github/slsa-verifier
1
0
Fork 0
mirror of https://github.com/slsa-framework/slsa-verifier.git synced 2026-05-06 00:26:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

ci: add verifier e2e presubmit that runs CLI at main (#430)

Browse Source 
* ci: add verifier e2e presubmit that runs CLI at main

Signed-off-by: Asra Ali <asraa@google.com>
Signed-off-by: Asra Ali <asraa@google.com>
This commit is contained in:
asraa
2023-01-05 10:02:54 -06:00
committed by GitHub
parent 71a4b4d2bb
commit bad943298a
3 changed files with 55 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
.github/workflows/pre-submit.e2e.yml vendored Normal file
View File

@@ -0,0 +1,36 @@
name: Pre submits e2e
on:
pull_request:
branches: ["main"]
workflow_dispatch:
permissions: read-all
jobs:
pre-submit:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3.2.0
with:
path: __THIS_REPO__
- name: setup-go
uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0
with:
go-version: "1.18"
- name: Build verifier at HEAD
working-directory: __THIS_REPO__
run: |
set -euo pipefail
go build -o slsa-verifier ./cli/slsa-verifier
- name: Checkout e2e verification script
uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3.2.0
with:
path: __EXAMPLE_PACKAGE__
repository: slsa-framework/example-package
- name: Run verification script with testdata and slsa-verifier HEAD
run: ./__THIS_REPO__/.github/workflows/scripts/e2e-cli.sh

19
.github/workflows/scripts/e2e-cli.sh vendored Executable file
View File

@@ -0,0 +1,19 @@
#!/bin/bash
# Verify provenance authenticity with slsa-verifier at HEAD
cd __EXAMPLE_PACKAGE__
# shellcheck source=/dev/null
source "./.github/workflows/scripts/e2e-verify.common.sh"
# Set THIS_FILE to correspond with the artifact properties
export THIS_FILE=e2e.go.workflow_dispatch.main.config-noldflags.slsa3.yml
export BRANCH=main
# Set BINARY and PROVENANCE
cd -
export BINARY=__THIS_REPO__/cli/slsa-verifier/testdata/gha_go/v1.2.2/binary-linux-amd64-workflow_dispatch
export PROVENANCE=__THIS_REPO__/cli/slsa-verifier/testdata/gha_go/v1.2.2/binary-linux-amd64-workflow_dispatch.intoto.jsonl
GITHUB_REPOSITORY=slsa-framework/example-package verify_provenance_authenticity "./__THIS_REPO__/slsa-verifier" "HEAD"

BIN
slsa-verifier Executable file
View File

Binary file not shown.