David Dworken
|
b5321f3884
|
Disable fail-fast so I can debug the windows tests
|
2022-11-04 22:52:02 -07:00 |
|
David Dworken
|
71f035b6a4
|
Explicitly specify shell: bash for github actions on windows
|
2022-11-04 22:16:47 -07:00 |
|
David Dworken
|
70b5a3bba7
|
Add windows to the github actions config
|
2022-11-04 22:10:47 -07:00 |
|
David Dworken
|
ae0033fb14
|
Add cirrus config for freebsd tests
|
2022-11-04 21:40:50 -07:00 |
|
David Dworken
|
b591a23f5e
|
Reorganize slsa config files + attempt to build for freebsd + windows
|
2022-11-04 20:57:28 -07:00 |
|
David Dworken
|
e824665f2c
|
Add || true so that it works on linux too
|
2022-11-01 14:33:27 -07:00 |
|
David Dworken
|
3485d4028b
|
Set a consistent hostname for mac runners too
|
2022-11-01 14:33:07 -07:00 |
|
David Dworken
|
8ae8b7218f
|
Add missing @
|
2022-10-31 14:19:26 -07:00 |
|
David Dworken
|
488be1f71a
|
Swap back to 1.2.1
|
2022-10-31 14:04:01 -07:00 |
|
David Dworken
|
7d8f6b6d6d
|
Remove compile-generator since that doesn't apply to the go builder
|
2022-10-31 13:12:42 -07:00 |
|
David Dworken
|
6c196969f4
|
Try to run the latest slsa releaser to see if that fixes anything
|
2022-10-31 13:03:41 -07:00 |
|
David Dworken
|
b0df767da7
|
Try also compiling the generator
|
2022-10-30 23:42:00 -07:00 |
|
David Dworken
|
58680d75e0
|
Add permissions that 1.2.1 apparently requires
|
2022-10-30 23:27:56 -07:00 |
|
David Dworken
|
8c10148d87
|
Try bumping to 1.2.1 to see if it fixes the SIGSEGV
|
2022-10-30 23:23:59 -07:00 |
|
David Dworken
|
189f183d69
|
Normalize hostnames to attempt to get tests to pass in github actions
|
2022-10-27 23:30:09 -07:00 |
|
David Dworken
|
38ca02b961
|
Set a consistent hostname for github actions
|
2022-10-27 23:12:28 -07:00 |
|
David Dworken
|
b3dbd3820a
|
Remove continue-on-error
|
2022-10-23 18:06:32 -07:00 |
|
David Dworken
|
9614522c6d
|
Just skip the really weird bash failure on macos
|
2022-10-23 16:03:26 -07:00 |
|
David Dworken
|
8670d07e31
|
Enable tmate so I can debug a weird control-r failure on actions only
|
2022-10-23 15:48:47 -07:00 |
|
David Dworken
|
91fa37d157
|
Install modern bash on macos so control-r works
|
2022-10-23 10:10:23 -07:00 |
|
David Dworken
|
f3758dc376
|
Add fix for the weird zsh bug + disable tmate
|
2022-10-23 00:36:23 -07:00 |
|
David Dworken
|
bf6d12e4cd
|
Add debug ssh workflow
|
2022-10-23 00:15:07 -07:00 |
|
David Dworken
|
1c561f5cc8
|
Initial attempt at fixing the timezone bug that prevents tquery tests from running on actions
|
2022-10-22 11:45:04 -07:00 |
|
David Dworken
|
dbf029067f
|
Always run macos and ubuntu tests even if one fails
|
2022-10-21 23:00:33 -07:00 |
|
David Dworken
|
8501e0d16c
|
Install tmux for macos
|
2022-10-20 15:46:30 -07:00 |
|
David Dworken
|
9d5eb73c76
|
brew install fish in actions + don't hardcode the fish path
|
2022-10-19 21:27:03 -07:00 |
|
David Dworken
|
6e4be9c6a1
|
Instal fish in github actions
|
2022-10-19 17:58:32 -07:00 |
|
David Dworken
|
e594375e08
|
Add workaround for slsa breakage
|
2022-10-01 15:14:51 -07:00 |
|
David Dworken
|
f2df0f04f8
|
Continue to try to debug macos go version
|
2022-09-21 21:20:28 -07:00 |
|
David Dworken
|
9f1ad28802
|
Another attempt at fixing macos action tests
|
2022-09-20 23:20:28 -07:00 |
|
David Dworken
|
bd75a65e52
|
Another attempt at fixing the macos runner
|
2022-09-20 23:09:28 -07:00 |
|
David Dworken
|
afe1fc5043
|
Undo attempted fix
|
2022-09-19 13:01:00 -07:00 |
|
David Dworken
|
d990b1e5a5
|
Next attempt to fix buggy go version
|
2022-09-18 22:08:30 -07:00 |
|
David Dworken
|
6a3f123c53
|
Fix buggy go version on macos github action
|
2022-09-18 21:50:58 -07:00 |
|
David Dworken
|
55f0f97d29
|
Fix tests for importing so they pass on github actions
|
2022-09-17 21:56:39 -07:00 |
|
David Dworken
|
d4302501eb
|
Improve table matching for tests and attempt to fix the tests that fail only on github actions
|
2022-09-17 12:49:27 -07:00 |
|
David Dworken
|
52047a45bd
|
Run tests on github PR and daily
|
2022-09-17 11:54:26 -07:00 |
|
David Dworken
|
b2d3bb4801
|
Remove slsa builder deps to see if the new builders work when running in parallel
|
2022-09-07 23:51:41 -07:00 |
|
David Dworken
|
18c4d1c3d9
|
Bump go version for running tests in github actions
|
2022-09-03 21:25:00 -07:00 |
|
David Dworken
|
83a0beff43
|
Bump go version, remove the vendored slsa library, and depend on a newer copy with a different API. Updates now work.
