Files
Kill_LIFE/.github/workflows/supply_chain.yml
T
Clément SAILLANT 124906d084 feat: Add comprehensive CI/CD workflows and badges for compliance, security, and quality assurance
- Introduced multiple guides for workflows including Evidence Pack Validation, Incident Response, Model Validation, Performance & HIL, Release Signing, SBOM Validation, Secret Scanning, and Supply Chain Attestation.
- Created dynamic badges for each workflow to reflect their status and compliance.
- Implemented a checklist for validating CI/CD workflows and evidence packs.
- Developed scripts for building firmware, testing, collecting evidence, and generating audit reports.
- Added tools for generating community, documentation, quality, and security badges based on various reports.
- Established endpoints for dynamic badges to be integrated into documentation and README files.
- Enhanced the overall structure and traceability of CI/CD processes with evidence packs and automated checks.
2026-02-19 08:58:10 +01:00

28 lines
786 B
YAML

name: Supply Chain Attestation
on:
push:
branches: [main]
pull_request:
branches: [main]
jobs:
supply_chain:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Build & provenance attestation
run: |
# Build (ex: PlatformIO, Docker, etc.)
echo "Build step..."
# Générer attestation provenance SLSA
slsa-generator provenance --output docs/supplychain-attestation.json
- name: Sign artefacts (cosign)
run: |
cosign sign --key ${{ secrets.SIGNING_KEY }} docs/supplychain-attestation.json
- name: Upload attestation
uses: actions/upload-artifact@v3
with:
name: supplychain-attestation
path: docs/supplychain-attestation.json