Compare commits
7 Commits
v0.0.2
...
attest-pro
| Author | SHA1 | Date | |
|---|---|---|---|
|
fb5bd79775 | ||
|
|
8a90c456e8 | ||
|
|
54534194ad | ||
|
|
a37c181b97 | ||
|
|
6f80686ebe | ||
|
|
318fd2e904 | ||
|
|
055c799e27 |
4
.github/workflows/scorecards.yml
vendored
4
.github/workflows/scorecards.yml
vendored
@@ -42,7 +42,7 @@ jobs:
|
||||
|
||||
- name: Generate GitHub App Token
|
||||
id: app-token
|
||||
uses: actions/create-github-app-token@c8f55efbd427e7465d6da1106e7979bc8aaee856 # v1.10.1
|
||||
uses: actions/create-github-app-token@ad38cffc07bac6e3857755914c4c88bfd2db4da4 # v1.10.2
|
||||
with:
|
||||
app-id: ${{ vars.DOCKER_READ_APP_ID }}
|
||||
private-key: ${{ secrets.DOCKER_READ_APP_PRIVATE_KEY }}
|
||||
@@ -78,6 +78,6 @@ jobs:
|
||||
|
||||
# Upload the results to GitHub's code scanning dashboard.
|
||||
- name: "Upload to code-scanning"
|
||||
uses: github/codeql-action/upload-sarif@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10
|
||||
uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
|
||||
with:
|
||||
sarif_file: results.sarif
|
||||
|
||||
7
.github/workflows/workflow.yaml
vendored
7
.github/workflows/workflow.yaml
vendored
@@ -26,7 +26,7 @@ jobs:
|
||||
|
||||
- name: Generate GitHub App Token
|
||||
id: app-token
|
||||
uses: actions/create-github-app-token@c8f55efbd427e7465d6da1106e7979bc8aaee856 # v1.10.1
|
||||
uses: actions/create-github-app-token@ad38cffc07bac6e3857755914c4c88bfd2db4da4 # v1.10.2
|
||||
with:
|
||||
app-id: ${{ vars.DOCKER_READ_APP_ID }}
|
||||
private-key: ${{ secrets.DOCKER_READ_APP_PRIVATE_KEY }}
|
||||
@@ -74,7 +74,7 @@ jobs:
|
||||
|
||||
- name: Generate GitHub App Token
|
||||
id: app-token
|
||||
uses: actions/create-github-app-token@c8f55efbd427e7465d6da1106e7979bc8aaee856 # v1.10.1
|
||||
uses: actions/create-github-app-token@ad38cffc07bac6e3857755914c4c88bfd2db4da4 # v1.10.2
|
||||
with:
|
||||
app-id: ${{ vars.DOCKER_READ_APP_ID }}
|
||||
private-key: ${{ secrets.DOCKER_READ_APP_PRIVATE_KEY }}
|
||||
@@ -112,8 +112,9 @@ jobs:
|
||||
./scripts/generate-tls-cert.sh
|
||||
export GITHUB_TOKEN=${{ steps.app-token.outputs.token }}
|
||||
make docker-buildx kind-load-image
|
||||
helm install attest-provider charts/external-data-provider \
|
||||
helm install attest-provider charts/attest-provider \
|
||||
--set provider.tls.caBundle="$(cat certs/ca.crt | base64 | tr -d '\n\r')" \
|
||||
--set image="docker/attest-provider:dev" \
|
||||
--namespace security \
|
||||
--wait --debug
|
||||
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
apiVersion: v2
|
||||
description: A Helm chart for attest external data provider
|
||||
name: attest-provider
|
||||
version: 0.0.1
|
||||
version: 0.0.2
|
||||
home: https://github.com/docker/attest-provider
|
||||
sources:
|
||||
- https://github.com/docker/attest-provider.git
|
||||
appVersion: 0.0.1
|
||||
appVersion: 0.0.2
|
||||
@@ -14,7 +14,7 @@ spec:
|
||||
run: attest-provider
|
||||
spec:
|
||||
containers:
|
||||
- image: docker/attest-provider:dev
|
||||
- image: {{ .Values.image }}
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: attest-provider
|
||||
securityContext:
|
||||
@@ -52,6 +52,11 @@ spec:
|
||||
mountPath: /tmp/gatekeeper
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
{{- if .Values.certSecret }}
|
||||
- name: tls-cert-key
|
||||
mountPath: {{ .Values.certDir }}
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
restartPolicy: Always
|
||||
nodeSelector:
|
||||
kubernetes.io/os: linux
|
||||
@@ -66,3 +71,13 @@ spec:
|
||||
- key: ca.crt
|
||||
path: ca.crt
|
||||
{{- end }}
|
||||
{{- if .Values.certSecret }}
|
||||
- name: tls-cert-key
|
||||
secret:
|
||||
secretName: {{ .Values.certSecret }}
|
||||
items:
|
||||
- key: tls.crt
|
||||
path: tls.crt
|
||||
- key: tls.key
|
||||
path: tls.key
|
||||
{{- end }}
|
||||
@@ -1,3 +1,5 @@
|
||||
image: "docker/attest-provider:0.0.2@sha256:de950017a4077835504f441d6a7224ea84b51c8d86e75e8c8ac8e307190724fd"
|
||||
|
||||
certDir: /certs
|
||||
clientCAFile: /tmp/gatekeeper/ca.crt
|
||||
port: 8090
|
||||
Reference in New Issue
Block a user