|
2022-09-02 00:15:58 -07:00 |
|
David Dworken
|
4f4b07165d
|
Use a version rather than a commit hash
|
2022-09-01 23:34:23 -07:00 |
|
David Dworken
|
b37b598e65
|
Bump to 1.0 of slsa generator
|
2022-09-01 23:30:28 -07:00 |
|
David Dworken
|
bdd35c1776
|
Bump slsa to v0.0.2
|
2022-06-04 20:18:13 -07:00 |
|
David Dworken
|
5539ce8510
|
Fix file path
|
2022-06-03 21:12:15 -07:00 |
|
David Dworken
|
17b569756a
|
Maybe this works since this is the commit associated with the tag?:
|
2022-06-03 21:09:59 -07:00 |
|
David Dworken
|
b1bdf8b7da
|
Specify a version tag since f9e31da2a5 now requires that we use a tagged version
|
2022-06-03 21:01:53 -07:00 |
|
David Dworken
|
4cb4e5176a
|
Try executing in sequence
|
2022-05-28 09:34:53 -07:00 |
|
David Dworken
|
3bb8d74358
|
CHeck if it is the config-file directive that is messing up the hash
|
2022-05-28 09:29:56 -07:00 |
|
David Dworken
|
fa32a1af07
|
Check if the task name is part of the hash
|
2022-05-28 09:24:31 -07:00 |
|
David Dworken
|
2f8727f29b
|
A new way of releasing, taking advantage of config-file to avoid having to create a new commit per platform
|
2022-05-28 00:01:38 -07:00 |
|
David Dworken
|
a6476c1bf4
|
Update permissions
|
2022-05-27 23:30:49 -07:00 |
|
David Dworken
|
798fe48585
|
envs --> evaluated-envs to match updated slsa builder
|
2022-05-27 23:28:01 -07:00 |
|
David Dworken
|
adb20f1bb2
|
Upgrade slsa releaser action
|
2022-05-27 23:21:45 -07:00 |
|
David Dworken
|
64d4c211b4
|
Trigger cron from github actions
|
2022-05-27 22:48:13 -07:00 |
|
David Dworken
|
c467411db3
|
Enable running action tests via manual trigger
|
2022-05-27 18:52:09 -07:00 |
|
David Dworken
|
ea6be650ba
|
Export the unsigned files for a new theory on how SLSA verification can be done
|
2022-05-26 23:09:00 -07:00 |
|
David Dworken
|
647f6a8924
|
More debugging info for the releaser action
|
2022-05-26 22:24:56 -07:00 |
|
David Dworken
|
b8ecb33deb
|
Add more debugging information to signing workflow
|
2022-05-26 21:57:16 -07:00 |
|
David Dworken
|
750e2179c5
|
Add explicit permissions to allow writes
|
2022-05-26 21:42:09 -07:00 |
|
David Dworken
|
d4caef9c3d
|
Fix release filenames
|
2022-05-24 22:26:24 -07:00 |
|
David Dworken
|
9276fea4ba
|
Tweak the workflow order so signing runs after upload
|
2022-05-24 08:46:24 -07:00 |
|
David Dworken
|
d4d2b8e852
|
actions don't use python3 by default?
