Skip to content

Commit daf8dd7

Browse files
wollomaticwollomatic
committed
Add Cosign for "testing" images
1 parent 907ac09 commit daf8dd7

1 file changed

Lines changed: 11 additions & 0 deletions

File tree

.github/workflows/docker-image-testing.yaml

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,11 @@ jobs:
1818
- name: Run Gosec Security Scanner
1919
uses: securego/gosec@master
2020

21+
- name: Install Cosign
22+
uses: sigstore/cosign-installer@v3.8.1
23+
with:
24+
cosign-release: 'v2.4.3'
25+
2126
- name: Set up Docker Buildx
2227
uses: docker/setup-buildx-action@v3
2328

@@ -36,3 +41,9 @@ jobs:
3641
push: true
3742
build-args: VERSION=testing-${{ github.sha }}
3843
tags: docker.io/wollomatic/socket-proxy:testing,docker.io/wollomatic/socket-proxy:testing-${{ github.sha }}
44+
45+
- name: Sign images for all platforms
46+
run: cosign sign --yes --key env://COSIGN_PRIVATE_KEY docker.io/wollomatic/socket-proxy:${{ steps.get_tag.outputs.VERSION }}@${{ steps.build-and-push.outputs.digest }}
47+
env:
48+
COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}
49+
COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}

0 commit comments

Comments
 (0)