From b12532ecf78562205fe767cbf205e746f2f71ae6 Mon Sep 17 00:00:00 2001 From: Robi Nino Date: Sun, 25 Feb 2024 17:24:29 +0200 Subject: [PATCH 1/3] Update go.mod (#2453) --- go.mod | 8 ++++---- go.sum | 16 ++++++++-------- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/go.mod b/go.mod index 2f5f8962c..471bded4c 100644 --- a/go.mod +++ b/go.mod @@ -130,12 +130,12 @@ require ( gopkg.in/yaml.v3 v3.0.1 // indirect ) -// replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20240218115031-cc5c8b521695 +replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20240225151519-de88b95a3824 -// replace github.com/jfrog/jfrog-client-go => github.com/jfrog/jfrog-client-go v1.28.1-0.20240218093454-1c352a93c23d +replace github.com/jfrog/jfrog-client-go => github.com/jfrog/jfrog-client-go v1.28.1-0.20240225150756-e5fed3788eca -// replace github.com/jfrog/jfrog-cli-security => github.com/jfrog/jfrog-cli-security v1.0.2-0.20240215122147-517c589b5ada +replace github.com/jfrog/jfrog-cli-security => github.com/jfrog/jfrog-cli-security v1.0.4-0.20240225141439-cc8b9f3d1962 -// replace github.com/jfrog/build-info-go => github.com/jfrog/build-info-go v1.8.9-0.20231220102935-c8776c613ad8 +replace github.com/jfrog/build-info-go => github.com/jfrog/build-info-go v1.8.9-0.20240225113943-096bf22ca54c // replace github.com/jfrog/gofrog => github.com/jfrog/gofrog v1.3.3-0.20231223133729-ef57bd08cedc diff --git a/go.sum b/go.sum index 77db2b40a..4012807e8 100644 --- a/go.sum +++ b/go.sum @@ -121,18 +121,18 @@ github.com/jedib0t/go-pretty/v6 v6.5.4 h1:gOGo0613MoqUcf0xCj+h/V3sHDaZasfv152G6/ github.com/jedib0t/go-pretty/v6 v6.5.4/go.mod h1:5LQIxa52oJ/DlDSLv0HEkWOFMDGoWkJb9ss5KqPpJBg= github.com/jfrog/archiver/v3 v3.6.0 h1:OVZ50vudkIQmKMgA8mmFF9S0gA47lcag22N13iV3F1w= github.com/jfrog/archiver/v3 v3.6.0/go.mod h1:fCAof46C3rAXgZurS8kNRNdSVMKBbZs+bNNhPYxLldI= -github.com/jfrog/build-info-go v1.9.23 h1:+TwUIBEJwRvz9skR8xBfY5ti8Vl4Z6iMCkFbkclnEN0= -github.com/jfrog/build-info-go v1.9.23/go.mod h1:QHcKuesY4MrBVBuEwwBz4uIsX6mwYuMEDV09ng4AvAU= +github.com/jfrog/build-info-go v1.8.9-0.20240225113943-096bf22ca54c h1:M1QiuCYGCYN1IiGyxogrLzfetYGkkhE2pgDh5K4Wo9A= +github.com/jfrog/build-info-go v1.8.9-0.20240225113943-096bf22ca54c/go.mod h1:QHcKuesY4MrBVBuEwwBz4uIsX6mwYuMEDV09ng4AvAU= github.com/jfrog/gofrog v1.6.0 h1:jOwb37nHY2PnxePNFJ6e6279Pgkr3di05SbQQw47Mq8= github.com/jfrog/gofrog v1.6.0/go.mod h1:SZ1EPJUruxrVGndOzHd+LTiwWYKMlHqhKD+eu+v5Hqg= github.com/jfrog/jfrog-apps-config v1.0.1 h1:mtv6k7g8A8BVhlHGlSveapqf4mJfonwvXYLipdsOFMY= github.com/jfrog/jfrog-apps-config v1.0.1/go.mod h1:8AIIr1oY9JuH5dylz2S6f8Ym2MaadPLR6noCBO4C22w= -github.com/jfrog/jfrog-cli-core/v2 v2.48.1 