docker/attest-provider
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
66 Commits 1 Branch 20 Tags
a950ef3b989caabde7733ed0925c42b14fcbb3cb
Commit Graph

66 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jonny Stoten
a950ef3b98 Update to attest 0.1.5 2024-06-24 09:55:52 +01:00
Jonny Stoten
43f41f49ff Merge pull request #24 from docker/fix-tests 
Fix tests
 2024-06-21 12:31:22 +01:00
Jonny Stoten
d60806b37f Fix expected error string 2024-06-21 11:40:12 +01:00
Jonny Stoten
d654dcd793 Always run workflow on PRs 2024-06-21 11:33:31 +01:00
Jonny Stoten
4cbcb042d9 Merge pull request #23 from docker/validate-response-format 
Return full verification result to rego
 2024-06-20 17:41:14 +01:00
Jonny Stoten
9ed615547d Merge pull request #22 from docker/missing-returns 
Add missing returns in error cases
 2024-06-20 16:15:53 +01:00
Jonny Stoten
630a11f188 Merge pull request #21 from docker/pin-to-digest-mutation 
Add mutation for adding digest to image spec
 2024-06-20 16:00:38 +01:00
Jonny Stoten
e3682d4262 Merge pull request #20 from docker/update-attest 
Update to latest version of attest
 2024-06-20 16:00:20 +01:00
Jonny Stoten
26a7bf6567 Return full verification result to rego 2024-06-20 15:48:57 +01:00
Jonny Stoten
4c5c687776 Add missing returns in error cases 2024-06-20 15:48:57 +01:00
Jonny Stoten
c1d8e3d9fc Use prod TUF 2024-06-20 14:24:48 +01:00
Jonny Stoten
3378c90b3f Add mutation for adding digest to image spec 2024-06-20 12:48:41 +01:00
Jonny Stoten
0e3d5b5911 Update to latest version of attest 2024-06-20 12:14:21 +01:00
dependabot[bot]
4a353ba47d chore: bump actions/checkout from 4.1.6 to 4.1.7 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.6 to 4.1.7.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](a5ac7e51b4...692973e3d9)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-06-17 18:43:53 +00:00
dependabot[bot]
22e864b0af chore: bump github/codeql-action from 3.25.6 to 3.25.10 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.6 to 3.25.10.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](9fdb3e4972...23acc5c183)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-06-17 18:43:36 +00:00
Jonny Stoten
953782dc7f Merge pull request #17 from docker/fix-http-timeout 
Fix HTTP timeout handler
 2024-06-12 20:30:59 +01:00
Jonny Stoten
60c8fac0ae Add --name gatekeeper back to make task 2024-06-12 12:33:49 +01:00
Jonny Stoten
f276ebc37b Have test certs last for 10 years 2024-06-12 11:52:58 +01:00
Jonny Stoten
b6a388ed94 Use lower timeout for reading headers 2024-06-12 11:52:58 +01:00
Jonny Stoten
0e128d6083 Pass context from http request to attest lib 2024-06-12 11:52:58 +01:00
Jonny Stoten
11a0d75e80 Swap buggy timeout code for http.TimeoutHandler 2024-06-12 11:52:57 +01:00
Jonny Stoten
f9195a2133 Don't exit on failure to write 
OK to panic on marshal error as this would be a developer error
 2024-06-12 11:52:57 +01:00
Jonny Stoten
5a1a68c732 Use http method in route pattern 2024-06-12 11:52:57 +01:00
Jonny Stoten
db036df9d5 Cache go deps and build cache 2024-06-12 11:52:57 +01:00
Jonny Stoten
14099e3b98 Fix getting started instructions in README 
and add Makefile task for rebuild and reload
 2024-06-12 11:52:57 +01:00
dependabot[bot]
f1923c92fb chore: bump actions/dependency-review-action from 3.0.4 to 4.3.3 
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 3.0.4 to 4.3.3.
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](f46c48ed6d...72eb03d02c)

