Skip to content

Commit

Permalink
ci: signature test
Browse files Browse the repository at this point in the history
  • Loading branch information
@karl-cardenas-coding
karl-cardenas-coding committed Dec 16, 2023
1 parent 5069467 commit 2877133
Show file tree
Hide file tree
Showing 3 changed files with 51 additions and 5 deletions.
41 changes: 36 additions & 5 deletions .github/workflows/nightly-docker-build.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,12 @@
name: Nighly Docker Build

on:
schedule:
- cron: '15 22 * * 1-5' # 22:15 UTC, Monday through Friday
workflow_dispatch:
# schedule:
# - cron: '15 22 * * 1-5' # 22:15 UTC, Monday through Friday
# workflow_dispatch:
push:
branches-ignore:
- "master"

env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Expand Down Expand Up @@ -44,12 +47,40 @@ jobs:
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}



- name: Extract Docker metadata
id: meta
uses: docker/[email protected]
with:
images: ghcr.io/${{ github.repository }}:dev

- name: Build and push
uses: docker/build-push-action@v2
with:
context: .
file: ./Dockerfile-offline
# build-args:
platforms: linux/amd64,linux/arm64
push: true
tags: ghcr.io/${{ github.repository }}:nightly
push: false
# tags: ghcr.io/${{ github.repository }}:nightly
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}


- uses: sigstore/cosign-installer@main

- name: Get signing key
run: echo "${{ secrets.SIGNING_SECRET }}" > cosign.key

- name: Container Signing
run: |
cosign sign --key cosign.key \
-a "repo=${{ github.repository }}" \
-a "workflow=${{ github.workflow }}" \
-a "ref=${{ github.sha }}" \
-a "owner=Spectro Cloud" \
${{ steps.meta.outputs.tags }}
env:
COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}

11 changes: 11 additions & 0 deletions cosign.key
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
-----BEGIN ENCRYPTED SIGSTORE PRIVATE KEY-----
eyJrZGYiOnsibmFtZSI6InNjcnlwdCIsInBhcmFtcyI6eyJOIjo2NTUzNiwiciI6
OCwicCI6MX0sInNhbHQiOiJRNksxaW1abkR3QmZkeFJldENRV2IwOTdsLy9ROHdh
M1BRcFhWZitMR2YwPSJ9LCJjaXBoZXIiOnsibmFtZSI6Im5hY2wvc2VjcmV0Ym94
Iiwibm9uY2UiOiJXcWpTZmxLQWxPT2FudU14eG0wQm9vYnZVWU1nQW8zaiJ9LCJj
aXBoZXJ0ZXh0IjoiRDBoUUM1MDBsdUFqVndOUkhoUkh0d2lPWUtuR08ya1h4MFI3
YllrczkzQTA1YWlDaWFWTTRzUGQ4cGUvdS9uTm5MSmxyL2YzdlkrYzdBdVJ3b2dq
RWg1UTIzUGJ2eUJIaWoxNUc0REVBdWdIUnNWUDdHQmR5UWEvWU10Vmozdm9mSzVr
V2VvSVhWS2p1NEI1MDZ6MVBUYi9NTEhETEYyVFgvODVxSVQyck5YNXRyS2dWS245
Lzk1TzdVUXlGN2pRRmNzTkFpMkpaVkJiVmc9PSJ9
-----END ENCRYPTED SIGSTORE PRIVATE KEY-----
4 changes: 4 additions & 0 deletions cosign.pub
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEtCnsM75A7+LkOXh3K/VQ9rDEq3ce
HIV3za5vbmuv+14JBceGx78eJl2o0LJHN/BZPBRa2q7p1Y4imxmeYWUDvg==
-----END PUBLIC KEY-----

0 comments on commit 2877133

Please sign in to comment.