extern/hishtory
1
0
Fork 0
mirror of https://github.com/ddworken/hishtory.git synced 2025-08-14 09:08:44 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add SLSA validation with current binary built by SLSA

Browse Source
This commit is contained in:
David Dworken
2024-03-24 21:48:01 -07:00
parent 25e982603a
commit 35f9ad28a8
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
scripts/actions-validate.py
View File

@ -8,6 +8,7 @@ ALL_FILES = ['hishtory-linux-amd64', 'hishtory-linux-arm64', 'hishtory-darwin-am
def validate_slsa(hishtory_binary: str) -> None:
assert os.path.exists(hishtory_binary)
subprocess.check_output(['chmod', "+x", hishtory_binary])
for filename in ALL_FILES:
try:
print(f"Validating {filename} with {hishtory_binary=}")
@ -68,7 +69,7 @@ def main() -> None:
if "darwin" in filename:
validate_macos_signature(filename)
print("Starting validation of SLSA attestations")
# validate_slsa("./hishtory") # TODO: Re-enable validation using the local binary
validate_slsa("./hishtory-darwin-amd64")
validate_slsa(os.path.expanduser("~/.hishtory/hishtory"))
print("Validating other metadata")
validate_hishtory_status("./hishtory-darwin-amd64", True)