|
2022-05-23 23:31:57 -07:00 |
|
David Dworken
|
d7b6cc4caa
|
install requests which isn't installed by default in actions
|
2022-05-23 23:29:29 -07:00 |
|
David Dworken
|
6906eb942a
|
Fix accidentally deleted comment
|
2022-05-23 23:26:59 -07:00 |
|
David Dworken
|
8e2785e580
|
MIgrate to a python script for signign
|
2022-05-23 23:25:12 -07:00 |
|
David Dworken
|
344047e735
|
Fix github action reference
|
2022-05-23 18:27:27 -07:00 |
|
David Dworken
|
a679a770de
|
Fix typo
|
2022-05-23 18:25:36 -07:00 |
|
David Dworken
|
1ee8e1bca7
|
Fix typo
|
2022-05-23 18:24:23 -07:00 |
|
David Dworken
|
69317e0a85
|
Delete separate signer and start the work of merging it into the SLSA releaser action
|
2022-05-23 18:22:03 -07:00 |
|
David Dworken
|
59ed3dd9e4
|
A new approach to signing
|
2022-05-23 17:56:51 -07:00 |
|
David Dworken
|
76d139bb5a
|
Add GITHUB_TOKEN auth
|
2022-05-23 08:59:50 -07:00 |
|
David Dworken
|
cb1e69958a
|
Why are the binaries ASCII???
|
2022-05-23 08:57:55 -07:00 |
|
David Dworken
|
e8c8d4f0ad
|
Add error case for TAG_NAME==null
|
2022-05-23 08:48:22 -07:00 |
|
David Dworken
|
cb72e0a830
|
Fix URL
|
2022-05-23 08:45:12 -07:00 |
|
David Dworken
|
89df994933
|
Add more debugging output
|
2022-05-23 08:43:43 -07:00 |
|
David Dworken
|
f7a37aa97c
|
Update triggers and remove sleep that is not needed for remaining trigger types
|
2022-05-23 08:40:47 -07:00 |
|
David Dworken
|
677b596d49
|
Debugging code signing, added error checking for my xattr code and discovered that arm xattrs aren't being persisted
|
2022-05-22 20:08:30 -07:00 |
|
David Dworken
|
edcf92e899
|
Fix bad merge for macos signing
|
2022-05-22 18:15:16 -07:00 |
|
David Dworken
|
cc6cf07729
|
Another attempt at correct signing/releasing for macos
|
2022-05-22 18:12:32 -07:00 |
|
David Dworken
|
4cb5773632
|
Add hex parsing for xattr setting + log rather than error when offline
|
2022-04-28 09:51:01 -07:00 |
|
David Dworken
|
eed2459d99
|
Run signer on push and have it sleep
|
2022-04-25 22:23:05 -07:00 |
|
David Dworken
|
b0f680c1a8
|
Another attempt at xattr exporting
|
2022-04-25 21:40:02 -07:00 |
|
David Dworken
|
257f5df7e8
|
Another attempt at xattr exporting
|
2022-04-25 21:28:22 -07:00 |
|
David Dworken
|
cda9536abf
|
More xattr debugging
|
2022-04-25 21:21:31 -07:00 |
|
David Dworken
|
cdcb013511
|
More debugging output
|
2022-04-25 21:08:24 -07:00 |
|
David Dworken
|
2d91b6bf48
|
Can only release when there is a tag
|
2022-04-25 20:15:28 -07:00 |
|
David Dworken
|
5a5759c691
|
Better xattr dumping
|
2022-04-25 20:13:31 -07:00 |
|
David Dworken
|
15e186c46d
|
Fix releasing xattr files
|
2022-04-25 20:09:00 -07:00 |
|
David Dworken
|
76bdad0b78
|
Fix incorrect uses call
|
2022-04-24 22:05:18 -07:00 |
|
David Dworken
|
ba2bfc18d3
|
Release the xattrs containing the code signatures
|
2022-04-24 22:04:16 -07:00 |
|
David Dworken
|
ecbd149593
|
Brew install sha1sum
|
2022-04-24 21:50:03 -07:00 |
|
David Dworken
|
c9e062ec67
|
Add debugging prints
|
2022-04-24 21:48:06 -07:00 |
|
David Dworken
|
8c4049b101
|
Fix double @@ typo
|
2022-04-24 21:10:18 -07:00 |
|
David Dworken
|
1aa08a3a4d
|
Turns out slsa verifier hasn't been updated yet, see https://github.com/slsa-framework/slsa-verifier/pull/37
|
2022-04-24 21:07:20 -07:00 |
|
David Dworken
|
aa806878ed
|
Rename slsa builder file since the upstream repo renamed it
|
2022-04-24 20:46:48 -07:00 |
|
David Dworken
|
a60785955a
|
Update workflow name
|
2022-04-24 20:39:40 -07:00 |
|
David Dworken
|
7fbe888059
|
Whoops, same messed up dash as before
|
2022-04-24 20:36:46 -07:00 |
|
David Dworken
|
a98c31be46
|
Swap the cert to be encrypted with a password
|
2022-04-24 20:34:44 -07:00 |
|
David Dworken
|
b853973db1
|
Run commands in one step to reduce waiting time
|
2022-04-24 10:06:06 -07:00 |
|
David Dworken
|
bcbb6eaf28
|
Fix CLI arg to base 64 decode
|
2022-04-24 09:45:15 -07:00 |
|
David Dworken
|
5a31c6f96b
|
Enable manually running the sign workflow
|
2022-04-24 09:42:12 -07:00 |
|
David Dworken
|
7727e2c86d
|
First attempt at codesigning for macos in github actions
|
2022-04-24 09:40:28 -07:00 |
|
David Dworken
|
10ee085d4c
|
Remove unnecessary set -m calls, speed up the local make acttest command, embed ReleaseVersion into the test server to fix the test failures on macos, and update install to be resistant to bashrc and zshrc not existing
|
2022-04-19 21:05:54 -07:00 |
|
David Dworken
|
0c0943fc79
|
Fix failing test + fix syntax error in workflow
|
2022-04-19 19:21:39 -07:00 |
|
David Dworken
|
16d41de4ad
|
Another attempt at making zsh pass on github actions
|
2022-04-17 23:06:01 -07:00 |
|
David Dworken
|
16ad1ce12c
|
Skip releaser if the tag doesn't contain a dash as part of the multi-os release flow
|
2022-04-17 21:05:23 -07:00 |
|
David Dworken
|
16055f982e
|
Skip commands prefixed with a space for zsh + update tests + touch ~/.zshrc so tests can run on actions
|
2022-04-17 21:04:44 -07:00 |
|
David Dworken
|
e3d8f1274e
|
Hopefully fix github action tests for zsh
|
2022-04-17 20:08:54 -07:00 |
|
David Dworken
|
1ab68a804c
|
Don't build docker containers on actions since this doesn't work on macos
|
2022-04-17 12:09:10 -07:00 |
|
David Dworken
|
e98783d30f
|
Add server-side code to handle updates for non-linux
|
2022-04-17 12:02:56 -07:00 |
|
David Dworken
|
478898fd1c
|
Fix not attempt #2
|
2022-04-17 11:56:00 -07:00 |
|
David Dworken
|
aaaee9f632
|
Fix boolean not in actions config
|
2022-04-17 11:53:59 -07:00 |
|
David Dworken
|
4036a4594b
|
Add config for building/releasing binaries for other OSs
|
2022-04-17 11:44:57 -07:00 |
|
David Dworken
|
787ee8dfd9
|
Run tests on macos
|
2022-04-17 10:50:37 -07:00 |
|
David Dworken
|
c725327c24
|
Seems as though there is no way of building multiple binaries, so revert the last two changes
|
2022-04-17 10:47:10 -07:00 |
|
David Dworken
|
519f85cd98
|
And what about this?
|
2022-04-17 10:40:06 -07:00 |
|
David Dworken
|
76ebb73326
|
Does this work to generate SLSA binaries for two OSs
|
2022-04-17 10:38:12 -07:00 |
|
David Dworken
|
fb52b98379
|
Swap generous date parsing to using a library
|
2022-04-11 23:22:49 -07:00 |
|
David Dworken
|
e9d19eb782
|
fix hardcoded username in tests + another attempt at enabling bash job control + test that building docker containers works
|
2022-04-09 12:19:01 -07:00 |
|
David Dworken
|
6f7e034837
|
fix triggers
|
2022-04-09 11:58:49 -07:00 |
|
David Dworken
|
da4cab7a0b
|
github action to test code
|
2022-04-09 11:56:25 -07:00 |
|
David Dworken
|
68d7f33c98
|
Enable codeql scanning
|
2022-04-09 11:39:21 -07:00 |
|
David Dworken
|
108e1526b8
|
trying again with ldflags + fixed update url
|
2022-04-08 22:56:44 -07:00 |
|
David Dworken
|
f2c6f86204
|
another attempt at ldflags
|
2022-04-08 22:45:49 -07:00 |
|
David Dworken
|
13d766a9c8
|
trying again to make ldflags work with slsa
|
2022-04-08 22:12:00 -07:00 |
|
David Dworken
|
c3d232ea36
|
turns out github releases require a tag, now it runs automatically for all tagged commits
|
2022-04-08 21:52:22 -07:00 |
|
David Dworken
|
3c45c1c959
|
it ran, but still no ldflag. trying again for that + getting rid of the if for release + back to only running on manual trigger
|
2022-04-08 21:42:19 -07:00 |
|
David Dworken
|
18492e102a
|
attempt to fix ldflags for slsa
|
2022-04-08 21:22:31 -07:00 |
|
David Dworken
|
8bb1fd3856
|
run on push + delete outdated design.md
|
2022-04-08 21:12:17 -07:00 |
|
David Dworken
|
ff37570d74
|
Added SLSA builder
|
2022-04-08 20:59:24 -07:00 |
|