Commit Graph

51 Commits

Author SHA1 Message Date
David Dworken
7ad1e2fb03
Upgrade to go 1.21 which offers fully reproducible builds (on top of SLSA's attestations) 2023-10-01 18:00:58 -07:00
David Dworken
ac5131fe4b
Add netbsd binary for #87 2023-09-19 18:54:04 -07:00
David Dworken
d1763455c4
Rename actions for consistent naming scheme 2023-02-24 09:56:49 -08:00
David Dworken
27cd544524
Add support for arm7 for #63 to support raspberry pis 2023-02-18 22:00:39 -08:00
David Dworken
7c86b812bf
Add support for linux arm64 for #48 2022-12-11 20:39:45 -08:00
David Dworken
84c7599736
Remove the windows builds since windows is completely broken. Leave freebsd since it appears to mostly work (though it is unsupported and updates don't work) 2022-11-04 23:18:43 -07:00
David Dworken
b591a23f5e
Reorganize slsa config files + attempt to build for freebsd + windows 2022-11-04 20:57:28 -07:00
David Dworken
8ae8b7218f Add missing @ 2022-10-31 14:19:26 -07:00
David Dworken
488be1f71a Swap back to 1.2.1 2022-10-31 14:04:01 -07:00
David Dworken
7d8f6b6d6d Remove compile-generator since that doesn't apply to the go builder 2022-10-31 13:12:42 -07:00
David Dworken
6c196969f4 Try to run the latest slsa releaser to see if that fixes anything 2022-10-31 13:03:41 -07:00
David Dworken
b0df767da7 Try also compiling the generator 2022-10-30 23:42:00 -07:00
David Dworken
58680d75e0 Add permissions that 1.2.1 apparently requires 2022-10-30 23:27:56 -07:00
David Dworken
8c10148d87 Try bumping to 1.2.1 to see if it fixes the SIGSEGV 2022-10-30 23:23:59 -07:00
David Dworken
e594375e08 Add workaround for slsa breakage 2022-10-01 15:14:51 -07:00
David Dworken
b2d3bb4801 Remove slsa builder deps to see if the new builders work when running in parallel 2022-09-07 23:51:41 -07:00
David Dworken
83a0beff43 Bump go version, remove the vendored slsa library, and depend on a newer copy with a different API. Updates now work. 2022-09-02 00:15:58 -07:00
David Dworken
4f4b07165d Use a version rather than a commit hash 2022-09-01 23:34:23 -07:00
David Dworken
b37b598e65 Bump to 1.0 of slsa generator 2022-09-01 23:30:28 -07:00
David Dworken
bdd35c1776 Bump slsa to v0.0.2 2022-06-04 20:18:13 -07:00
David Dworken
5539ce8510 Fix file path 2022-06-03 21:12:15 -07:00
David Dworken
17b569756a Maybe this works since this is the commit associated with the tag?: 2022-06-03 21:09:59 -07:00
David Dworken
b1bdf8b7da Specify a version tag since f9e31da2a5 now requires that we use a tagged version 2022-06-03 21:01:53 -07:00
David Dworken
4cb4e5176a Try executing in sequence 2022-05-28 09:34:53 -07:00
David Dworken
3bb8d74358 CHeck if it is the config-file directive that is messing up the hash 2022-05-28 09:29:56 -07:00
David Dworken
fa32a1af07 Check if the task name is part of the hash 2022-05-28 09:24:31 -07:00
David Dworken
2f8727f29b A new way of releasing, taking advantage of config-file to avoid having to create a new commit per platform 2022-05-28 00:01:38 -07:00
David Dworken
a6476c1bf4 Update permissions 2022-05-27 23:30:49 -07:00
David Dworken
798fe48585 envs --> evaluated-envs to match updated slsa builder 2022-05-27 23:28:01 -07:00
David Dworken
adb20f1bb2 Upgrade slsa releaser action 2022-05-27 23:21:45 -07:00
David Dworken
64d4c211b4 Trigger cron from github actions 2022-05-27 22:48:13 -07:00
David Dworken
ea6be650ba Export the unsigned files for a new theory on how SLSA verification can be done 2022-05-26 23:09:00 -07:00
David Dworken
647f6a8924 More debugging info for the releaser action 2022-05-26 22:24:56 -07:00
David Dworken
b8ecb33deb Add more debugging information to signing workflow 2022-05-26 21:57:16 -07:00
David Dworken
750e2179c5 Add explicit permissions to allow writes 2022-05-26 21:42:09 -07:00
David Dworken
d4caef9c3d Fix release filenames 2022-05-24 22:26:24 -07:00
David Dworken
9276fea4ba Tweak the workflow order so signing runs after upload 2022-05-24 08:46:24 -07:00
David Dworken
d4d2b8e852 actions don't use python3 by default? 2022-05-23 23:31:57 -07:00
David Dworken
d7b6cc4caa install requests which isn't installed by default in actions 2022-05-23 23:29:29 -07:00
David Dworken
6906eb942a Fix accidentally deleted comment 2022-05-23 23:26:59 -07:00
David Dworken
8e2785e580 MIgrate to a python script for signign 2022-05-23 23:25:12 -07:00
David Dworken
344047e735 Fix github action reference 2022-05-23 18:27:27 -07:00
David Dworken
a679a770de Fix typo 2022-05-23 18:25:36 -07:00
David Dworken
1ee8e1bca7 Fix typo 2022-05-23 18:24:23 -07:00
David Dworken
69317e0a85 Delete separate signer and start the work of merging it into the SLSA releaser action 2022-05-23 18:22:03 -07:00
David Dworken
8c4049b101 Fix double @@ typo 2022-04-24 21:10:18 -07:00
David Dworken
1aa08a3a4d Turns out slsa verifier hasn't been updated yet, see https://github.com/slsa-framework/slsa-verifier/pull/37 2022-04-24 21:07:20 -07:00
David Dworken
aa806878ed Rename slsa builder file since the upstream repo renamed it 2022-04-24 20:46:48 -07:00
David Dworken
0c0943fc79 Fix failing test + fix syntax error in workflow 2022-04-19 19:21:39 -07:00
David Dworken
16ad1ce12c Skip releaser if the tag doesn't contain a dash as part of the multi-os release flow 2022-04-17 21:05:23 -07:00