From 1ce8e143c100d17b0af680b0181c903f38f1151f Mon Sep 17 00:00:00 2001 From: Pawel Szczepaniak Date: Wed, 20 Aug 2025 14:20:41 +0200 Subject: [PATCH 01/22] Fix installation --- install-binary.sh | 35 ++++++++++++++++++++++++++--------- plugin.yaml | 3 +++ 2 files changed, 29 insertions(+), 9 deletions(-) diff --git a/install-binary.sh b/install-binary.sh index 53dfcb3..737bc05 100755 --- a/install-binary.sh +++ b/install-binary.sh @@ -1,7 +1,21 @@ #!/usr/bin/env bash -# Copied from https://github.com/technosophos/helm-template -# Combination of the Glide and Helm scripts, with my own tweaks. +while [ $# -gt 0 ]; do + case "$1" in + --version*|-v*) + if [[ "$1" != *=* ]]; then shift; fi + VERSION="${1#*=}" + ;; + *) + >&2 printf "Error: Invalid argument\n" + exit 1 + ;; + esac + shift +done +if [ -z $VERSION ]; then + VERSION='latest' +fi PROJECT_NAME="helm-ssm" PROJECT_GH="codacy/$PROJECT_NAME" @@ -42,7 +56,7 @@ initOS() { # verifySupported checks that the os/arch combination is supported for # binary builds. verifySupported() { - local supported="linux-amd64\nmacos-amd64\nwindows-amd64" + local supported="linux-amd64\nmacos-amd64\nwindows-amd64\linux-arm-armv5\linux-arm-armv6\linux-arm-armv7\linux-arm-arm64" if ! echo "${supported}" | grep -q "${OS}-${ARCH}"; then echo "No prebuild binary for ${OS}-${ARCH}." exit 1 @@ -57,12 +71,15 @@ verifySupported() { # getDownloadURL checks the latest available version. getDownloadURL() { # Use the GitHub API to find the latest version for this project. - local latest_url="https://api.github.com/repos/$PROJECT_GH/releases/latest" - local suffix="$OS.tgz" - if type "curl" > /dev/null; then - DOWNLOAD_URL=$(curl -s $latest_url | grep "$suffix" | awk '/"browser_download_url":/{gsub( /[,"]/,"", $2); print $2}') - elif type "wget" > /dev/null; then - DOWNLOAD_URL=$(wget -q -O - $latest_url | awk '/"browser_download_url":/{gsub( /[,"]/,"", $2); print $2}') + if [ $VERSION = 'latest' ]; then + local latest_url="https://api.github.com/repos/$PROJECT_GH/releases/$VERSION" + if type "curl" > /dev/null; then + DOWNLOAD_URL=$(curl -s $latest_url | sort -r | grep $OS -m3 | awk '/"browser_download_url":/{gsub( /[,"]/,"", $2); print $2}') + elif type "wget" > /dev/null; then + DOWNLOAD_URL=$(wget -q -O - $latest_url | awk '/"browser_download_url":/{gsub( /[,"]/,"", $2); print $2}') + fi + else + DOWNLOAD_URL="https://github.com/$PROJECT_GH/releases/download/$VERSION/helm-ssm-$OS.tgz" fi } diff --git a/plugin.yaml b/plugin.yaml index 2ee27ba..75374ba 100644 --- a/plugin.yaml +++ b/plugin.yaml @@ -6,3 +6,6 @@ description: |- ignoreFlags: false useTunnel: false command: "$HELM_PLUGIN_DIR/helm-ssm" +hooks: + install: "$HELM_PLUGIN_DIR/install-binary.sh" + update: "$HELM_PLUGIN_DIR/install-binary.sh" From 474ce0a90f324484256190c922948de5be780b92 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 20 Aug 2025 12:32:37 +0000 Subject: [PATCH 02/22] build(deps): bump golang.org/x/crypto from 0.32.0 to 0.35.0 Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.32.0 to 0.35.0. - [Commits](https://github.com/golang/crypto/compare/v0.32.0...v0.35.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-version: 0.35.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] --- go.mod | 22 ++++++++++++------- go.sum | 69 ++-------------------------------------------------------- 2 files changed, 16 insertions(+), 75 deletions(-) diff --git a/go.mod b/go.mod index 7858755..fbda860 100644 --- a/go.mod +++ b/go.mod @@ -1,23 +1,29 @@ module github.com/codacy/helm-ssm -go 1.15 +go 1.23.0 require ( - github.com/Masterminds/goutils v1.1.1 // indirect - github.com/Masterminds/semver v1.5.0 // indirect github.com/Masterminds/sprig v2.22.0+incompatible github.com/aws/aws-sdk-go v1.55.5 + github.com/spf13/cobra v1.8.1 + gotest.tools/v3 v3.0.2 +) + +require ( + github.com/Masterminds/goutils v1.1.1 // indirect + github.com/Masterminds/semver v1.5.0 // indirect github.com/davecgh/go-spew v1.1.1 // indirect + github.com/google/go-cmp v0.6.0 // indirect github.com/google/uuid v1.6.0 // indirect github.com/huandu/xstrings v1.5.0 // indirect github.com/imdario/mergo v0.3.16 // indirect + github.com/inconshreveable/mousetrap v1.1.0 // indirect + github.com/jmespath/go-jmespath v0.4.0 // indirect github.com/mitchellh/copystructure v1.2.0 // indirect - github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e // indirect + github.com/mitchellh/reflectwalk v1.0.2 // indirect github.com/pkg/errors v0.9.1 // indirect - github.com/spf13/cobra v1.8.1 + github.com/spf13/pflag v1.0.5 // indirect github.com/stretchr/testify v1.2.2 // indirect - golang.org/x/crypto v0.32.0 // indirect - gopkg.in/check.v1 v1.0.0-20200902074654-038fdea0a05b // indirect + golang.org/x/crypto v0.35.0 // indirect gopkg.in/yaml.v2 v2.3.0 // indirect - gotest.tools/v3 v3.0.2 ) diff --git a/go.sum b/go.sum index 5006556..4c21022 100644 --- a/go.sum +++ b/go.sum @@ -25,15 +25,10 @@ github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9Y github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8= github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= -github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= -github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw= github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s= github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ= github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= -github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs= -github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= @@ -48,75 +43,15 @@ github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/testify v1.2.2 h1:bSDNvY7ZPG5RlJ8otE/7V6gMiyenm9RtJ7IUVIAoJ1w= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= -github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc= -golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= -golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8= -golang.org/x/crypto v0.32.0 h1:euUpcYgM8WcP71gNpTqQCn6rC2t6ULUPiOzfWaXVVfc= -golang.org/x/crypto v0.32.0/go.mod h1:ZnnJkOaASj8g0AjIduWNlq2NRxL0PlBrbKVyZ6V/Ugc= -golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= -golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= -golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/crypto v0.35.0 h1:b15kiHdrGCHrP6LvwaQ3c03kgNhhiMgvlhxHQhmg2Xs= +golang.org/x/crypto v0.35.0/go.mod