From 6f8c044a0e2883c2a023e885e646466aaae98581 Mon Sep 17 00:00:00 2001 From: josvaz Date: Fri, 26 Apr 2024 14:57:04 +0200 Subject: [PATCH] Fix release deps & docs (#1545) * Fix release deps & docs Signed-off-by: jose.vazquez * Do not automate install requiring sudo * Apply suggestions from code review Co-authored-by: Sergiusz Urbaniak * Prefix script with sudo --------- Signed-off-by: jose.vazquez Co-authored-by: Sergiusz Urbaniak --- Makefile | 11 ++++++++++- docs/dev/release.md | 7 +++++++ scripts/sudo-install-docker-sbom-plugin.sh | 20 ++++++++++++++++++++ 3 files changed, 37 insertions(+), 1 deletion(-) create mode 100755 scripts/sudo-install-docker-sbom-plugin.sh diff --git a/Makefile b/Makefile index fbcd1a9bae..e93be64e15 100644 --- a/Makefile +++ b/Makefile @@ -4,6 +4,8 @@ SHELL := /usr/bin/env bash # CONTAINER ENGINE: docker | podman CONTAINER_ENGINE?=docker +DOCKER_SBOM_PLUGIN_VERSION=0.6.1 + # VERSION defines the project version for the bundle. # Update this value when you upgrade the version of your project. # To re-generate a bundle for another specific version without changing the standard setup, you can: @@ -482,7 +484,14 @@ govulncheck: vulncheck: ## Run govulncheck to find vulnerabilities in code @./scripts/vulncheck.sh ./vuln-ignore +envsubst: + @which envsubst || go install github.com/drone/envsubst/cmd/envsubst@latest + +docker-sbom: + @docker sbom --help > /dev/null || | + echo "You might need to install the SBOM plugin for docker, check out docs/dev/release.md#tools" + .PHONY: gen-sdlc-checklist -gen-sdlc-checklist: ## Generate the SDLC checklist +gen-sdlc-checklist: envsubst docker-sbom ## Generate the SDLC checklist @VERSION="$(VERSION)" AUTHORS="$(AUTHORS)" RELEASE_TYPE="$(RELEASE_TYPE)" \ ./scripts/gen-sdlc-checklist.sh diff --git a/docs/dev/release.md b/docs/dev/release.md index 0b47c8be52..a411298a15 100644 --- a/docs/dev/release.md +++ b/docs/dev/release.md @@ -10,6 +10,13 @@ This is not required for [Certified Operators](https://github.com/redhat-openshi Finally, make sure you have a "RedHat Connect" account and are a [team member with org administrator role in the team list](https://connect.redhat.com/account/team-members). +### Tools + +Most tools are automatically installed for you. Most of them are Go binaries and use `go install`. There are a few that might cause issues and you might want to pre-install manually: + +- [envsubst](https://www.gnu.org/software/gettext/manual/html_node/envsubst-Invocation.html) for autogenerating the SDLC checklist. Install manually, else makefile automation will install it using `go install`. +- [Docker SBOM plugin](https://github.com/docker/sbom-cli-plugin/) for generating SBOM files. It is available as an experimental feature on Docker for Mac or can be installed manually by [following the official instructions](https://github.com/docker/sbom-cli-plugin/?tab=readme-ov-file#getting-started). Another option is a [helper install script](../../scripts/sudo-install-docker-sbom-plugin.sh). Note: the helper scripts executes command using `sudo` privileges. + ## Create the release branch Use the GitHub UI to create the new "Create Release Branch" workflow. Specify the version to be released in the text box. diff --git a/scripts/sudo-install-docker-sbom-plugin.sh b/scripts/sudo-install-docker-sbom-plugin.sh new file mode 100755 index 0000000000..c31e3d79cb --- /dev/null +++ b/scripts/sudo-install-docker-sbom-plugin.sh @@ -0,0 +1,20 @@ +#!/bin/bash + +set -euxo pipefail + +version=${DOCKER_SBOM_PLUGIN_VERSION:-latest} +os=${OS:-linux} +arch=${ARCH:-amd64} +target=$TMPDIR/sbom-cli-plugin.tgz +docker_path=$(which docker) +docker_dir=$(dirname "${docker_path}") + +download_url_base=https://github.com/docker/sbom-cli-plugin/releases/download +url="${download_url_base}/v${version}/sbom-cli-plugin_${version}_${os}_${arch}.tar.gz" + +curl -L "${url}" -o "${target}" +pushd "${TMPDIR}" +tar zxvf "${target}" docker-sbom +chmod +x docker-sbom +popd +sudo cp "${TMPDIR}/docker-sbom" "${docker_dir}"