mirror of https://github.com/boxyhq/jackson.git
Signing of SBOM reports (#99)
* added cosign action * installing cosign using brew * minor fix * added actions step * removed the condition for testing * moved the cosign part to bottom * fixed cosign path * trying out moving some pieces * commented if condition * removed conditions for testing * uncommented if conditions Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com>
This commit is contained in:
parent
44607459e0
commit
5bbfaa98e4
|
@ -176,6 +176,20 @@ jobs:
|
||||||
push: true
|
push: true
|
||||||
tags: ${{ github.repository }}:latest,${{ github.repository }}:${{ steps.slug.outputs.sha7 }},${{ github.repository }}:${{ steps.npmversion.outputs.npmversion }}
|
tags: ${{ github.repository }}:latest,${{ github.repository }}:${{ steps.slug.outputs.sha7 }},${{ github.repository }}:${{ steps.npmversion.outputs.npmversion }}
|
||||||
|
|
||||||
|
- name: Image digest
|
||||||
|
run: echo ${{ steps.docker_build.outputs.digest }}
|
||||||
|
|
||||||
|
- name: Login to GitHub Container Registry
|
||||||
|
run: |
|
||||||
|
echo "${{secrets.GITHUB_TOKEN}}" | docker login ghcr.io -u ${{github.repository_owner}} --password-stdin
|
||||||
|
|
||||||
|
# - name: NPM Package SBOM Scan
|
||||||
|
# uses: anchore/scan-action@v3
|
||||||
|
# with:
|
||||||
|
# path: './npm'
|
||||||
|
# fail-build: true
|
||||||
|
# severity-cutoff: high
|
||||||
|
|
||||||
- name: Set up Homebrew
|
- name: Set up Homebrew
|
||||||
id: set-up-homebrew
|
id: set-up-homebrew
|
||||||
uses: Homebrew/actions/setup-homebrew@master
|
uses: Homebrew/actions/setup-homebrew@master
|
||||||
|
@ -191,23 +205,10 @@ jobs:
|
||||||
|
|
||||||
- name: Sign the image
|
- name: Sign the image
|
||||||
if: github.ref == 'refs/heads/release'
|
if: github.ref == 'refs/heads/release'
|
||||||
run: cosign sign --key /tmp/cosign.key ${{ github.repository }}:${{ steps.slug.outputs.sha7 }}
|
run: cosign sign --key /tmp/cosign.key ${{ github.repository }}:${{ steps.slug.outputs.sha7 }} || true
|
||||||
env:
|
env:
|
||||||
COSIGN_PASSWORD: ${{secrets.COSIGN_PASSWORD}}
|
COSIGN_PASSWORD: ${{secrets.COSIGN_PASSWORD}}
|
||||||
|
|
||||||
- name: Image digest
|
|
||||||
run: echo ${{ steps.docker_build.outputs.digest }}
|
|
||||||
|
|
||||||
- name: Login to GitHub Container Registry
|
|
||||||
run: |
|
|
||||||
echo "${{secrets.GITHUB_TOKEN}}" | docker login ghcr.io -u ${{github.repository_owner}} --password-stdin
|
|
||||||
|
|
||||||
# - name: NPM Package SBOM Scan
|
|
||||||
# uses: anchore/scan-action@v3
|
|
||||||
# with:
|
|
||||||
# path: './npm'
|
|
||||||
# fail-build: true
|
|
||||||
# severity-cutoff: high
|
|
||||||
- name: Create NPM Package SBOM Report [SPDX]
|
- name: Create NPM Package SBOM Report [SPDX]
|
||||||
uses: anchore/sbom-action@v0
|
uses: anchore/sbom-action@v0
|
||||||
with:
|
with:
|
||||||
|
@ -313,6 +314,15 @@ jobs:
|
||||||
cd npm
|
cd npm
|
||||||
../oras_install/oras push ghcr.io/${{github.repository_owner}}/jackson/sbom:npm-${{ steps._npmversion.outputs.npmversion }} ./sbom.*
|
../oras_install/oras push ghcr.io/${{github.repository_owner}}/jackson/sbom:npm-${{ steps._npmversion.outputs.npmversion }} ./sbom.*
|
||||||
cd ..
|
cd ..
