scottk/secureblue
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/secureblue.git synced 2025-12-27 15:55:01 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,057 Commits 1 Branch 0 Tags
4a73e0ccce60f652dcbc10e94de2856b4634ddcf
Commit Graph

181 Commits

Author SHA1 Message Date
qoijjj
357b784ddb fix: image names 2024-01-03 11:05:54 -08:00
qoijjj
b1a7f3f679 add: framework variants 2024-01-03 10:56:56 -08:00
qoijjj
3deb21814d fix: build yml syntax 2024-01-01 16:59:38 -08:00
qoijjj
c4b5927646 Fix new image verification step for wayblue images 2024-01-01 16:57:54 -08:00
qoijjj
f6fb99d63b Merge branch 'ublue-os:template' into live 2023-12-31 14:00:42 -08:00
RJ Trujillo
52e6a456ad feat(ci): Verify base image with cosign before building (#211) 
* feat(ci): Verify base image with cosign before building

Validates the integrity of the base image being built from via cosign
before continuing to build. Ensures we only build with signed images

* fix(ci): Extract base image name from base image URL for verification
 2023-12-31 10:41:45 +00:00
qoijjj
7cb48cf75d add wayfire 2023-12-29 23:58:34 -08:00
qoijjj
a094c342d0 Remove lazurite images that were added prematurely before full wayland support (#147) 
Remove lazurite images that were added prematurely before full wayland support (#147)
 2023-12-24 17:12:45 -08:00
qoijjj
25cd9abc40 Add push to GHCR steps for staging builds 2023-12-24 14:55:20 -08:00
qoijjj
1150a8a367 Add staging builds 2023-12-24 14:03:43 -08:00
qoijjj
681f3455f5 Add bluefin images 2023-12-22 10:28:35 -08:00
qoijjj
4feb586953 Add lazurite images 2023-12-21 16:20:31 -08:00
qoijjj
efee9d59a5 Merge branch 'template' into live 2023-12-18 12:11:50 -08:00
dependabot[bot]
b597ecd833 build(deps): bump sigstore/cosign-installer from 3.2.0 to 3.3.0 (#208) 
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](https://github.com/sigstore/cosign-installer/compare/v3.2.0...v3.3.0)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-18 17:59:24 +00:00
dependabot[bot]
be8810523e build(deps): bump mikefarah/yq from 4.40.4 to 4.40.5 (#207) 
Bumps [mikefarah/yq](https://github.com/mikefarah/yq) from 4.40.4 to 4.40.5.
- [Release notes](https://github.com/mikefarah/yq/releases)
- [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt)
- [Commits](https://github.com/mikefarah/yq/compare/v4.40.4...v4.40.5)

---
updated-dependencies:
- dependency-name: mikefarah/yq
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-18 17:51:00 +00:00
qoijjj
b9c058a537 Merge branch 'template' into live 2023-12-17 12:44:03 -08:00
Menno Finlay-Smits
d124a99d38 feat: Check that cosign.pub matches private key (#193) 
This avoids images which can't be updated due to `invalid signature`
errors because cosign.pub doesn't match the private key actually used
for signing. The error is caught early in the build process as there's
no point creating an image if cosign.pub is wrong.

Co-authored-by: mjs <mjs@users.noreply.github.com>
 2023-12-17 10:31:35 +00:00
qoijjj
38999d4123 Add userns-enabled variant to give the users choice on the tradeoff between userns and non-userns 2023-12-16 13:11:41 -08:00
qoijjj
e1c0af99d8 Merge branch 'ublue-os:template' into live 2023-12-13 14:14:39 -08:00
plata
f432ff4acc fix: do not format just files in CI (#205) 2023-12-13 19:10:52 +00:00
qoijjj
d5f3a6b4bd Merge branch 'template' into live 2023-12-10 15:07:37 -08:00
dependabot[bot]
9aa7bb2740 build(deps): bump mikefarah/yq from 4.40.3 to 4.40.4 (#201) 
Bumps [mikefarah/yq](https://github.com/mikefarah/yq) from 4.40.3 to 4.40.4.
- [Release notes](https://github.com/mikefarah/yq/releases)
- [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt)
- [Commits](https://github.com/mikefarah/yq/compare/v4.40.3...v4.40.4)

