David Dworken
5ab1cb61a3
Update validation to release an artifact to certify that validation passed, this will then be used by the backend server to only publish releases that passed validation
2023-11-08 19:03:30 -08:00
David Dworken
7d9664363d
Add validation of hishtory status
2023-11-08 18:25:29 -08:00
David Dworken
ed6d472409
Move assertion that file is present to earlier in function so we fail fast
2023-11-08 18:19:55 -08:00
David Dworken
79a61c1b1d
Require SLSA pre-validation for macos too
2023-11-08 18:19:02 -08:00
David Dworken
8567b4cbdf
Run sha256sum in macos signer too for debuging purposes
2023-11-06 21:17:09 -08:00
David Dworken
19ee1816be
Revert "Add SLSA attestation validation with latest released hishtory binary too" because the released binary doesn't support the validate-binary subcommand yet
...
This reverts commit 259f6b7858
.
2023-11-05 18:05:20 -08:00
David Dworken
259f6b7858
Add SLSA attestation validation with latest released hishtory binary too
2023-11-05 17:20:53 -08:00
David Dworken
3e31d022c8
Add debugging information about subprocess errors when prevalidating releases
2023-11-05 17:16:42 -08:00
David Dworken
53d976811c
Skip SLSA validation in tests for Mac binaries for debugging
2023-11-05 16:31:10 -08:00
David Dworken
517b9c43ee
Add debug prints to make reading the output easier
2023-11-05 14:10:03 -08:00
David Dworken
1cfaa13b74
Capture stdout for slsa validation
2023-11-05 14:09:22 -08:00
David Dworken
1264388ea9
Swap post-release validation to happen in a dedicated python script
2023-11-05 12:57:58 -08:00
David Dworken
9834c6f492
Add validation of macos signatures
2023-11-05 12:42:00 -08:00
David Dworken
0eb362e123
Remove requests requirement since we no longer are using it
2023-11-05 12:39:07 -08:00
David Dworken
8709ec9208
Update macos signer to be stricter about ensuring the files exist, and failing if they don't
2023-11-05 12:22:47 -08:00
David Dworken
da99e46e42
Swap SLSA releaser to use GH steps to pass through files, rather than downloading via HTTP
2023-11-03 22:18:24 -07:00
David Dworken
c59de42008
More refactoring to use cobra
2022-11-16 08:03:23 -08:00
David Dworken
edd1059b3e
Fix URL now that we only have one tag per release
2022-05-28 10:18:51 -07:00
David Dworken
ea6be650ba
Export the unsigned files for a new theory on how SLSA verification can be done
2022-05-26 23:09:00 -07:00
David Dworken
647f6a8924
More debugging info for the releaser action
2022-05-26 22:24:56 -07:00
David Dworken
b8ecb33deb
Add more debugging information to signing workflow
2022-05-26 21:57:16 -07:00
David Dworken
d4caef9c3d
Fix release filenames
2022-05-24 22:26:24 -07:00
David Dworken
6be86c5111
Remove bogus assert None
2022-05-24 10:34:37 -07:00
David Dworken
b589a7b485
Fix GITHUB_REF parsing
2022-05-24 10:23:15 -07:00
David Dworken
1dfc34ea79
Missing f in format string
2022-05-24 09:43:35 -07:00
David Dworken
a9d1dcfb40
Longer timeout + better error message
2022-05-24 09:07:01 -07:00
David Dworken
d851fd8489
Add missing variable name
2022-05-24 00:14:50 -07:00
David Dworken
045492d679
Fix function definition
2022-05-24 00:12:29 -07:00
David Dworken
8e2785e580
MIgrate to a python script for signign
2022-05-23 23:25:12 -07:00
David Dworken
f7c95f95b4
Fix the ldflags attempt #2
2022-04-16 21:29:59 -07:00
David Dworken
8a962b7993
try again for setting the ldflags in the action builder
2022-04-16 21:15:19 -07:00
David Dworken
158f08f5c6
Improved update flow
...
Using the previously added new API endpoint, the update flow can now skip updates if the latest version is already installed. This also improves the output by making it so update can print the version. Also improved the error handling.
2022-04-16 20:50:02 -07:00
David Dworken
2bb06b568a
Add version to binary
2022-04-09 14:37:21 -07:00
David Dworken
f2c6f86204
another attempt at ldflags
2022-04-08 22:45:49 -07:00