scottk/secureblue
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/secureblue.git synced 2026-01-07 20:51:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,057 Commits 1 Branch 0 Tags
4a73e0ccce60f652dcbc10e94de2856b4634ddcf
Commit Graph

181 Commits

Author SHA1 Message Date
ER
74017635d3 chore: clean build.yml, make matrix more visible 
there were huge blocks of good documentation,
but it was in the way of easy access to the matrix section,
 which ordinary users have to update

 it was also only about build triggers, which is a pretty clear topic
 much more valuable would be explaining each build step

 i condesensed the docs into a smaller section atop
 with only generally useful information
 2023-08-26 16:11:04 +03:00
ER
38dda90a23 refactor: rename fedora version to os version 
this change makes sense for when in the future it's possible to
build other OS's with this same system
it was done now, because i'm bundling a bunch of breaking changes
into a single update
 2023-08-13 18:00:58 +03:00
ER
6b150ccf0a chore: rewriting some parts, new recipe location 2023-08-09 20:31:57 +03:00
EinoHR
116e53a9e6 fix: always get version tags (#134) 
---------

Co-authored-by: Scott Ames <scott@ames.sh>
 2023-08-07 06:47:51 -06:00
EinoHR
a2b805669e feat: ISO build action (#133) 
* feat: base iso release workflow
* does not produce a functional ISO yet
needs boot_menu

* chore(dev): start iso workflow on iso push

* fix: rename release-iso to release-please

* refactor: use github-cli to create release

* fix: remove job dependencies

* chore: basic boot menu

* fix: add permission to create release

* fix: delegate tag for auto-iso releases,..
delete old version when rerunning

* fix: multiline string for multine cmds

* fix: specify gh repo in old release delete

* fix: only create release if doesn't exist

* fix: boot menu double user field

* fix: clobber iso

* chore: neutral defaults for boot menu

* feat: run iso when iso-related changes pushed

* docs: README section for ISO
 2023-08-04 06:53:26 -06:00
ER
a70013277e fix: lowercase image name for signing 2023-07-27 15:46:31 +03:00
gerblesh
978bd6193c fix: fix build arguments 2023-07-21 09:11:59 -07:00
dependabot[bot]
76f3b1ca4c build(deps): bump mikefarah/yq from 4.34.1 to 4.34.2 
Bumps [mikefarah/yq](https://github.com/mikefarah/yq) from 4.34.1 to 4.34.2.
- [Release notes](https://github.com/mikefarah/yq/releases)
- [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt)
- [Commits](https://github.com/mikefarah/yq/compare/v4.34.1...v4.34.2)

---
updated-dependencies:
- dependency-name: mikefarah/yq
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-17 12:26:03 +03:00
EinoHR
3fff8bc61c fix: PRs that change only .md or .txt files can't be merged 2023-07-08 16:53:49 +03:00
dependabot[bot]
0b7bd4f872 build(deps): bump sigstore/cosign-installer from 3.1.0 to 3.1.1 
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](https://github.com/sigstore/cosign-installer/compare/v3.1.0...v3.1.1)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-03 01:47:27 +00:00
ER
fe13ef1236 fix: images built aren't versioned properly #86 2023-06-30 18:44:42 +03:00
dependabot[bot]
d5a35ca31b build(deps): bump sigstore/cosign-installer from 3.0.5 to 3.1.0 
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.0.5 to 3.1.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](https://github.com/sigstore/cosign-installer/compare/v3.0.5...v3.1.0)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-06-30 12:09:00 +03:00
dependabot[bot]
3037449a0f build(deps): bump sigstore/cosign-installer from 3.0.4 to 3.0.5 
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.0.4 to 3.0.5.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](https://github.com/sigstore/cosign-installer/compare/v3.0.4...v3.0.5)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-06-01 16:27:45 +00:00
dependabot[bot]
da63a1f1fb build(deps): bump mikefarah/yq from 4.33.3 to 4.34.1 
Bumps [mikefarah/yq](https://github.com/mikefarah/yq) from 4.33.3 to 4.34.1.
- [Release notes](https://github.com/mikefarah/yq/releases)
- [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt)
- [Commits](https://github.com/mikefarah/yq/compare/v4.33.3...v4.34.1)

---
updated-dependencies:
- dependency-name: mikefarah/yq
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-06-01 16:23:55 +00:00
dependabot[bot]
878ea2f6bf build(deps): bump sigstore/cosign-installer from 3.0.3 to 3.0.4 
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.0.3 to 3.0.4.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](https://github.com/sigstore/cosign-installer/compare/v3.0.3...v3.0.4)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-05-16 17:17:48 +00:00
Arcitec
da17603567 feat!: only deploy the branch named "live", to simplify development 
- Documents all triggers, since this repository is a starting point for people to learn from.

- Only deploys the branch named "live", which gives people more deliberate control of what gets deployed. Why not name it "main"? Because that complicates things a lot when forking this template to your own repos, since the template's default branch is also (currently) named "main", which would among other things complicate the act of syncing the fork via GitHub's web UI. The name "main" also confuses the user since it doesn't give them any hint that it's the only live-published branch.

