David Dworken
|
4f4b07165d
|
Use a version rather than a commit hash
|
2022-09-01 23:34:23 -07:00 |
|
David Dworken
|
b37b598e65
|
Bump to 1.0 of slsa generator
|
2022-09-01 23:30:28 -07:00 |
|
David Dworken
|
bdd35c1776
|
Bump slsa to v0.0.2
|
2022-06-04 20:18:13 -07:00 |
|
David Dworken
|
5539ce8510
|
Fix file path
|
2022-06-03 21:12:15 -07:00 |
|
David Dworken
|
17b569756a
|
Maybe this works since this is the commit associated with the tag?:
|
2022-06-03 21:09:59 -07:00 |
|
David Dworken
|
b1bdf8b7da
|
Specify a version tag since f9e31da2a5 now requires that we use a tagged version
|
2022-06-03 21:01:53 -07:00 |
|
David Dworken
|
4cb4e5176a
|
Try executing in sequence
|
2022-05-28 09:34:53 -07:00 |
|
David Dworken
|
3bb8d74358
|
CHeck if it is the config-file directive that is messing up the hash
|
2022-05-28 09:29:56 -07:00 |
|
David Dworken
|
fa32a1af07
|
Check if the task name is part of the hash
|
2022-05-28 09:24:31 -07:00 |
|
David Dworken
|
2f8727f29b
|
A new way of releasing, taking advantage of config-file to avoid having to create a new commit per platform
|
2022-05-28 00:01:38 -07:00 |
|
David Dworken
|
a6476c1bf4
|
Update permissions
|
2022-05-27 23:30:49 -07:00 |
|
David Dworken
|
798fe48585
|
envs --> evaluated-envs to match updated slsa builder
|
2022-05-27 23:28:01 -07:00 |
|
David Dworken
|
adb20f1bb2
|
Upgrade slsa releaser action
|
2022-05-27 23:21:45 -07:00 |
|
David Dworken
|
64d4c211b4
|
Trigger cron from github actions
|
2022-05-27 22:48:13 -07:00 |
|
David Dworken
|
c467411db3
|
Enable running action tests via manual trigger
|
2022-05-27 18:52:09 -07:00 |
|
David Dworken
|
ea6be650ba
|
Export the unsigned files for a new theory on how SLSA verification can be done
|
2022-05-26 23:09:00 -07:00 |
|
David Dworken
|
647f6a8924
|
More debugging info for the releaser action
|
2022-05-26 22:24:56 -07:00 |
|
David Dworken
|
b8ecb33deb
|
Add more debugging information to signing workflow
|
2022-05-26 21:57:16 -07:00 |
|
David Dworken
|
750e2179c5
|
Add explicit permissions to allow writes
|
2022-05-26 21:42:09 -07:00 |
|
David Dworken
|
d4caef9c3d
|
Fix release filenames
|
2022-05-24 22:26:24 -07:00 |
|
David Dworken
|
9276fea4ba
|
Tweak the workflow order so signing runs after upload
|
2022-05-24 08:46:24 -07:00 |
|
David Dworken
|
d4d2b8e852
|
actions don't use python3 by default?
|
2022-05-23 23:31:57 -07:00 |
|
David Dworken
|
d7b6cc4caa
|
install requests which isn't installed by default in actions
|
2022-05-23 23:29:29 -07:00 |
|
David Dworken
|
6906eb942a
|
Fix accidentally deleted comment
|
2022-05-23 23:26:59 -07:00 |
|
David Dworken
|
8e2785e580
|
MIgrate to a python script for signign
|
2022-05-23 23:25:12 -07:00 |
|
David Dworken
|
344047e735
|
Fix github action reference
|
2022-05-23 18:27:27 -07:00 |
|
David Dworken
|
a679a770de
|
Fix typo
|
2022-05-23 18:25:36 -07:00 |
|
David Dworken
|
1ee8e1bca7
|
Fix typo
|
2022-05-23 18:24:23 -07:00 |
|
David Dworken
|
69317e0a85
|
Delete separate signer and start the work of merging it into the SLSA releaser action
|
2022-05-23 18:22:03 -07:00 |
|
David Dworken
|
59ed3dd9e4
|
A new approach to signing
|
2022-05-23 17:56:51 -07:00 |
|
David Dworken
|
76d139bb5a
|
Add GITHUB_TOKEN auth
|
2022-05-23 08:59:50 -07:00 |
|
David Dworken
|
cb1e69958a
|
Why are the binaries ASCII???
