├── s2i ├── _test │ └── .gitkeep ├── entrypoint.sh ├── Dockerfile ├── LICENSE ├── README.md └── action.yml ├── set-helm-version ├── _test │ ├── .gitkeep │ └── Chart.yaml ├── requirements.in ├── entrypoint.py ├── action.yml ├── README.md ├── Dockerfile └── requirements.txt ├── confbatstest ├── version.json ├── _test │ ├── template.yml │ └── conftest.sh ├── requirements.in ├── Dockerfile ├── action.yml ├── README.md ├── entrypoint.sh ├── Dockerfile_build └── requirements.txt ├── get-image-version ├── _test │ └── version.json └── action.yml ├── kyverno-cli ├── version.json ├── requirements.in ├── _test │ ├── namespace.yaml │ ├── kyverno.sh │ └── policy.yaml ├── Dockerfile ├── entrypoint.sh ├── action.yml ├── README.md ├── Dockerfile_build └── requirements.txt ├── github-dispatches ├── version.json ├── Dockerfile ├── action.yml ├── README.md ├── Dockerfile_build └── entrypoint.sh ├── redhat-csp-download ├── version.json ├── ansible │ ├── requirements.yml │ ├── requirements.in │ ├── download.yml │ └── requirements.txt ├── Dockerfile ├── action.yml ├── entrypoint.sh ├── README.md └── Dockerfile_build ├── CODEOWNERS ├── chart-repo-pr-action ├── images │ └── chart-repo-pr-action.png ├── Dockerfile ├── action.yml ├── entrypoint.sh └── README.md ├── .github ├── PULL_REQUEST_TEMPLATE.md ├── dependabot.yaml └── workflows │ ├── disconnected-csv.yaml │ ├── ssh-agent-build.yaml │ ├── github-dispatches.yaml │ ├── kyverno-cli.yaml │ ├── set-helm-version.yaml │ ├── confbatstest.yaml │ ├── get-image-version.yaml │ ├── redhat-csp-download.yaml │ ├── github-dispatches-build.yaml │ ├── redhat-csp-download-build.yaml │ ├── kyverno-cli-build.yaml │ ├── scorecard.yml │ ├── ssh-agent.yaml │ └── confbatstest-build.yaml ├── SECURITY.md ├── ssh-agent ├── action.yml ├── eslint.config.cjs ├── package.json ├── index.js └── README.md ├── .gitignore ├── .pre-commit-config.yaml ├── renovate.json ├── disconnected-csv ├── action.yml ├── add_related_image.py ├── Dockerfile ├── attach_image_digests.sh ├── tests │ └── sample-clusterserviceversion.yaml └── README.md ├── README.md └── LICENSE /s2i/_test/.gitkeep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /set-helm-version/_test/.gitkeep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /confbatstest/version.json: -------------------------------------------------------------------------------- 1 | { 2 | "version": "v4.5.0" 3 | } 4 | -------------------------------------------------------------------------------- /get-image-version/_test/version.json: -------------------------------------------------------------------------------- 1 | {"version":"v1.32.1"} 2 | -------------------------------------------------------------------------------- /kyverno-cli/version.json: -------------------------------------------------------------------------------- 1 | { 2 | "version": "v4.4.0" 3 | } 4 | -------------------------------------------------------------------------------- /github-dispatches/version.json: -------------------------------------------------------------------------------- 1 | { 2 | "version": "v4.4.0" 3 | } 4 | -------------------------------------------------------------------------------- /redhat-csp-download/version.json: -------------------------------------------------------------------------------- 1 | { 2 | "version": "v4.4.0" 3 | } 4 | -------------------------------------------------------------------------------- /set-helm-version/requirements.in: -------------------------------------------------------------------------------- 1 | pip==24.1 2 | ruamel.yaml==0.18.6 3 | ruamel.yaml.clib==0.2.12 4 | -------------------------------------------------------------------------------- /CODEOWNERS: -------------------------------------------------------------------------------- 1 | # https://github.com/orgs/redhat-cop/teams/github-actions-mergers 2 | * @redhat-cop/github-actions-mergers 3 | -------------------------------------------------------------------------------- /redhat-csp-download/ansible/requirements.yml: -------------------------------------------------------------------------------- 1 | --- 2 | collections: 3 | - name: middleware_automation.redhat_csp_download 4 | -------------------------------------------------------------------------------- /confbatstest/_test/template.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: template.openshift.io/v1 3 | kind: Template 4 | metadata: 5 | name: Foo 6 | -------------------------------------------------------------------------------- /confbatstest/requirements.in: -------------------------------------------------------------------------------- 1 | argcomplete==3.6.3 2 | pip==24.1 3 | PyYAML==6.0.3 4 | tomlkit==0.13.3 5 | xmltodict==1.0.2 6 | yq==3.4.3 7 | -------------------------------------------------------------------------------- /kyverno-cli/requirements.in: -------------------------------------------------------------------------------- 1 | argcomplete==3.5.2 2 | pip==24.1 3 | PyYAML==6.0.2 4 | tomlkit==0.13.2 5 | xmltodict==0.14.2 6 | yq==3.4.3 7 | -------------------------------------------------------------------------------- /kyverno-cli/_test/namespace.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: test 5 | labels: 6 | app.kubernetes.io/name: test 7 | -------------------------------------------------------------------------------- /chart-repo-pr-action/images/chart-repo-pr-action.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/redhat-cop/github-actions/HEAD/chart-repo-pr-action/images/chart-repo-pr-action.png -------------------------------------------------------------------------------- /s2i/entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | echo "This action is deprecated, please migrate to: https://github.com/marketplace/actions/source-to-image-build" 4 | exit 1 5 | -------------------------------------------------------------------------------- /confbatstest/_test/conftest.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bats 2 | 3 | @test "template.yml" { 4 | run conftest test confbatstest/_test/template.yml --rego-version v0 5 | 6 | [ "$status" -eq 0 ] 7 | } 8 | -------------------------------------------------------------------------------- /.github/PULL_REQUEST_TEMPLATE.md: -------------------------------------------------------------------------------- 1 | #### What is this PR About? 2 | Describe the contents of the PR 3 | 4 | #### How do we test this? 5 | Provide commands/steps to test this PR. 6 | 7 | cc: @redhat-cop/github-actions 8 | -------------------------------------------------------------------------------- /kyverno-cli/_test/kyverno.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bats 2 | 3 | @test "namespace.yaml" { 4 | run kyverno apply kyverno-cli/_test/policy.yaml --resource kyverno-cli/_test/namespace.yaml 5 | 6 | [ "$status" -eq 0 ] 7 | } 8 | -------------------------------------------------------------------------------- /.github/dependabot.yaml: -------------------------------------------------------------------------------- 1 | version: 2 2 | updates: 3 | 4 | - package-ecosystem: "github-actions" 5 | directory: "/" 6 | schedule: 7 | # Check for updates to GitHub Actions every weekday 8 | interval: "monthly" 9 | -------------------------------------------------------------------------------- /confbatstest/Dockerfile: -------------------------------------------------------------------------------- 1 | # renovate: datasource=github-releases depName=redhat-cop/github-actions 2 | FROM ghcr.io/redhat-cop/github-actions/confbatstest:v4.5@sha256:14ed9e3c82b7c5ef672fd0075ca94ae3cdaf7b026a404d4d62b713c7cdb9c93c 3 | -------------------------------------------------------------------------------- /kyverno-cli/Dockerfile: -------------------------------------------------------------------------------- 1 | # renovate: datasource=github-releases depName=redhat-cop/github-actions 2 | FROM ghcr.io/redhat-cop/github-actions/kyverno-cli:v4.4.0@sha256:0fc78e89d82a8f35a6fae7c07a3e46f8e7dee25e0c130d96360fd4439478180e 3 | -------------------------------------------------------------------------------- /github-dispatches/Dockerfile: -------------------------------------------------------------------------------- 1 | # renovate: datasource=github-releases depName=redhat-cop/github-actions 2 | FROM ghcr.io/redhat-cop/github-actions/github-dispatches:v4.4.0@sha256:ff22df6a117e5bc1d7ff06d126c7e20d08fcee6acaa4094ee319d5508d67c682 3 | -------------------------------------------------------------------------------- /redhat-csp-download/Dockerfile: -------------------------------------------------------------------------------- 1 | # renovate: datasource=github-releases depName=redhat-cop/github-actions 2 | FROM ghcr.io/redhat-cop/github-actions/redhat-csp-download:v4.4.0@sha256:df6e126ade2f52ebe45efe13f2cd7c825bd6a2203086c1fee4cc7b7d87ab11b0 3 | -------------------------------------------------------------------------------- /set-helm-version/_test/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: test-chart 3 | description: A Chart.yaml file to use for testing the set-helm-version GitHub Action 4 | 5 | type: application 6 | 7 | version: v1.0.0 8 | 9 | appVersion: v1.0.0 10 | -------------------------------------------------------------------------------- /SECURITY.md: -------------------------------------------------------------------------------- 1 | # Security Policy 2 | 3 | ## Supported Versions 4 | 5 | Only the latest version is supported. 6 | 7 | ## Reporting a Vulnerability 8 | 9 | For any issues or concerns, please contact: [@container-cop-core](https://github.com/orgs/redhat-cop/teams/container-cop-core) 10 | -------------------------------------------------------------------------------- /redhat-csp-download/ansible/requirements.in: -------------------------------------------------------------------------------- 1 | ansible==11.1.0 2 | ansible-core==2.18.1 3 | certifi==2024.12.14 4 | cffi==1.17.1 5 | charset-normalizer==3.4.0 6 | cryptography==44.0.0 7 | idna==3.10 8 | importlib_resources==6.4.5 9 | Jinja2==3.1.4 10 | lxml==5.3.0 11 | MarkupSafe==3.0.2 12 | packaging==24.2 13 | pip==24.1 14 | pycparser==2.22 15 | PyYAML==6.0.2 16 | requests==2.32.3 17 | resolvelib==1.0.1 18 | urllib3==2.2.3 19 | zipp==3.21.0 20 | -------------------------------------------------------------------------------- /kyverno-cli/entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -e 4 | 5 | exec_bats() { 6 | local TESTS="${1}" 7 | 8 | if [[ ! -f "${TESTS}" ]]; then 9 | echo "${TESTS} does not exist. Failing" 10 | exit 1 11 | fi 12 | 13 | exec bats "${TESTS}" 14 | } 15 | 16 | exec_raw() { 17 | local COMMAND="${1}" 18 | 19 | echo "Executing: ${COMMAND}" 20 | 21 | eval "${COMMAND}" 22 | } 23 | 24 | if [[ -z "${2}" ]]; then 25 | exec_bats "${1}" 26 | else 27 | exec_raw "${2}" 28 | fi 29 | -------------------------------------------------------------------------------- /redhat-csp-download/ansible/download.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: localhost 3 | gather_facts: no 4 | collections: 5 | - middleware_automation.redhat_csp_download 6 | 7 | tasks: 8 | - name: Download product zips 9 | no_log: true 10 | redhat_csp_download: 11 | url: "{{ item.url }}" 12 | dest: "{{ item.file }}" 13 | username: "{{ rh_username }}" 14 | password: "{{ rh_password }}" 15 | with_items: 16 | - "{{ download | from_json}}" 17 | -------------------------------------------------------------------------------- /kyverno-cli/_test/policy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kyverno.io/v1 2 | kind: ClusterPolicy 3 | metadata: 4 | name: require-labels 5 | spec: 6 | validationFailureAction: enforce 7 | rules: 8 | - name: check-for-labels 9 | match: 10 | resources: 11 | kinds: 12 | - Namespace 13 | validate: 14 | message: "label 'app.kubernetes.io/name' is required" 15 | pattern: 16 | metadata: 17 | labels: 18 | app.kubernetes.io/name: "?*" 19 | -------------------------------------------------------------------------------- /set-helm-version/entrypoint.py: -------------------------------------------------------------------------------- 1 | import sys 2 | from ruamel.yaml import YAML 3 | 4 | path = sys.argv[1] 5 | chart_version = sys.argv[2] 6 | app_version = sys.argv[3] 7 | 8 | yaml = YAML() 9 | yaml.default_flow_style = False 10 | 11 | with open(f"{path}/Chart.yaml") as f: 12 | data = yaml.load(f) 13 | 14 | if chart_version != "false": 15 | data["version"] = chart_version 16 | if app_version != "false": 17 | data["appVersion"] = app_version 18 | 19 | with open(f"{path}/Chart.yaml", "w") as f: 20 | yaml.dump(data, f) 21 | -------------------------------------------------------------------------------- /kyverno-cli/action.yml: -------------------------------------------------------------------------------- 1 | name: 'kyverno-cli' 2 | description: 'Run kyverno using BATS' 3 | author: 'Red Hat CoP' 4 | branding: 5 | icon: monitor 6 | color: purple 7 | inputs: 8 | tests: 9 | description: "BATS test bash file" 10 | default: "_test/kyverno.sh" 11 | required: false 12 | raw: 13 | description: "Execute a single command, i.e.: kyverno apply policy.yaml --resource my-deployment.yml" 14 | required: false 15 | 16 | runs: 17 | using: 'docker' 18 | image: 'Dockerfile' 19 | args: 20 | - ${{ inputs.tests }} 21 | - ${{ inputs.raw }} 22 | -------------------------------------------------------------------------------- /github-dispatches/action.yml: -------------------------------------------------------------------------------- 1 | name: 'github-dispatches' 2 | description: 'Triggers a GitHub CI dispatches event.' 3 | author: 'Red Hat CoP' 4 | branding: 5 | icon: monitor 6 | color: purple 7 | inputs: 8 | repo_array: 9 | description: "JSON array of repos to trigger" 10 | required: true 11 | username_token: 12 | description: "Personal GitHub access token in the form of 'username:token' which has 'repo' access" 13 | required: true 14 | 15 | runs: 16 | using: 'docker' 17 | image: 'Dockerfile' 18 | args: 19 | - ${{ inputs.repo_array }} 20 | - ${{ inputs.username_token }} 21 | -------------------------------------------------------------------------------- /s2i/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM registry.access.redhat.com/ubi9/ubi-minimal:9.5-1734497536@sha256:daa61d6103e98bccf40d7a69a0d4f8786ec390e2204fd94f7cc49053e9949360 2 | 3 | LABEL version="1.0.0" 4 | LABEL repository="http://github.com/redhat-cop/github-actions" 5 | LABEL homepage="http://github.com/redhat-cop/github-actions/s2i" 6 | LABEL maintainer="Red Hat CoP" 7 | LABEL "com.github.actions.name"="Source2Image build" 8 | LABEL "com.github.actions.description"="Runs source2image build" 9 | LABEL "com.github.actions.icon"="package" 10 | LABEL "com.github.actions.color"="purple" 11 | 12 | ADD entrypoint.sh /entrypoint.sh 13 | ENTRYPOINT ["/entrypoint.sh"] 14 | -------------------------------------------------------------------------------- /ssh-agent/action.yml: -------------------------------------------------------------------------------- 1 | name: 'ssh-agent' 2 | description: 'Sets up an ssh-agent with a private key and known_hosts' 3 | inputs: 4 | domain: 5 | description: 'Domain to configure SSH to connect to' 6 | required: true 7 | private_key: 8 | description: 'Private key to configure SSH to use' 9 | required: true 10 | ssh_auth_sock: 11 | description: 'SSH agent socket' 12 | default: "/tmp/ssh_agent.sock" 13 | required: false 14 | ssh_port: 15 | description: "SSH port to use for connecting" 16 | default: "22" 17 | required: false 18 | outputs: {} 19 | runs: 20 | using: 'node20' 21 | main: 'dist/index.js' 22 | -------------------------------------------------------------------------------- /github-dispatches/README.md: -------------------------------------------------------------------------------- 1 | ![Test github-dispatches](https://github.com/redhat-cop/github-actions/workflows/Test%20github-dispatches/badge.svg) 2 | 3 | # github-dispatches GitHub Action (NOT MAINTAINED) 4 | 5 | This action triggers a GitHub CI [dispatches event](https://blog.marcnuri.com/triggering-github-actions-across-different-repositories). 6 | 7 | ## Usage 8 | 9 | ```yaml 10 | - name: github-dispatches 11 | uses: ./github-dispatches 12 | with: 13 | username_token: ${{ secrets.REPO_TOKEN }} 14 | repo_array: '[{"url":"owner/repo","event_type":"Triggered","client_payload":{"customField":"customValue"}}]' 15 | ``` 16 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | ### JetBrains template 2 | # Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio and Webstorm 3 | # Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839 4 | 5 | # User-specific stuff: 6 | .idea/ 7 | .idea/**/workspace.xml 8 | .idea/**/tasks.xml 9 | .idea/dictionaries 10 | 11 | # Sensitive or high-churn files: 12 | .idea/**/dataSources/ 13 | .idea/**/dataSources.ids 14 | .idea/**/dataSources.xml 15 | .idea/**/dataSources.local.xml 16 | .idea/**/sqlDataSources.xml 17 | .idea/**/dynamic.xml 18 | .idea/**/uiDesigner.xml 19 | 20 | ## File-based project format: 21 | *.iws 22 | *.iml 23 | 24 | ssh-agent/node_modules 25 | -------------------------------------------------------------------------------- /ssh-agent/eslint.config.cjs: -------------------------------------------------------------------------------- 1 | const globals = require("globals"); 2 | const js = require("@eslint/js"); 3 | 4 | const { 5 | FlatCompat, 6 | } = require("@eslint/eslintrc"); 7 | 8 | const compat = new FlatCompat({ 9 | baseDirectory: __dirname, 10 | recommendedConfig: js.configs.recommended, 11 | allConfig: js.configs.all 12 | }); 13 | 14 | module.exports = [...compat.extends("eslint:recommended", "prettier"), { 15 | languageOptions: { 16 | globals: { 17 | ...globals.node, 18 | ...globals.commonjs, 19 | }, 20 | 21 | ecmaVersion: "latest", 22 | sourceType: "commonjs", 23 | }, 24 | 25 | rules: {}, 26 | }]; 27 | -------------------------------------------------------------------------------- /set-helm-version/action.yml: -------------------------------------------------------------------------------- 1 | name: 'set-helm-version' 2 | description: 'Sets the version of a Helm chart' 3 | author: 'Red Hat CoP' 4 | icon: package 5 | color: purple 6 | inputs: 7 | path: 8 | description: 'Path to the Helm chart' 9 | default: '.' 10 | required: false 11 | chart_version: 12 | description: 'Desired chart version' 13 | default: "false" 14 | required: false 15 | app_version: 16 | description: 'Desired app version' 17 | default: "false" 18 | required: false 19 | 20 | runs: 21 | using: 'docker' 22 | image: 'Dockerfile' 23 | args: 24 | - ${{ inputs.path }} 25 | - ${{ inputs.chart_version }} 26 | - ${{ inputs.app_version }} 27 | -------------------------------------------------------------------------------- /redhat-csp-download/action.yml: -------------------------------------------------------------------------------- 1 | name: 'redhat-csp-download' 2 | description: 'Run redhat-csp-download to download resources from the Red Hat Customer Portal.' 