{"id":26138409,"url":"https://github.com/stacklok/frizbee","last_synced_at":"2026-01-30T11:41:56.025Z","repository":{"id":208224410,"uuid":"721113155","full_name":"stacklok/frizbee","owner":"stacklok","description":"Throw a tag at and it comes back with a checksum.","archived":false,"fork":false,"pushed_at":"2024-06-24T20:55:53.000Z","size":451,"stargazers_count":54,"open_issues_count":5,"forks_count":17,"subscribers_count":13,"default_branch":"main","last_synced_at":"2024-07-06T10:18:09.354Z","etag":null,"topics":["github-actions","kubernetes","security","security-tools","supply-chain"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/stacklok.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-11-20T11:37:40.000Z","updated_at":"2024-07-08T08:52:46.914Z","dependencies_parsed_at":"2023-11-21T05:35:45.668Z","dependency_job_id":"2027ae21-96a2-4618-ae84-ac6baa30a332","html_url":"https://github.com/stacklok/frizbee","commit_stats":null,"previous_names":["stacklok/frisbee","stacklok/boomerang","stacklok/frizbee"],"tags_count":18,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stacklok%2Ffrizbee","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stacklok%2Ffrizbee/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stacklok%2Ffrizbee/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stacklok%2Ffrizbee/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/stacklok","download_url":"https://codeload.github.com/stacklok/frizbee/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":242956542,"owners_count":20212455,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["github-actions","kubernetes","security","security-tools","supply-chain"],"created_at":"2025-03-11T01:58:09.934Z","updated_at":"2026-01-30T11:41:55.982Z","avatar_url":"https://github.com/stacklok.png","language":"Go","funding_links":[],"categories":["kubernetes"],"sub_categories":[],"readme":"![image](https://github.com/stacklok/frizbee/assets/16540482/35034046-d962-475d-b8e2-67b7625f2a60)\n\n---\n[![Coverage Status](https://coveralls.io/repos/github/stacklok/frizbee/badge.svg?branch=main)](https://coveralls.io/github/stacklok/frizbee?branch=main) | [![License: Apache 2.0](https://img.shields.io/badge/License-Apache2.0-brightgreen.svg)](https://opensource.org/licenses/Apache-2.0) | [![](https://dcbadge.vercel.app/api/server/RkzVuTp3WK?logo=discord\u0026label=Discord\u0026color=5865\u0026style=flat)](https://discord.gg/RkzVuTp3WK)\n\n---\n# Frizbee\n\nFrizbee is a tool you may throw a tag at and it comes back with a checksum.\n\nIt's a command-line tool designed to provide checksums for GitHub Actions\nand container images based on tags.\n\nIt also includes a set of libraries for working with tags and checksums.\n\nFrizbee is available as a GitHub Action: [frizbee-action](https://github.com/marketplace/actions/frizbee-action)\n\n## Table of Contents\n\n- [Installation](#installation)\n- [Usage - CLI](#usage---cli)\n  - [GitHub Actions](#github-actions)\n  - [Container Images](#container-images)\n- [Usage - Library](#usage---library)\n  - [GitHub Actions](#github-actions)\n  - [Container Images](#container-images)\n- [Configuration](#configuration)\n- [Contributing](#contributing)\n- [License](#license)\n\n## Installation\n\nTo install Frizbee, you can use the following methods:\n\n```bash\n# Using Go\ngo install github.com/stacklok/frizbee@v0.1.2\n# add the path to your .bashrc\nexport PATH=$PATH:$(go env GOPATH)/bin\n\n\n\n# Using Homebrew\nbrew install frizbee\n\n# Using winget\nwinget install stacklok.frizbee\n```\n\n## Usage - CLI\n\n### GitHub Actions\n\nFrizbee can be used to generate checksums for GitHub Actions. This is useful\nfor verifying that the contents of a GitHub Action have not changed.\n\nTo quickly replace the GitHub Action references for your project, you can use\nthe `actions` command:\n\n```bash\nfrizbee actions path/to/your/repo/.github/workflows/\n```\n\nThis will write all the replacements to the files in the directory provided.\n\nNote that this command will only replace the `uses` field of the GitHub Action\nreferences.\n\nNote that this command supports dry-run mode, which will print the replacements\nto stdout instead of writing them to the files.\n\nIt also supports exiting with a non-zero exit code if any replacements are found. \nThis is handy for CI/CD pipelines.