Reorganize levels: 1) SLSA attestation 2) CI/CD build fixes: drop non-working dependency proxy (!10) · Merge requests · Code Challenge / KubeCon EU 2023 Code Challenge

During tests, we learned that the dependency proxy will require specific group permissions for users, which cannot be applied. A failing pipeline which obscure errors isn't a good result for level 1.

@abuango and I decided to split the new level 2 from !7 (merged) into

Level 1: SLSA attestation. The build job generates the Golang binary artifacts, and can be enabled to see and download the metadata json for SLSA. The pipeline still fails - which brings us to
Level 2: Fix the CI/CD build by fixing the tests, and updating the wrong year. Once done, all jobs run through and the ASCII art is rendered.

This brings a great learning curve, and keeps the levels in the correct order - editing the CI/CD config is easier than editing source code and inspecting different CI/CD jobs for their output.

Reorganize levels: 1) SLSA attestation 2) CI/CD build fixes: drop non-working dependency proxy

Merge request reports