feat(terraform-linters/tflint): GitHub artifact attestations config #34220

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Merged

suzuki-shunsuke merged 2 commits into aquaproj:main from scop:feat/tflint-gh-attestations

Apr 9, 2025

Contributor

scop commented Apr 9, 2025 •

edited

Loading

aquaproj/aqua#3118 (comment)

Check List

Read CONTRIBUTING.md
- Read OSS Contribution Guide
All commits are signed
- This repository enables Require signed commits, so all commits must be signed
Avoid force push
Install and execute the package and confirm if the package works well
Execute cmdx s to scaffold code


          feat(terraform-linters/tflint): GitHub artifact attestations config

ada3fca

szksh-lab-project-manager bot added this to main

Member

suzuki-shunsuke commented Apr 9, 2025

Thank you always!

suzuki-shunsuke reviewed

View reviewed changes

pkgs/terraform-linters/tflint/registry.yaml Outdated

+                        algorithm: sha256
+                        cosign:
+                          opts:
+                            - --certificate-identity-regexp

Member

suzuki-shunsuke Apr 9, 2025

Can we use --certificate-identity?

Member

suzuki-shunsuke Apr 9, 2025

Done. ae5e5d6

Contributor Author

scop Apr 9, 2025

Oh, sure, I was just keeping the PR in scope, i.e. only adding the attestations config.


          fix(terraform-linters/tflint): replace --certificate-identity-regexp …

ae5e5d6

…with --certificate-identity

suzuki-shunsuke added this to the v4.342.1 milestone

suzuki-shunsuke merged commit a54f084 into aquaproj:main

19 checks passed

github-project-automation bot moved this to Done in main

scop deleted the feat/tflint-gh-attestations branch

April 9, 2025 08:38

tmeijn pushed a commit to tmeijn/dotfiles that referenced this pull request


          build(deps): update aquaproj/aqua-registry to v4.346.1

59d8232

This MR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [aquaproj/aqua-registry](https://github.com/aquaproj/aqua-registry) | minor | `v4.333.3` -> `v4.346.1` |

MR created with the help of [el-capitano/tools/renovate-bot](https://gitlab.com/el-capitano/tools/renovate-bot).

**Proposed changes to behavior should be submitted there as MRs.**

---

### Release Notes

<details>
<summary>aquaproj/aqua-registry (aquaproj/aqua-registry)</summary>

### [`v4.346.1`](https://github.com/aquaproj/aqua-registry/releases/tag/v4.346.1)

[Compare Source](aquaproj/aqua-registry@v4.346.0...v4.346.1)

[Issues](https://github.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av4.346.1) | [Merge Requests](https://github.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av4.346.1) | aquaproj/aqua-registry@v4.346.0...v4.346.1

#### Fixes

[#&#8203;34521](aquaproj/aqua-registry#34521) jesseduffield/lazydocker: Re-scaffold [@&#8203;wancup](https://github.com/wancup)
[#&#8203;34484](aquaproj/aqua-registry#34484) kubewarden/kwctl: Re-scaffold [@&#8203;scop](https://github.com/scop)
[#&#8203;34491](aquaproj/aqua-registry#34491) suzuki-shunsuke/tfcmt: Re-scaffold

#### Security

GitHub Artifact Attestations:

[#&#8203;34486](aquaproj/aqua-registry#34486) Zxilly/go-size-analyzer [@&#8203;scop](https://github.com/scop)
[#&#8203;34485](aquaproj/aqua-registry#34485) cli/cli [@&#8203;scop](https://github.com/scop)
[#&#8203;34516](aquaproj/aqua-registry#34516) github/github-mcp-server
[#&#8203;34483](aquaproj/aqua-registry#34483) lima-vm/lima [@&#8203;scop](https://github.com/scop)
[#&#8203;34492](aquaproj/aqua-registry#34492) suzuki-shunsuke/pinact

Cosign:

[#&#8203;34478](aquaproj/aqua-registry#34478) anchore/grype [@&#8203;scop](https://github.com/scop)
[#&#8203;34493](aquaproj/aqua-registry#34493) caarlos0/svu [@&#8203;scop](https://github.com/scop)

### [`v4.346.0`](https://github.com/aquaproj/aqua-registry/releases/tag/v4.346.0)

[Compare Source](aquaproj/aqua-registry@v4.345.0...v4.346.0)

[Issues](https://github.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av4.346.0) | [Merge Requests](https://github.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av4.346.0) | aquaproj/aqua-registry@v4.345.0...v4.346.0

#### 🎉 New Packages

[#&#8203;34379](aquaproj/aqua-registry#34379) [mackee/go-readability](https://github.com/mackee/go-readability): Extract readable content from web pages - Mozilla’s and Mizchi Readability ported to Go [@&#8203;takumin](https://github.com/takumin)
[#&#8203;34373](aquaproj/aqua-registry#34373) [open-policy-agent/gatekeeper](https://github.com/open-policy-agent/gatekeeper): Gatekeeper - Policy Controller for Kubernetes [@&#8203;ponkio-o](https://github.com/ponkio-o)

#### Fixes

[#&#8203;34413](aquaproj/aqua-registry#34413) flux-iac/tofu-controller/tfctl: Cosign Config [@&#8203;scop](https://github.com/scop)

#### Security

[#&#8203;34416](aquaproj/aqua-registry#34416) anchore/syft: Cosign config [@&#8203;scop](https://github.com/scop)
[#&#8203;34414](aquaproj/aqua-registry#34414) caarlos0/svu: GitHub artifact attestations config [@&#8203;scop](https://github.com/scop)

### [`v4.345.0`](https://github.com/aquaproj/aqua-registry/releases/tag/v4.345.0)

[Compare Source](aquaproj/aqua-registry@v4.344.0...v4.345.0)

[Issues](https://github.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av4.345.0) | [Merge Requests](https://github.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av4.345.0) | aquaproj/aqua-registry@v4.344.0...v4.345.0

#### 🎉 New Packages

[#&#8203;34280](aquaproj/aqua-registry#34280) [tailwindlabs/tailwindcss](https://github.com/tailwindlabs/tailwindcss) - A utility-first CSS framework for rapid UI development [@&#8203;Igonato](https://github.com/Igonato)

#### Improvement

[#&#8203;34291](aquaproj/aqua-registry#34291) rootless-containers/rootlesskit: GitHub artifact attestations config [@&#8203;scop](https://github.com/scop)

### [`v4.344.0`](https://github.com/aquaproj/aqua-registry/releases/tag/v4.344.0)

[Compare Source](aquaproj/aqua-registry@v4.343.0...v4.344.0)

[Issues](https://github.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av4.344.0) | [Merge Requests](https://github.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av4.344.0) | aquaproj/aqua-registry@v4.343.0...v4.344.0

#### 🎉 New Packages

[#&#8203;34279](aquaproj/aqua-registry#34279) [kubernetes-sigs/cloud-provider-kind](https://github.com/kubernetes-sigs/cloud-provider-kind) - Cloud provider for KIND clusters [@&#8203;zoetrope](https://github.com/zoetrope)
[#&#8203;34276](aquaproj/aqua-registry#34276) [kubernetes-sigs/gwctl](https://github.com/kubernetes-sigs/gwctl): gwctl is a command-line tool for managing and understanding Gateway API resources in your Kubernetes cluster [@&#8203;ponkio-o](https://github.com/ponkio-o)
[#&#8203;34278](aquaproj/aqua-registry#34278) [uutils/coreutils](https://github.com/uutils/coreutils): Cross-platform Rust rewrite of the GNU coreutils [@&#8203;takumin](https://github.com/takumin)

