diff --git a/.github/actions/build_aws_eif/action.yaml b/.github/actions/build_aws_eif/action.yaml
index d37b91a26..f17523a44 100644
--- a/.github/actions/build_aws_eif/action.yaml
+++ b/.github/actions/build_aws_eif/action.yaml
@@ -17,6 +17,9 @@ inputs:
version_number_input:
description: If set, the version number will not be incremented and the given number will be used.
default: ''
+ commit_sha:
+ description: The commit SHA for committing the new version for pom.xml.
+ default: ''
outputs:
enclave_id:
@@ -27,18 +30,10 @@ runs:
using: "composite"
steps:
- - name: Checkout full history on Main
- uses: actions/checkout@v4
- if: ${{ inputs.version_number_input == '' }}
- with:
- # git-restore-mtime requires full git history. The default fetch-depth value (1) creates a shallow checkout.
- fetch-depth: 0
-
- - name: Checkout full history at tag v${{ inputs.version_number_input }}
+ - name: Checkout full history at commit sha ${{ inputs.commit_sha }}
uses: actions/checkout@v4
- if: ${{ inputs.version_number_input != '' }}
with:
- ref: v${{ inputs.version_number_input }}
+ ref: ${{ inputs.commit_sha }}
# git-restore-mtime requires full git history. The default fetch-depth value (1) creates a shallow checkout.
fetch-depth: 0
@@ -75,12 +70,12 @@ runs:
echo "${{ inputs.identity_scope }}" | tr '[:lower:]' '[:upper:]' > ${{ steps.buildFolder.outputs.BUILD_FOLDER }}/identity_scope.txt
cat ${{ steps.buildFolder.outputs.BUILD_FOLDER }}/identity_scope.txt
- - name: Get version number from pom.xml
+ - name: Get version number
shell: bash
run: |
- grep -o '.*' ./pom.xml | head -1 | sed 's/\(.*\)<\/version>/\1/' > ${{ steps.buildFolder.outputs.BUILD_FOLDER }}/version_number.txt
+ echo ${{ inputs.version_number_input }} > ${{ steps.buildFolder.outputs.BUILD_FOLDER }}/version_number.txt
cat ${{ steps.buildFolder.outputs.BUILD_FOLDER }}/version_number.txt
-
+
- name: Build EIF
shell: bash
run: |
diff --git a/.github/actions/update_operator_version/action.yaml b/.github/actions/update_operator_version/action.yaml
index b681e01b9..76e9bfbd1 100644
--- a/.github/actions/update_operator_version/action.yaml
+++ b/.github/actions/update_operator_version/action.yaml
@@ -10,6 +10,9 @@ inputs:
default: ''
image_tag_suffix:
description: Suffix to apply to the docker image tag
+ commit_sha:
+ description: The commit SHA for committing the new version for pom.xml.
+ default: ''
outputs:
@@ -22,6 +25,9 @@ outputs:
image_tag:
description: The tag to use for the docker image
value: ${{ steps.updatePom.outputs.image_tag }}
+ commit_sha:
+ description: The commit SHA for committing the new version for pom.xml
+ value: ${{ steps.get-commit-sha.outputs.commit_sha }}
runs:
using: "composite"
@@ -92,20 +98,36 @@ runs:
echo "image_tag=${{ steps.version.outputs.new_version }}-${{ inputs.image_tag_suffix }}" >> $GITHUB_OUTPUT
- name: Commit pom.xml and version.json
+ id: commit-without-tag
if: ${{ inputs.version_number_input == '' && steps.checkRelease.outputs.is_release != 'true' }}
- uses: IABTechLab/uid2-shared-actions/actions/commit_pr_and_merge@v2
+ uses: IABTechLab/uid2-shared-actions/actions/commit_pr_and_merge@kcc-UID2-4116-fix-euid-version-problem
with:
add: 'pom.xml version.json'
message: 'Released ${{ inputs.release_type }} version: ${{ steps.version.outputs.new_version }}'
- name: Commit pom.xml, version.json and set tag
+ id: commit-and-tag