- Only automatically builds the branches "live", "template" or "main" when pushing new commits. But builds any branch name when it's a pull request, to allow automated PR "build checks" to succeed.
 2023-05-16 16:54:47 +00:00
dependabot[bot]
7bcbf37cd7 build(deps): bump sigstore/cosign-installer from 3.0.2 to 3.0.3 (#62) 
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.0.2 to 3.0.3.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](https://github.com/sigstore/cosign-installer/compare/v3.0.2...v3.0.3)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-05-01 10:06:04 +00:00
Eino Rauhala
1df862aae8 style!: change base-container to base-image (#49) 
#34
 2023-04-26 17:15:16 +00:00
Eino Rauhala
a9c15ac306 fix: chore: manual merge action updates from main (#41) 
all changes from the main repo applied,
except those explicitly different in startingpoint
 2023-04-24 18:06:27 +00:00
Jorge O. Castro
328595b77d refactor: avoid subshell, sign image with env. var (#30) 
Works in main, propagating here.

Co-authored-by: xnasero@posteo.net
 2023-04-24 17:31:03 +00:00
dependabot[bot]
56a1d24a83 build(deps): bump mikefarah/yq from 4.33.2 to 4.33.3 (#33) 
Bumps [mikefarah/yq](https://github.com/mikefarah/yq) from 4.33.2 to 4.33.3.
- [Release notes](https://github.com/mikefarah/yq/releases)
- [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt)
- [Commits](https://github.com/mikefarah/yq/compare/v4.33.2...v4.33.3)

---
updated-dependencies:
- dependency-name: mikefarah/yq
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-04-22 17:30:16 +00:00
Eino Rauhala
91d4c3877c fix: update cosign installer version (#32) 
i hear there's problems with 3.0.1 that are fixed in 3.0.2
that can affect people using this repository as a template
 2023-04-22 15:22:44 +00:00
bpbeatty
a27e3cfa13 fix: add recipe build arg (#23) 
startingpoint has been updated to use multiple recipes. currently
this process is broken as the default recipe is always used. this
fixes this by adding a build arg to the containerfile and github
workflow build.
 2023-04-06 14:04:53 +00:00
ER
1458ebb19b chore: clean up test of two recipes 2023-04-03 16:51:13 +03:00
ER
47d7caf7fb chore: test with two recipes 2023-04-03 16:44:29 +03:00
ER
1bfabe674e feat: use a recipe matrix 2023-04-03 16:36:28 +03:00
ER
3b64346517 chore: remove unused matrix vars 2023-04-03 16:34:42 +03:00
ER
4527295bb7 chore: tidy tag gen, use correct major ver 2023-04-03 16:34:10 +03:00
ER
c9c011d842 feat: declare image description in recipe.yml 2023-04-03 15:23:59 +03:00
ER
fe16187a92 feat: declare base image and fedora ver in recipe 2023-04-03 15:17:16 +03:00
ER
5947af45da fix: revert previous commit 2023-04-03 15:08:26 +03:00
ER
f6ec397d50 chore: merge yq and image data step 2023-04-03 15:06:54 +03:00
ER
2b40d4b436 feat: declare image name in recipe.yml 2023-04-03 15:02:22 +03:00
ER
678ab12c5a fix: $IMAGE_NAME -> ${{ env.IMAGE_NAME }} 2023-04-02 16:31:58 +03:00
ER
f7c2c4ab9a chore: remove image name from build args (unused) 2023-04-02 16:27:45 +03:00
ER
6cc44ff4a9 feat: update artifacthub readme url 2023-04-02 16:26:36 +03:00
ER
33ddd2bbac feat: change description for more information 2023-04-02 16:08:53 +03:00
ER
73de53cd39 fix: declare image name in one place 2023-04-02 16:06:55 +03:00
ER
ab6fee7bd2 chore: only build after nvidia & main 2023-04-02 16:03:21 +03:00
ER
2a4ce2830f chore: clean up workflows 2023-03-08 17:50:41 +02:00
ER
ec416ba1a1 chore: quickly update img metadata 2023-03-04 13:37:44 +02:00
ER
fbd14f502f fix: typo in workflow_dispatch 2023-03-04 13:03:27 +02:00
ER
2521741049 feat: enable manually running build 2023-03-04 13:02:48 +02:00
Jorge O. Castro
4a21580f4e fix: remove old pr workflow sections (#98) 2023-03-02 21:46:27 -05:00
Jorge O. Castro
785b8f0d8a fix: rename package back to base (#97) 2023-03-02 21:39:29 -05:00
Jorge O. Castro
0aff9bac37 fix: update cosign action (#94) 2023-03-02 21:25:43 -05:00
Jorge O. Castro
0c7bc17666 fix: remove if statements (#96) 2023-03-02 21:23:19 -05:00
Marco Ceppi
a831ce00df fix: re-tag image (#92) 2023-02-28 09:11:09 -05:00
Marco Ceppi
c40bddfdf3 fix: restore download artifact step, support multi-line tags (#90) 2023-02-27 23:59:05 -05:00
Marco Ceppi
8a6f3433ad fix: remove 38 (#89) 2023-02-27 23:30:32 -05:00