Consider to make SLSA releases

9elements / firmware-action

Build system for firmware images for several open source firmware solutions

MIT License

10 stars 0 forks source link

Consider to make SLSA releases #307

Open AtomicFS opened 3 months ago

AtomicFS commented 3 months ago

Look into slsa-framework/slsa-github-generator

MDr164 commented 3 months ago

I already have a full SLSA based release pipeline I built some time ago if you want to look into this. As far as I know GitHub also plans integrating this more closely into GitHub Releases by default at some point.

AtomicFS commented 3 months ago

Yeah, I would love to take a look.

GitHub plans a lot of things, question is when. I have seen plenty of issues and suggestions talked about for years and never actually getting in.

Great example are issues / pull requests mentioned in #145. They are functional pull requests, everyone agrees they are good and needed features and yet that have not been merged for over a year now. So I do not have high hopes for SLSA to become integrated anytime soon.

MDr164 commented 3 months ago

Fair, this is the workflow I have written previously and been using in a few repositories already: https://github.com/MDr164/CI-Testing/blob/master/.github/workflows/release.yml