484823c97d
inspect: change additional spdxs to not have duplicates
...
Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
3ce17b01dc
inspect: provide access to multiple spdx documents
...
Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
e68c566c1c
inspect: parse sbom and provenance into json structs
...
Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
19d16aa941
inspect: break after first matching attestation
...
Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
6852713121
Merge pull request #1494 from thaJeztah/docs_update_docs_tools
...
go.mod: update cli-docs-tool v0.5.1
2 years ago
c97500b117
go.mod: update cli-docs-tool v0.5.1 and re-generate docs
...
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2 years ago
85040a9067
Merge pull request #1493 from thaJeztah/docs_fix_anchors
...
docs: update anchor links
2 years ago
b8285c17e6
docs: update anchor links
...
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2 years ago
332dfb4b92
Merge pull request #1444 from crazy-max/inspect-attest
...
imagetools inspect: handle provenance and sboms
2 years ago
cb279bb14b
Merge pull request #1491 from jedevc/ociindex-refactor
...
vendor: update buildkit to v0.11.0-rc4
2 years ago
60c9cf74ce
vendor: update buildkit to v0.11.0-rc4
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
ff6754eb04
Merge pull request #1456 from jedevc/oci-layout-reference-parsing
...
build: refactor reference parsing for oci image layouts
2 years ago
e6b9aba997
imagetools inspect: handle provenance and sbom
...
use stub structs for SLSA/SBOM while waiting for
go-imageinspect library to be public.
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2 years ago
0302894bfb
Merge pull request #1463 from crazy-max/e2e-k3s
...
e2e: use native k3s installation script
2 years ago
e46394c3be
e2e: use native k3s installation script
...
debianmaster/actions-k3s action gives some warnings in our e2e
workflow. This commit brings https://github.com/debianmaster/actions-k3s/blob/master/index.js
directly in the workflow through actions/github-script with
some changes to properly wait for nodes to be up.
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2 years ago
1885e41789
docs: update oci layout with tag resolution
...
Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
2fb9db994b
imagetools inspect: missing annotations key
...
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2 years ago
287aaf1696
Merge pull request #1482 from AkihiroSuda/auto-propagate-source-date-epoch
...
Propagate SOURCE_DATE_EPOCH from the client env
2 years ago
0e6f5a155e
Propagate SOURCE_DATE_EPOCH from the client env
...
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2 years ago
88852e2330
Merge pull request #1480 from crazy-max/fix-badge
...
disable buildx experimental in pipeline
2 years ago
6369c50614
disable buildx experimental in pipeline
...
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2 years ago
a22d0a35a4
readme: fix status badge
...
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2 years ago
c93c02df85
Merge pull request #1479 from jedevc/fixup-git-err-check-order
...
build: check error from toSolveOpt before adding FrontendAttrs
2 years ago
e584c6e1a7
build: check error from toSolveOpt before adding FrontendAttrs
...
Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
64e4c19971
Merge pull request #1477 from crazy-max/git-wsl
...
build: lookup the right git binary on WSL
2 years ago
551b8f6785
git: do not show warnings if project does not use git
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2 years ago
fbbe1c1b91
Merge pull request #1472 from crazy-max/ci-attest
...
ci: opt-in sbom and provenance
2 years ago
1a85745bf1
github: update buildkit image to v0.11-rc3
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2 years ago
0d1fea8134
build: warn if git operation fails
...
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2 years ago
19417e76e7
build: lookup the right git binary on WSL
...
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2 years ago
53d88a79ef
Merge pull request #1475 from jedevc/attest-warn-duplicate
...
buildflags: error on duplicate attest field
2 years ago
4c21b7e680
Merge pull request #1476 from jedevc/dont-filter-attestation-opts
...
build: forward all build opts everywhere
2 years ago
a8f689c223
build: forward all build opts everywhere
...
All build options should be passed everywhere - the frontend and the
backend of buildkit should both be able to see all attestations, as well
as all other opts: e.g. epoch settings, and no-cache.
Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
ba8e3f9bc5
ci: generate provenance and sbom for bin image
...
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2 years ago
477200d1f9
ci: generate provenance and sbom for release binaries
...
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2 years ago
662738a7e5
Merge pull request #1474 from crazy-max/fix-ci
...
ci: fix warnings
2 years ago
f992b77535
buildflags: warn on duplicate attest field
...
Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
21b2f135b5
ci: update to ubuntu 22.04
...
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2 years ago
71e6be5d99
ci: fix deprecated set-output syntax
...
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2 years ago
df8e7d0a9a
Merge pull request #1473 from crazy-max/fix-docs-prerelease
...
ci: do not publish docs on prerelease
2 years ago
64422a48d9
Merge pull request #1471 from crazy-max/fix-builder-factory
...
builder: check endpoint from store when loading factory
2 years ago
04f9c62772
ci: do not publish docs on prerelease
...
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2 years ago
2185d07f05
builder: check endpoint from store when loading factory
...
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2 years ago
a49d28e00e
Merge pull request #1460 from crazy-max/docker-load
...
e2e: load to docker store
2 years ago
629128c497
Merge pull request #1449 from crazy-max/bake-var-null
...
bake: support null arg and label value
2 years ago
70682b043e
build: refactor reference parsing for image layouts
...
We allow any valid image reference format for the oci-layout, not just
limiting to name@digest, we additionally allow images of the form
name:tag@digest now.
The name of the reference is used to find the local directory to lookup
the store in, while the tag and digest are attached to a random identity
to generate the dummy reference sent to the oci-layout context.
This separation of the target to replace and the value to replace it
with ensures that any tag or digest set in the client is properly sent
across to the server. The tag is used when a digest was not specified,
and it is resolved in the context of the local directory before being
sent, using the same helpers as we use for the local cache expoter.
Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
b741d26eb5
Merge pull request #1468 from crazy-max/fix-git-vcs-check
...
build: fix env vars check for vcs details
2 years ago
cf8fa4a404
build: fix env vars check for vcs details
...
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2 years ago
fe76a1b179
bake: support null label value
...
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2 years ago
df4957307f
bake: support null arg value
...
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2 years ago
Justin Chadwell