h1:rRqI82btSFKFStGd7uEiheeBAuEjrw+ZZbE1abaKUBU= -github.com/jfrog/jfrog-cli-core/v2 v2.48.1/go.mod h1:9aZHtR9x7s9VUa5AalOjJkxMMPSgxXgQ5hdU3vzMwcs= -github.com/jfrog/jfrog-cli-security v1.0.3 h1:TUfPmMEavLZzxvHJSzuXg1m9OQolGL/atE8cRbuPvls= -github.com/jfrog/jfrog-cli-security v1.0.3/go.mod h1:NHmNHYlF6g4QSDyTQ3yUM57+WXZQfqskc2C1Mxj/FQY= -github.com/jfrog/jfrog-client-go v1.37.1 h1:BqIWGPajC5vhUo5dcQ9KEJr0EVANr/O4cfEqRYvzvRg= -github.com/jfrog/jfrog-client-go v1.37.1/go.mod h1:y+zeO0LeT2uHoHs4/fXHrm5dfF02bg6Dw3cNJxgJ5LY= +github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20240225151519-de88b95a3824 h1:nSqx+EdsuIzKsjS/5dkRaD9ak4db9IYMf/ggfCoahAE= +github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20240225151519-de88b95a3824/go.mod h1:aE5kYuqiZxu6hHkAQm34BvtGjLR8rk0/PUWpl4u5g0Q= +github.com/jfrog/jfrog-cli-security v1.0.4-0.20240225141439-cc8b9f3d1962 h1:dlVDm3q/gR/yHrTcABHjMucs5vT6JesEw6GwBQe4WK4= +github.com/jfrog/jfrog-cli-security v1.0.4-0.20240225141439-cc8b9f3d1962/go.mod h1:u2j9vEorky4zk7EWk+Bqw08o66p9tuW7LxVxW0boAMA= +github.com/jfrog/jfrog-client-go v1.28.1-0.20240225150756-e5fed3788eca h1:wgiw3iokmQ5uK+6+M50fyMQBsMJPQEbRYnwbAMUmPlI= +github.com/jfrog/jfrog-client-go v1.28.1-0.20240225150756-e5fed3788eca/go.mod h1:WhVrqiqhSNFwj58/RQIrJEd28PHH1LTD4eWE0vBXv1o= github.com/jszwec/csvutil v1.10.0 h1:upMDUxhQKqZ5ZDCs/wy+8Kib8rZR8I8lOR34yJkdqhI= github.com/jszwec/csvutil v1.10.0/go.mod h1:/E4ONrmGkwmWsk9ae9jpXnv9QT8pLHEPcCirMFhxG9I= github.com/kevinburke/ssh_config v1.2.0 h1:x584FjTGwHzMwvHx18PXxbBVzfnxogHaAReU4gf13a4= From e019c95290f867422e2d50218dd655f9e1ad4739 Mon Sep 17 00:00:00 2001 From: Yahav Itzhak Date: Mon, 4 Mar 2024 18:17:11 +0200 Subject: [PATCH 2/3] Update Windows signing (#2463) --- Jenkinsfile | 45 +++++++++++++++---------------------------- build/sign/Dockerfile | 6 ------ 2 files changed, 16 insertions(+), 35 deletions(-) delete mode 100644 build/sign/Dockerfile diff --git a/Jenkinsfile b/Jenkinsfile index fee148bc0..f94cf5cf2 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -118,6 +118,7 @@ def runRelease(architectures) { } } + // We sign the binary also for the standalone Windows executable, and not just for Windows executable packaged inside Chocolaty. downloadToolsCert() print "Uploading version $version to Repo21" uploadCli(architectures) @@ -159,8 +160,6 @@ def runRelease(architectures) { buildPublishDockerImages(version, jfrogCliRepoDir) } - // Download cert files, to be used for signing the Windows executable, packaged by Chocolatey. - downloadToolsCert() stage('Build and publish Chocolatey') { publishChocoPackageWithRetries(version, jfrogCliRepoDir, architectures) } @@ -228,16 +227,11 @@ def