hishtory

mirror of https://github.com/ddworken/hishtory.git synced 2024-11-23 08:45:16 +01:00

Author	SHA1	Message	Date
David Dworken	165cdd9187	Update slsa integration to use the shared library for parsing version strings	2023-11-09 20:52:21 -08:00
David Dworken	e11c4554fe	Release v0.249	2023-11-08 20:37:17 -08:00
David Dworken	09270ef5a0	Add SLSA attestation pre-validation with released hishtory version	2023-11-08 20:23:24 -08:00
David Dworken	e0f629d0ee	Add integration with `5ab1cb61a3` so that we only serve binaries for updates if they have passed validation	2023-11-08 20:08:42 -08:00
David Dworken	73b1a76390	Release v0.248	2023-11-08 19:52:23 -08:00
David Dworken	42a7b80579	Update slsa releaser to run with write permissions so it can release the hishtory-release-validation-completed file	2023-11-08 19:51:49 -08:00
David Dworken	c64ffd68b7	Release v0.247	2023-11-08 19:38:45 -08:00
David Dworken	262d8238ad	Add chmod +x so that we can run hishtory status	2023-11-08 19:26:00 -08:00
David Dworken	b88bc86204	Add ./ to execute the binary in CWD	2023-11-08 19:07:49 -08:00
David Dworken	5ab1cb61a3	Update validation to release an artifact to certify that validation passed, this will then be used by the backend server to only publish releases that passed validation	2023-11-08 19:03:30 -08:00
David Dworken	c802537cb7	Shorten delay and remove tmate	2023-11-08 18:58:34 -08:00
David Dworken	f7b662e7f4	Update go version in pre-commit.yml to match the version used for hishtory	2023-11-08 18:57:42 -08:00
David Dworken	7d9664363d	Add validation of hishtory status	2023-11-08 18:25:29 -08:00
David Dworken	ed6d472409	Move assertion that file is present to earlier in function so we fail fast	2023-11-08 18:19:55 -08:00
David Dworken	79a61c1b1d	Require SLSA pre-validation for macos too	2023-11-08 18:19:02 -08:00
David Dworken	a93002f045	Attempt to swap back to using the download-artifact action, but with a sleep to see if that helps it find the artifact	2023-11-07 23:11:52 -08:00
David Dworken	cdd58d0191	Add tmate debugging for macos signing	2023-11-07 23:03:40 -08:00
David Dworken	465f7812ef	Update slsa-releaser.yml	2023-11-06 22:38:45 -08:00
David Dworken	4e699ff349	Update slsa-releaser.yml	2023-11-06 22:38:07 -08:00
David Dworken	90c0b787d9	Increase delay to account for GitHub artifacts being slow to publish	2023-11-06 22:05:59 -08:00
David Dworken	606ed6ccb0	Download the artifact from this specific run to ensure we aren't getting outdated hishtory binaries	2023-11-06 21:47:14 -08:00
David Dworken	19b9f67724	Fix bug with automatic cd-ing where quoting the directory caused tildes to not get expanded into the user's homedir	2023-11-06 21:39:01 -08:00
David Dworken	eaccc7b638	Skip installing dedicated package for sha1sum since coreutils includes it	2023-11-06 21:25:52 -08:00
David Dworken	8567b4cbdf	Run sha256sum in macos signer too for debuging purposes	2023-11-06 21:17:09 -08:00
David Dworken	e1f69f8731	Add TODO	2023-11-06 18:44:28 -08:00
David Dworken	a180c850a9	Add extra require to ensure that the next line doesn't panic if the string isn't present, since that interferes with gotestsum	2023-11-06 18:44:14 -08:00
David Dworken	72be3ee0c7	Update slsa-releaser.yml	2023-11-05 20:08:54 -08:00
David Dworken	a10913f188	Update slsa-releaser.yml to run tmate even if tests pass	2023-11-05 18:38:40 -08:00
David Dworken	222340a97c	Add tmate for debugging darwin attestation failures	2023-11-05 18:25:27 -08:00
David Dworken	19ee1816be	Revert "Add SLSA attestation validation with latest released hishtory binary too" because the released binary doesn't support the validate-binary subcommand yet This reverts commit `259f6b7858`.	2023-11-05 18:05:20 -08:00
David Dworken	259f6b7858	Add SLSA attestation validation with latest released hishtory binary too	2023-11-05 17:20:53 -08:00
David Dworken	3e31d022c8	Add debugging information about subprocess errors when prevalidating releases	2023-11-05 17:16:42 -08:00
David Dworken	53d976811c	Skip SLSA validation in tests for Mac binaries for debugging	2023-11-05 16:31:10 -08:00
David Dworken	517b9c43ee	Add debug prints to make reading the output easier	2023-11-05 14:10:03 -08:00
David Dworken	1cfaa13b74	Capture stdout for slsa validation	2023-11-05 14:09:22 -08:00
David Dworken	1264388ea9	Swap post-release validation to happen in a dedicated python script	2023-11-05 12:57:58 -08:00
David Dworken	9834c6f492	Add validation of macos signatures	2023-11-05 12:42:00 -08:00
David Dworken	0eb362e123	Remove requests requirement since we no longer are using it	2023-11-05 12:39:07 -08:00
David Dworken	6cc7057d1e	Swap to running SLSA validation on macos since we need codesign_allocate to validate signatures on macos	2023-11-05 12:37:49 -08:00
David Dworken	e00bc22dfd	Add SLSA self-validation for hishtory-linux-arm64	2023-11-05 12:27:44 -08:00
David Dworken	61224a447c	Add SLSA self-validation for hishtory-darwin-arm64	2023-11-05 12:25:58 -08:00
David Dworken	be2bbb37c6	Add SLSA self-validation for hishtory-darwin-amd64	2023-11-05 12:24:47 -08:00
David Dworken	8709ec9208	Update macos signer to be stricter about ensuring the files exist, and failing if they don't	2023-11-05 12:22:47 -08:00
David Dworken	a65c3799ed	Manually download github artifact rather than using the action since the action seems to be flaky	2023-11-05 11:37:14 -08:00
David Dworken	04c915512a	Add GITHUB_TOKEN to tmate for interactive debugging	2023-11-05 10:54:37 -08:00
David Dworken	55e187d6df	Add tmate for debugging why actions/download-artifact appears to not be working	2023-11-05 10:28:05 -08:00
David Dworken	2a57ec1d73	Add ls for debugging	2023-11-05 01:33:35 -07:00
David Dworken	c918bcd3cb	Update slsa validation to not validate version when running in github actions, since the one in actions isn't associated with a released version	2023-11-05 01:15:54 -07:00
David Dworken	c3c74970b0	Swap slsa validation to use hishtory built at head	2023-11-05 00:55:01 -07:00
David Dworken	29142df382	Add additional check that checks that the version is valid per semver	2023-11-05 00:38:21 -07:00

... 2 3 4 5 6 ...

1930 Commits