diff --git a/.github/workflows/approve-bot-pr.yml b/.github/workflows/approve-bot-pr.yml index 3e3df202..00e6345a 100644 --- a/.github/workflows/approve-bot-pr.yml +++ b/.github/workflows/approve-bot-pr.yml @@ -52,7 +52,7 @@ jobs: - name: Checkout if: steps.human-commits.outputs.human_commits == 'false' && steps.unverified-commits.outputs.unverified_commits == 'false' - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Approve if: steps.human-commits.outputs.human_commits == 'false' && steps.unverified-commits.outputs.unverified_commits == 'false' diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index f9163601..8afce9c2 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -1,8 +1,6 @@ name: "CodeQL" on: - push: - branches: [ main ] pull_request: branches: [ main ] schedule: @@ -21,15 +19,15 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@v4 with: languages: ${{ matrix.language }} - name: Autobuild - uses: github/codeql-action/autobuild@v3 + uses: github/codeql-action/autobuild@v4 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@v4 diff --git a/.github/workflows/compile-dependency.yml b/.github/workflows/compile-dependency.yml index 17e00fde..3c102e65 100644 --- a/.github/workflows/compile-dependency.yml +++ b/.github/workflows/compile-dependency.yml @@ -42,7 +42,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Enable experimental features for Docker daemon and CLI run: | @@ -99,7 +99,7 @@ jobs: arch="${{ inputs.arch }}" - name: Upload compiled artifact - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v6 if: ${{ inputs.shouldCompile == true || inputs.shouldCompile == 'true' }} with: name: '${{ inputs.uploadArtifactName }}' diff --git a/.github/workflows/create-draft-release.yml b/.github/workflows/create-draft-release.yml index 9f940882..d2118810 100644 --- a/.github/workflows/create-draft-release.yml +++ b/.github/workflows/create-draft-release.yml @@ -22,9 +22,9 @@ jobs: builders: ${{ steps.builders.outputs.builders }} steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Setup Go - uses: actions/setup-go@v5 + uses: actions/setup-go@v6 with: go-version-file: go.mod - name: Run Unit Tests @@ -47,15 +47,16 @@ jobs: fail-fast: false # don't cancel all test jobs when one fails steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Setup Go - uses: actions/setup-go@v5 + uses: actions/setup-go@v6 with: go-version-file: go.mod - name: Run Integration Tests run: ./scripts/integration.sh --builder ${{ matrix.builder }} --token ${{ github.token }} env: TMPDIR: "${{ runner.temp }}" + GIT_TOKEN: ${{ github.token }} release: name: Release @@ -63,18 +64,18 @@ jobs: needs: integration services: registry: - image: registry:2 + image: registry:3 ports: - 5000:5000 steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-tags: true - name: Setup Go - uses: actions/setup-go@v5 + uses: actions/setup-go@v6 with: go-version-file: go.mod diff --git a/.github/workflows/lint-yaml.yml b/.github/workflows/lint-yaml.yml index 930add17..8a7dab74 100644 --- a/.github/workflows/lint-yaml.yml +++ b/.github/workflows/lint-yaml.yml @@ -10,10 +10,10 @@ jobs: lintYaml: runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Checkout github-config - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: repository: paketo-buildpacks/github-config path: github-config diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 5db0a353..469c029d 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -1,9 +1,6 @@ name: Lint on: - push: - branches: - - main pull_request: branches: - main @@ -14,15 +11,15 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Setup Go - uses: actions/setup-go@v5 + uses: actions/setup-go@v6 with: go-version-file: go.mod - name: golangci-lint - uses: golangci/golangci-lint-action@v3 + uses: golangci/golangci-lint-action@v9 with: version: latest args: --timeout 3m0s diff --git a/.github/workflows/push-buildpackage.yml b/.github/workflows/push-buildpackage.yml index 0dda5c80..656eabc6 100644 --- a/.github/workflows/push-buildpackage.yml +++ b/.github/workflows/push-buildpackage.