if: ${{ inputs.version_number_input == '' && steps.checkRelease.outputs.is_release == 'true' }}
- uses: IABTechLab/uid2-shared-actions/actions/commit_pr_and_merge@v2
+ uses: IABTechLab/uid2-shared-actions/actions/commit_pr_and_merge@kcc-UID2-4116-fix-euid-version-problem
with:
add: 'pom.xml version.json'
message: 'Released ${{ inputs.release_type }} version: ${{ steps.version.outputs.new_version }}'
tag: v${{ steps.version.outputs.new_version }}
+ - name: Get value of commit_sha
+ id: get-commit-sha
+ shell: bash
+ run: |
+ if [[ "${{ inputs.commit_sha }}" != "" ]]; then
+ echo "commit_sha=${{ inputs.commit_sha }}" >> $GITHUB_OUTPUT
+ elif [[ ${{ inputs.version_number_input == '' && steps.checkRelease.outputs.is_release != 'true' }} ]]; then
+ echo "commit_sha=${{ steps.commit-without-tag.outputs.commit_sha }}" >> $GITHUB_OUTPUT
+ elif [[ ${{ inputs.version_number_input == '' && steps.checkRelease.outputs.is_release == 'true' }} ]]; then
+ echo "commit_sha=${{ steps.commit-and-tag.outputs.commit_sha }}" >> $GITHUB_OUTPUT
+ else
+ echo "ERROR: Can't determine commit_sha"
+ fi
+
- name: Check disk usage
shell: bash
run: |
diff --git a/.github/workflows/publish-all-operators.yaml b/.github/workflows/publish-all-operators.yaml
index 6bf496f1e..a4c679b67 100644
--- a/.github/workflows/publish-all-operators.yaml
+++ b/.github/workflows/publish-all-operators.yaml
@@ -24,6 +24,7 @@ jobs:
runs-on: ubuntu-latest
outputs:
new_version: ${{ steps.version.outputs.new_version }}
+ commit_sha: ${{ steps.commit-and-tag.outputs.commit_sha }}
steps:
- name: Approve Major release
if: inputs.release_type == 'Major'
@@ -73,12 +74,13 @@ jobs:
echo "Version number updated from $current_version to $new_version"
- name: Commit pom.xml, version.json and set tag
- uses: IABTechLab/uid2-shared-actions/actions/commit_pr_and_merge@v2
+ id: commit-and-tag
+ uses: IABTechLab/uid2-shared-actions/actions/commit_pr_and_merge@kcc-UID2-4116-fix-euid-version-problem
with:
add: 'pom.xml version.json'
message: 'Released ${{ inputs.release_type }} version: ${{ steps.version.outputs.new_version }}'
tag: v${{ steps.version.outputs.new_version }}
-
+
buildPublic:
name: Public Operator
needs: start
@@ -96,6 +98,7 @@ jobs:
with:
release_type: ${{ inputs.release_type }}
version_number_input: ${{ needs.start.outputs.new_version }}
+ commit_sha: ${{ needs.start.outputs.commit_sha }}
vulnerability_severity: ${{ inputs.vulnerability_severity }}
secrets: inherit
@@ -106,6 +109,7 @@ jobs:
with:
release_type: ${{ inputs.release_type }}
version_number_input: ${{ needs.start.outputs.new_version }}
+ commit_sha: ${{ needs.start.outputs.commit_sha }}
vulnerability_severity: ${{ inputs.vulnerability_severity }}
secrets: inherit
@@ -116,6 +120,7 @@ jobs:
with:
release_type: ${{ inputs.release_type }}
version_number_input: ${{ needs.start.outputs.new_version }}
+ commit_sha: ${{ needs.start.outputs.commit_sha }}
secrets: inherit
createRelease:
diff --git a/.github/workflows/publish-aws-nitro-eif.yaml b/.github/workflows/publish-aws-nitro-eif.yaml
index 89b45991d..cc91fcecb 100644
--- a/.github/workflows/publish-aws-nitro-eif.yaml
+++ b/.github/workflows/publish-aws-nitro-eif.yaml
@@ -25,6 +25,10 @@ on:
description: If set, the version number will not be incremented and the given number will be used.
type: string
default: ''
+ commit_sha:
+ description: The commit SHA for committing the new version for pom.xml.