### [`v4.343.0`](https://github.com/aquaproj/aqua-registry/releases/tag/v4.343.0)

[Compare Source](aquaproj/aqua-registry@v4.342.0...v4.343.0)

[Issues](https://github.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av4.343.0) | [Merge Requests](https://github.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av4.343.0) | aquaproj/aqua-registry@v4.342.0...v4.343.0

#### 🎉 New Packages

[#&#8203;34262](aquaproj/aqua-registry#34262) [ekristen/aws-nuke](https://github.com/ekristen/aws-nuke): Remove all the resources from an AWS account

#### Improvement

Configure GitHub Artifact attestations by [@&#8203;scop](https://github.com/scop)

> \[!WARNING]
> [aqua v2.45.0](https://github.com/aquaproj/aqua/releases/tag/v2.45.0) or later is required.

[#&#8203;34224](aquaproj/aqua-registry#34224) bytecodealliance/wasmtime
[#&#8203;34223](aquaproj/aqua-registry#34223) goreleaser/goreleaser
[#&#8203;34222](aquaproj/aqua-registry#34222) containerd/containerd
[#&#8203;34221](aquaproj/aqua-registry#34221) bomctl/bomctl
[#&#8203;34220](aquaproj/aqua-registry#34220) terraform-linters/tflint

### [`v4.342.0`](https://github.com/aquaproj/aqua-registry/releases/tag/v4.342.0)

[Compare Source](aquaproj/aqua-registry@v4.341.0...v4.342.0)

[Issues](https://github.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av4.342.0) | [Merge Requests](https://github.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av4.342.0) | aquaproj/aqua-registry@v4.341.0...v4.342.0

#### 🎉 New Packages

[#&#8203;34184](aquaproj/aqua-registry#34184) [github/copilot-language-server-release](https://github.com/github/copilot-language-server-release): The Copilot Language Server enables any editor or IDE to integrate with GitHub Copilot via the language server protocol [@&#8203;takumin](https://github.com/takumin)
[#&#8203;34218](aquaproj/aqua-registry#34218) [reteps/dockerfmt](https://github.com/reteps/dockerfmt): Dockerfile format and parser. a modern dockfmt

### [`v4.341.0`](https://github.com/aquaproj/aqua-registry/releases/tag/v4.341.0)

[Compare Source](aquaproj/aqua-registry@v4.340.1...v4.341.0)

[Issues](https://github.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av4.341.0) | [Merge Requests](https://github.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av4.341.0) | aquaproj/aqua-registry@v4.340.0...v4.341.0

#### 🎉 New Packages

[#&#8203;34172](aquaproj/aqua-registry#34172) [github/github-mcp-server](https://github.com/github/github-mcp-server): GitHub's official MCP Server [@&#8203;takumin](https://github.com/takumin)

### [`v4.340.1`](https://github.com/aquaproj/aqua-registry/releases/tag/v4.340.1)

[Compare Source](aquaproj/aqua-registry@v4.340.0...v4.340.1)

[Issues](https://github.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av4.340.1) | [Merge Requests](https://github.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av4.340.1) | aquaproj/aqua-registry@v4.340.0...v4.340.1

#### Fixes

[#&#8203;34169](aquaproj/aqua-registry#34169) Re-scaffold miku/zek
[#&#8203;34167](aquaproj/aqua-registry#34167) Re-scaffold babarot/changed-objects

> \[!WARNING]
> Require aqua v2.45.0 or later

GitHub Artifact Attestations by [@&#8203;scop](https://github.com/scop):

[#&#8203;34161](aquaproj/aqua-registry#34161) ClementTsang/bottom
[#&#8203;34156](aquaproj/aqua-registry#34156) sass/dart-sass
[#&#8203;32939](aquaproj/aqua-registry#32939) quarylabs/sqruff
[#&#8203;32870](aquaproj/aqua-registry#32870) UpCloudLtd/upcloud-cli
[#&#8203;32470](aquaproj/aqua-registry#32470) getzola/zola

### [`v4.340.0`](https://github.com/aquaproj/aqua-registry/releases/tag/v4.340.0)

[Compare Source](aquaproj/aqua-registry@v4.339.0...v4.340.0)

[Issues](https://github.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av4.340.0) | [Merge Requests](https://github.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av4.340.0) | aquaproj/aqua-registry@v4.339.0...v4.340.0

#### 🎉 New Packages

[#&#8203;34126](aquaproj/aqua-registry#34126) [kyverno/chainsaw](https://github.com/kyverno/chainsaw) - Declarative K8s e2e testing [@&#8203;nielsvz](https://github.com/nielsvz)

### [`v4.339.0`](https://github.com/aquaproj/aqua-registry/releases/tag/v4.339.0)

[Compare Source](aquaproj/aqua-registry@v4.338.0...v4.339.0)

[Issues](https://github.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av4.339.0) | [Merge Requests](https://github.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av4.339.0) | aquaproj/aqua-registry@v4.338.0...v4.339.0

#### 🎉 New Packages

[#&#8203;34106](aquaproj/aqua-registry#34106) [santhosh-tekuri/jsonschema](https://github.com/santhosh-tekuri/jsonschema) - JSONSchema (draft 2020-12, draft 2019-09, draft-7, draft-6, draft-4) Validation using Go [@&#8203;takumin](https://github.com/takumin)
[#&#8203;34078](aquaproj/aqua-registry#34078) [suzuki-shunsuke/rgo](https://github.com/suzuki-shunsuke/rgo): rgo is a tiny script to release a Homebrew-tap recipe, Scoop App Manifest, and a winget manifest built with GoReleaser

#### Fixes

[#&#8203;34096](aquaproj/aqua-registry#34096) sigstore/cosign: Configure Cosign [@&#8203;scop](https://github.com/scop)

### [`v4.338.0`](https://github.com/aquaproj/aqua-registry/releases/tag/v4.338.0)

[Compare Source](aquaproj/aqua-registry@v4.337.0...v4.338.0)

[Issues](https://github.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av4.338.0) | [Merge Requests](https://github.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av4.338.0) | aquaproj/aqua-registry@v4.337.0...v4.338.0

#### 🎉 New Packages

[#&#8203;34027](aquaproj/aqua-registry#34027) [nadoo/glider](https://github.com/nadoo/glider) - glider is a forward proxy with multiple protocols support, and also a dns/dhcp server with ipset management features(like dnsmasq) [@&#8203;takumin](https://github.com/takumin)

#### Fixes

[#&#8203;34058](aquaproj/aqua-registry#34058) fastfetch-cli/fastfetch: Fix for fastfetch 2.40.1 or later

### [`v4.337.0`](https://github.com/aquaproj/aqua-registry/releases/tag/v4.337.0)

[Compare Source](aquaproj/aqua-registry@v4.336.1...v4.337.0)

[Issues](https://github.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av4.337.0) | [Merge Requests](https://github.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av4.337.0) | aquaproj/aqua-registry@v4.336.0...v4.337.0

#### 🎉 New Packages

[#&#8203;34020](aquaproj/aqua-registry#34020) [bazelbuild/buildtools/buildozer](https://github.com/bazelbuild/buildtools) - Buildozer is a command line tool to rewrite multiple Bazel BUILD files using standard commands [@&#8203;andreabedini](https://github.com/andreabedini)
[#&#8203;34019](aquaproj/aqua-registry#34019) [bazelbuild/buildtools/buildifier](https://github.com/bazelbuild/buildtools) - Format BUILD, BUILD.bazel and BUCK files in a standard way [@&#8203;andreabedini](https://github.com/andreabedini)
[#&#8203;34022](aquaproj/aqua-registry#34022) [jkfran/killport](https://github.com/jkfran/killport) - A command-line tool to easily kill processes running on a specified port [@&#8203;takumin](https://github.com/takumin)
[#&#8203;34021](aquaproj/aqua-registry#34021) [tweag/nickel](https://github.com/tweag/nickel) - Better configuration for less [@&#8203;andreabedini](https://github.com/andreabedini)

