Compare commits

...

7 Commits

Author SHA1 Message Date
CrazyMax
4a13e500e5
Merge pull request #1006 from docker/dependabot/npm_and_yarn/docker/actions-toolkit-0.14.0
chore(deps): Bump @docker/actions-toolkit from 0.13.0 to 0.14.0
2023-11-17 03:34:00 -08:00
CrazyMax
7416668686
chore: update generated content
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2023-11-17 12:22:57 +01:00
dependabot[bot]
b4f76a5dc6
chore(deps): Bump @docker/actions-toolkit from 0.13.0 to 0.14.0
Bumps [@docker/actions-toolkit](https://github.com/docker/actions-toolkit) from 0.13.0 to 0.14.0.
- [Release notes](https://github.com/docker/actions-toolkit/releases)
- [Commits](https://github.com/docker/actions-toolkit/compare/v0.13.0...v0.14.0)

---
updated-dependencies:
- dependency-name: "@docker/actions-toolkit"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-11-17 10:59:04 +00:00
CrazyMax
b7feb766fa
Merge pull request #1005 from crazy-max/ci-inspect
ci: inspect sbom and provenance
2023-11-17 02:46:05 -08:00
CrazyMax
fae8018297
ci: inspect sbom and provenance
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2023-11-17 11:44:11 +01:00
CrazyMax
b625868b13
Merge pull request #1004 from crazy-max/ci-update-buildx
ci: update buildx to latest
2023-11-17 02:21:23 -08:00
CrazyMax
5193ef1da6
ci: update buildx to latest
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2023-11-17 11:06:32 +01:00
5 changed files with 77 additions and 45 deletions

View File

@ -24,7 +24,7 @@ on:
pull_request:
env:
BUILDX_VERSION: v0.12.0-rc1
BUILDX_VERSION: latest
BUILDKIT_IMAGE: moby/buildkit:buildx-stable-1
jobs:
@ -598,12 +598,24 @@ jobs:
strategy:
fail-fast: false
matrix:
attrs:
- ''
- mode=max
- builder-id=foo
- false
- true
include:
- target: image
output: type=image,name=localhost:5000/name/app:latest,push=true
attr: mode=max
- target: image
output: type=image,name=localhost:5000/name/app:latest,push=true
attr: ''
- target: binary
output: /tmp/buildx-build
attr: mode=max
- target: binary
output: /tmp/buildx-build
attr: ''
services:
registry:
image: registry:2
ports:
- 5000:5000
steps:
-
name: Checkout
@ -622,11 +634,24 @@ jobs:
with:
context: ./test/go
file: ./test/go/Dockerfile
target: binary
outputs: type=oci,dest=/tmp/build.tar
provenance: ${{ matrix.attrs }}
cache-from: type=gha,scope=provenance
cache-to: type=gha,scope=provenance,mode=max
target: ${{ matrix.target }}
outputs: ${{ matrix.output }}
provenance: ${{ matrix.attr }}
-
name: Inspect Provenance
if: matrix.target == 'image'
run: |
docker buildx imagetools inspect localhost:5000/name/app:latest --format '{{json .Provenance}}'
-
name: Check output folder
if: matrix.target == 'binary'
run: |
tree /tmp/buildx-build
-
name: Print local Provenance
if: matrix.target == 'binary'
run: |
cat /tmp/buildx-build/provenance.json | jq
sbom:
runs-on: ubuntu-latest
@ -667,22 +692,17 @@ jobs:
cache-from: type=gha,scope=attests-${{ matrix.target }}
cache-to: type=gha,scope=attests-${{ matrix.target }},mode=max
-
name: Inspect image
name: Inspect SBOM
if: matrix.target == 'image'
run: |
docker buildx imagetools inspect localhost:5000/name/app:latest --format '{{json .}}'
docker buildx imagetools inspect localhost:5000/name/app:latest --format '{{json .SBOM}}'
-
name: Check output folder
if: matrix.target == 'binary'
run: |
tree /tmp/buildx-build
-
name: Print provenance
if: matrix.target == 'binary'
run: |
cat /tmp/buildx-build/provenance.json | jq
-
name: Print SBOM
name: Print local SBOM
if: matrix.target == 'binary'
run: |
cat /tmp/buildx-build/sbom.spdx.json | jq

16
dist/index.js generated vendored

File diff suppressed because one or more lines are too long

2
dist/index.js.map generated vendored

File diff suppressed because one or more lines are too long

View File

@ -27,7 +27,7 @@
"license": "Apache-2.0",
"dependencies": {
"@actions/core": "^1.10.1",
"@docker/actions-toolkit": "0.13.0",
"@docker/actions-toolkit": "0.14.0",
"handlebars": "^4.7.7"
},
"devDependencies": {