|
2022-05-23 08:57:55 -07:00 |
|
David Dworken
|
e8c8d4f0ad
|
Add error case for TAG_NAME==null
|
2022-05-23 08:48:22 -07:00 |
|
David Dworken
|
cb72e0a830
|
Fix URL
|
2022-05-23 08:45:12 -07:00 |
|
David Dworken
|
89df994933
|
Add more debugging output
|
2022-05-23 08:43:43 -07:00 |
|
David Dworken
|
f7a37aa97c
|
Update triggers and remove sleep that is not needed for remaining trigger types
|
2022-05-23 08:40:47 -07:00 |
|
David Dworken
|
677b596d49
|
Debugging code signing, added error checking for my xattr code and discovered that arm xattrs aren't being persisted
|
2022-05-22 20:08:30 -07:00 |
|
David Dworken
|
edcf92e899
|
Fix bad merge for macos signing
|
2022-05-22 18:15:16 -07:00 |
|
David Dworken
|
cc6cf07729
|
Another attempt at correct signing/releasing for macos
|
2022-05-22 18:12:32 -07:00 |
|
David Dworken
|
4cb5773632
|
Add hex parsing for xattr setting + log rather than error when offline
|
2022-04-28 09:51:01 -07:00 |
|
David Dworken
|
eed2459d99
|
Run signer on push and have it sleep
|
2022-04-25 22:23:05 -07:00 |
|
David Dworken
|
b0f680c1a8
|
Another attempt at xattr exporting
|
2022-04-25 21:40:02 -07:00 |
|
David Dworken
|
257f5df7e8
|
Another attempt at xattr exporting
|
2022-04-25 21:28:22 -07:00 |
|
David Dworken
|
cda9536abf
|
More xattr debugging
|
2022-04-25 21:21:31 -07:00 |
|
David Dworken
|
cdcb013511
|
More debugging output
|
2022-04-25 21:08:24 -07:00 |
|
David Dworken
|
2d91b6bf48
|
Can only release when there is a tag
|
2022-04-25 20:15:28 -07:00 |
|
David Dworken
|
5a5759c691
|
Better xattr dumping
|
2022-04-25 20:13:31 -07:00 |
|
David Dworken
|
15e186c46d
|
Fix releasing xattr files
|
2022-04-25 20:09:00 -07:00 |
|
David Dworken
|
76bdad0b78
|
Fix incorrect uses call
|
2022-04-24 22:05:18 -07:00 |
|
David Dworken
|
ba2bfc18d3
|
Release the xattrs containing the code signatures
|
2022-04-24 22:04:16 -07:00 |
|
David Dworken
|
ecbd149593
|
Brew install sha1sum
|
2022-04-24 21:50:03 -07:00 |
|
David Dworken
|
c9e062ec67
|
Add debugging prints
|
2022-04-24 21:48:06 -07:00 |
|
David Dworken
|
8c4049b101
|
Fix double @@ typo
|
2022-04-24 21:10:18 -07:00 |
|
David Dworken
|
1aa08a3a4d
|
Turns out slsa verifier hasn't been updated yet, see https://github.com/slsa-framework/slsa-verifier/pull/37
|
2022-04-24 21:07:20 -07:00 |
|
David Dworken
|
aa806878ed
|
Rename slsa builder file since the upstream repo renamed it
|
2022-04-24 20:46:48 -07:00 |
|
David Dworken
|
a60785955a
|
Update workflow name
|
2022-04-24 20:39:40 -07:00 |
|
David Dworken
|
7fbe888059
|
Whoops, same messed up dash as before
|
2022-04-24 20:36:46 -07:00 |
|
David Dworken
|
a98c31be46
|
Swap the cert to be encrypted with a password
|
2022-04-24 20:34:44 -07:00 |
|
David Dworken
|
b853973db1
|
Run commands in one step to reduce waiting time
|
2022-04-24 10:06:06 -07:00 |
|
David Dworken
|
bcbb6eaf28
|
Fix CLI arg to base 64 decode
|
2022-04-24 09:45:15 -07:00 |
|
David Dworken
|
5a31c6f96b
|
Enable manually running the sign workflow
|
2022-04-24 09:42:12 -07:00 |
|
David Dworken
|
7727e2c86d
|
First attempt at codesigning for macos in github actions
|
2022-04-24 09:40:28 -07:00 |
|
David Dworken
|
10ee085d4c
|
Remove unnecessary set -m calls, speed up the local make acttest command, embed ReleaseVersion into the test server to fix the test failures on macos, and update install to be resistant to bashrc and zshrc not existing
