Skip to content

add go wasi policies #136

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Sep 17, 2024
Merged

add go wasi policies #136

merged 3 commits into from
Sep 17, 2024

Conversation

@flavio
Copy link
Member

@flavio flavio commented Sep 13, 2024

We just realized some Go-WASI policies are not signed with sigstore. That happens because we never uniformed our Go-WASI policies to use the same set of actions used by the TinyGo ones.

Now that we have go-wasi policies, we must be able to differentiate between policies built using waPC + TinyGo and the ones that are built using the official Go compiler and the WASI policy mode offered by Kubewarden.

The current tinygo policies will keep working as expected, without any change from us.

The Go-WASI policies will have to be changed to use the new reusable workflows defined by this PR.

@flavio
Make explicit policy-build-go is about TinyGo policies
cb3a312 
Now that we have go-wasi policies, we must be able to differentiate
between policies built using waPC + TinyGo and the ones that are built
using the official Go compiler and the WASI policy mode offered by
Kubewarden.

Signed-off-by: Flavio Castelli <[email protected]>
@flavio
chore(deps): Prepare for v3.3.4 tagging
1365ef9 
This is required since the go policies are going to be distinct between
TinyGo and Go-WASI ones.

`sed --in-place 's/3\.3\.3/3\.3\.4/' $(find . -maxdepth 3 -name "*.yml")`

Signed-off-by: Flavio Castelli <[email protected]>
@flavio
Add new Go-WASI actions
15b917b 
This provides a way to build Go-WASI policies that are signed, have
SBOMs,... all the good things we do for the other KW policies.

Signed-off-by: Flavio Castelli <[email protected]>
@flavio flavio requested a review from a team as a code owner September 13, 2024 15:59
@flavio flavio self-assigned this Sep 13, 2024
@flavio
Copy link
Member Author

flavio commented Sep 13, 2024

This is required to work on kubewarden/cel-policy#86

@flavio flavio added the area/ci label Sep 13, 2024
fabriziosestito
fabriziosestito reviewed Sep 16, 2024
View reviewed changes
.github/workflows/reusable-test-policy-go-wasi.yml
steps:
- uses: actions/checkout@v4
with:
# until https://github.com/actions/checkout/pull/579 is released
Copy link
Contributor

@fabriziosestito fabriziosestito Sep 16, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this was merged
but unfortunately, there is this bug actions/checkout#579 (comment)

@flavio flavio merged commit d94509d into kubewarden:main Sep 17, 2024
@flavio flavio deleted the add-go-wasi-policies branch September 17, 2024 06:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@fabriziosestito fabriziosestito fabriziosestito approved these changes

Assignees

@flavio flavio

Labels

area/ci

Projects

Kubewarden
Archived in project

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@flavio @fabriziosestito