Commit Graph

84 Commits

Author SHA1 Message Date
David Dworken
4f4b07165d Use a version rather than a commit hash 2022-09-01 23:34:23 -07:00
David Dworken
b37b598e65 Bump to 1.0 of slsa generator 2022-09-01 23:30:28 -07:00
David Dworken
bdd35c1776 Bump slsa to v0.0.2 2022-06-04 20:18:13 -07:00
David Dworken
5539ce8510 Fix file path 2022-06-03 21:12:15 -07:00
David Dworken
17b569756a Maybe this works since this is the commit associated with the tag?: 2022-06-03 21:09:59 -07:00
David Dworken
b1bdf8b7da Specify a version tag since f9e31da2a5 now requires that we use a tagged version 2022-06-03 21:01:53 -07:00
David Dworken
4cb4e5176a Try executing in sequence 2022-05-28 09:34:53 -07:00
David Dworken
3bb8d74358 CHeck if it is the config-file directive that is messing up the hash 2022-05-28 09:29:56 -07:00
David Dworken
fa32a1af07 Check if the task name is part of the hash 2022-05-28 09:24:31 -07:00
David Dworken
2f8727f29b A new way of releasing, taking advantage of config-file to avoid having to create a new commit per platform 2022-05-28 00:01:38 -07:00
David Dworken
a6476c1bf4 Update permissions 2022-05-27 23:30:49 -07:00
David Dworken
798fe48585 envs --> evaluated-envs to match updated slsa builder 2022-05-27 23:28:01 -07:00
David Dworken
adb20f1bb2 Upgrade slsa releaser action 2022-05-27 23:21:45 -07:00
David Dworken
64d4c211b4 Trigger cron from github actions 2022-05-27 22:48:13 -07:00
David Dworken
ea6be650ba Export the unsigned files for a new theory on how SLSA verification can be done 2022-05-26 23:09:00 -07:00
David Dworken
647f6a8924 More debugging info for the releaser action 2022-05-26 22:24:56 -07:00
David Dworken
b8ecb33deb Add more debugging information to signing workflow 2022-05-26 21:57:16 -07:00
David Dworken
750e2179c5 Add explicit permissions to allow writes 2022-05-26 21:42:09 -07:00
David Dworken
d4caef9c3d Fix release filenames 2022-05-24 22:26:24 -07:00
David Dworken
9276fea4ba Tweak the workflow order so signing runs after upload 2022-05-24 08:46:24 -07:00
David Dworken
d4d2b8e852 actions don't use python3 by default? 2022-05-23 23:31:57 -07:00
David Dworken
d7b6cc4caa install requests which isn't installed by default in actions 2022-05-23 23:29:29 -07:00
David Dworken
6906eb942a Fix accidentally deleted comment 2022-05-23 23:26:59 -07:00
David Dworken
8e2785e580 MIgrate to a python script for signign 2022-05-23 23:25:12 -07:00
David Dworken
344047e735 Fix github action reference 2022-05-23 18:27:27 -07:00
David Dworken
a679a770de Fix typo 2022-05-23 18:25:36 -07:00
David Dworken
1ee8e1bca7 Fix typo 2022-05-23 18:24:23 -07:00
David Dworken
69317e0a85 Delete separate signer and start the work of merging it into the SLSA releaser action 2022-05-23 18:22:03 -07:00
David Dworken
8c4049b101 Fix double @@ typo 2022-04-24 21:10:18 -07:00
David Dworken
1aa08a3a4d Turns out slsa verifier hasn't been updated yet, see https://github.com/slsa-framework/slsa-verifier/pull/37 2022-04-24 21:07:20 -07:00
David Dworken
aa806878ed Rename slsa builder file since the upstream repo renamed it 2022-04-24 20:46:48 -07:00
David Dworken
0c0943fc79 Fix failing test + fix syntax error in workflow 2022-04-19 19:21:39 -07:00
David Dworken
16ad1ce12c Skip releaser if the tag doesn't contain a dash as part of the multi-os release flow 2022-04-17 21:05:23 -07:00
David Dworken
c725327c24 Seems as though there is no way of building multiple binaries, so revert the last two changes 2022-04-17 10:47:10 -07:00