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Parse Event id: event @@ -112,7 +112,7 @@ jobs: password: ${{ env.GCR_PASSWORD }} registry: ${{ env.GCR_REGISTRY }} - - uses: buildpacks/github-actions/setup-tools@v5.5.4 + - uses: buildpacks/github-actions/setup-tools@v5.9.7 - name: Push to DockerHub if: ${{ steps.parse_configs.outputs.push_to_dockerhub == 'true' }} id: push diff --git a/.github/workflows/synchronize-labels.yml b/.github/workflows/synchronize-labels.yml index 82f97f99..09db8880 100644 --- a/.github/workflows/synchronize-labels.yml +++ b/.github/workflows/synchronize-labels.yml @@ -12,7 +12,7 @@ jobs: runs-on: - ubuntu-24.04 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: micnncim/action-label-syncer@v1 env: GITHUB_TOKEN: ${{ github.token }} diff --git a/.github/workflows/test-pull-request.yml b/.github/workflows/test-pull-request.yml index 383024ae..61c6010a 100644 --- a/.github/workflows/test-pull-request.yml +++ b/.github/workflows/test-pull-request.yml @@ -18,10 +18,10 @@ jobs: builders: ${{ steps.builders.outputs.builders }} steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Setup Go - uses: actions/setup-go@v5 + uses: actions/setup-go@v6 with: go-version-file: go.mod @@ -49,10 +49,22 @@ jobs: fail-fast: false # don't cancel all test jobs when one fails steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 + + - name: Free Disk Space + if: vars.RECLAIM_DISK_SPACE == 'true' + uses: paketo-buildpacks/github-config/actions/pull-request/reclaim-disk-space@main + with: + tool-cache: false + android: true + dotnet: true + haskell: true + large-packages: false + docker-images: true + swap-storage: true - name: Setup Go - uses: actions/setup-go@v5 + uses: actions/setup-go@v6 with: go-version-file: go.mod @@ -60,6 +72,7 @@ jobs: run: ./scripts/integration.sh --builder ${{ matrix.builder }} --token ${{ github.token }} env: TMPDIR: "${{ runner.temp }}" + GIT_TOKEN: ${{ github.token }} roundup: name: Integration Tests @@ -82,7 +95,7 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Upload Artifact - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v6 with: name: event-payload path: ${{ github.event_path }} diff --git a/.github/workflows/update-dependencies-from-metadata.yml b/.github/workflows/update-dependencies-from-metadata.yml new file mode 100644 index 00000000..e5a706ff --- /dev/null +++ b/.github/workflows/update-dependencies-from-metadata.yml @@ -0,0 +1,378 @@ +name: Update Dependencies From Metadata (Retrieve, Metadata, Compile, Test, Create PR) + +on: + workflow_dispatch: + schedule: + - cron: '57 13 * * *' # daily at 13:57 UTC + +jobs: + retrieve: + name: Retrieve New Versions and Generate Metadata + runs-on: ubuntu-latest + outputs: + metadata-filepath: ${{ steps.retrieve.outputs.metadata-filepath }} + metadata-json: ${{ steps.retrieve.outputs.metadata-json }} + # from-source-metadata-filepath is the path to a file containing a subset + # of metadata-json entries for NON-compiled dependencies + from-source-metadata-filepath: ${{ steps.retrieve.outputs.from-source-metadata-filepath }} + # compilation-json is a subset of metadata-json entries which are missing + # a `checksum` and `uri` + compilation-json: ${{ steps.retrieve.outputs.compilation-json }} + id: ${{ steps.retrieve.outputs.id }} + length: ${{ steps.retrieve.outputs.length }} + compilation-length: ${{ steps.retrieve.outputs.compilation-length }} + steps: + - name: Check out code + uses: actions/checkout@v6 + + - name: Setup Go + uses: actions/setup-go@v6 + with: + # hashFiles returns empty string if file does not exist + go-version-file: ${{ hashFiles('dependency/retrieval/go.mod') != '' && 'dependency/retrieval/go.mod' || 'go.mod' }} + + - name: Run Retrieve + id: retrieve + working-directory: dependency + run: | + #!/usr/bin/env bash + set -euo pipefail + shopt -s inherit_errexit + + OUTPUT="/tmp/metadata.json" + + make retrieve \ + buildpackTomlPath="${{ github.workspace }}/buildpack.toml" \ + output="${OUTPUT}" + + id=$(jq -r .[0].id < "${OUTPUT}") + content=$(jq -r < "${OUTPUT}") + + length=$(echo $content | jq -r '. | length') + + compilation=$(echo $content | jq -r 'map(select(.checksum == null and .uri == null))'?) + complength=$(echo $compilation | jq -r '. | length') + echo $content | jq -r 'map(select(.checksum != null and .uri != null))'? > "/tmp/from-source-metadata.json" + echo "from-source-metadata-filepath=/tmp/from-source-metadata.json" >> "$GITHUB_OUTPUT" + + + delimiter="$(uuidgen)" + echo "metadata-filepath=${OUTPUT}" >> "$GITHUB_OUTPUT" + printf "metadata-json<<%s\n%s\n%s\n" "${delimiter}" "${content}" "${delimiter}" >> "$GITHUB_OUTPUT" # see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings + echo "id=$id" >> "$GITHUB_OUTPUT" + echo "length=$length" >> "$GITHUB_OUTPUT" + printf "compilation-json<<%s\n%s\n%s\n" "${delimiter}" "${compilation}" "${delimiter}" >> "$GITHUB_OUTPUT" # see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings + echo "compilation-length=$complength" >> "$GITHUB_OUTPUT" + + - name: Upload `${{ steps.retrieve.outputs.metadata-filepath }}` + uses: actions/upload-artifact@v5 + with: + name: metadata.json + path: ${{ steps.retrieve.outputs.metadata-filepath }} + + - name: Upload `${{ steps.retrieve.outputs.from-source-metadata-filepath }}` + uses: actions/upload-artifact@v5 + with: + name: from-source-metadata.json + path: ${{ steps.retrieve.outputs.from-source-metadata-filepath }} + + # Check if there is buildpack-provided compilation code and testing code + # Optional compilation code expected at: /dependency/actions/compile/ + # Optional testing code expected at: /dependency/test/ + get-compile-and-test: + name: Get Compilation and Testing Code + outputs: + should-compile: ${{ steps.compile-check.outputs.should-compile }} + should-test: ${{ steps.test-check.outputs.should-test }} + runs-on: ubuntu-latest + steps: + - name: Check out code + uses: actions/checkout@v6 + + - name: Has Compilation Action? + id: compile-check + run: | + if test -d "dependency/actions/compile"; then + echo "Compilation action provided" + echo "should-compile=true" >> "$GITHUB_OUTPUT" + fi + + - name: Has Testing Action? + id: test-check + run: | + if test -d "dependency/test"; then + echo "Testing file provided" + echo "should-test=true" >> "$GITHUB_OUTPUT" + fi + + test: + name: Test Non-Compiled Dependency + needs: + - retrieve + - get-compile-and-test + strategy: + matrix: + includes: ${{ fromJSON(needs.retrieve.outputs.metadata-json) }} + # Run job step if BOTH: + # (1) needs.get-compile-and-test.outputs.should-test = TRUE -> if there is a dependency/test directory in the buildpack + # (2) needs.get-compile-and-test.outputs.should-compile = FALSE -> if there is NOT a dependency/actions/compile directory in the buildpack + # AND: + # (3) there is at least one