Commit Graph

34 Commits

Author SHA1 Message Date
David Dworken
5ab1cb61a3
Update validation to release an artifact to certify that validation passed, this will then be used by the backend server to only publish releases that passed validation 2023-11-08 19:03:30 -08:00
David Dworken
7d9664363d
Add validation of hishtory status 2023-11-08 18:25:29 -08:00
David Dworken
ed6d472409
Move assertion that file is present to earlier in function so we fail fast 2023-11-08 18:19:55 -08:00
David Dworken
79a61c1b1d
Require SLSA pre-validation for macos too 2023-11-08 18:19:02 -08:00
David Dworken
8567b4cbdf
Run sha256sum in macos signer too for debuging purposes 2023-11-06 21:17:09 -08:00
David Dworken
19ee1816be Revert "Add SLSA attestation validation with latest released hishtory binary too" because the released binary doesn't support the validate-binary subcommand yet
This reverts commit 259f6b7858.
2023-11-05 18:05:20 -08:00
David Dworken
259f6b7858
Add SLSA attestation validation with latest released hishtory binary too 2023-11-05 17:20:53 -08:00
David Dworken
3e31d022c8
Add debugging information about subprocess errors when prevalidating releases 2023-11-05 17:16:42 -08:00
David Dworken
53d976811c
Skip SLSA validation in tests for Mac binaries for debugging 2023-11-05 16:31:10 -08:00
David Dworken
517b9c43ee
Add debug prints to make reading the output easier 2023-11-05 14:10:03 -08:00
David Dworken
1cfaa13b74
Capture stdout for slsa validation 2023-11-05 14:09:22 -08:00
David Dworken
1264388ea9
Swap post-release validation to happen in a dedicated python script 2023-11-05 12:57:58 -08:00
David Dworken
9834c6f492
Add validation of macos signatures 2023-11-05 12:42:00 -08:00
David Dworken
0eb362e123
Remove requests requirement since we no longer are using it 2023-11-05 12:39:07 -08:00
David Dworken
8709ec9208
Update macos signer to be stricter about ensuring the files exist, and failing if they don't 2023-11-05 12:22:47 -08:00
David Dworken
da99e46e42
Swap SLSA releaser to use GH steps to pass through files, rather than downloading via HTTP 2023-11-03 22:18:24 -07:00
David Dworken
c59de42008
More refactoring to use cobra 2022-11-16 08:03:23 -08:00
David Dworken
edd1059b3e Fix URL now that we only have one tag per release 2022-05-28 10:18:51 -07:00
David Dworken
ea6be650ba Export the unsigned files for a new theory on how SLSA verification can be done 2022-05-26 23:09:00 -07:00
David Dworken
647f6a8924 More debugging info for the releaser action 2022-05-26 22:24:56 -07:00
David Dworken
b8ecb33deb Add more debugging information to signing workflow 2022-05-26 21:57:16 -07:00
David Dworken
d4caef9c3d Fix release filenames 2022-05-24 22:26:24 -07:00
David Dworken
6be86c5111 Remove bogus assert None 2022-05-24 10:34:37 -07:00
David Dworken
b589a7b485 Fix GITHUB_REF parsing 2022-05-24 10:23:15 -07:00
David Dworken
1dfc34ea79 Missing f in format string 2022-05-24 09:43:35 -07:00
David Dworken
a9d1dcfb40 Longer timeout + better error message 2022-05-24 09:07:01 -07:00
David Dworken
d851fd8489 Add missing variable name 2022-05-24 00:14:50 -07:00
David Dworken
045492d679 Fix function definition 2022-05-24 00:12:29 -07:00
David Dworken
8e2785e580 MIgrate to a python script for signign 2022-05-23 23:25:12 -07:00
David Dworken
f7c95f95b4 Fix the ldflags attempt #2 2022-04-16 21:29:59 -07:00
David Dworken
8a962b7993 try again for setting the ldflags in the action builder 2022-04-16 21:15:19 -07:00
David Dworken
158f08f5c6 Improved update flow
Using the previously added new API endpoint, the update flow can now skip updates if the latest version is already installed. This also improves the output by making it so update can print the version. Also improved the error handling.
2022-04-16 20:50:02 -07:00
David Dworken
2bb06b568a Add version to binary 2022-04-09 14:37:21 -07:00
David Dworken
f2c6f86204 another attempt at ldflags 2022-04-08 22:45:49 -07:00