Skip to content

Commit

Permalink
Merge pull request #3976 from twz123/base64-decode-cosign-key
Browse files Browse the repository at this point in the history 
Base64-decode cosign key in release workflow
  • Loading branch information
@twz123
twz123 authored Jan 25, 2024
2 parents cdb88c5 + 6709646 commit c2d81b6
Showing 1 changed file with 8 additions and 4 deletions.
12 changes: 8 additions & 4 deletions .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -89,7 +89,8 @@ jobs:
run: |
curl -sSLo cosign https://github.com/sigstore/cosign/releases/download/v2.2.0/cosign-linux-amd64
chmod +x ./cosign
./cosign sign-blob --key env://COSIGN_KEY --tlog-upload=false k0s | tee k0s.sig
COSIGN_KEY="$(printf %s "$COSIGN_KEY" | base64 -d)" ./cosign sign-blob --key env://COSIGN_KEY --tlog-upload=false --output-file=k0s.sig k0s
cat k0s.sig
- name: Upload Release Assets - Binary
uses: shogo82148/[email protected]
Expand Down Expand Up @@ -164,7 +165,8 @@ jobs:
run: |
curl -sSLo cosign https://github.com/sigstore/cosign/releases/download/v2.2.0/cosign-linux-amd64
chmod +x ./cosign
./cosign sign-blob --key env://COSIGN_KEY --tlog-upload=false k0s.exe | tee k0s.exe.sig
COSIGN_KEY="$(printf %s "$COSIGN_KEY" | base64 -d)" ./cosign sign-blob --key env://COSIGN_KEY --tlog-upload=false --output-file=k0s.exe.sig k0s.exe
cat k0s.exe.sig
- name: Clean Docker
run: |
Expand Down Expand Up @@ -231,7 +233,8 @@ jobs:
run: |
curl -sSLo cosign https://github.com/sigstore/cosign/releases/download/v2.2.0/cosign-linux-arm64
chmod +x ./cosign
./cosign sign-blob --key env://COSIGN_KEY --tlog-upload=false k0s | tee k0s.sig
COSIGN_KEY="$(printf %s "$COSIGN_KEY" | base64 -d)" ./cosign sign-blob --key env://COSIGN_KEY --tlog-upload=false --output-file=k0s.sig k0s
cat k0s.sig
- name: Set up Go for smoke tests
uses: actions/setup-go@v3
Expand Down Expand Up @@ -331,7 +334,8 @@ jobs:
run: |
curl -sSLo cosign https://github.com/sigstore/cosign/releases/download/v2.2.0/cosign-linux-arm
chmod +x ./cosign
./cosign sign-blob --key env://COSIGN_KEY --tlog-upload=false k0s | tee k0s.sig
COSIGN_KEY="$(printf %s "$COSIGN_KEY" | base64 -d)" ./cosign sign-blob --key env://COSIGN_KEY --tlog-upload=false --output-file=k0s.sig k0s
cat k0s.sig
- name: Set up Go for smoke tests
uses: actions/setup-go@v3
Expand Down

0 comments on commit c2d81b6

Please sign in to comment.