Mutual tls

.github/workflows/add-to-project.yml

@@ -0,0 +1,18 @@
+---
+name: Add issues to project
+
+on:
+  issues:
+    types: ['opened']
+  pull_request_target:
+    types: ['opened']
+
+jobs:
+  add-to-project:
+    name: Add issue to project
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/add-to-project@v0.3.0
+        with:
+          project-url: https://github.com/orgs/vmware-tanzu/projects/16
+          github-token: ${{ secrets.CARVEL_ADD_TO_PROJECT_TOKEN }}

.github/workflows/gh-test-external-registry.yml

@@ -5,7 +5,7 @@ on:
     branches:
       - develop
   pull_request_target:
-    types: [opened, reopened, synchronize]
+    types: [opened, reopened, synchronize, edited]
 permissions:
   contents: read
   actions: none
@@ -26,7 +26,7 @@ jobs:
     - name: Set up Go 1.x
       uses: actions/setup-go@v1
       with:
-        go-version: "1.17"
+        go-version: "1.19.5"
     - name: Check out code into the Go module directory
       uses: actions/checkout@v2
       with:
@@ -63,7 +63,7 @@ jobs:
       - name: Set up Go 1.x
         uses: actions/setup-go@v1
         with:
-          go-version: "1.17"
+          go-version: "1.19.5"
       - name: Check out code into the Go module directory
         uses: actions/checkout@v2
         with:

.github/workflows/gh-test.yml

@@ -14,7 +14,7 @@ jobs:
     - name: Set up Go 1.x
       uses: actions/setup-go@v1
       with:
-        go-version: "1.17"
+        go-version: "1.19.5"
     - name: Check out code into the Go module directory
       uses: actions/checkout@v2
       with:
@@ -37,7 +37,7 @@ jobs:
     - name: Set up Go 1.x
       uses: actions/setup-go@v1
       with:
-        go-version: "1.17"
+        go-version: "1.19.5"
     - name: Check out code into the Go module directory
       uses: actions/checkout@v2
       with:

.github/workflows/golangci-lint.yml

@@ -15,12 +15,12 @@ jobs:
       - name: Set up Go 1.x
         uses: actions/setup-go@v1
         with:
-          go-version: "1.17"
+          go-version: "1.19.5"
       - uses: actions/checkout@v2
         with:
           fetch-depth: '0'
       - name: golangci-lint
         uses: golangci/golangci-lint-action@v2
         with:
-          version: v1.41.1
+          version: v1.45.2
           args: -v

.github/workflows/inclusive-language-check.yml

@@ -0,0 +1,10 @@
+---
+name: Check inclusive language
+
+on:
+  pull_request:
+    types: ['opened', 'reopened', 'synchronize']
+
+jobs:
+  check-inclusive-language:
+    uses: vmware-tanzu/carvel-release-scripts/.github/workflows/inclusive-language-check.yml@main

.github/workflows/release.yml

@@ -18,7 +18,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v2
         with:
-          go-version: 1.17.0
+          go-version: 1.19.5
       - name: Run GoReleaser
         uses: goreleaser/goreleaser-action@5e15885530fb01d81d1f24e8a6f54ebbd0fed7eb
         if: startsWith(github.ref, 'refs/tags/')
@@ -87,9 +87,9 @@ jobs:
           set -e -x
           VERSION=`echo ${{ github.ref }}  | grep -Eo '[0-9].*'`
 
-          ./hack/build-binaries.sh "$VERSION" > ./go-checksums
-          cat ./go-checksums
-          diff ./go-checksums <(cat <<EOF
+          ./hack/build-binaries.sh "$VERSION" > /tmp/go-checksums
+          cat /tmp/go-checksums
+          diff /tmp/go-checksums <(cat <<EOF
           ${{steps.get-checksums-from-draft-release.outputs.result}}
           EOF
           )

.github/workflows/trivy-scan.yml

@@ -10,7 +10,7 @@ jobs:
     with:
       repo: vmware-tanzu/carvel-imgpkg
       tool: imgpkg
-      goVersion: 1.17.0
+      goVersion: 1.19.5
     secrets:
       githubToken: ${{ secrets.GITHUB_TOKEN }}
       slackWebhookURL: ${{ secrets.SLACK_WEBHOOK_URL }}

