From 7b051d418c64b508e74655327e9abb89d0fc4b56 Mon Sep 17 00:00:00 2001 From: Chris Swan <478926+cpswan@users.noreply.github.com> Date: Fri, 4 Oct 2024 14:38:50 +0100 Subject: [PATCH 1/5] fix: Includes for building example --- example/build.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/example/build.sh b/example/build.sh index c06049e..b928489 100755 --- a/example/build.sh +++ b/example/build.sh @@ -1,2 +1,2 @@ #!/bin/bash -gcc -Wall -Wextra -o example -I../src/ ../src/uuid4.c example.c +gcc -Wall -Wextra -o example -I../src/ -I../include/ -I../include/uuid4/ ../src/uuid4.c example.c From 93d9e98cfa5e36c6d46368de47859eb3011a7b17 Mon Sep 17 00:00:00 2001 From: Chris Swan <478926+cpswan@users.noreply.github.com> Date: Fri, 4 Oct 2024 14:39:08 +0100 Subject: [PATCH 2/5] chore: Ignore example binary --- .gitignore | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index c5177f9..d1233c7 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ build/ dist/ -.DS_Store \ No newline at end of file +.DS_Store +example/example \ No newline at end of file From 2f8e995550fb49b5b14cdd24417e209549118759 Mon Sep 17 00:00:00 2001 From: Chris Swan <478926+cpswan@users.noreply.github.com> Date: Fri, 4 Oct 2024 14:56:38 +0100 Subject: [PATCH 3/5] ci: Workflow to create tarball, signature and attestations --- .github/workflows/tarball.yaml | 75 ++++++++++++++++++++++++++++++++++ 1 file changed, 75 insertions(+) create mode 100644 .github/workflows/tarball.yaml diff --git a/.github/workflows/tarball.yaml b/.github/workflows/tarball.yaml new file mode 100644 index 0000000..2c61043 --- /dev/null +++ b/.github/workflows/tarball.yaml @@ -0,0 +1,75 @@ +name: UUID4_tarball + +on: + push: + tags: + - "v*.*.*" + +permissions: # added using https://github.com/step-security/secure-repo + contents: read + +jobs: + source_tarball: + name: Generate source tarball + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - name: Create tarball + run: | + mkdir tarball + tar -cvzf tarball/uuid4-${{ github.ref_name }}.tar.gz example/ \ + include/ src/ CMakeLists.txt idf_component.yml LICENSE README.md + - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 + with: + name: uuid4-src-${{github.ref_name}}-${{github.run_number}}-${{github.run_attempt}} + path: ./tarball/uuid4-${{ github.ref_name }}.tar.gz + + github-release: + name: >- + Upload artifacts and generate checksums for provenance + needs: [source_tarball] + runs-on: ubuntu-latest + outputs: + hashes: ${{ steps.hash.outputs.hashes }} + permissions: + contents: write # IMPORTANT: mandatory for making GitHub Releases + id-token: write # IMPORTANT: mandatory for sigstore + attestations: write + steps: + - name: Download all the tarballs + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 + with: + path: tarballs/ + - name: Move packages for signing + run: | + cd tarballs + mv */*.tar.gz . + rm -Rf -- */ + - name: Generate SHA256 checksums + working-directory: tarballs + run: sha256sum * > checksums.txt + - name: Upload artifacts to GitHub Release + env: + GITHUB_TOKEN: ${{ github.token }} + run: >- + gh release upload '${{ github.ref_name }}' tarballs/** --repo '${{ + github.repository }}' + - id: hash + name: Pass artifact hashes for SLSA provenance + working-directory: tarballs + run: | + echo "hashes=$(cat checksums.txt | base64 -w0)" >> "$GITHUB_OUTPUT" + - uses: actions/attest-build-provenance@1c608d11d69870c2092266b3f9a6f3abbf17002c # v1.4.3 + with: + subject-path: "tarballs/**" + + provenance: + needs: [github-release] + permissions: + actions: read # Needed for detection of GitHub Actions environment. + id-token: write # Needed for provenance signing and ID + contents: write # Needed for release uploads + uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v2.0.0 # 5a775b367a56d5bd118a224a811bba288150a563 + with: + base64-subjects: "${{ needs.github-release.outputs.hashes }}" + upload-assets: true From 2a15d5d2f88c59f4a646a51293b2c9c28caf36fc Mon Sep 17 00:00:00 2001 From: Chris Swan <478926+cpswan@users.noreply.github.com> Date: Fri, 4 Oct 2024 15:04:25 +0100 Subject: [PATCH 4/5] chore: Bump version to 1.0.4 for next release --- CHANGELOG.md | 23 +++++++++++++++++++---- CMakeLists.txt | 2 +- idf_component.yml | 2 +- include/uuid4/uuid4.h | 2 +- 4 files changed, 22 insertions(+), 7 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4352a94..7e520b8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,17 +1,32 @@ -# 1.0.2 +# UUID4 CHANGELOG + +## 1.0.4 + +- Added workflow to build tarball with attestations +- Fixed example build script after relocation of uuid4.h + +## 1.0.3 + +- CMakeLists.txt now has Espressif support to be added as a component in your +ESP-IDF projects. +- Added ESP32 support in uuid.c +- Added idf_component.yml manifest to soon be uploaded to the Espressif +component registry. + +## 1.0.2 - Established this CHANGELOG - LICENSE updated to reflect fork - README linting and note on fork - Copy boilerplate from archetype -# 1.0.1 +## 1.0.1 - Support for OpenBSD and NetBSD - Thread Safety for C11+ Compilers - Refactored uuid4.h to include/uuid/ directory - CMake subdirectory AND installation compatability -# 1.0.0 +## 1.0.0 -- Initial fork from [rxi/uuid4](https://github.com/rxi/uuid4) \ No newline at end of file +- Initial fork from [rxi/uuid4](https://github.com/rxi/uuid4) diff --git a/CMakeLists.txt b/CMakeLists.txt index aee41a0..b20bf53 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -31,7 +31,7 @@ endif() project( uuid4 - VERSION 1.0.3 + VERSION 1.0.4 LANGUAGES C ) diff --git a/idf_component.yml b/idf_component.yml index 381b4dc..b184f35 100644 --- a/idf_component.yml +++ b/idf_component.yml @@ -1,4 +1,4 @@ -version: "1.0.3" +version: "1.0.4" description: "uuidv4 library" url: "https://github.com/atsign-foundation/uuid4" license: "MIT" diff --git a/include/uuid4/uuid4.h b/include/uuid4/uuid4.h index fb3ed2f..e97bda9 100644 --- a/include/uuid4/uuid4.h +++ b/include/uuid4/uuid4.h @@ -8,7 +8,7 @@ #ifndef UUID4_H #define UUID4_H -#define UUID4_VERSION "1.0.0" +#define UUID4_VERSION "1.0.4" #define UUID4_LEN 37 enum { From c6e5e01dff9f3b4e298949e756cda18fb630b366 Mon Sep 17 00:00:00 2001 From: Chris Swan <478926+cpswan@users.noreply.github.com> Date: Fri, 4 Oct 2024 15:05:44 +0100 Subject: [PATCH 5/5] fix: Add CHANGELOG to tarball --- .github/workflows/tarball.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/tarball.yaml b/.github/workflows/tarball.yaml index 2c61043..658a113 100644 --- a/.github/workflows/tarball.yaml +++ b/.github/workflows/tarball.yaml @@ -18,7 +18,8 @@ jobs: run: | mkdir tarball tar -cvzf tarball/uuid4-${{ github.ref_name }}.tar.gz example/ \ - include/ src/ CMakeLists.txt idf_component.yml LICENSE README.md + include/ src/ CHANGELOG.md CMakeLists.txt idf_component.yml \ + LICENSE README.md - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: uuid4-src-${{github.ref_name}}-${{github.run_number}}-${{github.run_attempt}}