Commit Graph

43 Commits

Author SHA1 Message Date
Nils Hanke
f13f80b8af
ci: update Syft to 0.72.0 and Grype to 0.57.1 ()
* ci: update Syft to 0.72.0 and Grype to 0.57.1
* ci: install Cosign before Syft
* ci: directly read private key from environment for Cosign
* ci: add --add-cpes-if-none to Grype
* ci: use cosign attest directly instead of syft attest
2023-02-22 14:17:02 +01:00
Paul Meyer
e011a20c49 deps: update to Go 1.20
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-20 12:08:24 -05:00
Paul Meyer
a31d79e9cb ci: curl flags
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-20 14:23:32 +01:00
Nils Hanke
4e9c49c342
ci: move Syft & Grype installation into an action () 2023-01-18 17:33:10 +01:00
Nils Hanke
fc2a285270
ci: fix CLI SBOM generation () 2023-01-18 11:36:39 +01:00
Paul Meyer
411dfed18f ci: unified order and style of workflows/actions
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-18 10:57:42 +01:00
Paul Meyer
d0e9f427d1
deps: update Go to v1.19.5 ()
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-12 13:36:17 +01:00
Malte Poll
d851623c0d ci: implement second half of release checklist 2023-01-12 13:24:07 +01:00
Malte Poll
142af75776 ci: implement second half of release checklist 2023-01-12 13:24:07 +01:00
Leonard Cohnen
e9da70fde9 ci: remove versions manifest 2023-01-11 11:10:44 +01:00
Paul Meyer
dc73411301 hack: remove build-manifest
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-09 13:15:09 +01:00
renovate[bot]
f62f8e5d79
Update GitHub action dependencies ()
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-06 17:35:54 +01:00
renovate[bot]
32b839e9f7
Update GitHub action dependencies ()
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-05 16:17:51 +01:00
Thomas Tendyck
990cae58a5 ci: don't checkout head ref for PRs from forks 2022-12-19 16:09:40 +01:00
Fabian Kammel
b718e92d1d
update slsa-verifier ()
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-12-15 09:45:46 +01:00
renovate[bot]
5967b98c25
Update GitHub action dependencies ()
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-14 14:55:14 +01:00
Malte Poll
fed31c304a Release CLI: Fix upload path 2022-12-12 17:45:35 +01:00
renovate[bot]
e371e4499f
Update GitHub action dependencies ()
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-09 11:10:23 +01:00
Paul Meyer
3cc2a714a4
dependencies: upgrade to Go v1.19.4 ()
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-07 14:27:43 +01:00
Paul Meyer
5ba5d9d683
ci: unpin slsa-github-generator action digest ()
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-06 17:07:27 +01:00
renovate[bot]
998c8ee889
Update GitHub action dependencies ()
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-02 10:33:19 +01:00
renovate[bot]
2e2bcb15e1
Update GitHub action dependencies ()
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-29 14:06:18 +01:00
Fabian Kammel
c71fd89e80
Provenance for CLI ()
* provenance generation for cli
* document provenance generation for CLI
* include CLI SBOM in provenance
Co-authored-by: 3u13r <lc@edgeless.systems>
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-11-25 16:13:20 +01:00
renovate[bot]
fa2919e285
Update softprops/action-gh-release action to v0.1.15 ()
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-21 15:08:53 +01:00
Paul Meyer
09969afd57 ci: fix workflows
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-11 16:38:29 +01:00
Paul Meyer
fb6f425696 ci: checkout with head ref
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-11 14:00:11 +01:00
Paul Meyer
11672acf0a e2e: add AWS test
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-11 13:30:34 +01:00
Paul Meyer
1ec9316521 ci: rename actions
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-11 13:30:34 +01:00
Nils Hanke
a7e81aef73
Update GitHub workflow runners to Ubuntu 22.04 ()
* Update all GitHub action runners to ubuntu-22.04
* Fix license checker script for grep >3.4
2022-11-10 16:55:24 +01:00
Daniel Weiße
011f9c597d
Bring in changes from release branch ()
* Bump version to v2.2.0

* Update changelog

* Fix release detection in pipeline

* Fix PKI selection in pipeline

* Set enforced measurements for AWS

* Update default images

* Fix release docs

* Update mini-con defaults

* Fix measurements action

* Fix syft env variable naming

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-11-08 18:32:59 +01:00
Nils Hanke
6d2ec109d0 Update to Go 1.19.3 2022-11-02 11:53:52 +01:00
Fabian Kammel
18ae86c38e
sbom signing ()
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-10-21 15:19:51 +02:00
Fabian Kammel
21436e6592
use release cosign key only when releasing ()
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-10-20 15:59:17 +02:00
renovate[bot]
ed98b0205b
Update github actions dependencies ()
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-18 13:54:53 +02:00
Fabian Kammel
7ee8f65889
Delete dependabot and prepare renovate ()
* Delete microserivce template.
* Remove dependabot config
* Prepare renovate by adopting GitHub actions syntax
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-10-12 18:05:58 +02:00
Nils Hanke
803209b12b
Update Go to 1.19.2 () 2022-10-06 19:31:12 +02:00
dependabot[bot]
fdd4425974
Bump actions/checkout from 3.0.2 to 3.1.0 ()
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.0.2 to 3.1.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](2541b1294d...93ea575cb5)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-05 09:24:36 +02:00
Nils Hanke
7338563d14 CI/E2E: (Re)move redunant setup steps 2022-09-19 01:09:56 -07:00
Nils Hanke
472ba642b7 E2E: Build OSS CLI by default 2022-09-14 01:22:18 -07:00
Fabian Kammel
2f871578b2
first implementation of SBOM generation ()
* first implementation of SBOM generation
* updated dependencies as per grype report
* hack: go mod tidy
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-09-02 16:49:59 +02:00
Nils Hanke
fc10b3419d
Build release CLI for Linux arm64 () 2022-08-31 12:27:26 +02:00
Fabian Kammel
66d8c8037b
Release/v0.0.1 ()
* bump images to 0.0.1
* add gh cli commands
* varibale with default value should not be required
* update release docs
* build and upload version manifest as part of release
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-08-30 15:54:35 +02:00
Fabian Kammel
33626986fe Feat/cli multi os arch ()
* Implement multi arch/os pipeline
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-08-23 13:43:20 +02:00