744 Commits

Author SHA1 Message Date
dependabot[bot]
306a0a9f50 chore(deps): Bump csv-parse from 5.3.3 to 5.3.4
Bumps [csv-parse](https://github.com/adaltas/node-csv/tree/HEAD/packages/csv-parse) from 5.3.3 to 5.3.4.
- [Release notes](https://github.com/adaltas/node-csv/releases)
- [Changelog](https://github.com/adaltas/node-csv/blob/master/packages/csv-parse/CHANGELOG.md)
- [Commits](https://github.com/adaltas/node-csv/commits/csv-parse@5.3.4/packages/csv-parse)

---
updated-dependencies:
- dependency-name: csv-parse
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-02-01 11:02:18 +00:00
CrazyMax
55a3485913 Merge pull request #785 from crazy-max/update-version
docs: update version to v4
2023-01-30 19:33:53 +01:00
CrazyMax
71e9aaaf29 docs: update version to v4
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2023-01-30 19:30:24 +01:00
CrazyMax
3b5e8027fc Merge pull request #784 from crazy-max/enable-provenance
Some checks failed
example / docker (push) Has been cancelled
e2e / docker (AWS_SECRET_ACCESS_KEY, 175142243308.dkr.ecr.us-east-2.amazonaws.com, 175142243308.dkr.ecr.us-east-2.amazonaws.com/sandbox/test-docker-action, AWS_ACCESS_KEY_ID) (push) Has been cancelled
e2e / docker (AWS_SECRET_ACCESS_KEY, public.ecr.aws, public.ecr.aws/q3b5f1u4/test-docker-action, AWS_ACCESS_KEY_ID) (push) Has been cancelled
e2e / docker (AZURE_CLIENT_SECRET, officialgithubactions.azurecr.io, officialgithubactions.azurecr.io/test-docker-action, AZURE_CLIENT_ID) (push) Has been cancelled
e2e / docker (DOCKERHUB_TOKEN, , ghactionstest/ghactionstest, DOCKERHUB_USERNAME) (push) Has been cancelled
e2e / docker (GAR_JSON_KEY, us-east4-docker.pkg.dev, us-east4-docker.pkg.dev/sandbox-298914/docker-official-github-actions/test-docker-action, GAR_USERNAME) (push) Has been cancelled
e2e / docker (GCR_JSON_KEY, gcr.io, gcr.io/sandbox-298914/test-docker-action, GCR_USERNAME) (push) Has been cancelled
e2e / docker (GHCR_PAT, ghcr.io, ghcr.io/docker-ghactiontest/test, GHCR_USERNAME) (push) Has been cancelled
e2e / docker (GITLAB_TOKEN, registry.gitlab.com, registry.gitlab.com/test1716/test, GITLAB_USERNAME) (push) Has been cancelled
revert disable provenance by default if not set
v4.0.0
2023-01-30 19:25:07 +01:00
CrazyMax
02d3266a89 update generated content
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2023-01-30 19:23:01 +01:00
CrazyMax
f403dafe18 revert disable provenance by default if not set
This partially reverts 337a09d182 but
keeps the newly added tests.

Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2023-01-30 19:23:00 +01:00
CrazyMax
1104d47137 Merge pull request #781 from crazy-max/disable-provenance
Some checks failed
example / docker (push) Has been cancelled
e2e / docker (AWS_SECRET_ACCESS_KEY, 175142243308.dkr.ecr.us-east-2.amazonaws.com, 175142243308.dkr.ecr.us-east-2.amazonaws.com/sandbox/test-docker-action, AWS_ACCESS_KEY_ID) (push) Has been cancelled
e2e / docker (AWS_SECRET_ACCESS_KEY, public.ecr.aws, public.ecr.aws/q3b5f1u4/test-docker-action, AWS_ACCESS_KEY_ID) (push) Has been cancelled
e2e / docker (AZURE_CLIENT_SECRET, officialgithubactions.azurecr.io, officialgithubactions.azurecr.io/test-docker-action, AZURE_CLIENT_ID) (push) Has been cancelled
e2e / docker (DOCKERHUB_TOKEN, , ghactionstest/ghactionstest, DOCKERHUB_USERNAME) (push) Has been cancelled
e2e / docker (GAR_JSON_KEY, us-east4-docker.pkg.dev, us-east4-docker.pkg.dev/sandbox-298914/docker-official-github-actions/test-docker-action, GAR_USERNAME) (push) Has been cancelled
e2e / docker (GCR_JSON_KEY, gcr.io, gcr.io/sandbox-298914/test-docker-action, GCR_USERNAME) (push) Has been cancelled
e2e / docker (GHCR_PAT, ghcr.io, ghcr.io/docker-ghactiontest/test, GHCR_USERNAME) (push) Has been cancelled
e2e / docker (GITLAB_TOKEN, registry.gitlab.com, registry.gitlab.com/test1716/test, GITLAB_USERNAME) (push) Has been cancelled
Disable provenance by default if not set
v3 v3.3.1
2023-01-30 19:07:44 +01:00
CrazyMax
838bf90c88 update generated content
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2023-01-30 10:15:05 +01:00
CrazyMax
337a09d182 disable provenance by default if not set
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2023-01-30 10:15:05 +01:00
CrazyMax
37abcedcc1 Merge pull request #760 from crazy-max/test-envs
Some checks failed
example / docker (push) Has been cancelled
e2e / docker (AWS_SECRET_ACCESS_KEY, 175142243308.dkr.ecr.us-east-2.amazonaws.com, 175142243308.dkr.ecr.us-east-2.amazonaws.com/sandbox/test-docker-action, AWS_ACCESS_KEY_ID) (push) Has been cancelled
e2e / docker (AWS_SECRET_ACCESS_KEY, public.ecr.aws, public.ecr.aws/q3b5f1u4/test-docker-action, AWS_ACCESS_KEY_ID) (push) Has been cancelled
e2e / docker (AZURE_CLIENT_SECRET, officialgithubactions.azurecr.io, officialgithubactions.azurecr.io/test-docker-action, AZURE_CLIENT_ID) (push) Has been cancelled
e2e / docker (DOCKERHUB_TOKEN, , ghactionstest/ghactionstest, DOCKERHUB_USERNAME) (push) Has been cancelled
e2e / docker (GAR_JSON_KEY, us-east4-docker.pkg.dev, us-east4-docker.pkg.dev/sandbox-298914/docker-official-github-actions/test-docker-action, GAR_USERNAME) (push) Has been cancelled
e2e / docker (GCR_JSON_KEY, gcr.io, gcr.io/sandbox-298914/test-docker-action, GCR_USERNAME) (push) Has been cancelled
e2e / docker (GHCR_PAT, ghcr.io, ghcr.io/docker-ghactiontest/test, GHCR_USERNAME) (push) Has been cancelled
e2e / docker (GITLAB_TOKEN, registry.gitlab.com, registry.gitlab.com/test1716/test, GITLAB_USERNAME) (push) Has been cancelled
test: move envs to jest config
v3.3.0
2023-01-13 13:27:37 +01:00
CrazyMax
67109bc4b2 test: move envs to jest config
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2023-01-13 13:23:43 +01:00
CrazyMax
d1b0eb0a29 Merge pull request #759 from crazy-max/fix-provenance-input
Fix provenance input
2023-01-13 13:06:45 +01:00
CrazyMax
a0635fe7cd update generated content
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2023-01-13 12:59:31 +01:00
CrazyMax
f834265449 tests for provenance
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2023-01-13 12:59:31 +01:00
CrazyMax
0191543e0b fix provenance input
When `provenance: false`, we should not set the builder-id.

Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2023-01-13 12:59:31 +01:00
CrazyMax
2a16835223 Merge pull request #758 from crazy-max/revert-736
Revert build-args newline split
2023-01-13 11:35:45 +01:00
CrazyMax
9b96801525 Revert build-args newline split
This reverts commit 6afac853c9, reversing
changes made to 1d910c8aa2.

Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2023-01-13 11:27:13 +01:00
CrazyMax
6afac853c9 Merge pull request #736 from ruslandoga/build-args-newline-split
build-args newline split
2023-01-13 10:03:35 +01:00
ruslandoga
3bfdd83cd7 pre-checkin
Signed-off-by: ruslandoga <67764432+ruslandoga@users.noreply.github.com>
2023-01-13 15:15:03 +07:00
ruslandoga
316d5eb8b3 build-args newline split
Signed-off-by: ruslandoga <67764432+ruslandoga@users.noreply.github.com>
2023-01-13 12:51:11 +07:00
CrazyMax
1d910c8aa2 Merge pull request #707 from crazy-max/gh-runtime-token-info
Log GitHub Actions runtime token access controls
2023-01-12 19:50:31 +01:00
CrazyMax
f9ccca010f log GitHub Actions runtime token access controls
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2023-01-12 19:44:24 +01:00
CrazyMax
c40bf0fdf6 Merge pull request #746 from crazy-max/attests-sbom-provenance-inputs
add attests, provenance and sbom inputs
2023-01-12 19:27:54 +01:00
CrazyMax
223ed1ebd4 ci: fix registry-cache job
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2023-01-11 15:56:26 +01:00
CrazyMax
fdafae777b update generated content
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2023-01-11 15:56:25 +01:00
CrazyMax
0cb700ffba do not set default provenance if user wants to load the image
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2023-01-11 15:56:25 +01:00
CrazyMax
ee7989df81 always set builder-id attribute for provenance
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2023-01-11 15:56:25 +01:00
CrazyMax
74f883a069 check BuildKit compatibility before setting default provenance opts
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2023-01-11 15:56:25 +01:00
CrazyMax
0149503e26 ci: inspect with json output
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2023-01-11 15:56:25 +01:00
CrazyMax
26ce4f3617 provenance: set mode max and builder-id for public repos by default
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2023-01-11 15:56:24 +01:00
CrazyMax
ed2672fc33 add attests, provenance and sbom inputs
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2023-01-11 15:56:24 +01:00
CrazyMax
472ccddef1 test: go project sample
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2023-01-11 15:56:24 +01:00
CrazyMax
d235d2d5ea Merge pull request #749 from docker/dependabot/npm_and_yarn/json5-2.2.3
chore(deps): Bump json5 from 2.2.0 to 2.2.3
2023-01-08 18:32:06 +01:00
dependabot[bot]
2f519a7883 chore(deps): Bump json5 from 2.2.0 to 2.2.3
Bumps [json5](https://github.com/json5/json5) from 2.2.0 to 2.2.3.
- [Release notes](https://github.com/json5/json5/releases)
- [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md)
- [Commits](https://github.com/json5/json5/compare/v2.2.0...v2.2.3)

---
updated-dependencies:
- dependency-name: json5
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-07 04:56:41 +00:00
CrazyMax
4eb68bb2ac Merge pull request #729 from docker/dependabot/npm_and_yarn/csv-parse-5.3.3
chore(deps): Bump csv-parse from 5.3.0 to 5.3.3
2022-12-19 20:44:37 +01:00
CrazyMax
b4755849f0 update generated content
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2022-12-19 20:42:49 +01:00
dependabot[bot]
ade1a6afe3 chore(deps): Bump csv-parse from 5.3.0 to 5.3.3
Bumps [csv-parse](https://github.com/adaltas/node-csv/tree/HEAD/packages/csv-parse) from 5.3.0 to 5.3.3.
- [Release notes](https://github.com/adaltas/node-csv/releases)
- [Changelog](https://github.com/adaltas/node-csv/blob/master/packages/csv-parse/CHANGELOG.md)
- [Commits](https://github.com/adaltas/node-csv/commits/csv-parse@5.3.3/packages/csv-parse)

