From 61224a447c188262f705928b77ec9d89ff19f705 Mon Sep 17 00:00:00 2001 From: David Dworken Date: Sun, 5 Nov 2023 12:25:58 -0800 Subject: [PATCH] Add SLSA self-validation for hishtory-darwin-arm64 --- .github/workflows/slsa-releaser.yml | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/.github/workflows/slsa-releaser.yml b/.github/workflows/slsa-releaser.yml index 6a2c1bc..85ae1a2 100644 --- a/.github/workflows/slsa-releaser.yml +++ b/.github/workflows/slsa-releaser.yml @@ -197,20 +197,21 @@ jobs: - uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741 with: name: hishtory-darwin-amd64-unsigned - # - uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741 - # with: - # name: hishtory-darwin-arm64 - # - uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741 - # with: - # name: hishtory-darwin-arm64.intoto.jsonl - # - uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741 - # with: - # name: hishtory-darwin-arm64-unsigned + - uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741 + with: + name: hishtory-darwin-arm64 + - uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741 + with: + name: hishtory-darwin-arm64.intoto.jsonl + - uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741 + with: + name: hishtory-darwin-arm64-unsigned - name: Validate Release run: | go build; ./hishtory install # curl https://hishtory.dev/install.py | python3 - ./hishtory validate-binary hishtory-linux-amd64 hishtory-linux-amd64.intoto.jsonl ./hishtory validate-binary hishtory-darwin-amd64 hishtory-darwin-amd64.intoto.jsonl --is_macos=True --macos_unsigned_binary=hishtory-darwin-amd64-unsigned + ./hishtory validate-binary hishtory-darwin-arm64 hishtory-darwin-arm64.intoto.jsonl --is_macos=True --macos_unsigned_binary=hishtory-darwin-arm64-unsigned # TODO: Validate other binaries here \ No newline at end of file