attest

Author	SHA1	Message	Date
Brian DeHamer	80d9f23382	process subjects in batches (#67 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-05-22 07:55:00 -07:00
Brian DeHamer	12c083815e	Bump @sigstore/oci from 0.3.2 to 0.3.3 (#66 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-05-16 11:25:01 -07:00
Brian DeHamer	38ff958ab6	downcase subject name for OCI images (#63 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-05-14 08:11:10 -07:00
dependabot[bot]	32f49af665	Bump the npm-development group with 3 updates (#55 ) * Bump the npm-development group with 3 updates Bumps the npm-development group with 3 updates: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node), [eslint-plugin-jest](https://github.com/jest-community/eslint-plugin-jest) and [markdownlint-cli](https://github.com/igorshubovych/markdownlint-cli). Updates `@types/node` from 20.12.7 to 20.12.10 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `eslint-plugin-jest` from 28.3.0 to 28.5.0 - [Release notes](https://github.com/jest-community/eslint-plugin-jest/releases) - [Changelog](https://github.com/jest-community/eslint-plugin-jest/blob/main/CHANGELOG.md) - [Commits](https://github.com/jest-community/eslint-plugin-jest/compare/v28.3.0...v28.5.0) Updates `markdownlint-cli` from 0.39.0 to 0.40.0 - [Release notes](https://github.com/igorshubovych/markdownlint-cli/releases) - [Commits](https://github.com/igorshubovych/markdownlint-cli/compare/v0.39.0...v0.40.0) --- updated-dependencies: - dependency-name: "@types/node" dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-development - dependency-name: eslint-plugin-jest dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-development - dependency-name: markdownlint-cli dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-development ... Signed-off-by: dependabot[bot] <support@github.com> * re-generate dist Signed-off-by: Brian DeHamer <bdehamer@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Brian DeHamer <bdehamer@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Brian DeHamer <bdehamer@github.com>	2024-05-10 08:12:16 -07:00
Brian DeHamer	3f67a24e31	bump @sigstore/oci from 0.3.0 to 0.3.2 (#61 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-05-10 08:10:56 -07:00
Brian DeHamer	58fa41a101	send api errors to gha debug log (#59 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-05-09 12:34:14 -07:00
Brian DeHamer	b0d8b47eb7	include more detail in error logging (#58 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-05-09 12:34:01 -07:00
Brian DeHamer	9b22bf5c9f	bump @sigstore/sign from 2.3.0 to 2.3.1 (#57 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-05-09 12:33:44 -07:00
Brian DeHamer	d442d85e12	ensure subject globs match only files (#54 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-05-06 11:52:03 -07:00
Brian DeHamer	c58d52c41d	limit attestation subject count (#53 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-05-06 11:51:42 -07:00
Brian DeHamer	94082a9d2e	add list support for subjectPath input (#51 ) * add list support for subjectPath input Signed-off-by: Brian DeHamer <bdehamer@github.com> * bump package version to 1.1.0 Signed-off-by: Brian DeHamer <bdehamer@github.com> --------- Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-05-06 08:32:02 -07:00
Brian DeHamer	495f094150	tweak summary output (#43 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-04-26 13:23:19 -07:00
Brian DeHamer	a6dded75c9	bump @actions/attest from 1.1.0 to 1.2.1 (#41 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-04-25 11:03:54 -07:00
dependabot[bot]	6675b10a5b	Bump @sigstore/oci from 0.2.0 to 0.3.0 (#35 ) * Bump @sigstore/oci from 0.2.0 to 0.3.0 Bumps [@sigstore/oci](https://github.com/sigstore/sigstore-js) from 0.2.0 to 0.3.0. - [Release notes](https://github.com/sigstore/sigstore-js/releases) - [Commits](https://github.com/sigstore/sigstore-js/compare/@sigstore/oci@0.2.0...@sigstore/oci@0.3.0) --- updated-dependencies: - dependency-name: "@sigstore/oci" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * rebuild dist Signed-off-by: Brian DeHamer <bdehamer@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Brian DeHamer <bdehamer@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Brian DeHamer <bdehamer@github.com>	2024-04-25 07:46:14 -07:00
Brian DeHamer	fe2f1fbc42	update annotation scheme for OCI bundles (#29 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-04-22 09:41:18 -07:00
dependabot[bot]	82adb08ef1	Bump the npm-development group with 5 updates (#33 ) * Bump the npm-development group with 5 updates Bumps the npm-development group with 5 updates: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [@sigstore/mock](https://github.com/sigstore/sigstore-js) \| `0.7.1` \| `0.7.2` \| \| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) \| `20.12.2` \| `20.12.5` \| \| [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) \| `7.5.0` \| `7.6.0` \| \| [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) \| `7.5.0` \| `7.6.0` \| \| [typescript](https://github.com/Microsoft/TypeScript) \| `5.4.3` \| `5.4.4` \| Updates `@sigstore/mock` from 0.7.1 to 0.7.2 - [Release notes](https://github.com/sigstore/sigstore-js/releases) - [Commits](https://github.com/sigstore/sigstore-js/compare/@sigstore/mock@0.7.1...@sigstore/mock@0.7.2) Updates `@types/node` from 20.12.2 to 20.12.5 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `@typescript-eslint/eslint-plugin` from 7.5.0 to 7.6.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.6.0/packages/eslint-plugin) Updates `@typescript-eslint/parser` from 7.5.0 to 7.6.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.6.0/packages/parser) Updates `typescript` from 5.4.3 to 5.4.4 - [Release notes](https://github.com/Microsoft/TypeScript/releases) - [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml) - [Commits](https://github.com/Microsoft/TypeScript/compare/v5.4.3...v5.4.4) --- updated-dependencies: - dependency-name: "@sigstore/mock" dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-development - dependency-name: "@types/node" dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-development - dependency-name: "@typescript-eslint/eslint-plugin" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-development - dependency-name: "@typescript-eslint/parser" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-development - dependency-name: typescript dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-development ... Signed-off-by: dependabot[bot] <support@github.com> * regenerate dist Signed-off-by: Brian DeHamer <bdehamer@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Brian DeHamer <bdehamer@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Brian DeHamer <bdehamer@github.com>	2024-04-10 12:09:39 -07:00
dependabot[bot]	3404083ec0	Bump undici from 5.28.3 to 5.28.4 (#32 ) * Bump undici from 5.28.3 to 5.28.4 Bumps [undici](https://github.com/nodejs/undici) from 5.28.3 to 5.28.4. - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](https://github.com/nodejs/undici/compare/v5.28.3...v5.28.4) --- updated-dependencies: - dependency-name: undici dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * re-generate dist Signed-off-by: Brian DeHamer <bdehamer@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Brian DeHamer <bdehamer@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Brian DeHamer <bdehamer@github.com>	2024-04-08 11:23:03 -07:00
Brian DeHamer	37cf7b128e	bump @actions/attest from 1.0.0 to 1.1.0 (#30 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-03-29 08:18:03 -07:00
Brian DeHamer	0f48753020	bump @sigstore/oci from 0.1.0 to 0.2.0 (#25 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-03-12 15:14:50 -07:00
Brian DeHamer	3b95763d7e	more test coverage (#18 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-02-29 17:02:56 -08:00
Brian DeHamer	525454b125	choose proper sigstore instance when attesting (#11 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-02-27 16:47:20 -08:00
Brian DeHamer	d3e0400371	reference @actions/attest package (#10 ) Signed-off-by: Brian DeHamer <bdehamer@github.com>	2024-02-26 14:46:15 -08:00
ejahnGithub	4eddc006f0	fixed ci	2024-02-23 08:47:57 -08:00
ejahnGithub	e3c685d193	init attest action	2024-02-22 07:53:51 -08:00
Brian DeHamer	aaaeb08d4e	Initial commit	2024-02-20 11:22:22 -08:00

25 Commits