From 7d97fcdfb56e5723d7f417375b5c5b1091d6a43c Mon Sep 17 00:00:00 2001
From: Shlomo Heigh <shlomo.heigh@cyberark.com>
Date: Wed, 11 Sep 2024 10:51:48 -0400
Subject: [PATCH 1/5] CNJR-5954: Fix promotion not pushing version without id

---
 publish-images.sh | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/publish-images.sh b/publish-images.sh
index 33faa54549..93c56014e1 100755
--- a/publish-images.sh
+++ b/publish-images.sh
@@ -132,15 +132,15 @@ if [[ "${PROMOTE}" = true ]]; then
   readarray -t prefix_versions < <(gen_versions "${VERSION}")
 
   for version in latest "${prefix_versions[@]}"; do
-    echo "Pushing images for tag: $version"
-      
+    echo "Pushing images for tag: $version-${ARCH}"
+
     tag_and_push "${version}-${ARCH}" "registry.tld/${IMAGE_NAME}:${LOCAL_TAG}-${ARCH}" "registry.tld/${IMAGE_NAME}"
     tag_and_push "${version}-${ARCH}" "registry.tld/conjur-ubi:${LOCAL_TAG}-${ARCH}" "registry.tld/conjur-ubi"
 
     if [[ "${DOCKERHUB}" ]]; then
       echo "Pushing to DockerHub"
       
-      tag_and_push "${version}" "${LOCAL_IMAGE}" "${IMAGE_NAME}"
+      tag_and_push "${version}-${ARCH}" "${LOCAL_IMAGE}-${ARCH}" "${IMAGE_NAME}"
     fi
   done
 fi

From ebc15ca9cfc1f9892882995b4bda26b951ed2c0f Mon Sep 17 00:00:00 2001
From: Shlomo Heigh <shlomo.heigh@cyberark.com>
Date: Thu, 12 Sep 2024 09:27:55 -0400
Subject: [PATCH 2/5] CNJR-0000: Use Gen1 Gcloud function env

Fixes "ERROR: (gcloud.functions.deploy) Invalid value for [--runtime]: python37 is not a supported runtime on GCF 2nd gen.
  Use `gcloud functions runtimes list` to get a list of available runtimes" error in GCP test
---
 ci/test_suites/authenticators_gcp/deploy_function.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ci/test_suites/authenticators_gcp/deploy_function.sh b/ci/test_suites/authenticators_gcp/deploy_function.sh
index 2434d51b25..c4b734b50b 100755
--- a/ci/test_suites/authenticators_gcp/deploy_function.sh
+++ b/ci/test_suites/authenticators_gcp/deploy_function.sh
@@ -68,7 +68,7 @@ deploy_function() {
   cd "$GCF_SOURCE_DIR"
 
   echo "-- Deploying function: $GCF_FUNC_NAME"
-  gcloud functions deploy "$GCF_FUNC_NAME" --runtime python37 --trigger-http --quiet
+  gcloud functions deploy "$GCF_FUNC_NAME" --no-gen2 --runtime python37 --trigger-http --quiet
 
   echo '-> deploy_function done'
 }

From c40c5d533ef1d9092b8d8e495a3ee87ccb31c5dc Mon Sep 17 00:00:00 2001
From: Shlomo Heigh <shlomo.heigh@cyberark.com>
Date: Fri, 13 Sep 2024 10:03:07 -0400
Subject: [PATCH 3/5] CNJR-5954: Push unified manifest to DockerHub

---
 Jenkinsfile         |  2 +-
 publish-images.sh   |  4 ++--
 publish-manifest.sh | 20 ++++++++++++++++++++
 3 files changed, 23 insertions(+), 3 deletions(-)

diff --git a/Jenkinsfile b/Jenkinsfile
index 3a897befab..c127595ba6 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -130,7 +130,7 @@ if (params.MODE == "PROMOTE") {
       summon -f ./secrets.yml ./publish-images.sh --promote --base-version=${sourceVersion} --version=${targetVersion} --arch=arm64
       
       # Promote manifest that links above images
-      summon -f ./secrets.yml ./publish-manifest.sh --promote --base-version=${sourceVersion} --version=${targetVersion}
+      summon -f ./secrets.yml ./publish-manifest.sh --promote --dockerhub --base-version=${sourceVersion} --version=${targetVersion}
     """
 
     // TODO: In talking to Neil King, this likely won't work until conjurops is migrated over
diff --git a/publish-images.sh b/publish-images.sh
index 93c56014e1..a3fabf257b 100755
--- a/publish-images.sh
+++ b/publish-images.sh
@@ -150,13 +150,13 @@ if [[ "${REDHAT}" = true ]]; then
   # Publish only the tag version to the Redhat container registry
   if docker login "${REDHAT_REGISTRY}" -u "${REDHAT_USER}" -p "${REDHAT_API_KEY}"; then
     # push image to red hat
-    tag_and_push "${VERSION}" "${RH_LOCAL_IMAGE}" "${REDHAT_REMOTE_IMAGE}"
+    tag_and_push "${VERSION}" "${RH_LOCAL_IMAGE}-${ARCH}" "${REDHAT_REMOTE_IMAGE}"
 
     # scan image with preflight tool
     scan_redhat_image "${REDHAT_REMOTE_IMAGE}:${VERSION}" "${REDHAT_CERT_PID}"
 
     # push latest tag to RH
-    tag_and_push "latest" "${RH_LOCAL_IMAGE}" "${REDHAT_REMOTE_IMAGE}"
+    tag_and_push "latest" "${RH_LOCAL_IMAGE}-${ARCH}" "${REDHAT_REMOTE_IMAGE}"
   else
     echo 'Failed to log in to quay.io'
     exit 1
diff --git a/publish-manifest.sh b/publish-manifest.sh
index e0c75a9676..4863e0b1d2 100755
--- a/publish-manifest.sh
+++ b/publish-manifest.sh
@@ -22,6 +22,7 @@ function print_help() {
 PUBLISH_EDGE=false
 PUBLISH_INTERNAL=false
 PROMOTE=false
+DOCKERHUB=false
 VERSION=$(<VERSION)
 
 LOCAL_TAG="$(version_tag)"
@@ -40,6 +41,10 @@ for arg in "$@"; do
       PROMOTE=true
       shift
       ;;
+    --dockerhub )
+      DOCKERHUB=true
+      shift
+      ;;
     --version=* )
       VERSION="${arg#*=}"
       shift
@@ -86,6 +91,14 @@ if [[ "${PUBLISH_EDGE}" = true ]]; then
   # Push manifest to internal registry
   prepare_manifest "registry.tld/${IMAGE_NAME}" "edge"
   prepare_manifest "registry.tld/conjur-ubi" "edge"
+
+  # Publish manifests to dockerhub
+  if [[ "${DOCKERHUB}" = true ]]; then
+    echo "Pushing to DockerHub"
+
+    prepare_manifest "${IMAGE_NAME}" "${VERSION}"
+    prepare_manifest "${IMAGE_NAME}" "edge"
+  fi
 fi
 
 if [[ "${PROMOTE}" = true ]]; then
@@ -99,5 +112,12 @@ if [[ "${PROMOTE}" = true ]]; then
       
     prepare_manifest "registry.tld/${IMAGE_NAME}" "${version}"
     prepare_manifest "registry.tld/conjur-ubi" "${version}"
+
+    # Publish manifests to dockerhub
+    if [[ "${DOCKERHUB}" = true ]]; then
+      echo "Pushing to DockerHub"
+
+      prepare_manifest "${IMAGE_NAME}" "${version}"
+    fi
   done
 fi

From a579909060c028c84ab60dc0a984e8e386c65c30 Mon Sep 17 00:00:00 2001
From: Shlomo Heigh <shlomo.heigh@cyberark.com>
Date: Mon, 16 Sep 2024 10:05:57 -0400
Subject: [PATCH 4/5] CNJR-5954: Fix Jenkins post promote command

---
 Jenkinsfile | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/Jenkinsfile b/Jenkinsfile
index c127595ba6..f449a9adda 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -133,12 +133,8 @@ if (params.MODE == "PROMOTE") {
       summon -f ./secrets.yml ./publish-manifest.sh --promote --dockerhub --base-version=${sourceVersion} --version=${targetVersion}
     """
 
-    // TODO: In talking to Neil King, this likely won't work until conjurops is migrated over
-    // to github enterprise. In the absence of promoting an OSS conjur release, though, we haven't
-    // tried it since the Conjur repo migrated over.
-    // Trigger Conjurops build to push newly promoted releases of conjur to ConjurOps Staging
     build(
-      job:'../conjurinc--conjurops/master',
+      job: 'Conjur-Enterprise/Conjur-Enterprise-conjurops/main/Conjur-Enterprise-conjurops-main-full/master',
       parameters:[
         string(name: 'conjur_oss_source_image', value: "cyberark/conjur:${targetVersion}")
       ],

From eeef96e5ba773999e3293012b984310882c2f092 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 28 Oct 2024 15:18:52 +0000
Subject: [PATCH 5/5] Bump rexml from 3.2.5 to 3.3.9 in /docs

Bumps [rexml](https://github.com/ruby/rexml) from 3.2.5 to 3.3.9.
- [Release notes](https://github.com/ruby/rexml/releases)
- [Changelog](https://github.com/ruby/rexml/blob/master/NEWS.md)
- [Commits](https://github.com/ruby/rexml/compare/v3.2.5...v3.3.9)

---
updated-dependencies:
- dependency-name: rexml
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 docs/Gemfile.lock | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/Gemfile.lock b/docs/Gemfile.lock
index 8ae1ffdc5b..54d0712fd3 100644
--- a/docs/Gemfile.lock
+++ b/docs/Gemfile.lock
@@ -229,7 +229,7 @@ GEM
     rb-fsevent (0.11.2)
     rb-inotify (0.10.1)
       ffi (~> 1.0)
-    rexml (3.2.5)
+    rexml (3.3.9)
     rouge (3.26.0)
     ruby2_keywords (0.0.5)
     rubyzip (2.3.2)