---
updated-dependencies:
- dependency-name: mikefarah/yq
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-10 15:58:59 +00:00
qoijjj
a68efdc6bd Merge branch 'template' into live 2023-12-09 23:22:39 -08:00
David Personette
525412fcf2 Fix: release-iso.yml to not fail if no images are returned (#202) 
Builds started failing once #195 was merged. This fixed the release-iso workflow for me.
 2023-12-10 06:24:26 +00:00
qoijjj
baf53da8b8 Add sericea images, add separate laptop images for tlp, and refactor 2023-12-07 16:06:50 -08:00
qoijjj
0ddc0e65d3 Add server versions 2023-12-05 14:33:21 -08:00
qoijjj
c6718c63a6 Merge branch 'template' into live 2023-11-28 18:29:32 -08:00
dependabot[bot]
f981550009 build(deps): bump mikefarah/yq from 4.40.2 to 4.40.3 (#200) 
Bumps [mikefarah/yq](https://github.com/mikefarah/yq) from 4.40.2 to 4.40.3.
- [Release notes](https://github.com/mikefarah/yq/releases)
- [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt)
- [Commits](https://github.com/mikefarah/yq/compare/v4.40.2...v4.40.3)

---
updated-dependencies:
- dependency-name: mikefarah/yq
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-28 17:37:16 +00:00
qoijjj
cb11fbcaae Rebase secureblue with a new, clean commit history 2023-11-26 16:42:27 -08:00
qoijjj
d0af9ce748 fix: typo (#199) 2023-11-26 07:57:43 +00:00
ArtikusHG
9b3db9c3ac feat: add just syntax checker (#194) 
* feat: add just syntax checker

* fix: create empty file to pass just syntax check

* fix: use relative path to pass just syntax check

* fix: justfiles cannot be empty to pass the syntax check

* fix: format justfiles

* docs: 100-bling.just explain purpose

---------

Co-authored-by: xyny <60004820+xynydev@users.noreply.github.com>
 2023-11-22 15:26:27 +00:00
xyny
9000df9224 fix: use -R flag to select repo on iso-deleting gh commands 2023-11-22 12:23:15 +00:00
xyny
a5b47ac306 feat: delete all previous ISOs when re-releasing (#185) 2023-11-20 16:20:24 +00:00
dependabot[bot]
6b4e4ab3fc build(deps): bump mikefarah/yq from 4.40.1 to 4.40.2 (#192) 
Bumps [mikefarah/yq](https://github.com/mikefarah/yq) from 4.40.1 to 4.40.2.
- [Release notes](https://github.com/mikefarah/yq/releases)
- [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt)
- [Commits](https://github.com/mikefarah/yq/compare/v4.40.1...v4.40.2)

---
updated-dependencies:
- dependency-name: mikefarah/yq
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-20 12:43:11 +00:00
dependabot[bot]
16792c3f17 build(deps): bump sigstore/cosign-installer from 3.1.2 to 3.2.0 (#188) 
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.1.2 to 3.2.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](https://github.com/sigstore/cosign-installer/compare/v3.1.2...v3.2.0)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-18 12:43:01 +00:00
dependabot[bot]
68e5b85020 build(deps): bump mikefarah/yq from 4.35.1 to 4.40.1 (#189) 
Bumps [mikefarah/yq](https://github.com/mikefarah/yq) from 4.35.1 to 4.40.1.
- [Release notes](https://github.com/mikefarah/yq/releases)
- [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt)
- [Commits](https://github.com/mikefarah/yq/compare/v4.35.1...v4.40.1)

---
updated-dependencies:
- dependency-name: mikefarah/yq
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-18 12:39:31 +00:00
Lordus Kordus
f368282b9d chore(ci): Build at 16:30 UTC (#187) 
Nvidia images are now being built at 15:30 UTC. Startingpoint images should be built one hour after that.
 2023-11-10 20:38:39 +00:00
fiftydinar
2b0f8fc7eb chore: Bump to Fedora 39 (#186) 
* Bump release-iso workflow to Fedora 39

* Pin isogenerator version

It is recommended in order to avoid some unexpected changes to the maintainer.

