-
Notifications
You must be signed in to change notification settings - Fork 82
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Introduce OCI artifacts signatures #296
Introduce OCI artifacts signatures #296
Conversation
Signed-off-by: Massimiliano Giovagnoli <[email protected]>
Signed-off-by: Massimiliano Giovagnoli <[email protected]>
Signed-off-by: Massimiliano Giovagnoli <[email protected]>
Signed-off-by: Massimiliano Giovagnoli <[email protected]>
Signed-off-by: Massimiliano Giovagnoli <[email protected]>
Signed-off-by: Massimiliano Giovagnoli <[email protected]>
Signed-off-by: Massimiliano Giovagnoli <[email protected]>
Signed-off-by: Massimiliano Giovagnoli <[email protected]>
ee5ac2a
to
ee8b2b3
Compare
Ready to be reviewed @falcosecurity/plugins-maintainers |
if: ${{ needs.publish-oci-artifacts.outputs.matrix != '[]' }} | ||
strategy: | ||
matrix: | ||
value: ${{ fromJson(needs.publish-oci-artifacts.outputs.matrix) }} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is awesome 🤩
Signed-off-by: Luca Guerra <[email protected]>
Signed-off-by: Luca Guerra <[email protected]>
6811d57
to
1f4e1f5
Compare
I was able to test artifacts produced with this workflow along with my falcoctl patch linked in this PR and it works! :) |
Signed-off-by: Massimiliano Giovagnoli <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @maxgio92. Left some minor comments.
return err | ||
pa, ra, err := handleArtifact(ctx, cfg, &plugin, s3Client, ociClient) | ||
if err != nil { | ||
return artifacts, err |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should we return nil? Do we use partial results in case of error?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks, @alacuku, I think it would be useful to provide them, as at the end of the day, the previous successful handle runs, if any, would be successful. WDYT?
// Clean up | ||
if err := os.RemoveAll(plugin.Name); err != nil { | ||
return fmt.Errorf("unable to remove folder %q: %v", plugin.Name, err) | ||
return artifacts, fmt.Errorf("unable to remove folder %q: %v", plugin.Name, err) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same here.
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: alacuku, leogr, maxgio92 The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
What type of PR is this?
/kind feature
Any specific area of the project related to this PR?
/area registry
/area build
What this PR does / why we need it:
To provide signatures for the plugin OCI artifacts, as OCI artifacts, with cosign.
Which issue(s) this PR fixes:
Fixes #244
Special notes for your reviewer:
This is part of the work for providing signatures for Falco artifacts, alongside: