Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: blue-build/github-action
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v1.9.1
Choose a base ref
...
head repository: blue-build/github-action
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v1.10.0
Choose a head ref
  • 16 commits
  • 5 files changed
  • 5 contributors

Commits on Sep 7, 2025

  1. chore: Add gmpinder to CODEOWNERS file (#98)

    @gmpinder
    gmpinder authored Sep 7, 2025
    Configuration menu
    Copy the full SHA
    f726733 View commit details
    Browse the repository at this point in the history

Commits on Nov 17, 2025

  1. feat: set container policy to validate Blue-Build cli signature (#105) 

    * feat: set container policy to validate Blue-Build cli signature

* Update action.yml

* Update action.yml

* Update action.yml

* Update action.yml

* Apply suggestion from @gmpinder

Co-authored-by: Gerald Pinder <[email protected]>

---------

Co-authored-by: Gerald Pinder <[email protected]>
    @RoyalOughtness @gmpinder
    RoyalOughtness and gmpinder authored Nov 17, 2025
    Configuration menu
    Copy the full SHA
    c1c1e56 View commit details
    Browse the repository at this point in the history

Commits on Nov 18, 2025

  1. feat: add provenance verification (#107) 

    * feat: add provenance verification

* cleanup

* Update action.yml

Co-authored-by: Gerald Pinder <[email protected]>

* comment

* policy enforcement

* remove sed

---------

Co-authored-by: Gerald Pinder <[email protected]>
    @RoyalOughtness @gmpinder
    RoyalOughtness and gmpinder authored Nov 18, 2025
    Configuration menu
    Copy the full SHA
    5ff2e30 View commit details
    Browse the repository at this point in the history

  2. fix: missing pubkey dir (#109)

    @RoyalOughtness
    RoyalOughtness authored Nov 18, 2025
    Configuration menu
    Copy the full SHA
    9c9c416 View commit details
    Browse the repository at this point in the history

Commits on Nov 22, 2025

  1. feat: add options for build-chunked-oci (#106)

    @HastD
    HastD authored Nov 22, 2025
    Configuration menu
    Copy the full SHA
    07ff155 View commit details
    Browse the repository at this point in the history

Commits on Nov 25, 2025

  1. fix: enable sigstore attachments for container verification (#111) 

    * Configure podman to use sigstore attachments for signature
  verification of images from `ghcr.io/blue-build`.
* Simplify container policy.json edits by adding both policies in a
  single `jq` command and using `+=` instead of `|= . +`.
* Make uses of curl more robust by adding retries and rejecting
  responses with HTTP status codes indicating failure. Also use `-S`
  option to show error output, making it more apparent when a build
  failure is due to transient network issues. Also use `sudo tee`
  instead of running curl as root.
    @HastD
    HastD authored Nov 25, 2025
    Configuration menu
    Copy the full SHA
    d150c94 View commit details
    Browse the repository at this point in the history

  2. fix: set pipefail (#112) 

    This ensures exit codes indicating failure aren't suppressed by pipes
(which could be a problem, for example, with patterns like `curl ... |
sudo tee ...`).
    @HastD
    HastD authored Nov 25, 2025
    Configuration menu
    Copy the full SHA
    90c0826 View commit details
    Browse the repository at this point in the history

  3. fix: missing mkdir (#113)

    @HastD
    HastD authored Nov 25, 2025
    Configuration menu
    Copy the full SHA
    8484206 View commit details
    Browse the repository at this point in the history

  4. fix: shell scripting error (#114) 

    Need to use `cat | sudo tee ...` rather than `sudo cat > ...` to write
to a file as root.
    @HastD
    HastD authored Nov 25, 2025
    Configuration menu
    Copy the full SHA
    82144b7 View commit details
    Browse the repository at this point in the history

  5. fix: typo in input validation step (#115) 

    The wrong input was being passed to `INPUT_RECHUNK`.
    @HastD
    HastD authored Nov 25, 2025
    Configuration menu
    Copy the full SHA
    0235ef4 View commit details
    Browse the repository at this point in the history

Commits on Nov 26, 2025

  1. chore: replace unmaintained free-disk-space action (#117) 

    The `jlumbroso/free-disk-space` action is unmaintained (no commits in
over 2 years). I made a GitHub action at `hastd/free-disk-space` that
serves the same purpose while being up-to-date and significantly faster.
    @HastD
    HastD authored Nov 26, 2025
    Configuration menu
    Copy the full SHA
    172d490 View commit details
    Browse the repository at this point in the history

  2. chore(deps): bump docker/setup-buildx-action from 3.11.0 to 3.11.1 (#85) 

    Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.11.0 to 3.11.1.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](docker/setup-buildx-action@18ce135...e468171)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-version: 3.11.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Gerald Pinder <[email protected]>
    @dependabot @gmpinder
    dependabot[bot] and gmpinder authored Nov 26, 2025
    Configuration menu
    Copy the full SHA
    44643a8 View commit details
    Browse the repository at this point in the history

  3. chore(deps): bump sigstore/cosign-installer from 3.9.1 to 4.0.0 (#101) 

    Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.9.1 to 4.0.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](sigstore/cosign-installer@398d4b0...faadad0)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-version: 4.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Nov 26, 2025
    Configuration menu
    Copy the full SHA
    64929dd View commit details
    Browse the repository at this point in the history

  4. chore(deps): bump actions/checkout from 4.2.2 to 6.0.0 (#110) 

    Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.2 to 6.0.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v4.2.2...1af3b93)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 6.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Nov 26, 2025
    Configuration menu
    Copy the full SHA
    25b6acb View commit details
    Browse the repository at this point in the history

  5. chore(deps): bump googleapis/release-please-action from 4.2.0 to 4.4.0 ( 

    #102)

Bumps [googleapis/release-please-action](https://github.com/googleapis/release-please-action) from 4.2.0 to 4.4.0.
- [Release notes](https://github.com/googleapis/release-please-action/releases)
- [Changelog](https://github.com/googleapis/release-please-action/blob/main/CHANGELOG.md)
- [Commits](googleapis/release-please-action@a02a34c...16a9c90)

---
updated-dependencies:
- dependency-name: googleapis/release-please-action
  dependency-version: 4.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Nov 26, 2025
    Configuration menu
    Copy the full SHA
    d2cb877 View commit details
    Browse the repository at this point in the history

  6. chore(main): release 1.10.0 (#108) 

    Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
    @github-actions
    github-actions[bot] authored Nov 26, 2025
    Configuration menu
    Copy the full SHA
    5d15e0a View commit details
    Browse the repository at this point in the history
Loading