From 92e4003f555f04a9460cef78da5f333dcf617bde Mon Sep 17 00:00:00 2001 From: "K.B.Dharun Krishna" Date: Thu, 11 Jul 2024 11:53:13 +0530 Subject: [PATCH] chore: bump Vib version, update docs Signed-off-by: K.B.Dharun Krishna --- .github/workflows/vib-build.yml | 4 ++-- LICENSE => LICENSE.txt | 0 README.md | 8 ++++++++ recipe.yml | 3 ++- 4 files changed, 12 insertions(+), 3 deletions(-) rename LICENSE => LICENSE.txt (100%) diff --git a/.github/workflows/vib-build.yml b/.github/workflows/vib-build.yml index 769356c..3e6947b 100644 --- a/.github/workflows/vib-build.yml +++ b/.github/workflows/vib-build.yml @@ -35,10 +35,10 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: vanilla-os/vib-gh-action@v0.7.2 + - uses: vanilla-os/vib-gh-action@v0.7.4 with: recipe: 'recipe.yml' - plugins: 'Vanilla-OS/vib-fsguard:v1.5.2' + plugins: 'Vanilla-OS/vib-fsguard:v1.5.3' - uses: actions/upload-artifact@v4 with: diff --git a/LICENSE b/LICENSE.txt similarity index 100% rename from LICENSE rename to LICENSE.txt diff --git a/README.md b/README.md index 85298ec..f82d191 100644 --- a/README.md +++ b/README.md @@ -14,3 +14,11 @@ Vanilla OS Desktop experience with GNOME. vib build recipe.yml podman image build -t vanillaos/desktop . ``` + +## Verify Image Build Provenance Attestation + +All the image builds/pushes are attested for build provenance and integrity using the [attest-build-provenance`](https://github.com/actions/attest-build-provenance) action. The attestations can be verified [here](https://github.com/Vanilla-OS/desktop-image/attestations) or by having the latest version of [GitHub CLI](https://github.com/cli/cli/releases/latest) installed in your system. Then, execute the following command: + +```sh +gh attestation verify oci://ghcr.io/vanilla-os/desktop:main --owner Vanilla-OS +``` diff --git a/recipe.yml b/recipe.yml index b6d5f5e..9b558e3 100644 --- a/recipe.yml +++ b/recipe.yml @@ -10,7 +10,8 @@ stages: args: DEBIAN_FRONTEND: noninteractive runs: - - echo 'APT::Install-Recommends "1";' > /etc/apt/apt.conf.d/01norecommends + commands: + - echo 'APT::Install-Recommends "1";' > /etc/apt/apt.conf.d/01norecommends modules: - name: init-setup