|
||||||
|
|
||||||
|
- name: Sign the sbom images
|
||||||
|
if: github.ref == 'refs/heads/release'
|
||||||
|
run: |
|
||||||
|
cosign sign --key /tmp/cosign.key ghcr.io/${{github.repository_owner}}/jackson/sbom:service-${{ steps._npmversion.outputs.npmversion }} || true
|
||||||
|
cosign sign --key /tmp/cosign.key ghcr.io/${{github.repository_owner}}/jackson/sbom:docker-${{ steps._npmversion.outputs.npmversion }} || true
|
||||||
|
cosign sign --key /tmp/cosign.key ghcr.io/${{github.repository_owner}}/jackson/sbom:npm-${{ steps._npmversion.outputs.npmversion }} || true
|
||||||
|
env:
|
||||||
|
COSIGN_PASSWORD: ${{secrets.COSIGN_PASSWORD}}
|
||||||
publish:
|
publish:
|
||||||
needs: build
|
needs: build
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
import { useEffect, useState } from "react";
|
import { useEffect, useState } from 'react';
|
||||||
|
|
||||||
export default function useKeyPress(targetKey: string): boolean {
|
export default function useKeyPress(targetKey: string): boolean {
|
||||||
// State for keeping track of whether key is pressed
|
// State for keeping track of whether key is pressed
|
||||||
|
@ -17,12 +17,12 @@ export default function useKeyPress(targetKey: string): boolean {
|
||||||
};
|
};
|
||||||
// Add event listeners
|
// Add event listeners
|
||||||
useEffect(() => {
|
useEffect(() => {
|
||||||
window.addEventListener("keydown", downHandler);
|
window.addEventListener('keydown', downHandler);
|
||||||
window.addEventListener("keyup", upHandler);
|
window.addEventListener('keyup', upHandler);
|
||||||
// Remove event listeners on cleanup
|
// Remove event listeners on cleanup
|
||||||
return () => {
|
return () => {
|
||||||
window.removeEventListener("keydown", downHandler);
|
window.removeEventListener('keydown', downHandler);
|
||||||
window.removeEventListener("keyup", upHandler);
|
window.removeEventListener('keyup', upHandler);
|
||||||
};
|
};
|
||||||
}, []); // Empty array ensures that effect is only run on mount and unmount
|
}, []); // Empty array ensures that effect is only run on mount and unmount
|
||||||
return keyPressed;
|
return keyPressed;
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
import { useState, useEffect } from "react";
|
import { useState, useEffect } from 'react';
|
||||||
|
|
||||||
const useMediaQuery = (query: string) => {
|
const useMediaQuery = (query: string) => {
|
||||||
const [matches, setMatches] = useState(false);
|
const [matches, setMatches] = useState(false);
|
||||||
|
@ -9,8 +9,8 @@ const useMediaQuery = (query: string) => {
|
||||||
setMatches(media.matches);
|
setMatches(media.matches);
|
||||||
}
|
}
|
||||||
const listener = () => setMatches(media.matches);
|
const listener = () => setMatches(media.matches);
|
||||||
window.addEventListener("resize", listener);
|
window.addEventListener('resize', listener);
|
||||||
return () => window.removeEventListener("resize", listener);
|
return () => window.removeEventListener('resize', listener);
|
||||||
}, [matches, query]);
|
}, [matches, query]);
|
||||||
|
|
||||||
return matches;
|
return matches;
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
import { RefObject, useEffect } from "react";
|
import { RefObject, useEffect } from 'react';
|
||||||
|
|
||||||
// https://usehooks-ts.com/react-hook/use-on-click-outside
|
// https://usehooks-ts.com/react-hook/use-on-click-outside
|
||||||
|
|
||||||
|
@ -17,11 +17,11 @@ export default function useOnClickOutside<T extends HTMLElement = HTMLElement>(
|
||||||
}
|
}
|
||||||
handler(event);
|
handler(event);
|
||||||
};
|
};
|
||||||
document.addEventListener("mousedown", listener);
|
document.addEventListener('mousedown', listener);
|
||||||
document.addEventListener("touchstart", listener);
|
document.addEventListener('touchstart', listener);
|
||||||
return () => {
|
return () => {
|
||||||
document.removeEventListener("mousedown", listener);
|
document.removeEventListener('mousedown', listener);
|
||||||
document.removeEventListener("touchstart", listener);
|
document.removeEventListener('touchstart', listener);
|
||||||
};
|
};
|
||||||
},
|
},
|
||||||
// Add ref and handler to effect dependencies
|
// Add ref and handler to effect dependencies
|
||||||
|
|
|
@ -3,4 +3,4 @@ module.exports = {
|
||||||
tailwindcss: {},
|
tailwindcss: {},
|
||||||
autoprefixer: {},
|
autoprefixer: {},
|
||||||
},
|
},
|
||||||
}
|
};
|
||||||
|
|
Loading…
Reference in New Issue