---
updated-dependencies:
- dependency-name: csv-parse
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-12-19 19:37:51 +00:00
CrazyMax
21d6059e1e Merge pull request #732 from docker/dependabot/npm_and_yarn/minimatch-3.1.2
chore(deps): Bump minimatch from 3.0.4 to 3.1.2
2022-12-19 20:20:03 +01:00
CrazyMax
c2c50190db readme: fix badges
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2022-12-19 20:17:23 +01:00
CrazyMax
a154a68da0 Update generated content
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2022-12-19 20:15:46 +01:00
dependabot[bot]
4ac90f5dca chore(deps): Bump minimatch from 3.0.4 to 3.1.2
Bumps [minimatch](https://github.com/isaacs/minimatch) from 3.0.4 to 3.1.2.
- [Release notes](https://github.com/isaacs/minimatch/releases)
- [Commits](https://github.com/isaacs/minimatch/compare/v3.0.4...v3.1.2)

---
updated-dependencies:
- dependency-name: minimatch
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-29 17:55:45 +00:00
CrazyMax
175d02bffe Merge pull request #723 from crazy-max/docs-fix-link
docs: fix link
2022-11-10 18:25:38 +01:00
CrazyMax
546378e7fb docs: fix link
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2022-11-10 15:57:59 +01:00
CrazyMax
ffe65bfc27 Merge pull request #718 from crazy-max/moved-examples
docs: examples moved to docs website
2022-11-04 14:11:17 +01:00
CrazyMax
d4c14fd006 docs: examples moved to docs website
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2022-11-04 09:17:25 +01:00
CrazyMax
6e95f19fb8 Merge pull request #708 from kaznovac/patch-1
[docs] test-before-push: push tested image as latest
2022-10-20 21:05:58 +02:00
Marko Kaznovac
2a752d5a63 [docs] test-before-push: push tested image as latest
also renamed image name from `myapp` -> `app`

Signed-off-by: Marko Kaznovac <kaznovac@users.noreply.github.com>
2022-10-20 16:03:06 +02:00
CrazyMax
c56af95754 Merge pull request #704 from crazy-max/setOutput
Some checks failed
example / docker (push) Has been cancelled
e2e / docker (AWS_SECRET_ACCESS_KEY, 175142243308.dkr.ecr.us-east-2.amazonaws.com, 175142243308.dkr.ecr.us-east-2.amazonaws.com/sandbox/test-docker-action, AWS_ACCESS_KEY_ID) (push) Has been cancelled
e2e / docker (AWS_SECRET_ACCESS_KEY, public.ecr.aws, public.ecr.aws/q3b5f1u4/test-docker-action, AWS_ACCESS_KEY_ID) (push) Has been cancelled
e2e / docker (AZURE_CLIENT_SECRET, officialgithubactions.azurecr.io, officialgithubactions.azurecr.io/test-docker-action, AZURE_CLIENT_ID) (push) Has been cancelled
e2e / docker (DOCKERHUB_TOKEN, , ghactionstest/ghactionstest, DOCKERHUB_USERNAME) (push) Has been cancelled
e2e / docker (GAR_JSON_KEY, us-east4-docker.pkg.dev, us-east4-docker.pkg.dev/sandbox-298914/docker-official-github-actions/test-docker-action, GAR_USERNAME) (push) Has been cancelled
e2e / docker (GCR_JSON_KEY, gcr.io, gcr.io/sandbox-298914/test-docker-action, GCR_USERNAME) (push) Has been cancelled
e2e / docker (GHCR_PAT, ghcr.io, ghcr.io/docker-ghactiontest/test, GHCR_USERNAME) (push) Has been cancelled
e2e / docker (GITLAB_TOKEN, registry.gitlab.com, registry.gitlab.com/test1716/test, GITLAB_USERNAME) (push) Has been cancelled
Remove workaround for setOutput
v3.2.0
2022-10-12 08:33:54 +02:00
CrazyMax
75aaa63262 Remove workaround for setOutput
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2022-10-12 06:56:31 +02:00
CrazyMax
f97d6e2850 Merge pull request #700 from crazy-max/update-docs
docs: update links and layout
2022-10-11 12:07:35 +02:00