Skip to content

Commit

Permalink
Merge pull request #4 from stacklok/cosign
Browse files Browse the repository at this point in the history 
Update cosign
  • Loading branch information
@rdimitrov
rdimitrov authored Mar 20, 2024
2 parents 760abad + abaa22f commit 269fb5c
Show file tree
Hide file tree
Showing 4 changed files with 8 additions and 12 deletions.
5 changes: 2 additions & 3 deletions .github/workflows/build-image-signed-cosign-malicious.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,9 +24,7 @@ jobs:
echo "// Maliciously altered on $$(date)" >> ./src/main.rs
- name: Install Cosign
uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 #v3.1.1
with:
cosign-release: 'v2.1.1'
uses: sigstore/[email protected]

- name: Setup Docker buildx
uses: docker/setup-buildx-action@79abd3f86f79a9d68a23c75a09a9a85889262adf
Expand Down Expand Up @@ -60,5 +58,6 @@ jobs:
env:
DIGEST: ${{ steps.build-and-push.outputs.digest }}
run: |
cosign version
echo "ghcr.io/${{ github.repository }}:daily" | xargs -I {} cosign sign --yes {}@${DIGEST}
echo "ghcr.io/${{ github.repository }}:latest" | xargs -I {} cosign sign --yes {}@${DIGEST}
5 changes: 2 additions & 3 deletions .github/workflows/build-image-signed-cosign-static-copied.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,9 +20,7 @@ jobs:
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744

- name: Install Cosign
uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 #v3.1.1
with:
cosign-release: 'v2.1.1'
uses: sigstore/[email protected]

- name: Setup Docker buildx
uses: docker/setup-buildx-action@79abd3f86f79a9d68a23c75a09a9a85889262adf
Expand Down Expand Up @@ -54,4 +52,5 @@ jobs:
env:
DIGEST: ${{ steps.build-and-push.outputs.digest }}
run: |
cosign version
echo "ghcr.io/${{ github.repository }}:static" | xargs -I {} cosign sign --yes {}@${DIGEST}
5 changes: 2 additions & 3 deletions .github/workflows/build-image-signed-cosign-static.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,9 +20,7 @@ jobs:
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744

- name: Install Cosign
uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 #v3.1.1
with:
cosign-release: 'v2.1.1'
uses: sigstore/[email protected]

- name: Setup Docker buildx
uses: docker/setup-buildx-action@79abd3f86f79a9d68a23c75a09a9a85889262adf
Expand Down Expand Up @@ -54,4 +52,5 @@ jobs:
env:
DIGEST: ${{ steps.build-and-push.outputs.digest }}
run: |
cosign version
echo "ghcr.io/${{ github.repository }}:static" | xargs -I {} cosign sign --yes {}@${DIGEST}
5 changes: 2 additions & 3 deletions .github/workflows/build-image-signed-cosign.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,9 +20,7 @@ jobs:
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744

- name: Install Cosign
uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 #v3.1.1
with:
cosign-release: 'v2.1.1'
uses: sigstore/[email protected]

- name: Setup Docker buildx
uses: docker/setup-buildx-action@79abd3f86f79a9d68a23c75a09a9a85889262adf
Expand Down Expand Up @@ -56,5 +54,6 @@ jobs:
env:
DIGEST: ${{ steps.build-and-push.outputs.digest }}
run: |
cosign version
echo "ghcr.io/${{ github.repository }}:daily" | xargs -I {} cosign sign --yes {}@${DIGEST}
echo "ghcr.io/${{ github.repository }}:latest" | xargs -I {} cosign sign --yes {}@${DIGEST}

0 comments on commit 269fb5c

Please sign in to comment.