oss/syft - syft - Sa' Rocí Solutions

oss/syft

mirror of https://github.com/anchore/syft.git synced 2025-11-17 16:33:21 +01:00

Author	SHA1	Message	Date
Christopher Angelo Phillips	03971ace43	chore: use checkout v3 with new depth (#1471 )	2023-01-17 21:26:39 +00:00
Christopher Angelo Phillips	07aee798b0	chore: use checkout v2 for tag depth (#1470 )	2023-01-17 21:03:29 +00:00
Alex Goodman	05611c283d	bootstrap within composite action (#1461 ) Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2023-01-17 10:04:22 -05:00
Weston Steimel	e87cfe7319	chore: remove bumping cosign in go.mod when updating bootstrap tools (#1452 )	2023-01-12 16:21:01 -05:00
Alex Goodman	e0acfa98c7	add s3 credentials to release (#1309 ) Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2022-11-02 15:48:37 +00:00
Keith Zantow	35f0f2931e	chore: update goreleaser brew token (#1306 )	2022-11-02 10:05:20 -04:00
Keith Zantow	ba57f3db51	chore: update github token permissions for goreleaser (#1305 )	2022-11-01 16:28:37 +00:00
Christopher Angelo Phillips	4c5c6f6319	fix: update ci secret to use new password (#1304 )	2022-11-01 14:30:29 +00:00
Christopher Angelo Phillips	1b69fbd566	fix: update secret value to use new cert cahin (#1303 ) Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>	2022-11-01 00:05:40 +00:00
Alex Goodman	28cadfdb5d	replace signing tooling with quill (#1280 ) Signed-off-by: Alex Goodman <alex.goodman@anchore.com> Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2022-10-24 13:03:10 -04:00
Keith Zantow	b20310eaf8	Add gosimports (#1205 )	2022-09-14 13:38:18 -04:00
Keith Zantow	70db13d49e	Add RPM file scanning support (#1188 )	2022-09-07 14:16:30 -04:00
Weston Steimel	6949a2500f	Fix update-bootstrap-tools workflow (#1170 )	2022-08-22 16:17:28 +00:00
Weston Steimel	5282820b5d	workflow to create automated PRs to update bootstrap tools (#1167 )	2022-08-22 11:28:24 -04:00
Keith Zantow	69bde44c6e	Update stereoscope to get rid of the replace directive (#1140 )	2022-08-03 12:24:20 -04:00
Christopher Angelo Phillips	f5d02d4e52	improve docker release bootstrap (#1136 )	2022-08-02 15:44:24 +00:00
Christopher Angelo Phillips	1bf97af3fb	remove docker assets from main goreleaser configuration to reduce mac-os runner friction (#1133 )	2022-08-01 21:08:38 +00:00
Christopher Angelo Phillips	ca69fb8370	remove prefixed v from tag to match release (#1131 )	2022-08-01 15:07:58 +00:00
Christopher Angelo Phillips	8f21180681	rollback actions-setup-docker to earlier version (#1130 )	2022-08-01 14:10:50 +00:00
Christopher Angelo Phillips	20ad59ad1b	Delete pr_action.yaml (#1120 )	2022-07-27 17:12:00 +00:00
Christopher Angelo Phillips	ba685eada8	Add PR action back to workflow with new token (#1086 )	2022-07-06 09:31:51 -04:00
Christopher Angelo Phillips	3ce1a4aac1	remove pr automation until service account creation (#1080 )	2022-06-30 21:43:24 +00:00
Christopher Angelo Phillips	f35a252ecf	add workflows to test new project automation (#1023 )	2022-06-08 09:42:53 -04:00
Keith Zantow	321eddf874	Auto-PR needs to run go mod tidy (#958 )	2022-04-13 16:30:35 -04:00
Keith Zantow	25bf679f8f	Add workflow for automatic PR for new stereoscope updates (#954 )	2022-04-13 13:20:40 -04:00
Alex Goodman	e415bb21e7	Update write permissions and log into ghcr.io for release (#942 )	2022-04-06 21:15:55 +00:00
Alex Goodman	7f9edf346a	Bump golangci-lint to 1.45.0 (#909 )	2022-03-22 11:02:36 -04:00
Jonas Xavier	6ef3e45ffc	Use go 1.18 buildinfo to catalog binaries (#827 ) * initial working version Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * added build settings to pkg metadata wip - unit tests Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * handle mach-O FatFiles Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * add support to mod replace fixed golang catalger tests trying GH Actions with go 1.18rc1 Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * log error Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * use go-macholibre for extraction Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * cleaner tests Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * add version to main module Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * check macho file with macholibre Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * run golangci in its own workflow Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * wip - golangci workflow Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * fix golangci wf yml Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * fix golangci wf yml Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * wip - golangci wf Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * wip - golangci wf Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * get arch from bin file headers upgrade macholibre Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * go mod tidy Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * test new stereoscope lazy reader interface Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * go mod tidy Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * remove devel version from golang cataloger Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * go mod tidy Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * switch github workflows to go1.18 stable Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * add union reader interface in golang cataloger update stereoscope Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * go mod tidy Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * simpler golangci validation Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * fix makefile Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * get archs refactor Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * nolint for golang version Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * fix go bin tests Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * feedback changes Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * golangci nolint needs a \n before package Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * cleanup Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * move golangci-lint to its own jobs again Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * fix ci yaml Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * add support for xcoff files add arch assets to test bin file types Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * clean up golangci-lint config Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * nolint for xcoff Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * explain nolints Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * remove unused xcoff testdata assets Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * make go bin test-fixtures in docker Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * fix make clean with -f Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * update json output schema Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * update schema version in test fixture Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * feedback changes Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com> * explain possible empty main module Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com>	2022-03-16 17:07:02 -07:00