* Update other recipe & containerfile to reflect Fedora 39 change
 2023-11-08 16:22:25 +00:00
dependabot[bot]
0645f7ca23 build(deps): bump ASzc/change-string-case-action from 5 to 6 (#178) 
Bumps [ASzc/change-string-case-action](https://github.com/aszc/change-string-case-action) from 5 to 6.
- [Release notes](https://github.com/aszc/change-string-case-action/releases)
- [Commits](https://github.com/aszc/change-string-case-action/compare/v5...v6)

---
updated-dependencies:
- dependency-name: ASzc/change-string-case-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-05 11:17:01 +00:00
Kyle Gospodnetich
4c2d9285a1 chore(ci): Maximize build space (#165) 2023-09-29 04:57:24 +00:00
dependabot[bot]
7aee88c878 build(deps): bump docker/metadata-action from 4 to 5 (#153) 
Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 4 to 5.
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md)
- [Commits](https://github.com/docker/metadata-action/compare/v4...v5)

---
updated-dependencies:
- dependency-name: docker/metadata-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-18 16:05:50 +00:00
dependabot[bot]
65189fe496 build(deps): bump docker/login-action from 2 to 3 (#154) 
Bumps [docker/login-action](https://github.com/docker/login-action) from 2 to 3.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-18 16:00:29 +00:00
dependabot[bot]
90a447186a build(deps): bump mikefarah/yq from 4.34.2 to 4.35.1 (#139) 
Bumps [mikefarah/yq](https://github.com/mikefarah/yq) from 4.34.2 to 4.35.1.
- [Release notes](https://github.com/mikefarah/yq/releases)
- [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt)
- [Commits](https://github.com/mikefarah/yq/compare/v4.34.2...v4.35.1)

---
updated-dependencies:
- dependency-name: mikefarah/yq
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-12 16:46:47 +00:00
dependabot[bot]
cb4160a0cc build(deps): bump actions/checkout from 3 to 4 (#146) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-12 16:41:42 +00:00
xyny
8f76fd66a2 Merge branch 'template' into modular-rewrite 2023-09-05 15:58:24 +00:00
gerblesh
cc90a91733 feat: added systemd and files module (#142) 
* feat: add files and systemd module

* fix: yaml formatting

* fix: yaml formatting

* fix: remove comment completely

* fix: yaml formatting

* docs: add back inline comment

* reformat: rename variables

* fix: fix systemd escaped string

* fix: fix systemd service formatting with printf

* fix: attempting to fix systemd module problems

* chore: remove debug config and code from systemd module

* docs: added WIP docs for systemd, reworked files README

* docs: added more detail for systemd module

* docs: update READMEs to be more consistent

* docs: remove unneeded sentence

* docs: remove unneeded sentence

* chore: fix issues described in PR review

* docs: fix markdown formatting

* docs: fix markdown formatting

* docs: better markdown
 2023-09-05 15:56:42 +00:00
dependabot[bot]
1ca2455636 build(deps): bump sigstore/cosign-installer from 3.1.1 to 3.1.2 
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](https://github.com/sigstore/cosign-installer/compare/v3.1.1...v3.1.2)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-04 01:35:11 +00:00
EinoHR
c8db9dfbb1 Merge branch 'template' into modular-rewrite 2023-08-27 16:07:07 +03:00
EinoHR
a1e2413580 fix: dont add malformed tags if $MAJOR_VERSION is empty 2023-08-27 07:28:26 -04:00
ER
c2367e0d56 chore: re-add branch selection for push 
* same-repo PRs build twice
 2023-08-26 16:49:21 +03:00