+ type: string
+ default: ''
env:
ENCLAVE_PROTOCOL: aws-nitro
@@ -37,16 +41,18 @@ jobs:
steps:
- name: Update Operator Version
id: update_version
- uses: IABTechLab/uid2-operator/.github/actions/update_operator_version@main
+ uses: IABTechLab/uid2-operator/.github/actions/update_operator_version@kcc-UID2-4116-fix-euid-version-problem
with:
release_type: ${{ inputs.release_type }}
version_number_input: ${{ inputs.version_number_input }}
image_tag_suffix: ${{ env.ENCLAVE_PROTOCOL }}
+ commit_sha: ${{ inputs.commit_sha }}
outputs:
new_version: ${{ steps.update_version.outputs.new_version }}
is_release: ${{ steps.update_version.outputs.is_release }}
image_tag: ${{ steps.update_version.outputs.image_tag }}
+ commit_sha: ${{ steps.update_version.outputs.commit_sha }}
buildUID2EIF:
name: Build UID2 EIF
@@ -55,13 +61,14 @@ jobs:
steps:
- name: Build UID2 AWS EIF
id: build_uid2_eif
- uses: IABTechLab/uid2-operator/.github/actions/build_aws_eif@main
+ uses: IABTechLab/uid2-operator/.github/actions/build_aws_eif@kcc-UID2-4116-fix-euid-version-problem
with:
identity_scope: uid2
artifacts_base_output_dir: ${{ env.ARTIFACTS_BASE_OUTPUT_DIR }}/uid2
amazonlinux_dockerfile: ./scripts/aws/pipeline/amazonlinux2023.Dockerfile
makefile: Makefile.eif
- version_number_input: ${{ inputs.version_number_input }}
+ version_number_input: ${{ needs.start.outputs.new_version }}
+ commit_sha: ${{ needs.start.outputs.commit_sha }}
- name: Check disk usage
shell: bash
@@ -90,12 +97,14 @@ jobs:
steps:
- name: Build EUID AWS EIF
id: build_euid_eif
- uses: IABTechLab/uid2-operator/.github/actions/build_aws_eif@main
+ uses: IABTechLab/uid2-operator/.github/actions/build_aws_eif@kcc-UID2-4116-fix-euid-version-problem
with:
identity_scope: euid
artifacts_base_output_dir: ${{ env.ARTIFACTS_BASE_OUTPUT_DIR }}/euid
amazonlinux_dockerfile: ./scripts/aws/pipeline/amazonlinux2023.Dockerfile
makefile: Makefile.eif
+ version_number_input: ${{ needs.start.outputs.new_version }}
+ commit_sha: ${{ needs.start.outputs.commit_sha }}
- name: Check disk usage
shell: bash
diff --git a/.github/workflows/publish-azure-cc-enclave-docker.yaml b/.github/workflows/publish-azure-cc-enclave-docker.yaml
index 9a62785dc..3e4d07aa0 100644
--- a/.github/workflows/publish-azure-cc-enclave-docker.yaml
+++ b/.github/workflows/publish-azure-cc-enclave-docker.yaml
@@ -33,6 +33,10 @@ on:
description: If set, the version number will not be incremented and the given number will be used.
type: string
default: ''
+ commit_sha:
+ description: The commit SHA for committing the new version for pom.xml.
+ type: string
+ default: ''
vulnerability_severity:
description: The severity to fail the workflow if such vulnerability is detected. DO NOT override it unless a Jira ticket is raised. Must be one of ['CRITICAL', 'CRITICAL,HIGH' or 'CRITICAL,HIGH,MEDIUM'] (without space in between).
type: string
@@ -68,11 +72,12 @@ jobs:
steps:
- name: Update Operator Version
id: update_version
- uses: IABTechLab/uid2-operator/.github/actions/update_operator_version@main
+ uses: IABTechLab/uid2-operator/.github/actions/update_operator_version@kcc-UID2-4116-fix-euid-version-problem
with:
release_type: ${{ inputs.release_type }}
version_number_input: ${{ inputs.version_number_input }}
image_tag_suffix: ${{ env.ENCLAVE_PROTOCOL }}
+ commit_sha: ${{ inputs.commit_sha }}
- name: Set up JDK
uses: actions/setup-java@v4
diff --git a/.github/workflows/publish-gcp-oidc-enclave-docker.yaml b/.github/workflows/publish-gcp-oidc-enclave-docker.yaml
index 705dfb1c9..b33e0a619 100644
--- a/.github/workflows/publish-gcp-oidc-enclave-docker.yaml
+++ b/.github/workflows/publish-gcp-oidc-enclave-docker.yaml
@@ -32,6 +32,10 @@ on:
description: If set, the version number will not be incremented and the given number will be used.
type: string
default: ''
+ commit_sha:
+ description: The commit SHA for committing the new version for pom.xml.
+ type: string
+ default: ''
vulnerability_severity:
description: The severity to fail the workflow if such vulnerability is detected. DO NOT override it unless a Jira ticket is raised. Must be one of ['CRITICAL', 'CRITICAL,HIGH' or 'CRITICAL,HIGH,MEDIUM'] (without space in between).
type: string
@@ -69,11 +73,12 @@ jobs:
steps:
- name: Update Operator Version
id: update_version
- uses: IABTechLab/uid2-operator/.github/actions/update_operator_version@main
+ uses: IABTechLab/uid2-operator/.github/actions/update_operator_version@kcc-UID2-4116-fix-euid-version-problem
with:
release_type: ${{ inputs.release_type }}
version_number_input: ${{ inputs.version_number_input }}
image_tag_suffix: ${{ env.ENCLAVE_PROTOCOL }}
+ commit_sha: ${{ inputs.commit_sha }}
- name: Set up JDK
uses: actions/setup-java@v4
diff --git a/pom.xml b/pom.xml
index 0ca0d7c0b..85845eadc 100644
--- a/pom.xml
+++ b/pom.xml
@@ -6,7 +6,7 @@
com.uid2
uid2-operator
- 5.39.34
+ 5.39.36-alpha-150-SNAPSHOT
UTF-8