Nils Hanke
f13f80b8af
ci: update Syft to 0.72.0 and Grype to 0.57.1 ( #1120 )
...
* ci: update Syft to 0.72.0 and Grype to 0.57.1
* ci: install Cosign before Syft
* ci: directly read private key from environment for Cosign
* ci: add --add-cpes-if-none to Grype
* ci: use cosign attest directly instead of syft attest
2023-02-22 14:17:02 +01:00
Paul Meyer
e011a20c49
deps: update to Go 1.20
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-02-20 12:08:24 -05:00
Paul Meyer
a31d79e9cb
ci: curl flags
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-20 14:23:32 +01:00
Nils Hanke
4e9c49c342
ci: move Syft & Grype installation into an action ( #1011 )
2023-01-18 17:33:10 +01:00
Nils Hanke
fc2a285270
ci: fix CLI SBOM generation ( #1005 )
2023-01-18 11:36:39 +01:00
Paul Meyer
411dfed18f
ci: unified order and style of workflows/actions
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-18 10:57:42 +01:00
Paul Meyer
d0e9f427d1
deps: update Go to v1.19.5 ( #949 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-12 13:36:17 +01:00
Malte Poll
d851623c0d
ci: implement second half of release checklist
2023-01-12 13:24:07 +01:00
Malte Poll
142af75776
ci: implement second half of release checklist
2023-01-12 13:24:07 +01:00
Leonard Cohnen
e9da70fde9
ci: remove versions manifest
2023-01-11 11:10:44 +01:00
Paul Meyer
dc73411301
hack: remove build-manifest
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-09 13:15:09 +01:00
renovate[bot]
f62f8e5d79
Update GitHub action dependencies ( #902 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-06 17:35:54 +01:00
renovate[bot]
32b839e9f7
Update GitHub action dependencies ( #877 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2023-01-05 16:17:51 +01:00
Thomas Tendyck
990cae58a5
ci: don't checkout head ref for PRs from forks
2022-12-19 16:09:40 +01:00
Fabian Kammel
b718e92d1d
update slsa-verifier ( #803 )
...
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-12-15 09:45:46 +01:00
renovate[bot]
5967b98c25
Update GitHub action dependencies ( #778 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-14 14:55:14 +01:00
Malte Poll
fed31c304a
Release CLI: Fix upload path
2022-12-12 17:45:35 +01:00
renovate[bot]
e371e4499f
Update GitHub action dependencies ( #765 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-09 11:10:23 +01:00
Paul Meyer
3cc2a714a4
dependencies: upgrade to Go v1.19.4 ( #732 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-07 14:27:43 +01:00
Paul Meyer
5ba5d9d683
ci: unpin slsa-github-generator action digest ( #734 )
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-06 17:07:27 +01:00
renovate[bot]
998c8ee889
Update GitHub action dependencies ( #701 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-12-02 10:33:19 +01:00
renovate[bot]
2e2bcb15e1
Update GitHub action dependencies ( #665 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-29 14:06:18 +01:00
Fabian Kammel
c71fd89e80
Provenance for CLI ( #647 )
...
* provenance generation for cli
* document provenance generation for CLI
* include CLI SBOM in provenance
Co-authored-by: 3u13r <lc@edgeless.systems>
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-11-25 16:13:20 +01:00
renovate[bot]
fa2919e285
Update softprops/action-gh-release action to v0.1.15 ( #607 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-21 15:08:53 +01:00
Paul Meyer
09969afd57
ci: fix workflows
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-11 16:38:29 +01:00
Paul Meyer
fb6f425696
ci: checkout with head ref
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-11 14:00:11 +01:00
Paul Meyer
11672acf0a
e2e: add AWS test
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-11 13:30:34 +01:00
Paul Meyer
1ec9316521
ci: rename actions
...
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-11-11 13:30:34 +01:00
Nils Hanke
a7e81aef73
Update GitHub workflow runners to Ubuntu 22.04 ( #513 )
...
* Update all GitHub action runners to ubuntu-22.04
* Fix license checker script for grep >3.4
2022-11-10 16:55:24 +01:00
Daniel Weiße
011f9c597d
Bring in changes from release branch ( #479 )
...
* Bump version to v2.2.0
* Update changelog
* Fix release detection in pipeline
* Fix PKI selection in pipeline
* Set enforced measurements for AWS
* Update default images
* Fix release docs
* Update mini-con defaults
* Fix measurements action
* Fix syft env variable naming
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-11-08 18:32:59 +01:00
Nils Hanke
6d2ec109d0
Update to Go 1.19.3
2022-11-02 11:53:52 +01:00
Fabian Kammel
18ae86c38e
sbom signing ( #303 )
...
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-10-21 15:19:51 +02:00
Fabian Kammel
21436e6592
use release cosign key only when releasing ( #331 )
...
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-10-20 15:59:17 +02:00
renovate[bot]
ed98b0205b
Update github actions dependencies ( #311 )
...
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2022-10-18 13:54:53 +02:00
Fabian Kammel
7ee8f65889
Delete dependabot and prepare renovate ( #238 )
...
* Delete microserivce template.
* Remove dependabot config
* Prepare renovate by adopting GitHub actions syntax
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-10-12 18:05:58 +02:00
Nils Hanke
803209b12b
Update Go to 1.19.2 ( #219 )
2022-10-06 19:31:12 +02:00
dependabot[bot]
fdd4425974
Bump actions/checkout from 3.0.2 to 3.1.0 ( #210 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.0.2 to 3.1.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](2541b1294d...93ea575cb5
)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-05 09:24:36 +02:00
Nils Hanke
7338563d14
CI/E2E: (Re)move redunant setup steps
2022-09-19 01:09:56 -07:00
Nils Hanke
472ba642b7
E2E: Build OSS CLI by default
2022-09-14 01:22:18 -07:00
Fabian Kammel
2f871578b2
first implementation of SBOM generation ( #50 )
...
* first implementation of SBOM generation
* updated dependencies as per grype report
* hack: go mod tidy
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-09-02 16:49:59 +02:00
Nils Hanke
fc10b3419d
Build release CLI for Linux arm64 ( #29 )
2022-08-31 12:27:26 +02:00
Fabian Kammel
66d8c8037b
Release/v0.0.1 ( #20 )
...
* bump images to 0.0.1
* add gh cli commands
* varibale with default value should not be required
* update release docs
* build and upload version manifest as part of release
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-08-30 15:54:35 +02:00
Fabian Kammel
33626986fe
Feat/cli multi os arch ( #390 )
...
* Implement multi arch/os pipeline
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
2022-08-23 13:43:20 +02:00