Alex Goodman	635904fcb6	Reduce PR check failures (#858 )	2022-03-02 17:51:37 +00:00
Christopher Angelo Phillips	256e85bc12	510 - SBOM attestation stdout (#785 ) add syft attest command to produce an attestation as application/vnd.in-toto+json to standard out using on disk PKI Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>	2022-02-22 21:45:12 -05:00
Alex Goodman	55c7f3d1e7	Upgrade install.sh to support installations for previous versions (#830 )	2022-02-15 22:23:11 +00:00
Christopher Angelo Phillips	8f96adacfb	Upgrade golang to 1.17 (#809 ) * initial upgrade workflow Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com> * update go.mod Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>	2022-02-09 11:08:24 -05:00
Alex Goodman	341288ba29	Normalize snapshot and release artifacts (#789 ) * refactor signing steps in release/snapshot workflows Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * show signing logs on snapshot or release failure Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * update install.sh + tests to account for new goreleaser changes Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * update cli tests to account for new goreleaser build names Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * fix acceptance test to use new snapshot bin path Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * add notarization Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * address review comments Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2022-02-04 12:41:37 -05:00
Alex Goodman	f38b0b7256	Refactor install.sh (#765 ) * [wip] get assets based on gh api Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * put install.sh download_asset fn under test Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * put install.sh install_asset fn under test Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * use zip for darwin installs Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * fix install.sh negative test cases Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * allow errors to propagate in install.sh Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * remove exit on error from install.sh tests Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * add more docs around install.sh helpers Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * add integration tests for install.sh Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * add install.sh testing to pipeline Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * add install test cache to CI Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * make colors globally available Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * test download against github release Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * always test release-based install against latest release Signed-off-by: Alex Goodman <alex.goodman@anchore.com> * use better install.sh test names Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2022-02-01 16:58:47 -05:00
Christopher Angelo Phillips	1c63943055	Add arm64 image support and Darwin M1 support to .goreleaser.yaml (#591 ) * update support arm64 Signed-off-by: Christopher Angelo Phillips <christopher.phillips@anchore.com> * small update syntax Signed-off-by: Christopher Angelo Phillips <christopher.phillips@anchore.com> * restore release command Signed-off-by: Christopher Angelo Phillips <christopher.phillips@anchore.com> * add docker manifests Signed-off-by: Christopher Angelo Phillips <christopher.phillips@anchore.com>	2021-10-26 09:42:35 -04:00
Alex Goodman	4bf08e6b6d	swap out the changelog generator for chronicle tool (#580 ) Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-10-21 13:37:13 -04:00
Christopher Angelo Phillips	10fa8dc7c9	Add windows support (#548 ) * update build tags, ui support, and stereoscope, and release for windows support Signed-off-by: Christopher Angelo Phillips <christopher.phillips@anchore.com>	2021-10-21 12:49:36 -04:00
Alex Goodman	cbdb72ea22	remove unnecessary codeql checkout from second parent commit (#567 ) Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-10-18 13:31:19 -04:00
Keith Zantow	e5caba043d	Add SBOM to releases (#500 ) Signed-off-by: Keith Zantow <kzantow@gmail.com>	2021-09-24 20:21:23 -04:00
Alex Goodman	ddfc8e20c0	Revert "disable docker releases (workaround) (#493 )" (#501 ) This reverts commit 06dcd3261dadf77ec0d86e7a981eb4aac7008d09. Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-09-13 13:06:23 -04:00
Alex Goodman	06dcd3261d	disable docker releases (workaround) (#493 ) Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-09-03 21:29:34 +00:00
Alex Goodman	6e70d8af98	respond to pull_request events for internal PRs Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-06-16 12:48:50 -04:00
Alex Goodman	5e1e2628cf	align check names to release quality gate Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-04-22 16:20:21 -04:00
Alex Goodman	0c100c4037	change mac acceptance test image.tar path Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-04-16 09:57:13 -04:00
Alex Goodman	8658abc8c4	ignore failures on benchmark sticky comment Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-03-29 11:59:49 -04:00
Alex Goodman	2a9b1b2680	move docker login after keychain creation Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-03-26 10:41:44 -04:00
Alex Goodman	cfec812804	enable release environment (manual approval for releases) Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-03-25 12:01:20 -04:00
Alex Goodman	ac4b653721	fix sticky benchmark comment on PRs Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-03-25 11:53:05 -04:00
Alex Goodman	51bf9f9e05	manually login to docker via cli during release Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-03-23 17:57:41 -04:00
Alex Goodman	1b7c755536	add file-type mix as golden image Signed-off-by: Alex Goodman <alex.goodman@anchore.com>	2021-03-23 16:50:57 -04:00

... 4 5 6 7 8

400 Commits