### [`v4.336.1`](https://github.com/aquaproj/aqua-registry/releases/tag/v4.336.1)

[Compare Source](aquaproj/aqua-registry@v4.336.0...v4.336.1)

[Issues](https://github.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av4.336.1) | [Merge Requests](https://github.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av4.336.1) | aquaproj/aqua-registry@v4.336.0...v4.336.1

#### Fixes

[#&#8203;33990](aquaproj/aqua-registry#33990) ninja-build/ninja: Support arm64 on Linux and Windows [@&#8203;KevSlashNull](https://github.com/KevSlashNull)

### [`v4.336.0`](https://github.com/aquaproj/aqua-registry/releases/tag/v4.336.0)

[Compare Source](aquaproj/aqua-registry@v4.335.0...v4.336.0)

[Issues](https://github.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av4.336.0) | [Merge Requests](https://github.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av4.336.0) | aquaproj/aqua-registry@v4.335.0...v4.336.0

#### 🎉 New Packages

[#&#8203;33971](aquaproj/aqua-registry#33971) [neondatabase/neonctl](https://github.com/neondatabase/neonctl): Neon CLI tool. The Neon CLI is a command-line interface that lets you manage Neon Serverless Postgres directly from the terminal [@&#8203;ka2n](https://github.com/ka2n)

#### Fixes

[#&#8203;33933](aquaproj/aqua-registry#33933) rs/curlie: Configure Cosign [@&#8203;scop](https://github.com/scop)

### [`v4.335.0`](https://github.com/aquaproj/aqua-registry/releases/tag/v4.335.0)

[Compare Source](aquaproj/aqua-registry@v4.334.0...v4.335.0)

[Issues](https://github.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av4.335.0) | [Merge Requests](https://github.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av4.335.0) | aquaproj/aqua-registry@v4.334.0...v4.335.0

#### 🎉 New Packages

[#&#8203;33930](aquaproj/aqua-registry#33930) [k1LoW/tbls-driver-tailordb](https://github.com/k1LoW/tbls-driver-tailordb): [tbls](https://github.com/k1LoW/tbls) driver for [TailorDB](https://docs.tailor.tech/guides/tailordb/overview) [@&#8203;toiroakr](https://github.com/toiroakr)

### [`v4.334.0`](https://github.com/aquaproj/aqua-registry/releases/tag/v4.334.0)

[Compare Source](aquaproj/aqua-registry@v4.333.3...v4.334.0)

[Issues](https://github.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av4.334.0) | [Merge Requests](https://github.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av4.334.0) | aquaproj/aqua-registry@v4.333.3...v4.334.0

#### 🎉 New Packages

[#&#8203;33901](aquaproj/aqua-registry#33901) [saucelabs/forwarder](https://github.com/saucelabs/forwarder) - Forwarder is a production-ready, fast MITM proxy with PAC support. It's suitable for debugging, intercepting and manipulating HTTP traffic. It's used as a core component of Sauce Labs Sauce Connect Proxy [@&#8203;takumin](https://github.com/takumin)
[#&#8203;33924](aquaproj/aqua-registry#33924) [suzuki-shunsuke/migrate-urfave-cli-v3](https://github.com/suzuki-shunsuke/migrate-urfave-cli-v3): Migrate github.com/urfave/cli/v2 to v3. This tool doesn't aim to the complete migration. Probably you need to fix code manually after running this tool, but this tool makes the migration easy

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this MR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this MR, check this box

---

This MR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yMjguMCIsInVwZGF0ZWRJblZlciI6IjM5LjI0OC4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJSZW5vdmF0ZSBCb3QiXX0=-->

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet