From 4673b995799e5726bcb52371a9a6f36173fcafab Mon Sep 17 00:00:00 2001 From: David Dworken Date: Fri, 3 Nov 2023 22:16:11 -0700 Subject: [PATCH] Add integration to validate macos signers too --- .github/workflows/slsa-releaser.yml | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/.github/workflows/slsa-releaser.yml b/.github/workflows/slsa-releaser.yml index a80e0c9..0e4d2cf 100644 --- a/.github/workflows/slsa-releaser.yml +++ b/.github/workflows/slsa-releaser.yml @@ -115,7 +115,8 @@ jobs: macos_signer: runs-on: macos-11.0 needs: - - upload + - build-darwin-amd64 + - build-darwin-arm64 permissions: contents: write steps: @@ -151,6 +152,7 @@ jobs: - build-linux-amd64 - build-darwin-amd64 - build-darwin-arm64 + - macos_signer steps: - uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741 with: @@ -170,6 +172,12 @@ jobs: - uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741 with: name: hishtory-darwin-arm64.intoto.jsonl + - uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741 + with: + name: hishtory-darwin-arm64-unsigned + - uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741 + with: + name: hishtory-darwin-amd64-unsigned - name: Validate Release run: | curl https://hishtory.dev/install.py | python3 - @@ -179,5 +187,6 @@ jobs: which hishtory echo $PATH hishtory validate-binary v0.`cat VERSION` hishtory-linux-amd64 hishtory-linux-amd64.intoto.jsonl + hishtory validate-binary v0.`cat VERSION` hishtory-linux-amd64 hishtory-linux-amd64.intoto.jsonl # TODO: Validate other binaries here \ No newline at end of file