h1:dy7dXNW32cAb/6/PRuTNsix8T+vJAqvuIy5Bli/x0YQ= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= -golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= -golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk= -golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= -golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= -golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= -golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= -golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE= -golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= -golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= -golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU= -golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= -golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY= -golang.org/x/term v0.28.0/go.mod h1:Sw/lC2IAUZ92udQNf3WodGtn4k/XoLyZoh8v/8uiwek= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= -golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= -golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190624222133-a101b041ded4/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= -golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= -golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58= -golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk= -golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20200902074654-038fdea0a05b h1:QRR6H1YWRnHb4Y/HeNFCTJLFVxaq6wH4YuVdsUOr75U= -gopkg.in/check.v1 v1.0.0-20200902074654-038fdea0a05b/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.3.0 h1:clyUAQHOM3G0M3f5vQj7LuJrETvjVot3Z5el9nffUtU= gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= From ac5ea57d917f33926be5c4a43a4340ae45978da6 Mon Sep 17 00:00:00 2001 From: Pawel Szczepaniak Date: Wed, 20 Aug 2025 14:47:40 +0200 Subject: [PATCH 03/22] Moving release to GHA --- .github/CODEOWNERS | 4 ---- .github/workflows/main.yml | 40 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 40 insertions(+), 4 deletions(-) delete mode 100644 .github/CODEOWNERS create mode 100644 .github/workflows/main.yml diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS deleted file mode 100644 index bf17397..0000000 --- a/.github/CODEOWNERS +++ /dev/null @@ -1,4 +0,0 @@ -* @lolgab @ljmf00 @andreaTP @rtfpessoa @bmbferreira @DReigada @pedrocodacy - -*.yml @h314to @paulopontesm - diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml new file mode 100644 index 0000000..1b6a515 --- /dev/null +++ b/.github/workflows/main.yml @@ -0,0 +1,40 @@ +name: build-release + +on: push + +jobs: + build-test: + runs-on: blacksmith-2vcpu-ubuntu-2204 + permissions: + id-token: write + contents: read + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-go@v5 + with: + go-version: "1.23.10" + - run: go mod download + - run: go install github.com/jstemmer/go-junit-report/v2@v2.0.0 + - run: make test | go-junit-report >> ${TEST_RESULTS}/go-test-report.xml + - run: make dist + + goreleaser: + runs-on: blacksmith-2vcpu-ubuntu-2204-arm + permissions: + id-token: write + contents: read + needs: build-test + if: startsWith(github.ref, 'refs/tags/v') + steps: + - uses: actions/checkout@v4 + - run: git config --global --add safe.directory /__w/ccli/ccli + - uses: actions/setup-go@v5 + with: + go-version: "1.23.10" + - uses: goreleaser/goreleaser-action@v5 + with: + version: latest + args: release --clean -p 4 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + CGO_ENABLED: 0 # Required to run on Debian Buster for tutti-blocket deployment From 175b375a4eec0b57d5afe4c18221bda8c8a5121d Mon Sep 17 00:00:00 2001 From: Pawel Szczepaniak Date: Wed, 20 Aug 2025 14:53:54 +0200 Subject: [PATCH 04/22] Removing codacy occurences --- .circleci/config.yml | 106 ------------------------------------------- LICENSE | 2 +- README.md | 24 +--------- cmd/main.go | 2 +- go.mod | 4 +- install-binary.sh | 4 +- 6 files changed, 7 insertions(+), 135 deletions(-) delete mode 100644 .circleci/config.yml diff --git a/.circleci/config.yml b/.circleci/config.yml deleted file mode 100644 index ca9d82c..0000000 --- a/.circleci/config.yml +++ /dev/null @@ -1,106 +0,0 @@ -version: 2.1 - -orbs: - codacy: codacy/base@9.3.5 - -jobs: - build: # runs not using Workflows must have a `build` job as entry point - docker: # run the steps with Docker - - image: cimg/go:1.19 # - - # directory where steps are run. Path must conform to the Go Workspace requirements - working_directory: ~/workdir/helm-ssm - - environment: # environment variables for the build itself - TEST_RESULTS: /tmp/test-results # path to where test results will be saved - - steps: # steps that comprise the `build` job - - attach_workspace: - at: ~/workdir/helm-ssm - - - run: mkdir -p $TEST_RESULTS # create the test results directory - - - restore_cache: # restores saved cache if no changes are detected since last run - # Read about caching dependencies: https://circleci.com/docs/2.0/caching/ - keys: - - v2020-09-pkg-cache - - - run: go install github.com/jstemmer/go-junit-report/v2@v2.0.0 - - - run: - name: Run unit tests - # Store the results of our tests in the $TEST_RESULTS directory - command: | - make test | go-junit-report >> ${TEST_RESULTS}/go-test-report.xml - - - run: make dist # pull and build dependencies for the project - - - persist_to_workspace: - root: ~/workdir/helm-ssm - paths: - - '*' - - - save_cache: # Store cache in the /go/pkg directory - key: v1-pkg-cache - paths: - - "/go/pkg" - - - store_artifacts: # Upload test summary for display in Artifacts: https://circleci.com/docs/2.0/artifacts/ - path: /tmp/test-results - destination: raw-test-output - - - store_test_results: # Upload test results for display in Test Summary: https://circleci.com/docs/2.0/collect-test-data/ - path: /tmp/test-results - - publish: # runs not using Workflows must have a `build` job as entry point - docker: # run the steps with Docker - - image: cimg/go:1.19 # - - # directory where steps are run. Path must conform to the Go Workspace requirements - working_directory: ~/workdir/helm-ssm - steps: # steps that comprise the `build` job - - attach_workspace: - at: ~/workdir/helm-ssm - - - run: - name: "Publish Release on GitHub" - command: | - export VERSION="$(cat .version)" - echo "Publishing version ${VERSION}" - ls -lisah ./_dist/ - - curl -L https://github.com/cli/cli/releases/download/v1.1.0/gh_1.1.0_linux_amd64.deb -o gh.deb - sudo dpkg -i gh.deb - echo ${GITHUB_TOKEN} | gh auth login --with-token - gh config set prompt disabled - gh release create ${VERSION} ./_dist/*.tgz - - -workflows: - version: 2 - ci: - jobs: - - codacy/checkout_and_version - - build: - requires: - - codacy/checkout_and_version - - codacy/tag_version: - name: tag_version - context: CodacyAWS - requires: - - build - filters: - branches: - only: - - master - - publish: - context: CodacyGitHub - requires: - - tag_version - - codacy/tag_version: - name: tag_version_latest - context: CodacyAWS - version: latest - force: true - requires: - - publish \ No newline at end of file diff --git a/LICENSE b/LICENSE index 7db6074..fc5527e 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,6 @@ MIT License -Copyright (c) 2019 Codacy +Copyright (c) 2025 SMG Swiss Marketplace Group Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/README.md b/README.md index 40accf5..e7e8407 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,5 @@ # Helm SSM Plugin -[![Codacy Badge](https://api.codacy.com/project/badge/Grade/d3cd080edd8644e085f2f8adfd43510c)](https://www.codacy.com?utm_source=github.com&utm_medium=referral&utm_content=codacy/helm-ssm&utm_campaign=Badge_Grade) -[![CircleCI](https://circleci.com/gh/codacy/helm-ssm.svg?style=svg)](https://circleci.com/gh/codacy/helm-ssm) This is a **helm3** plugin to help developers inject values coming from AWS SSM parameters, on the `values.yaml` file. It also leverages the wonderful [sprig](http://masterminds.github.io/sprig/) @@ -81,7 +79,7 @@ Choose the latest version from the releases and install the appropriate version for your OS as indicated below. ```sh -$ helm plugin add https://github.com/codacy/helm-ssm +$ helm plugin add https://github.com/tutti-ch/helm-ssm ``` ### Developer (From Source) Install @@ -98,26 +96,6 @@ this is how we recommend doing it. $ make install ``` -## What is Codacy - -[Codacy](https://www.codacy.com/) is an Automated Code Review Tool that monitors your technical debt, helps you improve your code quality, teaches best practices to your developers, and helps you save time in Code Reviews. - -### Among Codacy’s features - -- Identify new Static Analysis issues -- Commit and Pull Request Analysis with GitHub, BitBucket/Stash, GitLab (and also direct git repositories) -- Auto-comments on Commits and Pull Requests -- Integrations with Slack, HipChat, Jira, YouTrack -- Track issues in Code Style, Security, Error Proneness, Performance, Unused Code and other categories - -Codacy also helps keep track of Code Coverage, Code Duplication, and Code Complexity. - -Codacy supports PHP, Python, Ruby, Java, JavaScript, and Scala, among others. - -## Free for Open Source - -Codacy is free for Open Source projects. - ## License helm-ssm is available under the MIT license. See the LICENSE file for more info. diff --git a/cmd/main.go b/cmd/main.go index e5b1209..6b225fa 100644 --- a/cmd/main.go +++ b/cmd/main.go @@ -6,7 +6,7 @@ import ( "path/filepath" "strings" - hssm "github.com/codacy/helm-ssm/internal" + hssm "github.com/tutti-ch/helm-ssm/internal" "github.com/spf13/cobra" ) diff --git a/go.mod b/go.mod index 7858755..789d41d 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ -module github.com/codacy/helm-ssm +module github.com/tutti-ch/helm-ssm -go 1.15 +go 1.23 require ( github.com/Masterminds/goutils v1.1.1 // indirect diff --git a/install-binary.sh b/install-binary.sh index 737bc05..c44c897 100755 --- a/install-binary.sh +++ b/install-binary.sh @@ -18,7 +18,7 @@ if [ -z $VERSION ]; then fi PROJECT_NAME="helm-ssm" -PROJECT_GH="codacy/$PROJECT_NAME" +PROJECT_GH="tutti-ch/$PROJECT_NAME" eval $(helm env) if [[ $SKIP_BIN_INSTALL == "1" ]]; then @@ -113,7 +113,7 @@ fail_trap() { result=$? if [ "$result" != "0" ]; then echo "Failed to install $PROJECT_NAME" - echo "For support, go to https://github.com/codacy/helm-ssm." + echo "For support, go to https://github.com/tutti-ch/helm-ssm." fi exit $result } From f8a932345336cb3e05b613eab2d117534c412864 Mon Sep 17 00:00:00 2001 From: Pawel Szczepaniak Date: Wed, 20 Aug 2025 14:56:21 +0200 Subject: [PATCH 05/22] Remove codeowners --- .github/CODEOWNERS | 4 ---- 1 file changed, 4 deletions(-) delete mode 100644 .github/CODEOWNERS diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS deleted file mode 100644 index bf17397..0000000 --- a/.github/CODEOWNERS +++ /dev/null @@ -1,4 +0,0 @@ -* @lolgab @ljmf00 @andreaTP @rtfpessoa @bmbferreira @DReigada @pedrocodacy - -*.yml @h314to @paulopontesm - From e39804dececf73f92926d014d8916cc252ee1081 Mon Sep 17 00:00:00 2001 From: Pawel Szczepaniak Date: Wed, 20 Aug 2025 15:00:15 +0200 Subject: [PATCH 06/22] Cleanup --- .github/workflows/comment_issue.yml | 97 --------------------- .github/workflows/create_issue.yml | 90 ------------------- .github/workflows/create_issue_on_label.yml | 82 ----------------- .github/workflows/main.yml | 40 ++++----- 4 files changed, 20 insertions(+), 289 deletions(-) delete mode 100644 .github/workflows/comment_issue.yml delete mode 100644 .github/workflows/create_issue.yml delete mode 100644 .github/workflows/create_issue_on_label.yml diff --git a/.github/workflows/comment_issue.yml b/.github/workflows/comment_issue.yml deleted file mode 100644 index 12fb218..0000000 --- a/.github/workflows/comment_issue.yml +++ /dev/null @@ -1,97 +0,0 @@ -name: Comment issue on Jira - -on: - issue_comment: - types: [created] - -jobs: - jira: - env: - JIRA_CREATE_COMMENT_AUTO: ${{ secrets.JIRA_CREATE_COMMENT_AUTO }} - runs-on: ubuntu-latest - steps: - - - name: Start workflow if JIRA_CREATE_COMMENT_AUTO is enabled - if: env.JIRA_CREATE_COMMENT_AUTO == 'true' - run: echo "Starting workflow" - - - name: Check GitHub Issue type - if: env.JIRA_CREATE_COMMENT_AUTO == 'true' - id: github_issue_type - uses: actions/github-script@v2.0.0 - with: - result-encoding: string - script: | - // An Issue can be a pull request, you can identify pull requests by the pull_request key - const pullRequest = ${{ toJson(github.event.issue.pull_request) }} - if(pullRequest) { - return "pull-request" - } else { - return "issue" - } - - - name: Check if GitHub Issue has JIRA_ISSUE_LABEL - if: env.JIRA_CREATE_COMMENT_AUTO == 'true' - id: github_issue_has_jira_issue_label - uses: actions/github-script@v2.0.0 - env: - JIRA_ISSUE_LABEL: ${{ secrets.JIRA_ISSUE_LABEL }} - with: - result-encoding: string - script: | - const labels = ${{ toJson(github.event.issue.labels) }} - if(labels.find(label => label.name == process.env.JIRA_ISSUE_LABEL)) { - return "true" - } else { - return "false" - } - - - name: Continue workflow only for Issues (not Pull Requests) tagged with JIRA_ISSUE_LABEL - if: env.JIRA_CREATE_COMMENT_AUTO == 'true' && env.GITHUB_ISSUE_TYPE == 'issue' && env.GITHUB_ISSUE_HAS_JIRA_ISSUE_LABEL == 'true' - env: - GITHUB_ISSUE_TYPE: ${{ steps.github_issue_type.outputs.result }} - GITHUB_ISSUE_HAS_JIRA_ISSUE_LABEL: ${{ steps.github_issue_has_jira_issue_label.outputs.result }} - run: echo "GitHub Issue is tracked on Jira, eligilbe to be commented" - - - name: Jira Login - if: env.JIRA_CREATE_COMMENT_AUTO == 'true' && env.GITHUB_ISSUE_TYPE == 'issue' && env.GITHUB_ISSUE_HAS_JIRA_ISSUE_LABEL == 'true' - id: login - uses: atlassian/gajira-login@v2.0.0 - env: - GITHUB_ISSUE_TYPE: ${{ steps.github_issue_type.outputs.result }} - GITHUB_ISSUE_HAS_JIRA_ISSUE_LABEL: ${{ steps.github_issue_has_jira_issue_label.outputs.result }} - JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }} - JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }} - JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }} - - - name: Extract Jira number - if: env.JIRA_CREATE_COMMENT_AUTO == 'true' && env.GITHUB_ISSUE_TYPE == 'issue' && env.GITHUB_ISSUE_HAS_JIRA_ISSUE_LABEL == 'true' - id: extract_jira_number - uses: actions/github-script@v2.0.0 - env: - GITHUB_ISSUE_TYPE: ${{ steps.github_issue_type.outputs.result }} - GITHUB_ISSUE_HAS_JIRA_ISSUE_LABEL: ${{ steps.github_issue_has_jira_issue_label.outputs.result }} - JIRA_PROJECT: ${{ secrets.JIRA_PROJECT }} - GITHUB_TITLE: ${{ github.event.issue.title }} - with: - script: | - const jiraTaskRegex = new RegExp(`\\\[(${process.env.JIRA_PROJECT}-[0-9]+?)\\\]`) - return process.env.GITHUB_TITLE.match(jiraTaskRegex)[1] - result-encoding: string - - - name: Jira Add comment on issue - if: env.JIRA_CREATE_COMMENT_AUTO == 'true' && env.GITHUB_ISSUE_TYPE == 'issue' && env.GITHUB_ISSUE_HAS_JIRA_ISSUE_LABEL == 'true' - id: add_comment_jira_issue - uses: atlassian/gajira-comment@v2.0.2 - env: - GITHUB_ISSUE_TYPE: ${{ steps.github_issue_type.outputs.result }} - GITHUB_ISSUE_HAS_JIRA_ISSUE_LABEL: ${{ steps.github_issue_has_jira_issue_label.outputs.result }} - with: - issue: ${{ steps.extract_jira_number.outputs.result }} - comment: | - GitHub Comment : ${{ github.event.comment.user.login }} - {quote}${{ github.event.comment.body }}{quote} - ---- - {panel} - _[Github permalink |${{ github.event.comment.html_url }}]_ - {panel} diff --git a/.github/workflows/create_issue.yml b/.github/workflows/create_issue.yml deleted file mode 100644 index 14c9f3b..0000000 --- a/.github/workflows/create_issue.yml +++ /dev/null @@ -1,90 +0,0 @@ -name: Create issue on Jira - -on: - issues: - types: [opened] - -jobs: - jira: - env: - JIRA_CREATE_ISSUE_AUTO: ${{ secrets.JIRA_CREATE_ISSUE_AUTO }} - runs-on: ubuntu-latest - steps: - - - name: Start workflow if JIRA_CREATE_ISSUE_AUTO is enabled - if: env.JIRA_CREATE_ISSUE_AUTO == 'true' - run: echo "Starting workflow" - - - name: Jira Login - if: env.JIRA_CREATE_ISSUE_AUTO == 'true' - id: login - uses: atlassian/gajira-login@v2.0.0 - env: - JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }} - JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }} - JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }} - - - name: Jira Create issue - if: env.JIRA_CREATE_ISSUE_AUTO == 'true' - id: create_jira_issue - uses: atlassian/gajira-create@v2.0.1 - with: - project: ${{ secrets.JIRA_PROJECT }} - issuetype: ${{ secrets.JIRA_ISSUE_TYPE }} - summary: "[GH#${{ github.event.issue.number }}] ${{ github.event.issue.title }}" - description: | - ${{ github.event.issue.body }} - ---- - {panel} - _[Github permalink |${{ github.event.issue.html_url }}]_ - {panel} - - - name: Update Jira issue if JIRA_UPDATE_ISSUE_BODY is defined - if: env.JIRA_CREATE_ISSUE_AUTO == 'true' && env.JIRA_UPDATE_ISSUE_BODY != '' - env: - JIRA_UPDATE_ISSUE_BODY: ${{ secrets.JIRA_UPDATE_ISSUE_BODY }} - run: > - curl - -u ${{ secrets.JIRA_USER_EMAIL }}:${{ secrets.JIRA_API_TOKEN }} - -X PUT - -H 'Content-Type: application/json' - -d '${{ env.JIRA_UPDATE_ISSUE_BODY }}' - ${{ secrets.JIRA_BASE_URL }}/rest/api/2/issue/${{ steps.create_jira_issue.outputs.issue }} - - - name: Update GitHub issue - if: env.JIRA_CREATE_ISSUE_AUTO == 'true' - uses: actions/github-script@v2.0.0 - env: - JIRA_ISSUE_NUMBER: ${{ steps.create_jira_issue.outputs.issue }} - GITHUB_ORIGINAL_TITLE: ${{ github.event.issue.title }} - JIRA_ISSUE_LABEL: ${{ secrets.JIRA_ISSUE_LABEL }} - with: - github-token: ${{secrets.GITHUB_TOKEN}} - script: | - const newTitle = `[${process.env.JIRA_ISSUE_NUMBER}] ${process.env.GITHUB_ORIGINAL_TITLE}` - github.issues.update({ - issue_number: context.issue.number, - owner: context.repo.owner, - repo: context.repo.repo, - title: newTitle - }) - github.issues.addLabels({ - issue_number: context.issue.number, - owner: context.repo.owner, - repo: context.repo.repo, - labels: [process.env.JIRA_ISSUE_LABEL] - }) - - - - name: Add comment after sync - if: env.JIRA_CREATE_ISSUE_AUTO == 'true' - uses: actions/github-script@v2.0.0 - with: - github-token: ${{secrets.GITHUB_TOKEN}} - script: | - github.issues.createComment({ - issue_number: context.issue.number, - owner: context.repo.owner, - repo: context.repo.repo, - body: 'Internal ticket created : [${{ steps.create_jira_issue.outputs.issue }}](${{ secrets.JIRA_BASE_URL }}/browse/${{ steps.create_jira_issue.outputs.issue }})' - }) diff --git a/.github/workflows/create_issue_on_label.yml b/.github/workflows/create_issue_on_label.yml deleted file mode 100644 index de4ab93..0000000 --- a/.github/workflows/create_issue_on_label.yml +++ /dev/null @@ -1,82 +0,0 @@ -name: Create issue on Jira when labeled with JIRA_ISSUE_LABEL - -on: - issues: - types: [labeled] - -jobs: - jira: - env: - JIRA_ISSUE_LABEL: ${{ secrets.JIRA_ISSUE_LABEL }} - runs-on: ubuntu-latest - steps: - - - name: Start workflow if GitHub issue is tagged with JIRA_ISSUE_LABEL - if: github.event.label.name == env.JIRA_ISSUE_LABEL - run: echo "Starting workflow" - - - name: Jira Login - if: github.event.label.name == env.JIRA_ISSUE_LABEL - id: login - uses: atlassian/gajira-login@v2.0.0 - env: - JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }} - JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }} - JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }} - - - name: Jira Create issue - if: github.event.label.name == env.JIRA_ISSUE_LABEL - id: create_jira_issue - uses: atlassian/gajira-create@v2.0.1 - with: - project: ${{ secrets.JIRA_PROJECT }} - issuetype: ${{ secrets.JIRA_ISSUE_TYPE }} - summary: "[GH#${{ github.event.issue.number }}] ${{ github.event.issue.title }}" - description: | - ${{ github.event.issue.body }} - ---- - {panel} - _[Github permalink |${{ github.event.issue.html_url }}]_ - {panel} - - - name: Update Jira issue if JIRA_UPDATE_ISSUE_BODY