4feab1495b
Merge bbac103b64 into 56663023f5
2025-03-11 15:15:49 +02:00
Alex Pyrgiotis
56663023f5
ci: Security scan ARM images
...
Scan latest app and container / security-scan-app (ubuntu-24.04) (push) Has been cancelled
Scan latest app and container / security-scan-app (ubuntu-24.04-arm) (push) Has been cancelled
Tests / build-deb (ubuntu 22.04) (push) Has been cancelled
Tests / windows (push) Has been cancelled
Tests / macOS (arch64) (push) Has been cancelled
Tests / build-deb (ubuntu 24.04) (push) Has been cancelled
Tests / macOS (x86_64) (push) Has been cancelled
Tests / build-deb (debian bookworm) (push) Has been cancelled
Tests / build-deb (debian bullseye) (push) Has been cancelled
Tests / build-deb (debian trixie) (push) Has been cancelled
Tests / build-deb (ubuntu 20.04) (push) Has been cancelled
Tests / build-deb (ubuntu 24.10) (push) Has been cancelled
Tests / install-deb (debian bookworm) (push) Has been cancelled
Tests / install-deb (debian bullseye) (push) Has been cancelled
Tests / install-deb (debian trixie) (push) Has been cancelled
Tests / install-deb (ubuntu 20.04) (push) Has been cancelled
Tests / install-deb (ubuntu 22.04) (push) Has been cancelled
Tests / install-deb (ubuntu 24.04) (push) Has been cancelled
Tests / install-deb (ubuntu 24.10) (push) Has been cancelled
Tests / build-install-rpm (fedora 40) (push) Has been cancelled
Tests / build-install-rpm (fedora 41) (push) Has been cancelled
Tests / run tests (debian bookworm) (push) Has been cancelled
Tests / run tests (debian bullseye) (push) Has been cancelled
Tests / run tests (debian trixie) (push) Has been cancelled
Tests / run tests (fedora 40) (push) Has been cancelled
Tests / run tests (fedora 41) (push) Has been cancelled
Tests / run tests (ubuntu 20.04) (push) Has been cancelled
Tests / run tests (ubuntu 22.04) (push) Has been cancelled
Tests / run tests (ubuntu 24.04) (push) Has been cancelled
Tests / run tests (ubuntu 24.10) (push) Has been cancelled
Scan ARM images using Anchore's scan action, by utilizing the Ubuntu ARM
runners provided by GitHub. While our ARM images are used only in macOS
silicon platforms, we can use the Ubuntu ARM runners just for scanning.
Closes #1008
2025-03-10 18:45:26 +02:00
Alex Pyrgiotis
53a952235c
Specify version when installing WiX
...
Tests / run tests (ubuntu 24.04) (push) Blocked by required conditions
Tests / run tests (ubuntu 24.10) (push) Blocked by required conditions
Tests / run-lint (push) Waiting to run
Tests / build-container-image (push) Waiting to run
Tests / Download and cache Tesseract data (push) Waiting to run
Tests / windows (push) Blocked by required conditions
Tests / macOS (arch64) (push) Blocked by required conditions
Tests / macOS (x86_64) (push) Blocked by required conditions
Tests / build-deb (debian bookworm) (push) Blocked by required conditions
Tests / build-deb (debian bullseye) (push) Blocked by required conditions
Tests / build-deb (debian trixie) (push) Blocked by required conditions
Tests / build-deb (ubuntu 20.04) (push) Blocked by required conditions
Tests / build-deb (ubuntu 22.04) (push) Blocked by required conditions
Tests / build-deb (ubuntu 24.04) (push) Blocked by required conditions
Tests / build-deb (ubuntu 24.10) (push) Blocked by required conditions
Tests / install-deb (debian bookworm) (push) Blocked by required conditions
Tests / install-deb (debian bullseye) (push) Blocked by required conditions
Tests / install-deb (debian trixie) (push) Blocked by required conditions
Tests / install-deb (ubuntu 20.04) (push) Blocked by required conditions
Tests / install-deb (ubuntu 22.04) (push) Blocked by required conditions
Tests / install-deb (ubuntu 24.04) (push) Blocked by required conditions
Tests / install-deb (ubuntu 24.10) (push) Blocked by required conditions
Tests / build-install-rpm (fedora 40) (push) Blocked by required conditions
Tests / build-install-rpm (fedora 41) (push) Blocked by required conditions
Tests / run tests (debian bookworm) (push) Blocked by required conditions
Tests / run tests (debian bullseye) (push) Blocked by required conditions
Tests / run tests (debian trixie) (push) Blocked by required conditions
Tests / check-reproducibility (push) Waiting to run
Scan latest app and container / security-scan-container (push) Waiting to run
Scan latest app and container / security-scan-app (push) Waiting to run
Update our CI job and build instructions with the latest WiX version, so
that we don't encounter any installation issues when new WiX versions
are released.
Also, add a reminder in our release instruction to bump the WiX version
before we start a new release.
Fixes #1087
2025-03-10 18:03:24 +02:00
Erik Moeller
d2652ef6cd
Add reference to funding.json (required by floss.fund application)
Tests / check-reproducibility (push) Has been cancelled
Scan latest app and container / security-scan-app (push) Has been cancelled
Tests / run tests (fedora 40) (push) Has been cancelled
Tests / run tests (fedora 41) (push) Has been cancelled
Tests / run tests (ubuntu 20.04) (push) Has been cancelled
Tests / run tests (ubuntu 22.04) (push) Has been cancelled
Tests / run tests (ubuntu 24.04) (push) Has been cancelled
Tests / run tests (ubuntu 24.10) (push) Has been cancelled
Tests / windows (push) Has been cancelled
Tests / macOS (arch64) (push) Has been cancelled
Tests / macOS (x86_64) (push) Has been cancelled
Tests / build-deb (debian bookworm) (push) Has been cancelled
Tests / build-deb (debian bullseye) (push) Has been cancelled
Tests / build-deb (debian trixie) (push) Has been cancelled
Tests / build-deb (ubuntu 20.04) (push) Has been cancelled
Tests / build-deb (ubuntu 22.04) (push) Has been cancelled
Tests / build-deb (ubuntu 24.04) (push) Has been cancelled
Tests / build-deb (ubuntu 24.10) (push) Has been cancelled
Tests / install-deb (debian bookworm) (push) Has been cancelled
Tests / install-deb (debian bullseye) (push) Has been cancelled
Tests / install-deb (debian trixie) (push) Has been cancelled
Tests / install-deb (ubuntu 20.04) (push) Has been cancelled
Tests / install-deb (ubuntu 22.04) (push) Has been cancelled
Tests / install-deb (ubuntu 24.04) (push) Has been cancelled
Tests / install-deb (ubuntu 24.10) (push) Has been cancelled
Tests / build-install-rpm (fedora 40) (push) Has been cancelled
Tests / build-install-rpm (fedora 41) (push) Has been cancelled
Tests / run tests (debian bookworm) (push) Has been cancelled
Tests / run tests (debian bullseye) (push) Has been cancelled
Tests / run tests (debian trixie) (push) Has been cancelled
2025-03-06 15:54:36 +01:00
Alexis Métaireau
bbac103b64
Allow a different runtime on dangerzone-image commands.
...
This can be done with the newly added `--runtime` flag, which needs to
be passed to the first group, e.g:
```bash
dangerzone-cli --runtime docker COMMAND
```
2025-03-04 10:09:27 +01:00
Alexis Métaireau
5bd51575fe
Display the {podman,docker} pull progress when installing a new image
...
The progressbars we see when using this same commands on the
command line doesn't seem to be passed to the python process here,
unfortunately.
2025-03-03 12:59:36 +01:00
Alexis Métaireau
052c35213d
Add a dangerzone-image store-signature CLI command
...
This can be useful when signatures are missing from the system, for an
already present image, and can be used as a way to fix user issues.
2025-03-03 12:58:27 +01:00
Alexis Métaireau
264f1d12a9
Replace the updater_check setting by updater_check_all
...
This new setting triggers the same user prompts, but the actual meaning of
it differs, since users will now be accepting to upgrade the container image
rather than just checking for new releases.
Changing the name of the setting will trigger this prompt for all users, effectively
ensuring they want their image to be automatically upgraded.
2025-03-01 15:50:32 +01:00
Alexis Métaireau
7eb54c3dd5
Split updater GUI code from the code checking for release updates
...
The code making the actual requests and checks now lives in the
`updater.releases` module. The code should be easier to read and to
reason about.
Tests have been updated to reflect this.
2025-02-27 17:55:00 +01:00
Alexis Métaireau
f1dac59fb8
FIXUP commit for signature tests
2025-02-26 21:26:49 +01:00
Alexis Métaireau
c405eb9c1d
Provide an is_update_available function
...
This function does all the needed checks before returning `True`, making it a good external API.
Under the hood, the registry now has an `is_new_remote_image_available`
which is just for checking the presence of a new image, but doesn't do
any verirications on it, and there is also a new `check_signatures_and_logindex` that ensures that these two are valid.
