Skip to content

Commit

Permalink
fix: add required flags to verify, sign tag
Browse files Browse the repository at this point in the history
  • Loading branch information
soniqua committed Nov 20, 2024
1 parent e3fbbb8 commit 8fc72c5
Showing 1 changed file with 9 additions and 2 deletions.
11 changes: 9 additions & 2 deletions .github/workflows/sigstore.yml
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,14 @@ jobs:
DIGEST=$(curl "https://hub.docker.com/v2/repositories/snyk/snyk-universal-broker/tags/${LATEST_TAG}" | jq '.digest' -r)
# Sign the image, using GitHub as an OIDC provider
cosign sign --yes snyk/snyk-universal-broker-helm@${DIGEST}
cosign sign --yes snyk/snyk-universal-broker-helm:${LATEST_TAG}
- name: Verify signature
run: |
cosign verify snyk/snyk-universal-broker-helm@${DIGEST}
cosign verify snyk/snyk-universal-broker-helm@${LATEST_TAG}
cosign verify \
snyk/snyk-universal-broker-helm@${DIGEST} \
--certificate-identity-regexp="https://github.com/snyk/snyk-universal-broker-helm/.*" \
--certificate-oidc-issuer="https://token.actions.githubusercontent.com"
cosign verify \
snyk/snyk-universal-broker-helm:${LATEST_TAG} \
--certificate-identity-regexp="https://github.com/snyk/snyk-universal-broker-helm/.*" \
--certificate-oidc-issuer="https://token.actions.githubusercontent.com"

0 comments on commit 8fc72c5

Please sign in to comment.