3 | author: 'Red Hat CoP' 4 | branding: 5 | icon: monitor 6 | color: purple 7 | inputs: 8 | rh_username: 9 | description: "Username to download product" 10 | required: true 11 | rh_password: 12 | description: "Password to download product" 13 | required: true 14 | download: 15 | description: "JSON array of files to download" 16 | required: true 17 | 18 | runs: 19 | using: 'docker' 20 | image: 'Dockerfile' 21 | args: 22 | - ${{ inputs.rh_username }} 23 | - ${{ inputs.rh_password }} 24 | - ${{ inputs.download }} 25 | -------------------------------------------------------------------------------- /redhat-csp-download/entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -e 4 | 5 | exec_csp() { 6 | local RH_USERNAME="${1}" 7 | local RH_PASSWORD="${2}" 8 | local DOWNLOAD="${3}" 9 | 10 | if [[ -z "${RH_USERNAME}" ]] || [[ -z "${RH_PASSWORD}" ]] 11 | then 12 | echo "RH_USERNAME or RH_PASSWORD is empty. Skipping." 13 | exit 0 14 | fi 15 | 16 | if [[ -z "${DOWNLOAD}" ]] 17 | then 18 | echo "DOWNLOAD is empty. Failing." 19 | exit 1 20 | fi 21 | 22 | pushd /ansible 23 | ansible-galaxy collection install -r requirements.yml 24 | ansible-playbook download.yml -e rh_username="${RH_USERNAME}" -e rh_password="${RH_PASSWORD}" -e download="${DOWNLOAD}" 25 | popd 26 | } 27 | 28 | exec_csp "${1}" "${2}" "${3}" 29 | -------------------------------------------------------------------------------- /ssh-agent/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "ssh-agent", 3 | "version": "1.0.0", 4 | "description": "", 5 | "main": "index.js", 6 | "scripts": { 7 | "test": "echo \"Error: no test specified\" && exit 1", 8 | "compile": "ncc build index.js", 9 | "eslint": "eslint index.js", 10 | "prettier": "prettier --list-different index.js" 11 | }, 12 | "keywords": [], 13 | "author": "", 14 | "license": "Apache-2.0", 15 | "dependencies": { 16 | "@actions/core": "1.11.1" 17 | }, 18 | "devDependencies": { 19 | "@eslint/eslintrc": "3.2.0", 20 | "@eslint/js": "9.17.0", 21 | "@vercel/ncc": "0.38.3", 22 | "eslint-config-prettier": "9.1.0", 23 | "globals": "15.13.0", 24 | "prettier": "3.4.2" 25 | } 26 | } 27 | -------------------------------------------------------------------------------- /set-helm-version/README.md: -------------------------------------------------------------------------------- 1 | # Set Helm Version GitHub Action (NOT MAINTAINED) 2 | 3 | Given the path to a directory containing a Helm `Chart.yaml`, sets the `version` and `appVersion` of the chart to the specified values. 4 | Used to programmatically edit version numbers before a release - preserving existing structure and comments inside of the `Chart.yaml`. 5 | 6 | ## Usage 7 | 8 | Add the following to a step in your GitHub Workflow: 9 | 10 | ```yaml 11 | - uses: redhat-cop/github-actions/set-helm-version@master 12 | with: 13 | path: . 14 | chart_version: 1.0.0 15 | app_version: 1.0.0 16 | ``` 17 | 18 | ## Future 19 | 20 | It would be reasonable to add parsing and automatic bumping of existing semantic versions based on keywords like "major", "minor", or "rc". 21 | -------------------------------------------------------------------------------- /confbatstest/action.yml: -------------------------------------------------------------------------------- 1 | name: confbatstest 2 | description: Run conftest using BATS 3 | author: Red Hat CoP 4 | branding: 5 | icon: monitor 6 | color: purple 7 | inputs: 8 | tests: 9 | description: BATS test bash file 10 | default: _test/conftest.sh 11 | required: false 12 | policies: 13 | description: "JSON array of policies to pull via conftest. See: https://github.com/open-policy-agent/conftest/blob/master/docs/sharing.md" 14 | default: '[{"name": "redhat-cop", "url":"github.com/redhat-cop/rego-policies.git//policy"}]' 15 | required: false 16 | raw: 17 | description: 'Execute a single command, i.e.: konstraint doc -o POLICIES.md' 18 | required: false 19 | runs: 20 | using: docker 21 | image: Dockerfile 22 | args: 23 | - ${{ inputs.tests }} 24 | - ${{ inputs.policies }} 25 | - ${{ inputs.raw }} 26 | -------------------------------------------------------------------------------- /set-helm-version/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM registry.access.redhat.com/ubi9/python-39:9.5-1734444862@sha256:daa95bd4459da0314c06a918ead906be049f74f2f19850cf259f06761ddb3979 2 | 3 | LABEL version="1.1.0" 4 | LABEL repository="http://github.com/redhat-cop/github-actions" 5 | LABEL homepage="http://github.com/redhat-cop/github-actions/set-helm-version" 6 | LABEL maintainer="Red Hat CoP" 7 | LABEL "com.github.actions.name"="set-helm-version" 8 | LABEL "com.github.actions.description"="Sets the Helm chart version and appVersion in preparation for a release" 9 | LABEL "com.github.actions.icon"="package" 10 | LABEL "com.github.actions.color"="purple" 11 | 12 | WORKDIR / 13 | COPY requirements.txt ./ 14 | RUN pip install --require-hashes --no-deps --no-cache-dir -r requirements.txt 15 | 16 | COPY entrypoint.py /entrypoint.py 17 | ENTRYPOINT [ "python", "/entrypoint.py" ] 18 | -------------------------------------------------------------------------------- /kyverno-cli/README.md: -------------------------------------------------------------------------------- 1 | ![Test kyverno-cli](https://github.com/redhat-cop/github-actions/workflows/Test%20kyverno-cli/badge.svg) 2 | 3 | # kyverno-cli GitHub Action (NOT MAINTAINED) 4 | 5 | This action uses [BATS](https://github.com/bats-core/bats-core) and [kyverno](https://github.com/kyverno/kyverno). 6 | It also contains several tools which are used for JSON and YAML manipulation: 7 | - helm 8 | - jq 9 | - yq 10 | - oc 11 | 12 | ## Usage 13 | Execute a BATS file which contains kyverno tests. 14 | ```yaml 15 | - name: kyverno 16 | uses: redhat-cop/github-actions/kyverno-cli@master 17 | with: 18 | tests: _test/kyverno.sh 19 | ``` 20 | 21 | Execute a command, such as `kyverno apply`: 22 | ```yaml 23 | - name: kyverno 24 | uses: redhat-cop/github-actions/kyverno-cli@master 25 | with: 26 | raw: konstraint doc -o POLICIES.md 27 | ``` 28 | -------------------------------------------------------------------------------- /.pre-commit-config.yaml: -------------------------------------------------------------------------------- 1 | exclude: 'ssh-agent/dist/index.js' 2 | 3 | repos: 4 | - repo: https://github.com/pre-commit/pre-commit-hooks 5 | rev: v6.0.0 6 | hooks: 7 | - id: check-case-conflict 8 | - id: check-yaml 9 | - id: check-shebang-scripts-are-executable 10 | - id: check-json 11 | - id: end-of-file-fixer 12 | - id: trailing-whitespace 13 | - repo: https://gitlab.cee.redhat.com/infosec-public/developer-workbench/tools.git 14 | rev: rh-pre-commit-2.3.2 15 | hooks: 16 | # If you have not run this hook on your system before, it may prompt you to 17 | # log in for patterns, and you will need to try again. 18 | # 19 | # Docs: https://source.redhat.com/departments/it/it-information-security/leaktk/leaktk_components/rh_pre_commit 20 | - id: rh-pre-commit 21 | - id: rh-pre-commit.commit-msg # Optional for commit-msg attestation 22 | -------------------------------------------------------------------------------- /renovate.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "https://docs.renovatebot.com/renovate-schema.json", 3 | "extends": [ 4 | "config:best-practices", 5 | "customManagers:dockerfileVersions", 6 | "schedule:earlyMondays" 7 | ], 8 | "packageRules": [ 9 | { 10 | "matchDatasources": [ 11 | "docker" 12 | ], 13 | "matchPackageNames": [ 14 | "quay.io/skopeo/stable" 15 | ], 16 | "pinDigests": false 17 | }, 18 | { 19 | "matchManagers": [ 20 | "github-actions" 21 | ], 22 | "matchPackageNames": [ 23 | "slsa-framework/slsa-github-generator" 24 | ], 25 | "pinDigests": false 26 | } 27 | ], 28 | "ignorePaths": [ 29 | "chart-repo-pr-action/**", 30 | "github-dispatches/**", 31 | "kyverno-cli/**", 32 | "redhat-csp-download/**", 33 | "s2i/**", 34 | "set-helm-version/**", 35 | "ssh-agent/**" 36 | ] 37 | } 38 | -------------------------------------------------------------------------------- /confbatstest/README.md: -------------------------------------------------------------------------------- 1 | ![Test confbatstest](https://github.com/redhat-cop/github-actions/workflows/Test%20confbatstest/badge.svg) 2 | 3 | # confbatstest GitHub Action 4 | 5 | This action uses [BATS](https://github.com/bats-core/bats-core) and [conftest](https://github.com/open-policy-agent/conftest). 6 | It also contains several tools which are used for JSON and YAML manipulation: 7 | - helm 8 | - jq 9 | - yq 10 | - oc 11 | 12 | ## Usage 13 | Execute a BATS file which contains conftest tests. 14 | ```yaml 15 | - name: Conftest 16 | uses: redhat-cop/github-actions/confbatstest@master 17 | with: 18 | tests: _test/conftest.sh 19 | policies: '[{"name": "redhat-cop", "url":"github.com/redhat-cop/rego-policies.git//policy"}]' 20 | ``` 21 | 22 | Execute a command, such as konstraint to generate rego policy documentation. 23 | ```yaml 24 | - name: Conftest 25 | uses: redhat-cop/github-actions/confbatstest@master 26 | with: 27 | raw: konstraint doc -o POLICIES.md 28 | ``` 29 | -------------------------------------------------------------------------------- /redhat-csp-download/README.md: -------------------------------------------------------------------------------- 1 | ![Test redhat-csp-download](https://github.com/redhat-cop/github-actions/workflows/Test%20redhat-csp-download/badge.svg) 2 | 3 | # redhat-csp-download GitHub Action (NOT MAINTAINED) 4 | 5 | This action uses [redhat-csp-download](https://github.com/ansible-middleware/redhat-csp-download) to download resources from the Red Hat Customer Portal, 6 | which can be used as part of your GitHub integration tests. 7 | 8 | ## Usage 9 | 10 | ```yaml 11 | - name: redhat-csp-download 12 | uses: redhat-cop/github-actions/redhat-csp-download@master 13 | with: 14 | rh_username: ${{ secrets.RH_USERNAME }} 15 | rh_password: ${{ secrets.RH_PASSWORD }} 16 | download: '[{"file":"/github/workspace/eap-connectors.zip","url":"https://access.redhat.com/jbossnetwork/restricted/softwareDownload.html?softwareId=37193"}]' 17 | ``` 18 | 19 | ### Action Volume Mapping 20 | If you want to use your files after this action, they need to be written to a volume, such as: 21 | 22 | /github/workspace 23 | -------------------------------------------------------------------------------- /chart-repo-pr-action/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM registry.access.redhat.com/ubi9/ubi-minimal:9.5-1734497536@sha256:daa61d6103e98bccf40d7a69a0d4f8786ec390e2204fd94f7cc49053e9949360 2 | 3 | ## According to the GH Actions doc, the user must run as root 4 | ## https://docs.github.com/en/actions/creating-actions/dockerfile-support-for-github-actions#user 5 | USER root 6 | 7 | # renovate: datasource=github-releases depName=cli/cli 8 | ARG GH_VERSION=v2.63.2 9 | 10 | ## Install git and diff 11 | RUN microdnf install --assumeyes --nodocs tar git diffutils && \ 12 | microdnf clean all && \ 13 | tar --version && \ 14 | git --version && \ 15 | diff --version 16 | 17 | ## Install gh cli 18 | RUN curl -L -O https://github.com/cli/cli/releases/download/${GH_VERSION}/gh_${GH_VERSION//v}_linux_amd64.tar.gz && \ 19 | tar -xzf gh_${GH_VERSION}_linux_amd64.tar.gz && \ 20 | mv gh_${GH_VERSION}_linux_amd64/bin/gh /usr/local/bin && \ 21 | rm -rf gh gh.tar.gz && \ 22 | gh --version 23 | 24 | ADD entrypoint.sh / 25 | 26 | ENTRYPOINT ["/entrypoint.sh"] 27 | -------------------------------------------------------------------------------- /.github/workflows/disconnected-csv.yaml: -------------------------------------------------------------------------------- 1 | name: Test Disconnected CSV 2 | on: 3 | push: 4 | paths: 5 | - disconnected-csv/** 6 | - .github/workflows/disconnected-csv.yaml 7 | 8 | pull_request: 9 | paths: 10 | - disconnected-csv/** 11 | - .github/workflows/disconnected-csv.yaml 12 | 13 | # Declare default permissions as read only. 14 | permissions: read-all 15 | 16 | jobs: 17 | disconnected-csv: 18 | runs-on: ubuntu-latest 19 | steps: 20 | - name: Checkout 21 | uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 22 | 23 | - uses: hadolint/hadolint-action@2332a7b74a6de0dda2e2221d575162eba76ba5e5 # v3.3.0 24 | with: 25 | dockerfile: disconnected-csv/Dockerfile 26 | ignore: DL3013,DL3041 # https://github.com/hadolint/hadolint/wiki/DL3013 https://github.com/hadolint/hadolint/wiki/DL3041 27 | 28 | - uses: ./disconnected-csv 29 | with: 30 | CSV_FILE: ./disconnected-csv/tests/sample-clusterserviceversion.yaml 31 | TAGS_TO_DIGESTS: 1 32 | -------------------------------------------------------------------------------- /redhat-csp-download/Dockerfile_build: -------------------------------------------------------------------------------- 1 | FROM registry.access.redhat.com/ubi9/python-312:9.5-1734444849@sha256:f72df305804f98c2bb84faa52cfdd93b42671e2f1bab05a4e4438b962c83e116 2 | 3 | LABEL version="4.0.0" 4 | LABEL repository="http://github.com/redhat-cop/github-actions" 5 | LABEL homepage="http://github.com/redhat-cop/github-actions/redhat-csp-download" 6 | LABEL maintainer="Red Hat CoP" 7 | LABEL "com.github.actions.name"="redhat-csp-download" 8 | LABEL "com.github.actions.description"="Run redhat-csp-download to download resources from the Red Hat Customer Portal." 9 | LABEL "com.github.actions.branding.icon"="monitor" 10 | LABEL "com.github.actions.branding.color"="purple" 11 | 12 | COPY ansible /ansible 13 | RUN pip3 install --require-hashes --no-deps --no-cache-dir -r /ansible/requirements.txt && \ 14 | ansible --version && \ 15 | ansible-galaxy --version && \ 16 | ansible-playbook --version 17 | 18 | USER root 19 | 20 | RUN dnf upgrade --assumeyes && \ 21 | dnf clean all 22 | 23 | USER 1001 24 | 25 | COPY entrypoint.sh /entrypoint.sh 26 | ENTRYPOINT ["/entrypoint.sh"] 27 | -------------------------------------------------------------------------------- /s2i/LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2019 Vadim Rutkovsky 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /.github/workflows/ssh-agent-build.yaml: -------------------------------------------------------------------------------- 1 | name: Build ssh-agent 2 | 3 | on: 4 | push: 5 | paths: 6 | - .github/workflows/ssh-agent-build.yaml 7 | - ssh-agent/** 8 | pull_request: 9 | paths: 10 | - .github/workflows/ssh-agent-build.yaml 11 | - ssh-agent/** 12 | 13 | # Declare default permissions as read only. 14 | permissions: read-all 15 | 16 | jobs: 17 | build: 18 | runs-on: ubuntu-latest 19 | steps: 20 | - name: Checkout 21 | uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 22 | 23 | - name: Set up Node.js 24 | uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6 25 | with: 26 | node-version: 24 27 | 28 | - name: Install Node.js dependencies 29 | run: | 30 | pushd ssh-agent/ 31 | npm ci 32 | popd 33 | 34 | - name: Run linters 35 | run: | 36 | pushd ssh-agent/ 37 | npm run prettier 38 | npm run eslint 39 | popd 40 | 41 | - name: Compile Node.js dependencies 42 | run: | 43 | pushd ssh-agent/ 44 | npm run compile 45 | popd 46 | -------------------------------------------------------------------------------- /disconnected-csv/action.yml: -------------------------------------------------------------------------------- 1 | name: 'disconnected-csv' 2 | description: 'Run disconnected-csv to prepare a ClusterServiceVersion for disconnected environments' 3 | author: 'Red Hat CoP' 4 | branding: 5 | icon: monitor 6 | color: purple 7 | inputs: 8 | OPERATOR_CONTAINER_NAME: 9 | description: "Specifies which container in the deployment is the Operator; used for annotations." 10 | required: false 11 | default: 'manager' 12 | RELATED_IMAGE_ENV_PREFIX: 13 | description: | 14 | Environment variables with this prefix will be considered to have image 15 | references as their values. These will be processed as related images. 16 | required: false 17 | default: 'RELATED_IMAGE_' 18 | TAGS_TO_DIGESTS: 19 | description: | 20 | If set, this triggers lookup and conversion to tag-based references 21 | to digest-based references. All tag-based references in the CSV will be 22 | replaced with their digest equivalents. To avoid this conversion, 23 | leave this input unset. 24 | required: false 25 | CSV_FILE: 26 | description: "The path to the ClusterServiceVersion YAML file that will be processed." 27 | required: true 28 | runs: 29 | using: 'docker' 30 | image: 'Dockerfile' 31 | -------------------------------------------------------------------------------- /.github/workflows/github-dispatches.yaml: -------------------------------------------------------------------------------- 1 | name: Test github-dispatches 2 | 3 | on: 4 | push: 5 | paths: 6 | - .github/workflows/github-dispatches.yaml 7 | - github-dispatches/** 8 | pull_request: 9 | paths: 10 | - .github/workflows/github-dispatches.yaml 11 | - github-dispatches/** 12 | 13 | # Declare default permissions as read only. 14 | permissions: read-all 15 | 16 | jobs: 17 | github-dispatches: 18 | runs-on: ubuntu-latest 19 | steps: 20 | - name: Checkout 21 | uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 22 | 23 | - uses: hadolint/hadolint-action@2332a7b74a6de0dda2e2221d575162eba76ba5e5 # v3.3.0 24 | with: 25 | dockerfile: github-dispatches/Dockerfile_build 26 | 27 | - name: Switch the action to use the Dockerfile_build 28 | run: | 29 | mv github-dispatches/Dockerfile github-dispatches/Dockerfile_runnable 30 | mv github-dispatches/Dockerfile_build github-dispatches/Dockerfile 31 | 32 | - name: github-dispatches 33 | uses: ./github-dispatches 34 | with: 35 | username_token: ${{ secrets.REPO_TOKEN }} 36 | repo_array: '[{"url":"redhat-cop/rego-policies","event_type":"Trigger","client_payload":{"from-action":"github-dispatches"}}]' 37 | -------------------------------------------------------------------------------- /disconnected-csv/add_related_image.py: -------------------------------------------------------------------------------- 1 | """ 2 | Short and sweet, this just adds an extra image to relatedImages if it doesn't already 3 | exist. "Already exists" means "there's a relatedImage with a value field that matches 4 | the provided ref on the command line". 5 | 6 | Updates the ClusterServiceVersion YAML file in place. 7 | """ 8 | 9 | import argparse 10 | from ruamel.yaml import YAML 11 | 12 | argparse = argparse.ArgumentParser() 13 | argparse.add_argument("csv_file", type=str, help="Path to ClusterServiceVersion YAML") 14 | argparse.add_argument("name", type=str, help="Name of the related image") 15 | argparse.add_argument("ref", type=str, help="Reference to the related image") 16 | args = argparse.parse_args() 17 | 18 | with open(args.csv_file, "r") as stream: 19 | yaml = YAML() 20 | csv = yaml.load(stream) 21 | 22 | if not 'relatedImages' in csv['spec']: 23 | csv['spec']['relatedImages'] = [] 24 | 25 | present = False 26 | 27 | for image in csv['spec']['relatedImages']: 28 | if image['image'] == args.ref: 29 | # already present, skip 30 | present = True 31 | 32 | if not present: 33 | csv['spec']['relatedImages'].append({ 'name': args.name, 'image': args.ref }) 34 | 35 | with open(args.csv_file, 'w') as stream_out: 36 | yaml = YAML() 37 | yaml.dump(csv, stream_out) 38 | -------------------------------------------------------------------------------- /github-dispatches/Dockerfile_build: -------------------------------------------------------------------------------- 1 | # Builder image 2 | FROM registry.access.redhat.com/ubi9/ubi-minimal:9.5-1734497536@sha256:daa61d6103e98bccf40d7a69a0d4f8786ec390e2204fd94f7cc49053e9949360 AS builder 3 | 4 | # renovate: datasource=github-releases depName=stedolan/jq 5 | ARG JQ_VERSION=1.6 6 | 7 | RUN curl -L -o /tmp/jq-linux64 https://github.com/stedolan/jq/releases/download/jq-${JQ_VERSION}/jq-linux64 && \ 8 | chmod +x /tmp/jq-linux64 && \ 9 | /tmp/jq-linux64 --version 10 | 11 | # Runnable image 12 | FROM registry.access.redhat.com/ubi9/ubi-minimal:9.5-1734497536@sha256:daa61d6103e98bccf40d7a69a0d4f8786ec390e2204fd94f7cc49053e9949360 13 | 14 | LABEL version="4.0.0" 15 | LABEL repository="http://github.com/redhat-cop/github-actions" 16 | LABEL homepage="http://github.com/redhat-cop/github-actions/github-dispatches" 17 | LABEL maintainer="Red Hat CoP" 18 | LABEL "com.github.actions.name"="github-dispatches" 19 | LABEL "com.github.actions.description"="Triggers a GitHub CI dispatches event." 20 | LABEL "com.github.actions.branding.icon"="monitor" 21 | LABEL "com.github.actions.branding.color"="purple" 22 | 23 | COPY --from=builder /tmp/jq-linux64 /usr/local/bin/jq 24 | RUN jq --version 25 | 26 | RUN microdnf upgrade --assumeyes && \ 27 | microdnf clean all 28 | 29 | COPY entrypoint.sh /entrypoint.sh 30 | ENTRYPOINT ["/entrypoint.sh"] 31 | -------------------------------------------------------------------------------- /github-dispatches/entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -e 4 | 5 | exec_dispatches() { 6 | local REPOS="${1}" 7 | local USRNAME_TOKEN="${2}" 8 | 9 | echo "${REPOS}" | jq -e "." >/dev/null 2>&1 10 | local jq_code=$? 11 | if [[ "${jq_code}" -ne 0 ]]; then 12 | echo "${jq_code} : Failed to parse 'repo_array' JSON. Failing" 13 | echo "${REPOS}" 14 | exit 1 15 | fi 16 | 17 | if [[ -z "${USRNAME_TOKEN}" ]]; then 18 | echo "USRNAME_TOKEN is empty. Skipping." 19 | exit 0 20 | fi 21 | 22 | for row in $(echo "${REPOS}" | jq -c ".[]"); do 23 | _jq() { 24 | echo "${row}" | jq -r -c "${1}" 25 | } 26 | 27 | echo "Attempting to trigger: ${row}" 28 | 29 | url=$(_jq ".url") 30 | data=$(_jq "{event_type: .event_type, client_payload: .client_payload}") 31 | 32 | HTTP_STATUS=$(curl --silent --show-error --request POST "https://api.github.com/repos/${url}/dispatches" \ 33 | -o /dev/null -w "%{http_code}" \ 34 | --header "Accept: application/vnd.github.everest-preview+json" \ 35 | --user "${USRNAME_TOKEN}" \ 36 | --data "${data}") 37 | 38 | if [[ "${HTTP_STATUS}" -ne 204 ]] ; then 39 | echo "Expected 204, got ${HTTP_STATUS} status code. Failng." 40 | exit 1 41 | fi 42 | 43 | echo "Completed: ${HTTP_STATUS}" 44 | done 45 | } 46 | 47 | exec_dispatches "${1}" "${2}" 48 | -------------------------------------------------------------------------------- /.github/workflows/kyverno-cli.yaml: -------------------------------------------------------------------------------- 1 | name: Test kyverno-cli 2 | 3 | on: 4 | push: 5 | paths: 6 | - .github/workflows/kyverno-cli.yaml 7 | - kyverno-cli/** 8 | pull_request: 9 | paths: 10 | - .github/workflows/kyverno-cli.yaml 11 | - kyverno-cli/** 12 | 13 | # Declare default permissions as read only. 14 | permissions: read-all 15 | 16 | jobs: 17 | kyverno-cli: 18 | runs-on: ubuntu-latest 19 | steps: 20 | - name: Checkout 21 | uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 22 | 23 | - uses: hadolint/hadolint-action@2332a7b74a6de0dda2e2221d575162eba76ba5e5 # v3.3.0 24 | with: 25 | dockerfile: kyverno-cli/Dockerfile_build 26 | ignore: DL3041 # https://github.com/hadolint/hadolint/wiki/DL3041 27 | 28 | - name: Switch the action to use the Dockerfile_build 29 | run: | 30 | mv kyverno-cli/Dockerfile kyverno-cli/Dockerfile_runnable 31 | mv kyverno-cli/Dockerfile_build kyverno-cli/Dockerfile 32 | 33 | - name: kyverno-cli - tests 34 | uses: ./kyverno-cli 35 | with: 36 | tests: kyverno-cli/_test/kyverno.sh 37 | 38 | - name: kyverno-cli - raw 39 | uses: ./kyverno-cli 40 | with: 41 | raw: kyverno apply kyverno-cli/_test/policy.yaml --resource kyverno-cli/_test/namespace.yaml 42 | -------------------------------------------------------------------------------- /confbatstest/entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -e 4 | 5 | exec_bats() { 6 | local TESTS="${1}" 7 | local POLICIES="${2}" 8 | 9 | if [[ ! -f "${TESTS}" ]]; then 10 | echo "${TESTS} does not exist. Failing" 11 | exit 1 12 | fi 13 | 14 | echo "${POLICIES}" | jq -e "." >/dev/null 2>&1 15 | local jq_code=$? 16 | if [[ "${jq_code}" -ne 0 ]]; then 17 | echo "${jq_code} : Failed to parse 'policies' JSON. Failing" 18 | echo "${POLICIES}" 19 | exit 1 20 | fi 21 | 22 | mkdir -p policy 23 | 24 | for row in $(echo "${POLICIES}" | jq -c ".[]"); do 25 | _jq() { 26 | echo "${row}" | jq -r "${1}" 27 | } 28 | 29 | name=$(_jq ".name") 30 | url=$(_jq ".url") 31 | 32 | conftest pull "${url}" --policy "${name}" 33 | 34 | # Move pulled policies into main policy dir 35 | mv "${name}"/* policy/ 36 | rm -rf "${name}" 37 | done 38 | 39 | if [ "$(find policy/* -name "*.rego" -type f | wc -l)" -lt 1 ]; then 40 | echo "No policies found. Failing." 41 | exit 1 42 | else 43 | find policy/* -name "*.rego" -type f 44 | fi 45 | 46 | exec bats "${TESTS}" 47 | } 48 | 49 | exec_raw() { 50 | local COMMAND="${1}" 51 | 52 | echo "Executing: ${COMMAND}" 53 | 54 | eval "${COMMAND}" 55 | } 56 | 57 | if [[ -z "${3}" ]]; then 58 | exec_bats "${1}" "${2}" 59 | else 60 | exec_raw "${3}" 61 | fi 62 | -------------------------------------------------------------------------------- /disconnected-csv/Dockerfile: -------------------------------------------------------------------------------- 1 | # renovate: datasource=github-releases depName=containers/skopeo 2 | FROM quay.io/skopeo/stable:v1.21.0 3 | 4 | LABEL version="1.0.0" 5 | LABEL repository="http://github.com/redhat-cop/github-actions" 6 | LABEL homepage="http://github.com/redhat-cop/github-actions/disconnected-csv" 7 | LABEL maintainer="Red Hat CoP" 8 | LABEL "com.github.actions.name"="disconnected-csv" 9 | LABEL "com.github.actions.description"="Run disconnected-csv to prepare a ClusterServiceVersion for disconnected environments." 10 | LABEL "com.github.actions.branding.icon"="monitor" 11 | LABEL "com.github.actions.branding.color"="purple" 12 | 13 | ENV PYTHONUSERBASE=/home/github 14 | 15 | COPY ./attach_image_digests.sh /attach_image_digests.sh 16 | COPY ./add_related_image.py /add_related_image.py 17 | 18 | RUN curl -sL https://github.com/mikefarah/yq/releases/download/v4.35.2/yq_linux_amd64 -o /usr/bin/yq && chmod +x /usr/bin/yq && \ 19 | curl -sL https://github.com/stedolan/jq/releases/download/jq-1.7/jq-linux64 -o /usr/bin/jq && chmod +x /usr/bin/jq && \ 20 | dnf install -qy python3-pip && \ 21 | dnf clean all && \ 22 | useradd -m github -d /home/github -u 1001 -g 0 && \ 23 | chmod +x /attach_image_digests.sh 24 | 25 | USER 1001 26 | 27 | RUN pip3 install --no-cache-dir --user ruamel.yaml 28 | 29 | WORKDIR /github/workspace 30 | 31 | ENTRYPOINT ["/attach_image_digests.sh"] 32 | -------------------------------------------------------------------------------- /s2i/README.md: -------------------------------------------------------------------------------- 1 | # Source-to-Image (S2I) GitHub Action (NOT MAINTAINED) 2 | 3 | This action uses [Source2Image](https://github.com/openshift/source-to-image) to build container 4 | images from source. After the image is built, it will automatically be pushed to a desired 5 | image registry. 6 | 7 | ## Use redhat-actions/s2i-build 8 | 9 | This action will be deprecated in the future, in favour of: 10 | - https://github.com/marketplace/actions/source-to-image-build 11 | 12 | ## Usage 13 | 14 | Add the following to a step in your GitHub Workflow: 15 | 16 | ```yaml 17 | - uses: redhat-cop/github-actions/s2i@master 18 | with: 19 | base: registry.access.redhat.com/redhat-openjdk-18/openjdk18-openshift 20 | output_image: quay.io/my-org/my-repo:latest 21 | image_pull_registry: registry.access.redhat.com 22 | image_pull_username: ${{ secrets.RHT_REGISTRY_USERNAME }} 23 | image_pull_password: ${{ secrets.RHT_REGISTRY_PASSWORD }} 24 | image_push_registry: quay.io 25 | image_push_username: ${{ secrets.QUAY_USERNAME }} 26 | image_push_password: ${{ secrets.QUAY_PASSWORD }} 27 | ``` 28 | 29 | If the image registry hosting your builder/base image is public, you may omit `image_pull_registry`, 30 | `image_pull_username` and `image_pull_password`. In keeping with best practice, your credentials 31 | should be stored in secrets and consumed as shown - not added directly to your workflow yaml. 32 | 33 | ## Credit 34 | 35 | This action was originally based on Vadim Rutkovsky's [action-s2i](https://github.com/vrutkovs/action-s2i). 36 | -------------------------------------------------------------------------------- /.github/workflows/set-helm-version.yaml: -------------------------------------------------------------------------------- 1 | name: Test set-helm-version 2 | 3 | on: 4 | push: 5 | paths: 6 | - .github/workflows/set-helm-version.yaml 7 | - set-helm-version/** 8 | pull_request: 9 | paths: 10 | - .github/workflows/set-helm-version.yaml 11 | - set-helm-version/** 12 | 13 | # Declare default permissions as read only. 14 | permissions: read-all 15 | 16 | jobs: 17 | set-helm-version: 18 | runs-on: ubuntu-latest 19 | steps: 20 | - name: Checkout 21 | uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 22 | 23 | - uses: hadolint/hadolint-action@2332a7b74a6de0dda2e2221d575162eba76ba5e5 # v3.3.0 24 | with: 25 | dockerfile: set-helm-version/Dockerfile 26 | 27 | - name: set-helm-version 28 | uses: ./set-helm-version 29 | with: 30 | path: set-helm-version/_test 31 | chart_version: v1.5.0 32 | app_version: v1.6.0 33 | 34 | - name: Check that the chart was modified as expected 35 | run: | 36 | if grep -Fxq "version: v1.5.0" set-helm-version/_test/Chart.yaml 37 | then 38 | echo "Found expected chart version" 39 | else 40 | echo "Did not find expected chart version!" 41 | exit 1 42 | fi 43 | 44 | if grep -Fxq "appVersion: v1.6.0" set-helm-version/_test/Chart.yaml 45 | then 46 | echo "Found expected app version" 47 | else 48 | echo "Did not find expected app version!" 49 | exit 1 50 | fi 51 | -------------------------------------------------------------------------------- /.github/workflows/confbatstest.yaml: -------------------------------------------------------------------------------- 1 | name: Test confbatstest 2 | 3 | on: 4 | push: 5 | paths: 6 | - .github/workflows/confbatstest.yaml 7 | - confbatstest/** 8 | pull_request: 9 | paths: 10 | - .github/workflows/confbatstest.yaml 11 | - confbatstest/** 12 | 13 | # Declare default permissions as read only. 14 | permissions: read-all 15 | 16 | jobs: 17 | conftest: 18 | runs-on: ubuntu-latest 19 | steps: 20 | - name: Checkout 21 | uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 22 | 23 | - uses: hadolint/hadolint-action@2332a7b74a6de0dda2e2221d575162eba76ba5e5 # v3.3.0 24 | with: 25 | dockerfile: confbatstest/Dockerfile_build 26 | ignore: DL3041 # https://github.com/hadolint/hadolint/wiki/DL3041 27 | 28 | - name: Switch the action to use the Dockerfile_build 29 | run: | 30 | mv confbatstest/Dockerfile confbatstest/Dockerfile_runnable 31 | mv confbatstest/Dockerfile_build confbatstest/Dockerfile 32 | 33 | - name: confbatstest - tests 34 | uses: ./confbatstest 35 | with: 36 | tests: confbatstest/_test/conftest.sh 37 | 38 | - name: confbatstest - raw 39 | uses: ./confbatstest 40 | with: 41 | raw: konstraint doc -o POLICIES.md 42 | 43 | - name: Check POLICIES.md file exists 44 | run: | 45 | FILE="POLICIES.md" 46 | if [ -f "$FILE" ]; then 47 | echo "$FILE exists." 48 | else 49 | echo "$FILE does not exist." 50 | exit 1 51 | fi 52 | -------------------------------------------------------------------------------- /get-image-version/action.yml: -------------------------------------------------------------------------------- 1 | name: 'Get Image Version' 2 | description: 'Parses the version.json content' 3 | inputs: 4 | IMAGE_CONTEXT_DIR: 5 | description: 'Context for the version.json' 6 | required: true 7 | outputs: 8 | VERSION: 9 | description: "Version; i.e.: 1.0.1" 10 | value: ${{ steps.check_version.outputs.VERSION }} 11 | MINOR_VERSION: 12 | description: "Minor version; i.e.: 1.0" 13 | value: ${{ steps.check_version.outputs.MINOR_VERSION }} 14 | IMAGE_TAGS: 15 | description: "Image tags from versions; i.e.: latest, 1.0.1 and 1.0" 16 | value: ${{ steps.check_version.outputs.IMAGE_TAGS }} 17 | runs: 18 | using: "composite" 19 | steps: 20 | - name: Check and verify version.json 21 | id: check_version 22 | shell: bash 23 | run: | 24 | VERSION=$(jq -r '.version' ${{ inputs.IMAGE_CONTEXT_DIR }}/version.json) 25 | 26 | # version.json must have semantic version: vMAJOR.MINOR.PATCH(-PRE-RELEASE) 27 | if [[ ! $VERSION =~ ^v[0-9]+\.[0-9]+\.[0-9]+([0-9A-Za-z-]*)$ ]]; then 28 | echo "${{ inputs.IMAGE_CONTEXT_DIR }}/version.json does not contain semantic version, vMAJOR.MINOR.PATCH" 29 | cat ${{ inputs.IMAGE_CONTEXT_DIR }}/version.json 30 | exit 1 31 | fi 32 | 33 | TAGS=("latest" "${VERSION}" "${VERSION%.*}") 34 | if [[ "${GITHUB_REF}" =~ refs/tags/(.*) ]]; then 35 | TAGS+=("git-${BASH_REMATCH[1]}") 36 | fi 37 | 38 | echo "VERSION=$(echo $VERSION)" >> $GITHUB_OUTPUT 39 | echo "MINOR_VERSION=$(echo ${VERSION%.*})" >> $GITHUB_OUTPUT 40 | echo "IMAGE_TAGS=$(echo ${TAGS[*]})" >> $GITHUB_OUTPUT 41 | -------------------------------------------------------------------------------- /s2i/action.yml: -------------------------------------------------------------------------------- 1 | name: 'Source2Image' 2 | description: 'Create image using source2image' 3 | author: 'Red Hat CoP' 4 | icon: package 5 | color: purple 6 | inputs: 7 | path: 8 | description: 'Path to source code' 9 | default: '.' 10 | required: false 11 | base: 12 | description: 'source2image base image' 13 | required: true 14 | deprecationMessage: 'This action is deprecated, please migrate to: https://github.com/marketplace/actions/source-to-image-build' 15 | output_image: 16 | description: 'resulting image' 17 | required: true 18 | image_pull_registry: 19 | description: 'the registry containing the builder image' 20 | required: false 21 | image_pull_username: 22 | description: 'the username to use for pulling the base image' 23 | required: false 24 | image_pull_password: 25 | description: 'the password to use for pulling the base image' 26 | required: false 27 | image_push_registry: 28 | description: 'the registry to push the built image to' 29 | required: true 30 | image_push_username: 31 | description: 'the username to use for pushing the built image' 32 | required: true 33 | image_push_password: 34 | description: 'the password to use for pushing the built image' 35 | required: true 36 | image_tags: 37 | description: 'tag the image with additional tags (comma separated)' 38 | default: 'latest' 39 | required: false 40 | 41 | runs: 42 | using: 'docker' 43 | image: 'Dockerfile' 44 | args: 45 | - ${{ inputs.path }} 46 | - ${{ inputs.base }} 47 | - ${{ inputs.output_image }} 48 | - ${{ inputs.image_pull_registry }} 49 | - ${{ inputs.image_pull_username }} 50 | - ${{ inputs.image_pull_password }} 51 | - ${{ inputs.image_push_registry }} 52 | - ${{ inputs.image_push_username }} 53 | - ${{ inputs.image_push_password }} 54 | - ${{ inputs.image_tags }} 55 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | [![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/redhat-cop/github-actions/badge)](https://securityscorecards.dev/viewer/?uri=github.com/redhat-cop/github-actions) 2 | 3 | # Repository Layout 4 | 5 | This repository contains: 6 | - standalone GitHub Actions that can be called from your workflows 7 | - example workflows that you can copy into your own repositories 8 | 9 | ## Included in this repo: 10 | 11 | ### Actions 12 | - [chart-repo-pr-action](/chart-repo-pr-action) 13 | - [confbatstest](/confbatstest) 14 | - [github-dispatches](/github-dispatches) 15 | - [redhat-csp-download](/redhat-csp-download) 16 | - [s2i](/s2i) 17 | - [set-helm-version](/set-helm-version) 18 | - [ssh-agent](/ssh-agent) 19 | - [disconected-csv](/disconnected-csv) 20 | 21 | ### Workflows 22 | 23 | ## Contributing 24 | 25 | If you would like to contribute to this repository, you can do one of the following: 26 | 27 | ### GitHub Action 28 | 29 | If you have an action that you'd like to contribute, you can create a directory at the root of the repository and then create your action inside of there. This would look something like: 30 | 31 | ```sh 32 | /my-awesome-action 33 | - action.yml 34 | - entrypoint.sh 35 | ... etc. 36 | ``` 37 | 38 | We're looking to keep the individual GitHub Actions at the root of this repository as it reduces the complexity of importing them into external workflows. 39 | 40 | ### Workflows 41 | 42 | If you have an example workflow that you would like to contribute, you can similarly create a new directory under the existing `workflows` directory. From there you can then add your content and descriptions, etc. 43 | 44 | **Note:** For workflows, we're looking for something more than you can find in individual `how-to's` for a single action. The ideal workflow example would be pulling together sets of actions or multiple workflows to accomplish a larger goal. 45 | -------------------------------------------------------------------------------- /.github/workflows/get-image-version.yaml: -------------------------------------------------------------------------------- 1 | name: Test get-image-version 2 | 3 | on: 4 | push: 5 | paths: 6 | - .github/workflows/get-image-version.yaml 7 | - get-image-version/** 8 | pull_request: 9 | paths: 10 | - .github/workflows/get-image-version.yaml 11 | - get-image-version/** 12 | 13 | # Declare default permissions as read only. 14 | permissions: read-all 15 | 16 | jobs: 17 | get-image-version: 18 | env: 19 | CONTEXT_DIR: get-image-version 20 | runs-on: ubuntu-latest 21 | steps: 22 | - name: Checkout 23 | uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 24 | 25 | - name: get-image-version - tests 26 | id: get_image_version 27 | uses: ./get-image-version 28 | with: 29 | IMAGE_CONTEXT_DIR: ${{ env.CONTEXT_DIR }}/_test 30 | 31 | - name: Check outputs are correct 32 | run: | 33 | tags="${{ steps.get_image_version.outputs.IMAGE_TAGS }}" 34 | 35 | echo "VERSION == ${{ steps.get_image_version.outputs.VERSION }}" 36 | echo "MINOR_VERSION == ${{ steps.get_image_version.outputs.MINOR_VERSION }}" 37 | echo "IMAGE_TAGS == ${tags[*]}" 38 | 39 | if [[ "${{ steps.get_image_version.outputs.VERSION }}" != "v1.32.1" ]]; then 40 | echo "VERSION missmatch" 41 | exit 1 42 | fi 43 | 44 | if [[ "${{ steps.get_image_version.outputs.MINOR_VERSION }}" != "v1.32" ]]; then 45 | echo "MINOR_VERSION missmatch" 46 | exit 1 47 | fi 48 | 49 | expected_tags=("latest" "v1.32.1" "v1.32") 50 | if [[ "${GITHUB_REF}" =~ refs/tags/(.*) ]]; then 51 | expected_tags+=("git-${BASH_REMATCH[1]}") 52 | fi 53 | 54 | if [[ "${tags[*]}" != "${expected_tags[*]}" ]]; then 55 | echo "IMAGE_TAGS missmatch" 56 | exit 1 57 | fi 58 | -------------------------------------------------------------------------------- /.github/workflows/redhat-csp-download.yaml: -------------------------------------------------------------------------------- 1 | name: Test redhat-csp-download 2 | 3 | on: 4 | push: 5 | paths: 6 | - .github/workflows/redhat-csp-download.yaml 7 | - redhat-csp-download/** 8 | pull_request: 9 | paths: 10 | - .github/workflows/redhat-csp-download.yaml 11 | - redhat-csp-download/** 12 | 13 | # Declare default permissions as read only. 14 | permissions: read-all 15 | 16 | jobs: 17 | redhat-csp-download: 18 | runs-on: ubuntu-latest 19 | steps: 20 | - name: Checkout 21 | uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 22 | 23 | - uses: hadolint/hadolint-action@2332a7b74a6de0dda2e2221d575162eba76ba5e5 # v3.3.0 24 | with: 25 | dockerfile: redhat-csp-download/Dockerfile_build 26 | 27 | - name: Switch the action to use the Dockerfile_build 28 | run: | 29 | mv redhat-csp-download/Dockerfile redhat-csp-download/Dockerfile_runnable 30 | mv redhat-csp-download/Dockerfile_build redhat-csp-download/Dockerfile 31 | 32 | - name: redhat-csp-download 33 | uses: ./redhat-csp-download 34 | with: 35 | rh_username: ${{ secrets.RH_USERNAME }} 36 | rh_password: ${{ secrets.RH_PASSWORD }} 37 | download: '[{"file":"/github/workspace/eap-connectors.zip","url":"https://access.redhat.com/jbossnetwork/restricted/softwareDownload.html?softwareId=37193"}]' 38 | 39 | - name: Check downloaded file exists 40 | run: | 41 | if [ -z "${{ secrets.RH_USERNAME }}" ] || [ -z "${{ secrets.RH_PASSWORD }}" ] 42 | then 43 | echo "RH_USERNAME or RH_PASSWORD is empty. Skipping." 44 | exit 0 45 | fi 46 | 47 | FILE="eap-connectors.zip" 48 | if [ -f "$FILE" ]; then 49 | echo "$FILE exists." 50 | else 51 | echo "$FILE does not exist." 52 | exit 1 53 | fi 54 | -------------------------------------------------------------------------------- /chart-repo-pr-action/action.yml: -------------------------------------------------------------------------------- 1 | name: Chart Repo PR Action 2 | author: Austin Dewey 3 | description: Automatically make a PR to a central chart repository 4 | branding: 5 | icon: 'git-pull-request' 6 | color: 'blue' 7 | runs: 8 | using: 'docker' 9 | image: 'Dockerfile' 10 | inputs: 11 | auth_token: 12 | description: Token used for authentication to push 13 | required: true 14 | chart_repo: 15 | description: "The chart repository that you want to publish your charts to (ex: redhat-cop/helm-charts)" 16 | required: true 17 | fork_owner: 18 | description: "The owner of the chart repo fork. If blank, this Action assumes that you are publishing to a chart repo with the same org as your local repository." 19 | required: false 20 | auth_user: 21 | description: Username used for authentication to push. If blank, defaults to the user who triggered the action. 22 | required: false 23 | local_charts_dir: 24 | description: Charts directory name in local repo 25 | required: false 26 | default: charts 27 | central_charts_dir: 28 | description: Charts directory name in central repo 29 | required: false 30 | default: charts 31 | head_branch: 32 | description: New or existing branch the action should use as the PR head branch 33 | required: false 34 | default: feat/sync 35 | base_branch: 36 | description: Existing chart repo branch that the action should use as the PR base branch 37 | required: false 38 | default: master 39 | committer_name: 40 | description: The GitHub username to use as the committer name. If blank, defaults to the user who triggered the action. 41 | required: false 42 | committer_email: 43 | description: The email to use as the committer email 44 | required: false 45 | default: <> 46 | commit_message: 47 | description: Commit message to use for push 48 | required: false 49 | default: Syncing local charts with central chart repo 50 | -------------------------------------------------------------------------------- /ssh-agent/index.js: -------------------------------------------------------------------------------- 1 | const core = require("@actions/core"); 2 | const proc = require("child_process"); 3 | const fs = require("fs"); 4 | 5 | function run() { 6 | try { 7 | if (!fs.existsSync(`${process.env["HOME"]}/.ssh`)) { 8 | fs.mkdirSync(`${process.env["HOME"]}/.ssh`, { recursive: true }); 9 | } 10 | 11 | console.log("Building known hosts"); 12 | 13 | proc.execSync( 14 | `ssh-keyscan -p ${core.getInput("ssh_port")} ${core.getInput( 15 | "domain", 16 | )} >> ${process.env["HOME"]}/.ssh/known_hosts`, 17 | { 18 | stdio: [null, null, null], 19 | timeout: 20000, 20 | }, 21 | ); 22 | 23 | console.log("Finished building known hosts!"); 24 | console.log("Starting ssh-agent"); 25 | 26 | var sshOutput = proc.execFileSync(`ssh-agent`, [ 27 | "-a", 28 | core.getInput("ssh_auth_sock"), 29 | ]); 30 | 31 | sshOutput 32 | .toString() 33 | .split("\n") 34 | .forEach((line) => { 35 | var regexp = /=(.*); /g; 36 | if (line.includes("SSH_AUTH_SOCK")) { 37 | const sock = regexp.exec(line)[1]; 38 | core.exportVariable("SSH_AUTH_SOCK", sock); 39 | console.log(`Agent socket is ${sock}`); 40 | } 41 | 42 | if (line.includes("SSH_AGENT_PID")) { 43 | const pid = regexp.exec(line)[1]; 44 | core.exportVariable("SSH_AGENT_PID", pid); 45 | console.log(`Agent PID is ${pid}`); 46 | } 47 | }); 48 | 49 | console.log("Exported agent variables"); 50 | console.log("Started ssh-agent!"); 51 | console.log("Adding identity"); 52 | 53 | proc.execSync("ssh-add -", { 54 | stdio: [null, null, null], 55 | input: core.getInput("private_key").trim() + "\n", 56 | }); 57 | 58 | console.log("Added identity!"); 59 | console.log("ssh-agent is ready to use"); 60 | } catch (error) { 61 | console.log("Encountered an error:"); 62 | console.log(error.message); 63 | process.exit(1); 64 | } 65 | } 66 | 67 | run(); 68 | -------------------------------------------------------------------------------- /ssh-agent/README.md: -------------------------------------------------------------------------------- 1 | # SSH Agent GitHub Action (NOT MAINTAINED) 2 | 3 | This action sets up an `ssh-agent` (including `known_hosts` and a private key) for use throughout the rest of your GitHub Workflow. This can be used if you need to SSH into any machines for deployment purposes, or if you need SSH configured for accessing any Git repositories on hosts other than GitHub.com. It exports `SSH_AUTH_SOCK` and `SSH_AGENT_PID` environment variables for any downstream steps to automatically consume. 4 | 5 | > :exclamation: **All private data, including your private key and (potentially) your domain, should be stored and injected using GitHub secrets!** 6 | 7 | ## Usage 8 | 9 | Add the following (minimal) config to a step in your GitHub Workflow: 10 | 11 | ```yaml 12 | - name: Set up SSH 13 | uses: redhat-cop/github-actions/ssh-agent@master 14 | with: 15 | domain: ${{ secrets.DOMAIN}} 16 | private_key: ${{ secrets.PRIVATE_KEY }} 17 | ``` 18 | 19 | Also available are `ssh_port` if you need to connect on a non-default port, and `ssh_auth_sock` if for any reason you need to specify the location of the `ssh-agent` unix socket: 20 | 21 | ```yaml 22 | - name: Set up SSH 23 | uses: redhat-cop/github-actions/ssh-agent@master 24 | with: 25 | domain: ${{ secrets.DOMAIN}} 26 | private_key: ${{ secrets.PRIVATE_KEY }} 27 | ssh_port: 1234 28 | ssh_auth_sock: /tmp/my_special_auth.sock 29 | ``` 30 | 31 | Here is a full example of using this action to clone a private repository from a non-GitHub host: 32 | 33 | ```yaml 34 | jobs: 35 | clone-my-thing: 36 | runs-on: ubuntu-18.04 37 | steps: 38 | - name: Set up SSH 39 | uses: redhat-cop/github-actions/ssh-agent@master 40 | with: 41 | domain: gitlab.com 42 | private_key: ${{ secrets.GITLAB_PRIVATE_KEY }} 43 | - name: Clone private repo 44 | env: 45 | run: | 46 | git clone ssh://git@gitlab.com/my-org/my-repo.git 47 | - name: Show the repo 48 | run: | 49 | ls my-repo 50 | ``` 51 | -------------------------------------------------------------------------------- /.github/workflows/github-dispatches-build.yaml: -------------------------------------------------------------------------------- 1 | name: Build github-dispatches 2 | 3 | on: 4 | push: 5 | paths: 6 | - .github/workflows/github-dispatches-build.yaml 7 | - github-dispatches/** 8 | 9 | # Declare default permissions as read only. 10 | permissions: read-all 11 | 12 | jobs: 13 | build-github-dispatches: 14 | env: 15 | context: github-dispatches 16 | image_name: github-dispatches 17 | branch_name: ${{ github.head_ref || github.ref_name }} 18 | ref_type: ${{ github.ref_type }} 19 | owner: ${{ github.repository_owner }} 20 | runs-on: ubuntu-latest 21 | permissions: 22 | packages: write 23 | steps: 24 | - name: Checkout 25 | uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 26 | 27 | - name: Get image tags 28 | id: image_tags 29 | uses: redhat-cop/github-actions/get-image-version@561af5e610560aef3210ca7a08fe73b2add97648 # v4.5 30 | with: 31 | IMAGE_CONTEXT_DIR: ${{ env.context }} 32 | 33 | - uses: hadolint/hadolint-action@2332a7b74a6de0dda2e2221d575162eba76ba5e5 # v3.3.0 34 | with: 35 | dockerfile: github-dispatches/Dockerfile_build 36 | 37 | - name: Build image 38 | id: build_image 39 | uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2 40 | with: 41 | context: ${{ env.context }} 42 | dockerfiles: | 43 | ./${{ env.context }}/Dockerfile_build 44 | image: ${{ env.image_name }} 45 | oci: true 46 | tags: "${{ steps.image_tags.outputs.IMAGE_TAGS }}" 47 | 48 | - name: Push to ghcr.io 49 | if: ${{ env.ref_type == 'tag' || env.owner != 'redhat-cop' }} # Stops push running when bots create a PR, which fails due to token 50 | uses: redhat-actions/push-to-registry@5ed88d269cf581ea9ef6dd6806d01562096bee9c # v2 51 | with: 52 | image: ${{ steps.build_image.outputs.image }} 53 | registry: ghcr.io/${{ github.repository }} 54 | username: ${{ github.repository_owner }} 55 | password: ${{ secrets.GITHUB_TOKEN }} 56 | tags: ${{ steps.build_image.outputs.tags }} 57 | -------------------------------------------------------------------------------- /.github/workflows/redhat-csp-download-build.yaml: -------------------------------------------------------------------------------- 1 | name: Build redhat-csp-download 2 | 3 | on: 4 | push: 5 | paths: 6 | - .github/workflows/redhat-csp-download-build.yaml 7 | - redhat-csp-download/** 8 | 9 | # Declare default permissions as read only. 10 | permissions: read-all 11 | 12 | jobs: 13 | build-redhat-csp-download: 14 | env: 15 | context: redhat-csp-download 16 | image_name: redhat-csp-download 17 | branch_name: ${{ github.head_ref || github.ref_name }} 18 | ref_type: ${{ github.ref_type }} 19 | owner: ${{ github.repository_owner }} 20 | runs-on: ubuntu-latest 21 | permissions: 22 | packages: write 23 | steps: 24 | - name: Checkout 25 | uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 26 | 27 | - name: Get image tags 28 | id: image_tags 29 | uses: redhat-cop/github-actions/get-image-version@561af5e610560aef3210ca7a08fe73b2add97648 # v4.5 30 | with: 31 | IMAGE_CONTEXT_DIR: ${{ env.context }} 32 | 33 | - uses: hadolint/hadolint-action@2332a7b74a6de0dda2e2221d575162eba76ba5e5 # v3.3.0 34 | with: 35 | dockerfile: redhat-csp-download/Dockerfile_build 36 | 37 | - name: Build image 38 | id: build_image 39 | uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2 40 | with: 41 | context: ${{ env.context }} 42 | dockerfiles: | 43 | ./${{ env.context }}/Dockerfile_build 44 | image: ${{ env.image_name }} 45 | oci: true 46 | tags: "${{ steps.image_tags.outputs.IMAGE_TAGS }}" 47 | 48 | - name: Push to ghcr.io 49 | if: ${{ env.ref_type == 'tag' || env.owner != 'redhat-cop' }} # Stops push running when bots create a PR, which fails due to token 50 | uses: redhat-actions/push-to-registry@5ed88d269cf581ea9ef6dd6806d01562096bee9c # v2 51 | with: 52 | image: ${{ steps.build_image.outputs.image }} 53 | registry: ghcr.io/${{ github.repository }} 54 | username: ${{ github.repository_owner }} 55 | password: ${{ secrets.GITHUB_TOKEN }} 56 | tags: ${{ steps.build_image.outputs.tags }} 57 | -------------------------------------------------------------------------------- /.github/workflows/kyverno-cli-build.yaml: -------------------------------------------------------------------------------- 1 | name: Build kyverno-cli 2 | 3 | on: 4 | push: 5 | paths: 6 | - .github/workflows/kyverno-cli-build.yaml 7 | - kyverno-cli/** 8 | 9 | # Declare default permissions as read only. 10 | permissions: read-all 11 | 12 | jobs: 13 | build-kyverno-cli: 14 | env: 15 | context: kyverno-cli 16 | image_name: kyverno-cli 17 | branch_name: ${{ github.head_ref || github.ref_name }} 18 | ref_type: ${{ github.ref_type }} 19 | owner: ${{ github.repository_owner }} 20 | runs-on: ubuntu-latest 21 | permissions: 22 | packages: write 23 | steps: 24 | - name: Checkout 25 | uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 26 | 27 | - name: Get image tags 28 | id: image_tags 29 | uses: redhat-cop/github-actions/get-image-version@561af5e610560aef3210ca7a08fe73b2add97648 # v4.5 30 | with: 31 | IMAGE_CONTEXT_DIR: ${{ env.context }} 32 | 33 | - uses: hadolint/hadolint-action@2332a7b74a6de0dda2e2221d575162eba76ba5e5 # v3.3.0 34 | with: 35 | dockerfile: kyverno-cli/Dockerfile_build 36 | ignore: DL3041 # https://github.com/hadolint/hadolint/wiki/DL3041 37 | 38 | - name: Build image 39 | id: build_image 40 | uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2 41 | with: 42 | context: ${{ env.context }} 43 | dockerfiles: | 44 | ./${{ env.context }}/Dockerfile_build 45 | image: ${{ env.image_name }} 46 | oci: true 47 | tags: "${{ steps.image_tags.outputs.IMAGE_TAGS }}" 48 | 49 | - name: Push to ghcr.io 50 | if: ${{ env.ref_type == 'tag' || env.owner != 'redhat-cop' }} # Stops push running when bots create a PR, which fails due to token 51 | uses: redhat-actions/push-to-registry@5ed88d269cf581ea9ef6dd6806d01562096bee9c # v2 52 | with: 53 | image: ${{ steps.build_image.outputs.image }} 54 | registry: ghcr.io/${{ github.repository }} 55 | username: ${{ github.repository_owner }} 56 | password: ${{ secrets.GITHUB_TOKEN }} 57 | tags: ${{ steps.build_image.outputs.tags }} 58 | -------------------------------------------------------------------------------- /.github/workflows/scorecard.yml: -------------------------------------------------------------------------------- 1 | # This workflow uses actions that are not certified by GitHub. They are provided 2 | # by a third-party and are governed by separate terms of service, privacy 3 | # policy, and support documentation. 4 | 5 | name: Scorecard supply-chain security 6 | on: 7 | # For Branch-Protection check. Only the default branch is supported. See 8 | # https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection 9 | branch_protection_rule: 10 | # To guarantee Maintained check is occasionally updated. See 11 | # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained 12 | schedule: 13 | - cron: '36 19 * * 3' 14 | push: 15 | branches: [ "main" ] 16 | 17 | # Declare default permissions as read only. 18 | permissions: read-all 19 | 20 | jobs: 21 | analysis: 22 | name: Scorecard analysis 23 | runs-on: ubuntu-latest 24 | permissions: 25 | # Needed to upload the results to code-scanning dashboard. 26 | security-events: write 27 | # Needed to publish results and get a badge (see publish_results below). 28 | id-token: write 29 | # Uncomment the permissions below if installing in a private repository. 30 | # contents: read 31 | # actions: read 32 | 33 | steps: 34 | - name: "Checkout code" 35 | uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 36 | with: 37 | persist-credentials: false 38 | 39 | - name: "Run analysis" 40 | uses: ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a # v2.4.3 41 | with: 42 | results_file: results.sarif 43 | results_format: sarif 44 | # (Optional) "write" PAT token. Uncomment the `repo_token` line below if: 45 | # - you want to enable the Branch-Protection check on a *public* repository, or 46 | # - you are installing Scorecard on a *private* repository 47 | # To create the PAT, follow the steps in https://github.com/ossf/scorecard-action#authentication-with-pat. 48 | # repo_token: ${{ secrets.SCORECARD_TOKEN }} 49 | 50 | # Public repositories: 51 | # - Publish results to OpenSSF REST API for easy access by consumers 52 | # - Allows the repository to include the Scorecard badge. 53 | # - See https://github.com/ossf/scorecard-action#publishing-results. 54 | # For private repositories: 55 | # - `publish_results` will always be set to `false`, regardless 56 | # of the value entered here. 57 | publish_results: true 58 | 59 | # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF 60 | # format to the repository Actions tab. 61 | - name: "Upload artifact" 62 | uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 63 | with: 64 | name: SARIF file 65 | path: results.sarif 66 | retention-days: 5 67 | 68 | # Upload the results to GitHub's code scanning dashboard. 69 | - name: "Upload to code-scanning" 70 | uses: github/codeql-action/upload-sarif@1b168cd39490f61582a9beae412bb7057a6b2c4e # v4.31.8 71 | with: 72 | sarif_file: results.sarif 73 | -------------------------------------------------------------------------------- /chart-repo-pr-action/entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | set -e 4 | 5 | export AUTH_TOKEN=$INPUT_AUTH_TOKEN 6 | export AUTH_USER=${INPUT_AUTH_USER:-$GITHUB_ACTOR} 7 | export CHART_REPO=$INPUT_CHART_REPO 8 | export FORK_OWNER=$INPUT_FORK_OWNER 9 | export LOCAL_CHARTS_DIR=$INPUT_LOCAL_CHARTS_DIR 10 | export CENTRAL_CHARTS_DIR=$INPUT_CENTRAL_CHARTS_DIR 11 | export COMMITTER_NAME=${INPUT_COMMITTER_NAME:-$GITHUB_ACTOR} 12 | export COMMITTER_EMAIL=$INPUT_COMMITTER_EMAIL 13 | export COMMIT_MESSAGE=$INPUT_COMMIT_MESSAGE 14 | export HEAD_BRANCH=$INPUT_HEAD_BRANCH 15 | export BASE_BRANCH=$INPUT_BASE_BRANCH 16 | 17 | ## Ensure LOCAL_CHARTS_DIR directory exists in local repo 18 | if [ ! -d "$LOCAL_CHARTS_DIR" ]; then 19 | echo "ERR: directory '$LOCAL_CHARTS_DIR' does not exist" 20 | exit 1 21 | fi 22 | 23 | ## Clone chart repo or forked repo, depending on if fork_owner was provided or not 24 | cd ../ 25 | if [ -z $FORK_OWNER ]; then 26 | clone_repo=$CHART_REPO 27 | else 28 | chart_repo_name=$(echo $CHART_REPO | cut -d '/' -f2) 29 | clone_repo=$FORK_OWNER/$chart_repo_name 30 | fi 31 | git clone https://$AUTH_USER:$AUTH_TOKEN@github.com/$clone_repo repo 32 | cd repo 33 | repo_dir=$(pwd) 34 | git config user.name $COMMITTER_NAME 35 | git config user.email $COMMITTER_EMAIL 36 | 37 | ## Reset the HEAD_BRANCH to BASE_BRANCH 38 | git checkout $HEAD_BRANCH || git checkout -b $HEAD_BRANCH 39 | git remote add central https://github.com/$CHART_REPO 40 | git fetch central 41 | git reset --hard central/$BASE_BRANCH 42 | 43 | ## For each chart in the HEAD_BRANCH, remove that chart and then copy it back over 44 | ## This essentially cleans the HEAD_BRANCH before trying to create/update the PR 45 | cd $GITHUB_WORKSPACE/$LOCAL_CHARTS_DIR 46 | for chart in */; do 47 | rm -rfv $repo_dir/$CENTRAL_CHARTS_DIR/$chart 48 | cp -rv $chart $repo_dir/$CENTRAL_CHARTS_DIR/ 49 | done 50 | 51 | ## Add, Commit, and Push 52 | ## git status is here for logging purposes. 