2025-02-26 19:22:33 +01:00
Alexis Métaireau
cff3ac2870
fixup! Download and verify cosign signatures
2025-02-26 19:17:56 +01:00
Alexis Métaireau
2aeb53a3b4
fixup! Download and verify cosign signatures
2025-02-26 17:11:44 +01:00
Alexis Métaireau
a82ba2897b
FIXUP: Add a comment to update the DEFAULT_LOG_INDEX with releases
2025-02-26 17:08:25 +01:00
Alexis Métaireau
49b54aa227
FIXUP: throw rather than bools
2025-02-26 16:54:53 +01:00
Alexis Métaireau
3f6c134d93
FIXUP: Use user data dir rather than config
2025-02-26 16:30:25 +01:00
Alexis Métaireau
f00f96236c
FIXUP: Use exceptions to ease the flow
2025-02-26 16:22:30 +01:00
Alexis Métaireau
53a7028110
Introduce a subprocess_run utility function
...
This is done to avoid forgetting windows specific arguments when calling `subprocess.run`.
2025-02-26 16:09:58 +01:00
Alexis Métaireau
c313c6d1d7
FIXUP: Use the digest when pulling the container
2025-02-26 16:03:28 +01:00
Alexis Métaireau
760948b5b5
Add tests for registry
2025-02-25 17:20:25 +01:00
Alexis Métaireau
3ea491761c
fixup! Add a dangerzone-image CLI script
2025-02-25 17:20:12 +01:00
Alexis Métaireau
f175739b20
fixup! Add a dangerzone-image CLI script
2025-02-25 17:20:12 +01:00
Alexis Métaireau
3d579c8097
fixup! Add a dangerzone-image CLI script
2025-02-25 17:20:12 +01:00
Alexis Métaireau
356d848e47
fixup! Add a dangerzone-image CLI script
2025-02-25 17:20:12 +01:00
Alexis Métaireau
49c4cee898
make the signature tests pass
2025-02-25 15:44:46 +01:00
Alexis Métaireau
22d01a4045
fixup! c9c301d833
2025-02-25 15:44:24 +01:00
Alexis Métaireau
7e4cd66d2b
fixup! b4818ce854
2025-02-25 15:44:24 +01:00
Alexis Métaireau
d93c99f8e2
fixup! b4818ce854
2025-02-25 15:44:24 +01:00
Alexis Métaireau
43f6d89bbb
fixup! b37815a96c
2025-02-25 15:44:24 +01:00
Alexis Métaireau
bba427d619
fixup! 83418f09f2
2025-02-25 15:44:24 +01:00
Alexis Métaireau
4a4bf7c571
fixup! 3e861cc0cd
2025-02-25 15:44:24 +01:00
Alexis Métaireau
2476ed6daa
fixup! Download and verify cosign signatures
2025-02-25 15:44:24 +01:00
Alexis Métaireau
30ec1f10e9
fixup! Download and verify cosign signatures
2025-02-25 15:44:24 +01:00
Alexis Métaireau
4073a62fd4
fixup! Download and verify cosign signatures
2025-02-25 15:44:24 +01:00
Alexis Métaireau
7f83505ae9
fixup! Download and verify cosign signatures
2025-02-25 15:44:24 +01:00
Alexis Métaireau
33ee158cf2
fixup! Download and verify cosign signatures
2025-02-25 15:44:24 +01:00
Alexis Métaireau
d5d3038bfa
fixup! Download and verify cosign signatures
2025-02-25 15:44:24 +01:00
Alexis Métaireau
7e283196d8
fixup! 35704b8a18
2025-02-25 15:44:24 +01:00
Alexis Métaireau
8381b2fb7b
fixup! (WIP) Add tests
2025-02-25 15:44:08 +01:00
Alexis Métaireau
7baddd0064
fixup! (WIP) Add tests
2025-02-25 15:44:08 +01:00
Alexis Métaireau
0c063b5b27
fixup! (WIP) Add tests
2025-02-25 15:44:08 +01:00
Alexis Métaireau
01f7b37151
fixup! (WIP) Add tests
2025-02-25 15:44:08 +01:00
Alexis Métaireau
9bf663fdb9
fixup! (WIP) Add tests
2025-02-25 15:44:08 +01:00
Alexis Métaireau
cf7a3dbb56
fixup! (WIP) Add tests
2025-02-25 15:44:08 +01:00
Alexis Métaireau
4621902a2b
fixup! (WIP) Add tests
2025-02-25 15:44:08 +01:00
Alexis Métaireau
ec4028b486
fixup! (WIP) Add tests
2025-02-25 15:44:08 +01:00
Alexis Métaireau
43cb02bcca
fixup! (WIP) Add tests
2025-02-25 15:44:08 +01:00
Alexis Métaireau
ab51a71bdf
fixup! (WIP) Add tests
2025-02-25 15:44:08 +01:00
Alexis Métaireau
b5bfbb5d6e
fixup! (WIP) Add tests
2025-02-25 15:44:08 +01:00
Alexis Métaireau
3e861cc0cd
fixup! (WIP) Add tests
2025-02-25 15:44:08 +01:00
