dependabot[bot]
ee8e4026bc
🌱 Bump github.com/google/go-containerregistry ( #832 )
...
Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry ) from 0.1.2 to 0.6.0.
- [Release notes](https://github.com/google/go-containerregistry/releases )
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml )
- [Commits](https://github.com/google/go-containerregistry/compare/v0.1.2...v0.6.0 )
---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-08-11 16:43:35 +00:00
Azeem Shaikh
4fcb0a392e
Fix a bug in flag parsing ( #836 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-11 15:40:53 +00:00
dependabot[bot]
0f6cbc1703
🌱 Bump cloud.google.com/go/pubsub from 1.13.0 to 1.14.0 ( #833 )
...
Bumps [cloud.google.com/go/pubsub](https://github.com/googleapis/google-cloud-go ) from 1.13.0 to 1.14.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.13.0...pubsub/v1.14.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/pubsub
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-08-11 05:01:54 +00:00
Azeem Shaikh
6cc41359a9
Remove false log statement ( #835 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-11 04:09:13 +00:00
dependabot[bot]
bbf99add9e
🌱 Bump cloud.google.com/go/bigquery from 1.19.0 to 1.20.1 ( #820 )
...
Bumps [cloud.google.com/go/bigquery](https://github.com/googleapis/google-cloud-go ) from 1.19.0 to 1.20.1.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/spanner/v1.19.0...bigquery/v1.20.1 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/bigquery
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-08-11 03:22:00 +00:00
Azeem Shaikh
0561c15f21
Post to webhook on successful cron job completion ( #829 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-11 02:36:57 +00:00
Azeem Shaikh
bc67dd306a
Create a webhook for tagging Docker images ( #828 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-11 01:45:01 +00:00
Azeem Shaikh
ce7d4c396d
Update BQ query in README.md ( #831 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-10 17:56:39 -07:00
dependabot[bot]
a2e34ede98
🌱 Bump crazy-max/ghaction-import-gpg from 3.1.0 to 3.2.0
...
Bumps [crazy-max/ghaction-import-gpg](https://github.com/crazy-max/ghaction-import-gpg ) from 3.1.0 to 3.2.0.
- [Release notes](https://github.com/crazy-max/ghaction-import-gpg/releases )
- [Changelog](https://github.com/crazy-max/ghaction-import-gpg/blob/master/CHANGELOG.md )
- [Commits](b0793c0060...1c6a9e9d35
)
---
updated-dependencies:
- dependency-name: crazy-max/ghaction-import-gpg
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-08-10 10:03:06 -05:00
naveen
ef9880c7b3
🌱 Implemented ignore for license check
...
The license check was updated with the ignore files.
Fixed the issue https://github.com/ossf/scorecard/issues/767
2021-08-09 16:09:01 -05:00
Naveen
0c55af5ef8
✨ Scorecard builds for osx arm64 ( #824 )
...
Removed the arm64 ignore from goreleaser
2021-08-09 19:22:02 +00:00
Appu
8534836923
Also add version info to goreleaser ( #822 )
...
- shared configuration generation in ./scripts/version-ldflags
Signed-off-by: Appu Goundan <appu@google.com>
2021-08-09 18:22:30 +00:00
Azeem Shaikh
2931d91e23
Fix typo ( #819 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-06 23:45:22 +00:00
dependabot[bot]
0e6559a1ce
🌱 Bump golang from 1.16.6 to 1.16.7
...
Bumps golang from 1.16.6 to 1.16.7.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-08-06 17:26:49 -05:00
dependabot[bot]
fc75fd44e8
🌱 Bump github.com/onsi/gomega from 1.14.0 to 1.15.0 ( #816 )
...
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega ) from 1.14.0 to 1.15.0.
- [Release notes](https://github.com/onsi/gomega/releases )
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/gomega/compare/v1.14.0...v1.15.0 )
---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-06 17:42:41 -04:00
Azeem Shaikh
7f71928daa
Generate .shard_metadata
file in cron job shard ( #814 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-06 18:07:42 +00:00
Azeem Shaikh
d58fd2d927
Add CloudBuild config for CronJob ( #813 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-05 20:03:26 -07:00
Azeem Shaikh
f4d2628799
Ignore errors extracting corrupted tarball ( #812 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-06 01:03:35 +00:00
laurentsimon
d821ea27ec
✨ improve token permission ( #811 )
...
* sarif action
* update
2021-08-05 17:10:34 +00:00
Azeem Shaikh
df3c8663e9
Use a single image for worker and controller ( #810 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-04 00:18:22 +00:00
laurentsimon
e4f3ede843
✨ fix/enhance pinned-dependencies ( #806 )
...
* commit
* e2e tests
* typo
2021-08-03 23:32:34 +00:00
Azeem Shaikh
790a7778e7
Handle tarballs that cannot be downloaded. ( #809 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-03 15:31:32 -07:00
Johan Brandhorst-Satzkorn
a3ae21f7c0
Fix minisign file ending example ( #807 )
...
The minisign project uses *.minisig signature files, which
is correctly searched for by the implementation logic
in signed_releases.go, however, the docs use
"*.minisign", which will confuse users.
Correct the docs to use the "*.minisig" file extension.
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-08-03 21:35:13 +00:00
Azeem Shaikh
08cc3c6202
Rollout worker whenever controller starts ( #808 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-03 20:50:30 +00:00
Naveen
254f316ce5
🌱 Fix the e2e fixes for signedtags ( #805 )
2021-08-03 16:02:06 +00:00
naveen
f2b4d07c33
🌱 Updated e2e signed releases
...
