Skip to content

Commit

Permalink
fix: pass env vars to workflow
Browse files Browse the repository at this point in the history
  • Loading branch information
soniqua committed Nov 20, 2024
1 parent 9a49596 commit 0d78937
Showing 1 changed file with 6 additions and 5 deletions.
11 changes: 6 additions & 5 deletions .github/workflows/sigstore.yml
Original file line number Diff line number Diff line change
Expand Up @@ -27,13 +27,14 @@ jobs:
uses: sigstore/cosign-installer@v3.7.0
- name: Check Cosign
run: cosign version
- name: Cosign with OIDC
- name: Get latest tag
run: echo "LATEST_TAG=$(git describe --tags `git rev-list --tags --max-count=1` | tr -d 'v')" >> $GITHUB_ENV
- name: Get digest
run: |
# Get the latest tag
LATEST_TAG=$(git describe --tags `git rev-list --tags --max-count=1` | tr -d 'v')
# Obtain the digest from this tag
DIGEST=$(curl "https://hub.docker.com/v2/repositories/snyk/snyk-universal-broker/tags/${LATEST_TAG}" | jq '.digest' -r)
# Sign the image, using GitHub as an OIDC provider
echo "DIGEST=${DIGEST}" >> $GITHUB_ENV
- name: Cosign with OIDC
run: |
cosign sign --yes snyk/snyk-universal-broker@${DIGEST}
cosign sign --yes snyk/snyk-universal-broker:${LATEST_TAG}
- name: Verify signature
Expand Down

0 comments on commit 0d78937

Please sign in to comment.