extern/hishtory
1
0
Fork 0
mirror of https://github.com/ddworken/hishtory.git synced 2025-06-20 11:57:50 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add SLSA self-validation for hishtory-darwin-amd64

Browse Source
This commit is contained in:
David Dworken 2023-11-05 12:24:47 -08:00
parent 8709ec9208
commit be2bbb37c6
No known key found for this signature in database
1 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
.github/workflows/slsa-releaser.yml vendored
View File

@ -188,12 +188,15 @@ jobs:
- uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
with:
name: hishtory-linux-amd64.intoto.jsonl
# - uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
# with:
# name: hishtory-darwin-amd64
# - uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
# with:
# name: hishtory-darwin-amd64.intoto.jsonl
- uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
with:
name: hishtory-darwin-amd64
- uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
with:
name: hishtory-darwin-amd64.intoto.jsonl
- uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
with:
name: hishtory-darwin-amd64-unsigned
# - uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
# with:
# name: hishtory-darwin-arm64
@ -203,14 +206,11 @@ jobs:
# - uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
# with:
# name: hishtory-darwin-arm64-unsigned
# - uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
# with:
# name: hishtory-darwin-amd64-unsigned
- name: Validate Release
run: |
go build; ./hishtory install
# curl https://hishtory.dev/install.py | python3 -
./hishtory validate-binary hishtory-linux-amd64 hishtory-linux-amd64.intoto.jsonl
# hishtory validate-binary v0.`cat VERSION` hishtory-linux-amd64 hishtory-linux-amd64.intoto.jsonl
./hishtory validate-binary hishtory-darwin-amd64 hishtory-darwin-amd64.intoto.jsonl --is_macos=True --macos_unsigned_binary=hishtory-darwin-amd64-unsigned
# TODO: Validate other binaries here