|
2022-04-19 21:05:54 -07:00 |
|
David Dworken
|
0c0943fc79
|
Fix failing test + fix syntax error in workflow
|
2022-04-19 19:21:39 -07:00 |
|
David Dworken
|
16d41de4ad
|
Another attempt at making zsh pass on github actions
|
2022-04-17 23:06:01 -07:00 |
|
David Dworken
|
15bec30315
|
Add fake event with head_commit to restore the ability to run the github action test locally
|
2022-04-17 21:47:49 -07:00 |
|
David Dworken
|
16ad1ce12c
|
Skip releaser if the tag doesn't contain a dash as part of the multi-os release flow
|
2022-04-17 21:05:23 -07:00 |
|
David Dworken
|
16055f982e
|
Skip commands prefixed with a space for zsh + update tests + touch ~/.zshrc so tests can run on actions
|
2022-04-17 21:04:44 -07:00 |
|
David Dworken
|
e3d8f1274e
|
Hopefully fix github action tests for zsh
|
2022-04-17 20:08:54 -07:00 |
|
David Dworken
|
1ab68a804c
|
Don't build docker containers on actions since this doesn't work on macos
|
2022-04-17 12:09:10 -07:00 |
|
David Dworken
|
e98783d30f
|
Add server-side code to handle updates for non-linux
|
2022-04-17 12:02:56 -07:00 |
|
David Dworken
|
478898fd1c
|
Fix not attempt #2
|
2022-04-17 11:56:00 -07:00 |
|
David Dworken
|
aaaee9f632
|
Fix boolean not in actions config
|
2022-04-17 11:53:59 -07:00 |
|
David Dworken
|
4036a4594b
|
Add config for building/releasing binaries for other OSs
|
2022-04-17 11:44:57 -07:00 |
|
David Dworken
|
787ee8dfd9
|
Run tests on macos
|
2022-04-17 10:50:37 -07:00 |
|
David Dworken
|
c725327c24
|
Seems as though there is no way of building multiple binaries, so revert the last two changes
|
2022-04-17 10:47:10 -07:00 |
|
David Dworken
|
519f85cd98
|
And what about this?
|
2022-04-17 10:40:06 -07:00 |
|
David Dworken
|
76ebb73326
|
Does this work to generate SLSA binaries for two OSs
|
2022-04-17 10:38:12 -07:00 |
|
David Dworken
|
fb52b98379
|
Swap generous date parsing to using a library
|
2022-04-11 23:22:49 -07:00 |
|
David Dworken
|
e9d19eb782
|
fix hardcoded username in tests + another attempt at enabling bash job control + test that building docker containers works
|
2022-04-09 12:19:01 -07:00 |
|
David Dworken
|
6f7e034837
|
fix triggers
|
2022-04-09 11:58:49 -07:00 |
|
David Dworken
|
da4cab7a0b
|
github action to test code
|
2022-04-09 11:56:25 -07:00 |
|
David Dworken
|
68d7f33c98
|
Enable codeql scanning
|
2022-04-09 11:39:21 -07:00 |
|
David Dworken
|
108e1526b8
|
trying again with ldflags + fixed update url
|
2022-04-08 22:56:44 -07:00 |
|
David Dworken
|
f2c6f86204
|
another attempt at ldflags
|
2022-04-08 22:45:49 -07:00 |
|
David Dworken
|
13d766a9c8
|
trying again to make ldflags work with slsa
|
2022-04-08 22:12:00 -07:00 |
|
David Dworken
|
c3d232ea36
|
turns out github releases require a tag, now it runs automatically for all tagged commits
|
2022-04-08 21:52:22 -07:00 |
|
David Dworken
|
3c45c1c959
|
it ran, but still no ldflag. trying again for that + getting rid of the if for release + back to only running on manual trigger
|
2022-04-08 21:42:19 -07:00 |
|
David Dworken
|
18492e102a
|
attempt to fix ldflags for slsa
|
2022-04-08 21:22:31 -07:00 |
|
David Dworken
|
8bb1fd3856
|
run on push + delete outdated design.md
|
2022-04-08 21:12:17 -07:00 |
|
David Dworken
|
ff37570d74
|
Added SLSA builder
|
2022-04-08 20:59:24 -07:00 |
|