Skip to content

feat: improve refs #1126

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 20 commits into from
Oct 25, 2022
Merged

feat: improve refs #1126

merged 20 commits into from
Oct 25, 2022

Conversation

laurentsimon
Copy link
Collaborator

This PR does:

  • update references and binary paths that were not referenced properly
  • update the action doc
  • update the release doc
  • add pre-submit to verify references use @main

@laurentsimon laurentsimon mentioned this pull request Oct 24, 2022
Closed
@laurentsimon laurentsimon mentioned this pull request Oct 24, 2022
Closed
@laurentsimon
Copy link
Collaborator Author

@ianlewis any ideas why some pre-submit are not running?

@laurentsimon
Copy link
Collaborator Author

@ianlewis any ideas why some pre-submit are not running?

there was a yaml error.

@ianlewis
Copy link
Member

@ianlewis any ideas why some pre-submit are not running?

there was a yaml error.

Yeah, if there is a yaml error they don't show up in the list unfortunately. It's very unintuitive.

ianlewis
ianlewis reviewed Oct 24, 2022
View reviewed changes
.github/workflows/generator_generic_slsa3.yml
@@ -108,7 +108,7 @@ jobs:
actions: read # Needed to read workflow info.
steps:
- name: Generate builder
uses: slsa-framework/slsa-github-generator/.github/actions/generate-builder@923a5a249d2ea820614a80486c9ef0857ced5321
uses: slsa-framework/slsa-github-generator/.github/actions/generate-builder@main
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not sure if it's worth it but I think we could technically unpin generate-builder if we bring the secure-builder-checkout out into the reusable worflows.

In that case the rule would be that all actions are unpinned except detect-env and secure-builder-checkout.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we could. But then we pass the same arguments to both secure-builder-checkout and generate-builder which seems a little weird. wdut?

@laurentsimon
Copy link
Collaborator Author

Note: some adversarial tests (3 of them) will always show as failing after this PR.

asraa
asraa approved these changes Oct 25, 2022
View reviewed changes
laurentsimon and others added 2 commits October 25, 2022 03:56
@laurentsimon @asraa
Update RELEASE.md
b1eb16e 
Co-authored-by: asraa <[email protected]>
Signed-off-by: laurentsimon <[email protected]>
@laurentsimon @asraa
Update .github/actions/README.md
447877b 
Co-authored-by: asraa <[email protected]>
Signed-off-by: laurentsimon <[email protected]>
@laurentsimon laurentsimon enabled auto-merge (squash) October 25, 2022 10:57
@laurentsimon laurentsimon merged commit b7c2122 into slsa-framework:main Oct 25, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ianlewis ianlewis ianlewis left review comments

@asraa asraa asraa approved these changes

@joshuagl joshuagl Awaiting requested review from joshuagl

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@laurentsimon @ianlewis @asraa