From 42c50ef8aed110b317a0472d928bf75e372b4c0b Mon Sep 17 00:00:00 2001 From: Felipe Lalanne Date: Mon, 3 Mar 2025 15:48:20 -0300 Subject: [PATCH 1/2] Add support for new requirement labels feature Updates @balena/compose to v7 to include this new feature. See: https://balena.fibery.io/Work/Project/Refactoring-container-contracts-1205 Depends-on: https://github.com/balena-io-modules/balena-compose/pull/64 Change-type: minor --- npm-shrinkwrap.json | 45 ++++++++++++++++++------------------ package.json | 2 +- src/commands/deploy/index.ts | 1 + src/utils/compose.ts | 2 ++ src/utils/compose_ts.ts | 2 ++ 5 files changed, 29 insertions(+), 23 deletions(-) diff --git a/npm-shrinkwrap.json b/npm-shrinkwrap.json index e6dcec25d2..79230c219b 100644 --- a/npm-shrinkwrap.json +++ b/npm-shrinkwrap.json @@ -10,7 +10,7 @@ "hasInstallScript": true, "license": "Apache-2.0", "dependencies": { - "@balena/compose": "^6.0.0", + "@balena/compose": "^7.0.1", "@balena/dockerignore": "^1.0.2", "@balena/env-parsing": "^1.1.8", "@balena/es-version": "^1.0.1", @@ -1282,13 +1282,13 @@ "dev": true }, "node_modules/@babel/parser": { - "version": "7.26.9", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.26.9.tgz", - "integrity": "sha512-81NWa1njQblgZbQHxWHpxxCzNsa3ZwvFqpUg7P+NNUU6f3UU2jBEg4OlF/J6rl8+PQGh1q6/zWScd001YwcA5A==", + "version": "7.26.10", + "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.26.10.tgz", + "integrity": "sha512-6aQR2zGE/QFi8JpDLjUZEPYOs7+mhKXm86VaKFiLP35JQwQb6bwUE+XbvkH0EptsYhbNBSUGaUBLKqxH1xSgsA==", "dev": true, "license": "MIT", "dependencies": { - "@babel/types": "^7.26.9" + "@babel/types": "^7.26.10" }, "bin": { "parser": "bin/babel-parser.js" @@ -1298,9 +1298,9 @@ } }, "node_modules/@babel/parser/node_modules/@babel/types": { - "version": "7.26.9", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.26.9.tgz", - "integrity": "sha512-Y3IR1cRnOxOCDvMmNiym7XpXQ93iGDDPHx+Zj+NM+rg0fBaShfQLkg+hKPaZCEvg5N/LeCo4+Rj/i3FuJsIQaw==", + "version": "7.26.10", + "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.26.10.tgz", + "integrity": "sha512-emqcG3vHrpxUKTrxcblR36dcrcoRDvKmnL/dCL6ZsHaShW80qxCAcNhzQZrpeM765VzEos+xOi4s+r4IXzTwdQ==", "dev": true, "license": "MIT", "dependencies": { @@ -1326,9 +1326,9 @@ } }, "node_modules/@babel/template/node_modules/@babel/types": { - "version": "7.26.9", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.26.9.tgz", - "integrity": "sha512-Y3IR1cRnOxOCDvMmNiym7XpXQ93iGDDPHx+Zj+NM+rg0fBaShfQLkg+hKPaZCEvg5N/LeCo4+Rj/i3FuJsIQaw==", + "version": "7.26.10", + "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.26.10.tgz", + "integrity": "sha512-emqcG3vHrpxUKTrxcblR36dcrcoRDvKmnL/dCL6ZsHaShW80qxCAcNhzQZrpeM765VzEos+xOi4s+r4IXzTwdQ==", "dev": true, "license": "MIT", "dependencies": { @@ -1361,14 +1361,14 @@ } }, "node_modules/@babel/traverse/node_modules/@babel/generator": { - "version": "7.26.9", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.26.9.tgz", - "integrity": "sha512-kEWdzjOAUMW4hAyrzJ0ZaTOu9OmpyDIQicIh0zg0EEcEkYXZb2TjtBhnHi2ViX7PKwZqF4xwqfAm299/QMP3lg==", + "version": "7.26.10", + "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.26.10.tgz", + "integrity": "sha512-rRHT8siFIXQrAYOYqZQVsAr8vJ+cBNqcVAY6m5V8/4QqzaPl+zDBe6cLEPRDuNOUf3ww8RfJVlOyQMoSI+5Ang==", "dev": true, "license": "MIT", "dependencies": { - "@babel/parser": "^7.26.9", - "@babel/types": "^7.26.9", + "@babel/parser": "^7.26.10", + "@babel/types": "^7.26.10", "@jridgewell/gen-mapping": "^0.3.5", "@jridgewell/trace-mapping": "^0.3.25", "jsesc": "^3.0.2" @@ -1378,9 +1378,9 @@ } }, "node_modules/@babel/traverse/node_modules/@babel/types": { - "version": "7.26.9", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.26.9.tgz", - "integrity": "sha512-Y3IR1cRnOxOCDvMmNiym7XpXQ93iGDDPHx+Zj+NM+rg0fBaShfQLkg+hKPaZCEvg5N/LeCo4+Rj/i3FuJsIQaw==", + "version": "7.26.10", + "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.26.10.tgz", + "integrity": "sha512-emqcG3vHrpxUKTrxcblR36dcrcoRDvKmnL/dCL6ZsHaShW80qxCAcNhzQZrpeM765VzEos+xOi4s+r4IXzTwdQ==", "dev": true, "license": "MIT", "dependencies": { @@ -1474,9 +1474,10 @@ } }, "node_modules/@balena/compose": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/@balena/compose/-/compose-6.0.0.tgz", - "integrity": "sha512-tqGJQJpVTdWxaZpSlm/PP23EU3myqmoMIJgJ6ryseYf3A50AcaJ1raRyIxbZ9wQGWu81TB8g47cY9mossIc90g==", + "version": "7.0.1", + "resolved": "https://registry.npmjs.org/@balena/compose/-/compose-7.0.1.tgz", + "integrity": "sha512-Xic5WJg7i4D9y9TN+BnY8PYbQLLMewN8CR8i+fZ76GHWyBRfk9+tP3JUpmymvSaK9QTKC2UE2nFiadzbfyIFAg==", + "license": "Apache-2.0", "dependencies": { "ajv": "^6.12.3", "docker-file-parser": "^1.0.7", diff --git a/package.json b/package.json index e47709bf1a..9fb65eb624 100644 --- a/package.json +++ b/package.json @@ -190,7 +190,7 @@ "typescript": "^5.8.2" }, "dependencies": { - "@balena/compose": "^6.0.0", + "@balena/compose": "^7.0.1", "@balena/dockerignore": "^1.0.2", "@balena/env-parsing": "^1.1.8", "@balena/es-version": "^1.0.1", diff --git a/src/commands/deploy/index.ts b/src/commands/deploy/index.ts index 312edfb41f..1cc082cd23 100644 --- a/src/commands/deploy/index.ts +++ b/src/commands/deploy/index.ts @@ -368,6 +368,7 @@ ${dockerignoreHelp} !opts.shouldUploadLogs, composeOpts.projectPath, opts.createAsDraft, + project.descriptors, ); } diff --git a/src/utils/compose.ts b/src/utils/compose.ts index 8404cdceb7..35c56ea999 100644 --- a/src/utils/compose.ts +++ b/src/utils/compose.ts @@ -128,6 +128,7 @@ export const createRelease = async function ( draft: boolean, semver: string | undefined, contract: import('@balena/compose/dist/release/models').ReleaseModel['contract'], + imgDescriptors: ImageDescriptor[], ): Promise { const _ = require('lodash') as typeof import('lodash'); const crypto = require('crypto') as typeof import('crypto'); @@ -167,6 +168,7 @@ export const createRelease = async function ( semver, is_final: !draft, contract, + imgDescriptors, }); return { diff --git a/src/utils/compose_ts.ts b/src/utils/compose_ts.ts index f9ba94035a..ee06b56006 100644 --- a/src/utils/compose_ts.ts +++ b/src/utils/compose_ts.ts @@ -1375,6 +1375,7 @@ export async function deployProject( skipLogUpload: boolean, projectPath: string, isDraft: boolean, + imgDescriptors: ImageDescriptor[], ): Promise { const releaseMod = await import('@balena/compose/dist/release'); const { createRelease, tagServiceImages } = await import('./compose'); @@ -1405,6 +1406,7 @@ export async function deployProject( isDraft, contract?.version, contract, + imgDescriptors, ), ); const { client: pineClient, release, serviceImages } = $release; From d24d78dac7723633a7a7eb3121c427da0820481a Mon Sep 17 00:00:00 2001 From: Felipe Lalanne Date: Wed, 12 Mar 2025 11:41:18 -0300 Subject: [PATCH 2/2] Fix package release action for macOS Depending on the signing password value, the script may interpret the contents of the password and cause the signing process to fail. This puts quotes around the password on assignment to prevent this. --- .github/actions/publish/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/publish/action.yml b/.github/actions/publish/action.yml index 2ec9058d72..0b2c07f547 100644 --- a/.github/actions/publish/action.yml +++ b/.github/actions/publish/action.yml @@ -94,7 +94,7 @@ runs: runner_arch="$(echo "${RUNNER_ARCH}" | tr '[:upper:]' '[:lower:]')" if [[ $runner_os =~ darwin|macos|osx ]]; then - CSC_KEY_PASSWORD=${{ fromJSON(inputs.secrets).APPLE_SIGNING_PASSWORD }} + CSC_KEY_PASSWORD='${{ fromJSON(inputs.secrets).APPLE_SIGNING_PASSWORD }}' CSC_KEYCHAIN=signing_temp CSC_LINK=${{ fromJSON(inputs.secrets).APPLE_SIGNING }}