Updated the e2e signed releases to the new repository.
2021-08-03 09:05:16 -05:00
laurentsimon
b2b37161f3
✨ Improve token permission check ( #800 )
...
* draft
* draft 2
* draft3
* fix e2e
* comment
* comment
* check codeql
* missing files
* comments
* nit
* update msg
* msg
* nit
* nit
* msg
* e2e
* update doc
2021-08-03 00:56:45 +00:00
Naveen
91d3d82348
🌱 Fix the protobuf GitHub runner issue ( #801 )
...
Fixes the protobuf GitHub runner issue by cloning the repository and
installing it locally.
Source https://lukasjoswiak.com/github-actions-protobuf/
2021-08-02 23:52:57 +00:00
laurentsimon
6718939a08
✨ Cleanup errors and log ( #782 )
...
* cleanup
* text
* add errors
* fixes
* more
* fixes
* linnter
* comments
* name
2021-08-02 22:38:42 +00:00
laurentsimon
9b2f3f5270
✨ broken link to doc ( #799 )
...
* broken link
* main doc link
2021-08-02 14:33:17 -07:00
Azeem Shaikh
30bb11965a
Update Packaging
check to use new APIs ( #796 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-02 17:17:38 +00:00
laurentsimon
1bee125ab3
fix message ( #798 )
2021-08-02 16:00:22 +00:00
dependabot[bot]
0a7e1515ef
🌱 Bump mvdan.cc/sh/v3 from 3.3.0 to 3.3.1 ( #797 )
...
Bumps [mvdan.cc/sh/v3](https://github.com/mvdan/sh ) from 3.3.0 to 3.3.1.
- [Release notes](https://github.com/mvdan/sh/releases )
- [Changelog](https://github.com/mvdan/sh/blob/master/CHANGELOG.md )
- [Commits](https://github.com/mvdan/sh/compare/v3.3.0...v3.3.1 )
---
updated-dependencies:
- dependency-name: mvdan.cc/sh/v3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-02 09:19:22 -04:00
Azeem Shaikh
388c3aeaad
Add a BQ transfer job for releasetest ( #790 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-01 16:45:57 +00:00
naveen
33a63ff6b9
🌱 Fixed the failing lint check
2021-08-01 10:57:22 -05:00
Oliver Chang
7c2117342c
fix tests
2021-08-01 10:57:22 -05:00
Oliver Chang
cf9c860441
Replace personal test repo with ossf-tests repo.
2021-08-01 10:57:22 -05:00
Azeem Shaikh
251a6c4ac8
Linter fix ( #795 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-01 10:59:30 -04:00
Azeem Shaikh
6368c25f54
More linter issues ( #794 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-01 03:42:14 +00:00
Azeem Shaikh
83e9f52501
Enable revive linters which are used in google3 ( #793 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-07-31 22:31:34 +00:00
dependabot[bot]
a66b53ebe4
🌱 Bump peter-evans/slash-command-dispatch from 2.1.3 to 2.2.1 ( #735 )
...
Bumps [peter-evans/slash-command-dispatch](https://github.com/peter-evans/slash-command-dispatch ) from 2.1.3 to 2.2.1.
- [Release notes](https://github.com/peter-evans/slash-command-dispatch/releases )
- [Commits](72ab5a2e41...fc430081ad
)
---
updated-dependencies:
- dependency-name: peter-evans/slash-command-dispatch
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-07-31 11:12:20 +00:00
Azeem Shaikh
d045a6655f
Catch RuntimeErrors in release testing ( #791 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-07-30 19:13:17 +00:00
laurentsimon
577061b5e3
✨ enable score results by default ( #788 )
...
* enable v2
* linnter
2021-07-30 15:21:09 +00:00
laurentsimon
29594d4294
✨ change signature of FileIfExist and FileContent ( #787 )
...
* draft
* add pinning
* remove functions
* typo
* commment
* name
2021-07-30 15:09:52 +00:00
laurentsimon
b35cbdcdcf
✨ Make Branch-Protection score more granular ( #777 )
...
* commit
* uni tests
* full score
* typos
* update msg
* remove function
* comments
* linter
* comments
2021-07-30 01:54:19 +00:00
laurentsimon
c48fe4f9ed
✨ Make Token-Permission check more granular ( #773 )
...
* draft
* add tests
* add e2e2 tests
* typos
* typo
* fixes
* linter
* use named value
* comments
* comment
2021-07-30 00:13:01 +00:00
dependabot[bot]
564b10946f
🌱 Bump goreleaser/goreleaser-action from 2.6.1 to 2.7.0 ( #762 )
...
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action ) from 2.6.1 to 2.7.0.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases )
- [Commits](ac067437f5...5a54d7e660
)
---
updated-dependencies:
- dependency-name: goreleaser/goreleaser-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-29 21:51:16 +00:00
dependabot[bot]
fae54a6af4
🌱 Bump cloud.google.com/go/pubsub from 1.12.2 to 1.13.0 ( #723 )
...
Bumps [cloud.google.com/go/pubsub](https://github.com/googleapis/google-cloud-go ) from 1.12.2 to 1.13.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.12.2...pubsub/v1.13.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/pubsub
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-07-29 21:28:39 +00:00
Azeem Shaikh
1d1e799f84
Add ListCommits and IsArchived API ( #772 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-07-29 14:18:58 -07:00
Azeem Shaikh
d19d436294
Update release test cron job ( #778 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-07-29 21:08:48 +00:00