Naveen
d180088c75
🌱 Unit tests for attestor policy ( #2857 )
...
- Add tests for `GetRequiredChecksForPolicy` and `EvaluateResults`
- Add checks for binary artifacts, vulnerabilities, unpinned dependencies, and code review
[attestor/policy/attestation_policy_test.go]
- Add `github.com/google/go-cmp/cmp` to imports
- Add a test for `GetRequiredChecksForPolicy`
- Add a test for `EvaluateResults`
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
2023-04-12 18:32:22 +00:00
laurentsimon
2ea140a3ee
✨ Structured results for permissions ( #2584 )
...
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* Update checks/evaluation/permissions/GitHubWorkflowPermissionsTopNoWrite.yml
Co-authored-by: Joyce <joycebrumu.u@gmail.com>
Signed-off-by: laurentsimon <64505099+laurentsimon@users.noreply.github.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* Update checks/evaluation/permissions/GitHubWorkflowPermissionsStepsNoWrite.yml
Co-authored-by: Joyce <joycebrumu.u@gmail.com>
Signed-off-by: laurentsimon <64505099+laurentsimon@users.noreply.github.com>
* Update checks/evaluation/permissions/GitHubWorkflowPermissionsStepsNoWrite.yml
Co-authored-by: Joyce <joycebrumu.u@gmail.com>
Signed-off-by: laurentsimon <64505099+laurentsimon@users.noreply.github.com>
* Update checks/evaluation/permissions/GitHubWorkflowPermissionsStepsNoWrite.yml
Co-authored-by: Joyce <joycebrumu.u@gmail.com>
Signed-off-by: laurentsimon <64505099+laurentsimon@users.noreply.github.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
* update
Signed-off-by: laurentsimon <laurentsimon@google.com>
---------
Signed-off-by: laurentsimon <laurentsimon@google.com>
Signed-off-by: laurentsimon <64505099+laurentsimon@users.noreply.github.com>
Co-authored-by: Joyce <joycebrumu.u@gmail.com>
2023-01-30 18:41:36 -08:00
raghavkaul
7206a2bdeb
🌱 attestor: e2e tests ( #2529 )
...
* Add E2E tests
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
* Change RequiredApprovers so that it checks for any reviewers on the list
instead of all
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2022-12-12 15:27:14 -05:00
Arnaud J Le Hors
2169bc44c7
Use new project name in Copyright notices ( #2505 )
...
Signed-off-by: Arnaud J Le Hors <lehors@us.ibm.com>
Signed-off-by: Arnaud J Le Hors <lehors@us.ibm.com>
2022-12-01 15:08:48 -08:00
raghavkaul
4c7066e3b6
🌱 attestor: module -> subpackage ( #2464 )
...
* Enable cilint checking on attestor and fix cilint errors
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
* Make attestor a subpackage of scorecard
* Move e2e test
* Use scorecard logger
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
2022-11-30 10:22:00 -08:00
raghavkaul
272cae527c
🌱 attestor: Dockerize + small improvements for Cloud Build usage ( #2456 )
...
* Dockerize
* Add cloudbuild.yaml
* Improve logging
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
* Add README.md
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
* Address PR comments
* debian10 -> 11
* CLI
* Remove logging statements
* Dockerfile
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
2022-11-17 16:49:06 -08:00
raghavkaul
7e8cdf695f
Add Pinned-Dependency, Vulnerability, and Code-Review checks to attestor ( #2430 )
...
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
2022-11-10 20:42:45 +00:00
raghavkaul
a8f98be924
✨ CLI for scorecard-attestor ( #2309 )
...
* Reorganize
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
* Working commit
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
* Compile with local scorecard; go mod tidy
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
* Add signing code
Heavily borrowed from https://github.com/grafeas/kritis/blob/master/cmd/kritis/signer/main.go
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
* Update deps
* Naming
* Makefile
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
* Edit license, add lint.yml
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
* checks: go mod tidy, license
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
* Address PR comments
* Split into checker/signer files
* Naming convention
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
* License, remove golangci.yml
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
* Address PR comments
* Use cobra
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
* Add tests for root command
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
* Filter out checks that aren't needed for policy evaluation
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
* Add `make` targets for attestor; submit coverage stats
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
* Improvements
* Use sclog instead of glog
* Remove unneeded subcommands
* Formatting
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
* Flags: Make note-name constant and fix messaging
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
* Remove SupportedRequestTypes
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
* go mod tidy
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
* go mod tidy, makefile
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
* Fix GH actions run
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
2022-11-01 18:30:17 +00:00