* Create independent build targets for Mac and Linux
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
* Create targets for macOS signing and notarization
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
* Create target for Linux packaging
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
* Update release workflow and leverage new make targets
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
* Add release assets to release draft
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
* Add homebrew formula release follow-up and improve Makefile
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
* Add follow-up workflow for updating version check file
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
* Get rid of fetch depth 0 for checkout action
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
* Add follow-up workflow for Docker images
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
* Restore wait-for-checks job
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
* Replace make functions with shell functions
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
* Account for envsubst command in bootstrap-ci-linux
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
* move homebrew generation into script
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* add release approval step; remove goreleaser; add docker image smoke testing in acceptance step
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* replace homebrew formula template file with heredoc template
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* update release documentation
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
Co-authored-by: Alex Goodman <alex.goodman@anchore.com>
Some debian-based variants (such as Google's Distroless images)
don't write a single file to `/var/lib/dpkg/status`, but rather write
a file per package to `/var/lib/dpkg/status.d/`
related to #44
Signed-off-by: Weston Steimel <weston.steimel@gmail.com>
* add marking package relations by file ownership
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* correct json schema version; ensure fileOwners dont return dups; pin test pkg versions
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* extract package relationships into separate section
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* pull in client-go features for import of PackageRelationships
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* move unit test for ownership by files relationship further down
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* rename relationship to "ownership-by-file-overlap"
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