new version to test + if: ${{ needs.retrieve.outputs.length > 0 && needs.get-compile-and-test.outputs.should-test == 'true' && needs.get-compile-and-test.outputs.should-compile == 'false' }} + runs-on: ubuntu-latest + steps: + - name: Check out code + uses: actions/checkout@v6 + + - name: Make Temporary Artifact Directory + id: make-outputdir + run: echo "outputdir=$(mktemp -d)" >> "$GITHUB_OUTPUT" + + # Download the tarball for testing if: + # (1) dependency testing code is present in the buildpack directory + # (2) URI in metadata.json is available + - name: Download upstream tarball (if not compiled) + if: ${{ matrix.includes.uri != '' && needs.get-compile-and-test.outputs.should-test == 'true' }} + run: | + #!/usr/bin/env bash + set -euo pipefail + shopt -s inherit_errexit + + curl ${{ matrix.includes.uri }} \ + --fail-with-body \ + --show-error \ + --silent \ + --location \ + --output ${{ steps.make-outputdir.outputs.outputdir }}/dependency.tgz + + # Test the dependency tarball if: + # (1) dependency testing code is present in the buildpack directory + - name: Test Upstream Dependency + working-directory: dependency + if: ${{ needs.get-compile-and-test.outputs.should-test == 'true' }} + run: | + make test \ + version="${{ matrix.includes.version }}" \ + tarballPath="${{ steps.make-outputdir.outputs.outputdir }}/*.tgz" + compile: + name: Compile and Test Dependency + needs: + - retrieve + - get-compile-and-test + strategy: + matrix: + includes: ${{ fromJSON(needs.retrieve.outputs.compilation-json) }} + # Run job step if: + # (1) needs.get-compile-and-test.outputs.should-compile -> if there is a dependency/actions/compile directory in the buildpack + # (2) OR needs.get-compile-and-test.outputs.should-test -> if there is a dependency/test directory in the buildpack + # AND: + # (3) there is at least one version to compile/test + if: ${{ needs.retrieve.outputs.compilation-length > 0 && (needs.get-compile-and-test.outputs.should-compile == 'true' || needs.get-compile-and-test.outputs.should-test == 'true') }} + uses: ./.github/workflows/compile-dependency.yml + with: + version: "${{ matrix.includes.version }}" + target: "${{ matrix.includes.target }}" + os: "${{ matrix.includes.os }}" + arch: "${{ matrix.includes.arch }}" + shouldCompile: ${{ matrix.includes.checksum == '' && matrix.includes.uri == '' }} + shouldTest: ${{ matrix.includes.checksum == '' && matrix.includes.uri == '' && needs.get-compile-and-test.outputs.should-test == 'true' }} + uploadArtifactName: "${{ needs.retrieve.outputs.id }}-${{ matrix.includes.version }}-${{ matrix.includes.os != '' && matrix.includes.os || 'linux' }}-${{ matrix.includes.arch != '' && matrix.includes.arch || 'amd64' }}-${{ matrix.includes.target }}" + + # Add in the checksum and URI fields to the metadata if the dependency was compiled + update-metadata: + name: Update Metadata (if compiled) + needs: + - retrieve + - get-compile-and-test + - compile + strategy: + matrix: + includes: ${{ fromJSON(needs.retrieve.outputs.compilation-json) }} + if: ${{ needs.retrieve.outputs.compilation-length > 0 && needs.get-compile-and-test.outputs.should-compile == 'true' }} + runs-on: ubuntu-latest + steps: + - name: Check out code + uses: actions/checkout@v6 + + - name: Download artifact files + uses: actions/download-artifact@v6 + with: + name: "${{ needs.retrieve.outputs.id }}-${{ matrix.includes.version }}-${{ matrix.includes.os != '' && matrix.includes.os || 'linux' }}-${{ matrix.includes.arch != '' && matrix.includes.arch || 'amd64' }}-${{ matrix.includes.target }}" + + - name: Get artifact file name + id: get-file-names + run: | + #!