validateReleaseVersion() { def downloadToolsCert() { stage('Download tools cert') { - // Download the certificate file and key file, used for signing the JFrog CLI binary. - withCredentials([ - string(credentialsId: 'download-signing-cert-access-token', variable: 'DOWNLOAD_SIGNING_CERT_ACCESS_TOKEN'), - string(credentialsId: 'repo21-url', variable: 'REPO21_URL') - ]) { + // Download the certificate files, used for signing the JFrog CLI binary. + // To update the certificate before it is expired, download the digicert_sign.zip file and follow the instructions in the README file, which is packaged inside that zip. sh """#!/bin/bash - $builderPath rt dl installation-files/certificates/jfrog/jfrogltd_signingcer_full.tar.gz --url $REPO21_URL/artifactory --flat --access-token=$DOWNLOAD_SIGNING_CERT_ACCESS_TOKEN - """ - } - sh 'tar -xvzf jfrogltd_signingcer_full.tar.gz' + $builderPath rt dl ecosys-installation-files/certificates/jfrog/digicert_sign.zip "${cliWorkspace}/${jfrogCliRepoDir}build/sign/" --flat --explode + """ } } @@ -415,22 +409,14 @@ def build(goos, goarch, pkg, fileName) { env.GOARCH="" if (goos == 'windows') { - dir("${cliWorkspace}/certs-dir") { + dir("${jfrogCliRepoDir}build/sign") { // Move the jfrog executable into the 'sign' directory, so that it is signed there. - sh "mv $jfrogCliRepoDir/$fileName ${jfrogCliRepoDir}build/sign/${fileName}.unsigned" - // Copy all the certificate files into the 'sign' directory. - sh "cp -r ./ ${jfrogCliRepoDir}build/sign/" - // Pull the docker container, which signs the JFrog CLI binary. - // In order to build it locally, run the following command: - // "docker build -t jfrog-cli-sign-tool ${jfrogCliRepoDir}build/sign/" - sh """#!/bin/bash - $cliWorkspace/$builderPath rt docker-pull ${REPO_NAME_21}/ecosys-docker-local/jfrog-cli-sign-tool ecosys-docker-local - """ - // Run the pulled image in order to signs the JFrog CLI binary. - def signCmd = "osslsigncode sign -certs workspace/JFrog_Ltd_.crt -key workspace/jfrogltd.key -n JFrog_CLI -i https://www.jfrog.com/confluence/display/CLI/JFrog+CLI -in workspace/${fileName}.unsigned -out workspace/$fileName" - sh "docker run -v ${jfrogCliRepoDir}build/sign/:/workspace --rm ${REPO_NAME_21}/ecosys-docker-local/jfrog-cli-sign-tool $signCmd" + sh "mv $jfrogCliRepoDir/$fileName ${fileName}.unsigned" + sh "docker build -t jfrog-cli-sign-tool" + // Run the built image in order to signs the JFrog CLI binary. + sh "docker run --pull=never -v ${jfrogCliRepoDir}build/sign/:/home/frogger jfrog-cli-sign-tool -in ${fileName}.unsigned -out $fileName" // Move the JFrog CLI binary from the 'sign' directory, back to its original location. - sh "mv ${jfrogCliRepoDir}build/sign/$fileName $jfrogCliRepoDir" + sh "mv $fileName $jfrogCliRepoDir" } } } @@ -475,13 +461,16 @@ def installNpm(nodeVersion) { } def publishChocoPackageWithRetries(version, jfrogCliRepoDir, architectures) { + def architecture = architectures.find { it.goos == 'windows' && it.goarch == 'amd64' } + build(architecture.goos, architecture.goarch, architecture.pkg, "${cliExecutableName}.exe") + def maxAttempts = 10 def currentAttempt = 1 def waitSeconds = 18 while (currentAttempt <= maxAttempts) { try { - publishChocoPackage(version, jfrogCliRepoDir, architectures) + publishChocoPackage(version, jfrogCliRepoDir, architecture) echo "Successfully published Choco package!" return } catch (Exception e) { @@ -495,9 +484,7 @@ def publishChocoPackageWithRetries(version, jfrogCliRepoDir, architectures) { } } -def publishChocoPackage(version, jfrogCliRepoDir, architectures) { - def architecture = architectures.find { it.goos == 'windows' && it.goarch == 'amd64' } - build(architecture.goos, architecture.goarch, architecture.pkg, "${cliExecutableName}.exe") +def publishChocoPackage(version, jfrogCliRepoDir, architecture) { def packageName = "jfrog-cli" if (cliExecutableName == 'jf') { packageName="${packageName}-v2-jf" diff --git a/build/sign/Dockerfile b/build/sign/Dockerfile deleted file mode 100644 index 5f2afd5e3..000000000 --- a/build/sign/Dockerfile +++ /dev/null @@ -1,6 +0,0 @@ -# This Dockerfile sets up a container, which is used to sign the Windows binary of JFrog CLI. - -FROM ubuntu:16.04 -RUN echo "deb http://cz.archive.ubuntu.com/ubuntu xenial main universe" >> /etc/apt/sources.list -RUN apt -y update && apt install -y curl build-essential libssl-dev libcurl4-gnutls-dev autoconf osslsigncode -ADD . /workspace \ No newline at end of file From 9848b0cd3ac0df68f057c2b702e59f833bfe4383 Mon Sep 17 00:00:00 2001 From: Yahav Itzhak Date: Tue, 5 Mar 2024 10:12:21 +0200 Subject: [PATCH 3/3] Bump ver from 2.53.1 to 2.53.2 (#2464) --- build/npm/v2-jf/package-lock.json | 2 +- build/npm/v2-jf/package.json | 2 +- build/npm/v2/package-lock.json | 2 +- build/npm/v2/package.json | 2 +- go.mod | 8 ++++---- go.sum | 16 ++++++++-------- utils/cliutils/cli_consts.go | 2 +- 7 files changed, 17 insertions(+), 17 deletions(-) diff --git a/build/npm/v2-jf/package-lock.json b/build/npm/v2-jf/package-lock.json index 699a61dcb..09497675d 100644 --- a/build/npm/v2-jf/package-lock.json +++ b/build/npm/v2-jf/package-lock.json @@ -1,5 +1,5 @@ { "name": "jfrog-cli-v2-jf", - "version": "2.53.1", + "version": "2.53.2", "lockfileVersion": 1 } diff --git a/build/npm/v2-jf/package.json b/build/npm/v2-jf/package.json index 860ba7864..199f86d41 100644 --- a/build/npm/v2-jf/package.json +++ b/build/npm/v2-jf/package.json @@ -1,6 +1,6 @@ { "name": "jfrog-cli-v2-jf", - "version": "2.53.1", + "version": "2.53.2", "description": "🐸 Command-line interface for JFrog Artifactory, Xray, Distribution, Pipelines and Mission Control 🐸", "homepage": "https://github.com/jfrog/jfrog-cli", "preferGlobal": true, diff --git a/build/npm/v2/package-lock.json b/build/npm/v2/package-lock.json index 9c987eac5..1bf451e13 100644 --- a/build/npm/v2/package-lock.json +++ b/build/npm/v2/package-lock.json @@ -1,5 +1,5 @@ { "name": "jfrog-cli-v2", - "version": "2.53.1", + "version": "2.53.2", "lockfileVersion": 2 } diff --git a/build/npm/v2/package.json b/build/npm/v2/package.json index 55b419b72..6dbfb3dea 100644 --- a/build/npm/v2/package.json +++ b/build/npm/v2/package.json @@ -1,6 +1,6 @@ { "name": "jfrog-cli-v2", - "version": "2.53.1", + "version": "2.53.2", "description": "🐸 Command-line interface for JFrog Artifactory, Xray, Distribution, Pipelines and Mission Control 🐸", "homepage": "https://github.com/jfrog/jfrog-cli", "preferGlobal": true, diff --git a/go.mod b/go.mod index 471bded4c..bd97c537d 100644 --- a/go.mod +++ b/go.mod @@ -130,12 +130,12 @@ require ( gopkg.in/yaml.v3 v3.0.1 // indirect ) -replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20240225151519-de88b95a3824 +// replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20240225151519-de88b95a3824 -replace github.com/jfrog/jfrog-client-go => github.com/jfrog/jfrog-client-go v1.28.1-0.20240225150756-e5fed3788eca +// replace github.com/jfrog/jfrog-client-go => github.com/jfrog/jfrog-client-go v1.28.1-0.20240225150756-e5fed3788eca -replace github.com/jfrog/jfrog-cli-security => github.com/jfrog/jfrog-cli-security v1.0.4-0.20240225141439-cc8b9f3d1962 +// replace github.com/jfrog/jfrog-cli-security => github.com/jfrog/jfrog-cli-security v1.0.4-0.20240225141439-cc8b9f3d1962 -replace github.com/jfrog/build-info-go => github.com/jfrog/build-info-go v1.8.9-0.20240225113943-096bf22ca54c +// replace github.com/jfrog/build-info-go => github.com/jfrog/build-info-go v1.8.9-0.20240225113943-096bf22ca54c // replace github.com/jfrog/gofrog => github.com/jfrog/gofrog v1.3.3-0.20231223133729-ef57bd08cedc diff --git a/go.sum b/go.sum index 4012807e8..77db2b40a 100644 --- a/go.sum +++ b/go.sum @@ -121,18 +121,18 @@ github.com/jedib0t/go-pretty/v6 v6.5.4 h1:gOGo0613MoqUcf0xCj+h/V3sHDaZasfv152G6/ github.com/jedib0t/go-pretty/v6 v6.5.4/go.mod h1:5LQIxa52oJ/DlDSLv0HEkWOFMDGoWkJb9ss5KqPpJBg= github.com/jfrog/archiver/v3 v3.6.0 h1:OVZ50vudkIQmKMgA8mmFF9S0gA47lcag22N13iV3F1w= github.com/jfrog/archiver/v3 v3.6.0/go.mod h1:fCAof46C3rAXgZurS8kNRNdSVMKBbZs+bNNhPYxLldI= -github.com/jfrog/build-info-go