.gitignore

@@ -1,8 +1,4 @@
-/imgpkg
-/imgpkg-darwin-amd64
-/imgpkg-darwin-arm64
-/imgpkg-linux-amd64
-/imgpkg-windows-amd64.exe
+/imgpkg*
 /tmp
 .DS_Store
 /test/e2e/assets/simple-app/empty-dir

.golangci.yml

@@ -2,11 +2,9 @@ linters:
   enable:
     - goheader
     - revive
-    - deadcode
     - unused
     - staticcheck
     - typecheck
-    - structcheck
     - govet
   disable-all: true
 # all available settings of specific linters

.goreleaser.yml

@@ -23,7 +23,6 @@ builds:
       - -trimpath
 
     ldflags:
-      - -buildid=
       - -X github.com/vmware-tanzu/carvel-imgpkg/pkg/imgpkg/cmd.Version={{ .Version }}
 
 archives:

.wokeignore

@@ -0,0 +1,2 @@
+# out of our control
+vendor/

CODE_OF_CONDUCT.md

@@ -1,76 +1 @@
-# Contributor Covenant Code of Conduct
-
-## Our Pledge
-
-In the interest of fostering an open and welcoming environment, we as
-contributors and maintainers pledge to making participation in this project
-and our community a harassment-free experience for everyone, regardless of
-age, body size, disability, ethnicity, sex characteristics, gender identity and
-expression, level of experience, education, socio-economic status, nationality,
-personal appearance, race, religion, or sexual identity and orientation.
-
-## Our Standards
-
-Examples of behavior that contributes to creating a positive environment
-include:
-
-* Using welcoming and inclusive language
-* Being respectful of differing viewpoints and experiences
-* Gracefully accepting constructive criticism
-* Focusing on what is best for the community
-* Showing empathy towards other community members
-
-Examples of unacceptable behavior by participants include:
-
-* The use of sexualized language or imagery and unwelcome sexual attention or
-  advances
-* Trolling, insulting/derogatory comments, and personal or political attacks
-* Public or private harassment
-* Publishing others' private information, such as a physical or electronic
-  address, without explicit permission
-* Other conduct which could reasonably be considered inappropriate in a
-  professional setting
-
-## Our Responsibilities
-
-Project maintainers are responsible for clarifying the standards of acceptable
-behavior and are expected to take appropriate and fair corrective action in
-response to any instances of unacceptable behavior.
-
-Project maintainers have the right and responsibility to remove, edit, or
-reject comments, commits, code, wiki edits, issues, and other contributions
-that are not aligned to this Code of Conduct, or to ban temporarily or
-permanently any contributor for other behaviors that they deem inappropriate,
-threatening, offensive, or harmful.
-
-## Scope
-
-This Code of Conduct applies both within project spaces and in public spaces
-when an individual is representing the project or its community. Examples of
-representing a project or community include using an official project e-mail
-address, posting via an official social media account, or acting as an appointed
-representative at an online or offline event. Representation of a project may be
-further defined and clarified by project maintainers.
-
-## Enforcement
-
-Instances of abusive, harassing, or otherwise unacceptable behavior may be
-reported by contacting the project team at oss-coc@vmware.com. All
-complaints will be reviewed and investigated and will result in a response that
-is deemed necessary and appropriate to the circumstances. The project team is
-obligated to maintain confidentiality with regard to the reporter of an incident.
-Further details of specific enforcement policies may be posted separately.
-
-Project maintainers who do not follow or enforce the Code of Conduct in good
-faith may face temporary or permanent repercussions as determined by other
-members of the project's leadership.
-
-## Attribution
-
-This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
-available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html
-
-[homepage]: https://www.contributor-covenant.org
-
-For answers to common questions about this code of conduct, see
-https://www.contributor-covenant.org/faq
+https://carvel.dev/shared/docs/latest/code-of-conduct/

CONTRIBUTING.md

@@ -1,27 +1 @@
-# How to Contribute
-
-We’d love to accept your patches and contributions to this project. Please review the following guidelines you'll need to follow in order to make a contribution.
-
-# Communication
-
-We prefer communicating asynchronously through GitHub issues and the [k14s Slack channel](https://kubernetes.slack.com/archives/CH8KCCKA5). In order to be inclusive to the community, if a conversation related to an issue happens outside of these channels, we appreciate summarizing the conversation's context and adding it to an issue.
-
-# Propose a Change
-
-Pull requests are welcome for all changes. When adding new functionality, we encourage including test coverage. If significant effort will be involved, we suggest beginning by submitting an issue so any high level feedback can be addressed early.
-
-Please submit feature requests and bug reports by using GitHub issues.
-
-Before submitting an issue, please search through open ones to ensure others have not submitted something similar. If a similar issue exists, please add any additional information as a comment.
-
-## Issues Lifecycle
-
-Once an issue is labeled with `in-progress`, a team member has begun investigating it. We keep `in-progress` issues open until they have been resolved and released. Once released, a comment containing release information will be posted in the issue's thread.
-
-# Contributor License Agreement
-
-All contributors to this project must have a signed Contributor License Agreement (**"CLA"**) on file with us. The CLA grants us the permissions we need to use and redistribute your contributions as part of the project; you or your employer retain the copyright to your contribution. Before a PR can pass all required checks, our CLA action will prompt you to accept the agreement. Head over to https://cla.vmware.com/ to see your current agreement(s) on file or to sign a new one.
-
-We generally only need you (or your employer) to sign our CLA once and once signed, you should be able to submit contributions to any VMware project.
-
-Note: if you would like to submit an "_obvious fix_" for something like a typo, formatting issue or spelling mistake, you may not need to sign the CLA.
+https://carvel.dev/shared/docs/latest/contributing/

README.md

@@ -6,7 +6,7 @@
 - Slack: [#carvel in Kubernetes slack](https://kubernetes.slack.com/archives/CH8KCCKA5)
 - [Docs](https://carvel.dev/imgpkg/docs/latest/) with example workflow and other details
 - Install: Grab prebuilt binaries from the [Releases page](https://github.com/vmware-tanzu/carvel-imgpkg/releases) or [Homebrew Carvel tap](https://github.com/vmware-tanzu/homebrew-carvel)
-- Backlog: [See what we're up to](https://app.zenhub.com/workspaces/carvel-backlog-6013063a24147d0011410709/board?repos=219018453). (Note: we use ZenHub which requires GitHub authorization).
+- Backlog: [See what we're up to](https://github.com/orgs/vmware-tanzu/projects/16/views/1?filterQuery=repo%3A%22vmware-tanzu%2Fcarvel-imgpkg%22).
 
 `imgpkg` (pronounced: "image package") is a tool that allows users to store a set of arbitrary files as an OCI image. One of the driving use cases is to store Kubernetes configuration (plain YAML, ytt templates, Helm templates, etc.) in OCI registry as an image.
 

SECURITY.md

@@ -1,3 +1 @@
-## Vulnerability Disclosure
-
-If you believe you have found a security issue in `imgpkg`, please privately and responsibly disclose it by following the directions in our [security policy](https://carvel.dev/shared/docs/latest/security-policy/).
+https://carvel.dev/shared/docs/latest/security-policy/

cmd/imgpkg/imgpkg.go

@@ -10,6 +10,7 @@ import (
 	"os"
 	"time"
 
+	"github.com/cppforlife/cobrautil"
 	uierrs "github.com/cppforlife/go-cli-ui/errors"
 	"github.com/cppforlife/go-cli-ui/ui"
 	"github.com/vmware-tanzu/carvel-imgpkg/pkg/imgpkg/cmd"
@@ -28,11 +29,19 @@ func main() {
 
 	command := cmd.NewDefaultImgpkgCmd(confUI)
 
+	// Deprecation warning section
+	_, found := os.LookupEnv("IMGPKG_ENABLE_IAAS_AUTH")
+	if found {
+		confUI.PrintLinef("IMGPKG_ENABLE_IAAS_AUTH environment variable will be deprecated, please use the flag --activate-keychain to activate the needed keychains")
+	}
+	// End
+
 	err := command.Execute()
 	if err != nil {
 		confUI.ErrorLinef("imgpkg: Error: %v", uierrs.NewMultiLineError(err))
 		os.Exit(1)
 	}
-
-	confUI.PrintLinef("Succeeded")
+	if !cobrautil.IsCobraManagedCommand(os.Args) {
+		confUI.PrintLinef("Succeeded")
+	}
 }