diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 0f9f7511..29011578 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -27,3 +27,14 @@ updates: actions: patterns: - "*" + + - package-ecosystem: gomod + directory: "/.github" + schedule: + interval: daily + open-pull-requests-limit: 1 + rebase-strategy: "disabled" + groups: + actions: + patterns: + - "*" \ No newline at end of file diff --git a/.github/go.mod b/.github/go.mod new file mode 100644 index 00000000..56f2af9d --- /dev/null +++ b/.github/go.mod @@ -0,0 +1,11 @@ +module sigstore/sigstore-python + +go 1.23 + +require ( + // We don't have a Go module here but this file is picked up by dependabot + // and this will automatically update the dependency when needed. + + github.com/sigstore/timestamp-authority v1.2.3 + +) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 142214a5..de62ba21 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -61,7 +61,8 @@ jobs: - name: test (timestamp-authority) if: ${{ matrix.conf.os == 'ubuntu-latest' }} run: | - wget https://github.com/sigstore/timestamp-authority/releases/download/${SIGSTORE_TIMESTAMP}/timestamp-server-linux-amd64 -O /tmp/timestamp-server + SIGSTORE_TIMESTAMP_VERSION=$(grep "github.com/sigstore/timestamp-authority" .github/go.mod | awk '{print $2}') + wget https://github.com/sigstore/timestamp-authority/releases/download/${SIGSTORE_TIMESTAMP_VERSION}/timestamp-server-linux-amd64 -O /tmp/timestamp-server chmod +x /tmp/timestamp-server # Run the TSA in background /tmp/timestamp-server serve --port 3000 --disable-ntp-monitoring & @@ -70,8 +71,6 @@ jobs: # having pytest show skipped tests and verifying ours are running make test TEST_ARGS="-m timestamp_authority -rs" | tee output ! grep -q "skipping test that requires a Timestamp Authority" output || (echo "ERROR: Found skip message" && exit 1) - env: - SIGSTORE_TIMESTAMP: "v1.2.3" - name: test (interactive) if: (github.event_name != 'pull_request') || !github.event.pull_request.head.repo.fork