Posts Tagged ‘GitHub Actions’
Background We build a bunch of stuff for RISC-V using the Dart official Docker image, but the RISC-V images can often arrive some time (days) after the more mainstream images[1]. That means that if we merge a Dependabot PR for an updated image it might well be missing RISC-V, causing the Continuous Delivery (CD) pipeline […]
Filed under: Dart, howto, technology | Leave a Comment
Tags: CD, CI, Dart, Debian, Docker, GitHub Actions, image, manifest, RISC-V, testing
TL;DR Supply-chain Levels for Software Artifacts (SLSA) attestations are a great way to show that you care about security, and they’re fairly trivial to add to delivery pipelines that produce a single binary or container image. But things get tricky with matrix jobs that build lots of things in parallel, as you then need to […]
Filed under: Dart, Docker, Gemini, howto | Leave a Comment
Tags: AI, ARM, artifact, attestation, CD, container, Cosign, Dart, DevOps, Docker, Gemini, GitHub Actions, image, json, matrix, security, signing, slsa
Chris Swan's Weblog 