mirror of https://github.com/boxyhq/jackson.git
Signing of SBOM reports (#99)
* added cosign action * installing cosign using brew * minor fix * added actions step * removed the condition for testing * moved the cosign part to bottom * fixed cosign path * trying out moving some pieces * commented if condition * removed conditions for testing * uncommented if conditions Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com>
This commit is contained in:
parent
44607459e0
commit
5bbfaa98e4
|
@ -176,6 +176,20 @@ jobs:
|
|||
push: true
|
||||
tags: ${{ github.repository }}:latest,${{ github.repository }}:${{ steps.slug.outputs.sha7 }},${{ github.repository }}:${{ steps.npmversion.outputs.npmversion }}
|
||||
|
||||
- name: Image digest
|
||||
run: echo ${{ steps.docker_build.outputs.digest }}
|
||||
|
||||
- name: Login to GitHub Container Registry
|
||||
run: |
|
||||
echo "${{secrets.GITHUB_TOKEN}}" | docker login ghcr.io -u ${{github.repository_owner}} --password-stdin
|
||||
|
||||
# - name: NPM Package SBOM Scan
|
||||
# uses: anchore/scan-action@v3
|
||||
# with:
|
||||
# path: './npm'
|
||||
# fail-build: true
|
||||
# severity-cutoff: high
|
||||
|
||||
- name: Set up Homebrew
|
||||
id: set-up-homebrew
|
||||
uses: Homebrew/actions/setup-homebrew@master
|
||||
|
@ -191,23 +205,10 @@ jobs:
|
|||
|
||||
- name: Sign the image
|
||||
if: github.ref == 'refs/heads/release'
|
||||
run: cosign sign --key /tmp/cosign.key ${{ github.repository }}:${{ steps.slug.outputs.sha7 }}
|
||||
run: cosign sign --key /tmp/cosign.key ${{ github.repository }}:${{ steps.slug.outputs.sha7 }} || true
|
||||
env:
|
||||
COSIGN_PASSWORD: ${{secrets.COSIGN_PASSWORD}}
|
||||
|
||||
- name: Image digest
|
||||
run: echo ${{ steps.docker_build.outputs.digest }}
|
||||
|
||||
- name: Login to GitHub Container Registry
|
||||
run: |
|
||||
echo "${{secrets.GITHUB_TOKEN}}" | docker login ghcr.io -u ${{github.repository_owner}} --password-stdin
|
||||
|
||||
# - name: NPM Package SBOM Scan
|
||||
# uses: anchore/scan-action@v3
|
||||
# with:
|
||||
# path: './npm'
|
||||
# fail-build: true
|
||||
# severity-cutoff: high
|
||||
- name: Create NPM Package SBOM Report [SPDX]
|
||||
uses: anchore/sbom-action@v0
|
||||
with:
|
||||
|
@ -313,6 +314,15 @@ jobs:
|
|||
cd npm
|
||||
../oras_install/oras push ghcr.io/${{github.repository_owner}}/jackson/sbom:npm-${{ steps._npmversion.outputs.npmversion }} ./sbom.*
|
||||
cd ..
|
||||
|
||||
- name: Sign the sbom images
|
||||
if: github.ref == 'refs/heads/release'
|
||||
run: |
|
||||
cosign sign --key /tmp/cosign.key ghcr.io/${{github.repository_owner}}/jackson/sbom:service-${{ steps._npmversion.outputs.npmversion }} || true
|
||||
cosign sign --key /tmp/cosign.key ghcr.io/${{github.repository_owner}}/jackson/sbom:docker-${{ steps._npmversion.outputs.npmversion }} || true
|
||||
cosign sign --key /tmp/cosign.key ghcr.io/${{github.repository_owner}}/jackson/sbom:npm-${{ steps._npmversion.outputs.npmversion }} || true
|
||||
env:
|
||||
COSIGN_PASSWORD: ${{secrets.COSIGN_PASSWORD}}
|
||||
publish:
|
||||
needs: build
|
||||
runs-on: ubuntu-latest
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
import { useEffect, useState } from "react";
|
||||
import { useEffect, useState } from 'react';
|
||||
|
||||
export default function useKeyPress(targetKey: string): boolean {
|
||||
// State for keeping track of whether key is pressed
|
||||
|
@ -17,12 +17,12 @@ export default function useKeyPress(targetKey: string): boolean {
|
|||
};
|
||||
// Add event listeners
|
||||
useEffect(() => {
|
||||
window.addEventListener("keydown", downHandler);
|
||||
window.addEventListener("keyup", upHandler);
|
||||
window.addEventListener('keydown', downHandler);
|
||||
window.addEventListener('keyup', upHandler);
|
||||
// Remove event listeners on cleanup
|
||||
return () => {
|
||||
window.removeEventListener("keydown", downHandler);
|
||||
window.removeEventListener("keyup", upHandler);
|
||||
window.removeEventListener('keydown', downHandler);
|
||||
window.removeEventListener('keyup', upHandler);
|
||||
};
|
||||
}, []); // Empty array ensures that effect is only run on mount and unmount
|
||||
return keyPressed;
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
import { useState, useEffect } from "react";
|
||||
import { useState, useEffect } from 'react';
|
||||
|
||||
const useMediaQuery = (query: string) => {
|
||||
const [matches, setMatches] = useState(false);
|
||||
|
@ -9,8 +9,8 @@ const useMediaQuery = (query: string) => {
|
|||
setMatches(media.matches);
|
||||
}
|
||||
const listener = () => setMatches(media.matches);
|
||||
window.addEventListener("resize", listener);
|
||||
return () => window.removeEventListener("resize", listener);
|
||||
window.addEventListener('resize', listener);
|
||||
return () => window.removeEventListener('resize', listener);
|
||||
}, [matches, query]);
|
||||
|
||||
return matches;
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
import { RefObject, useEffect } from "react";
|
||||
import { RefObject, useEffect } from 'react';
|
||||
|
||||
// https://usehooks-ts.com/react-hook/use-on-click-outside
|
||||
|
||||
|
@ -17,11 +17,11 @@ export default function useOnClickOutside<T extends HTMLElement = HTMLElement>(
|
|||
}
|
||||
handler(event);
|
||||
};
|
||||
document.addEventListener("mousedown", listener);
|
||||
document.addEventListener("touchstart", listener);
|
||||
document.addEventListener('mousedown', listener);
|
||||
document.addEventListener('touchstart', listener);
|
||||
return () => {
|
||||
document.removeEventListener("mousedown", listener);
|
||||
document.removeEventListener("touchstart", listener);
|
||||
document.removeEventListener('mousedown', listener);
|
||||
document.removeEventListener('touchstart', listener);
|
||||
};
|
||||
},
|
||||
// Add ref and handler to effect dependencies
|
||||
|
|
|
@ -3,4 +3,4 @@ module.exports = {
|
|||
tailwindcss: {},
|
||||
autoprefixer: {},
|
||||
},
|
||||
}
|
||||
};
|
||||
|
|
Loading…
Reference in New Issue