diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile deleted file mode 100644 index 2b28681..0000000 --- a/.devcontainer/Dockerfile +++ /dev/null @@ -1,14 +0,0 @@ -# [Choice] Node.js version (use -bullseye variants on local arm64/Apple Silicon): 18, 16, 14, 18-bullseye, 16-bullseye, 14-bullseye, 18-buster, 16-buster, 14-buster -ARG VARIANT=16-bullseye -FROM mcr.microsoft.com/vscode/devcontainers/javascript-node:0-${VARIANT} - -# [Optional] Uncomment this section to install additional OS packages. -# RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \ -# && apt-get -y install --no-install-recommends - -# [Optional] Uncomment if you want to install an additional version of node using nvm -# ARG EXTRA_NODE_VERSION=10 -# RUN su node -c "source /usr/local/share/nvm/nvm.sh && nvm install ${EXTRA_NODE_VERSION}" - -# [Optional] Uncomment if you want to install more global node modules -# RUN su node -c "npm install -g " diff --git a/.devcontainer/base.Dockerfile b/.devcontainer/base.Dockerfile deleted file mode 100644 index a3e066f..0000000 --- a/.devcontainer/base.Dockerfile +++ /dev/null @@ -1,55 +0,0 @@ -# [Choice] Node.js version (use -bullseye variants on local arm64/Apple Silicon): 18-bullseye, 16-bullseye, 14-bullseye, 18-buster, 16-buster, 14-buster -ARG VARIANT=16-bullseye -FROM node:${VARIANT} - -# [Option] Install zsh -ARG INSTALL_ZSH="true" -# [Option] Upgrade OS packages to their latest versions -ARG UPGRADE_PACKAGES="true" - -# Install needed packages, yarn, nvm and setup non-root user. Use a separate RUN statement to add your own dependencies. -ARG USERNAME=node -ARG USER_UID=1000 -ARG USER_GID=$USER_UID -ARG NPM_GLOBAL=/usr/local/share/npm-global -ENV NVM_DIR=/usr/local/share/nvm -ENV NVM_SYMLINK_CURRENT=true \ - PATH=${NPM_GLOBAL}/bin:${NVM_DIR}/current/bin:${PATH} -COPY library-scripts/*.sh library-scripts/*.env /tmp/library-scripts/ -RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \ - # Remove imagemagick due to https://security-tracker.debian.org/tracker/CVE-2019-10131 - && apt-get purge -y imagemagick imagemagick-6-common \ - # Install common packages, non-root user, update yarn and install nvm - && bash /tmp/library-scripts/common-debian.sh "${INSTALL_ZSH}" "${USERNAME}" "${USER_UID}" "${USER_GID}" "${UPGRADE_PACKAGES}" "true" "true" \ - # Install yarn, nvm - && rm -rf /opt/yarn-* /usr/local/bin/yarn /usr/local/bin/yarnpkg \ - && bash /tmp/library-scripts/node-debian.sh "${NVM_DIR}" "none" "${USERNAME}" \ - # Configure global npm install location, use group to adapt to UID/GID changes - && if ! cat /etc/group | grep -e "^npm:" > /dev/null 2>&1; then groupadd -r npm; fi \ - && usermod -a -G npm ${USERNAME} \ - && umask 0002 \ - && mkdir -p ${NPM_GLOBAL} \ - && touch /usr/local/etc/npmrc \ - && chown ${USERNAME}:npm ${NPM_GLOBAL} /usr/local/etc/npmrc \ - && chmod g+s ${NPM_GLOBAL} \ - && npm config -g set prefix ${NPM_GLOBAL} \ - && sudo -u ${USERNAME} npm config -g set prefix ${NPM_GLOBAL} \ - # Install eslint - && su ${USERNAME} -c "umask 0002 && npm install -g eslint" \ - && npm cache clean --force > /dev/null 2>&1 \ - # Install python-is-python3 on bullseye to prevent node-gyp regressions - && . /etc/os-release \ - && if [ "${VERSION_CODENAME}" = "bullseye" ]; then apt-get -y install --no-install-recommends python-is-python3; fi \ - # Clean up - && apt-get autoremove -y && apt-get clean -y && rm -rf /var/lib/apt/lists/* /root/.gnupg /tmp/library-scripts - -# [Optional] Uncomment this section to install additional OS packages. -# RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \ -# && apt-get -y install --no-install-recommends - -# [Optional] Uncomment if you want to install an additional version of node using nvm -# ARG EXTRA_NODE_VERSION=10 -# RUN su node -c "source /usr/local/share/nvm/nvm.sh && nvm install ${EXTRA_NODE_VERSION}" - -# [Optional] Uncomment if you want to install more global node modules -# RUN su node -c "npm install -g "" \ No newline at end of file diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json deleted file mode 100644 index e0c8f9d..0000000 --- a/.devcontainer/devcontainer.json +++ /dev/null @@ -1,32 +0,0 @@ -// For format details, see https://aka.ms/devcontainer.json. For config options, see the README at: -// https://github.com/microsoft/vscode-dev-containers/tree/v0.245.2/containers/javascript-node -{ - "name": "Node.js", - "build": { - "dockerfile": "Dockerfile", - // Update 'VARIANT' to pick a Node version: 18, 16, 14. - // Append -bullseye or -buster to pin to an OS version. - // Use -bullseye variants on local arm64/Apple Silicon. - "args": { "VARIANT": "16-bullseye" } - }, - - // Configure tool-specific properties. - "customizations": { - // Configure properties specific to VS Code. - "vscode": { - // Add the IDs of extensions you want installed when the container is created. - "extensions": [ - "dbaeumer.vscode-eslint" - ] - } - }, - - // Use 