Merge branch 'main' into feat/3136/mixin-version-support-second-attempt

.github/workflows/build_pipelinesrelease_template.yml

@@ -35,7 +35,7 @@ jobs:
       run: mage build
       shell: bash
     - name: Publish Native Binaries
-      uses: actions/upload-artifact@v4.0.0
+      uses: actions/upload-artifact@v4.4.0
       with:
         name: build-bin
         path: "${{ github.workspace }}/bin"
@@ -56,7 +56,7 @@ jobs:
       run: mage XBuildAll
       shell: bash
     - name: Publish Release Binaries
-      uses: actions/upload-artifact@v4.0.0
+      uses: actions/upload-artifact@v4.4.0
       with:
         name: xbuild-bin
         path: "${{ github.workspace }}/bin"
@@ -112,7 +112,7 @@ jobs:
       with:
         go-version: ${{ inputs.goVersion }}
     - name: Download Cross-Compiled Porter Binaries
-      uses: actions/download-artifact@v4.1.7
+      uses: actions/download-artifact@v4.1.8
       with:
         name: xbuild-bin
         path: bin
@@ -141,7 +141,7 @@ jobs:
       with:
         go-version: ${{ inputs.goVersion }}
     - name: Download Cross-Compiled Porter Binaries
-      uses: actions/download-artifact@v4.1.7
+      uses: actions/download-artifact@v4.1.8
       with:
         name: xbuild-bin
         path: bin
@@ -182,7 +182,7 @@ jobs:
       with:
         go-version: ${{ inputs.goVersion }}
     - name: Download Cross-Compiled Porter Binaries
-      uses: actions/download-artifact@v4.1.7
+      uses: actions/download-artifact@v4.1.8
       with:
         name: xbuild-bin
         path: bin

.github/workflows/porter-integration-pr.yml

@@ -154,3 +154,33 @@ jobs:
         PORTER_INTEG_FILE: signing_test.go
       run: go run mage.go -v TestIntegration
       shell: bash
+  upgrade_test_integ:
+    runs-on: ubuntu-latest
+    steps:
+    - name: checkout
+      uses: actions/checkout@v4.1.0
+    - uses: actions/setup-go@v4
+      with:
+        go-version: "${{ env.GOVERSION }}"
+        cache: true
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v3
+    - name: Cache Docker layers
+      uses: actions/cache@v3
+      with:
+        path: /tmp/.buildx-cache
+        key: ${{ runner.os }}-buildx-${{ github.sha }}
+    - name: Docker Login
+      uses: docker/login-action@v3.0.0
+      with:
+        registry: ghcr.io
+        username: ${{ github.actor }}
+        password: ${{ secrets.GITHUB_TOKEN }}
+    - name: Configure Agent
+      run: go run mage.go build
+      shell: bash
+    - name: Integration Test
+      env:
+        PORTER_INTEG_FILE: upgrade_test.go
+      run: go run mage.go -v TestIntegration
+      shell: bash

.github/workflows/porter.yml

@@ -38,7 +38,7 @@ jobs:
         fi
       shell: bash
     - name: Publish Native Binaries
-      uses: actions/upload-artifact@v3.1.1
+      uses: actions/upload-artifact@v4.4.0
       with:
         name: build-bin
         path: "${{ github.workspace }}/bin"
@@ -58,7 +58,7 @@ jobs:
       run: go run mage.go -v XBuildAll
       shell: bash
     - name: Publish Release Binaries
-      uses: actions/upload-artifact@v3.1.1
+      uses: actions/upload-artifact@v4.4.0
       with:
         name: xbuild-bin
         path: "${{ github.workspace }}/bin"
@@ -111,7 +111,7 @@ jobs:
         cache: true
     - run: go version
     - name: Download Cross-Compiled Porter Binaries
-      uses: actions/download-artifact@v4.1.7
+      uses: actions/download-artifact@v4.1.8
       with:
         name: xbuild-bin
         path: bin
@@ -129,7 +129,7 @@ jobs:
     - name: checkout
       uses: actions/checkout@v3.5.0
     - name: Download Cross-Compiled Porter Binaries
-      uses: actions/download-artifact@v4.1.7
+      uses: actions/download-artifact@v4.1.8
       with:
         name: xbuild-bin
         path: bin

docs/content/docs/operations/signing-bundles.md

@@ -27,9 +27,9 @@ Learn how to configure Porter to sign bundles.
 1. Cosign is installed and is available on the on the `PATH`.
 2. A key-pair for signing is available.
 
-Instructions on for the install Cosign can be found on the [Cosign Installation page](https://docs.sigstore.dev/system_config/installation/), and instructions on how to generate a key-pair can be found in the [Cosign Quickstart Guide](https://docs.sigstore.dev/signing/quickstart/#signing-with-a-generated-key).
+Instructions on for the install Cosign can be found on the [Cosign Installation page](https://docs.sigstore.dev/cosign/system_config/installation/), and instructions on how to generate a key-pair can be found in the [Cosign Signing with Self-Managed Keys](https://docs.sigstore.dev/cosign/key_management/signing_with_self-managed_keys/).
 
-🚧 Currently Porter does not support [Keyless Signing](https://docs.sigstore.dev/signing/overview/) or reading the key-pair from anything but files.
+🚧 Currently Porter does not support [Keyless Signing](https://docs.sigstore.dev/cosign/signing/overview/) or reading the key-pair from anything but files.
 
 ### Configuration
 
@@ -100,5 +100,5 @@ To sign run [porter publish](/cli/porter_publish/) with the `--sign-bundle` flag
 
 A bundle can be verified before installation by adding the `--verify-bundle` flag to [porter install](/cli/porter_publish/).
 
-[Cosign]: https://docs.sigstore.dev/signing/quickstart/
+[Cosign]: https://docs.sigstore.dev/quickstart/quickstart-cosign/
 [Notation]: https://notaryproject.dev/docs/quickstart-guides/quickstart-sign-image-artifact/

pkg/porter/upgrade.go

@@ -64,6 +64,10 @@ func (p *Porter) UpgradeBundle(ctx context.Context, opts *UpgradeOptions) error
 		return span.Errorf("could not find installation %s/%s: %w", opts.Namespace, opts.Name, err)
 	}
 
+	if !i.IsInstalled() {
+		return span.Errorf("The installation cannot be upgraded, because it is not installed. Verify the installation name and namespace, and if correct, use porter install.")
+	}
+
 	if opts.Reference != "" {
 		i.TrackBundle(opts.GetReference())
 	} else if opts.Version != "" {

tests/integration/testdata/bundles/bundle-with-failing-install/helpers.sh

@@ -0,0 +1,18 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+install() {
+  echo Hello World
+  exit 1
+}
+
+upgrade() {
+  echo World 2.0
+}
+
+uninstall() {
+  echo Goodbye World
+}
+
+# Call the requested function and pass the arguments as-is
+"$@"

tests/integration/testdata/bundles/bundle-with-failing-install/porter.yaml

@@ -0,0 +1,29 @@
+schemaVersion: 1.0.1
+name: porter-failing-install
+version: 0.1.0
+description: "A bundle that always fails installation"
+registry: "localhost:5000"
+
+mixins:
+  - exec
+
+install:
+  - exec:
+      description: "Install Hello World"
+      command: ./helpers.sh
+      arguments:
+        - install
+
+upgrade:
+  - exec:
+      description: "Upgrade Hello World"
+      command: ./helpers.sh
+      arguments:
+        - upgrade
+
+uninstall:
+  - exec:
+      description: "Uninstall Hello World"
+      command: ./helpers.sh
+      arguments:
+        - uninstall

tests/integration/upgrade_test.go

@@ -0,0 +1,32 @@
+//go:build integration
+
+package integration
+
+import (
+	"testing"
+
+	"get.porter.sh/porter/pkg/porter"
+	"github.com/stretchr/testify/require"
+)
+
+func TestUpgrade_failedInstallation(t *testing.T) {
+	p := porter.NewTestPorter(t)
+	defer p.Close()
+	ctx := p.SetupIntegrationTest()
+
+	p.AddTestBundleDir("testdata/bundles/bundle-with-failing-install", false)
+
+	installOpts := porter.NewInstallOptions()
+	err := installOpts.Validate(ctx, []string{}, p.Porter)
+	require.NoError(t, err)
+
+	err = p.InstallBundle(ctx, installOpts)
+	require.Error(t, err, "Installation should fail")
+
+	upgradeOpts := porter.NewUpgradeOptions()
+	err = upgradeOpts.Validate(ctx, []string{}, p.Porter)
+	require.NoError(t, err)
+
+	err = p.UpgradeBundle(ctx, upgradeOpts)
+	require.Error(t, err, "Upgrade should fail, because the installation failed")
+}