Commit graph

298 commits

Author SHA1 Message Date
Alex Goodman
77e4c89a5a
bump coverage threshold + use ubuntu for snapshot builds
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-23 10:28:57 -04:00
Alex Goodman
e3b1522394
upgrade goreleaser + constrain pipeline tool cache
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-23 06:58:30 -04:00
Alex Goodman
36e4af1953
adjust jsom schema version + adopt java pom properies test fixtures
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 11:27:01 -04:00
Alex Goodman
abca2c5f0b
remove token usage from benchmark sticky comment action
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:58:09 -04:00
Alex Goodman
f180d1c537
improve config parsing + fix command deprecation warning
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:58:09 -04:00
Alex Goodman
b1b57f6ba6
remove benchmark test event filter in validations pipeline
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:58:08 -04:00
Alex Goodman
1d87f07da1
update pipeline with new levels of testing
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-22 10:58:07 -04:00
Alex Goodman
83778677c1
run snapshot build on ubuntu
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-19 08:42:27 -04:00
Alex Goodman
9f57e17887
add labels to the docker image + pin the docker pipeline install version
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-18 16:28:03 -04:00
Alex Goodman
e9105c180a
add dockerfile + docker build step
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-11 16:45:20 -05:00
Alex Goodman
c7b26c55ac
add docker to mac instance
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-11 14:01:00 -05:00
Alex Goodman
5e62bca72f
Revert "Add docker image and refactor release pipeline (#310)"
This reverts commit 6195002ae5.

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2021-03-11 12:42:18 -05:00
Dan Luhring
6195002ae5
Add docker image and refactor release pipeline (#310)
* Create independent build targets for Mac and Linux

Signed-off-by: Dan Luhring <dan.luhring@anchore.com>

* Create targets for macOS signing and notarization

Signed-off-by: Dan Luhring <dan.luhring@anchore.com>

* Create target for Linux packaging

Signed-off-by: Dan Luhring <dan.luhring@anchore.com>

* Update release workflow and leverage new make targets

Signed-off-by: Dan Luhring <dan.luhring@anchore.com>

* Add release assets to release draft

Signed-off-by: Dan Luhring <dan.luhring@anchore.com>

* Add homebrew formula release follow-up and improve Makefile

Signed-off-by: Dan Luhring <dan.luhring@anchore.com>

* Add follow-up workflow for updating version check file

Signed-off-by: Dan Luhring <dan.luhring@anchore.com>

* Get rid of fetch depth 0 for checkout action

Signed-off-by: Dan Luhring <dan.luhring@anchore.com>

* Add follow-up workflow for Docker images

Signed-off-by: Dan Luhring <dan.luhring@anchore.com>

* Restore wait-for-checks job

Signed-off-by: Dan Luhring <dan.luhring@anchore.com>

* Replace make functions with shell functions

Signed-off-by: Dan Luhring <dan.luhring@anchore.com>

* Account for envsubst command in bootstrap-ci-linux

Signed-off-by: Dan Luhring <dan.luhring@anchore.com>

* move homebrew generation into script

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* add release approval step; remove goreleaser; add docker image smoke testing in acceptance step

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* replace homebrew formula template file with heredoc template

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* update release documentation

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

Co-authored-by: Alex Goodman <alex.goodman@anchore.com>
2021-03-10 13:25:31 -05:00
Dan Luhring
bf2d5ed87e
Pin actions/cache to v2.1.3
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
2021-02-05 11:15:53 -05:00
Alex Goodman
a56292e2e0
Revert "Add the ability to run syft from a scratch image."
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2020-12-16 16:54:34 -05:00
Toure Dunnon
a19496b846 added: Docker login github action to publish new images
Signed-off-by: Toure Dunnon <toure.dunnon@anchore.com>
2020-12-15 11:07:14 -05:00
Dan Luhring
ecfc471ce5
Resolve security warning for macOS users (#249)
* Add support for macOS signing and notarization

Signed-off-by: Dan Luhring <dan.luhring@anchore.com>

* Use Docker to run the changelog generator locally

Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
2020-11-04 15:47:55 -05:00
Alex Goodman
cc466e47da
bump python version for acceptance tests
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-10-27 14:53:52 -04:00
Alex Goodman
103f0617f5
bootstrap cached deps and ci deps separately for acceptance tests
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-10-23 10:42:57 -04:00
Alex Goodman
4c751cb1d4
Merge pull request #222 from VinodAnandan/main
Enable CodeQL Security Scan
2020-10-15 23:11:01 -04:00
Vinod Anandan
0f92f16eb6 Enable CodeQL Security Scan
https://github.blog/2020-09-30-code-scanning-is-now-available/

remove java from codeql scan

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
Signed-off-by: Vinod Anandan <vinod.anandan@jpmorgan.com>
2020-10-16 03:02:09 +01:00
Alex Goodman
1bf1e643eb
restore original release token
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-10-15 14:41:28 -04:00
Alex Goodman
dcb5d6d08e
remove greeter action since it is broken for forked PRs (#223)
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-10-15 10:20:09 -04:00
Alex Goodman
2b932f8d65
run tests on fork PRs (#210)
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-10-09 07:45:05 -04:00
Robert Prince
587589bfe3
Add first issue/PR welcome message action (#185)
* Add first issue/PR welcome message action

Signed-off-by: Robert Prince <robert.prince@anchore.com>

* update first-pr-issue message with a simple greeting

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

Co-authored-by: Alex Goodman <alex.goodman@anchore.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
2020-10-08 15:42:46 -04:00
Alex Goodman
956af57d3b
update release token name
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-10-08 14:37:06 -04:00
Alex Goodman
262a0888a8
fix release pipeline to wait for GHA check names
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-10-08 13:57:43 -04:00
Alex Goodman
da0eb6f20f
fix acceptance tests & add notification upon failures (#204)
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-10-08 11:07:00 -04:00
Alex Goodman
16b23e7994
add gha pipeline to replace circlei pipeline (#202)
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-10-07 12:20:51 -04:00
Alex Goodman
2844b9878f
add release notification
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-09-25 23:21:16 -04:00
Alex Goodman
8b81c87d18
remove unreleased tags and exclude size labels
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-09-25 22:59:19 -04:00
Alex Goodman
9bd9dad76c
remove unrelease changelog option
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-09-25 18:11:02 -04:00
Alex Goodman
6d9f9a9b3b
pin the two tags used for release autochangelog
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-09-25 17:57:51 -04:00
Alex Goodman
f4502fc824
Add notifications around the release process (#184)
* add pipeline notification upon release

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* add pending notification to release pipeline

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-09-25 16:58:56 -04:00
Alex Goodman
90bd68e44c
Disable prerelease version update check (#140)
* disable prerelease version update check

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* use prerelease flag as source of truth for user notifications

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-08-11 09:54:04 -04:00
Alex Goodman
676544b6ab
use token on release
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-08-10 18:28:43 -04:00
Alex Goodman
2d452bf59e
Add inline-comparison as acceptance test (#130)
* add inline-compare as acceptance test

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* add additional RPM metadata

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

* add comments and doc strings to the compare-* make targets

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-08-10 10:33:44 -04:00
Alex Goodman
a3a3e3848f
replace master with main (#128)
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2020-08-07 13:27:11 -04:00
Alex Goodman
f855a38a01
pull all commits on checkout for release to build changelog (#126) 2020-08-06 08:28:01 -04:00
Alex Goodman
ad1a72c6ff
ignore prerelease verions when uploading version file on release 2020-07-29 14:54:47 -04:00
Alex Goodman
19eadde9ca
use aws creds for version file upload 2020-07-27 09:55:11 -04:00
Alex Goodman
c9dea59232
verify signing fingerprint 2020-07-25 09:59:48 -04:00
Alex Goodman
1ba0678cf6
provide signed checksums 2020-07-25 08:42:50 -04:00
Alex Goodman
f3428e49b8
add release quality gate 2020-07-25 07:23:15 -04:00
Alex Goodman
585569e929
fix gha go cache key; rm brew until oss release 2020-07-25 07:18:21 -04:00
Alex Goodman
32bd57886e
add publish release 2020-07-25 07:09:20 -04:00
Alex Goodman
44f26c7f90
update release quality gate version 2020-07-25 07:03:57 -04:00
Alex Goodman
ba4f63099d
Add release process (#89)
* add check for app update; fix ETUI error handling

* validate user args

* add goreleaser support

* replace cgo dependencies (go-rpm) with go equivalents

* add acceptance tests against build snapshot

* add brew tap + acceptance test pipeline

* add mac acceptance tests

* fix compare makefile

* fix mac acceptance tests

* add release pipeline with wait checks

* add token to release step

* rm dir presenters int test

* enforce dpkg to be non interactive

Co-authored-by: Alfredo Deza <adeza@anchore.com>

* pin brew formulae

* pin skopeo to formulae url

* only run acceptance tests

Co-authored-by: Alfredo Deza <adeza@anchore.com>
2020-07-23 10:52:44 -04:00