/usr/bin/env bash + set -euo pipefail + shopt -s inherit_errexit + + echo "artifact-file=$(basename ./*.tgz)" >> "$GITHUB_OUTPUT" + echo "checksum-file=$(basename ./*.tgz.checksum)" >> "$GITHUB_OUTPUT" + + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v5 + with: + aws-access-key-id: ${{ secrets.AWS_S3_DEPENDENCIES_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_S3_DEPENDENCIES_SECRET_ACCESS_KEY }} + aws-region: us-east-1 + + - name: Upload to S3 + id: upload + uses: paketo-buildpacks/github-config/actions/dependency/upload-to-s3@main + with: + bucket-name: "paketo-buildpacks" + dependency-name: ${{ needs.retrieve.outputs.id }} + artifact-path: ${{ steps.get-file-names.outputs.artifact-file }} + + - name: Get Checksum + id: get-checksum + run: echo "checksum=$(cat ${{ steps.get-file-names.outputs.checksum-file }})" >> "$GITHUB_OUTPUT" + + - name: Download metadata.json + uses: actions/download-artifact@v6 + with: + name: metadata.json + + # Create target/version specific metadata files + # Due to limitations with the upload action, we can no longer modify/upload the same metadata file + - name: Write dependency-specific metadata to new file + id: dependency-metadata + run: | + #!/usr/bin/env bash + set -euo pipefail + shopt -s inherit_errexit + + metadata_file_name="${{ matrix.includes.target }}-${{ matrix.includes.version }}-${{ matrix.includes.os != '' && matrix.includes.os || 'linux' }}-${{ matrix.includes.arch != '' && matrix.includes.arch || 'amd64' }}-metadata-file.json" + if [[ -z "${{ matrix.includes.os }}" && -z "${{ matrix.includes.arch }}" ]]; then + cat metadata.json | jq -r ['.[] | select( .version == "${{ matrix.includes.version }}" and .target == "${{ matrix.includes.target }}")'] > $metadata_file_name + else + echo "multi-arch buildpack with os and arch specified" + cat metadata.json | jq -r ['.[] | select( .version == "${{ matrix.includes.version }}" and .target == "${{ matrix.includes.target }}" and .os == "${{ matrix.includes.os }}" and .arch == "${{ matrix.includes.arch }}")'] > $metadata_file_name + fi + echo "file=$(echo $metadata_file_name)" >> "$GITHUB_OUTPUT" + + - name: Update `checksum` and `uri` in metadata for ${{ matrix.includes.target }} ${{ matrix.includes.version }} + if: ${{ matrix.includes.checksum == '' && matrix.includes.uri == '' }} + uses: paketo-buildpacks/github-config/actions/dependency/update-metadata-json@main + with: + version: ${{ matrix.includes.version }} + target: ${{ matrix.includes.target }} + checksum: ${{ steps.get-checksum.outputs.checksum }} + uri: ${{ steps.upload.outputs.dependency-uri }} + file: ${{ steps.dependency-metadata.outputs.file }} + os: ${{ matrix.includes.os }} + arch: ${{ matrix.includes.arch }} + + - name: Upload modified metadata + uses: actions/upload-artifact@v5 + with: + name: ${{ steps.dependency-metadata.outputs.file }} + path: ${{ steps.dependency-metadata.outputs.file }} + + assemble: + name: Update buildpack.toml + needs: + - retrieve + - test + - compile + - update-metadata + # Update buildpack.toml only if ALL of the following conditions are met: + # (1) Retrieval step has succeeded and has found at least 1 new version + # (2) Testing step has succeeded OR been skipped + # (3) Compilation/Testing step has succeeded OR been skipped + # (4) Update metadata step has succeeded OR been skipped + if: always() && needs.retrieve.result == 'success' && needs.retrieve.outputs.length > 0 && (needs.test.result == 'success' || needs.test.result == 'skipped') && (needs.compile.result == 'success' || needs.compile.result == 'skipped') && (needs.update-metadata.result == 'success' || needs.update-metadata.result == 'skipped') + runs-on: ubuntu-latest + steps: + - name: Check out code + uses: actions/checkout@v6 + + - name: Checkout Branch + uses: paketo-buildpacks/github-config/actions/pull-request/checkout-branch@main + with: + branch: automation/dependencies/update-from-metadata + + - name: Make Temporary Artifact Directory + id: make-outputdir + run: echo "outputdir=$(mktemp -d)" >> "$GITHUB_OUTPUT" + + + # Metadata file for the non-compiled dependencies, if there are any + - name: Download metadata.json file + uses: actions/download-artifact@v6 + with: + path: "${{ steps.make-outputdir.outputs.outputdir }}/metadata-files" + pattern: "from-source-metadata.json" + merge-multiple: true + + # If we compiled the dependency, and updated the metadata: + # Download each metadata file, and combine them into one + - name: Download individual metadata-file.json file(s) + if: ${{ needs.update-metadata.result == 'success' }} + uses: actions/download-artifact@v6 + with: + path: "${{ steps.make-outputdir.outputs.outputdir }}/metadata-files" + pattern: "*metadata-file.json" + merge-multiple: true + - name: Display Metadata Files + run: ls "${{ steps.make-outputdir.outputs.outputdir }}/metadata-files" + - name: Combine Metadata Files + run: | + #!/usr/bin/env bash + set -euo pipefail + shopt -s inherit_errexit + + jq -s 'add' ${{ steps.make-outputdir.outputs.outputdir }}/metadata-files/* > "${{ steps.make-outputdir.outputs.outputdir }}/metadata.json" + + - name: Update dependencies from metadata.json + id: update + uses: paketo-buildpacks/github-config/actions/dependency/update-from-metadata@main + with: + buildpack_toml_path: "${{ github.workspace }}/buildpack.toml" + metadata_file_path: "${{ steps.make-outputdir.outputs.outputdir }}/metadata.json" + + - name: Show git diff + run: | + git diff + + - name: Commit + id: commit + uses: paketo-buildpacks/github-config/actions/pull-request/create-commit@main + with: + message: "Updating buildpack.toml with new versions ${{ steps.update.outputs.new-versions }}" + pathspec: "." + keyid: ${{ secrets.PAKETO_BOT_GPG_SIGNING_KEY_ID }} + key: ${{ secrets.PAKETO_BOT_GPG_SIGNING_KEY }} + + - name: Push Branch 'automation/dependencies/update-from-metadata' + if: ${{ steps.commit.outputs.commit_sha != '' }} + uses: paketo-buildpacks/github-config/actions/pull-request/push-branch@main + with: + branch: automation/dependencies/update-from-metadata + + - name: Open Pull Request + if: ${{ steps.commit.outputs.commit_sha != '' }} + uses: paketo-buildpacks/github-config/actions/pull-request/open@main + with: + token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} + title: "Updates buildpack.toml with ${{ steps.update.outputs.new-versions }}" + branch: automation/dependencies/update-from-metadata + + failure: + name: Alert on Failure + runs-on: ubuntu-24.04 + needs: [ retrieve, get-compile-and-test, test, compile, update-metadata, assemble ] + if: ${{ always() && needs.retrieve.result == 'failure' || needs.get-compile-and-test.result == 'failure' || needs.test.result == 'failure' || needs.compile.result == 'failure' || needs.update-metadata.result == 'failure' || needs.assemble.result == 'failure' }} + steps: + - name: File Failure Alert Issue + uses: paketo-buildpacks/github-config/actions/issue/file@main + with: + token: ${{ secrets.GITHUB_TOKEN }} + repo: ${{ github.repository }} + label: "failure:update-dependencies" + comment_if_exists: true + issue_title: "Failure: Update Dependencies workflow" + issue_body: | + Update Dependencies From Metadata workflow [failed](https://github.com/${{github.repository}}/actions/runs/${{github.run_id}}). + comment_body: | + Another failure occurred: https://github.com/${{github.repository}}/actions/runs/${{github.run_id}} diff --git a/.github/workflows/update-github-config.yml b/.github/workflows/update-github-config.yml index a24481ed..eab3dc14 100644 --- a/.github/workflows/update-github-config.yml +++ b/.github/workflows/update-github-config.yml @@ -14,12 +14,12 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: token: ${{ secrets.PAKETO_BOT_GITHUB_TOKEN }} - name: Checkout github-config - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: repository: paketo-buildpacks/github-config path: github-config diff --git a/.github/workflows/update-go-mod-version.yml b/.github/workflows/update-go-mod-version.yml index aff9d1e1..5691b78c 100644 --- a/.github/workflows/update-go-mod-version.yml +++ b/.github/workflows/update-go-mod-version.yml @@ -13,16 +13,17 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out code - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Checkout PR Branch uses: paketo-buildpacks/github-config/actions/pull-request/checkout-branch@main with: branch: automation/go-mod-update/update-main - name: Setup Go id: setup-go - uses: actions/setup-go@v5 + uses: actions/setup-go@v6 + # Fetching the latest stable Go version with: - go-version-file: go.mod + go-version: stable - name: Get current go toolchain version id: current-go-version uses: paketo-buildpacks/github-config/actions/update-go-mod-version@main diff --git a/install_process_test.go b/install_process_test.go index 47267c33..b2de2fda 100644 --- a/install_process_test.go +++ b/install_process_test.go @@ -60,12 +60,15 @@ func testInstallProcess(t *testing.T, context spec.G, it spec.S) { if len(execution.Args) < 1 || execution.Args[0] != "install" { return nil } - fmt.Fprintln(execution.Stdout, "stdout output") - fmt.Fprintln(execution.Stderr, "stderr output") + _, err := fmt.Fprintln(execution.Stdout, "stdout output") + Expect(err).NotTo(HaveOccurred()) + _, err = fmt.Fprintln(execution.Stderr, "stderr output") + Expect(err).NotTo(HaveOccurred()) Expect(os.Mkdir(filepath.Join(packagesLayerPath, "some-virtualenv-dir"), os.ModePerm)).To(Succeed()) f, err := os.Create(filepath.Join(packagesLayerPath, "some-virtualenv-dir", "pyvenv.cfg")) Expect(err).NotTo(HaveOccurred()) - f.Close() + err = f.Close() + Expect(err).NotTo(HaveOccurred()) return nil } diff --git a/integration/default_test.go b/integration/default_test.go index 49b02627..dbabf88b 100644 --- a/integration/default_test.go +++ b/integration/default_test.go @@ -87,7 +87,7 @@ func testDefault(t *testing.T, context spec.G, it spec.S) { )) Expect(logs).To(ContainLines( // Due to Pipfile requirement - MatchRegexp(` Installing CPython 3.9.\d+`), + MatchRegexp(` Installing CPython 3.10.\d+`), )) container, err = docker.Container.Run. diff --git a/integration/offline_test.go b/integration/offline_test.go index 4dd431e0..591dfc3c 100644 --- a/integration/offline_test.go +++ b/integration/offline_test.go @@ -85,7 +85,10 @@ func testOffline(t *testing.T, context spec.G, it spec.S) { response, err := http.Get(fmt.Sprintf("http://localhost:%s", container.HostPort("8080"))) Expect(err).NotTo(HaveOccurred()) - defer response.Body.Close() + defer func() { + err := response.Body.Close() + Expect(err).NotTo(HaveOccurred()) + }() Expect(response.StatusCode).To(Equal(http.StatusOK)) diff --git a/integration/testdata/default_app/Pipfile b/integration/testdata/default_app/Pipfile index 755b592b..9f6c7023 100644 --- a/integration/testdata/default_app/Pipfile +++ b/integration/testdata/default_app/Pipfile @@ -15,4 +15,4 @@ coverage = "*" flask-testing = "*" [requires] -python_version = "3.9" +python_version = "3.10" diff --git a/scripts/.util/tools.json b/scripts/.util/tools.json index c8845b4d..d14e8ce4 100644 --- a/scripts/.util/tools.json +++ b/scripts/.util/tools.json @@ -1,6 +1,6 @@ { "createpackage": "v1.73.0", - "jam": "v2.15.0", + "jam": "v2.15.1", "libpaktools": "v0.3.0", - "pack": "v0.38.2" + "pack": "v0.39.1" } diff --git a/scripts/.util/tools.sh b/scripts/.util/tools.sh index 56c0cf3d..fd98e0df 100644 --- a/scripts/.util/tools.sh +++ b/scripts/.util/tools.sh @@ -33,6 +33,8 @@ function util::tools::arch() { echo "" elif [[ "${1:-}" == "--format-amd64-x86_64" ]]; then echo "x86_64" + elif [[ "${1:-}" == "--format-amd64-x86-64" ]]; then + echo "x86-64" else echo "amd64" fi @@ -156,7 +158,7 @@ function util::tools::pack::install() { util::print::title "Installing pack ${version}" - os=$(util::tools::os macos) + os=$(util::tools::os) arch=$(util::tools::arch --blank-amd64) curl "https://github.com/buildpacks/pack/releases/download/${version}/pack-${version}-${os}${arch:+-$arch}.tgz" \ @@ -167,7 +169,6 @@ function util::tools::pack::install() { if [[ "${pack_config_enable_experimental}" == "true" ]]; then "${dir}"/pack config experimental true fi - else util::print::info "Using pack $("${dir}"/pack version)" fi @@ -244,7 +245,7 @@ function util::tools::libpak-tools::install () { os=$(util::tools::os) arch=$(util::tools::arch --format-amd64-x86_64) - curl "https://github.com/paketo-buildpacks/libpak-tools/releases/download/${version}/libpak-tools_${os^}_${arch}.tar.gz" \ + curl "https://github.com/paketo-buildpacks/libpak-tools/releases/download/${version}/libpak-tools_${os}_${arch}.tar.gz" \ "${curl_args[@]}" tar -xzf "${dir}/libpak-tools.tar.gz" -C $dir diff --git a/scripts/integration.sh b/scripts/integration.sh index 5de24a61..3257ad9f 100755 --- a/scripts/integration.sh +++ b/scripts/integration.sh @@ -134,6 +134,7 @@ function builder_images::pull() { pack inspect-builder "${builder}" --output json \ | jq -r '.remote_info.run_images[0].name' )" + lifecycle_image="index.docker.io/buildpacksio/lifecycle:$( pack inspect-builder "${builder}" --output json \ | jq -r '.remote_info.lifecycle.version' diff --git a/scripts/publish.sh b/scripts/publish.sh index 4c2afbcf..6668542d 100755 --- a/scripts/publish.sh +++ b/scripts/publish.sh @@ -29,7 +29,7 @@ function main { ;; --image-ref | -i) - image_ref+=("${2}") + image_ref="${2}" shift 2 ;; diff --git a/site_process_test.go b/site_process_test.go index e2019617..53978b16 100644 --- a/site_process_test.go +++ b/site_process_test.go @@ -33,7 +33,8 @@ func testSiteProcess(t *testing.T, context spec.G, it spec.S) { executable = &fakes.Executable{} executable.ExecuteCall.Stub = func(execution pexec.Execution) error { if execution.Stdout != nil { - fmt.Fprintln(execution.Stdout, filepath.Join(layerPath, "/pip/lib/python/site-packages")) + _, err := fmt.Fprintln(execution.Stdout, filepath.Join(layerPath, "/pip/lib/python/site-packages")) + Expect(err).NotTo(HaveOccurred()) } return nil } @@ -62,8 +63,10 @@ func testSiteProcess(t *testing.T, context spec.G, it spec.S) { context("site package lookup fails", func() { it.Before(func() { executable.ExecuteCall.Stub = func(execution pexec.Execution) error { - fmt.Fprintln(execution.Stdout, "stdout output") - fmt.Fprintln(execution.Stderr, "stderr output") + _, err := fmt.Fprintln(execution.Stdout, "stdout output") + Expect(err).NotTo(HaveOccurred()) + _, err = fmt.Fprintln(execution.Stderr, "stderr output") + Expect(err).NotTo(HaveOccurred()) return errors.New("locating site packages failed") } })