mirror of
https://github.com/ddworken/hishtory.git
synced 2025-06-01 16:07:16 +02:00
Add initial version of slsa releaser that validates the generated SLSA signatures
This commit is contained in:
parent
06f3501756
commit
87dee94aab
29
.github/workflows/slsa-releaser.yml
vendored
29
.github/workflows/slsa-releaser.yml
vendored
@ -2,6 +2,7 @@ name: SLSA Client Releaser
|
||||
on:
|
||||
workflow_dispatch:
|
||||
push:
|
||||
branches: [ master ]
|
||||
tags:
|
||||
- "*"
|
||||
|
||||
@ -141,10 +142,10 @@ jobs:
|
||||
run: |
|
||||
curl https://api.hishtory.dev/api/v1/trigger-cron
|
||||
|
||||
# Upload to GitHub release.
|
||||
upload:
|
||||
# Validate the signed binaries
|
||||
validate:
|
||||
permissions:
|
||||
contents: write
|
||||
contents: read
|
||||
runs-on: ubuntu-latest
|
||||
needs:
|
||||
- build-linux-amd64
|
||||
@ -169,14 +170,14 @@ jobs:
|
||||
- uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
|
||||
with:
|
||||
name: hishtory-darwin-arm64.intoto.jsonl
|
||||
- name: Release
|
||||
uses: softprops/action-gh-release@1e07f4398721186383de40550babbdf2b84acfc5
|
||||
if: ${{ startsWith(github.ref, 'refs/tags/') && contains(github.ref, '-') }}
|
||||
with:
|
||||
files: |
|
||||
hishtory-linux-amd64
|
||||
hishtory-linux-amd64.intoto.jsonl
|
||||
hishtory-darwin-amd64
|
||||
hishtory-darwin-amd64.intoto.jsonl
|
||||
hishtory-darwin-arm64
|
||||
hishtory-darwin-arm64.intoto.jsonl
|
||||
- name: Validate Release
|
||||
run: |
|
||||
curl https://hishtory.dev/install.py | python3 -
|
||||
source ~/.bashrc
|
||||
ls
|
||||
pwd
|
||||
which hishtory
|
||||
echo $PATH
|
||||
hishtory validate-binary v0.`cat VERSION` hishtory-linux-amd64 hishtory-linux-amd64.intoto.jsonl
|
||||
# TODO: Validate other binaries here
|
||||
|
Loading…
x
Reference in New Issue
Block a user