'forwardPorts' to make a list of ports inside the container available locally. - // "forwardPorts": [], - - // Use 'postCreateCommand' to run commands after the container is created. - // "postCreateCommand": "yarn install", - - // Comment out to connect as root instead. More info: https://aka.ms/vscode-remote/containers/non-root. - "remoteUser": "node" -} diff --git a/.github/workflows/test-install-plugin-azurekv.yml b/.github/workflows/test-install-plugin-azurekv.yml deleted file mode 100644 index ead7bed..0000000 --- a/.github/workflows/test-install-plugin-azurekv.yml +++ /dev/null @@ -1,24 +0,0 @@ -on: [push] - -jobs: - hello_world_job: - runs-on: ubuntu-latest - name: Install Notation - steps: - - name: Checkout - uses: actions/checkout@v3 - - name: Setup Notation with azure-kv plugin - uses: ./ # Uses an action in the root directory - id: setup-azure-kv - with: - version: 1.0.0-rc.7 - key_name: example - certificate_key_id: https://example-kv.vault.azure.net/keys/exampleCert/516954296d4d72db64644b2ab35721c2 - plugin_name: notation-azure-kv - plugin_version: 0.6.0 - - name: check version - run: notation version - - name: check plugins - run: notation plugin list - - name: check notation keys - run: notation key list diff --git a/.github/workflows/test-install.yml b/.github/workflows/test-install.yml deleted file mode 100644 index 2b25e1f..0000000 --- a/.github/workflows/test-install.yml +++ /dev/null @@ -1,21 +0,0 @@ -on: [push] - -jobs: - hello_world_job: - runs-on: ubuntu-latest - name: Install Notation - steps: - # To use this repository's private action, - # you must check out the repository - - name: Checkout - uses: actions/checkout@v3 - - name: Setup Notation - uses: ./ # Uses an action in the root directory - id: setup - with: - version: 1.0.0-rc.7 - key_name: example - - name: check version - run: notation version - - name: check notation keys - run: notation key list diff --git a/.gitignore b/.gitignore deleted file mode 100644 index 3190ebf..0000000 --- a/.gitignore +++ /dev/null @@ -1,8 +0,0 @@ -node_modules/ - -terraform/*.tfstate -terraform/*.tfstate.backup -terraform/.terraform.lock.hcl -**/.terraform/* -**/*.tfstate -**/*.tfstate.* diff --git a/LICENSE b/LICENSE deleted file mode 100644 index 33cd190..0000000 --- a/LICENSE +++ /dev/null @@ -1,21 +0,0 @@ -MIT License - -Copyright (c) 2022 Josh Duffney - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. diff --git a/README.md b/README.md deleted file mode 100644 index 5ecd95b..0000000 --- a/README.md +++ /dev/null @@ -1,44 +0,0 @@ -# Notation Action - -> `notation-action` is a GitHub Action that installs and configures the [Notation](https://github.com/notaryproject/notation) CLI for digitally signing Open Container Initiative (OCI) compliant artifacts. - -## Usage - -Setup the `notation` CLI: - -``` -steps: -- uses: notaryproject/notation-action@v1.0.0 -``` - -A specific version of the `notation` CLI can be installed: - -``` -steps: -- uses: notaryproject/notation-action@v1.0.0 - with: - version: 1.0.0-rc.7 -``` - -A [plugin for Azure Key Vault](https://github.com/Azure/notation-azure-kv) can be added to the `notation` CLI: - -``` -steps: - - name: Setup Notation with azure-kv plugin - - uses: notaryproject/notation-action@v1.0.0 - with: - version: 1.0.0-rc.7 - key_name: example - certificate_key_id: https://rg-kv.vault.azure.net/keys/certname/2c12753ba2b44646bd27d4d447020018 - plugin_name: notation-azure-kv - plugin_version: 0.6.0 -``` - -## Inputs - -The actions supports the following inputs: -- `version`: The version of the `notation` to install, defaulting to `1.0.0-rc.1` -- `key_name`: The name of the signing key that is added to Notation, defaulting to `example` -- `certificate_key_id`: The key identifer for the signing certificate located within a key management service, such as Azure Key Vault, AWS Secrets Manager, and GCP Cloud Key Management. -- `plugin_name`: The name of the `notation` plugin to install -- `plugin_version`: The version of the `notation` plugin to install. diff --git a/action.yml b/setup/action.yml similarity index 100% rename from action.yml rename to setup/action.yml diff --git a/dist/index.js b/setup/dist/index.js similarity index 100% rename from dist/index.js rename to setup/dist/index.js diff --git a/dist/licenses.txt b/setup/dist/licenses.txt similarity index 100% rename from dist/licenses.txt rename to setup/dist/licenses.txt diff --git a/index.js b/setup/index.js similarity index 100% rename from index.js rename to setup/index.js diff --git a/lib/utils.js b/setup/lib/utils.js similarity index 100% rename from lib/utils.js rename to setup/lib/utils.js diff --git a/package-lock.json b/setup/package-lock.json similarity index 100% rename from package-lock.json rename to setup/package-lock.json diff --git a/package.json b/setup/package.json similarity index 100% rename from package.json rename to setup/package.json