From 4f01299cb1c61baf76fd0ab25f447d0d6028d27c Mon Sep 17 00:00:00 2001 From: Mathieu Benoit Date: Mon, 18 Nov 2024 09:09:50 -0500 Subject: [PATCH 1/2] Update release.yaml - cosign sign Signed-off-by: Mathieu Benoit --- .github/workflows/release.yaml | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 3efc2e2..0d92241 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -3,7 +3,10 @@ on: push: tags: - 0.** -permissions: write-all +permissions: + id-token: write + packages: write + contents: write jobs: release: runs-on: ubuntu-latest @@ -36,6 +39,7 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push docker image + id: build-push-container uses: docker/build-push-action@v6 with: context: . @@ -44,3 +48,8 @@ jobs: tags: | ghcr.io/score-spec/score-k8s:${{ github.ref_name }} ghcr.io/score-spec/score-k8s:latest + - name: Install Cosign + uses: sigstore/cosign-installer@v3 + - name: Sign container image + run: | + cosign sign --yes ghcr.io/score-spec/score-compose@${{ steps.build-push-container.outputs.digest }} From 93b03ef7d47e4dacbf1830dc544926d7a0a405a2 Mon Sep 17 00:00:00 2001 From: Mathieu Benoit Date: Mon, 18 Nov 2024 09:11:00 -0500 Subject: [PATCH 2/2] Update release.yaml Signed-off-by: Mathieu Benoit --- .github/workflows/release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 0d92241..3a8662f 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -52,4 +52,4 @@ jobs: uses: sigstore/cosign-installer@v3 - name: Sign container image run: | - cosign sign --yes ghcr.io/score-spec/score-compose@${{ steps.build-push-container.outputs.digest }} + cosign sign --yes ghcr.io/score-spec/score-k8s@${{ steps.build-push-container.outputs.digest }}