View File

@ -765,10 +765,10 @@
dependencies:
"@jridgewell/trace-mapping" "0.3.9"
"@docker/actions-toolkit@0.13.0":
version "0.13.0"
resolved "https://registry.yarnpkg.com/@docker/actions-toolkit/-/actions-toolkit-0.13.0.tgz#9317755109b92ff4d439c739be1688eb8a0e9d02"
integrity sha512-pmEHFXnxF/7Rr04LxW0pGt0fcrxu1rt81wFF5g0lrJsG5zKszBf67obpDwhomgvE2mgcz6+RX+L16RoQXA66Aw==
"@docker/actions-toolkit@0.14.0":
version "0.14.0"
resolved "https://registry.yarnpkg.com/@docker/actions-toolkit/-/actions-toolkit-0.14.0.tgz#1cc7108aa1da0df708fb65915cc927d0cc420584"
integrity sha512-5PZ49FgZLcS421Py60Zm5CGzQt1OyGVVx2CHZbjr2S0Vm6Rqks4diB3io/nt4EkccUb3EgwClZPopICOPzyIPw==
dependencies:
"@actions/cache" "^3.2.2"
"@actions/core" "^1.10.1"
@ -778,12 +778,12 @@
"@actions/io" "^1.1.3"
"@actions/tool-cache" "^2.0.1"
"@octokit/core" "^5.0.1"
"@octokit/plugin-rest-endpoint-methods" "^10.0.1"
"@octokit/plugin-rest-endpoint-methods" "^10.1.5"
async-retry "^1.3.3"
csv-parse "^5.5.2"
handlebars "^4.7.8"
js-yaml "^4.1.0"
jwt-decode "^3.1.2"
jwt-decode "^4.0.0"
semver "^7.5.4"
tmp "^0.2.1"
@ -1208,6 +1208,11 @@
resolved "https://registry.yarnpkg.com/@octokit/openapi-types/-/openapi-types-19.0.0.tgz#0101bf62ab14c1946149a0f8385440963e1253c4"
integrity sha512-PclQ6JGMTE9iUStpzMkwLCISFn/wDeRjkZFIKALpvJQNBGwDoYYi2fFvuHwssoQ1rXI5mfh6jgTgWuddeUzfWw==
"@octokit/openapi-types@^19.0.2":
version "19.0.2"
resolved "https://registry.yarnpkg.com/@octokit/openapi-types/-/openapi-types-19.0.2.tgz#d72778fe2f6151314b6f0201fbc771bb741276fc"
integrity sha512-8li32fUDUeml/ACRp/njCWTsk5t17cfTM1jp9n08pBrqs5cDFJubtjsSnuz56r5Tad6jdEPJld7LxNp9dNcyjQ==
"@octokit/plugin-paginate-rest@^9.0.0":
version "9.0.0"
resolved "https://registry.yarnpkg.com/@octokit/plugin-paginate-rest/-/plugin-paginate-rest-9.0.0.tgz#21fd12816c2dc158a775ed20be5abcbc61052a46"
@ -1215,12 +1220,12 @@
dependencies:
"@octokit/types" "^12.0.0"
"@octokit/plugin-rest-endpoint-methods@^10.0.0", "@octokit/plugin-rest-endpoint-methods@^10.0.1":
version "10.0.1"
resolved "https://registry.yarnpkg.com/@octokit/plugin-rest-endpoint-methods/-/plugin-rest-endpoint-methods-10.0.1.tgz#0587a8ae2391287fdfc7961a41cec7bfd1ef4968"
integrity sha512-fgS6HPkPvJiz8CCliewLyym9qAx0RZ/LKh3sATaPfM41y/O2wQ4Z9MrdYeGPVh04wYmHFmWiGlKPC7jWVtZXQA==
"@octokit/plugin-rest-endpoint-methods@^10.0.0", "@octokit/plugin-rest-endpoint-methods@^10.1.5":
version "10.1.5"
resolved "https://registry.yarnpkg.com/@octokit/plugin-rest-endpoint-methods/-/plugin-rest-endpoint-methods-10.1.5.tgz#b03559e439f951a484c0cfb69ceac86a7eb92358"
integrity sha512-LMEdsMV8TTMjMTqVoqMzV95XTbv0ZsWxCxQtjAunQOCdwoDH4BVF/Ke5JMSZEVCWGI2kzxnUNbFnK/MxwV7NjA==
dependencies:
"@octokit/types" "^12.0.0"
"@octokit/types" "^12.3.0"
"@octokit/request-error@^5.0.0":
version "5.0.1"
@ -1249,6 +1254,13 @@
dependencies:
"@octokit/openapi-types" "^19.0.0"
"@octokit/types@^12.3.0":
version "12.3.0"
resolved "https://registry.yarnpkg.com/@octokit/types/-/types-12.3.0.tgz#e3f8bc53f65ef551e19cc1a0fea15adadec17d2d"
integrity sha512-nJ8X2HRr234q3w/FcovDlA+ttUU4m1eJAourvfUUtwAWeqL8AsyRqfnLvVnYn3NFbUnsmzQCzLNdFerPwdmcDQ==
dependencies:
"@octokit/openapi-types" "^19.0.2"
"@opentelemetry/api@^1.0.1":
version "1.4.1"
resolved "https://registry.yarnpkg.com/@opentelemetry/api/-/api-1.4.1.tgz#ff22eb2e5d476fbc2450a196e40dd243cc20c28f"
@ -3187,10 +3199,10 @@ json5@^2.1.2, json5@^2.2.2, json5@^2.2.3:
resolved "https://registry.yarnpkg.com/json5/-/json5-2.2.3.tgz#78cd6f1a19bdc12b73db5ad0c61efd66c1e29283"
integrity sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==
jwt-decode@^3.1.2:
version "3.1.2"
resolved "https://registry.yarnpkg.com/jwt-decode/-/jwt-decode-3.1.2.tgz#3fb319f3675a2df0c2895c8f5e9fa4b67b04ed59"
integrity sha512-UfpWE/VZn0iP50d8cz9NrZLM9lSWhcJ+0Gt/nm4by88UL+J1SiKN8/5dkjMmbEzwL2CAe+67GsegCbIKtbp75A==
jwt-decode@^4.0.0:
version "4.0.0"
resolved "https://registry.yarnpkg.com/jwt-decode/-/jwt-decode-4.0.0.tgz#2270352425fd413785b2faf11f6e755c5151bd4b"
integrity sha512-+KJGIyHgkGuIq3IEBNftfhW/LfWhXUIY6OmyVWjliu5KH1y0fw7VQ8YndE2O4qZdMSd9SqbnC8GOcZEy0Om7sA==
kleur@^3.0.3:
version "3.0.3"