---
updated-dependencies:
- dependency-name: actions/dependency-review-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-06-11 14:48:54 +00:00
Joel Kamp
861ccb898a Merge pull request #16 from docker/fix-gha-workflows 
fix: gha workflows
 2024-06-11 08:24:50 -05:00
mrjoelkamp
f13e254699 fix: webhook ignore and use postInstall probe 2024-06-10 15:41:57 -05:00
mrjoelkamp
cc8881eea1 fix: postInstall error 2024-06-10 15:32:55 -05:00
mrjoelkamp
9b1325a0e4 fix: update dependencies 2024-06-10 14:48:31 -05:00
mrjoelkamp
9797d27a18 fix: fail closed 2024-06-10 14:40:38 -05:00
mrjoelkamp
67cad270a2 fix: e2e namespace 2024-06-10 14:08:01 -05:00
mrjoelkamp
d240ef21e2 fix: linting error 2024-06-10 13:15:53 -05:00
mrjoelkamp
9edce85a62 fix: lint private mod 2024-06-10 13:09:06 -05:00
mrjoelkamp
2e2b9b5df9 fix: add token to build_test 2024-06-10 12:53:58 -05:00
mrjoelkamp
cc31941d0d fix: add token to scorecards action 2024-06-10 12:49:48 -05:00
mrjoelkamp
deedb4de1d fix: use github advanced security for codeQL 2024-06-10 12:27:40 -05:00
Joel Kamp
dadfc5aea1 Merge pull request #11 from docker/dependabot/github_actions/golangci/golangci-lint-action-6.0.1 
chore: bump golangci/golangci-lint-action from 3.4.0 to 6.0.1
 2024-06-10 08:16:10 -05:00
Joel Kamp
bc0c5aa7f2 Merge branch 'main' into dependabot/github_actions/golangci/golangci-lint-action-6.0.1 2024-06-10 08:16:00 -05:00
Joel Kamp
1e5b2fb562 Merge pull request #13 from docker/dependabot/github_actions/step-security/harden-runner-2.8.1 
chore: bump step-security/harden-runner from 2.4.0 to 2.8.1
 2024-06-10 08:15:47 -05:00
dependabot[bot]
1c26a20648 chore: bump step-security/harden-runner from 2.4.0 to 2.8.1 
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.4.0 to 2.8.1.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](128a63446a...17d0e2bd7d)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-06-10 01:23:07 +00:00
dependabot[bot]
2d5dd602dc chore: bump golangci/golangci-lint-action from 3.4.0 to 6.0.1 
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 3.4.0 to 6.0.1.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](08e2f20817...a4f60bb28d)

---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-05-27 01:29:19 +00:00
Laurent Goderre
77573d59a3 Merge pull request #7 from docker/simplify-image 
Simplify image by specifying arch to the builder
 2024-05-24 14:41:37 -04:00
Joel Kamp
62b610ff56 Merge pull request #8 from docker/set-failure-policy-to-fail 
docs: set default failure policy
 2024-05-24 09:23:20 -05:00
mrjoelkamp
abb1aeb808 docs: set default failure policy 2024-05-24 09:02:51 -05:00
Laurent Goderre
96653e552c Simplify image by specifying arch to the builder 2024-05-23 16:28:37 -04:00
Joel Kamp
0e42d349dd Merge pull request #5 from docker/dependabot/github_actions/actions/setup-go-5.0.1 
chore: bump actions/setup-go from 4.0.0 to 5.0.1
 2024-05-23 11:08:35 -05:00
Joel Kamp
bde6a78365 Merge branch 'main' into dependabot/github_actions/actions/setup-go-5.0.1 2024-05-23 11:08:28 -05:00
Joel Kamp
4347f4ed48 Merge pull request #4 from docker/dependabot/github_actions/github/codeql-action-3.25.6 
chore: bump github/codeql-action from 2.3.3 to 3.25.6
 2024-05-23 11:08:12 -05:00
Joel Kamp
c94fd8bf22 Merge branch 'main' into dependabot/github_actions/github/codeql-action-3.25.6 2024-05-23 11:07:58 -05:00