\n\nIf you want to generate the replacement for a single GitHub Action, you can use the\nsame command:\n\n```bash\nfrizbee actions metal-toolbox/container-push/.github/workflows/container-push.yml@main\n```\n\nThis is useful if you're developing and want to quickly test the replacement.\n\n### Container Images\n\nFrizbee can be used to generate checksums for container images. This is useful\nfor verifying that the contents of a container image have not changed. This works\nfor all yaml/yml and Dockerfile fies in the directory provided by the `-d` flag.\n\nTo quickly replace the container image references for your project, you can use\nthe `image` command:\n\n```bash\nfrizbee image path/to/your/yaml/files/\n```\n\nTo get the digest for a single image tag, you can use the same command:\n\n```bash\nfrizbee image ghcr.io/stacklok/minder/server:latest\n```\n\nThis will print the image reference with the digest for the image tag provided.\n\n## Usage - Library\n\nFrizbee can also be used as a library. The library provides a set of functions\nfor working with tags and checksums. Here are a few examples of how you can use\nthe library:\n\n### GitHub Actions\n\n```go\n// Create a new replacer\nr := replacer.NewGitHubActionsReplacer(config.DefaultConfig())\n...\n// Parse a single GitHub Action reference\nret, err := r.ParseString(ctx, ghActionRef)\n...\n// Parse all GitHub Actions workflow yaml files in a given directory\nres, err := r.ParsePath(ctx, dir)\n...\n// Parse and replace all GitHub Actions references in the provided file system\nres, err := r.ParsePathInFS(ctx, bfs, base)\n...\n// Parse a single yaml file referencing GitHub Actions\nres, err := r.ParseFile(ctx, fileHandler)\n...\n// List all GitHub Actions referenced in the given directory\nres, err := r.ListPath(dir)\n...\n// List all GitHub Actions referenced in the provided file system\nres, err := r.ListPathInFS(bfs, base)\n...\n// List all GitHub Actions referenced in the provided file\nres, err := r.ListFile(fileHandler)\n```\n\n### Container images \n\n```go\n// Create a new replacer\nr := replacer.NewContainerImagesReplacer(config.DefaultConfig())\n...\n// Parse a single container image reference\nret, err := r.ParseString(ctx, ghActionRef)\n...\n// Parse all files containing container image references in a given directory\nres, err := r.ParsePath(ctx, dir)\n...\n// Parse and replace all container image references in the provided file system\nres, err := r.ParsePathInFS(ctx, bfs, base)\n...\n// Parse a single yaml file referencing container images\nres, err := r.ParseFile(ctx, fileHandler)\n...\n// List all container images referenced in the given directory\nres, err := r.ListPath(dir)\n...\n// List all container images referenced in the provided file system\nres, err := r.ListPathInFS(bfs, base)\n...\n// List all container images referenced in the provided file\nres, err := r.ListFile(fileHandler)\n```\n\n## Configuration\n\nFrizbee can be configured by setting up a `.frizbee.yml` file. \nYou can configure Frizbee to skip processing certain actions, i.e.\n\n```yml\nghactions:\n  exclude:\n    # Exclude the SLSA GitHub Generator workflow.\n    # See https://github.com/slsa-framework/slsa-github-generator/issues/2993\n    - slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml\n\n```\n\nSimilarly, you can exclude actions that are referenced using a particular branch:\n```yml\nghactions:\n  exclude_branches:\n     - main\n     - master\n```\nBy default, Frizbee will exclude all actions that are referencing `main` or `master`.\n\nYou can also configure Frizbee to skip processing certain container images or certain tags:\n```yml\nimages:\n  exclude_images:\n    - busybox\n  exclude_tags:\n    - devel\n```\nBy default, Frizbee will exclude the image named `scratch` and the tag `latest`.\n\n## Contributing \u0026 Community\n\nFrizbee is maintained by a dedicated community of developers that want this open source project to benefit others and thrive. The main development of Frizbee is done in [Go](https://go.dev/). We welcome contributions of all types! Please see our [Contributing](./CONTRIBUTING.md) guide for more information on how you can help!\n\nIf you have questions, or just want to chat with us - please use the #frizbee channel on our [Discord Server](https://discord.gg/stacklok).\n\n## License\n\nFrizbee is licensed under the [Apache 2.0 License](./LICENSE).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstacklok%2Ffrizbee","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fstacklok%2Ffrizbee","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstacklok%2Ffrizbee/lists"}