mirror of
https://github.com/smallstep/cli.git
synced 2025-04-19 10:42:15 +03:00
[action] goreleaser cosign new key pair
This commit is contained in:
max furman
parent
1dfebb048e
commit
979221d780
5
.github/workflows/release.yml
vendored
5
.github/workflows/release.yml
vendored
@ -109,6 +109,10 @@ jobs:
|
||||
uses: sigstore/cosign-installer@main
|
||||
with:
|
||||
cosign-release: 'v1.1.0'
|
||||
-
|
||||
name: Write cosign key to disk
|
||||
id: write_key
|
||||
run: echo ${{ secrets.COSIGN_KEY }} > "./cosign.key"
|
||||
-
|
||||
name: Run GoReleaser
|
||||
uses: goreleaser/goreleaser-action@5a54d7e660bda43b405e8463261b3d25631ffe86 # v2.7.0
|
||||
@ -118,7 +122,6 @@ jobs:
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.PAT }}
|
||||
COSIGN_PWD: ${{ secrets.COSIGN_PWD }}
|
||||
COSIGN_KEY: ${{ secrets.COSIGN_KEY }}
|
||||
|
||||
release_deb:
|
||||
name: Build & Release Debian package
|
||||
|
||||
@ -74,7 +74,7 @@ checksum:
|
||||
signs:
|
||||
- cmd: cosign
|
||||
stdin: '{{ .Env.COSIGN_PWD }}'
|
||||
args: ["sign-blob", "-key=<(echo '{{ .Env.COSIGN_KEY }}')", "-output=${signature}", "${artifact}"]
|
||||
args: ["sign-blob", "-key=cosign.key", "-output=${signature}", "${artifact}"]
|
||||
artifacts: all
|
||||
snapshot:
|
||||
name_template: "{{ .Tag }}-next"
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
-----BEGIN PUBLIC KEY-----
|
||||
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEIPEjPgrDZ7P/XY8GhDJ8ODM/EQjW
|
||||
djYEh3zk0ooMjS8ufiRHKcf330r+LyfxPJneQnd6QhXMMVQ79ZjQY83j5w==
|
||||
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEB/6PlQ62DpSB/aaGeMVJMuz73QA2
|
||||
XDfsoH9BqpKwTHhmHnLA9YKizF3iC+6nfRx+ifOviS7st47tYQyaQMpl5w==
|
||||
-----END PUBLIC KEY-----
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user