dangerzone

mirror of https://github.com/freedomofpress/dangerzone.git synced 2025-04-28 18:02:38 +02:00

Author	SHA1	Message	Date
Alexis Métaireau	e8c53777c1	CI: Add an option to attach container signatures to the registry The `build-push-image.yml` reusable workflow can generate keypairs and sign the container images with them. This is only used by the CI, to test that a valid signature is actually detected as such.	2025-04-23 16:01:22 +02:00
Alex Pyrgiotis	8d05b5779d	ci: Reproducibly build a container image Some checks are pending Tests / build-deb (debian trixie) (push) Blocked by required conditions Details Tests / build-deb (ubuntu 22.04) (push) Blocked by required conditions Details Tests / build-deb (ubuntu 24.04) (push) Blocked by required conditions Details Tests / build-deb (ubuntu 24.10) (push) Blocked by required conditions Details Tests / build-deb (ubuntu 25.04) (push) Blocked by required conditions Details Tests / install-deb (debian bookworm) (push) Blocked by required conditions Details Tests / install-deb (debian bullseye) (push) Blocked by required conditions Details Tests / install-deb (debian trixie) (push) Blocked by required conditions Details Tests / install-deb (ubuntu 22.04) (push) Blocked by required conditions Details Tests / install-deb (ubuntu 24.04) (push) Blocked by required conditions Details Tests / install-deb (ubuntu 24.10) (push) Blocked by required conditions Details Tests / install-deb (ubuntu 25.04) (push) Blocked by required conditions Details Tests / build-install-rpm (fedora 40) (push) Blocked by required conditions Details Tests / build-install-rpm (fedora 41) (push) Blocked by required conditions Details Tests / build-install-rpm (fedora 42) (push) Blocked by required conditions Details Tests / run tests (debian bookworm) (push) Blocked by required conditions Details Tests / run tests (debian bullseye) (push) Blocked by required conditions Details Tests / run tests (debian trixie) (push) Blocked by required conditions Details Tests / run tests (fedora 40) (push) Blocked by required conditions Details Tests / run tests (fedora 41) (push) Blocked by required conditions Details Tests / run tests (fedora 42) (push) Blocked by required conditions Details Tests / run tests (ubuntu 22.04) (push) Blocked by required conditions Details Tests / run tests (ubuntu 24.04) (push) Blocked by required conditions Details Tests / run tests (ubuntu 24.10) (push) Blocked by required conditions Details Tests / run tests (ubuntu 25.04) (push) Blocked by required conditions Details Release multi-arch container image / build-push-image (push) Waiting to run Details Scan latest app and container / security-scan-container (ubuntu-24.04) (push) Waiting to run Details Scan latest app and container / security-scan-container (ubuntu-24.04-arm) (push) Waiting to run Details Scan latest app and container / security-scan-app (ubuntu-24.04) (push) Waiting to run Details Scan latest app and container / security-scan-app (ubuntu-24.04-arm) (push) Waiting to run Details Create a reusable GitHub Actions workflow that does the following: 1. Create a multi-architecture container image for Dangerzone, instead of having two different tarballs (or no option at all) 2. Build the Dangerzone container image on our supported architectures (linux/amd64 and linux/arm64). It so happens that GitHub also offers ARM machine runners, which speeds up the build. 3. Combine the images from these two architectures into one, multi-arch image. 4. Generate provenance info for each manifest, and the root manifest list. 5. Check the image's reproduciblity. Also, remove an older CI job for checking the reproducibility of the image, which is now obsolete. Fixes #1035	2025-03-20 17:24:42 +02:00

2 commits