letro/letro-authentication-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Sign images with cosign in CI

Browse Source
This commit is contained in:
Quentin Gliech
2022-02-01 14:32:03 +01:00
parent ccf17d1551
commit 61e30f7222
1 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
.github/workflows/check.yaml vendored
View File

@@ -319,6 +319,9 @@ jobs:
run: |
jq -s '.[0] * .[1]' ${{ steps.meta.outputs.bake-file }} ${{ steps.meta-debug.outputs.bake-file }} > docker-bake.override.json
- name: Setup Cosign
uses: sigstore/cosign-installer@v2.0.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
with:
@@ -351,3 +354,10 @@ jobs:
base.output=type=image,push=true
base.cache-from=type=registry,ref=${{ env.IMAGE }}:buildcache
base.cache-to=type=registry,ref=${{ env.IMAGE }}:buildcache,mode=max
- name: Sign the images with GitHub Actions provided token
if: github.event_name != 'pull_request'
run: cosign sign ${TAGS}
env:
TAGS: "${{ steps.meta.outputs.tags }} ${{ steps.meta-debug.outputs.tags }}"
COSIGN_EXPERIMENTAL: 1