-
Notifications
You must be signed in to change notification settings - Fork 19
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add jenkins attestor #323
add jenkins attestor #323
Conversation
It would be nice to follow conventional commits. This will help to get the change into the changelog too. |
Could you clarify what you mean by conventional commits? |
You can read up on it here in the contribution doc. https://github.com/in-toto/go-witness/blob/main/CONTRIBUTING.md |
c347081
to
97f17be
Compare
97f17be
to
35d6257
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This looks great @joshdabosh! Thanks for submitting this. No comments on the current content of the PR but, it would be good to add some tests. If you could add a jenkins_test.go
for the attestor and add a test case to the slsa_test.go that should be enough.
9575031
to
50fe5c3
Compare
Signed-off-by: JoshDaBosh <jwanggt@gmail.com>
Signed-off-by: JoshDaBosh <jwanggt@gmail.com>
41cff7a
to
0a5f168
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the contribution! 🎉 🦉
What this PR does / why we need it
Add a Jenkins build attestor. We can use it in the SLSA provenance data as well, which currently only supports Github Actions and Gitlab CI.
This will allow us to capture data related to a Jenkins build without having to capture the entire scope of environment variables (in case there is sensitive data in the environment).
Which issue(s) this PR fixes (optional)
Closes #315
Acceptance Criteria Met
Special notes for your reviewer: