcr, gcr.io/knative-releases, --github-token, /etc/hub-token/token, + --apple-codesign-key, /etc/notary/cert.p12, + --apple-notary-api-key, /etc/notary/key.json, + --apple-codesign-password-file, /etc/notary/password] + requirements: [release-notary] excluded_requirements: [gcp] diff --git a/prow/jobs_config/knative-sandbox/kn-plugin-service-log.yaml b/prow/jobs_config/knative-sandbox/kn-plugin-service-log.yaml index 6c971a79e49..bbc2b85814e 100644 --- a/prow/jobs_config/knative-sandbox/kn-plugin-service-log.yaml +++ b/prow/jobs_config/knative-sandbox/kn-plugin-service-log.yaml @@ -24,12 +24,18 @@ jobs: - name: nightly types: [periodic] - command: [runner.sh, ./hack/release.sh, --publish, --tag-release] - requirements: [nightly, docker] + command: [runner.sh, ./hack/release.sh, --publish, --tag-release + --apple-codesign-key, /etc/notary/cert.p12, + --apple-notary-api-key, /etc/notary/key.json, + --apple-codesign-password-file, /etc/notary/password] + requirements: [nightly-notary, docker] excluded_requirements: [gcp] - name: release types: [periodic] - command: [runner.sh, ./hack/release.sh, --auto-release, --release-gcs, knative-releases/kn-plugin-service-log, --release-gcr, gcr.io/knative-releases, --github-token, /etc/hub-token/token] - requirements: [release, docker] + command: [runner.sh, ./hack/release.sh, --auto-release, --release-gcs, knative-releases/kn-plugin-service-log, --release-gcr, gcr.io/knative-releases, --github-token, /etc/hub-token/token, + --apple-codesign-key, /etc/notary/cert.p12, + --apple-notary-api-key, /etc/notary/key.json, + --apple-codesign-password-file, /etc/notary/password] + requirements: [release-notary, docker] excluded_requirements: [gcp] diff --git a/prow/jobs_config/knative-sandbox/kn-plugin-source-kafka.yaml b/prow/jobs_config/knative-sandbox/kn-plugin-source-kafka.yaml index 51e38be0d8e..ca75d261db3 100644 --- a/prow/jobs_config/knative-sandbox/kn-plugin-source-kafka.yaml +++ b/prow/jobs_config/knative-sandbox/kn-plugin-source-kafka.yaml @@ -24,12 +24,18 @@ jobs: - name: nightly types: [periodic] - command: [runner.sh, ./hack/release.sh, --publish, --tag-release] - requirements: [nightly, docker] + command: [runner.sh, ./hack/release.sh, --publish, --tag-release, + --apple-codesign-key, /etc/notary/cert.p12, + --apple-notary-api-key, /etc/notary/key.json, + --apple-codesign-password-file, /etc/notary/password] + requirements: [nightly-notary, docker] excluded_requirements: [gcp] - name: release types: [periodic] - command: [runner.sh, ./hack/release.sh, --auto-release, --release-gcs, knative-releases/kn-plugin-source-kafka, --release-gcr, gcr.io/knative-releases, --github-token, /etc/hub-token/token] - requirements: [release, docker] + command: [runner.sh, ./hack/release.sh, --auto-release, --release-gcs, knative-releases/kn-plugin-source-kafka, --release-gcr, gcr.io/knative-releases, --github-token, /etc/hub-token/token, + --apple-codesign-key, /etc/notary/cert.p12, + --apple-notary-api-key, /etc/notary/key.json, + --apple-codesign-password-file, /etc/notary/password] + requirements: [release-notary, docker] excluded_requirements: [gcp] diff --git