is defined - if: github.event.label.name == env.JIRA_ISSUE_LABEL && env.JIRA_UPDATE_ISSUE_BODY != '' - env: - JIRA_UPDATE_ISSUE_BODY: ${{ secrets.JIRA_UPDATE_ISSUE_BODY }} - run: > - curl - -u ${{ secrets.JIRA_USER_EMAIL }}:${{ secrets.JIRA_API_TOKEN }} - -X PUT - -H 'Content-Type: application/json' - -d '${{ env.JIRA_UPDATE_ISSUE_BODY }}' - ${{ secrets.JIRA_BASE_URL }}/rest/api/2/issue/${{ steps.create_jira_issue.outputs.issue }} - - - name: Change Title - if: github.event.label.name == env.JIRA_ISSUE_LABEL - uses: actions/github-script@v2.0.0 - env: - JIRA_ISSUE_NUMBER: ${{ steps.create_jira_issue.outputs.issue }} - GITHUB_ORIGINAL_TITLE: ${{ github.event.issue.title }} - with: - github-token: ${{secrets.GITHUB_TOKEN}} - script: | - const newTitle = `[${process.env.JIRA_ISSUE_NUMBER}] ${process.env.GITHUB_ORIGINAL_TITLE}` - github.issues.update({ - issue_number: context.issue.number, - owner: context.repo.owner, - repo: context.repo.repo, - title: newTitle - }) - - - name: Add comment after sync - if: github.event.label.name == env.JIRA_ISSUE_LABEL - uses: actions/github-script@v2.0.0 - with: - github-token: ${{secrets.GITHUB_TOKEN}} - script: | - github.issues.createComment({ - issue_number: context.issue.number, - owner: context.repo.owner, - repo: context.repo.repo, - body: 'Internal ticket created : [${{ steps.create_jira_issue.outputs.issue }}](${{ secrets.JIRA_BASE_URL }}/browse/${{ steps.create_jira_issue.outputs.issue }})' - }) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 1b6a515..f055820 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -18,23 +18,23 @@ jobs: - run: make test | go-junit-report >> ${TEST_RESULTS}/go-test-report.xml - run: make dist - goreleaser: - runs-on: blacksmith-2vcpu-ubuntu-2204-arm - permissions: - id-token: write - contents: read - needs: build-test - if: startsWith(github.ref, 'refs/tags/v') - steps: - - uses: actions/checkout@v4 - - run: git config --global --add safe.directory /__w/ccli/ccli - - uses: actions/setup-go@v5 - with: - go-version: "1.23.10" - - uses: goreleaser/goreleaser-action@v5 - with: - version: latest - args: release --clean -p 4 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - CGO_ENABLED: 0 # Required to run on Debian Buster for tutti-blocket deployment + goreleaser: + runs-on: blacksmith-2vcpu-ubuntu-2204-arm + permissions: + id-token: write + contents: read + needs: build-test + if: startsWith(github.ref, 'refs/tags/v') + steps: + - uses: actions/checkout@v4 + - run: git config --global --add safe.directory /__w/ccli/ccli + - uses: actions/setup-go@v5 + with: + go-version: "1.23.10" + - uses: goreleaser/goreleaser-action@v5 + with: + version: latest + args: release --clean -p 4 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + CGO_ENABLED: 0 # Required to run on Debian Buster for tutti-blocket deployment From 56a1b59c54219a0df29b187a2a33c9d2425740cb Mon Sep 17 00:00:00 2001 From: Pawel Szczepaniak Date: Wed, 20 Aug 2025 15:05:44 +0200 Subject: [PATCH 07/22] Remove Makefile --- .github/workflows/main.yml | 11 +++++++--- Makefile | 44 -------------------------------------- 2 files changed, 8 insertions(+), 47 deletions(-) delete mode 100644 Makefile diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index f055820..d87dba1 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -13,10 +13,15 @@ jobs: - uses: actions/setup-go@v5 with: go-version: "1.23.10" + - uses: golangci/golangci-lint-action@v6 + env: + GOFLAGS: "-buildvcs=false" + with: + version: v1.62.2 + args: --timeout 10m --concurrency 4 - run: go mod download - - run: go install github.com/jstemmer/go-junit-report/v2@v2.0.0 - - run: make test | go-junit-report >> ${TEST_RESULTS}/go-test-report.xml - - run: make dist + - run: go test -v ./.. + - run: go build . goreleaser: runs-on: blacksmith-2vcpu-ubuntu-2204-arm diff --git a/Makefile b/Makefile deleted file mode 100644 index d507d49..0000000 --- a/Makefile +++ /dev/null @@ -1,44 +0,0 @@ -HELM_PLUGIN_DIR ?= $(shell helm env | grep HELM_PLUGINS | cut -d\" -f2)/helm-ssm -HELM_PLUGIN_NAME := helm-ssm -VERSION := $(shell cat .version) -DIST := $(CURDIR)/_dist -LDFLAGS := "-X main.version=${VERSION}" - -.PHONY: install -install: dist - @if [ ! -f .version ] ; then echo "dev" > .version ; fi - mkdir -p $(HELM_PLUGIN_DIR) - @if [ "$$(uname)" = "Darwin" ]; then file="${HELM_PLUGIN_NAME}-macos"; \ - elif [ "$$(uname)" = "Linux" ]; then file="${HELM_PLUGIN_NAME}-linux"; \ - else file="${HELM_PLUGIN_NAME}-windows"; \ - fi; \ - mkdir -p $(DIST)/$$file ; \ - tar -xf $(DIST)/$$file.tgz -C $(DIST)/$$file ; \ - cp -r $(DIST)/$$file/* $(HELM_PLUGIN_DIR) ;\ - rm -rf $(DIST)/$$file - -.PHONY: hookInstall -hookInstall: build - -.PHONY: build -build: - go build -o bin/${HELM_PLUGIN_NAME} -ldflags $(LDFLAGS) ./cmd - -.PHONY: test -test: - go test -v ./internal - -.PHONY: dist -dist: - mkdir -p $(DIST) - sed -i.bak 's/version:.*/version: "'$(VERSION)'"/g' plugin.yaml && rm plugin.yaml.bak - CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o ${HELM_PLUGIN_NAME} -ldflags $(LDFLAGS) ./cmd - tar -zcvf $(DIST)/${HELM_PLUGIN_NAME}-linux.tgz ${HELM_PLUGIN_NAME} README.md LICENSE plugin.yaml - CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build -o ${HELM_PLUGIN_NAME} -ldflags $(LDFLAGS) ./cmd - tar -zcvf $(DIST)/${HELM_PLUGIN_NAME}-linux-arm.tgz ${HELM_PLUGIN_NAME} README.md LICENSE plugin.yaml - CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build -o ${HELM_PLUGIN_NAME} -ldflags $(LDFLAGS) ./cmd - tar -zcvf $(DIST)/${HELM_PLUGIN_NAME}-macos.tgz ${HELM_PLUGIN_NAME} README.md LICENSE plugin.yaml - CGO_ENABLED=0 GOOS=windows GOARCH=amd64 go build -o ${HELM_PLUGIN_NAME}.exe -ldflags $(LDFLAGS) ./cmd - tar -zcvf $(DIST)/${HELM_PLUGIN_NAME}-windows.tgz ${HELM_PLUGIN_NAME}.exe README.md LICENSE plugin.yaml - rm ${HELM_PLUGIN_NAME} - rm ${HELM_PLUGIN_NAME}.exe \ No newline at end of file From e7a48ad25fd4312d934240b5dfa9a75f889056f4 Mon Sep 17 00:00:00 2001 From: Pawel Szczepaniak Date: Wed, 20 Aug 2025 15:27:38 +0200 Subject: [PATCH 08/22] Add fake job --- .github/workflows/main.