From 364d62c0a858893230a264430e828c0c8d71dfcd Mon Sep 17 00:00:00 2001 From: Eti Zaguri Date: Thu, 31 Oct 2024 13:08:17 +0700 Subject: [PATCH 1/6] feat: add skip_tags_on_update flag (#699) --- graduated/git-clone/step.yaml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/graduated/git-clone/step.yaml b/graduated/git-clone/step.yaml index 80acd6053..e467e5227 100644 --- a/graduated/git-clone/step.yaml +++ b/graduated/git-clone/step.yaml @@ -3,7 +3,7 @@ version: "1.0" metadata: name: git-clone title: Clone a Git repository - version: 1.0.5 + version: 1.0.6 isPublic: true description: Clone a Git repository with Codefresh's built in Git provider integration. sources: @@ -77,6 +77,10 @@ spec: "exclude_blobs": { "type": "boolean", "description": "(boolean) Filter out all blobs (file contents). The default value is False." + }, + "skip_tags_on_update": { + "type": "boolean", + "description": "When set, fetch updates without tags to minimize data transfer. If unset, tags are included in the fetch operation. The default value is False." } } } From 9e5e01e2e9f4147d7f7ab782f5ef6e511d683d9d Mon Sep 17 00:00:00 2001 From: alinashklyar Date: Fri, 1 Nov 2024 11:40:26 +0200 Subject: [PATCH 2/6] fixed typo in newrelic-deployment-marker step description (#710) --- incubating/newrelic-deployment-marker/step.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/incubating/newrelic-deployment-marker/step.yaml b/incubating/newrelic-deployment-marker/step.yaml index afae7cea9..8b8cbfd46 100644 --- a/incubating/newrelic-deployment-marker/step.yaml +++ b/incubating/newrelic-deployment-marker/step.yaml @@ -2,9 +2,9 @@ version: '1.0' kind: step-type metadata: name: newrelic-deployment-marker - version: 1.0.1 + version: 1.0.2 isPublic: true - description: Createa a new deployment marker in New Relic. + description: Create a new deployment marker in New Relic. sources: - >- https://github.com/codefresh-io/steps/tree/master/incubating/newrelic-deployment-marker From 1e9e7f3fd5f6a619b2f440b6d92b870bdab7374e Mon Sep 17 00:00:00 2001 From: bec-callow-oct Date: Mon, 4 Nov 2024 19:00:55 +1000 Subject: [PATCH 3/6] Add Octopus login step (#711) * Add Octopus login step * Allow access key auth for create-release * Allow access key auth for deploy-release * Allow access key auth for deploy-release-tenanted * Allow access key auth for push-build-information * Allow access key auth for push-package * Allow access key auth for run-runbook * Add login step to workflow examples --- .../octopusdeploy-create-release/step.yaml | 67 +++++++++++++-- .../step.yaml | 71 ++++++++++++++-- .../octopusdeploy-deploy-release/step.yaml | 49 +++++++++-- incubating/octopusdeploy-login/login.svg | 7 ++ incubating/octopusdeploy-login/step.yaml | 83 +++++++++++++++++++ .../step.yaml | 45 ++++++++-- .../octopusdeploy-push-package/step.yaml | 43 ++++++++-- .../octopusdeploy-run-runbook/step.yaml | 72 ++++++++++++++-- 8 files changed, 398 insertions(+), 39 deletions(-) create mode 100644 incubating/octopusdeploy-login/login.svg create mode 100644 incubating/octopusdeploy-login/step.yaml diff --git a/incubating/octopusdeploy-create-release/step.yaml b/incubating/octopusdeploy-create-release/step.yaml index 43142edc5..de3bb9c55 100644 --- a/incubating/octopusdeploy-create-release/step.yaml +++ b/incubating/octopusdeploy-create-release/step.yaml @@ -2,7 +2,7 @@ version: "1.0" kind: step-type metadata: name: octopusdeploy-create-release - version: 1.0.0 + version: 1.0.1 title: Create a release in Octopus Deploy isPublic: true description: Create a release in Octopus Deploy @@ -19,7 +19,7 @@ metadata: maintainers: - name: OctopusDeploy examples: - - description: Basic usage of the create release step + - description: Basic usage of the create release step with API key workflow: create-release: type: octopusdeploy-create-release @@ -28,7 +28,7 @@ metadata: OCTOPUS_URL: "${{OCTOPUS_URL}}" OCTOPUS_SPACE: "Spaces 1" PROJECT: "Project Name" - - description: Complex usage of the create release step + - description: Complex usage of the create release step with API key workflow: create-release: type: octopusdeploy-create-release @@ -47,6 +47,46 @@ metadata: RELEASE_NOTES: "This is a release note" RELEASE_NOTES_FILE: "/release-notes.txt" IGNORE_EXISTING: false + - description: Basic usage of the