From ba50ee05c87701f532c63ec6d0fd0d7f3c03d34d Mon Sep 17 00:00:00 2001
From: priyawadhwa <priya@chainguard.dev>
Date: Mon, 28 Mar 2022 19:02:23 -0700
Subject: [PATCH] Use cosign @ HEAD for Github OIDC sign blob test (#1678)

Signed-off-by: Priya Wadhwa <priya@chainguard.dev>
---
 .github/workflows/github-oidc.yaml | 1 +
 test/sign_blob_test.sh             | 8 +++++---
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/github-oidc.yaml b/.github/workflows/github-oidc.yaml
index b0a169e3965..dd37f072d2d 100644
--- a/.github/workflows/github-oidc.yaml
+++ b/.github/workflows/github-oidc.yaml
@@ -53,4 +53,5 @@ jobs:
       - name: Build and sign a blob
         run: |
           set -e
+          make cosign
           make sign-blob-experimental
diff --git a/test/sign_blob_test.sh b/test/sign_blob_test.sh
index c7d97048303..5698bd9157d 100755
--- a/test/sign_blob_test.sh
+++ b/test/sign_blob_test.sh
@@ -22,16 +22,18 @@
 set -ex
 
 export COSIGN_EXPERIMENTAL=1
+COSIGN_CLI=./cosign
 
 echo "Creating a unique blob"
 BLOB=verify-experimental-blob
 date > $BLOB
+cat $BLOB
 
 echo "Sign the blob with cosign first and upload to rekor"
-SIG=$(cosign sign-blob $BLOB)
+SIG=$($COSIGN_CLI sign-blob $BLOB)
 
 echo "Verifying ..."
-cosign verify-blob -signature $SIG $BLOB
+$COSIGN_CLI verify-blob -signature $SIG $BLOB
 
 # Now, sign the blob with a self-signed certificate and upload to rekor
 SIG_FILE=verify-experimental-signature
@@ -76,4 +78,4 @@ curl -X POST https://rekor.sigstore.dev/api/v1/log/entries -H 'Content-Type: app
 
 # Verifying should still work
 echo "Verifying ..."
-cosign verify-blob --signature $SIG $BLOB
+$COSIGN_CLI verify-blob --signature $SIG $BLOB