a/prow/jobs_config/knative-sandbox/kn-plugin-source-kamelet.yaml b/prow/jobs_config/knative-sandbox/kn-plugin-source-kamelet.yaml index a76d34d4e33..abac1b7c1ac 100644 --- a/prow/jobs_config/knative-sandbox/kn-plugin-source-kamelet.yaml +++ b/prow/jobs_config/knative-sandbox/kn-plugin-source-kamelet.yaml @@ -24,12 +24,18 @@ jobs: - name: nightly types: [periodic] - command: [runner.sh, ./hack/release.sh, --publish, --tag-release] - requirements: [nightly] + command: [runner.sh, ./hack/release.sh, --publish, --tag-release, + --apple-codesign-key, /etc/notary/cert.p12, + --apple-notary-api-key, /etc/notary/key.json, + --apple-codesign-password-file, /etc/notary/password] + requirements: [nightly-notary] excluded_requirements: [gcp] - name: release types: [periodic] - command: [runner.sh, ./hack/release.sh, --auto-release, --release-gcs, knative-releases/kn-plugin-source-kamelet, --release-gcr, gcr.io/knative-releases, --github-token, /etc/hub-token/token] - requirements: [release] + command: [runner.sh, ./hack/release.sh, --auto-release, --release-gcs, knative-releases/kn-plugin-source-kamelet, --release-gcr, gcr.io/knative-releases, --github-token, /etc/hub-token/token, + --apple-codesign-key, /etc/notary/cert.p12, + --apple-notary-api-key, /etc/notary/key.json, + --apple-codesign-password-file, /etc/notary/password] + requirements: [release-notary] excluded_requirements: [gcp] diff --git a/prow/jobs_config/knative/client.yaml b/prow/jobs_config/knative/client.yaml index 75bcf32af32..3367b8cc73f 100644 --- a/prow/jobs_config/knative/client.yaml +++ b/prow/jobs_config/knative/client.yaml @@ -73,7 +73,10 @@ jobs: - name: nightly types: [periodic] - command: [runner.sh, ./hack/release.sh, --publish, --tag-release] + command: [runner.sh, ./hack/release.sh, --publish, --tag-release, + --apple-codesign-key, /etc/notary/cert.p12, + --apple-notary-api-key, /etc/notary/key.json, + --apple-codesign-password-file, /etc/notary/password] requirements: [nightly-notary] excluded_requirements: [gcp] reporter_config: @@ -85,6 +88,9 @@ jobs: - "failure" - name: release types: [periodic] - command: [runner.sh, ./hack/release.sh, --auto-release, --release-gcs, knative-releases/client, --release-gcr, gcr.io/knative-releases, --github-token, /etc/hub-token/token] - requirements: [release] + command: [runner.sh, ./hack/release.sh, --auto-release, --release-gcs, knative-releases/client, --release-gcr, gcr.io/knative-releases, --github-token, /etc/hub-token/token, + --apple-codesign-key, /etc/notary/cert.p12, + --apple-notary-api-key, /etc/notary/key.json, + --apple-codesign-password-file, /etc/notary/password] + requirements: [release-notary] excluded_requirements: [gcp] diff --git a/prow/jobs_config/knative/func.yaml b/prow/jobs_config/knative/func.yaml index d940bba2f87..e912c100d98 100644 --- a/prow/jobs_config/knative/func.yaml +++ b/prow/jobs_config/knative/func.yaml @@ -6,12 +6,18 @@ image: gcr.io/knative-tests/test-infra/prow-tests:v20220927-b6d8e28f jobs: - name: nightly types: [periodic] - command: [runner.sh, ./hack/release.sh, --publish, --tag-release] - requirements: [nightly, docker] + command: [runner.sh, ./hack/release.sh, --publish, --tag-release, + --apple-codesign-key, /etc/notary/cert.p12, + --apple-notary-api-key, /etc/notary/key.json, + --apple-codesign-password-file, /etc/notary/password] + requirements: [nightly-notary, docker] excluded_requirements: [gcp] - name: release types: [periodic] - command: [runner.sh, ./hack/release.sh, --auto-release, --release-gcs, knative-releases/func, --release-gcr, gcr.io/knative-releases, --github-token, /etc/hub-token/token] - requirements: [release, docker] + command: [runner.sh, ./hack/release.sh, --auto-release, --release-gcs, knative-releases/func, --release-gcr, gcr.io/knative-releases, --github-token, /etc/hub-token/token, + --apple-codesign-key, /etc/notary/cert.p12, + --apple-notary-api-key, /etc/notary/key.json, + --apple-codesign-password-file, /etc/notary/password] + requirements: [release-notary, docker] excluded_requirements: [gcp] From a02b929a68319a3a026b011941349dc87e595c76 Mon Sep 17 00:00:00 2001 From: upodroid Date: Thu, 6 Oct 2022 17:29:20 +0100 Subject: [PATCH 2/3] set ORG_NAME as well --- .../kn-plugin-admin-main.gen.yaml | 4 +++ .../kn-plugin-event-main.gen.yaml | 4 +++ .../kn-plugin-operator-main.gen.yaml | 4 +++ .../kn-plugin-quickstart-main.gen.yaml | 4 +++ .../kn-plugin-service-log-main.gen.yaml | 4 +++ .../kn-plugin-source-kafka-main.gen.yaml | 4 +++ .../kn-plugin-source-kamelet-main.gen.yaml | 4 +++ prow/jobs_config/knative-sandbox/.base.yaml | 36 +++++++++++++++++++ 8 files changed, 64 insertions(+) diff --git a/prow/jobs/generated/knative-sandbox/kn-plugin-admin-main.gen.yaml b/prow/jobs/generated/knative-sandbox/kn-plugin-admin-main.gen.yaml index bf9bded2c05..1002e4ff572 100644 --- a/prow/jobs/generated/knative-sandbox/kn-plugin-admin-main.gen.yaml +++ b/prow/jobs/generated/knative-sandbox/kn-plugin-admin-main.gen.yaml @@ -76,6 +76,8 @@ periodics: env: - name: SIGN_IMAGES value: "true" + - name: ORG_NAME + value: knative-sandbox image: gcr.io/knative-tests/test-infra/prow-tests:v20221005-aef947d7 name: "" resources: {} @@ -135,6 +137,8 @@ periodics: value: us-central1 - name: SIGN_IMAGES value: "true" + - name: ORG_NAME + value: knative-sandbox image: gcr.io/knative-tests/test-infra/prow-tests:v20221005-aef947d7 name: "" resources: {} diff --git a/prow/jobs/generated/knative-sandbox/kn-plugin-event-main.gen.yaml b/prow/jobs/generated/knative-sandbox/kn-plugin-event-main.gen.yaml index 155a98f5c3b..a8339a91855 100644 --- a/prow/jobs/generated/knative-sandbox/kn-plugin-event-main.gen.yaml +++ b/prow/jobs/generated/knative-sandbox/kn-plugin-event-main.gen.yaml @@ -76,6 +76,8 @@ periodics: env: - name: SIGN_IMAGES value: "true" + - name: ORG_NAME + value: knative-sandbox image: gcr.io/knative-tests/test-infra/prow-tests:v20221005-aef947d7 name: "" resources: {} @@ -135,6 +137,8 @@ periodics: value: us-central1 - name: SIGN_IMAGES value: "true" + - name: ORG_NAME + value: knative-sandbox image: gcr.io/knative-tests/test-infra/prow-tests:v20221005-aef947d7 name: "" resources: {} diff --git a/prow/jobs/generated/knative-sandbox/kn-plugin-operator-main.gen.yaml b/prow/jobs/generated/knative-sandbox/kn-plugin-operator-main.gen.yaml index c5532a1adf5..b5e336b2918 100644 --- a/prow/jobs/generated/knative-sandbox/kn-plugin-operator-main.gen.yaml +++ b/prow/jobs/generated/knative-sandbox/kn-plugin-operator-main.gen.yaml @@ -76,6 +76,8 @@ periodics: env: - name: SIGN_IMAGES value: "true" + - name: ORG_NAME + value: knative-sandbox image: gcr.io/knative-tests/test-infra/prow-tests:v20221005-aef947d7 name: "" resources: {} @@ -135,6 +137,8 @@ periodics: value: us-central1 - name: SIGN_IMAGES value: "true" + - name: ORG_NAME + value: knative-sandbox image: gcr.io/knative-tests/test-infra/prow-tests:v20221005-aef947d7 name: "" resources: {} diff --git a/prow/jobs/generated/knative-sandbox/kn-plugin-quickstart-main.gen.yaml b/prow/jobs/generated/knative-sandbox/kn-plugin-quickstart-main.gen.yaml index 00810b0d7ac..3d25016d8e7 100644 --- a/prow/jobs/generated/knative-sandbox/kn-plugin-quickstart-main.gen.yaml +++ b/prow/jobs/generated/knative-sandbox/kn-plugin-quickstart-main.gen.yaml @@ -76,6 +76,8 @@ periodics: env: - name: SIGN_IMAGES value: "true" + - name: ORG_NAME + value: knative-sandbox image: gcr.io/knative-tests/test-infra/prow-tests:v20221005-aef947d7 name: "" resources: {} @@ -135,6 +137,8 @@ periodics: value: us-central1 - name: SIGN_IMAGES value: "true" + - name: ORG_NAME + value: knative-sandbox image: gcr.io/knative-tests/test-infra/prow-tests:v20221005-aef947d7 name: "" resources: {} diff --git a/prow/jobs/generated/knative-sandbox/kn-plugin-service-log-main.gen.yaml b/prow/jobs/generated/knative-sandbox/kn-plugin-service-log-main.gen.yaml index 6964f152eaa..216fc638075 100644 --- a/prow/jobs/generated/knative-sandbox/kn-plugin-service-log-main.gen.yaml +++ b/prow/jobs/generated/knative-sandbox/kn-plugin-service-log-main.gen.yaml @@ -75,6 +75,8 @@ periodics: env: - name: SIGN_IMAGES value: "true" + - name: ORG_NAME + value: knative-sandbox - name: DOCKER_IN_DOCKER_ENABLED value: "true" image: gcr.io/knative-tests/test-infra/prow-tests:v20221005-aef947d7 @@ -152,6 +154,8 @@ periodics: value: us-central1 - name: SIGN_IMAGES value: "true" + - name: ORG_NAME + value: knative-sandbox - name: DOCKER_IN_DOCKER_ENABLED value: "true" image: gcr.io/knative-tests/test-infra/prow-tests:v20221005-aef947d7 diff --git a/prow/jobs/generated/knative-sandbox/kn-plugin-source-kafka-main.gen.yaml b/prow/jobs/generated/knative-sandbox/kn-plugin-source-kafka-main.gen.yaml index 401dd4c1d25..d47e8227f2a 100644 --- a/prow/jobs/generated/knative-sandbox/kn-plugin-source-kafka-main.gen.yaml +++ b/prow/jobs/generated/knative-sandbox/kn-plugin-source-kafka-main.gen.yaml @@ -76,6 +76,8 @@ periodics: env: - name: SIGN_IMAGES value: "true" + - name: ORG_NAME + value: knative-sandbox - name: DOCKER_IN_DOCKER_ENABLED value: "true" image: gcr.io/knative-tests/test-infra/prow-tests:v20221005-aef947d7 @@ -153,6 +155,8 @@ periodics: value: us-central1 - name: SIGN_IMAGES value: "true" + - name: ORG_NAME + value: knative-sandbox - name: DOCKER_IN_DOCKER_ENABLED value: "true" image: gcr.io/knative-tests/test-infra/prow-tests:v20221005-aef947d7 diff --git a/prow/jobs/generated/knative-sandbox/kn-plugin-source-kamelet-main.gen.yaml b/prow/jobs/generated/knative-sandbox/kn-plugin-source-kamelet-main.gen.yaml index 73d71e2c6fc..9bd0d44fead 