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index d87dba1..a9b39ac 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -3,6 +3,14 @@ name: build-release on: push jobs: + test-job: + runs-on: blacksmith-2vcpu-ubuntu-2204 + permissions: + id-token: write + contents: read + steps: + - run: echo "Hello world" + build-test: runs-on: blacksmith-2vcpu-ubuntu-2204 permissions: From 388ca78d0ae6e5cf3fd22c813b847596eb913383 Mon Sep 17 00:00:00 2001 From: Pawel Szczepaniak Date: Wed, 20 Aug 2025 15:32:32 +0200 Subject: [PATCH 09/22] Remove excessive permissions --- .github/workflows/main.yml | 9 --------- 1 file changed, 9 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index a9b39ac..0242da4 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -5,17 +5,11 @@ on: push jobs: test-job: runs-on: blacksmith-2vcpu-ubuntu-2204 - permissions: - id-token: write - contents: read steps: - run: echo "Hello world" build-test: runs-on: blacksmith-2vcpu-ubuntu-2204 - permissions: - id-token: write - contents: read steps: - uses: actions/checkout@v4 - uses: actions/setup-go@v5 @@ -33,9 +27,6 @@ jobs: goreleaser: runs-on: blacksmith-2vcpu-ubuntu-2204-arm - permissions: - id-token: write - contents: read needs: build-test if: startsWith(github.ref, 'refs/tags/v') steps: From 13c23cb559140fa9b6251c1b1777dfdf2d8357be Mon Sep 17 00:00:00 2001 From: Pawel Szczepaniak Date: Wed, 20 Aug 2025 15:50:01 +0200 Subject: [PATCH 10/22] Switch to ubuntu-latest --- .github/workflows/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 0242da4..69430b5 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -4,12 +4,12 @@ on: push jobs: test-job: - runs-on: blacksmith-2vcpu-ubuntu-2204 + runs-on: ubuntu-latest #blacksmith-2vcpu-ubuntu-2204 steps: - run: echo "Hello world" build-test: - runs-on: blacksmith-2vcpu-ubuntu-2204 + runs-on: ubuntu-latest #blacksmith-2vcpu-ubuntu-2204 steps: - uses: actions/checkout@v4 - uses: actions/setup-go@v5 From ecc0e3768b8fe2bb67ff6dee907ef49e16251a92 Mon Sep 17 00:00:00 2001 From: Pawel Szczepaniak Date: Wed, 20 Aug 2025 16:39:02 +0200 Subject: [PATCH 11/22] Fix lint issues --- cmd/main.go | 13 ++++++++--- internal/ssm.go | 2 +- internal/template.go | 9 ++++---- internal/template_test.go | 45 ++++++++++++++++++++++++++++++--------- 4 files changed, 50 insertions(+), 19 deletions(-) diff --git a/cmd/main.go b/cmd/main.go index 6b225fa..7bb9061 100644 --- a/cmd/main.go +++ b/cmd/main.go @@ -6,8 +6,8 @@ import ( "path/filepath" "strings" - hssm "github.com/tutti-ch/helm-ssm/internal" "github.com/spf13/cobra" + hssm "github.com/tutti-ch/helm-ssm/internal" ) var valueFiles valueFilesList @@ -53,7 +53,11 @@ func main() { f.StringVarP(&tagCleaned, "tag-cleaned", "t", "", "replace cleaned template commands with given string") f.StringVarP(&prefix, "prefix", "P", "", "prefix for all parameters without affecting the path. ignored if individual prefix is defined") - cmd.MarkFlagRequired("values") + err := cmd.MarkFlagRequired("values") + if err != nil { + fmt.Println("Error marking flag required:", err) + os.Exit(1) + } if err := cmd.Execute(); err != nil { fmt.Println(err) @@ -69,7 +73,10 @@ func run(cmd *cobra.Command, args []string) error { return err } if !dryRun { - write(filePath, targetDir, content) + err := write(filePath, targetDir, content) + if err != nil { + return fmt.Errorf("failed to write file %s: %w", filePath, err) + } } } return nil diff --git a/internal/ssm.go b/internal/ssm.go index 42ebb9e..ea91d25 100644 --- a/internal/ssm.go +++ b/internal/ssm.go @@ -15,7 +15,7 @@ func GetSSMParameter(svc ssmiface.SSMAPI, name string, defaultValue *string, dec r, _ := regexp.Compile(regex) match := r.FindString(name) if match == "" { - return nil, fmt.Errorf("There is an invalid character in the name of the parameter: %s. It should match %s", name, regex) + return nil, fmt.Errorf("there is an invalid character in the name of the parameter: %s. It should match %s", name, regex) } // Create the request to SSM getParameterInput := &ssm.GetParameterInput{ diff --git a/internal/template.go b/internal/template.go index c441db5..a9d170c 100644 --- a/internal/template.go +++ b/internal/template.go @@ -3,7 +3,6 @@ package hssm import ( "bytes" "fmt" - "io/ioutil" "os" "strings" "text/template" @@ -24,12 +23,12 @@ func WriteFileD(fileName string, targetDir string, content string) error { // WriteFile dumps a given content on the file with path `targetFilePath`. func WriteFile(targetFilePath string, content string) error { - return ioutil.WriteFile(targetFilePath, []byte(content), 0777) + return os.WriteFile(targetFilePath, []byte(content), 0777) } // ExecuteTemplate loads a template file, executes is against a given function map and writes the output func ExecuteTemplate(sourceFilePath string, funcMap template.FuncMap, verbose bool) (string, error) { - fileContent, err := ioutil.ReadFile(sourceFilePath) + fileContent, err := os.ReadFile(sourceFilePath) if err != nil { return "", err } @@ -43,7 +42,7 @@ func ExecuteTemplate(sourceFilePath string, funcMap template.FuncMap, verbose bo return "", err } if verbose { - fmt.Println(string(buf.Bytes())) + fmt.Println(buf.String()) } return buf.String(), nil } @@ -122,7 +121,7 @@ func handleOptions(options []string) (map[string]string, error) { for _, o := range options { split := strings.Split(o, "=") if len(split) != 2 { - return nil, fmt.Errorf("Invalid option: %s. Valid options: %s", o, validOptions) + return nil, fmt.Errorf("invalid option: %s. Valid options: %s", o, validOptions) } opts[split[0]] = split[1] } diff --git a/internal/template_test.go b/internal/template_test.go index 5f8d0f8..bcf913d 100644 --- a/internal/template_test.go +++ b/internal/template_test.go @@ -1,7 +1,7 @@ package hssm import ( - "io/ioutil" + "os" "syscall" "testing" "text/template" @@ -10,7 +10,7 @@ import ( ) func createTempFile() (string, error) { - file, err := ioutil.TempFile("", "") + file, err := os.CreateTemp("", "") if err != nil { return "", err } @@ -26,8 +26,15 @@ func TestExecuteTemplate(t *testing.T) { if err != nil { panic(err) } - defer syscall.Unlink(templateFilePath) - ioutil.WriteFile(templateFilePath, []byte(templateContent), 0644) + defer func() { + if err := syscall.Unlink(templateFilePath); err != nil { + t.Logf("Failed to unlink temp file: %v", err) + } + }() + err = os.WriteFile(templateFilePath, []byte(templateContent), 0644) + if err != nil { + t.Fatalf("Failed to write template file: %v", err) + } content, _ := ExecuteTemplate(templateFilePath, template.FuncMap{}, false) if content != expectedOutput { t.Errorf("Expected content \"%s\". Got \"%s\"", expectedOutput, content) @@ -43,8 +50,16 @@ func TestCleanTemplate(t *testing.T) { if err != nil { panic(err) } - defer syscall.Unlink(templateFilePath) - ioutil.WriteFile(templateFilePath, []byte(templateContent), 0644) + defer func() { + if err := syscall.Unlink(templateFilePath); err != nil { + t.Logf("Failed to unlink temp file: %v", err) + } + }() + err = os.WriteFile(templateFilePath, []byte(templateContent), 0644) + if err != nil { + t.Fatalf("Failed to write template file: %v", err) + } + cleanFuncMap := GetFuncMap("DUMMY", "", true, "") content, _ := ExecuteTemplate(templateFilePath, cleanFuncMap, false) if content != expectedOutput { @@ -62,8 +77,15 @@ func TestCleanAndTagTemplate(t *testing.T) { if err != nil { panic(err) } - defer syscall.Unlink(templateFilePath) - ioutil.WriteFile(templateFilePath, []byte(templateContent), 0644) + defer func() { + if err := syscall.Unlink(templateFilePath); err != nil { + t.Logf("Failed to unlink temp file: %v", err) + } + }() + err = os.WriteFile(templateFilePath, []byte(templateContent), 0644) + if err != nil { + t.Fatalf("Failed to write template file: %v", err) + } cleanFuncMap := GetFuncMap("DUMMY", "", true, cleanTag) content, _ := ExecuteTemplate(templateFilePath, cleanFuncMap, false) if content != expectedOutput { @@ -80,8 +102,11 @@ func TestWriteFile(t *testing.T) { if err != nil { panic(err) } - WriteFile(templateFilePath, templateContent) - fileContent, err := ioutil.ReadFile(templateFilePath) + err = WriteFile(templateFilePath, templateContent) + if err != nil { + t.Fatalf("Failed to write file: %v", err) + } + fileContent, err := os.ReadFile(templateFilePath) if err != nil { panic(err) } From 7821e48c154aeb4789c9754de646052df9dbd668 Mon Sep 17 00:00:00 2001 From: Pawel Szczepaniak Date: Wed, 20 Aug 2025 16:42:20 +0200 Subject: [PATCH 12/22] Build proper directory --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 69430b5..4846065 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -23,7 +23,7 @@ jobs: args: --timeout 10m --concurrency 4 - run: go mod download - run: go test -v ./.. - - run: go build . + - run: go build -o helm-ssm ./cmd goreleaser: runs-on: blacksmith-2vcpu-ubuntu-2204-arm From 14d0757f49fe6d33e9589507bd740914dc682294 Mon Sep 17 00:00:00 2001 From: Pawel Szczepaniak Date: Wed, 20 Aug 2025 16:42:56 +0200 Subject: [PATCH 13/22] Update safe directory --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 4846065..514a1bc 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -31,7 +31,7 @@ jobs: if: startsWith(github.ref, 'refs/tags/v') steps: - uses: actions/checkout@v4 - - run: git config --global --add safe.directory /__w/ccli/ccli + - run: git config --global --add safe.directory /__w/helm-ssm/helm-ssm - uses: actions/setup-go@v5 with: go-version: "1.23.10" From 1cb8a44dd9e43d62607fdb166b2d1fb195545692 Mon Sep 17 00:00:00 2001 From: Pawel Szczepaniak Date: Wed, 20 Aug 2025 16:46:26 +0200 Subject: [PATCH 14/22] Make tests in proper dir --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 514a1bc..6faa709 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -22,7 +22,7 @@ jobs: version: v1.62.2 args: --timeout 10m --concurrency 4 - run: go mod download - - run: go test -v ./.. + - run: go test -v ./internal - run: go build -o helm-ssm ./cmd goreleaser: From 5fb5a4a71c49473a83502e0a2d1fe455683d91f7 Mon Sep 17 00:00:00 2001 From: Pawel Szczepaniak Date: Wed, 20 Aug 2025 16:53:48 +0200 Subject: [PATCH 15/22] Fix failing test --- .github/workflows/main.yml | 9 ++++----- internal/ssm_test.go | 2 +- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 6faa709..335d369 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -3,13 +3,10 @@ name: build-release on: push jobs: - test-job: - runs-on: ubuntu-latest #blacksmith-2vcpu-ubuntu-2204 - steps: - - run: echo "Hello world" - build-test: runs-on: ubuntu-latest #blacksmith-2vcpu-ubuntu-2204 + permissions: + contents: write steps: - uses: actions/checkout@v4 - uses: actions/setup-go@v5 @@ -27,6 +24,8 @@ jobs: goreleaser: runs-on: blacksmith-2vcpu-ubuntu-2204-arm + permissions: + contents: write needs: build-test if: startsWith(github.ref, 'refs/tags/v') steps: diff --git a/internal/ssm_test.go b/internal/ssm_test.go index e6bdc49..b5f57a3 100644 --- a/internal/ssm_test.go +++ b/internal/ssm_test.go @@ -58,7 +58,7 @@ func TestGetSSMParameterInvalidChar(t *testing.T) { // Setup Test mockSvc := &mockSSMClient{} _, err := GetSSMParameter(mockSvc, key, nil, false) - assert.Error(t, err, "There is an invalid character in the name of the parameter: &%&/root/parameter5!$%&$&. It should match ([a-zA-Z0-9\\.\\-_/]*)") + assert.Error(t, err, "there is an invalid character in the name of the parameter: &%&/root/parameter5!$%&$&. It should match ([a-zA-Z0-9\\.\\-_/]*)") } // GetParameter is a mock for the SSM client From a19226dcd318f89b2192d78bee59e4f4904b8a49 Mon Sep 17 00:00:00 2001 From: Pawel Szczepaniak Date: Thu, 21 Aug 2025 09:24:47 +0200 Subject: [PATCH 16/22] Change runner to blacksmith-arm --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 335d369..dd48901 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -4,7 +4,7 @@ on: push jobs: build-test: - runs-on: ubuntu-latest #blacksmith-2vcpu-ubuntu-2204 + runs-on: blacksmith-2vcpu-ubuntu-2204-arm permissions: contents: write steps: From c543a72add7c65ffeb58e5061cb86532649e3bf6 Mon Sep 17 00:00:00 2001 From: Pawel Szczepaniak Date: Thu, 21 Aug 2025 10:07:33 +0200 Subject: [PATCH 17/22] Fix goreleaser --- .github/workflows/main.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index dd48901..0685e27 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -27,7 +27,7 @@ jobs: permissions: contents: write needs: build-test - if: startsWith(github.ref, 'refs/tags/v') +# if: startsWith(github.ref, 'refs/tags/v') steps: - uses: actions/checkout@v4 - run: git config --global --add safe.directory /__w/helm-ssm/helm-ssm @@ -38,6 +38,7 @@ jobs: with: version: latest args: release --clean -p 4 + workdir: "cmd/" env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} CGO_ENABLED: 0 # Required to run on Debian Buster for tutti-blocket deployment From 1fa737c4f65b860c13b3a4941744f15031b1eb0c Mon Sep 17 00:00:00 2001 From: Pawel Szczepaniak Date: Thu, 21 Aug 2025 10:26:35 +0200 Subject: [PATCH 18/22] Add snapshot to build on branch --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 0685e27..ea523e3 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -37,7 +37,7 @@ jobs: - uses: goreleaser/goreleaser-action@v5 with: version: latest - args: release --clean -p 4 + args: release --clean -p 4 --snapshot workdir: "cmd/" env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} From f51e35078c9e98e37601569ea90f9639d95792d7 Mon Sep 17 00:00:00 2001 From: Pawel Szczepaniak Date: Thu, 21 Aug 2025 10:30:00 +0200 Subject: [PATCH 19/22] Finish tests --- .github/workflows/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index ea523e3..05a0e44 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -27,7 +27,7 @@ jobs: permissions: contents: write needs: build-test -# if: startsWith(github.ref, 'refs/tags/v') + if: startsWith(github.ref, 'refs/tags/v') steps: - uses: actions/checkout@v4 - run: git config --global --add safe.directory /__w/helm-ssm/helm-ssm @@ -37,7 +37,7 @@ jobs: - uses: goreleaser/goreleaser-action@v5 with: version: latest - args: release --clean -p 4 --snapshot + args: release --clean -p 4 workdir: "cmd/" env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} From d03855e50c5060881619290575b0f4df20c8176d Mon Sep 17 00:00:00 2001 From: Pawel Szczepaniak Date: Thu, 21 Aug 2025 10:56:23 +0200 Subject: [PATCH 20/22] Fix getting download URL --- install-binary.