create release step with Octopus access token + workflow: + login: + type: octopusdeploy-login + arguments: + ID_TOKEN: "${{ID_TOKEN}}" + OCTOPUS_URL: "${{OCTOPUS_URL}}" + OCTOPUS_SERVICE_ACCOUNT_ID: "${{OCTOPUS_SERVICE_ACCOUNT_ID}}" + create-release: + type: octopusdeploy-create-release + arguments: + OCTOPUS_ACCESS_TOKEN: "${{OCTOPUS_ACCESS_TOKEN}}" + OCTOPUS_URL: "${{OCTOPUS_URL}}" + OCTOPUS_SPACE: "Spaces 1" + PROJECT: "Project Name" + - description: Complex usage of the create release step with Octopus access token + workflow: + login: + type: octopusdeploy-login + arguments: + ID_TOKEN: "${{ID_TOKEN}}" + OCTOPUS_URL: "${{OCTOPUS_URL}}" + OCTOPUS_SERVICE_ACCOUNT_ID: "${{OCTOPUS_SERVICE_ACCOUNT_ID}}" + create-release: + type: octopusdeploy-create-release + arguments: + OCTOPUS_ACCESS_TOKEN: "${{OCTOPUS_ACCESS_TOKEN}}" + OCTOPUS_URL: "${{OCTOPUS_URL}}" + OCTOPUS_SPACE: "Spaces 1" + PROJECT: "Project Name" + RELEASE_NUMBER: "1.0.0" + CHANNEL: "Channel Name" + GIT_REF: "refs/heads/main" + GIT_COMMIT: "Commit ID" + PACKAGE_VERSION: "1.0.0" + PACKAGES: + - "Package:1.0.0" + RELEASE_NOTES: "This is a release note" + RELEASE_NOTES_FILE: "/release-notes.txt" + IGNORE_EXISTING: false spec: arguments: |- { @@ -56,11 +96,19 @@ spec: "name": "octopusdeploy-create-release", "additionalProperties": false, "patterns": [], - "required": ["OCTOPUS_API_KEY", "OCTOPUS_URL", "OCTOPUS_SPACE", "PROJECT"], + "required": ["OCTOPUS_URL", "OCTOPUS_SPACE", "PROJECT"], + "oneOf": [ + {"required": ["OCTOPUS_API_KEY"]}, + {"required": ["OCTOPUS_ACCESS_TOKEN"]} + ], "properties": { "OCTOPUS_API_KEY": { "type": "string", - "description": "API key for octopus deploy (required)" + "description": "API key for octopus deploy (required when OCTOPUS_ACCESS_TOKEN is not provided)" + }, + "OCTOPUS_ACCESS_TOKEN": { + "type": "string", + "description": "Access token for octopus deploy (required when OCTOPUS_API_KEY is not provided)" }, "OCTOPUS_URL": { "type": "string", @@ -68,7 +116,7 @@ spec: }, "OCTOPUS_SPACE": { "type": "string", - "description": "API key for octopus deploy (required)" + "description": "Workspace for octopus deploy (required)" }, "PROJECT": { "type": "string", @@ -149,8 +197,13 @@ spec: [[- if .Arguments.IGNORE_EXISTING ]] --ignore-existing [[ end ]]) - cf_export RELEASE=$OUTPUT environment: - - 'OCTOPUS_URL=[[.Arguments.OCTOPUS_URL]]' + [[ if .Arguments.OCTOPUS_API_KEY ]] - 'OCTOPUS_API_KEY=[[.Arguments.OCTOPUS_API_KEY]]' + [[- end ]] + [[ if .Arguments.OCTOPUS_ACCESS_TOKEN ]] + - 'OCTOPUS_ACCESS_TOKEN=[[.Arguments.OCTOPUS_ACCESS_TOKEN]]' + [[- end ]] + - 'OCTOPUS_URL=[[.Arguments.OCTOPUS_URL]]' - 'OCTOPUS_SPACE=[[.Arguments.OCTOPUS_SPACE]]' delimiters: left: "[[" diff --git a/incubating/octopusdeploy-deploy-release-tenanted/step.yaml b/incubating/octopusdeploy-deploy-release-tenanted/step.yaml index 416c8d919..b292d46f9 100644 --- a/incubating/octopusdeploy-deploy-release-tenanted/step.yaml +++ b/incubating/octopusdeploy-deploy-release-tenanted/step.yaml @@ -2,7 +2,7 @@ version: "1.0" kind: step-type metadata: name: octopusdeploy-deploy-release-tenanted - version: 1.0.1 + version: 1.0.2 title: Deploy a tenanted release in Octopus Deploy isPublic: true description: Deploy a tenanted release in Octopus Deploy @@ -19,7 +19,7 @@ metadata: maintainers: - name: OctopusDeploy examples: - - description: "Deploy using tenant name" + - description: "Deploy using tenant name and API key" workflow: deploy-release-tenanted: type: octopusdeploy-deploy-release-tenanted @@ -37,7 +37,7 @@ metadata: - "prompted-variable1:prompted-value1" - "prompted-variable2:prompted-value2" USE_GUIDED_FAILURE: "false" - - description: "Deploy using tenant tags" + - description: "Deploy using tenant tags and API key" workflow: deploy-release-tenanted: type: octopusdeploy-deploy-release-tenanted @@ -51,6 +51,50 @@ metadata: TENANT_TAGS: - "tagSetA/someTagB" - "tagSetC/someTagD" + - description: "Deploy using tenant name and Octopus access token" + workflow: + login: + type: octopusdeploy-login + arguments: + ID_TOKEN: "${{ID_TOKEN}}" + OCTOPUS_URL: "${{OCTOPUS_URL}}" + OCTOPUS_SERVICE_ACCOUNT_ID: "${{OCTOPUS_SERVICE_ACCOUNT_ID}}" + deploy-release-tenanted: + type: octopusdeploy-deploy-release-tenanted + arguments: + OCTOPUS_ACCESS_TOKEN: "${{OCTOPUS_ACCESS_TOKEN}}" + OCTOPUS_URL: "${{OCTOPUS_URL}}" + OCTOPUS_SPACE: "Spaces-1" + PROJECT: "Project Name" + RELEASE_NUMBER: "1.0.0" + ENVIRONMENT: "Production" + TENANTS: + - "Tenant1" + - "Tenant2" + VARIABLES: + - "prompted-variable1:prompted-value1" + - "prompted-variable2:prompted-value2" + USE_GUIDED_FAILURE: "false" + - description: "Deploy using tenant tags and Octopus access token" + workflow: + login: + type: octopusdeploy-login + arguments: + ID_TOKEN: "${{ID_TOKEN}}" + OCTOPUS_URL: "${{OCTOPUS_URL}}" + OCTOPUS_SERVICE_ACCOUNT_ID: "${{OCTOPUS_SERVICE_ACCOUNT_ID}}" + deploy-release-tenanted: + type: octopusdeploy-deploy-release-tenanted + arguments: + OCTOPUS_ACCESS_TOKEN: "${{OCTOPUS_ACCESS_TOKEN}}" + OCTOPUS_URL: "${{OCTOPUS_URL}}" + OCTOPUS_SPACE: "Spaces-1" + PROJECT: "Another Project Name" + RELEASE_NUMBER: "2.0.0" + ENVIRONMENT: "Development" + TENANT_TAGS: + - "tagSetA/someTagB" + - "tagSetC/someTagD" spec: arguments: |- { @@ -60,11 +104,19 @@ spec: "name": "octopusdeploy-deploy-release-tenanted", "additionalProperties": false, "patterns": [], - "required": ["OCTOPUS_API_KEY", "OCTOPUS_URL", "OCTOPUS_SPACE", "PROJECT", "RELEASE_NUMBER", "ENVIRONMENT"], + "required": ["OCTOPUS_URL", "OCTOPUS_SPACE", "PROJECT", "RELEASE_NUMBER", "ENVIRONMENT"], + "oneOf": [ + {"required": ["OCTOPUS_API_KEY"]}, + {"required": ["OCTOPUS_ACCESS_TOKEN"]} + ], "properties": { "OCTOPUS_API_KEY": { "type": "string", - "description": "API key for octopus deploy (required)" + "description": "API key for octopus deploy (required when OCTOPUS_ACCESS_TOKEN is not provided)" + }, + "OCTOPUS_ACCESS_TOKEN": { + "type": "string", + "description": "Access token for octopus deploy (required when OCTOPUS_API_KEY is not provided)" }, "OCTOPUS_URL": { "type": "string", @@ -72,7 +124,7 @@ spec: }, "OCTOPUS_SPACE": { "type": "string", - "description": "API key for octopus deploy (required)" + "description": "Workspace for octopus deploy (required)" }, "PROJECT": { "type": "string", @@ -154,8 +206,13 @@ spec: name: octopusdeploy-deploy-release-tenanted image: octopuslabs/octopus-cli environment: - - 'OCTOPUS_URL=[[.Arguments.OCTOPUS_URL]]' + [[ if .Arguments.OCTOPUS_API_KEY ]] - 'OCTOPUS_API_KEY=[[.Arguments.OCTOPUS_API_KEY]]' + [[- end ]] + [[ if .Arguments.OCTOPUS_ACCESS_TOKEN ]] + - 'OCTOPUS_ACCESS_TOKEN=[[.Arguments.OCTOPUS_ACCESS_TOKEN]]' + [[- end ]] + - 'OCTOPUS_URL=[[.Arguments.OCTOPUS_URL]]' - 'OCTOPUS_SPACE=[[.Arguments.OCTOPUS_SPACE]]' commands: - OUTPUT=$(octopus release deploy diff --git a/incubating/octopusdeploy-deploy-release/step.yaml b/incubating/octopusdeploy-deploy-release/step.yaml index 205e7fea4..91b66cdd8 100644 --- a/incubating/octopusdeploy-deploy-release/step.yaml +++ b/incubating/octopusdeploy-deploy-release/step.yaml @@ -2,7 +2,7 @@ version: "1.0" kind: step-type metadata: name: octopusdeploy-deploy-release - version: 1.0.0 + version: 1.0.1 title: Deploy a release in Octopus Deploy isPublic: true description: Deploy a release in Octopus Deploy @@ -19,7 +19,8 @@ metadata: maintainers: - name: OctopusDeploy examples: - - workflow: + - description: Usage of the deploy release with API key + workflow: deploy-release: type: octopusdeploy-deploy-release arguments: @@ -35,6 +36,29 @@ metadata: - "prompted-variable1:prompted-value1" - "prompted-variable2:prompted-value2" USE_GUIDED_FAILURE: "false" + - description: Usage of the deploy release with Octopus access token + workflow: + login: + type: octopusdeploy-login + arguments: + ID_TOKEN: "${{ID_TOKEN}}" + OCTOPUS_URL: "${{OCTOPUS_URL}}" + OCTOPUS_SERVICE_ACCOUNT_ID: "${{OCTOPUS_SERVICE_ACCOUNT_ID}}" + deploy-release: + type: octopusdeploy-deploy-release + arguments: + OCTOPUS_ACCESS_TOKEN: "${{OCTOPUS_ACCESS_TOKEN}}" + OCTOPUS_URL: "${{OCTOPUS_URL}}" + OCTOPUS_SPACE: "Spaces-1" + PROJECT: "Project Name" + RELEASE_NUMBER: "1.0.0" + ENVIRONMENTS: + - "Development" + - "Production" + VARIABLES: + - "prompted-variable1:prompted-value1" + - "prompted-variable2:prompted-value2" + USE_GUIDED_FAILURE: "false" spec: arguments: |- { @@ -44,11 +68,19 @@ spec: "name": "octopusdeploy-deploy-release", "additionalProperties": false, "patterns": [], - "required": ["OCTOPUS_API_KEY", "OCTOPUS_URL", "OCTOPUS_SPACE", "PROJECT", "RELEASE_NUMBER", "ENVIRONMENTS"], + "required": ["OCTOPUS_URL", "OCTOPUS_SPACE", "PROJECT", "RELEASE_NUMBER", "ENVIRONMENTS"], + "oneOf": [ + {"required": ["OCTOPUS_API_KEY"]}, + {"required": ["OCTOPUS_ACCESS_TOKEN"]} + ], "properties": { "OCTOPUS_API_KEY": { "type": "string", - "description": "API key for octopus deploy (required)" + "description": "API key for octopus deploy (required when OCTOPUS_ACCESS_TOKEN is not provided)" + }, + "OCTOPUS_ACCESS_TOKEN": { + "type": "string", + "description": "Access token for octopus deploy (required when OCTOPUS_API_KEY is not provided)" }, "OCTOPUS_URL": { "type": "string", @@ -56,7 +88,7 @@ spec: }, "OCTOPUS_SPACE": { "type": "string", - "description": "API key for octopus deploy (required)" + "description": "Workspace for octopus deploy (required)" }, "PROJECT": { "type": "string", @@ -127,8 +159,13 @@ spec: name: octopusdeploy-deploy-release image: octopuslabs/octopus-cli environment: - - 'OCTOPUS_URL=[[.Arguments.OCTOPUS_URL]]' + [[ if .Arguments.OCTOPUS_API_KEY ]] - 'OCTOPUS_API_KEY=[[.Arguments.OCTOPUS_API_KEY]]' + [[- end ]] + [[ if .Arguments.OCTOPUS_ACCESS_TOKEN ]] + - 'OCTOPUS_ACCESS_TOKEN=[[.Arguments.OCTOPUS_ACCESS_TOKEN]]' + [[- end ]] + - 'OCTOPUS_URL=[[.Arguments.OCTOPUS_URL]]' - 'OCTOPUS_SPACE=[[.Arguments.OCTOPUS_SPACE]]' commands: - OUTPUT=$(octopus release deploy diff --git a/incubating/octopusdeploy-login/login.svg b/incubating/octopusdeploy-login/login.svg new file mode 100644 index 000000000..5cf4648db --- /dev/null +++ b/incubating/octopusdeploy-login/login.svg @@ -0,0 +1,7 @@ + + + + + + + diff --git a/incubating/octopusdeploy-login/step.yaml b/incubating/octopusdeploy-login/step.yaml new file mode 100644 index 000000000..16015ee1a --- /dev/null +++ b/incubating/octopusdeploy-login/step.yaml @@ -0,0 +1,83 @@ +version: "1.0" +kind: step-type +metadata: + name: octopusdeploy-login + version: 1.0.0 + title: Log into Octopus Deploy + isPublic: true + description: Log into Octopus Deploy + sources: + - "https://github.com/codefresh-io/steps/tree/master/incubating/octopusdeploy-login" + stage: incubating + official: true + categories: + - utility + icon: + type: svg + url: "https://cdn.jsdelivr.net/gh/codefresh-io/steps/incubating/octopusdeploy-login/login.svg" + background: "#F4F6F8" + maintainers: + - name: OctopusDeploy + examples: + - description: Basic usage of the login step + workflow: + login: + type: octopusdeploy-login + arguments: + ID_TOKEN: "${{ID_TOKEN}}" + OCTOPUS_URL: "${{OCTOPUS_URL}}" + OCTOPUS_SERVICE_ACCOUNT_ID: "${{OCTOPUS_SERVICE_ACCOUNT_ID}}" +spec: + arguments: |- + { + "definitions": {}, + "$schema": "http://json-schema.org/draft-07/schema#", + "type": "object", + "name": "octopusdeploy-login", + "additionalProperties": false, + "patterns": [], + "required": ["ID_TOKEN", "OCTOPUS_URL", "OCTOPUS_SERVICE_ACCOUNT_ID"], + "properties": { + "ID_TOKEN": { + "type": "string", + "description": "The Codefresh OIDC token (required)" + }, + "OCTOPUS_URL": { + "type": "string", + "description": "URL of the octopus deploy server (required)" + }, + "OCTOPUS_SERVICE_ACCOUNT_ID": { + "type": "string", + "description": "The ID (audience) of the Octopus Service Account to log into (required)" + } + } + } + returns: |- + { + "definitions": {}, + "$schema": "http://json-schema.org/draft-07/schema#", + "type": "object", + "patterns": [], + "required": [ + "OCTOPUS_ACCESS_TOKEN" + ], + "properties": { + "OCTOPUS_ACCESS_TOKEN": { + "type": "string", + "description": "Access token for octopus deploy (required)" + } + } + } + stepsTemplate: |- + login: + name: octopusdeploy-login + image: octopuslabs/octopus-cli + tag: latest + environment: + - ID_TOKEN_SECRET=[[ .Arguments.ID_TOKEN ]] + commands: + - octopus login --server "[[ .Arguments.OCTOPUS_URL ]]" --service-account-id "[[ .Arguments.OCTOPUS_SERVICE_ACCOUNT_ID ]]" --id-token "${ID_TOKEN_SECRET}" --no-prompt + - cf_export OCTOPUS_ACCESS_TOKEN=$(octopus config get "AccessToken") --mask + delimiters: + left: "[[" + right: "]]" diff --git a/incubating/octopusdeploy-push-build-information/step.yaml b/incubating/octopusdeploy-push-build-information/step.yaml index 10331d43c..b993f388b 100644 --- a/incubating/octopusdeploy-push-build-information/step.yaml +++ b/incubating/octopusdeploy-push-build-information/step.yaml @@ -2,7 +2,7 @@ version: "1.0" kind: step-type metadata: name: octopusdeploy-push-build-information - version: 1.0.0 + version: 1.0.1 title: Push build information to Octopus Deploy isPublic: true description: Push build information to Octopus Deploy @@ -19,7 +19,7 @@ metadata: maintainers: - name: OctopusDeploy examples: - - description: Basic usage of the push build information step + - description: Basic usage of the push build information step with API key workflow: push-build-information: type: octopusdeploy-push-build-information @@ -33,6 +33,26 @@ metadata: FILE: "SomeFile.json" VERSION: "1.0.0" OVERWRITE_MODE: "fail" + - description: Basic usage of the push build information step with Octopus access token + workflow: + login: + type: octopusdeploy-login + arguments: + ID_TOKEN: "${{ID_TOKEN}}" + OCTOPUS_URL: "${{OCTOPUS_URL}}" + OCTOPUS_SERVICE_ACCOUNT_ID: "${{OCTOPUS_SERVICE_ACCOUNT_ID}}" + push-build-information: + type: octopusdeploy-push-build-information + arguments: + OCTOPUS_ACCESS_TOKEN: "${{OCTOPUS_ACCESS_TOKEN}}" + OCTOPUS_URL: "${{OCTOPUS_URL}}" + OCTOPUS_SPACE: "Spaces 1" + PACKAGE_IDS: + - "SomePackage" + - "SomeOtherPackage" + FILE: "SomeFile.json" + VERSION: "1.0.0" + OVERWRITE_MODE: "fail" spec: arguments: |- { @@ -42,11 +62,19 @@ spec: "name": "octopusdeploy-push-build-information", "additionalProperties": false, "patterns": [], - "required": ["OCTOPUS_API_KEY", "OCTOPUS_URL", "OCTOPUS_SPACE", "PACKAGE_IDS", "FILE", "VERSION"], + "required": ["OCTOPUS_URL", "OCTOPUS_SPACE", "PACKAGE_IDS", "FILE", "VERSION"], + "oneOf": [ + {"required": ["OCTOPUS_API_KEY"]}, + {"required": ["OCTOPUS_ACCESS_TOKEN"]} + ], "properties": { "OCTOPUS_API_KEY": { "type": "string", - "description": "API key for octopus deploy (required)" + "description": "API key for octopus deploy (required when OCTOPUS_ACCESS_TOKEN is not provided)" + }, + "OCTOPUS_ACCESS_TOKEN": { + "type": "string", + "description": "Access token for octopus deploy (required when OCTOPUS_API_KEY is not provided)" }, "OCTOPUS_URL": { "type": "string", @@ -54,7 +82,7 @@ spec: }, "OCTOPUS_SPACE": { "type": "string", - "description": "API key for octopus deploy (required)" + "description": "Workspace for octopus deploy (required)" }, "PACKAGE_IDS": { "type": "array", @@ -90,8 +118,13 @@ spec: [[- if .Arguments.OVERWRITE_MODE ]] --overwrite-mode "[[ .Arguments.OVERWRITE_MODE ]]" [[ end ]] --no-prompt environment: - - 'OCTOPUS_URL=[[.Arguments.OCTOPUS_URL]]' + [[ if .Arguments.OCTOPUS_API_KEY ]] - 'OCTOPUS_API_KEY=[[.Arguments.OCTOPUS_API_KEY]]' + [[- end ]] + [[ if .Arguments.OCTOPUS_ACCESS_TOKEN ]] + - 'OCTOPUS_ACCESS_TOKEN=[[.Arguments.OCTOPUS_ACCESS_TOKEN]]' + [[- end ]] + - 'OCTOPUS_URL=[[.Arguments.OCTOPUS_URL]]' - 'OCTOPUS_SPACE=[[.Arguments.OCTOPUS_SPACE]]' delimiters: left: "[[" diff --git a/incubating/octopusdeploy-push-package/step.yaml b/incubating/octopusdeploy-push-package/step.yaml index 9b3ff0d91..8f8911b67 100644 --- a/incubating/octopusdeploy-push-package/step.yaml +++ b/incubating/octopusdeploy-push-package/step.yaml @@ -2,7 +2,7 @@ version: "1.0" kind: step-type metadata: name: octopusdeploy-push-package - version: 1.0.0 + version: 1.0.1 title: Push a package in Octopus Deploy isPublic: true description: Push a package in Octopus Deploy @@ -19,7 +19,7 @@ metadata: maintainers: - name: OctopusDeploy examples: - - description: Basic usage of the push a package step + - description: Basic usage of the push a package step with API key workflow: push-package: type: octopusdeploy-push-package @@ -31,6 +31,24 @@ metadata: - "SomePackage.1.0.0.zip" - "SomeOtherPackage.1.0.0.zip" OVERWRITE_MODE: "fail" + - description: Basic usage of the push a package step with Octopus access token + workflow: + login: + type: octopusdeploy-login + arguments: + ID_TOKEN: "${{ID_TOKEN}}" + OCTOPUS_URL: "${{OCTOPUS_URL}}" + OCTOPUS_SERVICE_ACCOUNT_ID: "${{OCTOPUS_SERVICE_ACCOUNT_ID}}" + push-package: + type: octopusdeploy-push-package + arguments: + OCTOPUS_ACCESS_TOKEN: "${{OCTOPUS_ACCESS_TOKEN}}" + OCTOPUS_URL: "${{OCTOPUS_URL}}" + OCTOPUS_SPACE: "Spaces 1" + PACKAGES: + - "SomePackage.1.0.0.zip" + - "SomeOtherPackage.1.0.0.zip" + OVERWRITE_MODE: "fail" spec: arguments: |- { @@ -40,11 +58,19 @@ spec: "name": "octopusdeploy-push-package", "additionalProperties": false, "patterns": [], - "required": ["OCTOPUS_API_KEY", "OCTOPUS_URL", "OCTOPUS_SPACE", "PACKAGES"], + "required": ["OCTOPUS_URL", "OCTOPUS_SPACE", "PACKAGES"], + "oneOf": [ + {"required": ["OCTOPUS_API_KEY"]}, + {"required": ["OCTOPUS_ACCESS_TOKEN"]} + ], "properties": { "OCTOPUS_API_KEY": { "type": "string", - "description": "API key for octopus deploy (required)" + "description": "API key for octopus deploy (required when OCTOPUS_ACCESS_TOKEN is not provided)" + }, + "OCTOPUS_ACCESS_TOKEN": { + "type": "string", + "description": "Access token for octopus deploy (required when OCTOPUS_API_KEY is not provided)" }, "OCTOPUS_URL": { "type": "string", @@ -52,7 +78,7 @@ spec: }, "OCTOPUS_SPACE": { "type": "string", - "description": "API key for octopus deploy (required)" + "description": "Workspace for octopus deploy (required)" }, "PACKAGES": { "type": "array", @@ -78,8 +104,13 @@ spec: [[- if .Arguments.OVERWRITE_MODE ]] --overwrite-mode "[[ .Arguments.OVERWRITE_MODE ]]" [[ end ]] --no-prompt environment: - - 'OCTOPUS_URL=[[.Arguments.OCTOPUS_URL]]' + [[ if .Arguments.OCTOPUS_API_KEY ]] - 'OCTOPUS_API_KEY=[[.Arguments.OCTOPUS_API_KEY]]' + [[- end ]] + [[ if .Arguments.OCTOPUS_ACCESS_TOKEN ]] + - 'OCTOPUS_ACCESS_TOKEN=[[.Arguments.OCTOPUS_ACCESS_TOKEN]]' + [[- end ]] + - 'OCTOPUS_URL=[[.Arguments.OCTOPUS_URL]]' - 'OCTOPUS_SPACE=[[.Arguments.OCTOPUS_SPACE]]' delimiters: left: "[[" diff --git a/incubating/octopusdeploy-run-runbook/step.yaml b/incubating/octopusdeploy-run-runbook/step.yaml index 25b6a0513..95df6cb21 100644 --- a/incubating/octopusdeploy-run-runbook/step.yaml +++ b/incubating/octopusdeploy-run-runbook/step.yaml @@ -2,7 +2,7 @@ version: "1.0" kind: step-type metadata: name: octopusdeploy-run-runbook - version: 1.0.0 + version: 1.0.1 title: Run a runbook in Octopus Deploy isPublic: true description: Run a runbook in Octopus Deploy @@ -19,7 +19,7 @@ metadata: maintainers: - name: OctopusDeploy examples: - - description: Basic usage of the run a runbook step + - description: Basic usage of the run a runbook step with API key workflow: run-runbook: type: octopusdeploy-run-runbook @@ -32,7 +32,7 @@ metadata: ENVIRONMENTS: - "Development" - "Production" - - description: Complex usage of the run a runbook step + - description: Complex usage of the run a runbook step with API key workflow: run-runbook: type: octopusdeploy-run-runbook @@ -52,6 +52,51 @@ metadata: TENANT_TAGS: - "Tenant tag 1" USE_GUIDED_FAILURE: "false" + - description: Basic usage of the run a runbook step with Octopus access token + workflow: + login: + type: octopusdeploy-login + arguments: + ID_TOKEN: "${{ID_TOKEN}}" + OCTOPUS_URL: "${{OCTOPUS_URL}}" + OCTOPUS_SERVICE_ACCOUNT_ID: "${{OCTOPUS_SERVICE_ACCOUNT_ID}}" + run-runbook: + type: octopusdeploy-run-runbook + arguments: + OCTOPUS_ACCESS_TOKEN: "${{OCTOPUS_ACCESS_TOKEN}}" + OCTOPUS_URL: "${{OCTOPUS_URL}}" + OCTOPUS_SPACE: "Spaces 1" + PROJECT: "Project Name" + NAME: "Runbook Name" + ENVIRONMENTS: + - "Development" + - "Production" + - description: Complex usage of the run a runbook step with Octopus access token + workflow: + login: + type: octopusdeploy-login + arguments: + ID_TOKEN: "${{ID_TOKEN}}" + OCTOPUS_URL: "${{OCTOPUS_URL}}" + OCTOPUS_SERVICE_ACCOUNT_ID: "${{OCTOPUS_SERVICE_ACCOUNT_ID}}" + run-runbook: + type: octopusdeploy-run-runbook + arguments: + OCTOPUS_ACCESS_TOKEN: "${{OCTOPUS_ACCESS_TOKEN}}" + OCTOPUS_URL: "${{OCTOPUS_URL}}" + OCTOPUS_SPACE: "Spaces 1" + PROJECT: "Project Name" + NAME: "Runbook Name" + ENVIRONMENTS: + - "Development" + - "Production" + VARIABLES: + - "Label:Value" + TENANTS: + - "Tenant 1" + TENANT_TAGS: + - "Tenant tag 1" + USE_GUIDED_FAILURE: "false" spec: arguments: |- { @@ -61,11 +106,19 @@ spec: "name": "octopusdeploy-run-runbook", "additionalProperties": false, "patterns": [], - "required": ["OCTOPUS_API_KEY", "OCTOPUS_URL", "OCTOPUS_SPACE", "PROJECT", "NAME", "ENVIRONMENTS"], + "required": ["OCTOPUS_URL", "OCTOPUS_SPACE", "PROJECT", "NAME", "ENVIRONMENTS"], + "oneOf": [ + {"required": ["OCTOPUS_API_KEY"]}, + {"required": ["OCTOPUS_ACCESS_TOKEN"]} + ], "properties": { "OCTOPUS_API_KEY": { "type": "string", - "description": "API key for octopus deploy (required)" + "description": "API key for octopus deploy (required when OCTOPUS_ACCESS_TOKEN is not provided)" + }, + "OCTOPUS_ACCESS_TOKEN": { + "type": "string", + "description": "Access token for octopus deploy (required when OCTOPUS_API_KEY is not provided)" }, "OCTOPUS_URL": { "type": "string", @@ -73,7 +126,7 @@ spec: }, "OCTOPUS_SPACE": { "type": "string", - "description": "API key for octopus deploy (required)" + "description": "Workspace for octopus deploy (required)" }, "PROJECT": { "type": "string", @@ -171,8 +224,13 @@ spec: --no-prompt) - cf_export RUNBOOK_RUNS=$OUTPUT environment: - - 'OCTOPUS_URL=[[.Arguments.OCTOPUS_URL]]' + [[ if .Arguments.OCTOPUS_API_KEY ]] - 'OCTOPUS_API_KEY=[[.Arguments.OCTOPUS_API_KEY]]' + [[- end ]] + [[ if .Arguments.OCTOPUS_ACCESS_TOKEN ]] + - 'OCTOPUS_ACCESS_TOKEN=[[.Arguments.OCTOPUS_ACCESS_TOKEN]]' + [[- end ]] + - 'OCTOPUS_URL=[[.Arguments.OCTOPUS_URL]]' - 'OCTOPUS_SPACE=[[.Arguments.OCTOPUS_SPACE]]' delimiters: left: "[[" From 62cbc7293be5005ad2e7e9fef23f9f36254eed2c Mon Sep 17 00:00:00 2001 From: Dustin Van Buskirk Date: Thu, 9 Jan 2025 12:40:18 -0800 Subject: [PATCH 4/6] added a simple regex to find jira issue in field by a given regex (#714) --- incubating/jira-issue-manager/script/jira_issue_manager.py | 7 +++++-- incubating/jira-issue-manager/step.yaml | 5 +++-- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/incubating/jira-issue-manager/script/jira_issue_manager.py b/incubating/jira-issue-manager/script/jira_issue_manager.py index f5ad163df..0bd8a9f3f 100644 --- a/incubating/jira-issue-manager/script/jira_issue_manager.py +++ b/incubating/jira-issue-manager/script/jira_issue_manager.py @@ -66,8 +66,11 @@ def environment_setup(): # Logic here to use the regex to grab the jira issue key and assign it to issue jira_issue_source_field = StepUtility.getEnvironmentVariable('JIRA_ISSUE_SOURCE_FIELD', env) jira_issue_source_field_regex = StepUtility.getEnvironmentVariable('JIRA_ISSUE_SOURCE_FIELD_REGEX', env) - ## TODO - Brandon - need to do regex work here - issue = jira_issue_source_field + + if jira_issue_source_field_regex: + issue = re.match(jira_issue_source_field_regex, jira_issue_source_field).group(0) + else: + issue = jira_issue_source_field # Issue fields below # Retrieve the project environment variable and add the project to a dict representation diff --git a/incubating/jira-issue-manager/step.yaml b/incubating/jira-issue-manager/step.yaml index 2c5249404..7ffc71a0b 100644 --- a/incubating/jira-issue-manager/step.yaml +++ b/incubating/jira-issue-manager/step.yaml @@ -2,7 +2,7 @@ kind: step-type version: '1.0' metadata: name: jira-issue-manager - version: 1.0.11 + version: 1.0.12 title: Jira Issue Manager isPublic: true description: Create, Update, & Validate Jira Issues @@ -12,6 +12,7 @@ metadata: stage: incubating maintainers: - name: Brandon Phillips + - name: Dustin Van Buskirk categories: - build official: true @@ -245,7 +246,7 @@ spec: stepsTemplate: |- main: name: jira-issue-manager - image: quay.io/codefreshplugins/jira-issue-manager:1.0.11 + image: quay.io/codefreshplugins/jira-issue-manager:1.0.12 environment: [[ range $key, $val := .Arguments ]] - '[[ $key ]]=[[ $val ]]' From 74e57a80076330434d19ff7b40b5ba759fb6f8eb Mon Sep 17 00:00:00 2001 From: Laurent Rochette Date: Fri, 10 Jan 2025 01:18:44 -0700 Subject: [PATCH 5/6] Snow CVE (#713) --- incubating/service-now/CHANGELOG.md | 9 +++++++++ incubating/service-now/Dockerfile | 2 +- incubating/service-now/step.yaml | 4 ++-- 3 files changed, 12 insertions(+), 3 deletions(-) diff --git a/incubating/service-now/CHANGELOG.md b/incubating/service-now/CHANGELOG.md index c2c05a978..a554a48cf 100644 --- a/incubating/service-now/CHANGELOG.md +++ b/incubating/service-now/CHANGELOG.md @@ -1,5 +1,14 @@ # Changelog +## [1.2.5] - 2025-01-02 + +### Fixed +- CVE-2023-4911 - upgrade glibc +- CVE-2023-6246 - upgrade glibc +- CVE-2024-45492 - Upgrade expat/libexpat1 +- CVE-2024-45491 - Upgrade expat/libexpat1 +- CVE-2024-37371 - Upgrade krb5 + ## [1.2.4] - 2023-09-21 ### Changed - Change logging mechanism diff --git a/incubating/service-now/Dockerfile b/incubating/service-now/Dockerfile index fb94b6c9f..bb83375d1 100644 --- a/incubating/service-now/Dockerfile +++ b/incubating/service-now/Dockerfile @@ -1,4 +1,4 @@ -FROM python:3.11.5-slim-bookworm +FROM python:3.13.1-slim-bookworm RUN pip3 install requests COPY lib/snow.py /snow/snow.py diff --git a/incubating/service-now/step.yaml b/incubating/service-now/step.yaml index 