From 204670d927a361a9c293c5beef03ab519a47cfb1 Mon Sep 17 00:00:00 2001 From: Victoria Miltcheva <12804086+victoria-miltcheva@users.noreply.github.com> Date: Tue, 26 Sep 2023 17:02:22 -0500 Subject: [PATCH 1/4] Swap 3.7 Travis build stage with 3.9 for security purposes Signed-off-by: Victoria Miltcheva <12804086+victoria-miltcheva@users.noreply.github.com> --- .travis.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.travis.yml b/.travis.yml index fdc1d2cf9..b6011bdfa 100644 --- a/.travis.yml +++ b/.travis.yml @@ -17,12 +17,12 @@ deploy: repo: IBM/detect-secrets matrix: include: - - env: TOXENV=py37 - python: 3.7.13 - dist: xenial # Required for Python >= 3.7 (travis-ci/travis-ci#9069), the GitHub Travis build will use Python 3.7.1 by default if you provide 3.7 without a patch version and the build will fail with AttributeError: 'str' object has no attribute 'name' - env: TOXENV=py38 python: 3.8 dist: xenial # Required for Python >= 3.7 (travis-ci/travis-ci#9069) + - env: TOXENV=py39 + python: 3.9 + dist: xenial # Required for Python >= 3.7 (travis-ci/travis-ci#9069) before_install: - echo -e "machine github.com\n login $GH_ACCESS_TOKEN" >> ~/.netrc # Login to GitHub - echo -e "machine github.ibm.com\n login $GHE_ACCESS_TOKEN" >> ~/.netrc # Login to GitHub Enterprise From 5da0725ce4c2210a8c59424f0b0637032b679e33 Mon Sep 17 00:00:00 2001 From: Victoria Miltcheva <12804086+victoria-miltcheva@users.noreply.github.com> Date: Tue, 26 Sep 2023 17:06:04 -0500 Subject: [PATCH 2/4] Update contributing.md Signed-off-by: Victoria Miltcheva <12804086+victoria-miltcheva@users.noreply.github.com> --- CONTRIBUTING.md | 3 --- 1 file changed, 3 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 2007fdc4f..b33885662 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -190,9 +190,6 @@ Then start the debugger from your root-level main file. This project is written in Python. Here are the dependencies needed to run the tests: - `python` The version can be installed using an utility like pyenv ( instructions bellow ) or your os package manager - - `3.5` - - `3.6` - - `3.7` - `3.8` - `3.9` - `tox` installed via pip or your os package manager From 0a94917011f4177c1fae119c60b86239c83dce9d Mon Sep 17 00:00:00 2001 From: Victoria Miltcheva <12804086+victoria-miltcheva@users.noreply.github.com> Date: Tue, 26 Sep 2023 17:14:58 -0500 Subject: [PATCH 3/4] No more Artifactory support Signed-off-by: Victoria Miltcheva <12804086+victoria-miltcheva@users.noreply.github.com> --- Makefile.ibm | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/Makefile.ibm b/Makefile.ibm index 11a1861b0..dddb3f954 100644 --- a/Makefile.ibm +++ b/Makefile.ibm @@ -10,14 +10,10 @@ DOCKER_REGISTRY_ICR := icr.io DOCKER_USER_ICR := iamapikey DOCKER_PASS_ICR := $(IBM_CLOUD_API_KEY) -DOCKER_REGISTRY_ART := txo-toolbox-team-docker-local.artifactory.swg-devops.com -DOCKER_USER_ART := $(ART_USER_ID) -DOCKER_PASS_ART := $(ART_API_KEY) - DOCKER_IMAGES_TO_TAG := detect-secrets detect-secrets-hook DOCKER_IMAGES_TO_SCAN := detect-secrets detect-secrets-hook detect-secrets:redhat-ubi detect-secrets:redhat-ubi-custom DOCKER_IMAGES_TO_PUBLISH := -DOCKER_REGISTRIES := $(DOCKER_REGISTRY_ICR) $(DOCKER_REGISTRY_ART) +DOCKER_REGISTRIES := $(DOCKER_REGISTRY_ICR) IMAGE_NAME := DOCKER_REGISTRY := @@ -87,7 +83,6 @@ docker-build-images: done docker-login: - @echo $(DOCKER_PASS_ART) | docker login -u $(DOCKER_USER_ART) --password-stdin $(DOCKER_REGISTRY_ART); @echo $(DOCKER_PASS_ICR) | docker login -u $(DOCKER_USER_ICR) --password-stdin $(DOCKER_REGISTRY_ICR); docker-publish-images: docker-login @@ -123,7 +118,6 @@ docker-publish-image: $(COSIGN) verify --key env://COSIGN_PUBLIC_KEY "$(DOCKER_REGISTRY)/$(DOCKER_DOMAIN)/$(IMAGE_NAME)"; cosign-login: - @echo $(DOCKER_PASS_ART) | $(COSIGN) login -u $(DOCKER_USER_ART) --password-stdin $(DOCKER_REGISTRY_ART); \ @echo $(DOCKER_PASS_ICR) | $(COSIGN) login -u $(DOCKER_USER_ICR) --password-stdin $(DOCKER_REGISTRY_ICR); publish-cos: From ec095bc8d3d00e630ff5ffa57e0e4bd771e8cb2c Mon Sep 17 00:00:00 2001 From: Victoria Miltcheva <12804086+victoria-miltcheva@users.noreply.github.com> Date: Tue, 26 Sep 2023 17:34:57 -0500 Subject: [PATCH 4/4] Revert "No more Artifactory support" This reverts commit 0a94917011f4177c1fae119c60b86239c83dce9d. Signed-off-by: Victoria Miltcheva <12804086+victoria-miltcheva@users.noreply.github.com> --- Makefile.ibm | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/Makefile.ibm b/Makefile.ibm index dddb3f954..11a1861b0 100644 --- a/Makefile.ibm +++ b/Makefile.ibm @@ -10,10 +10,14 @@ DOCKER_REGISTRY_ICR := icr.io DOCKER_USER_ICR := iamapikey DOCKER_PASS_ICR := $(IBM_CLOUD_API_KEY) +DOCKER_REGISTRY_ART := txo-toolbox-team-docker-local.artifactory.swg-devops.com +DOCKER_USER_ART := $(ART_USER_ID) +DOCKER_PASS_ART := $(ART_API_KEY) + DOCKER_IMAGES_TO_TAG := detect-secrets detect-secrets-hook DOCKER_IMAGES_TO_SCAN := detect-secrets detect-secrets-hook detect-secrets:redhat-ubi detect-secrets:redhat-ubi-custom DOCKER_IMAGES_TO_PUBLISH := -DOCKER_REGISTRIES := $(DOCKER_REGISTRY_ICR) +DOCKER_REGISTRIES := $(DOCKER_REGISTRY_ICR) $(DOCKER_REGISTRY_ART) IMAGE_NAME := DOCKER_REGISTRY := @@ -83,6 +87,7 @@ docker-build-images: done docker-login: + @echo $(DOCKER_PASS_ART) | docker login -u $(DOCKER_USER_ART) --password-stdin $(DOCKER_REGISTRY_ART); @echo $(DOCKER_PASS_ICR) | docker login -u $(DOCKER_USER_ICR) --password-stdin $(DOCKER_REGISTRY_ICR); docker-publish-images: docker-login @@ -118,6 +123,7 @@ docker-publish-image: $(COSIGN) verify --key env://COSIGN_PUBLIC_KEY "$(DOCKER_REGISTRY)/$(DOCKER_DOMAIN)/$(IMAGE_NAME)"; cosign-login: + @echo $(DOCKER_PASS_ART) | $(COSIGN) login -u $(DOCKER_USER_ART) --password-stdin $(DOCKER_REGISTRY_ART); \ @echo $(DOCKER_PASS_ICR) | $(COSIGN) login -u $(DOCKER_USER_ICR) --password-stdin $(DOCKER_REGISTRY_ICR); publish-cos: