Skip to content

Commit

Permalink
🌱 Include attestor Dockerfile in CI and dependabot updates (ossf#3285)
Browse files Browse the repository at this point in the history
Signed-off-by: Spencer Schrock <[email protected]>
Signed-off-by: André Backman <[email protected]>
  • Loading branch information
spencerschrock authored and André Backman committed Jul 26, 2023
1 parent 9c9bf4a commit 8a4b5f8
Show file tree
Hide file tree
Showing 3 changed files with 36 additions and 1 deletion.
7 changes: 7 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
Expand Up @@ -74,3 +74,10 @@ updates:
rebase-strategy: disabled
commit-message:
prefix: ":seedling:"
- package-ecosystem: docker
directory: "/attestor"
schedule:
interval: weekly
rebase-strategy: disabled
commit-message:
prefix: ":seedling:"
28 changes: 28 additions & 0 deletions .github/workflows/docker.yml
Original file line number Diff line number Diff line change
Expand Up @@ -259,3 +259,31 @@ jobs:
cache: true
- name: docker build
run: make cron-github-server-docker
attestor:
name: attestor-docker
runs-on: ubuntu-latest
permissions:
contents: read
needs:
- docs_only_check
if: (needs.docs_only_check.outputs.docs_only != 'true')
steps:
- name: Harden Runner
uses: step-security/harden-runner@55d479fb1c5bcad5a4f9099a5d9f37c8857b2845 # v2.4.1
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
- name: Install Protoc
uses: arduino/setup-protoc@149f6c87b92550901b26acd1632e11c3662e381f # v1.3.0
with:
version: ${{ env.PROTOC_VERSION }}
repo-token: ${{ secrets.GITHUB_TOKEN }}
- name: Clone the code
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- name: Setup Go
uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
go-version-file: ${{ env.GO_VERSION_FILE }}
check-latest: true
cache: true
- name: docker build
run: make build-attestor-docker
2 changes: 1 addition & 1 deletion attestor/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.

FROM golang@sha256:ea3d912d500b1ae0a691b2e53eb8a6345b579d42d7e6a64acca83d274b949740 AS base
FROM golang:1.19@sha256:6b3fa4b908676231b50acbbc00e84d8cee9c6ce072b1175c0ff352c57d8a612f AS base
WORKDIR /src/scorecard
COPY . ./

Expand Down

0 comments on commit 8a4b5f8

Please sign in to comment.