3913d6947..70ba28567 100644 --- a/incubating/service-now/step.yaml +++ b/incubating/service-now/step.yaml @@ -2,7 +2,7 @@ kind: step-type version: '1.0' metadata: name: service-now - version: 1.2.4 + version: 1.2.5 isPublic: true description: Integration with ServiceNow Change Management sources: @@ -86,7 +86,7 @@ spec: }, "SN_IMAGE_VERSION": { "type": "string", - "default": "1.2.4", + "default": "1.2.5", "description": "Version of the ServiceNow image to use, Docker image tag." }, "SN_INSTANCE": { From 4c7c8d11433e0a01cbeb8763cf2719d8468e372f Mon Sep 17 00:00:00 2001 From: Laurent Rochette Date: Fri, 10 Jan 2025 06:11:47 -0700 Subject: [PATCH 6/6] Argocd app status CVE (#712) --- incubating/argocd-app-status/.gitignore | 3 +++ incubating/argocd-app-status/CHANGELOG.md | 14 +++++++++-- incubating/argocd-app-status/Dockerfile | 23 ++++++++++++++++--- incubating/argocd-app-status/requirements.txt | 4 ++-- incubating/argocd-app-status/step.yaml | 6 ++--- 5 files changed, 40 insertions(+), 10 deletions(-) create mode 100644 incubating/argocd-app-status/.gitignore diff --git a/incubating/argocd-app-status/.gitignore b/incubating/argocd-app-status/.gitignore new file mode 100644 index 000000000..d8de0e924 --- /dev/null +++ b/incubating/argocd-app-status/.gitignore @@ -0,0 +1,3 @@ +build +dist +argocd_app_status.spec diff --git a/incubating/argocd-app-status/CHANGELOG.md b/incubating/argocd-app-status/CHANGELOG.md index 56d755a2f..4de9dd45c 100644 --- a/incubating/argocd-app-status/CHANGELOG.md +++ b/incubating/argocd-app-status/CHANGELOG.md @@ -1,6 +1,16 @@ # Changelog -## [1.1.2] - 2023-09-18 +## [1.1.3] - 2024-11-20 ### Changed +* upgrade yarl to 1.17.2 + +### Fixed +* CVE-2024-45491 - upgrade libexpat1 +* CVE-2024-45492 - upgrade libexpat1 +* CVE-2024-37371 - upgrade libkrb5 +* CVE-2023-45853 - upgrade zlib1g + +## [1.1.2] - 2023-09-18 + ### Fixed - PYSEC-2023-135 - upgrade Python module certifi to 2023.7.22 @@ -8,7 +18,7 @@ ## [1.1.1] - 2023-06-03 ### Changed -- Upgrade pythpn version to 3.11.3 +- Upgrade python version to 3.11.3 ### Fixed - Link for application diff --git a/incubating/argocd-app-status/Dockerfile b/incubating/argocd-app-status/Dockerfile index 8deaa6f87..f2f4fd975 100644 --- a/incubating/argocd-app-status/Dockerfile +++ b/incubating/argocd-app-status/Dockerfile @@ -1,7 +1,24 @@ -FROM python:3.11.5-slim-bookworm +# stage 1 Build +# Bookworm is debian based +FROM python:3.13.1-slim-bookworm AS builder WORKDIR /app COPY requirements.txt requirements.txt -RUN pip3 install -r requirements.txt COPY queries queries/ COPY argocd_app_status.py argocd_app_status.py -CMD [ "python3", "argocd_app_status.py"] + +RUN apt-get update && apt-get install -y binutils +RUN pip3 install -r requirements.txt +RUN pip3 install pyinstaller +RUN pyinstaller --strip --onefile argocd_app_status.py + +# stage 2 : Prod +FROM debian:bookworm-slim + +# USER cfuser +RUN adduser cfuser --home /home/codefresh --shel /bin/sh +USER cfuser + +WORKDIR /app +COPY queries queries/ +COPY --from=builder /app/dist/argocd_app_status argocd_app_status +ENTRYPOINT ["/app/argocd_app_status"] diff --git a/incubating/argocd-app-status/requirements.txt b/incubating/argocd-app-status/requirements.txt index 325dd8188..3268aed14 100644 --- a/incubating/argocd-app-status/requirements.txt +++ b/incubating/argocd-app-status/requirements.txt @@ -5,10 +5,10 @@ docopt==0.6.2 gql==3.4.0 graphql-core==3.2.3 idna==3.4 -multidict==6.0.4 +multidict==6.1.0 pipreqs==0.4.13 requests==2.31.0 requests-toolbelt==0.10.1 urllib3==1.26.16 yarg==0.1.9 -yarl==1.9.2 +yarl==1.17.2 diff --git a/incubating/argocd-app-status/step.yaml b/incubating/argocd-app-status/step.yaml index 60fb10237..4c8124eba 100644 --- a/incubating/argocd-app-status/step.yaml +++ b/incubating/argocd-app-status/step.yaml @@ -1,7 +1,7 @@ kind: step-type metadata: name: argocd-app-status - version: 1.1.2 + version: 1.1.3 isPublic: true description: Get Argo CD App status and return its sybc and health status sources: @@ -61,7 +61,7 @@ spec: }, "IMAGE_TAG": { "type": "string", - "default": "1.1.2", + "default": "1.1.3", "description": "OPTIONAL - To overwrite the tag to use" } } @@ -97,7 +97,7 @@ spec: [[- end ]] commands: - cd /app - - python3 argocd_app_status.py + - /app/argocd_app_status delimiters: left: '[[' right: ']]'