Commit Graph

22 Commits

Author SHA1 Message Date
naveensrinivasan
dd737bd755 Pin actions to a full length commit SHA
- Pinned actions by SHA https://github.com/ossf/scorecard/blob/main/docs/checks.md#pinned-dependencies
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

>Pin actions to a full length commit SHA

>Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload.

https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions
2022-03-18 20:47:20 +00:00
Chris Lu
5296c397f4 build latest container 2021-10-24 18:45:51 -07:00
Chris Lu
a0a6aa36fa adjust name 2021-09-07 02:34:49 -07:00
Chris Lu
85a2046411 move out latest container building 2021-09-07 02:12:07 -07:00
Chris Lu
705285ec60 rename file 2021-09-05 17:02:50 -07:00
Chris Lu
f2de7910fc move latest image build to after binary released 2021-09-05 17:02:22 -07:00
Chris Lu
ae98a085d3 automated latest image build 2021-09-05 16:56:12 -07:00
Chris Lu
cd838b1197
Merge pull request #2292 from logband/master
fix(ci): update latest to only run once
2021-08-28 20:33:16 -07:00
Alexander
aeda4be42c fix(ci): use cleaner naming for jobs 2021-08-29 12:12:30 +09:00
Alexander
b686e8c45b fix(ci): update latest to only run once 2021-08-29 11:54:49 +09:00
Alexander
b1331ba3fe feature(ci): use matrix for container build 2021-08-28 11:33:08 +09:00
Alexander
5a10f27c8d fix(ci): remove ppc64le and s390x support 2021-08-28 11:23:20 +09:00
Alexander
ba45852ca5 revert(ci): re-add platforms since builds were added 2021-08-28 10:35:02 +09:00
Alexander
3fddbefdb5 fix(ci): seaweedfs does not build for ppc or z-kernel systems 2021-08-28 09:59:23 +09:00
Alexander
059e88d5df chore(ci): move to using newer metadata action
The crazy-max/ghaction-docker-meta@v2 action was moved to docker/metadata-action@v3.
2021-08-28 08:29:32 +09:00
Alexander
d0990651ce fix(ci): remove linux/riscv64 2021-08-28 07:59:02 +09:00
Alexander
e2a7399f69 fix(ci): remove mips since alpine does not support it 2021-08-28 07:52:28 +09:00
Alexander
72ea1a9a21 fix(ci): add obscure platforms 2021-08-28 07:25:17 +09:00
Alexander
29bc6cb9a2 fix(ci): add multi-arch image builds
Fixes !2282.
2021-08-28 07:05:08 +09:00
suika
285a4667c2 Enable login/push, build latest/dev on master branch
Login to Docker Hub and Github Container Repo is enabled, need the secrets to be set.
Remove ...image.description because it wil be automatically set.
2021-05-12 04:38:36 +02:00
suika
727287a755 Fix build context for latest tag 2021-05-12 04:31:13 +02:00
suika
19895d5f72 Container build actions
initial brainless copy of docker hub config to github actions
2021-05-12 04:26:31 +02:00