Skip to content

[release-1.11] Autobuild on tag push #5945

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Apr 13, 2023
Merged

[release-1.11] Autobuild on tag push #5945

merged 2 commits into from
Apr 13, 2023

Conversation

SgtCoDFish
Copy link
Member

Pull Request Motivation

#5940 backported to release-1.11 as discussed.

Also includes a QoL gitignore fix when switching between branches with workspaces on.

NOTE: This PR also implies a change in the build image used for releases of 1.11. We originally used this image and we change it here.

This is intentional. eu.gcr.io/jetstack-build-infra-images/bazelbuild:20220629-ee75d11-4.2.1 has many vulnerabilities including critical severity vulns. Someone attacking the release process using those vulns doesn't seem particularly likely, but it does seem worth updating here. Since make-dind is much more slim than bazelbuild, it seems worth using that to reduce attack surface.

Kind

/kind feature

Release Note

NONE

@SgtCoDFish
add go workspace files to gitignore
9e72e52 
this aids with switching branches between master / release-1.11

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
@SgtCoDFish
[release-1.11] add gcb configuration file for building cert-manager w…
37a31b5 
…hen tag pushed

After a GCB trigger is configured, this configuration file will enable
cert-manager releases to automatically be built when a new tag is
pushed.

This has been tested on a fork and confirmed to work.

Signed-off-by: Ashley Davis <ashley.davis@jetstack.io>
@jetstack-bot jetstack-bot added release-note-none Denotes a PR that doesn't merit a release note. kind/feature Categorizes issue or PR as related to a new feature. dco-signoff: yes Indicates that all commits in the pull request have the valid DCO sign-off message. approved Indicates a PR has been approved by an approver from all required OWNERS files. size/M Denotes a PR that changes 30-99 lines, ignoring generated files. labels Apr 13, 2023
@inteon
Copy link
Member

inteon commented Apr 13, 2023
edited
Loading

This will help us to more easily release patch versions of 1.11.
Also, in the future; we might change the name of our make targets and this PR will make sure that we can still build releases in the future.
NOTE: changing the build image should have NO effect on the produced artifacts, since every tool used to build the image is vendored in our build process.
/approve
/lgtm

@jetstack-bot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: inteon, SgtCoDFish

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@jetstack-bot jetstack-bot added the lgtm Indicates that a PR is ready to be merged. label Apr 13, 2023
@jetstack-bot jetstack-bot merged commit c21abee into cert-manager:release-1.11 Apr 13, 2023
@SgtCoDFish SgtCoDFish deleted the release-1.11-autobuild branch April 13, 2023 16:34
@jetstack-bot jetstack-bot mentioned this pull request Sep 1, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@inteon inteon

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. dco-signoff: yes Indicates that all commits in the pull request have the valid DCO sign-off message. kind/feature Categorizes issue or PR as related to a new feature. lgtm Indicates that a PR is ready to be merged. release-note-none Denotes a PR that doesn't merit a release note. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@SgtCoDFish @inteon @jetstack-bot