v1.8.9-0.20240225113943-096bf22ca54c h1:M1QiuCYGCYN1IiGyxogrLzfetYGkkhE2pgDh5K4Wo9A= -github.com/jfrog/build-info-go v1.8.9-0.20240225113943-096bf22ca54c/go.mod h1:QHcKuesY4MrBVBuEwwBz4uIsX6mwYuMEDV09ng4AvAU= +github.com/jfrog/build-info-go v1.9.23 h1:+TwUIBEJwRvz9skR8xBfY5ti8Vl4Z6iMCkFbkclnEN0= +github.com/jfrog/build-info-go v1.9.23/go.mod h1:QHcKuesY4MrBVBuEwwBz4uIsX6mwYuMEDV09ng4AvAU= github.com/jfrog/gofrog v1.6.0 h1:jOwb37nHY2PnxePNFJ6e6279Pgkr3di05SbQQw47Mq8= github.com/jfrog/gofrog v1.6.0/go.mod h1:SZ1EPJUruxrVGndOzHd+LTiwWYKMlHqhKD+eu+v5Hqg= github.com/jfrog/jfrog-apps-config v1.0.1 h1:mtv6k7g8A8BVhlHGlSveapqf4mJfonwvXYLipdsOFMY= github.com/jfrog/jfrog-apps-config v1.0.1/go.mod h1:8AIIr1oY9JuH5dylz2S6f8Ym2MaadPLR6noCBO4C22w= -github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20240225151519-de88b95a3824 h1:nSqx+EdsuIzKsjS/5dkRaD9ak4db9IYMf/ggfCoahAE= -github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20240225151519-de88b95a3824/go.mod h1:aE5kYuqiZxu6hHkAQm34BvtGjLR8rk0/PUWpl4u5g0Q= -github.com/jfrog/jfrog-cli-security v1.0.4-0.20240225141439-cc8b9f3d1962 h1:dlVDm3q/gR/yHrTcABHjMucs5vT6JesEw6GwBQe4WK4= -github.com/jfrog/jfrog-cli-security v1.0.4-0.20240225141439-cc8b9f3d1962/go.mod h1:u2j9vEorky4zk7EWk+Bqw08o66p9tuW7LxVxW0boAMA= -github.com/jfrog/jfrog-client-go v1.28.1-0.20240225150756-e5fed3788eca h1:wgiw3iokmQ5uK+6+M50fyMQBsMJPQEbRYnwbAMUmPlI= -github.com/jfrog/jfrog-client-go v1.28.1-0.20240225150756-e5fed3788eca/go.mod h1:WhVrqiqhSNFwj58/RQIrJEd28PHH1LTD4eWE0vBXv1o= +github.com/jfrog/jfrog-cli-core/v2 v2.48.1 h1:rRqI82btSFKFStGd7uEiheeBAuEjrw+ZZbE1abaKUBU= +github.com/jfrog/jfrog-cli-core/v2 v2.48.1/go.mod h1:9aZHtR9x7s9VUa5AalOjJkxMMPSgxXgQ5hdU3vzMwcs= +github.com/jfrog/jfrog-cli-security v1.0.3 h1:TUfPmMEavLZzxvHJSzuXg1m9OQolGL/atE8cRbuPvls= +github.com/jfrog/jfrog-cli-security v1.0.3/go.mod h1:NHmNHYlF6g4QSDyTQ3yUM57+WXZQfqskc2C1Mxj/FQY= +github.com/jfrog/jfrog-client-go v1.37.1 h1:BqIWGPajC5vhUo5dcQ9KEJr0EVANr/O4cfEqRYvzvRg= +github.com/jfrog/jfrog-client-go v1.37.1/go.mod h1:y+zeO0LeT2uHoHs4/fXHrm5dfF02bg6Dw3cNJxgJ5LY= github.com/jszwec/csvutil v1.10.0 h1:upMDUxhQKqZ5ZDCs/wy+8Kib8rZR8I8lOR34yJkdqhI= github.com/jszwec/csvutil v1.10.0/go.mod h1:/E4ONrmGkwmWsk9ae9jpXnv9QT8pLHEPcCirMFhxG9I= github.com/kevinburke/ssh_config v1.2.0 h1:x584FjTGwHzMwvHx18PXxbBVzfnxogHaAReU4gf13a4= diff --git a/utils/cliutils/cli_consts.go b/utils/cliutils/cli_consts.go index 489f3c3f5..369afd1cf 100644 --- a/utils/cliutils/cli_consts.go +++ b/utils/cliutils/cli_consts.go @@ -4,7 +4,7 @@ import "time" const ( // General CLI constants - CliVersion = "2.53.1" + CliVersion = "2.53.2" ClientAgent = "jfrog-cli-go" // CLI base commands constants: