From a7d04fc2ec066265c0571fda56ecce5eac1df060 Mon Sep 17 00:00:00 2001 From: Bryan Honof Date: Wed, 31 Jul 2024 00:13:08 +0200 Subject: [PATCH 01/15] Add Flox as an installation option --- README.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/README.md b/README.md index 4532a353d..1ddeb1dfe 100644 --- a/README.md +++ b/README.md @@ -60,6 +60,14 @@ Additional Conda installation options available on the [gh-feedstock page](https For more information about the Webi installer see [its homepage](https://webinstall.dev/). +#### Flox + +| Install: | Upgrade: | +| ----------------- | ----------------------- | +| `flox install gh` | `flox upgrade toplevel` | + +For more information about Flox, see [its homepage](https://flox.dev) + ### Linux & BSD `gh` is available via: From e5248b8fd44470f08402d72028fc69de881595c3 Mon Sep 17 00:00:00 2001 From: Tyler McGoffin Date: Mon, 12 Aug 2024 14:16:09 -0700 Subject: [PATCH 02/15] Update `gh search prs --project` flag doc to specify `owner/number` syntax There are no code changes required to make this work. I added a test specifying `/` and nothing failed. Any syntax issues are returned by the api with a generic message: ``` Invalid search query "project:\"\" type:pr". An invalid project was specified. ``` This, combined with the updated docstring, should be sufficient for users to troubleshoot any issues with the `--project` flag syntax --- pkg/cmd/search/prs/prs.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/cmd/search/prs/prs.go b/pkg/cmd/search/prs/prs.go index 32565a580..fa00677e6 100644 --- a/pkg/cmd/search/prs/prs.go +++ b/pkg/cmd/search/prs/prs.go @@ -168,7 +168,7 @@ func NewCmdPrs(f *cmdutil.Factory, runF func(*shared.IssuesOptions) error) *cobr cmd.Flags().BoolVar(&noLabel, "no-label", false, "Filter on missing label") cmd.Flags().BoolVar(&noMilestone, "no-milestone", false, "Filter on missing milestone") cmd.Flags().BoolVar(&noProject, "no-project", false, "Filter on missing project") - cmd.Flags().StringVar(&opts.Query.Qualifiers.Project, "project", "", "Filter on project board `number`") + cmd.Flags().StringVar(&opts.Query.Qualifiers.Project, "project", "", "Filter on project board `owner/number`") cmd.Flags().StringVar(&opts.Query.Qualifiers.Reactions, "reactions", "", "Filter on `number` of reactions") cmd.Flags().StringSliceVarP(&opts.Query.Qualifiers.Repo, "repo", "R", nil, "Filter on repository") cmdutil.StringEnumFlag(cmd, &opts.Query.Qualifiers.State, "state", "", "", []string{"open", "closed"}, "Filter based on state") From c838da9ee1f0ffa4e764761dc90b46accd6f0da5 Mon Sep 17 00:00:00 2001 From: Tyler McGoffin Date: Mon, 12 Aug 2024 14:36:56 -0700 Subject: [PATCH 03/15] Update `gh search issues --project` flag doc to specify `owner/number` syntax There are no code changes required to make this work. I added a test specifying `/` and nothing failed. Any syntax issues are returned by the api with a generic message: ``` Invalid search query "project:\"\" type:issue". An invalid project was specified. ``` This, combined with the updated docstring, should be sufficient for users to troubleshoot any issues with the `--project` flag syntax --- pkg/cmd/search/issues/issues.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/cmd/search/issues/issues.go b/pkg/cmd/search/issues/issues.go index a8be32f71..793eecc61 100644 --- a/pkg/cmd/search/issues/issues.go +++ b/pkg/cmd/search/issues/issues.go @@ -157,7 +157,7 @@ func NewCmdIssues(f *cmdutil.Factory, runF func(*shared.IssuesOptions) error) *c cmd.Flags().BoolVar(&noLabel, "no-label", false, "Filter on missing label") cmd.Flags().BoolVar(&noMilestone, "no-milestone", false, "Filter on missing milestone") cmd.Flags().BoolVar(&noProject, "no-project", false, "Filter on missing project") - cmd.Flags().StringVar(&opts.Query.Qualifiers.Project, "project", "", "Filter on project board `number`") + cmd.Flags().StringVar(&opts.Query.Qualifiers.Project, "project", "", "Filter on project board `owner/number`") cmd.Flags().StringVar(&opts.Query.Qualifiers.Reactions, "reactions", "", "Filter on `number` of reactions") cmd.Flags().StringSliceVarP(&opts.Query.Qualifiers.Repo, "repo", "R", nil, "Filter on repository") cmdutil.StringEnumFlag(cmd, &opts.Query.Qualifiers.State, "state", "", "", []string{"open", "closed"}, "Filter based on state") From 025dcc8e959d04e6017113dc5cf600c8e0839bff Mon Sep 17 00:00:00 2001 From: bagtoad <47394200+BagToad@users.noreply.github.com> Date: Wed, 14 Aug 2024 10:20:41 -0600 Subject: [PATCH 04/15] Use latest checkout version, generate attestations, and specify go version file input. --- pkg/cmd/extension/ext_tmpls/goBinWorkflow.yml | 5 ++++- pkg/cmd/extension/ext_tmpls/otherBinWorkflow.yml | 3 ++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/pkg/cmd/extension/ext_tmpls/goBinWorkflow.yml b/pkg/cmd/extension/ext_tmpls/goBinWorkflow.yml index dfda64d0e..9557f7200 100644 --- a/pkg/cmd/extension/ext_tmpls/goBinWorkflow.yml +++ b/pkg/cmd/extension/ext_tmpls/goBinWorkflow.yml @@ -10,5 +10,8 @@ jobs: release: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: cli/gh-extension-precompile@v1 + with: + generate_attestations: true + go_version_file: go.mod diff --git a/pkg/cmd/extension/ext_tmpls/otherBinWorkflow.yml b/pkg/cmd/extension/ext_tmpls/otherBinWorkflow.yml index 5b7c867a1..60669be08 100644 --- a/pkg/cmd/extension/ext_tmpls/otherBinWorkflow.yml +++ b/pkg/cmd/extension/ext_tmpls/otherBinWorkflow.yml @@ -10,7 +10,8 @@ jobs: release: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: cli/gh-extension-precompile@v1 with: build_script_override: "script/build.sh" + generate_attestations: true From 820f4f34694ddfeba8f6719e863419d53dc5c956 Mon Sep 17 00:00:00 2001 From: Kynan Ware <47394200+BagToad@users.noreply.github.com> Date: Wed, 14 Aug 2024 12:02:11 -0600 Subject: [PATCH 05/15] Do not generate build attestations for otherBinWorkflow.yml --- pkg/cmd/extension/ext_tmpls/otherBinWorkflow.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/pkg/cmd/extension/ext_tmpls/otherBinWorkflow.yml b/pkg/cmd/extension/ext_tmpls/otherBinWorkflow.yml index 60669be08..78ba05171 100644 --- a/pkg/cmd/extension/ext_tmpls/otherBinWorkflow.yml +++ b/pkg/cmd/extension/ext_tmpls/otherBinWorkflow.yml @@ -14,4 +14,3 @@ jobs: - uses: cli/gh-extension-precompile@v1 with: build_script_override: "script/build.sh" - generate_attestations: true From 5b7070f027aa7537a869dc6456640e159a303f95 Mon Sep 17 00:00:00 2001 From: Kynan Ware <47394200+BagToad@users.noreply.github.com> Date: Wed, 14 Aug 2024 15:16:45 -0600 Subject: [PATCH 06/15] include required permissions to generate attestations --- pkg/cmd/extension/ext_tmpls/goBinWorkflow.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pkg/cmd/extension/ext_tmpls/goBinWorkflow.yml b/pkg/cmd/extension/ext_tmpls/goBinWorkflow.yml index 9557f7200..080019c2a 100644 --- a/pkg/cmd/extension/ext_tmpls/goBinWorkflow.yml +++ b/pkg/cmd/extension/ext_tmpls/goBinWorkflow.yml @@ -5,6 +5,8 @@ on: - "v*" permissions: contents: write + id-token: write + attestations: write jobs: release: From 4618a267de22bea9f348f04e591a1d32c7b0d18c Mon Sep 17 00:00:00 2001 From: Cody Soyland Date: Thu, 15 Aug 2024 13:06:54 -0400 Subject: [PATCH 07/15] Update attestation TUF root Signed-off-by: Cody Soyland --- .../embed/tuf-repo.github.com/root.json | 326 +++++++++--------- 1 file changed, 165 insertions(+), 161 deletions(-) diff --git a/pkg/cmd/attestation/verification/embed/tuf-repo.github.com/root.json b/pkg/cmd/attestation/verification/embed/tuf-repo.github.com/root.json index 2990a2665..0d20e8f50 100644 --- a/pkg/cmd/attestation/verification/embed/tuf-repo.github.com/root.json +++ b/pkg/cmd/attestation/verification/embed/tuf-repo.github.com/root.json @@ -1,163 +1,167 @@ { - "signatures": [ - { - "keyid": "a10513a5ab61acd0c6b6fbe0504856ead18f3b17c4fabbe3fa848c79a5a187cf", - "sig": "304402203c8f5f7443f7052923e82f9ca0b1bb61a33498444076a2f43e1285a47f6e562d022014de99a7e5413440896b6804944e3c49390cfe6e617211b8dc42a8e67675bc13" - }, - { - "keyid": "d6a89e23fb22801a0d1186bf1bdd007e228f65a8aa9964d24d06cb5fbb0ce91c", - "sig": "3044022009a20307f974af7e05cc9564eea497f45062e3b21272d1062713b3d22c868298022059d032ad973a28bdbd03959cf96b21398b6b6e2ca618c17ce6c13712246343a2" - }, - { - "keyid": "539dde44014c850fe6eeb8b299eb7dae2e1f4bf83454b949e98aa73542cdc65a", - "sig": "3045022100edd270d36d0c8468b9a1f2ef1c81a270c72ffd50c65bca0ed1ebd424df09f64b022002b27ffafd7bc5bdfc25281b5b9b597cf2d67d4eeb4af2ff45eb3e666b860c21" - }, - { - "keyid": "88737ccdac7b49cc237e9aaead81be2a40278b886a693d8149a19cf543f093d3", - "sig": "30460221008d7d95434e576d5876b2db30fd645505ca546618bbc7a8e4b39f64e6a36df9ad022100c00a5294e4ddd02d48d28918b87a06bdfdeccd0618ecdcec29bb2597a05fe474" - }, - { - "keyid": "5e01c9a0b2641a8965a4a74e7df0bc7b2d8278a2c3ca0cf7a3f2f783d3c69800", - "sig": "30450220215fb3d19d94560a3a2a6067a71c92daf867d13700c9500c4c32d8009a48a634022100df9fb6cee786313bf6c363daac4de39b3dd531f211f81d2391c41bd2d0f91a80" - }, - { - "keyid": "4f4d1dd75f2d7f3860e3a068d7bed90dec5f0faafcbe1ace7fb7d95d29e07228", - "sig": "304502204091ac5e61b6462d262ecc8442781dd09843bed39942a95a4884c8c6a2c212ef022100dcee86392748f48950d04d539ac1a6643ed1f0b4bd6856f8aeb5a135826c846f" - }, - { - "keyid": "eb8eff37f93af2faaba519f341decec3cecd3eeafcace32966db9723842c8a62", - "sig": "30460221009188548601a43b501223caeefca4876ae892e18a85c885004b4c8aeeb05a4421022100abdcc72d94597f8297d6297897ff96f285168dbe6b3d57f846dbc7a2948d2935" - }, - { - "keyid": "8b498a80a1b7af188c10c9abdf6aade81d14faaffcde2abcd6063baa673ebd12", - "sig": "3046022100b440561545d48759dc4140cda9f8af7c9405a101d6136dd0a26edd6562b7064f022100cafa917ed90350494e47d226b64a8ec63ef5ceebb8ba4d2dec2ce018e4ad402a" - } + "signatures": [ + { + "keyid": "4f4d1dd75f2d7f3860e3a068d7bed90dec5f0faafcbe1ace7fb7d95d29e07228", + "sig": "" + }, + { + "keyid": "eb8eff37f93af2faaba519f341decec3cecd3eeafcace32966db9723842c8a62", + "sig": "" + }, + { + "keyid": "539dde44014c850fe6eeb8b299eb7dae2e1f4bf83454b949e98aa73542cdc65a", + "sig": "" + }, + { + "keyid": "a10513a5ab61acd0c6b6fbe0504856ead18f3b17c4fabbe3fa848c79a5a187cf", + "sig": "3046022100ca341d3ba2ef7657d69c2825729959681f55aec497b612e81a547e2abb616b49022100cd605b412a3d991f92e0818e07e60383bbd23904723eec221d6e39fdfeae3104" + }, + { + "keyid": "5e01c9a0b2641a8965a4a74e7df0bc7b2d8278a2c3ca0cf7a3f2f783d3c69800", + "sig": "3046022100d0f70effe60d6a18319e2890088cd01d45c654ee6d2ce1d5c3cdcf2dc7f637570221008f947a2d7334d948f1c4794b0a465f1dfb99a578dd8d1f4563cee0581f457db2" + }, + { + "keyid": "54809115b40137aac01af4b7ac2408c77ea0d58fa4dad48fc3196497d2a26f44", + "sig": "304502201ae931db1c48020fb37af54d446ac856306f619dfc3f93ddcff70d2880e443dc022100992b70451aa74805adef24e85ec352e598812267f623979bd4ce719b66b62d22" + }, + { + "keyid": "88737ccdac7b49cc237e9aaead81be2a40278b886a693d8149a19cf543f093d3", + "sig": "3045022023bba8e14c177609f43873aa0087ef983ddd2bad9a0a832c0cf279e1be8798f2022100facfaecc1d7ee793042eaaa6970fb9ca700c3bdbf4ee43ed0f8d0fc3aef96563" + }, + { + "keyid": "d6a89e23fb22801a0d1186bf1bdd007e228f65a8aa9964d24d06cb5fbb0ce91c", + "sig": "3046022100d2f6cceb05d135ce6a6ce7fe1dc76c24508154ad71c433028e64ca95ba716ffb022100f0592d60eb67508dd5f9cc593a4cca33bbaf94882c3d74a560fda845a456c6cc" + }, + { + "keyid": "8b498a80a1b7af188c10c9abdf6aade81d14faaffcde2abcd6063baa673ebd12", + "sig": "30450221009af2f0c534ed92de909a3b727f7101319c18e10623de8f48a0eba980d3d54d830220095842b16c58567c71f9dfa0b54e79daca1b2fecf3cb2ea4ee6d8393bdf93294" + } + ], + "signed": { + "_type": "root", + "consistent_snapshot": true, + "expires": "2025-04-11T14:36:57Z", + "keys": { + "4f4d1dd75f2d7f3860e3a068d7bed90dec5f0faafcbe1ace7fb7d95d29e07228": { + "keytype": "ecdsa", + "keyval": { + "public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAENki7aZVips5SgRzCd/Om0CGzQKY/\nnv84giqVDmdwb2ys82Z6soFLasvYYEEQcwqaC170n9gr93wHUgPc796uJA==\n-----END PUBLIC KEY-----\n" + }, + "scheme": "ecdsa-sha2-nistp256", + "x-tuf-on-ci-keyowner": "@ashtom" + }, + "539dde44014c850fe6eeb8b299eb7dae2e1f4bf83454b949e98aa73542cdc65a": { + "keytype": "ecdsa", + "keyval": { + "public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAElD0o2sOZN9n3RKQ7PtMLAoXj+2Ai\nn4PKT/pfnzDlNLrD3VTQwCc4sR4t+OLu4KQ+qk+kXkR9YuBsu3bdJZ1OWw==\n-----END PUBLIC KEY-----\n" + }, + "scheme": "ecdsa-sha2-nistp256", + "x-tuf-on-ci-keyowner": "@nerdneha" + }, + "54809115b40137aac01af4b7ac2408c77ea0d58fa4dad48fc3196497d2a26f44": { + "keytype": "ecdsa", + "keyval": { + "public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEimKcdST+ORD+g0aGEFDOVZDAaIYg\nIgesNKiIe2L7MUsYx5UHhzQ08quvew13eYSCNJnfwooFZu7cdTu8AwqFjQ==\n-----END PUBLIC KEY-----\n" + }, + "scheme": "ecdsa-sha2-nistp256", + "x-tuf-on-ci-keyowner": "@alexiswales" + }, + "88737ccdac7b49cc237e9aaead81be2a40278b886a693d8149a19cf543f093d3": { + "keytype": "ecdsa", + "keyval": { + "public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEBagkskNOpOTbetTX5CdnvMy+LiWn\nonRrNrqAHL4WgiebH7Uig7GLhC3bkeA/qgb926/vr9qhOPG9Buj2HatrPw==\n-----END PUBLIC KEY-----\n" + }, + "scheme": "ecdsa-sha2-nistp256", + "x-tuf-on-ci-keyowner": "@gregose" + }, + "8b498a80a1b7af188c10c9abdf6aade81d14faaffcde2abcd6063baa673ebd12": { + "keytype": "ecdsa", + "keyval": { + "public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE7IEoVNwrprchXGhT5sAhSax7SOd3\n8duuISghCzfmHdKJWSbV2wJRamRiUVRtmA83K/qm5cT20WXMCT5QeM/D3A==\n-----END PUBLIC KEY-----\n" + }, + "scheme": "ecdsa-sha2-nistp256", + "x-tuf-on-ci-keyowner": "@trevrosen" + }, + "a10513a5ab61acd0c6b6fbe0504856ead18f3b17c4fabbe3fa848c79a5a187cf": { + "keytype": "ecdsa", + "keyval": { + "public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEC2wJ3xscyXxBLybJ9FVjwkyQMe53\nRHUz77AjMO8MzVaT8xw6ZvJqdNZiytYtigWULlINxw6frNsWJKb/f7lC8A==\n-----END PUBLIC KEY-----\n" + }, + "scheme": "ecdsa-sha2-nistp256", + "x-tuf-on-ci-keyowner": "@kommendorkapten" + }, + "d6a89e23fb22801a0d1186bf1bdd007e228f65a8aa9964d24d06cb5fbb0ce91c": { + "keytype": "ecdsa", + "keyval": { + "public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEDdORwcruW3gqAgaLjH/nNdGMB4kQ\nAvA+wD6DyO4P/wR8ee2ce83NZHq1ZADKhve0rlYKaKy3CqyQ5SmlZ36Zhw==\n-----END PUBLIC KEY-----\n" + }, + "scheme": "ecdsa-sha2-nistp256", + "x-tuf-on-ci-keyowner": "@krukow" + }, + "eb8eff37f93af2faaba519f341decec3cecd3eeafcace32966db9723842c8a62": { + "keytype": "ecdsa", + "keyval": { + "public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAENynVdQnM9h7xU71G7PiJpQaDemub\nkbjsjYwLlPJTQVuxQO8WeIpJf8MEh5rf01t2dDIuCsZ5gRx+QvDv0UzfsA==\n-----END PUBLIC KEY-----\n" + }, + "scheme": "ecdsa-sha2-nistp256", + "x-tuf-on-ci-keyowner": "@mph4" + }, + "eb9799b483affac9da87ef4c9ea467928415c961349e607e5e6e485679b07f8f": { + "keytype": "ecdsa", + "keyval": { + "public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAENKNcNcX+d73lS1TRFb9Vnp8JvOoh\nzYQ+in43iGenbG8RGo9L/6FJ2hoRbVU6xskvyuErcdPbCdI4GxrQ5i8hkw==\n-----END PUBLIC KEY-----\n" + }, + "scheme": "ecdsa-sha2-nistp256", + "x-tuf-on-ci-online-uri": "azurekms://production-tuf-root.vault.azure.net/keys/Online-Key/aaf375fd8ed24acb949a5cc173700b05" + } + }, + "roles": { + "root": { + "keyids": [ + "a10513a5ab61acd0c6b6fbe0504856ead18f3b17c4fabbe3fa848c79a5a187cf", + "4f4d1dd75f2d7f3860e3a068d7bed90dec5f0faafcbe1ace7fb7d95d29e07228", + "88737ccdac7b49cc237e9aaead81be2a40278b886a693d8149a19cf543f093d3", + "d6a89e23fb22801a0d1186bf1bdd007e228f65a8aa9964d24d06cb5fbb0ce91c", + "eb8eff37f93af2faaba519f341decec3cecd3eeafcace32966db9723842c8a62", + "8b498a80a1b7af188c10c9abdf6aade81d14faaffcde2abcd6063baa673ebd12", + "539dde44014c850fe6eeb8b299eb7dae2e1f4bf83454b949e98aa73542cdc65a", + "54809115b40137aac01af4b7ac2408c77ea0d58fa4dad48fc3196497d2a26f44" ], - "signed": { - "_type": "root", - "consistent_snapshot": true, - "expires": "2024-06-23T08:29:18Z", - "keys": { - "4f4d1dd75f2d7f3860e3a068d7bed90dec5f0faafcbe1ace7fb7d95d29e07228": { - "keytype": "ecdsa", - "keyval": { - "public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAENki7aZVips5SgRzCd/Om0CGzQKY/\nnv84giqVDmdwb2ys82Z6soFLasvYYEEQcwqaC170n9gr93wHUgPc796uJA==\n-----END PUBLIC KEY-----\n" - }, - "scheme": "ecdsa-sha2-nistp256", - "x-tuf-on-ci-keyowner": "@ashtom" - }, - "539dde44014c850fe6eeb8b299eb7dae2e1f4bf83454b949e98aa73542cdc65a": { - "keytype": "ecdsa", - "keyval": { - "public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAElD0o2sOZN9n3RKQ7PtMLAoXj+2Ai\nn4PKT/pfnzDlNLrD3VTQwCc4sR4t+OLu4KQ+qk+kXkR9YuBsu3bdJZ1OWw==\n-----END PUBLIC KEY-----\n" - }, - "scheme": "ecdsa-sha2-nistp256", - "x-tuf-on-ci-keyowner": "@nerdneha" - }, - "5e01c9a0b2641a8965a4a74e7df0bc7b2d8278a2c3ca0cf7a3f2f783d3c69800": { - "keytype": "ecdsa", - "keyval": { - "public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEC9RNAsuDCNO6T7qA7Y5F8orw2tIW\nr7rUr4ffxvzTMrbkVtjR/trtE0q0+T0zQ8TWLyI6EYMwb947ej2ItfkOyA==\n-----END PUBLIC KEY-----\n" - }, - "scheme": "ecdsa-sha2-nistp256", - "x-tuf-on-ci-keyowner": "@jacobdepriest" - }, - "88737ccdac7b49cc237e9aaead81be2a40278b886a693d8149a19cf543f093d3": { - "keytype": "ecdsa", - "keyval": { - "public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEBagkskNOpOTbetTX5CdnvMy+LiWn\nonRrNrqAHL4WgiebH7Uig7GLhC3bkeA/qgb926/vr9qhOPG9Buj2HatrPw==\n-----END PUBLIC KEY-----\n" - }, - "scheme": "ecdsa-sha2-nistp256", - "x-tuf-on-ci-keyowner": "@gregose" - }, - "8b498a80a1b7af188c10c9abdf6aade81d14faaffcde2abcd6063baa673ebd12": { - "keytype": "ecdsa", - "keyval": { - "public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE7IEoVNwrprchXGhT5sAhSax7SOd3\n8duuISghCzfmHdKJWSbV2wJRamRiUVRtmA83K/qm5cT20WXMCT5QeM/D3A==\n-----END PUBLIC KEY-----\n" - }, - "scheme": "ecdsa-sha2-nistp256", - "x-tuf-on-ci-keyowner": "@trevrosen" - }, - "a10513a5ab61acd0c6b6fbe0504856ead18f3b17c4fabbe3fa848c79a5a187cf": { - "keytype": "ecdsa", - "keyval": { - "public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEC2wJ3xscyXxBLybJ9FVjwkyQMe53\nRHUz77AjMO8MzVaT8xw6ZvJqdNZiytYtigWULlINxw6frNsWJKb/f7lC8A==\n-----END PUBLIC KEY-----\n" - }, - "scheme": "ecdsa-sha2-nistp256", - "x-tuf-on-ci-keyowner": "@kommendorkapten" - }, - "d6a89e23fb22801a0d1186bf1bdd007e228f65a8aa9964d24d06cb5fbb0ce91c": { - "keytype": "ecdsa", - "keyval": { - "public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEDdORwcruW3gqAgaLjH/nNdGMB4kQ\nAvA+wD6DyO4P/wR8ee2ce83NZHq1ZADKhve0rlYKaKy3CqyQ5SmlZ36Zhw==\n-----END PUBLIC KEY-----\n" - }, - "scheme": "ecdsa-sha2-nistp256", - "x-tuf-on-ci-keyowner": "@krukow" - }, - "eb8eff37f93af2faaba519f341decec3cecd3eeafcace32966db9723842c8a62": { - "keytype": "ecdsa", - "keyval": { - "public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAENynVdQnM9h7xU71G7PiJpQaDemub\nkbjsjYwLlPJTQVuxQO8WeIpJf8MEh5rf01t2dDIuCsZ5gRx+QvDv0UzfsA==\n-----END PUBLIC KEY-----\n" - }, - "scheme": "ecdsa-sha2-nistp256", - "x-tuf-on-ci-keyowner": "@mph4" - }, - "eb9799b483affac9da87ef4c9ea467928415c961349e607e5e6e485679b07f8f": { - "keytype": "ecdsa", - "keyval": { - "public": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAENKNcNcX+d73lS1TRFb9Vnp8JvOoh\nzYQ+in43iGenbG8RGo9L/6FJ2hoRbVU6xskvyuErcdPbCdI4GxrQ5i8hkw==\n-----END PUBLIC KEY-----\n" - }, - "scheme": "ecdsa-sha2-nistp256", - "x-tuf-on-ci-online-uri": "azurekms://production-tuf-root.vault.azure.net/keys/Online-Key/aaf375fd8ed24acb949a5cc173700b05" - } - }, - "roles": { - "root": { - "keyids": [ - "a10513a5ab61acd0c6b6fbe0504856ead18f3b17c4fabbe3fa848c79a5a187cf", - "4f4d1dd75f2d7f3860e3a068d7bed90dec5f0faafcbe1ace7fb7d95d29e07228", - "88737ccdac7b49cc237e9aaead81be2a40278b886a693d8149a19cf543f093d3", - "5e01c9a0b2641a8965a4a74e7df0bc7b2d8278a2c3ca0cf7a3f2f783d3c69800", - "d6a89e23fb22801a0d1186bf1bdd007e228f65a8aa9964d24d06cb5fbb0ce91c", - "eb8eff37f93af2faaba519f341decec3cecd3eeafcace32966db9723842c8a62", - "8b498a80a1b7af188c10c9abdf6aade81d14faaffcde2abcd6063baa673ebd12", - "539dde44014c850fe6eeb8b299eb7dae2e1f4bf83454b949e98aa73542cdc65a" - ], - "threshold": 3 - }, - "snapshot": { - "keyids": [ - "eb9799b483affac9da87ef4c9ea467928415c961349e607e5e6e485679b07f8f" - ], - "threshold": 1, - "x-tuf-on-ci-expiry-period": 21, - "x-tuf-on-ci-signing-period": 7 - }, - "targets": { - "keyids": [ - "a10513a5ab61acd0c6b6fbe0504856ead18f3b17c4fabbe3fa848c79a5a187cf", - "4f4d1dd75f2d7f3860e3a068d7bed90dec5f0faafcbe1ace7fb7d95d29e07228", - "88737ccdac7b49cc237e9aaead81be2a40278b886a693d8149a19cf543f093d3", - "5e01c9a0b2641a8965a4a74e7df0bc7b2d8278a2c3ca0cf7a3f2f783d3c69800", - "d6a89e23fb22801a0d1186bf1bdd007e228f65a8aa9964d24d06cb5fbb0ce91c", - "eb8eff37f93af2faaba519f341decec3cecd3eeafcace32966db9723842c8a62", - "8b498a80a1b7af188c10c9abdf6aade81d14faaffcde2abcd6063baa673ebd12", - "539dde44014c850fe6eeb8b299eb7dae2e1f4bf83454b949e98aa73542cdc65a" - ], - "threshold": 3 - }, - "timestamp": { - "keyids": [ - "eb9799b483affac9da87ef4c9ea467928415c961349e607e5e6e485679b07f8f" - ], - "threshold": 1, - "x-tuf-on-ci-expiry-period": 7, - "x-tuf-on-ci-signing-period": 6 - } - }, - "spec_version": "1.0.31", - "version": 1, - "x-tuf-on-ci-expiry-period": 240, - "x-tuf-on-ci-signing-period": 60 - } -} + "threshold": 3 + }, + "snapshot": { + "keyids": [ + "eb9799b483affac9da87ef4c9ea467928415c961349e607e5e6e485679b07f8f" + ], + "threshold": 1, + "x-tuf-on-ci-expiry-period": 21, + "x-tuf-on-ci-signing-period": 7 + }, + "targets": { + "keyids": [ + "a10513a5ab61acd0c6b6fbe0504856ead18f3b17c4fabbe3fa848c79a5a187cf", + "4f4d1dd75f2d7f3860e3a068d7bed90dec5f0faafcbe1ace7fb7d95d29e07228", + "88737ccdac7b49cc237e9aaead81be2a40278b886a693d8149a19cf543f093d3", + "d6a89e23fb22801a0d1186bf1bdd007e228f65a8aa9964d24d06cb5fbb0ce91c", + "eb8eff37f93af2faaba519f341decec3cecd3eeafcace32966db9723842c8a62", + "8b498a80a1b7af188c10c9abdf6aade81d14faaffcde2abcd6063baa673ebd12", + "539dde44014c850fe6eeb8b299eb7dae2e1f4bf83454b949e98aa73542cdc65a", + "54809115b40137aac01af4b7ac2408c77ea0d58fa4dad48fc3196497d2a26f44" + ], + "threshold": 3 + }, + "timestamp": { + "keyids": [ + "eb9799b483affac9da87ef4c9ea467928415c961349e607e5e6e485679b07f8f" + ], + "threshold": 1, + "x-tuf-on-ci-expiry-period": 7, + "x-tuf-on-ci-signing-period": 6 + } + }, + "spec_version": "1.0.31", + "version": 3, + "x-tuf-on-ci-expiry-period": 240, + "x-tuf-on-ci-signing-period": 60 + } +} \ No newline at end of file From d707102958deda188ddd44f44854dab25394eadb Mon Sep 17 00:00:00 2001 From: Kynan Ware <47394200+BagToad@users.noreply.github.com> Date: Thu, 15 Aug 2024 11:24:40 -0600 Subject: [PATCH 08/15] Add a note about external contributors to `working-with-us.md` --- docs/working-with-us.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docs/working-with-us.md b/docs/working-with-us.md index b4163350b..38326921e 100644 --- a/docs/working-with-us.md +++ b/docs/working-with-us.md @@ -4,6 +4,9 @@ POV: your team at GitHub is interested in shipping a new command in `gh`. This document outlines the process the CLI team prefers for helping ensure success both for your new feature and the CLI project as a whole. +> [!NOTE] +> External contributors, please see [CONTRIBUTING.md](/.github/CONTRIBUTING.md). + ## Step 0: Create an extension Even if you want to see your code merged into `gh`, you should start with [an extension](https://docs.github.com/en/github-cli/github-cli/creating-github-cli-extensions) written in Go and leveraging [go-gh](https://github.com/cli/go-gh). Though `gh` extensions can be written in any language, we treat Go as a first class experience and ship a library of helpers for extensions written in Go. From 1886fb46aba416e01e5b6ab43fc8e744342d8fb1 Mon Sep 17 00:00:00 2001 From: Prabhat Kumar Sahu Date: Sat, 17 Aug 2024 03:00:11 +0530 Subject: [PATCH 09/15] Fix pr checks exit code (#9452) * Enhance with exit code documentation * Add new error message for PR check * Refine gh pr checks: Add exit code 8 * Update EXIT CODES section format in man page generation --- internal/docs/man.go | 10 ++++++++++ internal/docs/man_test.go | 25 +++++++++++++++++++++++++ pkg/cmd/pr/checks/checks.go | 3 +++ pkg/cmd/root/help.go | 1 + 4 files changed, 39 insertions(+) diff --git a/internal/docs/man.go b/internal/docs/man.go index 5ac353a46..66878d278 100644 --- a/internal/docs/man.go +++ b/internal/docs/man.go @@ -198,6 +198,15 @@ func manPrintJSONFields(buf *bytes.Buffer, command *cobra.Command) { buf.WriteString("\n") } +func manPrintExitCodes(buf *bytes.Buffer) { + buf.WriteString("# EXIT CODES\n") + buf.WriteString("0: Successful execution\n\n") + buf.WriteString("1: Error\n\n") + buf.WriteString("2: Command canceled\n\n") + buf.WriteString("4: Authentication required\n\n") + buf.WriteString("NOTE: Specific commands may have additional exit codes. Refer to the command's help for more information.\n\n") +} + func genMan(cmd *cobra.Command, header *GenManHeader) []byte { cmd.InitDefaultHelpCmd() cmd.InitDefaultHelpFlag() @@ -217,6 +226,7 @@ func genMan(cmd *cobra.Command, header *GenManHeader) []byte { manPrintOptions(buf, cmd) manPrintAliases(buf, cmd) manPrintJSONFields(buf, cmd) + manPrintExitCodes(buf) if len(cmd.Example) > 0 { buf.WriteString("# EXAMPLE\n") buf.WriteString(fmt.Sprintf("```\n%s\n```\n", cmd.Example)) diff --git a/internal/docs/man_test.go b/internal/docs/man_test.go index 2a0f6a7f7..4db6b7459 100644 --- a/internal/docs/man_test.go +++ b/internal/docs/man_test.go @@ -129,6 +129,31 @@ func TestGenManJSONFields(t *testing.T) { checkStringContains(t, output, "baz") } +func TestGenManDocExitCodes(t *testing.T) { + header := &GenManHeader{ + Title: "Project", + Section: "1", + } + cmd := &cobra.Command{ + Use: "test-command", + Short: "A test command", + Long: "A test command for checking exit codes section", + } + buf := new(bytes.Buffer) + if err := renderMan(cmd, header, buf); err != nil { + t.Fatal(err) + } + output := buf.String() + + // Check for the presence of the exit codes section + checkStringContains(t, output, ".SH EXIT CODES") + checkStringContains(t, output, "0: Successful execution") + checkStringContains(t, output, "1: Error") + checkStringContains(t, output, "2: Command canceled") + checkStringContains(t, output, "4: Authentication required") + checkStringContains(t, output, "NOTE: Specific commands may have additional exit codes. Refer to the command's help for more information.") +} + func TestManPrintFlagsHidesShortDeprecated(t *testing.T) { c := &cobra.Command{} c.Flags().StringP("foo", "f", "default", "Foo flag") diff --git a/pkg/cmd/pr/checks/checks.go b/pkg/cmd/pr/checks/checks.go index bbf2f453b..40b395897 100644 --- a/pkg/cmd/pr/checks/checks.go +++ b/pkg/cmd/pr/checks/checks.go @@ -66,6 +66,9 @@ func NewCmdChecks(f *cmdutil.Factory, runF func(*ChecksOptions) error) *cobra.Co Without an argument, the pull request that belongs to the current branch is selected. + + Additional exit codes: + 8: Checks pending `), Args: cobra.MaximumNArgs(1), RunE: func(cmd *cobra.Command, args []string) error { diff --git a/pkg/cmd/root/help.go b/pkg/cmd/root/help.go index ee5db5e68..a7daa7b84 100644 --- a/pkg/cmd/root/help.go +++ b/pkg/cmd/root/help.go @@ -182,6 +182,7 @@ func rootHelpFunc(f *cmdutil.Factory, command *cobra.Command, args []string) { helpEntries = append(helpEntries, helpEntry{"LEARN MORE", heredoc.Docf(` Use %[1]sgh --help%[1]s for more information about a command. Read the manual at https://cli.github.com/manual + Learn about exit codes using %[1]sgh help exit-codes%[1]s `, "`")}) out := f.IOStreams.Out From 800f99d9fa9fcdc32a0c37a3eed46586f64ff987 Mon Sep 17 00:00:00 2001 From: Arun Date: Thu, 8 Aug 2024 21:27:35 -0700 Subject: [PATCH 10/15] Describe bucket and state JSON fields in pr checks command While the `state` field corresponds 1:1 with different GitHub Actions states, the `bucket` field is an abstraction of the CLI that lacked documentation. This both adds documentation about the existence of the `bucket` field and enumerates the possible values. --- pkg/cmd/pr/checks/checks.go | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/pkg/cmd/pr/checks/checks.go b/pkg/cmd/pr/checks/checks.go index 40b395897..797c19c19 100644 --- a/pkg/cmd/pr/checks/checks.go +++ b/pkg/cmd/pr/checks/checks.go @@ -61,15 +61,18 @@ func NewCmdChecks(f *cmdutil.Factory, runF func(*ChecksOptions) error) *cobra.Co cmd := &cobra.Command{ Use: "checks [ | | ]", Short: "Show CI status for a single pull request", - Long: heredoc.Doc(` + Long: heredoc.Docf(` Show CI status for a single pull request. Without an argument, the pull request that belongs to the current branch is selected. + When the %[1]s--json%[1]s flag is used, it includes a %[1]sbucket%[1]s field, which categorizes + the %[1]sstate%[1]s field into %[1]spass%[1]s, %[1]sfail%[1]s, %[1]spending%[1]s, %[1]sskipping%[1]s, or %[1]scancel%[1]s. + Additional exit codes: 8: Checks pending - `), + `, "`"), Args: cobra.MaximumNArgs(1), RunE: func(cmd *cobra.Command, args []string) error { opts.Finder = shared.NewFinder(f) From 56e1cdae9e5e5f5f69ecc92cef8b49a7f2a33f0c Mon Sep 17 00:00:00 2001 From: benebsiny Date: Sat, 17 Aug 2024 12:04:09 +0800 Subject: [PATCH 11/15] fix behavior for `issue develop -b non-exist-branch` --- api/queries_branch_issue_reference.go | 6 +++++- pkg/cmd/issue/develop/develop.go | 2 +- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/api/queries_branch_issue_reference.go b/api/queries_branch_issue_reference.go index 16e36831b..0b60ff935 100644 --- a/api/queries_branch_issue_reference.go +++ b/api/queries_branch_issue_reference.go @@ -138,7 +138,11 @@ func FindRepoBranchID(client *Client, repo ghrepo.Interface, ref string) (string branchID := query.Repository.Ref.Target.Oid if branchID == "" { - branchID = query.Repository.DefaultBranchRef.Target.Oid + if ref != "" { + return "", "", fmt.Errorf("could not find branch %q in %s", ref, ghrepo.FullName(repo)) + } else { + branchID = query.Repository.DefaultBranchRef.Target.Oid + } } return query.Repository.Id, branchID, nil diff --git a/pkg/cmd/issue/develop/develop.go b/pkg/cmd/issue/develop/develop.go index 32423af35..164291409 100644 --- a/pkg/cmd/issue/develop/develop.go +++ b/pkg/cmd/issue/develop/develop.go @@ -106,7 +106,7 @@ func NewCmdDevelop(f *cmdutil.Factory, runF func(*DevelopOptions) error) *cobra. fl := cmd.Flags() fl.StringVar(&opts.BranchRepo, "branch-repo", "", "Name or URL of the repository where you want to create your new branch") - fl.StringVarP(&opts.BaseBranch, "base", "b", "", "Name of the base branch you want to make your new branch from") + fl.StringVarP(&opts.BaseBranch, "base", "b", "", "Name of the remote base branch you want to make your new branch from") fl.BoolVarP(&opts.Checkout, "checkout", "c", false, "Checkout the branch after creating it") fl.BoolVarP(&opts.List, "list", "l", false, "List linked branches for the issue") fl.StringVarP(&opts.Name, "name", "n", "", "Name of the branch to create") From e269d43c5a5b2d4ef3dfce14427835a732426662 Mon Sep 17 00:00:00 2001 From: benebsiny Date: Sat, 17 Aug 2024 13:47:02 +0800 Subject: [PATCH 12/15] add testing --- pkg/cmd/issue/develop/develop_test.go | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/pkg/cmd/issue/develop/develop_test.go b/pkg/cmd/issue/develop/develop_test.go index 7532ffb38..c35bcb845 100644 --- a/pkg/cmd/issue/develop/develop_test.go +++ b/pkg/cmd/issue/develop/develop_test.go @@ -515,6 +515,31 @@ func TestDevelopRun(t *testing.T) { }, expectedOut: "github.com/OWNER/REPO/tree/my-branch\n", }, + { + name: "develop with base branch which does not exist", + opts: &DevelopOptions{ + IssueSelector: "123", + BaseBranch: "does-not-exist-branch", + }, + remotes: map[string]string{ + "origin": "OWNER/REPO", + }, + httpStubs: func(reg *httpmock.Registry, t *testing.T) { + reg.Register( + httpmock.GraphQL(`query LinkedBranchFeature\b`), + httpmock.StringResponse(featureEnabledPayload), + ) + reg.Register( + httpmock.GraphQL(`query IssueByNumber\b`), + httpmock.StringResponse(`{"data":{"repository":{"hasIssuesEnabled":true,"issue":{"id": "SOMEID","number":123,"title":"my issue"}}}}`), + ) + reg.Register( + httpmock.GraphQL(`query FindRepoBranchID\b`), + httpmock.StringResponse(`{"data":{"repository":{"id":"REPOID","defaultBranchRef":{"target":{"oid":"DEFAULTOID"}},"ref":null}}}`), + ) + }, + wantErr: "could not find branch \"does-not-exist-branch\" in OWNER/REPO", + }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { From 04b4122e61484f4e43d6fe991e89d79ec4c9f707 Mon Sep 17 00:00:00 2001 From: EBIBO Date: Sun, 18 Aug 2024 09:25:30 +0800 Subject: [PATCH 13/15] Update api/queries_branch_issue_reference.go Co-authored-by: Andy Feller --- api/queries_branch_issue_reference.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/api/queries_branch_issue_reference.go b/api/queries_branch_issue_reference.go index 0b60ff935..54a9144b0 100644 --- a/api/queries_branch_issue_reference.go +++ b/api/queries_branch_issue_reference.go @@ -140,9 +140,8 @@ func FindRepoBranchID(client *Client, repo ghrepo.Interface, ref string) (string if branchID == "" { if ref != "" { return "", "", fmt.Errorf("could not find branch %q in %s", ref, ghrepo.FullName(repo)) - } else { - branchID = query.Repository.DefaultBranchRef.Target.Oid } + branchID = query.Repository.DefaultBranchRef.Target.Oid } return query.Repository.Id, branchID, nil From 08aafc5484a16886582ef5380c3d026c8dae1d06 Mon Sep 17 00:00:00 2001 From: EBIBO Date: Sun, 18 Aug 2024 09:25:39 +0800 Subject: [PATCH 14/15] Update pkg/cmd/issue/develop/develop.go Co-authored-by: Andy Feller --- pkg/cmd/issue/develop/develop.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/cmd/issue/develop/develop.go b/pkg/cmd/issue/develop/develop.go index 164291409..fa01a3dac 100644 --- a/pkg/cmd/issue/develop/develop.go +++ b/pkg/cmd/issue/develop/develop.go @@ -106,7 +106,7 @@ func NewCmdDevelop(f *cmdutil.Factory, runF func(*DevelopOptions) error) *cobra. fl := cmd.Flags() fl.StringVar(&opts.BranchRepo, "branch-repo", "", "Name or URL of the repository where you want to create your new branch") - fl.StringVarP(&opts.BaseBranch, "base", "b", "", "Name of the remote base branch you want to make your new branch from") + fl.StringVarP(&opts.BaseBranch, "base", "b", "", "Name of the remote branch you want to make your new branch from") fl.BoolVarP(&opts.Checkout, "checkout", "c", false, "Checkout the branch after creating it") fl.BoolVarP(&opts.List, "list", "l", false, "List linked branches for the issue") fl.StringVarP(&opts.Name, "name", "n", "", "Name of the branch to create") From d40175fbe5a2ad8652af19bc56b347adb932b3a2 Mon Sep 17 00:00:00 2001 From: William Martin Date: Mon, 19 Aug 2024 13:48:45 +0200 Subject: [PATCH 15/15] Add flox to linux installation instructions --- docs/install_linux.md | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/docs/install_linux.md b/docs/install_linux.md index 3b82a5593..15619fe96 100644 --- a/docs/install_linux.md +++ b/docs/install_linux.md @@ -204,6 +204,20 @@ Nix/NixOS users can install from [nixpkgs](https://search.nixos.org/packages?que nix-env -iA nixos.gh ``` +### Flox + +Flox users can install from the [official community nixpkgs](https://github.com/flox/nixpkgs). + +```bash +# To install +flox install gh + +# To upgrade +flox upgrade toplevel +``` + +For more information about Flox, see [its homepage](https://flox.dev). + ### openSUSE Tumbleweed openSUSE Tumbleweed users can install from the [official distribution repo](https://software.opensuse.org/package/gh):