100644 --- a/prow/jobs/generated/knative-sandbox/kn-plugin-source-kamelet-main.gen.yaml +++ b/prow/jobs/generated/knative-sandbox/kn-plugin-source-kamelet-main.gen.yaml @@ -76,6 +76,8 @@ periodics: env: - name: SIGN_IMAGES value: "true" + - name: ORG_NAME + value: knative-sandbox image: gcr.io/knative-tests/test-infra/prow-tests:v20221005-aef947d7 name: "" resources: {} @@ -135,6 +137,8 @@ periodics: value: us-central1 - name: SIGN_IMAGES value: "true" + - name: ORG_NAME + value: knative-sandbox image: gcr.io/knative-tests/test-infra/prow-tests:v20221005-aef947d7 name: "" resources: {} diff --git a/prow/jobs_config/knative-sandbox/.base.yaml b/prow/jobs_config/knative-sandbox/.base.yaml index 83fdc05174c..c9b9a9b6616 100644 --- a/prow/jobs_config/knative-sandbox/.base.yaml +++ b/prow/jobs_config/knative-sandbox/.base.yaml @@ -30,3 +30,39 @@ requirement_presets: - key: release.json path: service-account.json secretName: prow-google-credentials + + release-notary: # this preset is for knative projects that release binaries ONLY. + podSpec: + serviceAccountName: release + env: + - name: E2E_CLUSTER_REGION + value: us-central1 + - name: SIGN_IMAGES + value: "true" + # ORG_NAME must be set to knative-sandbox, overwriting the preset in root .base.yaml + - name: ORG_NAME + value: knative-sandbox + volumeMounts: + - name: hub-token + mountPath: /etc/hub-token + readOnly: true + - name: apple-notary-creds + mountPath: /etc/notary + readOnly: true + volumes: + - name: hub-token + secret: + items: + - key: hub_token + path: token + secretName: github-credentials + - name: apple-notary-creds + secret: + items: + - key: notary-api-key + path: key.json + - key: signing-certificate + path: cert.p12 + - key: signing-certificate-password + path: password + secretName: apple-notary-creds From 788189f7777d78fe62e9ab1d5b53e6c10c02c108 Mon Sep 17 00:00:00 2001 From: upodroid Date: Thu, 6 Oct 2022 18:24:21 +0100 Subject: [PATCH 3/3] fix diffs --- .../generated/knative-sandbox/kn-plugin-admin-main.gen.yaml | 2 -- .../generated/knative-sandbox/kn-plugin-event-main.gen.yaml | 2 -- .../generated/knative-sandbox/kn-plugin-operator-main.gen.yaml | 2 -- .../knative-sandbox/kn-plugin-quickstart-main.gen.yaml | 2 -- .../knative-sandbox/kn-plugin-service-log-main.gen.yaml | 2 -- .../knative-sandbox/kn-plugin-source-kafka-main.gen.yaml | 2 -- .../knative-sandbox/kn-plugin-source-kamelet-main.gen.yaml | 2 -- 7 files changed, 14 deletions(-) diff --git a/prow/jobs/generated/knative-sandbox/kn-plugin-admin-main.gen.yaml b/prow/jobs/generated/knative-sandbox/kn-plugin-admin-main.gen.yaml index 1002e4ff572..5dbef9f0121 100644 --- a/prow/jobs/generated/knative-sandbox/kn-plugin-admin-main.gen.yaml +++ b/prow/jobs/generated/knative-sandbox/kn-plugin-admin-main.gen.yaml @@ -76,8 +76,6 @@ periodics: env: - name: SIGN_IMAGES value: "true" - - name: ORG_NAME - value: knative-sandbox image: gcr.io/knative-tests/test-infra/prow-tests:v20221005-aef947d7 name: "" resources: {} diff --git a/prow/jobs/generated/knative-sandbox/kn-plugin-event-main.gen.yaml b/prow/jobs/generated/knative-sandbox/kn-plugin-event-main.gen.yaml index a8339a91855..e97930008a3 100644 --- a/prow/jobs/generated/knative-sandbox/kn-plugin-event-main.gen.yaml +++ b/prow/jobs/generated/knative-sandbox/kn-plugin-event-main.gen.yaml @@ -76,8 +76,6 @@ periodics: env: - name: SIGN_IMAGES value: "true" - - name: ORG_NAME - value: knative-sandbox image: gcr.io/knative-tests/test-infra/prow-tests:v20221005-aef947d7 name: "" resources: {} diff --git a/prow/jobs/generated/knative-sandbox/kn-plugin-operator-main.gen.yaml b/prow/jobs/generated/knative-sandbox/kn-plugin-operator-main.gen.yaml index b5e336b2918..4f2b6d94647 100644 --- a/prow/jobs/generated/knative-sandbox/kn-plugin-operator-main.gen.yaml +++ b/prow/jobs/generated/knative-sandbox/kn-plugin-operator-main.gen.yaml @@ -76,8 +76,6 @@ periodics: env: - name: SIGN_IMAGES value: "true" - - name: ORG_NAME - value: knative-sandbox image: gcr.io/knative-tests/test-infra/prow-tests:v20221005-aef947d7 name: "" resources: {} diff --git a/prow/jobs/generated/knative-sandbox/kn-plugin-quickstart-main.gen.yaml b/prow/jobs/generated/knative-sandbox/kn-plugin-quickstart-main.gen.yaml index 3d25016d8e7..770cc59c904 100644 --- a/prow/jobs/generated/knative-sandbox/kn-plugin-quickstart-main.gen.yaml +++ b/prow/jobs/generated/knative-sandbox/kn-plugin-quickstart-main.gen.yaml @@ -76,8 +76,6 @@ periodics: env: - name: SIGN_IMAGES value: "true" - - name: ORG_NAME - value: knative-sandbox image: gcr.io/knative-tests/test-infra/prow-tests:v20221005-aef947d7 name: "" resources: {} diff --git a/prow/jobs/generated/knative-sandbox/kn-plugin-service-log-main.gen.yaml b/prow/jobs/generated/knative-sandbox/kn-plugin-service-log-main.gen.yaml index 216fc638075..0b7a6c4c524 100644 --- a/prow/jobs/generated/knative-sandbox/kn-plugin-service-log-main.gen.yaml +++ b/prow/jobs/generated/knative-sandbox/kn-plugin-service-log-main.gen.yaml @@ -75,8 +75,6 @@ periodics: env: - name: SIGN_IMAGES value: "true" - - name: ORG_NAME - value: knative-sandbox - name: DOCKER_IN_DOCKER_ENABLED value: "true" image: gcr.io/knative-tests/test-infra/prow-tests:v20221005-aef947d7 diff --git a/prow/jobs/generated/knative-sandbox/kn-plugin-source-kafka-main.gen.yaml b/prow/jobs/generated/knative-sandbox/kn-plugin-source-kafka-main.gen.yaml index d47e8227f2a..fbac184724b 100644 --- a/prow/jobs/generated/knative-sandbox/kn-plugin-source-kafka-main.gen.yaml +++ b/prow/jobs/generated/knative-sandbox/kn-plugin-source-kafka-main.gen.yaml @@ -76,8 +76,6 @@ periodics: env: - name: SIGN_IMAGES value: "true" - - name: ORG_NAME - value: knative-sandbox - name: DOCKER_IN_DOCKER_ENABLED value: "true" image: gcr.io/knative-tests/test-infra/prow-tests:v20221005-aef947d7 diff --git a/prow/jobs/generated/knative-sandbox/kn-plugin-source-kamelet-main.gen.yaml b/prow/jobs/generated/knative-sandbox/kn-plugin-source-kamelet-main.gen.yaml index 9bd0d44fead..35f48ae69b1 100644 --- a/prow/jobs/generated/knative-sandbox/kn-plugin-source-kamelet-main.gen.yaml +++ b/prow/jobs/generated/knative-sandbox/kn-plugin-source-kamelet-main.gen.yaml @@ -76,8 +76,6 @@ periodics: env: - name: SIGN_IMAGES value: "true" - - name: ORG_NAME - value: knative-sandbox image: gcr.io/knative-tests/test-infra/prow-tests:v20221005-aef947d7 name: "" resources: {}