53 | cd $repo_dir 54 | git status 55 | git add --all 56 | exit_early=true 57 | ## If there aren't any changes, exit early 58 | ## Note that this condition will close PRs that this Action opened previously since GitHub detects that there aren't any changes once we force push 59 | ## I think this is acceptable, however, since this action will automatically open a new PR once new changes are introduced 60 | if ! git diff-index --quiet HEAD; then 61 | git commit -m "$COMMIT_MESSAGE" 62 | exit_early=false 63 | fi 64 | git push origin $SOURCE_BRANCH --force 65 | if [ "$exit_early" = true ]; then 66 | echo "INFO: no change detected against BASE_BRANCH. Exiting early..." 67 | exit 0 68 | fi 69 | 70 | ## Create PR 71 | export GITHUB_USER=$COMMITTER_NAME 72 | export GITHUB_TOKEN=$AUTH_TOKEN 73 | head_owner=$(echo $clone_repo | cut -d '/' -f1) 74 | if [ -z $FORK_OWNER ]; then 75 | head=$HEAD_BRANCH 76 | ## Match a string like feat/sync, not deweya:feat/sync 77 | regex='(?` | false | 82 | | `commit_message` | Commit message to use for push | `Syncing local charts with central chart repo` | false | 83 | 84 | ### The `auth_token` Parameter 85 | This parameter requires special attention. It is used to authenticate so that the action can push. 86 | 87 | It is recommended to create a `Personal Access Token` (or `PAT`). [This doc](https://docs.github.com/en/free-pro-team@latest/github/authenticating-to-github/creating-a-personal-access-token#creating-a-token) describes how you can create a PAT. 88 | 89 | **NOTE:** Be sure to grant your PAT the following permissions at a minimum: 90 | * public_repo 91 | * read:discussion 92 | 93 | Once you have created your PAT, you should create a secret in your repository containing your Helm chart(s). [This doc](https://docs.github.com/en/free-pro-team@latest/actions/reference/encrypted-secrets#creating-encrypted-secrets-for-a-repository) describes how you can create a secret. 94 | 95 | Once you have created a secret, you can refer to it in your workflow like this: 96 | ```yaml 97 | auth_token: ${{ secrets.PAT }} 98 | ``` 99 | 100 | Of course, be sure to use a different name other than `PAT` if you gave your secret a different name. 101 | 102 | ### The `head_branch` Parameter 103 | One important thing to call out about the `head_branch` parameter is that this action will make a **force push** against this branch. As a result, it is highly recommended that you select a dedicated `head_branch` for this action or use the default `feat/sync` branch. If you attempt to make changes to `head_branch`, they may be wiped out when this action runs. 104 | 105 | The force push is necessary because this action synchronizes your `head_branch` with the central chart repo's `base_branch` in order to produce an accurate diff. Since it is possible that this will rewrite `head_branch`'s history, this action performs a force push. 106 | -------------------------------------------------------------------------------- /disconnected-csv/tests/sample-clusterserviceversion.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: operators.coreos.com/v1alpha1 2 | kind: ClusterServiceVersion 3 | metadata: 4 | annotations: 5 | alm-examples: |- 6 | [ 7 | { 8 | "apiVersion": "cache.example.com/v1alpha1", 9 | "kind": "Memcached", 10 | "metadata": { 11 | "name": "memcached-sample" 12 | }, 13 | "spec": { 14 | "size": 3 15 | } 16 | } 17 | ] 18 | capabilities: Basic Install 19 | operators.operatorframework.io/builder: operator-sdk-v1.6.1+git 20 | operators.operatorframework.io/project_layout: ansible.sdk.operatorframework.io/v1 21 | name: memcached-operator.v0.0.1 22 | namespace: placeholder 23 | spec: 24 | apiservicedefinitions: {} 25 | customresourcedefinitions: 26 | owned: 27 | - kind: Memcached 28 | name: memcacheds.cache.example.com 29 | version: v1alpha1 30 | description: Operator that deployed Memcached. Suitable for air-gapped environments. 31 | displayName: Memcached Operator 32 | icon: 33 | - base64data: "" 34 | mediatype: "" 35 | install: 36 | spec: 37 | clusterPermissions: 38 | - rules: 39 | - apiGroups: 40 | - "" 41 | resources: 42 | - secrets 43 | - pods 44 | - pods/exec 45 | - pods/log 46 | verbs: 47 | - create 48 | - delete 49 | - get 50 | - list 51 | - patch 52 | - update 53 | - watch 54 | - apiGroups: 55 | - apps 56 | resources: 57 | - deployments 58 | - daemonsets 59 | - replicasets 60 | - statefulsets 61 | verbs: 62 | - create 63 | - delete 64 | - get 65 | - list 66 | - patch 67 | - update 68 | - watch 69 | - apiGroups: 70 | - cache.example.com 71 | resources: 72 | - memcacheds 73 | - memcacheds/status 74 | - memcacheds/finalizers 75 | verbs: 76 | - create 77 | - delete 78 | - get 79 | - list 80 | - patch 81 | - update 82 | - watch 83 | - apiGroups: 84 | - authentication.k8s.io 85 | resources: 86 | - tokenreviews 87 | verbs: 88 | - create 89 | - apiGroups: 90 | - authorization.k8s.io 91 | resources: 92 | - subjectaccessreviews 93 | verbs: 94 | - create 95 | serviceAccountName: memcached-operator-controller-manager 96 | deployments: 97 | - name: memcached-operator-controller-manager 98 | spec: 99 | replicas: 1 100 | selector: 101 | matchLabels: 102 | control-plane: controller-manager 103 | strategy: {} 104 | template: 105 | metadata: 106 | labels: 107 | control-plane: controller-manager 108 | spec: 109 | containers: 110 | - args: 111 | - --secure-listen-address=0.0.0.0:8443 112 | - --upstream=http://127.0.0.1:8080/ 113 | - --logtostderr=true 114 | - --v=10 115 | image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 116 | name: kube-rbac-proxy 117 | ports: 118 | - containerPort: 8443 119 | name: https 120 | resources: {} 121 | - args: 122 | - --health-probe-bind-address=:6789 123 | - --metrics-bind-address=127.0.0.1:8080 124 | - --leader-elect 125 | - --leader-election-id=memcached-operator 126 | env: 127 | - name: ANSIBLE_GATHERING 128 | value: explicit 129 | - name: RELATED_IMAGE_MEMCACHED 130 | value: quay.io/operator-framework/ansible-operator:v1.11 131 | image: quay.io/operator-framework/sample-memcached-operator:latest 132 | livenessProbe: 133 | httpGet: 134 | path: /healthz 135 | port: 6789 136 | initialDelaySeconds: 15 137 | periodSeconds: 20 138 | name: manager 139 | readinessProbe: 140 | httpGet: 141 | path: /readyz 142 | port: 6789 143 | initialDelaySeconds: 5 144 | periodSeconds: 10 145 | resources: {} 146 | securityContext: 147 | allowPrivilegeEscalation: false 148 | securityContext: 149 | runAsNonRoot: true 150 | serviceAccountName: memcached-operator-controller-manager 151 | terminationGracePeriodSeconds: 10 152 | permissions: 153 | - rules: 154 | - apiGroups: 155 | - "" 156 | - coordination.k8s.io 157 | resources: 158 | - configmaps 159 | - leases 160 | verbs: 161 | - get 162 | - list 163 | - watch 164 | - create 165 | - update 166 | - patch 167 | - delete 168 | - apiGroups: 169 | - "" 170 | resources: 171 | - events 172 | verbs: 173 | - create 174 | - patch 175 | serviceAccountName: memcached-operator-controller-manager 176 | strategy: deployment 177 | installModes: 178 | - supported: false 179 | type: OwnNamespace 180 | - supported: false 181 | type: SingleNamespace 182 | - supported: false 183 | type: MultiNamespace 184 | - supported: true 185 | type: AllNamespaces 186 | keywords: 187 | - memcached 188 | - disconnected 189 | links: 190 | - name: Memcached Operator 191 | url: https://memcached-operator.domain 192 | maturity: alpha 193 | provider: 194 | name: Your Name Here 195 | version: 0.0.1 196 | -------------------------------------------------------------------------------- /disconnected-csv/README.md: -------------------------------------------------------------------------------- 1 | ![Test disconnected-csv](https://github.com/redhat-cop/github-actions/workflows/Test%20Disconnected%20CSV/badge.svg) 2 | 3 | # disconnected-csv 4 | 5 | This GitHub Action processes a `ClusterServiceVersion` YAML file generated by `operator-sdk` tooling to make it suitable for disconnected environments. 6 | 7 | Specifically, it will: 8 | 9 | * Build `spec.relatedImages`. 10 | * Convert tags to digest references, if configured. 11 | * Add annotations required to the `ClusterServiceVersion` metadata. 12 | 13 | ## Selecting related images 14 | 15 | The scripts will consider the following two sources for potential related images: 16 | 17 | 1. `spec.containers[*].image` for each container in each `Deployment`. 18 | 2. Any environment variable, in any container, with a prefix defined in the `RELATED_IMAGE_ENV_PREFIX` input. 19 | 20 | If no environment variables referencing container image refs are found, the action will raise the following note: 21 | 22 | ``` 23 | ************* 24 | NOTE - no related images found injected as environment variables prefixed with ${RELATED_IMAGE_ENV_PREFIX}. 25 | 26 | If your Operator deploys an application container, it is recommended that you inject the container image reference 27 | as an environment variable, and define this environment variable in your Operator Deployment definition 28 | in your ClusterServiceVersion. 29 | 30 | Example: 31 | 32 | containers: 33 | - name: operator 34 | image: quay.io/yourrepo/your-operator:latest 35 | env: 36 | - name: ${RELATED_IMAGE_ENV_PREFIX}APPLICATION 37 | value: quay.io/anotherrepo/application-image:latest 38 | 39 | That will allow this Action to pick up your injected container reference and process it as a related image. 40 | 41 | If your Operator does not deploy any application containers, you can safely ignore this message. 42 | ************* 43 | ``` 44 | 45 | ## Configuration 46 | 47 | The following inputs can be configured: 48 | 49 | | Action Input | Description | Required? (Y/N)| Default | 50 | | ------------------------ | ----------------------------------------------------------------------------------------- | :-------------:| -------------- | 51 | | CSV_FILE | A path to the `ClusterServiceVersion` YAML file to be processed. | Y | - | 52 | | RELATED_IMAGE_ENV_PREFIX | A prefix to use to select container environment variables for related images. | N | RELATED_IMAGE_ | 53 | | TAGS_TO_DIGESTS | If set to any value, tag references will be converted in-place to digest references. Omit to leave tag refs unchanged. | N | Unset | 54 | | OPERATOR_CONTAINER_NAME | Which container refers to the Operator. | N | manager | 55 | 56 | ## Example usage 57 | 58 | Examples for using this within a GitHub Actions workflow: 59 | 60 | ``` 61 | jobs: 62 | release-without-digests: 63 | runs-on: ubuntu-latest 64 | steps: 65 | - name: process bundle for disconnected support 66 | uses: redhat-cop/github-actions/disconnected-csv@main 67 | with: 68 | CSV_FILE: bundle/manifests/my-operator.clusterserviceversion.yaml 69 | 70 | bundle-with-digests: 71 | runs-on: ubuntu-latest 72 | steps: 73 | - name: process bundle for disconnected support 74 | uses: redhat-cop/github-actions/disconnected-csv@main 75 | with: 76 | CSV_FILE: bundle/manifests/my-operator.clusterserviceversion.yaml 77 | TAGS_TO_DIGESTS: 1 78 | 79 | custom-env-prefix: 80 | runs-on: ubuntu-latest 81 | steps: 82 | - name: process bundle for disconnected support 83 | uses: redhat-cop/github-actions/disconnected-csv@main 84 | with: 85 | CSV_FILE: bundle/manifests/my-operator.clusterserviceversion.yaml 86 | RELATED_IMAGE_ENV_PREFIX: "my_custom_prefix_" 87 | ``` 88 | ## Example Output 89 | 90 | ``` 91 | Finding image references from container definitions... 92 | Finding additional relatedImages as environment variables prefixed with "RELATED_IMAGE_"... 93 | 94 | The following refs were found: 95 | docker.io/memcached:1.4.36-alpine 96 | gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 97 | quay.io/agoossen/memcached-operator:latest 98 | 99 | Processing docker.io/memcached:1.4.36-alpine... 100 | Adding relatedImage... 101 | Processing tag to digest conversion... 102 | Digest is docker.io/memcached@sha256:00b68b00139155817a8b1d69d74865563def06b3af1e6fc79ac541a1b2f6b961 103 | Processing gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0... 104 | Adding relatedImage... 105 | Processing tag to digest conversion... 106 | Digest is gcr.io/kubebuilder/kube-rbac-proxy@sha256:db06cc4c084dd0253134f156dddaaf53ef1c3fb3cc809e5d81711baa4029ea4c 107 | Processing quay.io/agoossen/memcached-operator:latest... 108 | Adding relatedImage... 109 | Processing tag to digest conversion... 110 | Digest is quay.io/agoossen/memcached-operator@sha256:fe71cd9b17dfe8c7b07c452b2184a520435b59ed838ff52ca69014d6837f22d9 111 | 112 | relatedImages completed. Adding annotations... 113 | Done! Resulting CSV: 114 | 115 | apiVersion: operators.coreos.com/v1alpha1 116 | kind: ClusterServiceVersion 117 | metadata: 118 | annotations: 119 | ... 120 | createdAt: "2021-05-08T06:21:50Z" 121 | containerImage: quay.io/agoossen/memcached-operator@sha256:fe71cd9b17dfe8c7b07c452b2184a520435b59ed838ff52ca69014d6837f22d9 122 | name: memcached-operator.v0.0.1 123 | namespace: placeholder 124 | spec: 125 | ... 126 | relatedImages: 127 | - name: docker.io/memcached 128 | image: docker.io/memcached@sha256:00b68b00139155817a8b1d69d74865563def06b3af1e6fc79ac541a1b2f6b961 129 | - name: gcr.io/kubebuilder/kube-rbac-proxy 130 | image: gcr.io/kubebuilder/kube-rbac-proxy@sha256:db06cc4c084dd0253134f156dddaaf53ef1c3fb3cc809e5d81711baa4029ea4c 131 | - name: quay.io/agoossen/memcached-operator 132 | image: quay.io/agoossen/memcached-operator@sha256:fe71cd9b17dfe8c7b07c452b2184a520435b59ed838ff52ca69014d6837f22d9 133 | ``` 134 | -------------------------------------------------------------------------------- /confbatstest/requirements.txt: -------------------------------------------------------------------------------- 1 | # 2 | # This file is autogenerated by pip-compile with Python 3.12 3 | # by the following command: 4 | # 5 | # pip-compile --generate-hashes --output-file=requirements.txt requirements.in 6 | # 7 | argcomplete==3.6.3 \ 8 | --hash=sha256:62e8ed4fd6a45864acc8235409461b72c9a28ee785a2011cc5eb78318786c89c \ 9 | --hash=sha256:f5007b3a600ccac5d25bbce33089211dfd49eab4a7718da3f10e3082525a92ce 10 | # via 11 | # -r requirements.in 12 | # yq 13 | PyYAML==6.0.3 \ 14 | --hash=sha256:00c4bdeba853cc34e7dd471f16b4114f4162dc03e6b7afcc2128711f0eca823c \ 15 | --hash=sha256:0150219816b6a1fa26fb4699fb7daa9caf09eb1999f3b70fb6e786805e80375a \ 16 | --hash=sha256:02893d100e99e03eda1c8fd5c441d8c60103fd175728e23e431db1b589cf5ab3 \ 17 | --hash=sha256:02ea2dfa234451bbb8772601d7b8e426c2bfa197136796224e50e35a78777956 \ 18 | --hash=sha256:0f29edc409a6392443abf94b9cf89ce99889a1dd5376d94316ae5145dfedd5d6 \ 19 | --hash=sha256:10892704fc220243f5305762e276552a0395f7beb4dbf9b14ec8fd43b57f126c \ 20 | --hash=sha256:16249ee61e95f858e83976573de0f5b2893b3677ba71c9dd36b9cf8be9ac6d65 \ 21 | --hash=sha256:1d37d57ad971609cf3c53ba6a7e365e40660e3be0e5175fa9f2365a379d6095a \ 22 | --hash=sha256:1ebe39cb5fc479422b83de611d14e2c0d3bb2a18bbcb01f229ab3cfbd8fee7a0 \ 23 | --hash=sha256:214ed4befebe12df36bcc8bc2b64b396ca31be9304b8f59e25c11cf94a4c033b \ 24 | --hash=sha256:2283a07e2c21a2aa78d9c4442724ec1eb15f5e42a723b99cb3d822d48f5f7ad1 \ 25 | --hash=sha256:22ba7cfcad58ef3ecddc7ed1db3409af68d023b7f940da23c6c2a1890976eda6 \ 26 | --hash=sha256:27c0abcb4a5dac13684a37f76e701e054692a9b2d3064b70f5e4eb54810553d7 \ 27 | --hash=sha256:28c8d926f98f432f88adc23edf2e6d4921ac26fb084b028c733d01868d19007e \ 28 | --hash=sha256:2e71d11abed7344e42a8849600193d15b6def118602c4c176f748e4583246007 \ 29 | --hash=sha256:34d5fcd24b8445fadc33f9cf348c1047101756fd760b4dacb5c3e99755703310 \ 30 | --hash=sha256:37503bfbfc9d2c40b344d06b2199cf0e96e97957ab1c1b546fd4f87e53e5d3e4 \ 31 | --hash=sha256:3c5677e12444c15717b902a5798264fa7909e41153cdf9ef7ad571b704a63dd9 \ 32 | --hash=sha256:3ff07ec89bae51176c0549bc4c63aa6202991da2d9a6129d7aef7f1407d3f295 \ 33 | --hash=sha256:41715c910c881bc081f1e8872880d3c650acf13dfa8214bad49ed4cede7c34ea \ 34 | --hash=sha256:418cf3f2111bc80e0933b2cd8cd04f286338bb88bdc7bc8e6dd775ebde60b5e0 \ 35 | --hash=sha256:44edc647873928551a01e7a563d7452ccdebee747728c1080d881d68af7b997e \ 36 | --hash=sha256:4a2e8cebe2ff6ab7d1050ecd59c25d4c8bd7e6f400f5f82b96557ac0abafd0ac \ 37 | --hash=sha256:4ad1906908f2f5ae4e5a8ddfce73c320c2a1429ec52eafd27138b7f1cbe341c9 \ 38 | --hash=sha256:501a031947e3a9025ed4405a168e6ef5ae3126c59f90ce0cd6f2bfc477be31b7 \ 39 | --hash=sha256:5190d403f121660ce8d1d2c1bb2ef1bd05b5f68533fc5c2ea899bd15f4399b35 \ 40 | --hash=sha256:5498cd1645aa724a7c71c8f378eb29ebe23da2fc0d7a08071d89469bf1d2defb \ 41 | --hash=sha256:5cf4e27da7e3fbed4d6c3d8e797387aaad68102272f8f9752883bc32d61cb87b \ 42 | --hash=sha256:5e0b74767e5f8c593e8c9b5912019159ed0533c70051e9cce3e8b6aa699fcd69 \ 43 | --hash=sha256:5ed875a24292240029e4483f9d4a4b8a1ae08843b9c54f43fcc11e404532a8a5 \ 44 | --hash=sha256:5fcd34e47f6e0b794d17de1b4ff496c00986e1c83f7ab2fb8fcfe9616ff7477b \ 45 | --hash=sha256:5fdec68f91a0c6739b380c83b951e2c72ac0197ace422360e6d5a959d8d97b2c \ 46 | --hash=sha256:6344df0d5755a2c9a276d4473ae6b90647e216ab4757f8426893b5dd2ac3f369 \ 47 | --hash=sha256:64386e5e707d03a7e172c0701abfb7e10f0fb753ee1d773128192742712a98fd \ 48 | --hash=sha256:652cb6edd41e718550aad172851962662ff2681490a8a711af6a4d288dd96824 \ 49 | --hash=sha256:66291b10affd76d76f54fad28e22e51719ef9ba22b29e1d7d03d6777a9174198 \ 50 | --hash=sha256:66e1674c3ef6f541c35191caae2d429b967b99e02040f5ba928632d9a7f0f065 \ 51 | --hash=sha256:6adc77889b628398debc7b65c073bcb99c4a0237b248cacaf3fe8a557563ef6c \ 52 | --hash=sha256:79005a0d97d5ddabfeeea4cf676af11e647e41d81c9a7722a193022accdb6b7c \ 53 | --hash=sha256:7c6610def4f163542a622a73fb39f534f8c101d690126992300bf3207eab9764 \ 54 | --hash=sha256:7f047e29dcae44602496db43be01ad42fc6f1cc0d8cd6c83d342306c32270196 \ 55 | --hash=sha256:8098f252adfa6c80ab48096053f512f2321f0b998f98150cea9bd23d83e1467b \ 56 | --hash=sha256:850774a7879607d3a6f50d36d04f00ee69e7fc816450e5f7e58d7f17f1ae5c00 \ 57 | --hash=sha256:8d1fab6bb153a416f9aeb4b8763bc0f22a5586065f86f7664fc23339fc1c1fac \ 58 | --hash=sha256:8da9669d359f02c0b91ccc01cac4a67f16afec0dac22c2ad09f46bee0697eba8 \ 59 | --hash=sha256:8dc52c23056b9ddd46818a57b78404882310fb473d63f17b07d5c40421e47f8e \ 60 | --hash=sha256:9149cad251584d5fb4981be1ecde53a1ca46c891a79788c0df828d2f166bda28 \ 61 | --hash=sha256:93dda82c9c22deb0a405ea4dc5f2d0cda384168e466364dec6255b293923b2f3 \ 62 | --hash=sha256:96b533f0e99f6579b3d4d4995707cf36df9100d67e0c8303a0c55b27b5f99bc5 \ 63 | --hash=sha256:9c57bb8c96f6d1808c030b1687b9b5fb476abaa47f0db9c0101f5e9f394e97f4 \ 64 | --hash=sha256:9c7708761fccb9397fe64bbc0395abcae8c4bf7b0eac081e12b809bf47700d0b \ 65 | --hash=sha256:9f3bfb4965eb874431221a3ff3fdcddc7e74e3b07799e0e84ca4a0f867d449bf \ 66 | --hash=sha256:a33284e20b78bd4a18c8c2282d549d10bc8408a2a7ff57653c0cf0b9be0afce5 \ 67 | --hash=sha256:a80cb027f6b349846a3bf6d73b5e95e782175e52f22108cfa17876aaeff93702 \ 68 | --hash=sha256:b30236e45cf30d2b8e7b3e85881719e98507abed1011bf463a8fa23e9c3e98a8 \ 69 | --hash=sha256:b3bc83488de33889877a0f2543ade9f70c67d66d9ebb4ac959502e12de895788 \ 70 | --hash=sha256:b865addae83924361678b652338317d1bd7e79b1f4596f96b96c77a5a34b34da \ 71 | --hash=sha256:b8bb0864c5a28024fac8a632c443c87c5aa6f215c0b126c449ae1a150412f31d \ 72 | --hash=sha256:ba1cc08a7ccde2d2ec775841541641e4548226580ab850948cbfda66a1befcdc \ 73 | --hash=sha256:bdb2c67c6c1390b63c6ff89f210c8fd09d9a1217a465701eac7316313c915e4c \ 74 | --hash=sha256:c1ff362665ae507275af2853520967820d9124984e0f7466736aea23d8611fba \ 75 | --hash=sha256:c2514fceb77bc5e7a2f7adfaa1feb2fb311607c9cb518dbc378688ec73d8292f \ 76 | --hash=sha256:c3355370a2c156cffb25e876646f149d5d68f5e0a3ce86a5084dd0b64a994917 \ 77 | --hash=sha256:c458b6d084f9b935061bc36216e8a69a7e293a2f1e68bf956dcd9e6cbcd143f5 \ 78 | --hash=sha256:d0eae10f8159e8fdad514efdc92d74fd8d682c933a6dd088030f3834bc8e6b26 \ 79 | --hash=sha256:d76623373421df22fb4cf8817020cbb7ef15c725b9d5e45f17e189bfc384190f \ 80 | --hash=sha256:ebc55a14a21cb14062aa4162f906cd962b28e2e9ea38f9b4391244cd8de4ae0b \ 81 | --hash=sha256:eda16858a3cab07b80edaf74336ece1f986ba330fdb8ee0d6c0d68fe82bc96be \ 82 | --hash=sha256:ee2922902c45ae8ccada2c5b501ab86c36525b883eff4255313a253a3160861c \ 83 | --hash=sha256:efd7b85f94a6f21e4932043973a7ba2613b059c4a000551892ac9f1d11f5baf3 \ 84 | --hash=sha256:f7057c9a337546edc7973c0d3ba84ddcdf0daa14533c2065749c9075001090e6 \ 85 | --hash=sha256:fa160448684b4e94d80416c0fa4aac48967a969efe22931448d853ada8baf926 \ 86 | --hash=sha256:fc09d0aa354569bc501d4e787133afc08552722d3ab34836a80547331bb5d4a0 87 | # via 88 | # -r requirements.in 89 | # yq 90 | tomlkit==0.13.3 \ 91 | --hash=sha256:430cf247ee57df2b94ee3fbe588e71d362a941ebb545dec29b53961d61add2a1 \ 92 | --hash=sha256:c89c649d79ee40629a9fda55f8ace8c6a1b42deb912b2a8fd8d942ddadb606b0 93 | # via 94 | # -r requirements.in 95 | # yq 96 | xmltodict==1.0.2 \ 97 | --hash=sha256:54306780b7c2175a3967cad1db92f218207e5bc1aba697d887807c0fb68b7649 \ 98 | --hash=sha256:62d0fddb0dcbc9f642745d8bbf4d81fd17d6dfaec5a15b5c1876300aad92af0d 99 | # via 100 | # -r requirements.in 101 | # yq 102 | yq==3.4.3 \ 103 | --hash=sha256:547e34bc3caacce83665fd3429bf7c85f8e8b6b9aaee3f953db1ad716ff3434d \ 104 | --hash=sha256:ba586a1a6f30cf705b2f92206712df2281cd320280210e7b7b80adcb8f256e3b 105 | # via -r requirements.in 106 | 107 | # WARNING: The following packages were not pinned, but pip requires them to be 108 | # pinned when the requirements file includes hashes and the requirement is not 109 | # satisfied by a package already installed. Consider using the --allow-unsafe flag. 110 | # pip 111 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | 2 | Apache License 3 | Version 2.0, January 2004 4 | http://www.apache.org/licenses/ 5 | 6 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 7 | 8 | 1. Definitions. 9 | 10 | "License" shall mean the terms and conditions for use, reproduction, 11 | and distribution as defined by Sections 1 through 9 of this document. 12 | 13 | "Licensor" shall mean the copyright owner or entity authorized by 14 | the copyright owner that is granting the License. 15 | 16 | "Legal Entity" shall mean the union of the acting entity and all 17 | other entities that control, are controlled by, or are under common 18 | control with that entity. For the purposes of this definition, 19 | "control" means (i) the power, direct or indirect, to cause the 20 | direction or management of such entity, whether by contract or 21 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 22 | outstanding shares, or (iii) beneficial ownership of such entity. 23 | 24 | "You" (or "Your") shall mean an individual or Legal Entity 25 | exercising permissions granted by this License. 26 | 27 | "Source" form shall mean the preferred form for making modifications, 28 | including but not limited to software source code, documentation 29 | source, and configuration files. 30 | 31 | "Object" form shall mean any form resulting from mechanical 32 | transformation or translation of a Source form, including but 33 | not limited to compiled object code, generated documentation, 34 | and conversions to other media types. 35 | 36 | "Work" shall mean the work of authorship, whether in Source or 37 | Object form, made available under the License, as indicated by a 38 | copyright notice that is included in or attached to the work 39 | (an example is provided in the Appendix below). 40 | 41 | "Derivative Works" shall mean any work, whether in Source or Object 42 | form, that is based on (or derived from) the Work and for which the 43 | editorial revisions, annotations, elaborations, or other modifications 44 | represent, as a whole, an original work of authorship. For the purposes 45 | of this License, Derivative Works shall not include works that remain 46 | separable from, or merely link (or bind by name) to the interfaces of, 47 | the Work and Derivative Works thereof. 48 | 49 | "Contribution" shall mean any work of authorship, including 50 | the original version of the Work and any modifications or additions 51 | to that Work or Derivative Works thereof, that is intentionally 52 | submitted to Licensor for inclusion in the Work by the copyright owner 53 | or by an individual or Legal Entity authorized to submit on behalf of 54 | the copyright owner. For the purposes of this definition, "submitted" 55 | means any form of electronic, verbal, or written communication sent 56 | to the Licensor or its representatives, including but not limited to 57 | communication on electronic mailing lists, source code control systems, 58 | and issue tracking systems that are managed by, or on behalf of, the 59 | Licensor for the purpose of discussing and improving the Work, but 60 | excluding communication that is conspicuously marked or otherwise 61 | designated in writing by the copyright owner as "Not a Contribution." 62 | 63 | "Contributor" shall mean Licensor and any individual or Legal Entity 64 | on behalf of whom a Contribution has been received by Licensor and 65 | subsequently incorporated within the Work. 66 | 67 | 2. Grant of Copyright License. Subject to the terms and conditions of 68 | this License, each Contributor hereby grants to You a perpetual, 69 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 70 | copyright license to reproduce, prepare Derivative Works of, 71 | publicly display, publicly perform, sublicense, and distribute the 72 | Work and such Derivative Works in Source or Object form. 73 | 74 | 3. Grant of Patent License. Subject to the terms and conditions of 75 | this License, each Contributor hereby grants to You a perpetual, 76 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 77 | (except as stated in this section) patent license to make, have made, 78 | use, offer to sell, sell, import, and otherwise transfer the Work, 79 | where such license applies only to those patent claims licensable 80 | by such Contributor that are necessarily infringed by their 81 | Contribution(s) alone or by combination of their Contribution(s) 82 | with the Work to which such Contribution(s) was submitted. If You 83 | institute patent litigation against any entity (including a 84 | cross-claim or counterclaim in a lawsuit) alleging that the Work 85 | or a Contribution incorporated within the Work constitutes direct 86 | or contributory patent infringement, then any patent licenses 87 | granted to You under this License for that Work shall terminate 88 | as of the date such litigation is filed. 89 | 90 | 4. Redistribution. You may reproduce and distribute copies of the 91 | Work or Derivative Works thereof in any medium, with or without 92 | modifications, and in Source or Object form, provided that You 93 | meet the following conditions: 94 | 95 | (a) You must give any other recipients of the Work or 96 | Derivative Works a copy of this License; and 97 | 98 | (b) You must cause any modified files to carry prominent notices 99 | stating that You changed the files; and 100 | 101 | (c) You must retain, in the Source form of any Derivative Works 102 | that You distribute, all copyright, patent, trademark, and 103 | attribution notices from the Source form of the Work, 104 | excluding those notices that do not pertain to any part of 105 | the Derivative Works; and 106 | 107 | (d) If the Work includes a "NOTICE" text file as part of its 108 | distribution, then any Derivative Works that You distribute must 109 | include a readable copy of the attribution notices contained 110 | within such NOTICE file, excluding those notices that do not 111 | pertain to any part of the Derivative Works, in at least one 112 | of the following places: within a NOTICE text file distributed 113 | as part of the Derivative Works; within the Source form or 114 | documentation, if provided along with the Derivative Works; or, 115 | within a display generated by the Derivative Works, if and 116 | wherever such third-party notices normally appear. The contents 117 | of the NOTICE file are for informational purposes only and 118 | do not modify the License. You may add Your own attribution 119 | notices within Derivative Works that You distribute, alongside 120 | or as an addendum to the NOTICE text from the Work, provided 121 | that such additional attribution notices cannot be construed 122 | as modifying the License. 123 | 124 | You may add Your own copyright statement to Your modifications and 125 | may provide additional or different license terms and conditions 126 | for use, reproduction, or distribution of Your modifications, or 127 | for any such Derivative Works as a whole, provided Your use, 128 | reproduction, and distribution of the Work otherwise complies with 129 | the conditions stated in this License. 130 | 131 | 5. Submission of Contributions. Unless You explicitly state otherwise, 132 | any Contribution intentionally submitted for inclusion in the Work 133 | by You to the Licensor shall be under the terms and conditions of 134 | this License, without any additional terms or conditions. 135 | Notwithstanding the above, nothing herein shall supersede or modify 136 | the terms of any separate license agreement you may have executed 137 | with Licensor regarding such Contributions. 138 | 139 | 6. Trademarks. This License does not grant permission to use the trade 140 | names, trademarks, service marks, or product names of the Licensor, 141 | except as required for reasonable and customary use in describing the 142 | origin of the Work and reproducing the content of the NOTICE file. 143 | 144 | 7. Disclaimer of Warranty. Unless required by applicable law or 145 | agreed to in writing, Licensor provides the Work (and each 146 | Contributor provides its Contributions) on an "AS IS" BASIS, 147 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 148 | implied, including, without limitation, any warranties or conditions 149 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 150 | PARTICULAR PURPOSE. You are solely responsible for determining the 151 | appropriateness of using or redistributing the Work and assume any 152 | risks associated with Your exercise of permissions under this License. 153 | 154 | 8. Limitation of Liability. In no event and under no legal theory, 155 | whether in tort (including negligence), contract, or otherwise, 156 | unless required by applicable law (such as deliberate and grossly 157 | negligent acts) or agreed to in writing, shall any Contributor be 158 | liable to You for damages, including any direct, indirect, special, 159 | incidental, or consequential damages of any character arising as a 160 | result of this License or out of the use or inability to use the 161 | Work (including but not limited to damages for loss of goodwill, 162 | work stoppage, computer failure or malfunction, or any and all 163 | other commercial damages or losses), even if such Contributor 164 | has been advised of the possibility of such damages. 165 | 166 | 9. Accepting Warranty or Additional Liability. While redistributing 167 | the Work or Derivative Works thereof, You may choose to offer, 168 | and charge a fee for, acceptance of support, warranty, indemnity, 169 | or other liability obligations and/or rights consistent with this 170 | License. However, in accepting such obligations, You may act only 171 | on Your own behalf and on Your sole responsibility, not on behalf 172 | of any other Contributor, and only if You agree to indemnify, 173 | defend, and hold each Contributor harmless for any liability 174 | incurred by, or claims asserted against, such Contributor by reason 175 | of your accepting any such warranty or additional liability. 176 | 177 | END OF TERMS AND CONDITIONS 178 | 179 | APPENDIX: How to apply the Apache License to your work. 180 | 181 | To apply the Apache License to your work, attach the following 182 | boilerplate notice, with the fields enclosed by brackets "[]" 183 | replaced with your own identifying information. (Don't include 184 | the brackets!) The text should be enclosed in the appropriate 185 | comment syntax for the file format. We also recommend that a 186 | file or class name and description of purpose be included on the 187 | same "printed page" as the copyright notice for easier 188 | identification within third-party archives. 189 | 190 | Copyright [yyyy] [name of copyright owner] 191 | 192 | Licensed under the Apache License, Version 2.0 (the "License"); 193 | you may not use this file except in compliance with the License. 194 | You may obtain a copy of the License at 195 | 196 | http://www.apache.org/licenses/LICENSE-2.0 197 | 198 | Unless required by applicable law or agreed to in writing, software 199 | distributed under the License is distributed on an "AS IS" BASIS, 200 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 201 | See the License for the specific language governing permissions and 202 | limitations under the License. 203 | -------------------------------------------------------------------------------- /redhat-csp-download/ansible/requirements.txt: -------------------------------------------------------------------------------- 1 | # 2 | # This file is autogenerated by pip-compile with Python 3.12 3 | # by the following command: 4 | # 5 | # pip-compile --generate-hashes --output-file=requirements.txt requirements.in 6 | # 7 | ansible==11.1.0 \ 8 | --hash=sha256:bbaf7073993f019fc0293fc8b76c7b215081831957c28eb020f12c270a16e8f0 \ 9 | --hash=sha256:d01b425990d960d2a33fc378e1b73dbca1c0e28bc22f4056ab6b3c8e9ae74fba 10 | # via -r requirements.in 11 | ansible-core==2.18.1 \ 12 | --hash=sha256:14cac1f92bbdae881cb0616eddeb17925e8cb507e486087975e724533d9de74f \ 13 | --hash=sha256:4a312e416e09c7271188d6b8e2b1062fc6834fefd6a1814d0e02fb8aadb3e1ba 14 | # via 15 | # -r requirements.in 16 | # ansible 17 | certifi==2024.12.14 \ 18 | --hash=sha256:1275f7a45be9464efc1173084eaa30f866fe2e47d389406136d332ed4967ec56 \ 19 | --hash=sha256:b650d30f370c2b724812bee08008be0c4163b163ddaec3f2546c1caf65f191db 20 | # via 21 | # -r requirements.in 22 | # requests 23 | cffi==1.17.1 \ 24 | --hash=sha256:045d61c734659cc045141be4bae381a41d89b741f795af1dd018bfb532fd0df8 \ 25 | --hash=sha256:0984a4925a435b1da406122d4d7968dd861c1385afe3b45ba82b750f229811e2 \ 26 | --hash=sha256:0e2b1fac190ae3ebfe37b979cc1ce69c81f4e4fe5746bb401dca63a9062cdaf1 \ 27 | --hash=sha256:0f048dcf80db46f0098ccac01132761580d28e28bc0f78ae0d58048063317e15 \ 28 | --hash=sha256:1257bdabf294dceb59f5e70c64a3e2f462c30c7ad68092d01bbbfb1c16b1ba36 \ 29 | --hash=sha256:1c39c6016c32bc48dd54561950ebd6836e1670f2ae46128f67cf49e789c52824 \ 30 | --hash=sha256:1d599671f396c4723d016dbddb72fe8e0397082b0a77a4fab8028923bec050e8 \ 31 | --hash=sha256:28b16024becceed8c6dfbc75629e27788d8a3f9030691a1dbf9821a128b22c36 \ 32 | --hash=sha256:2bb1a08b8008b281856e5971307cc386a8e9c5b625ac297e853d36da6efe9c17 \ 33 | --hash=sha256:30c5e0cb5ae493c04c8b42916e52ca38079f1b235c2f8ae5f4527b963c401caf \ 34 | --hash=sha256:31000ec67d4221a71bd3f67df918b1f88f676f1c3b535a7eb473255fdc0b83fc \ 35 | --hash=sha256:386c8bf53c502fff58903061338ce4f4950cbdcb23e2902d86c0f722b786bbe3 \ 36 | --hash=sha256:3edc8d958eb099c634dace3c7e16560ae474aa3803a5df240542b305d14e14ed \ 37 | --hash=sha256:45398b671ac6d70e67da8e4224a065cec6a93541bb7aebe1b198a61b58c7b702 \ 38 | --hash=sha256:46bf43160c1a35f7ec506d254e5c890f3c03648a4dbac12d624e4490a7046cd1 \ 39 | --hash=sha256:4ceb10419a9adf4460ea14cfd6bc43d08701f0835e979bf821052f1805850fe8 \ 40 | --hash=sha256:51392eae71afec0d0c8fb1a53b204dbb3bcabcb3c9b807eedf3e1e6ccf2de903 \ 41 | --hash=sha256:5da5719280082ac6bd9aa7becb3938dc9f9cbd57fac7d2871717b1feb0902ab6 \ 42 | --hash=sha256:610faea79c43e44c71e1ec53a554553fa22321b65fae24889706c0a84d4ad86d \ 43 | --hash=sha256:636062ea65bd0195bc012fea9321aca499c0504409f413dc88af450b57ffd03b \ 44 | --hash=sha256:6883e737d7d9e4899a8a695e00ec36bd4e5e4f18fabe0aca0efe0a4b44cdb13e \ 45 | --hash=sha256:6b8b4a92e1c65048ff98cfe1f735ef8f1ceb72e3d5f0c25fdb12087a23da22be \ 46 | --hash=sha256:6f17be4345073b0a7b8ea599688f692ac3ef23ce28e5df79c04de519dbc4912c \ 47 | --hash=sha256:706510fe141c86a69c8ddc029c7910003a17353970cff3b904ff0686a5927683 \ 48 | --hash=sha256:72e72408cad3d5419375fc87d289076ee319835bdfa2caad331e377589aebba9 \ 49 | --hash=sha256:733e99bc2df47476e3848417c5a4540522f234dfd4ef3ab7fafdf555b082ec0c \ 50 | --hash=sha256:7596d6620d3fa590f677e9ee430df2958d2d6d6de2feeae5b20e82c00b76fbf8 \ 51 | --hash=sha256:78122be759c3f8a014ce010908ae03364d00a1f81ab5c7f4a7a5120607ea56e1 \ 52 | --hash=sha256:805b4371bf7197c329fcb3ead37e710d1bca9da5d583f5073b799d5c5bd1eee4 \ 53 | --hash=sha256:85a950a4ac9c359340d5963966e3e0a94a676bd6245a4b55bc43949eee26a655 \ 54 | --hash=sha256:8f2cdc858323644ab277e9bb925ad72ae0e67f69e804f4898c070998d50b1a67 \ 55 | --hash=sha256:9755e4345d1ec879e3849e62222a18c7174d65a6a92d5b346b1863912168b595 \ 56 | --hash=sha256:98e3969bcff97cae1b2def8ba499ea3d6f31ddfdb7635374834cf89a1a08ecf0 \ 57 | --hash=sha256:a08d7e755f8ed21095a310a693525137cfe756ce62d066e53f502a83dc550f65 \ 58 | --hash=sha256:a1ed2dd2972641495a3ec98445e09766f077aee98a1c896dcb4ad0d303628e41 \ 59 | --hash=sha256:a24ed04c8ffd54b0729c07cee15a81d964e6fee0e3d4d342a27b020d22959dc6 \ 60 | --hash=sha256:a45e3c6913c5b87b3ff120dcdc03f6131fa0065027d0ed7ee6190736a74cd401 \ 61 | --hash=sha256:a9b15d491f3ad5d692e11f6b71f7857e7835eb677955c00cc0aefcd0669adaf6 \ 62 | --hash=sha256:ad9413ccdeda48c5afdae7e4fa2192157e991ff761e7ab8fdd8926f40b160cc3 \ 63 | --hash=sha256:b2ab587605f4ba0bf81dc0cb08a41bd1c0a5906bd59243d56bad7668a6fc6c16 \ 64 | --hash=sha256:b62ce867176a75d03a665bad002af8e6d54644fad99a3c70905c543130e39d93 \ 65 | --hash=sha256:c03e868a0b3bc35839ba98e74211ed2b05d2119be4e8a0f224fba9384f1fe02e \ 66 | --hash=sha256:c59d6e989d07460165cc5ad3c61f9fd8f1b4796eacbd81cee78957842b834af4 \ 67 | --hash=sha256:c7eac2ef9b63c79431bc4b25f1cd649d7f061a28808cbc6c47b534bd789ef964 \ 68 | --hash=sha256:c9c3d058ebabb74db66e431095118094d06abf53284d9c81f27300d0e0d8bc7c \ 69 | --hash=sha256:ca74b8dbe6e8e8263c0ffd60277de77dcee6c837a3d0881d8c1ead7268c9e576 \ 70 | --hash=sha256:caaf0640ef5f5517f49bc275eca1406b0ffa6aa184892812030f04c2abf589a0 \ 71 | --hash=sha256:cdf5ce3acdfd1661132f2a9c19cac174758dc2352bfe37d98aa7512c6b7178b3 \ 72 | --hash=sha256:d016c76bdd850f3c626af19b0542c9677ba156e4ee4fccfdd7848803533ef662 \ 73 | --hash=sha256:d01b12eeeb4427d3110de311e1774046ad344f5b1a7403101878976ecd7a10f3 \ 74 | --hash=sha256:d63afe322132c194cf832bfec0dc69a99fb9bb6bbd550f161a49e9e855cc78ff \ 75 | --hash=sha256:da95af8214998d77a98cc14e3a3bd00aa191526343078b530ceb0bd710fb48a5 \ 76 | --hash=sha256:dd398dbc6773384a17fe0d3e7eeb8d1a21c2200473ee6806bb5e6a8e62bb73dd \ 77 | --hash=sha256:de2ea4b5833625383e464549fec1bc395c1bdeeb5f25c4a3a82b5a8c756ec22f \ 78 | --hash=sha256:de55b766c7aa2e2a3092c51e0483d700341182f08e67c63630d5b6f200bb28e5 \ 79 | --hash=sha256:df8b1c11f177bc2313ec4b2d46baec87a5f3e71fc8b45dab2ee7cae86d9aba14 \ 80 | --hash=sha256:e03eab0a8677fa80d646b5ddece1cbeaf556c313dcfac435ba11f107ba117b5d \ 81 | --hash=sha256:e221cf152cff04059d011ee126477f0d9588303eb57e88923578ace7baad17f9 \ 82 | --hash=sha256:e31ae45bc2e29f6b2abd0de1cc3b9d5205aa847cafaecb8af1476a609a2f6eb7 \ 83 | --hash=sha256:edae79245293e15384b51f88b00613ba9f7198016a5948b5dddf4917d4d26382 \ 84 | --hash=sha256:f1e22e8c4419538cb197e4dd60acc919d7696e5ef98ee4da4e01d3f8cfa4cc5a \ 85 | --hash=sha256:f3a2b4222ce6b60e2e8b337bb9596923045681d71e5a082783484d845390938e \ 86 | --hash=sha256:f6a16c31041f09ead72d69f583767292f750d24913dadacf5756b966aacb3f1a \ 87 | --hash=sha256:f75c7ab1f9e4aca5414ed4d8e5c0e303a34f4421f8a0d47a4d019ceff0ab6af4 \ 88 | --hash=sha256:f79fc4fc25f1c8698ff97788206bb3c2598949bfe0fef03d299eb1b5356ada99 \ 89 | --hash=sha256:f7f5baafcc48261359e14bcd6d9bff6d4b28d9103847c9e136694cb0501aef87 \ 90 | --hash=sha256:fc48c783f9c87e60831201f2cce7f3b2e4846bf4d8728eabe54d60700b318a0b 91 | # via 92 | # -r requirements.in 93 | # cryptography 94 | charset-normalizer==3.4.0 \ 95 | --hash=sha256:0099d79bdfcf5c1f0c2c72f91516702ebf8b0b8ddd8905f97a8aecf49712c621 \ 96 | --hash=sha256:0713f3adb9d03d49d365b70b84775d0a0d18e4ab08d12bc46baa6132ba78aaf6 \ 97 | --hash=sha256:07afec21bbbbf8a5cc3651aa96b980afe2526e7f048fdfb7f1014d84acc8b6d8 \ 98 | --hash=sha256:0b309d1747110feb25d7ed6b01afdec269c647d382c857ef4663bbe6ad95a912 \ 99 | --hash=sha256:0d99dd8ff461990f12d6e42c7347fd9ab2532fb70e9621ba520f9e8637161d7c \ 100 | --hash=sha256:0de7b687289d3c1b3e8660d0741874abe7888100efe14bd0f9fd7141bcbda92b \ 101 | --hash=sha256:1110e22af8ca26b90bd6364fe4c763329b0ebf1ee213ba32b68c73de5752323d \ 102 | --hash=sha256:130272c698667a982a5d0e626851ceff662565379baf0ff2cc58067b81d4f11d \ 103 | --hash=sha256:136815f06a3ae311fae551c3df1f998a1ebd01ddd424aa5603a4336997629e95 \ 104 | --hash=sha256:14215b71a762336254351b00ec720a8e85cada43b987da5a042e4ce3e82bd68e \ 105 | --hash=sha256:1db4e7fefefd0f548d73e2e2e041f9df5c59e178b4c72fbac4cc6f535cfb1565 \ 106 | --hash=sha256:1ffd9493de4c922f2a38c2bf62b831dcec90ac673ed1ca182fe11b4d8e9f2a64 \ 107 | --hash=sha256:2006769bd1640bdf4d5641c69a3d63b71b81445473cac5ded39740a226fa88ab \ 108 | --hash=sha256:20587d20f557fe189b7947d8e7ec5afa110ccf72a3128d61a2a387c3313f46be \ 109 | --hash=sha256:223217c3d4f82c3ac5e29032b3f1c2eb0fb591b72161f86d93f5719079dae93e \ 110 | --hash=sha256:27623ba66c183eca01bf9ff833875b459cad267aeeb044477fedac35e19ba907 \ 111 | --hash=sha256:285e96d9d53422efc0d7a17c60e59f37fbf3dfa942073f666db4ac71e8d726d0 \ 112 | --hash=sha256:2de62e8801ddfff069cd5c504ce3bc9672b23266597d4e4f50eda28846c322f2 \ 113 | --hash=sha256:2f6c34da58ea9c1a9515621f4d9ac379871a8f21168ba1b5e09d74250de5ad62 \ 114 | --hash=sha256:309a7de0a0ff3040acaebb35ec45d18db4b28232f21998851cfa709eeff49d62 \ 115 | --hash=sha256:35c404d74c2926d0287fbd63ed5d27eb911eb9e4a3bb2c6d294f3cfd4a9e0c23 \ 116 | --hash=sha256:3710a9751938947e6327ea9f3ea6332a09bf0ba0c09cae9cb1f250bd1f1549bc \ 117 | --hash=sha256:3d59d125ffbd6d552765510e3f31ed75ebac2c7470c7274195b9161a32350284 \ 118 | --hash=sha256:40d3ff7fc90b98c637bda91c89d51264a3dcf210cade3a2c6f838c7268d7a4ca \ 119 | --hash=sha256:425c5f215d0eecee9a56cdb703203dda90423247421bf0d67125add85d0c4455 \ 120 | --hash=sha256:43193c5cda5d612f247172016c4bb71251c784d7a4d9314677186a838ad34858 \ 121 | --hash=sha256:44aeb140295a2f0659e113b31cfe92c9061622cadbc9e2a2f7b8ef6b1e29ef4b \ 122 | --hash=sha256:47334db71978b23ebcf3c0f9f5ee98b8d65992b65c9c4f2d34c2eaf5bcaf0594 \ 123 | --hash=sha256:4796efc4faf6b53a18e3d46343535caed491776a22af773f366534056c4e1fbc \ 124 | --hash=sha256:4a51b48f42d9358460b78725283f04bddaf44a9358197b889657deba38f329db \ 125 | --hash=sha256:4b67fdab07fdd3c10bb21edab3cbfe8cf5696f453afce75d815d9d7223fbe88b \ 126 | --hash=sha256:4ec9dd88a5b71abfc74e9df5ebe7921c35cbb3b641181a531ca65cdb5e8e4dea \ 127 | --hash=sha256:4f9fc98dad6c2eaa32fc3af1417d95b5e3d08aff968df0cd320066def971f9a6 \ 128 | --hash=sha256:54b6a92d009cbe2fb11054ba694bc9e284dad30a26757b1e372a1fdddaf21920 \ 129 | --hash=sha256:55f56e2ebd4e3bc50442fbc0888c9d8c94e4e06a933804e2af3e89e2f9c1c749 \ 130 | --hash=sha256:5726cf76c982532c1863fb64d8c6dd0e4c90b6ece9feb06c9f202417a31f7dd7 \ 131 | --hash=sha256:5d447056e2ca60382d460a604b6302d8db69476fd2015c81e7c35417cfabe4cd \ 132 | --hash=sha256:5ed2e36c3e9b4f21dd9422f6893dec0abf2cca553af509b10cd630f878d3eb99 \ 133 | --hash=sha256:5ff2ed8194587faf56555927b3aa10e6fb69d931e33953943bc4f837dfee2242 \ 134 | --hash=sha256:62f60aebecfc7f4b82e3f639a7d1433a20ec32824db2199a11ad4f5e146ef5ee \ 135 | --hash=sha256:63bc5c4ae26e4bc6be6469943b8253c0fd4e4186c43ad46e713ea61a0ba49129 \ 136 | --hash=sha256:6b40e8d38afe634559e398cc32b1472f376a4099c75fe6299ae607e404c033b2 \ 137 | --hash=sha256:6b493a043635eb376e50eedf7818f2f322eabbaa974e948bd8bdd29eb7ef2a51 \ 138 | --hash=sha256:6dba5d19c4dfab08e58d5b36304b3f92f3bd5d42c1a3fa37b5ba5cdf6dfcbcee \ 139 | --hash=sha256:6fd30dc99682dc2c603c2b315bded2799019cea829f8bf57dc6b61efde6611c8 \ 140 | --hash=sha256:707b82d19e65c9bd28b81dde95249b07bf9f5b90ebe1ef17d9b57473f8a64b7b \ 141 | --hash=sha256:7706f5850360ac01d80c89bcef1640683cc12ed87f42579dab6c5d3ed6888613 \ 142 | --hash=sha256:7782afc9b6b42200f7362858f9e73b1f8316afb276d316336c0ec3bd73312742 \ 143 | --hash=sha256:79983512b108e4a164b9c8d34de3992f76d48cadc9554c9e60b43f308988aabe \ 144 | --hash=sha256:7f683ddc7eedd742e2889d2bfb96d69573fde1d92fcb811979cdb7165bb9c7d3 \ 145 | --hash=sha256:82357d85de703176b5587dbe6ade8ff67f9f69a41c0733cf2425378b49954de5 \ 146 | --hash=sha256:84450ba661fb96e9fd67629b93d2941c871ca86fc38d835d19d4225ff946a631 \ 147 | --hash=sha256:86f4e8cca779080f66ff4f191a685ced73d2f72d50216f7112185dc02b90b9b7 \ 148 | --hash=sha256:8cda06946eac330cbe6598f77bb54e690b4ca93f593dee1568ad22b04f347c15 \ 149 | --hash=sha256:8ce7fd6767a1cc5a92a639b391891bf1c268b03ec7e021c7d6d902285259685c \ 150 | --hash=sha256:8ff4e7cdfdb1ab5698e675ca622e72d58a6fa2a8aa58195de0c0061288e6e3ea \ 151 | --hash=sha256:9289fd5dddcf57bab41d044f1756550f9e7cf0c8e373b8cdf0ce8773dc4bd417 \ 152 | --hash=sha256:92a7e36b000bf022ef3dbb9c46bfe2d52c047d5e3f3343f43204263c5addc250 \ 153 | --hash=sha256:92db3c28b5b2a273346bebb24857fda45601aef6ae1c011c0a997106581e8a88 \ 154 | --hash=sha256:95c3c157765b031331dd4db3c775e58deaee050a3042fcad72cbc4189d7c8dca \ 155 | --hash=sha256:980b4f289d1d90ca5efcf07958d3eb38ed9c0b7676bf2831a54d4f66f9c27dfa \ 156 | --hash=sha256:9ae4ef0b3f6b41bad6366fb0ea4fc1d7ed051528e113a60fa2a65a9abb5b1d99 \ 157 | --hash=sha256:9c98230f5042f4945f957d006edccc2af1e03ed5e37ce7c373f00a5a4daa6149 \ 158 | --hash=sha256:9fa2566ca27d67c86569e8c85297aaf413ffab85a8960500f12ea34ff98e4c41 \ 159 | --hash=sha256:a14969b8691f7998e74663b77b4c36c0337cb1df552da83d5c9004a93afdb574 \ 160 | --hash=sha256:a8aacce6e2e1edcb6ac625fb0f8c3a9570ccc7bfba1f63419b3769ccf6a00ed0 \ 161 | --hash=sha256:a8e538f46104c815be19c975572d74afb53f29650ea2025bbfaef359d2de2f7f \ 162 | --hash=sha256:aa41e526a5d4a9dfcfbab0716c7e8a1b215abd3f3df5a45cf18a12721d31cb5d \ 163 | --hash=sha256:aa693779a8b50cd97570e5a0f343538a8dbd3e496fa5dcb87e29406ad0299654 \ 164 | --hash=sha256:ab22fbd9765e6954bc0bcff24c25ff71dcbfdb185fcdaca49e81bac68fe724d3 \ 165 | --hash=sha256:ab2e5bef076f5a235c3774b4f4028a680432cded7cad37bba0fd90d64b187d19 \ 166 | --hash=sha256:ab973df98fc99ab39080bfb0eb3a925181454d7c3ac8a1e695fddfae696d9e90 \ 167 | --hash=sha256:af73657b7a68211996527dbfeffbb0864e043d270580c5aef06dc4b659a4b578 \ 168 | --hash=sha256:b197e7094f232959f8f20541ead1d9862ac5ebea1d58e9849c1bf979255dfac9 \ 169 | --hash=sha256:b295729485b06c1a0683af02a9e42d2caa9db04a373dc38a6a58cdd1e8abddf1 \ 170 | --hash=sha256:b8831399554b92b72af5932cdbbd4ddc55c55f631bb13ff8fe4e6536a06c5c51 \ 171 | --hash=sha256:b8dcd239c743aa2f9c22ce674a145e0a25cb1566c495928440a181ca1ccf6719 \ 172 | --hash=sha256:bcb4f8ea87d03bc51ad04add8ceaf9b0f085ac045ab4d74e73bbc2dc033f0236 \ 173 | --hash=sha256:bd7af3717683bea4c87acd8c0d3d5b44d56120b26fd3f8a692bdd2d5260c620a \ 174 | --hash=sha256:bf4475b82be41b07cc5e5ff94810e6a01f276e37c2d55571e3fe175e467a1a1c \ 175 | --hash=sha256:c3e446d253bd88f6377260d07c895816ebf33ffffd56c1c792b13bff9c3e1ade \ 176 | --hash=sha256:c57516e58fd17d03ebe67e181a4e4e2ccab1168f8c2976c6a334d4f819fe5944 \ 177 | --hash=sha256:c94057af19bc953643a33581844649a7fdab902624d2eb739738a30e2b3e60fc \ 178 | --hash=sha256:cab5d0b79d987c67f3b9e9c53f54a61360422a5a0bc075f43cab5621d530c3b6 \ 179 | --hash=sha256:ce031db0408e487fd2775d745ce30a7cd2923667cf3b69d48d219f1d8f5ddeb6 \ 180 | --hash=sha256:cee4373f4d3ad28f1ab6290684d8e2ebdb9e7a1b74fdc39e4c211995f77bec27 \ 181 | --hash=sha256:d5b054862739d276e09928de37c79ddeec42a6e1bfc55863be96a36ba22926f6 \ 182 | --hash=sha256:dbe03226baf438ac4fda9e2d0715022fd579cb641c4cf639fa40d53b2fe6f3e2 \ 183 | --hash=sha256:dc15e99b2d8a656f8e666854404f1ba54765871104e50c8e9813af8a7db07f12 \ 184 | --hash=sha256:dcaf7c1524c0542ee2fc82cc8ec337f7a9f7edee2532421ab200d2b920fc97cf \ 185 | --hash=sha256:dd4eda173a9fcccb5f2e2bd2a9f423d180194b1bf17cf59e3269899235b2a114 \ 186 | --hash=sha256:dd9a8bd8900e65504a305bf8ae6fa9fbc66de94178c420791d0293702fce2df7 \ 187 | --hash=sha256:de7376c29d95d6719048c194a9cf1a1b0393fbe8488a22008610b0361d834ecf \ 188 | --hash=sha256:e7fdd52961feb4c96507aa649550ec2a0d527c086d284749b2f582f2d40a2e0d \ 189 | --hash=sha256:e91f541a85298cf35433bf66f3fab2a4a2cff05c127eeca4af174f6d497f0d4b \ 190 | --hash=sha256:e9e3c4c9e1ed40ea53acf11e2a386383c3304212c965773704e4603d589343ed \ 191 | --hash=sha256:ee803480535c44e7f5ad00788526da7d85525cfefaf8acf8ab9a310000be4b03 \ 192 | --hash=sha256:f09cb5a7bbe1ecae6e87901a2eb23e0256bb524a79ccc53eb0b7629fbe7677c4 \ 193 | --hash=sha256:f19c1585933c82098c2a520f8ec1227f20e339e33aca8fa6f956f6691b784e67 \ 194 | --hash=sha256:f1a2f519ae173b5b6a2c9d5fa3116ce16e48b3462c8b96dfdded11055e3d6365 \ 195 | --hash=sha256:f28f891ccd15c514a0981f3b9db9aa23d62fe1a99997512b0491d2ed323d229a \ 196 | --hash=sha256:f3e73a4255342d4eb26ef6df01e3962e73aa29baa3124a8e824c5d3364a65748 \ 197 | --hash=sha256:f606a1881d2663630ea5b8ce2efe2111740df4b687bd78b34a8131baa007f79b \ 198 | --hash=sha256:fe9f97feb71aa9896b81973a7bbada8c49501dc73e58a10fcef6663af95e5079 \ 199 | --hash=sha256:ffc519621dce0c767e96b9c53f09c5d215578e10b02c285809f76509a3931482 200 | # via 201 | # -r requirements.in 202 | # requests 203 | cryptography==44.0.0 \ 204 | --hash=sha256:1923cb251c04be85eec9fda837661c67c1049063305d6be5721643c22dd4e2b7 \ 205 | --hash=sha256:37d76e6863da3774cd9db5b409a9ecfd2c71c981c38788d3fcfaf177f447b731 \ 206 | --hash=sha256:3c672a53c0fb4725a29c303be906d3c1fa99c32f58abe008a82705f9ee96f40b \ 207 | --hash=sha256:404fdc66ee5f83a1388be54300ae978b2efd538018de18556dde92575e05defc \ 208 | --hash=sha256:4ac4c9f37eba52cb6fbeaf5b59c152ea976726b865bd4cf87883a7e7006cc543 \ 209 | --hash=sha256:60eb32934076fa07e4316b7b2742fa52cbb190b42c2df2863dbc4230a0a9b385 \ 210 | --hash=sha256:62901fb618f74d7d81bf408c8719e9ec14d863086efe4185afd07c352aee1d2c \ 211 | --hash=sha256:660cb7312a08bc38be15b696462fa7cc7cd85c3ed9c576e81f4dc4d8b2b31591 \ 212 | --hash=sha256:708ee5f1bafe76d041b53a4f95eb28cdeb8d18da17e597d46d7833ee59b97ede \ 213 | --hash=sha256:761817a3377ef15ac23cd7834715081791d4ec77f9297ee694ca1ee9c2c7e5eb \ 214 | --hash=sha256:831c3c4d0774e488fdc83a1923b49b9957d33287de923d58ebd3cec47a0ae43f \ 215 | --hash=sha256:84111ad4ff3f6253820e6d3e58be2cc2a00adb29335d4cacb5ab4d4d34f2a123 \ 216 | --hash=sha256:8b3e6eae66cf54701ee7d9c83c30ac0a1e3fa17be486033000f2a73a12ab507c \ 217 | --hash=sha256:9abcc2e083cbe8dde89124a47e5e53ec38751f0d7dfd36801008f316a127d7ba \ 218 | --hash=sha256:9e6fc8a08e116fb7c7dd1f040074c9d7b51d74a8ea40d4df2fc7aa08b76b9e6c \ 219 | --hash=sha256:a01956ddfa0a6790d594f5b34fc1bfa6098aca434696a03cfdbe469b8ed79285 \ 220 | --hash=sha256:abc998e0c0eee3c8a1904221d3f67dcfa76422b23620173e28c11d3e626c21bd \ 221 | --hash=sha256:b15492a11f9e1b62ba9d73c210e2416724633167de94607ec6069ef724fad092 \ 222 | --hash=sha256:be4ce505894d15d5c5037167ffb7f0ae90b7be6f2a98f9a5c3442395501c32fa \ 223 | --hash=sha256:c5eb858beed7835e5ad1faba59e865109f3e52b3783b9ac21e7e47dc5554e289 \ 224 | --hash=sha256:cd4e834f340b4293430701e772ec543b0fbe6c2dea510a5286fe0acabe153a02 \ 225 | --hash=sha256:d2436114e46b36d00f8b72ff57e598978b37399d2786fd39793c36c6d5cb1c64 \ 226 | --hash=sha256:eb33480f1bad5b78233b0ad3e1b0be21e8ef1da745d8d2aecbb20671658b9053 \ 227 | --hash=sha256:eca27345e1214d1b9f9490d200f9db5a874479be914199194e746c893788d417 \ 228 | --hash=sha256:ed3534eb1090483c96178fcb0f8893719d96d5274dfde98aa6add34614e97c8e \ 229 | --hash=sha256:f3f6fdfa89ee2d9d496e2c087cebef9d4fcbb0ad63c40e821b39f74bf48d9c5e \ 230 | --hash=sha256:f53c2c87e0fb4b0c00fa9571082a057e37690a8f12233306161c8f4b819960b7 \ 231 | --hash=sha256:f5e7cb1e5e56ca0933b4873c0220a78b773b24d40d186b6738080b73d3d0a756 \ 232 | --hash=sha256:f677e1268c4e23420c3acade68fac427fffcb8d19d7df95ed7ad17cdef8404f4 233 | # via 234 | # -r requirements.in 235 | # ansible-core 236 | idna==3.10 \ 237 | --hash=sha256:12f65c9b470abda6dc35cf8e63cc574b1c52b11df2c86030af0ac09b01b13ea9 \ 238 | --hash=sha256:946d195a0d259cbba61165e88e65941f16e9b36ea6ddb97f00452bae8b1287d3 239 | # via 240 | # -r requirements.in 241 | # requests 242 | importlib-resources==6.4.5 \ 243 | --hash=sha256:980862a1d16c9e147a59603677fa2aa5fd82b87f223b6cb870695bcfce830065 \ 244 | --hash=sha256:ac29d5f956f01d5e4bb63102a5a19957f1b9175e45649977264a1416783bb717 245 | # via -r requirements.in 246 | jinja2==3.1.4 \ 247 | --hash=sha256:4a3aee7acbbe7303aede8e9648d13b8bf88a429282aa6122a993f0ac800cb369 \ 248 | --hash=sha256:bc5dd2abb727a5319567b7a813e6a2e7318c39f4f487cfe6c89c6f9c7d25197d 249 | # via 250 | # -r requirements.in 251 | # ansible-core 252 | lxml==5.3.0 \ 253 | --hash=sha256:01220dca0d066d1349bd6a1726856a78f7929f3878f7e2ee83c296c69495309e \ 254 | --hash=sha256:02ced472497b8362c8e902ade23e3300479f4f43e45f4105c85ef43b8db85229 \ 255 | --hash=sha256:052d99051e77a4f3e8482c65014cf6372e61b0a6f4fe9edb98503bb5364cfee3 \ 256 | --hash=sha256:07da23d7ee08577760f0a71d67a861019103e4812c87e2fab26b039054594cc5 \ 257 | --hash=sha256:094cb601ba9f55296774c2d57ad68730daa0b13dc260e1f941b4d13678239e70 \ 258 | --hash=sha256:0a7056921edbdd7560746f4221dca89bb7a3fe457d3d74267995253f46343f15 \ 259 | --hash=sha256:0c120f43553ec759f8de1fee2f4794452b0946773299d44c36bfe18e83caf002 \ 260 | --hash=sha256:0d7b36afa46c97875303a94e8f3ad932bf78bace9e18e603f2085b652422edcd \ 261 | --hash=sha256:0fdf3a3059611f7585a78ee10399a15566356116a4288380921a4b598d807a22 \ 262 | --hash=sha256:109fa6fede314cc50eed29e6e56c540075e63d922455346f11e4d7a036d2b8cf \ 263 | --hash=sha256:146173654d79eb1fc97498b4280c1d3e1e5d58c398fa530905c9ea50ea849b22 \ 264 | --hash=sha256:1473427aff3d66a3fa2199004c3e601e6c4500ab86696edffdbc84954c72d832 \ 265 | --hash=sha256:1483fd3358963cc5c1c9b122c80606a3a79ee0875bcac0204149fa09d6ff2727 \ 266 | --hash=sha256:168f2dfcfdedf611eb285efac1516c8454c8c99caf271dccda8943576b67552e \ 267 | --hash=sha256:17e8d968d04a37c50ad9c456a286b525d78c4a1c15dd53aa46c1d8e06bf6fa30 \ 268 | --hash=sha256:18feb4b93302091b1541221196a2155aa296c363fd233814fa11e181adebc52f \ 269 | --hash=sha256:1afe0a8c353746e610bd9031a630a95bcfb1a720684c3f2b36c4710a0a96528f \ 270 | --hash=sha256:1d04f064bebdfef9240478f7a779e8c5dc32b8b7b0b2fc6a62e39b928d428e51 \ 271 | --hash=sha256:1fdc9fae8dd4c763e8a31e7630afef517eab9f5d5d31a278df087f307bf601f4 \ 272 | --hash=sha256:1ffc23010330c2ab67fac02781df60998ca8fe759e8efde6f8b756a20599c5de \ 273 | --hash=sha256:20094fc3f21ea0a8669dc4c61ed7fa8263bd37d97d93b90f28fc613371e7a875 \ 274 | --hash=sha256:213261f168c5e1d9b7535a67e68b1f59f92398dd17a56d934550837143f79c42 \ 275 | --hash=sha256:218c1b2e17a710e363855594230f44060e2025b05c80d1f0661258142b2add2e \ 276 | --hash=sha256:23e0553b8055600b3bf4a00b255ec5c92e1e4aebf8c2c09334f8368e8bd174d6 \ 277 | --hash=sha256:25f1b69d41656b05885aa185f5fdf822cb01a586d1b32739633679699f220391 \ 278 | --hash=sha256:2b3778cb38212f52fac9fe913017deea2fdf4eb1a4f8e4cfc6b009a13a6d3fcc \ 279 | --hash=sha256:2bc9fd5ca4729af796f9f59cd8ff160fe06a474da40aca03fcc79655ddee1a8b \ 280 | --hash=sha256:2c226a06ecb8cdef28845ae976da407917542c5e6e75dcac7cc33eb04aaeb237 \ 281 | --hash=sha256:2c3406b63232fc7e9b8783ab0b765d7c59e7c59ff96759d8ef9632fca27c7ee4 \ 282 | --hash=sha256:2c86bf781b12ba417f64f3422cfc302523ac9cd1d8ae8c0f92a1c66e56ef2e86 \ 283 | --hash=sha256:2d9b8d9177afaef80c53c0a9e30fa252ff3036fb1c6494d427c066a4ce6a282f \ 284 | --hash=sha256:2dec2d1130a9cda5b904696cec33b2cfb451304ba9081eeda7f90f724097300a \ 285 | --hash=sha256:2dfab5fa6a28a0b60a20638dc48e6343c02ea9933e3279ccb132f555a62323d8 \ 286 | --hash=sha256:2ecdd78ab768f844c7a1d4a03595038c166b609f6395e25af9b0f3f26ae1230f \ 287 | --hash=sha256:315f9542011b2c4e1d280e4a20ddcca1761993dda3afc7a73b01235f8641e903 \ 288 | --hash=sha256:36aef61a1678cb778097b4a6eeae96a69875d51d1e8f4d4b491ab3cfb54b5a03 \ 289 | --hash=sha256:384aacddf2e5813a36495233b64cb96b1949da72bef933918ba5c84e06af8f0e \ 290 | --hash=sha256:3879cc6ce938ff4eb4900d901ed63555c778731a96365e53fadb36437a131a99 \ 291 | --hash=sha256:3c174dc350d3ec52deb77f2faf05c439331d6ed5e702fc247ccb4e6b62d884b7 \ 292 | --hash=sha256:3eb44520c4724c2e1a57c0af33a379eee41792595023f367ba3952a2d96c2aab \ 293 | --hash=sha256:406246b96d552e0503e17a1006fd27edac678b3fcc9f1be71a2f94b4ff61528d \ 294 | --hash=sha256:41ce1f1e2c7755abfc7e759dc34d7d05fd221723ff822947132dc934d122fe22 \ 295 | --hash=sha256:423b121f7e6fa514ba0c7918e56955a1d4470ed35faa03e3d9f0e3baa4c7e492 \ 296 | --hash=sha256:44264ecae91b30e5633013fb66f6ddd05c006d3e0e884f75ce0b4755b3e3847b \ 297 | --hash=sha256:482c2f67761868f0108b1743098640fbb2a28a8e15bf3f47ada9fa59d9fe08c3 \ 298 | --hash=sha256:4b0c7a688944891086ba192e21c5229dea54382f4836a209ff8d0a660fac06be \ 299 | --hash=sha256:4c1fefd7e3d00921c44dc9ca80a775af49698bbfd92ea84498e56acffd4c5469 \ 300 | --hash=sha256:4e109ca30d1edec1ac60cdbe341905dc3b8f55b16855e03a54aaf59e51ec8c6f \ 301 | --hash=sha256:501d0d7e26b4d261fca8132854d845e4988097611ba2531408ec91cf3fd9d20a \ 302 | --hash=sha256:516f491c834eb320d6c843156440fe7fc0d50b33e44387fcec5b02f0bc118a4c \ 303 | --hash=sha256:51806cfe0279e06ed8500ce19479d757db42a30fd509940b1701be9c86a5ff9a \ 304 | --hash=sha256:562e7494778a69086f0312ec9689f6b6ac1c6b65670ed7d0267e49f57ffa08c4 \ 305 | --hash=sha256:56b9861a71575f5795bde89256e7467ece3d339c9b43141dbdd54544566b3b94 \ 306 | --hash=sha256:5b8f5db71b28b8c404956ddf79575ea77aa8b1538e8b2ef9ec877945b3f46442 \ 307 | --hash=sha256:5c2fb570d7823c2bbaf8b419ba6e5662137f8166e364a8b2b91051a1fb40ab8b \ 308 | --hash=sha256:5c54afdcbb0182d06836cc3d1be921e540be3ebdf8b8a51ee3ef987537455f84 \ 309 | --hash=sha256:5d6a6972b93c426ace71e0be9a6f4b2cfae9b1baed2eed2006076a746692288c \ 310 | --hash=sha256:609251a0ca4770e5a8768ff902aa02bf636339c5a93f9349b48eb1f606f7f3e9 \ 311 | --hash=sha256:62d172f358f33a26d6b41b28c170c63886742f5b6772a42b59b4f0fa10526cb1 \ 312 | --hash=sha256:62f7fdb0d1ed2065451f086519865b4c90aa19aed51081979ecd05a21eb4d1be \ 313 | --hash=sha256:658f2aa69d31e09699705949b5fc4719cbecbd4a97f9656a232e7d6c7be1a367 \ 314 | --hash=sha256:65ab5685d56914b9a2a34d67dd5488b83213d680b0c5d10b47f81da5a16b0b0e \ 315 | --hash=sha256:68934b242c51eb02907c5b81d138cb977b2129a0a75a8f8b60b01cb8586c7b21 \ 316 | --hash=sha256:68b87753c784d6acb8a25b05cb526c3406913c9d988d51f80adecc2b0775d6aa \ 317 | --hash=sha256:69959bd3167b993e6e710b99051265654133a98f20cec1d9b493b931942e9c16 \ 318 | --hash=sha256:6a7095eeec6f89111d03dabfe5883a1fd54da319c94e0fb104ee8f23616b572d \ 319 | --hash=sha256:6b038cc86b285e4f9fea2ba5ee76e89f21ed1ea898e287dc277a25884f3a7dfe \ 320 | --hash=sha256:6ba0d3dcac281aad8a0e5b14c7ed6f9fa89c8612b47939fc94f80b16e2e9bc83 \ 321 | --hash=sha256:6e91cf736959057f7aac7adfc83481e03615a8e8dd5758aa1d95ea69e8931dba \ 322 | --hash=sha256:6ee8c39582d2652dcd516d1b879451500f8db3fe3607ce45d7c5957ab2596040 \ 323 | --hash=sha256:6f651ebd0b21ec65dfca93aa629610a0dbc13dbc13554f19b0113da2e61a4763 \ 324 | --hash=sha256:71a8dd38fbd2f2319136d4ae855a7078c69c9a38ae06e0c17c73fd70fc6caad8 \ 325 | --hash=sha256:74068c601baff6ff021c70f0935b0c7bc528baa8ea210c202e03757c68c5a4ff \ 326 | --hash=sha256:7437237c6a66b7ca341e868cda48be24b8701862757426852c9b3186de1da8a2 \ 327 | --hash=sha256:747a3d3e98e24597981ca0be0fd922aebd471fa99d0043a3842d00cdcad7ad6a \ 328 | --hash=sha256:74bcb423462233bc5d6066e4e98b0264e7c1bed7541fff2f4e34fe6b21563c8b \ 329 | --hash=sha256:78d9b952e07aed35fe2e1a7ad26e929595412db48535921c5013edc8aa4a35ce \ 330 | --hash=sha256:7b1cd427cb0d5f7393c31b7496419da594fe600e6fdc4b105a54f82405e6626c \ 331 | --hash=sha256:7d3d1ca42870cdb6d0d29939630dbe48fa511c203724820fc0fd507b2fb46577 \ 332 | --hash=sha256:7e2f58095acc211eb9d8b5771bf04df9ff37d6b87618d1cbf85f92399c98dae8 \ 333 | --hash=sha256:7f41026c1d64043a36fda21d64c5026762d53a77043e73e94b71f0521939cc71 \ 334 | --hash=sha256:81b4e48da4c69313192d8c8d4311e5d818b8be1afe68ee20f6385d0e96fc9512 \ 335 | --hash=sha256:86a6b24b19eaebc448dc56b87c4865527855145d851f9fc3891673ff97950540 \ 336 | --hash=sha256:874a216bf6afaf97c263b56371434e47e2c652d215788396f60477540298218f \ 337 | --hash=sha256:89e043f1d9d341c52bf2af6d02e6adde62e0a46e6755d5eb60dc6e4f0b8aeca2 \ 338 | --hash=sha256:8c72e9563347c7395910de6a3100a4840a75a6f60e05af5e58566868d5eb2d6a \ 339 | --hash=sha256:8dc2c0395bea8254d8daebc76dcf8eb3a95ec2a46fa6fae5eaccee366bfe02ce \ 340 | --hash=sha256:8f0de2d390af441fe8b2c12626d103540b5d850d585b18fcada58d972b74a74e \ 341 | --hash=sha256:92e67a0be1639c251d21e35fe74df6bcc40cba445c2cda7c4a967656733249e2 \ 342 | --hash=sha256:94d6c3782907b5e40e21cadf94b13b0842ac421192f26b84c45f13f3c9d5dc27 \ 343 | --hash=sha256:97acf1e1fd66ab53dacd2c35b319d7e548380c2e9e8c54525c6e76d21b1ae3b1 \ 344 | --hash=sha256:9ada35dd21dc6c039259596b358caab6b13f4db4d4a7f8665764d616daf9cc1d \ 345 | --hash=sha256:9c52100e2c2dbb0649b90467935c4b0de5528833c76a35ea1a2691ec9f1ee7a1 \ 346 | --hash=sha256:9e41506fec7a7f9405b14aa2d5c8abbb4dbbd09d88f9496958b6d00cb4d45330 \ 347 | --hash=sha256:9e4b47ac0f5e749cfc618efdf4726269441014ae1d5583e047b452a32e221920 \ 348 | --hash=sha256:9fb81d2824dff4f2e297a276297e9031f46d2682cafc484f49de182aa5e5df99 \ 349 | --hash=sha256:a0eabd0a81625049c5df745209dc7fcef6e2aea7793e5f003ba363610aa0a3ff \ 350 | --hash=sha256:a3d819eb6f9b8677f57f9664265d0a10dd6551d227afb4af2b9cd7bdc2ccbf18 \ 351 | --hash=sha256:a87de7dd873bf9a792bf1e58b1c3887b9264036629a5bf2d2e6579fe8e73edff \ 352 | --hash=sha256:aa617107a410245b8660028a7483b68e7914304a6d4882b5ff3d2d3eb5948d8c \ 353 | --hash=sha256:aac0bbd3e8dd2d9c45ceb82249e8bdd3ac99131a32b4d35c8af3cc9db1657179 \ 354 | --hash=sha256:ab6dd83b970dc97c2d10bc71aa925b84788c7c05de30241b9e96f9b6d9ea3080 \ 355 | --hash=sha256:ace2c2326a319a0bb8a8b0e5b570c764962e95818de9f259ce814ee666603f19 \ 356 | --hash=sha256:ae5fe5c4b525aa82b8076c1a59d642c17b6e8739ecf852522c6321852178119d \ 357 | --hash=sha256:b11a5d918a6216e521c715b02749240fb07ae5a1fefd4b7bf12f833bc8b4fe70 \ 358 | --hash=sha256:b1c8c20847b9f34e98080da785bb2336ea982e7f913eed5809e5a3c872900f32 \ 359 | --hash=sha256:b369d3db3c22ed14c75ccd5af429086f166a19627e84a8fdade3f8f31426e52a \ 360 | --hash=sha256:b710bc2b8292966b23a6a0121f7a6c51d45d2347edcc75f016ac123b8054d3f2 \ 361 | --hash=sha256:bd96517ef76c8654446fc3db9242d019a1bb5fe8b751ba414765d59f99210b79 \ 362 | --hash=sha256:c00f323cc00576df6165cc9d21a4c21285fa6b9989c5c39830c3903dc4303ef3 \ 363 | --hash=sha256:c162b216070f280fa7da844531169be0baf9ccb17263cf5a8bf876fcd3117fa5 \ 364 | --hash=sha256:c1a69e58a6bb2de65902051d57fde951febad631a20a64572677a1052690482f \ 365 | --hash=sha256:c1f794c02903c2824fccce5b20c339a1a14b114e83b306ff11b597c5f71a1c8d \ 366 | --hash=sha256:c24037349665434f375645fa9d1f5304800cec574d0310f618490c871fd902b3 \ 367 | --hash=sha256:c300306673aa0f3ed5ed9372b21867690a17dba38c68c44b287437c362ce486b \ 368 | --hash=sha256:c56a1d43b2f9ee4786e4658c7903f05da35b923fb53c11025712562d5cc02753 \ 369 | --hash=sha256:c6379f35350b655fd817cd0d6cbeef7f265f3ae5fedb1caae2eb442bbeae9ab9 \ 370 | --hash=sha256:c802e1c2ed9f0c06a65bc4ed0189d000ada8049312cfeab6ca635e39c9608957 \ 371 | --hash=sha256:cb83f8a875b3d9b458cada4f880fa498646874ba4011dc974e071a0a84a1b033 \ 372 | --hash=sha256:cf120cce539453ae086eacc0130a324e7026113510efa83ab42ef3fcfccac7fb \ 373 | --hash=sha256:dd36439be765e2dde7660212b5275641edbc813e7b24668831a5c8ac91180656 \ 374 | --hash=sha256:dd5350b55f9fecddc51385463a4f67a5da829bc741e38cf689f38ec9023f54ab \ 375 | --hash=sha256:df5c7333167b9674aa8ae1d4008fa4bc17a313cc490b2cca27838bbdcc6bb15b \ 376 | --hash=sha256:e63601ad5cd8f860aa99d109889b5ac34de571c7ee902d6812d5d9ddcc77fa7d \ 377 | --hash=sha256:e92ce66cd919d18d14b3856906a61d3f6b6a8500e0794142338da644260595cd \ 378 | --hash=sha256:e99f5507401436fdcc85036a2e7dc2e28d962550afe1cbfc07c40e454256a859 \ 379 | --hash=sha256:ea2e2f6f801696ad7de8aec061044d6c8c0dd4037608c7cab38a9a4d316bfb11 \ 380 | --hash=sha256:eafa2c8658f4e560b098fe9fc54539f86528651f61849b22111a9b107d18910c \ 381 | --hash=sha256:ecd4ad8453ac17bc7ba3868371bffb46f628161ad0eefbd0a855d2c8c32dd81a \ 382 | --hash=sha256:ee70d08fd60c9565ba8190f41a46a54096afa0eeb8f76bd66f2c25d3b1b83005 \ 383 | --hash=sha256:eec1bb8cdbba2925bedc887bc0609a80e599c75b12d87ae42ac23fd199445654 \ 384 | --hash=sha256:ef0c1fe22171dd7c7c27147f2e9c3e86f8bdf473fed75f16b0c2e84a5030ce80 \ 385 | --hash=sha256:f2901429da1e645ce548bf9171784c0f74f0718c3f6150ce166be39e4dd66c3e \ 386 | --hash=sha256:f422a209d2455c56849442ae42f25dbaaba1c6c3f501d58761c619c7836642ec \ 387 | --hash=sha256:f65e5120863c2b266dbcc927b306c5b78e502c71edf3295dfcb9501ec96e5fc7 \ 388 | --hash=sha256:f7d4a670107d75dfe5ad080bed6c341d18c4442f9378c9f58e5851e86eb79965 \ 389 | --hash=sha256:f914c03e6a31deb632e2daa881fe198461f4d06e57ac3d0e05bbcab8eae01945 \ 390 | --hash=sha256:fb66442c2546446944437df74379e9cf9e9db353e61301d1a0e26482f43f0dd8 391 | # via -r requirements.in 392 | MarkupSafe==3.0.2 \ 393 | --hash=sha256:0bff5e0ae4ef2e1ae4fdf2dfd5b76c75e5c2fa4132d05fc1b0dabcd20c7e28c4 \ 394 | --hash=sha256:0f4ca02bea9a23221c0182836703cbf8930c5e9454bacce27e767509fa286a30 \ 395 | --hash=sha256:1225beacc926f536dc82e45f8a4d68502949dc67eea90eab715dea3a21c1b5f0 \ 396 | --hash=sha256:131a3c7689c85f5ad20f9f6fb1b866f402c445b220c19fe4308c0b147ccd2ad9 \ 397 | --hash=sha256:15ab75ef81add55874e7ab7055e9c397312385bd9ced94920f2802310c930396 \ 398 | --hash=sha256:1a9d3f5f0901fdec14d8d2f66ef7d035f2157240a433441719ac9a3fba440b13 \ 399 | --hash=sha256:1c99d261bd2d5f6b59325c92c73df481e05e57f19837bdca8413b9eac4bd8028 \ 400 | --hash=sha256:1e084f686b92e5b83186b07e8a17fc09e38fff551f3602b249881fec658d3eca \ 401 | --hash=sha256:2181e67807fc2fa785d0592dc2d6206c019b9502410671cc905d132a92866557 \ 402 | --hash=sha256:2cb8438c3cbb25e220c2ab33bb226559e7afb3baec11c4f218ffa7308603c832 \ 403 | --hash=sha256:3169b1eefae027567d1ce6ee7cae382c57fe26e82775f460f0b2778beaad66c0 \ 404 | --hash=sha256:3809ede931876f5b2ec92eef964286840ed3540dadf803dd570c3b7e13141a3b \ 405 | --hash=sha256:38a9ef736c01fccdd6600705b09dc574584b89bea478200c5fbf112a6b0d5579 \ 406 | --hash=sha256:3d79d162e7be8f996986c064d1c7c817f6df3a77fe3d6859f6f9e7be4b8c213a \ 407 | --hash=sha256:444dcda765c8a838eaae23112db52f1efaf750daddb2d9ca300bcae1039adc5c \ 408 | --hash=sha256:48032821bbdf20f5799ff537c7ac3d1fba0ba032cfc06194faffa8cda8b560ff \ 409 | --hash=sha256:4aa4e5faecf353ed117801a068ebab7b7e09ffb6e1d5e412dc852e0da018126c \ 410 | --hash=sha256:52305740fe773d09cffb16f8ed0427942901f00adedac82ec8b67752f58a1b22 \ 411 | --hash=sha256:569511d3b58c8791ab4c2e1285575265991e6d8f8700c7be0e88f86cb0672094 \ 412 | --hash=sha256:57cb5a3cf367aeb1d316576250f65edec5bb3be939e9247ae594b4bcbc317dfb \ 413 | --hash=sha256:5b02fb34468b6aaa40dfc198d813a641e3a63b98c2b05a16b9f80b7ec314185e \ 414 | --hash=sha256:6381026f158fdb7c72a168278597a5e3a5222e83ea18f543112b2662a9b699c5 \ 415 | --hash=sha256:6af100e168aa82a50e186c82875a5893c5597a0c1ccdb0d8b40240b1f28b969a \ 416 | --hash=sha256:6c89876f41da747c8d3677a2b540fb32ef5715f97b66eeb0c6b66f5e3ef6f59d \ 417 | --hash=sha256:6e296a513ca3d94054c2c881cc913116e90fd030ad1c656b3869762b754f5f8a \ 418 | --hash=sha256:70a87b411535ccad5ef2f1df5136506a10775d267e197e4cf531ced10537bd6b \ 419 | --hash=sha256:7e94c425039cde14257288fd61dcfb01963e658efbc0ff54f5306b06054700f8 \ 420 | --hash=sha256:846ade7b71e3536c4e56b386c2a47adf5741d2d8b94ec9dc3e92e5e1ee1e2225 \ 421 | --hash=sha256:88416bd1e65dcea10bc7569faacb2c20ce071dd1f87539ca2ab364bf6231393c \ 422 | --hash=sha256:88b49a3b9ff31e19998750c38e030fc7bb937398b1f78cfa599aaef92d693144 \ 423 | --hash=sha256:8c4e8c3ce11e1f92f6536ff07154f9d49677ebaaafc32db9db4620bc11ed480f \ 424 | --hash=sha256:8e06879fc22a25ca47312fbe7c8264eb0b662f6db27cb2d3bbbc74b1df4b9b87 \ 425 | --hash=sha256:9025b4018f3a1314059769c7bf15441064b2207cb3f065e6ea1e7359cb46db9d \ 426 | --hash=sha256:93335ca3812df2f366e80509ae119189886b0f3c2b81325d39efdb84a1e2ae93 \ 427 | --hash=sha256:9778bd8ab0a994ebf6f84c2b949e65736d5575320a17ae8984a77fab08db94cf \ 428 | --hash=sha256:9e2d922824181480953426608b81967de705c3cef4d1af983af849d7bd619158 \ 429 | --hash=sha256:a123e330ef0853c6e822384873bef7507557d8e4a082961e1defa947aa59ba84 \ 430 | --hash=sha256:a904af0a6162c73e3edcb969eeeb53a63ceeb5d8cf642fade7d39e7963a22ddb \ 431 | --hash=sha256:ad10d3ded218f1039f11a75f8091880239651b52e9bb592ca27de44eed242a48 \ 432 | --hash=sha256:b424c77b206d63d500bcb69fa55ed8d0e6a3774056bdc4839fc9298a7edca171 \ 433 | --hash=sha256:b5a6b3ada725cea8a5e634536b1b01c30bcdcd7f9c6fff4151548d5bf6b3a36c \ 434 | --hash=sha256:ba8062ed2cf21c07a9e295d5b8a2a5ce678b913b45fdf68c32d95d6c1291e0b6 \ 435 | --hash=sha256:ba9527cdd4c926ed0760bc301f6728ef34d841f405abf9d4f959c478421e4efd \ 436 | --hash=sha256:bbcb445fa71794da8f178f0f6d66789a28d7319071af7a496d4d507ed566270d \ 437 | --hash=sha256:bcf3e58998965654fdaff38e58584d8937aa3096ab5354d493c77d1fdd66d7a1 \ 438 | --hash=sha256:c0ef13eaeee5b615fb07c9a7dadb38eac06a0608b41570d8ade51c56539e509d \ 439 | --hash=sha256:cabc348d87e913db6ab4aa100f01b08f481097838bdddf7c7a84b7575b7309ca \ 440 | --hash=sha256:cdb82a876c47801bb54a690c5ae105a46b392ac6099881cdfb9f6e95e4014c6a \ 441 | --hash=sha256:cfad01eed2c2e0c01fd0ecd2ef42c492f7f93902e39a42fc9ee1692961443a29 \ 442 | --hash=sha256:d16a81a06776313e817c951135cf7340a3e91e8c1ff2fac444cfd75fffa04afe \ 443 | --hash=sha256:d8213e09c917a951de9d09ecee036d5c7d36cb6cb7dbaece4c71a60d79fb9798 \ 444 | --hash=sha256:e07c3764494e3776c602c1e78e298937c3315ccc9043ead7e685b7f2b8d47b3c \ 445 | --hash=sha256:e17c96c14e19278594aa4841ec148115f9c7615a47382ecb6b82bd8fea3ab0c8 \ 446 | --hash=sha256:e444a31f8db13eb18ada366ab3cf45fd4b31e4db1236a4448f68778c1d1a5a2f \ 447 | --hash=sha256:e6a2a455bd412959b57a172ce6328d2dd1f01cb2135efda2e4576e8a23fa3b0f \ 448 | --hash=sha256:eaa0a10b7f72326f1372a713e73c3f739b524b3af41feb43e4921cb529f5929a \ 449 | --hash=sha256:eb7972a85c54febfb25b5c4b4f3af4dcc731994c7da0d8a0b4a6eb0640e1d178 \ 450 | --hash=sha256:ee55d3edf80167e48ea11a923c7386f4669df67d7994554387f84e7d8b0a2bf0 \ 451 | --hash=sha256:f3818cb119498c0678015754eba762e0d61e5b52d34c8b13d770f0719f7b1d79 \ 452 | --hash=sha256:f8b3d067f2e40fe93e1ccdd6b2e1d16c43140e76f02fb1319a05cf2b79d99430 \ 453 | --hash=sha256:fcabf5ff6eea076f859677f5f0b6b5c1a51e70a376b0579e0eadef8db48c6b50 454 | # via 455 | # -r requirements.in 456 | # jinja2 457 | packaging==24.2 \ 458 | --hash=sha256:09abb1bccd265c01f4a3aa3f7a7db064b36514d2cba19a2f694fe6150451a759 \ 459 | --hash=sha256:c228a6dc5e932d346bc5739379109d49e8853dd8223571c7c5b55260edc0b97f 460 | # via 461 | # -r requirements.in 462 | # ansible-core 463 | pycparser==2.22 \ 464 | --hash=sha256:491c8be9c040f5390f5bf44a5b07752bd07f56edf992381b05c701439eec10f6 \ 465 | --hash=sha256:c3702b6d3dd8c7abc1afa565d7e63d53a1d0bd86cdc24edd75470f4de499cfcc 466 | # via 467 | # -r requirements.in 468 | # cffi 469 | PyYAML==6.0.2 \ 470 | --hash=sha256:01179a4a8559ab5de078078f37e5c1a30d76bb88519906844fd7bdea1b7729ff \ 471 | --hash=sha256:0833f8694549e586547b576dcfaba4a6b55b9e96098b36cdc7ebefe667dfed48 \ 472 | --hash=sha256:0a9a2848a5b7feac301353437eb7d5957887edbf81d56e903999a75a3d743086 \ 473 | --hash=sha256:0b69e4ce7a131fe56b7e4d770c67429700908fc0752af059838b1cfb41960e4e \ 474 | --hash=sha256:0ffe8360bab4910ef1b9e87fb812d8bc0a308b0d0eef8c8f44e0254ab3b07133 \ 475 | --hash=sha256:11d8f3dd2b9c1207dcaf2ee0bbbfd5991f571186ec9cc78427ba5bd32afae4b5 \ 476 | --hash=sha256:17e311b6c678207928d649faa7cb0d7b4c26a0ba73d41e99c4fff6b6c3276484 \ 477 | --hash=sha256:1e2120ef853f59c7419231f3bf4e7021f1b936f6ebd222406c3b60212205d2ee \ 478 | --hash=sha256:1f71ea527786de97d1a0cc0eacd1defc0985dcf6b3f17bb77dcfc8c34bec4dc5 \ 479 | --hash=sha256:23502f431948090f597378482b4812b0caae32c22213aecf3b55325e049a6c68 \ 480 | --hash=sha256:24471b829b3bf607e04e88d79542a9d48bb037c2267d7927a874e6c205ca7e9a \ 481 | --hash=sha256:29717114e51c84ddfba879543fb232a6ed60086602313ca38cce623c1d62cfbf \ 482 | --hash=sha256:2e99c6826ffa974fe6e27cdb5ed0021786b03fc98e5ee3c5bfe1fd5015f42b99 \ 483 | --hash=sha256:39693e1f8320ae4f43943590b49779ffb98acb81f788220ea932a6b6c51004d8 \ 484 | --hash=sha256:3ad2a3decf9aaba3d29c8f537ac4b243e36bef957511b4766cb0057d32b0be85 \ 485 | --hash=sha256:3b1fdb9dc17f5a7677423d508ab4f243a726dea51fa5e70992e59a7411c89d19 \ 486 | --hash=sha256:41e4e3953a79407c794916fa277a82531dd93aad34e29c2a514c2c0c5fe971cc \ 487 | --hash=sha256:43fa96a3ca0d6b1812e01ced1044a003533c47f6ee8aca31724f78e93ccc089a \ 488 | --hash=sha256:50187695423ffe49e2deacb8cd10510bc361faac997de9efef88badc3bb9e2d1 \ 489 | --hash=sha256:5ac9328ec4831237bec75defaf839f7d4564be1e6b25ac710bd1a96321cc8317 \ 490 | --hash=sha256:5d225db5a45f21e78dd9358e58a98702a0302f2659a3c6cd320564b75b86f47c \ 491 | --hash=sha256:6395c297d42274772abc367baaa79683958044e5d3835486c16da75d2a694631 \ 492 | --hash=sha256:688ba32a1cffef67fd2e9398a2efebaea461578b0923624778664cc1c914db5d \ 493 | --hash=sha256:68ccc6023a3400877818152ad9a1033e3db8625d899c72eacb5a668902e4d652 \ 494 | --hash=sha256:70b189594dbe54f75ab3a1acec5f1e3faa7e8cf2f1e08d9b561cb41b845f69d5 \ 495 | --hash=sha256:797b4f722ffa07cc8d62053e4cff1486fa6dc094105d13fea7b1de7d8bf71c9e \ 496 | --hash=sha256:7c36280e6fb8385e520936c3cb3b8042851904eba0e58d277dca80a5cfed590b \ 497 | --hash=sha256:7e7401d0de89a9a855c839bc697c079a4af81cf878373abd7dc625847d25cbd8 \ 498 | --hash=sha256:80bab7bfc629882493af4aa31a4cfa43a4c57c83813253626916b8c7ada83476 \ 499 | --hash=sha256:82d09873e40955485746739bcb8b4586983670466c23382c19cffecbf1fd8706 \ 500 | --hash=sha256:8388ee1976c416731879ac16da0aff3f63b286ffdd57cdeb95f3f2e085687563 \ 501 | --hash=sha256:8824b5a04a04a047e72eea5cec3bc266db09e35de6bdfe34c9436ac5ee27d237 \ 502 | --hash=sha256:8b9c7197f7cb2738065c481a0461e50ad02f18c78cd75775628afb4d7137fb3b \ 503 | --hash=sha256:9056c1ecd25795207ad294bcf39f2db3d845767be0ea6e6a34d856f006006083 \ 504 | --hash=sha256:936d68689298c36b53b29f23c6dbb74de12b4ac12ca6cfe0e047bedceea56180 \ 505 | --hash=sha256:9b22676e8097e9e22e36d6b7bda33190d0d400f345f23d4065d48f4ca7ae0425 \ 506 | --hash=sha256:a4d3091415f010369ae4ed1fc6b79def9416358877534caf6a0fdd2146c87a3e \ 507 | --hash=sha256:a8786accb172bd8afb8be14490a16625cbc387036876ab6ba70912730faf8e1f \ 508 | --hash=sha256:a9f8c2e67970f13b16084e04f134610fd1d374bf477b17ec1599185cf611d725 \ 509 | --hash=sha256:bc2fa7c6b47d6bc618dd7fb02ef6fdedb1090ec036abab80d4681424b84c1183 \ 510 | --hash=sha256:c70c95198c015b85feafc136515252a261a84561b7b1d51e3384e0655ddf25ab \ 511 | --hash=sha256:cc1c1159b3d456576af7a3e4d1ba7e6924cb39de8f67111c735f6fc832082774 \ 512 | --hash=sha256:ce826d6ef20b1bc864f0a68340c8b3287705cae2f8b4b1d932177dcc76721725 \ 513 | --hash=sha256:d584d9ec91ad65861cc08d42e834324ef890a082e591037abe114850ff7bbc3e \ 514 | --hash=sha256:d7fded462629cfa4b685c5416b949ebad6cec74af5e2d42905d41e257e0869f5 \ 515 | --hash=sha256:d84a1718ee396f54f3a086ea0a66d8e552b2ab2017ef8b420e92edbc841c352d \ 516 | --hash=sha256:d8e03406cac8513435335dbab54c0d385e4a49e4945d2909a581c83647ca0290 \ 517 | --hash=sha256:e10ce637b18caea04431ce14fabcf5c64a1c61ec9c56b071a4b7ca131ca52d44 \ 518 | --hash=sha256:ec031d5d2feb36d1d1a24380e4db6d43695f3748343d99434e6f5f9156aaa2ed \ 519 | --hash=sha256:ef6107725bd54b262d6dedcc2af448a266975032bc85ef0172c5f059da6325b4 \ 520 | --hash=sha256:efdca5630322a10774e8e98e1af481aad470dd62c3170801852d752aa7a783ba \ 521 | --hash=sha256:f753120cb8181e736c57ef7636e83f31b9c0d1722c516f7e86cf15b7aa57ff12 \ 522 | --hash=sha256:ff3824dc5261f50c9b0dfb3be22b4567a6f938ccce4587b38952d85fd9e9afe4 523 | # via 524 | # -r requirements.in 525 | # ansible-core 526 | requests==2.32.3 \ 527 | --hash=sha256:55365417734eb18255590a9ff9eb97e9e1da868d4ccd6402399eaf68af20a760 \ 528 | --hash=sha256:70761cfe03c773ceb22aa2f671b4757976145175cdfca038c02654d061d6dcc6 529 | # via -r requirements.in 530 | resolvelib==1.0.1 \ 531 | --hash=sha256:04ce76cbd63fded2078ce224785da6ecd42b9564b1390793f64ddecbe997b309 \ 532 | --hash=sha256:d2da45d1a8dfee81bdd591647783e340ef3bcb104b54c383f70d422ef5cc7dbf 533 | # via 534 | # -r requirements.in 535 | # ansible-core 536 | urllib3==2.2.3 \ 537 | --hash=sha256:ca899ca043dcb1bafa3e262d73aa25c465bfb49e0bd9dd5d59f1d0acba2f8fac \ 538 | --hash=sha256:e7d814a81dad81e6caf2ec9fdedb284ecc9c73076b62654547cc64ccdcae26e9 539 | # via 540 | # -r requirements.in 541 | # requests 542 | zipp==3.21.0 \ 543 | --hash=sha256:2c9958f6430a2040341a52eb608ed6dd93ef4392e02ffe219417c1b28b5dd1f4 \ 544 | --hash=sha256:ac1bbe05fd2991f160ebce24ffbac5f6d11d83dc90891255885223d42b3cd931 545 | # via -r requirements.in 546 | 547 | # WARNING: The following packages were not pinned, but pip requires them to be 548 | # pinned when the requirements file includes hashes and the requirement is not 549 | # satisfied by a package already installed. Consider using the --allow-unsafe flag. 550 | # pip 551 | --------------------------------------------------------------------------------