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install-binary.sh b/install-binary.sh index c44c897..83717f5 100755 --- a/install-binary.sh +++ b/install-binary.sh @@ -74,7 +74,7 @@ getDownloadURL() { if [ $VERSION = 'latest' ]; then local latest_url="https://api.github.com/repos/$PROJECT_GH/releases/$VERSION" if type "curl" > /dev/null; then - DOWNLOAD_URL=$(curl -s $latest_url | sort -r | grep $OS -m3 | awk '/"browser_download_url":/{gsub( /[,"]/,"", $2); print $2}') + DOWNLOAD_URL=$(curl -s $latest_url | sort -r | grep $OS | grep $ARCH | awk '/"browser_download_url":/{gsub( /[,"]/,"", $2); print $2}') elif type "wget" > /dev/null; then DOWNLOAD_URL=$(wget -q -O - $latest_url | awk '/"browser_download_url":/{gsub( /[,"]/,"", $2); print $2}') fi From bff4c57afb2d1687b2f2e525ee86d6a60c818abe Mon Sep 17 00:00:00 2001 From: victor boissinot Date: Wed, 5 Nov 2025 09:51:50 +0100 Subject: [PATCH 21/22] Rework donwload url --- install-binary.sh | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/install-binary.sh b/install-binary.sh index 83717f5..d022089 100755 --- a/install-binary.sh +++ b/install-binary.sh @@ -49,14 +49,13 @@ initOS() { msys*) OS='windows';; # Minimalist GNU for Windows mingw*) OS='windows';; - darwin) OS='macos';; esac } # verifySupported checks that the os/arch combination is supported for # binary builds. verifySupported() { - local supported="linux-amd64\nmacos-amd64\nwindows-amd64\linux-arm-armv5\linux-arm-armv6\linux-arm-armv7\linux-arm-arm64" + local supported="linux-amd64\ndarwin-amd64\ndarwin-arm64\nwindows-amd64\nlinux-386\nlinux-arm64\nwindows-386\nwindows-arm64" if ! echo "${supported}" | grep -q "${OS}-${ARCH}"; then echo "No prebuild binary for ${OS}-${ARCH}." exit 1 @@ -73,10 +72,20 @@ getDownloadURL() { # Use the GitHub API to find the latest version for this project. if [ $VERSION = 'latest' ]; then local latest_url="https://api.github.com/repos/$PROJECT_GH/releases/$VERSION" + if type "curl" > /dev/null; then - DOWNLOAD_URL=$(curl -s $latest_url | sort -r | grep $OS | grep $ARCH | awk '/"browser_download_url":/{gsub( /[,"]/,"", $2); print $2}') + # Match the exact OS_ARCH pattern in browser_download_url to get the right binary + DOWNLOAD_URL=$(curl -sL "$latest_url" | grep "browser_download_url" | grep "${OS}_${ARCH}" | awk '/"browser_download_url":/{gsub( /[,"]/,"", $2); print $2}' | head -n1) elif type "wget" > /dev/null; then - DOWNLOAD_URL=$(wget -q -O - $latest_url | awk '/"browser_download_url":/{gsub( /[,"]/,"", $2); print $2}') + # Match the exact OS_ARCH pattern in browser_download_url to get the right binary + DOWNLOAD_URL=$(wget -q -O - "$latest_url" | grep "browser_download_url" | grep "${OS}_${ARCH}" | awk '/"browser_download_url":/{gsub( /[,"]/,"", $2); print $2}' | head -n1) + fi + + # Validate that a download URL was found + if [ -z "$DOWNLOAD_URL" ]; then + echo "Error: Could not find download URL for ${OS}-${ARCH}" + echo "Please check that a release exists at: $latest_url" + exit 1 fi else DOWNLOAD_URL="https://github.com/$PROJECT_GH/releases/download/$VERSION/helm-ssm-$OS.tgz" From f2ffe0f9d2119ab3b674d72d6c8edcceaf187663 Mon Sep 17 00:00:00 2001 From: victor boissinot Date: Wed, 5 Nov 2025 09:59:06 +0100 Subject: [PATCH 22/22] add logic to make authenticated call --- install-binary.sh | 36 ++++++++++++++++++++++++++++++------ 1 file changed, 30 insertions(+), 6 deletions(-) diff --git a/install-binary.sh b/install-binary.sh index d022089..d5134ba 100755 --- a/install-binary.sh +++ b/install-binary.sh @@ -72,15 +72,39 @@ getDownloadURL() { # Use the GitHub API to find the latest version for this project. if [ $VERSION = 'latest' ]; then local latest_url="https://api.github.com/repos/$PROJECT_GH/releases/$VERSION" + local response="" + + # Try authenticated request first if GITHUB_TOKEN is available + if [ -n "$GITHUB_TOKEN" ]; then + echo "Using authenticated GitHub API request" + if type "curl" > /dev/null; then + response=$(curl -sL -H "Authorization: Bearer $GITHUB_TOKEN" "$latest_url") + elif type "wget" > /dev/null; then + response=$(wget -q --header="Authorization: Bearer $GITHUB_TOKEN" -O - "$latest_url") + fi + + # Check if authentication failed (response contains "Bad credentials" or other error) + if echo "$response" | grep -q "Bad credentials\|API rate limit exceeded"; then + echo "Warning: GitHub authentication failed or rate limited, falling back to unauthenticated request" + response="" + fi + fi - if type "curl" > /dev/null; then - # Match the exact OS_ARCH pattern in browser_download_url to get the right binary - DOWNLOAD_URL=$(curl -sL "$latest_url" | grep "browser_download_url" | grep "${OS}_${ARCH}" | awk '/"browser_download_url":/{gsub( /[,"]/,"", $2); print $2}' | head -n1) - elif type "wget" > /dev/null; then - # Match the exact OS_ARCH pattern in browser_download_url to get the right binary - DOWNLOAD_URL=$(wget -q -O - "$latest_url" | grep "browser_download_url" | grep "${OS}_${ARCH}" | awk '/"browser_download_url":/{gsub( /[,"]/,"", $2); print $2}' | head -n1) + # Fall back to unauthenticated request if no token or authentication failed + if [ -z "$response" ]; then + if [ -z "$GITHUB_TOKEN" ]; then + echo "Using unauthenticated GitHub API request (rate limited to 60 requests/hour)" + fi + if type "curl" > /dev/null; then + response=$(curl -sL "$latest_url") + elif type "wget" > /dev/null; then + response=$(wget -q -O - "$latest_url") + fi fi + # Extract the download URL from the response + DOWNLOAD_URL=$(echo "$response" | grep "browser_download_url" | grep "${OS}_${ARCH}" | awk '/"browser_download_url":/{gsub( /[,"]/,"", $2); print $2}' | head -n1) + # Validate that a download URL was found if [ -z "$DOWNLOAD_URL" ]; then echo "Error: Could not find download URL for ${OS}-${ARCH}"