Skip to content

Commit a2a6797

Browse files
mayeutmayeut
committed
Bump cosign 2.5.0 → 3.0.2
1 parent e97e7c9 commit a2a6797

File tree

2 files changed

+13
-7
lines changed

2 files changed

+13
-7
lines changed

docker/Dockerfile

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,7 @@ ARG MANYLINUX_BUILDARCH=${BUILDARCH}
99
ARG MANYLINUX_DISABLE_CLANG=0
1010
ARG MANYLINUX_DISABLE_CLANG_FOR_CPYTHON=0
1111
ARG MANYLINUX_CLANG_VERSION=21.1.4.0
12+
ARG MANYLINUX_COSIGN_VERSION=3.0.2
1213

1314

1415
FROM $BASEIMAGE AS runtime_base_packages
@@ -140,7 +141,7 @@ RUN --mount=type=bind,from=static_clang,target=/tmp/cross-compiler,ro \
140141
/tmp/cross-compiler/entrypoint /build_scripts/build-mpdecimal.sh
141142

142143

143-
FROM --platform=${BUILDPLATFORM} ghcr.io/sigstore/cosign/cosign:v2.5.0 AS cosign-bin
144+
FROM --platform=${BUILDPLATFORM} ghcr.io/sigstore/cosign/cosign:v${MANYLINUX_COSIGN_VERSION} AS cosign-bin
144145

145146

146147
FROM build_base AS build_cpython

tools/update_native_dependencies.py

Lines changed: 11 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -219,18 +219,22 @@ def _update_git_lfs(dry_run):
219219
break
220220

221221

222-
def _update_clang(dry_run):
222+
def _update_image(tool, dry_run):
223+
repo = {
224+
"clang": "mayeut/static-clang-images",
225+
"cosign": "sigstore/cosign",
226+
}
223227
lines = DOCKERFILE.read_text().splitlines()
224-
re_ = re.compile(r"^ARG MANYLINUX_CLANG_VERSION=(?P<version>\S+)$")
228+
re_ = re.compile(rf"^ARG MANYLINUX_{tool.upper()}_VERSION=(?P<version>\S+)$")
225229
for i in range(len(lines)):
226230
match = re_.match(lines[i])
227231
if match is None:
228232
continue
229233
current_version = Version(match["version"])
230-
latest_version = latest("mayeut/static-clang-images")
234+
latest_version = latest(repo.get(tool, tool))
231235
if latest_version > current_version:
232-
lines[i] = f"ARG MANYLINUX_CLANG_VERSION={latest_version}"
233-
message = f"Bump static-clang {current_version}{latest_version}"
236+
lines[i] = f"ARG MANYLINUX_{tool.upper()}_VERSION={latest_version}"
237+
message = f"Bump {tool} {current_version}{latest_version}"
234238
print(message)
235239
if not dry_run:
236240
DOCKERFILE.write_text("\n".join(lines) + "\n")
@@ -242,7 +246,8 @@ def main():
242246
parser = argparse.ArgumentParser()
243247
parser.add_argument("--dry-run", dest="dry_run", action="store_true", help="dry run")
244248
args = parser.parse_args()
245-
_update_clang(args.dry_run)
249+
_update_image("clang", args.dry_run)
250+
_update_image("cosign", args.dry_run)
246251
_update_cpython(args.dry_run)
247252
_update_git_lfs(args.dry_run)
248253
_update_sqlite(args.dry_run)

0 commit comments

Comments
 (0)