Commit Graph

246 Commits

Author SHA1 Message Date
David Dworken
a93002f045
Attempt to swap back to using the download-artifact action, but with a sleep to see if that helps it find the artifact 2023-11-07 23:11:52 -08:00
David Dworken
cdd58d0191
Add tmate debugging for macos signing 2023-11-07 23:03:40 -08:00
David Dworken
465f7812ef
Update slsa-releaser.yml 2023-11-06 22:38:45 -08:00
David Dworken
4e699ff349
Update slsa-releaser.yml 2023-11-06 22:38:07 -08:00
David Dworken
90c0b787d9
Increase delay to account for GitHub artifacts being slow to publish 2023-11-06 22:05:59 -08:00
David Dworken
606ed6ccb0
Download the artifact from this specific run to ensure we aren't getting outdated hishtory binaries 2023-11-06 21:47:14 -08:00
David Dworken
eaccc7b638
Skip installing dedicated package for sha1sum since coreutils includes it 2023-11-06 21:25:52 -08:00
David Dworken
8567b4cbdf
Run sha256sum in macos signer too for debuging purposes 2023-11-06 21:17:09 -08:00
David Dworken
72be3ee0c7
Update slsa-releaser.yml 2023-11-05 20:08:54 -08:00
David Dworken
a10913f188
Update slsa-releaser.yml to run tmate even if tests pass 2023-11-05 18:38:40 -08:00
David Dworken
222340a97c
Add tmate for debugging darwin attestation failures 2023-11-05 18:25:27 -08:00
David Dworken
19ee1816be Revert "Add SLSA attestation validation with latest released hishtory binary too" because the released binary doesn't support the validate-binary subcommand yet
This reverts commit 259f6b7858.
2023-11-05 18:05:20 -08:00
David Dworken
259f6b7858
Add SLSA attestation validation with latest released hishtory binary too 2023-11-05 17:20:53 -08:00
David Dworken
1264388ea9
Swap post-release validation to happen in a dedicated python script 2023-11-05 12:57:58 -08:00
David Dworken
9834c6f492
Add validation of macos signatures 2023-11-05 12:42:00 -08:00
David Dworken
0eb362e123
Remove requests requirement since we no longer are using it 2023-11-05 12:39:07 -08:00
David Dworken
6cc7057d1e
Swap to running SLSA validation on macos since we need codesign_allocate to validate signatures on macos 2023-11-05 12:37:49 -08:00
David Dworken
e00bc22dfd
Add SLSA self-validation for hishtory-linux-arm64 2023-11-05 12:27:44 -08:00
David Dworken
61224a447c
Add SLSA self-validation for hishtory-darwin-arm64 2023-11-05 12:25:58 -08:00
David Dworken
be2bbb37c6
Add SLSA self-validation for hishtory-darwin-amd64 2023-11-05 12:24:47 -08:00
David Dworken
8709ec9208
Update macos signer to be stricter about ensuring the files exist, and failing if they don't 2023-11-05 12:22:47 -08:00
David Dworken
a65c3799ed
Manually download github artifact rather than using the action since the action seems to be flaky 2023-11-05 11:37:14 -08:00
David Dworken
04c915512a
Add GITHUB_TOKEN to tmate for interactive debugging 2023-11-05 10:54:37 -08:00
David Dworken
55e187d6df
Add tmate for debugging why actions/download-artifact appears to not be working 2023-11-05 10:28:05 -08:00
David Dworken
2a57ec1d73
Add ls for debugging 2023-11-05 01:33:35 -07:00
David Dworken
c918bcd3cb
Update slsa validation to not validate version when running in github actions, since the one in actions isn't associated with a released version 2023-11-05 01:15:54 -07:00
David Dworken
c3c74970b0
Swap slsa validation to use hishtory built at head 2023-11-05 00:55:01 -07:00
David Dworken
acf46893e9
Clone repo and setup go for validation 2023-11-04 09:51:58 -07:00
David Dworken
a10a796eaa
Another attempt at getting validation to work on github actions 2023-11-03 23:36:30 -07:00
David Dworken
13ba6f38f7
Add pwd for debugging 2023-11-03 23:25:57 -07:00
David Dworken
723d04e196
Remove slsa validation for macos binaries since the artifact upload currently isn't working 2023-11-03 23:24:27 -07:00
David Dworken
dcd58fe27d
Fix SLSA releaser to specify required parameter path 2023-11-03 22:42:52 -07:00
David Dworken
92537a085c
Upload artifacts from macos signer even if this isn't a release, since they're needed for validation 2023-11-03 22:31:43 -07:00
David Dworken
da99e46e42
Swap SLSA releaser to use GH steps to pass through files, rather than downloading via HTTP 2023-11-03 22:18:24 -07:00
David Dworken
4673b99579
Add integration to validate macos signers too 2023-11-03 22:16:11 -07:00
David Dworken
87dee94aab
Add initial version of slsa releaser that validates the generated SLSA signatures 2023-11-03 22:10:11 -07:00
David Dworken
982f7b5f02
Add extra delay to see if that allows DD metrics to go through 2023-10-22 19:37:09 -07:00
David Dworken
238177897e
Swap to cloning gotestsum over https:// rather than SSH to fix auth 2023-10-22 17:09:13 -07:00
David Dworken
772ab6cc87
Update makefile to use my forked version of gotestsum that contains https://github.com/gotestyourself/gotestsum/pull/377 2023-10-22 17:06:36 -07:00
David Dworken
6e1589c1d8
Update github actions to export the test results json for both OSs, and to do it even if the test are an overall failure 2023-10-22 11:12:11 -07:00
David Dworken
8b9e3dfb10
Export testrun.json as a file so that we can also download it for manual inspection/processing 2023-10-22 00:21:47 -07:00
David Dworken
df9c6e8786
Swap to using gotestsum for retrying flaky tests 2023-10-21 15:41:32 -07:00
David Dworken
4202e057ef
Update docker compose test to ensure that the redaction worked 2023-10-15 19:05:32 -07:00
David Dworken
3ec8ffad80
Fix accepting the hishtory redact prompt in github action tests 2023-10-15 12:32:05 -07:00
David Dworken
215e71293d
Add basic check that hishtory redaction works in the self-hosting tests 2023-10-15 11:52:06 -07:00
David Dworken
63da1d9cd4
Run tests for releases too 2023-10-10 22:20:07 -07:00
David Dworken
7ad1e2fb03
Upgrade to go 1.21 which offers fully reproducible builds (on top of SLSA's attestations) 2023-10-01 18:00:58 -07:00
David Dworken
a711ed0767
Disable tmate session for failed docker compose tests 2023-09-23 20:38:35 -07:00
David Dworken
bd03f90b0b
Increase go version in pre-commit for staticcheck 2023-09-23 13:07:50 -07:00
David Dworken
2ad06d1cb2
Install deps for pre-commit 2023-09-23 13:03:54 -07:00