try signing seb server docker image

2022-03-21 15:29:08 +01:00 · 2022-03-21 15:29:08 +01:00 · e35b038085
commit e35b038085
parent 091f7408a7
1 changed files with 14 additions and 1 deletions
--- a/.github/workflows/buildReporting.yml
+++ b/.github/workflows/buildReporting.yml
@ -111,6 +111,9 @@ jobs:
      run: |
        echo $TAG_NAME
        echo ${{ env.TAG_NAME }}
+    - 
+       name: Install Cosign
+       uses: sigstore/cosign-installer@main
    -
      name: Set up QEMU
      uses: docker/setup-qemu-action@v1
@ -140,4 +143,14 @@ jobs:
        file: ./docker/Dockerfile
        push: true
        tags: |
-          anhefti/seb-server:${{ env.TAG_NAME }}
+          anhefti/seb-server:${{ env.TAG_NAME }}
+    -
+      name: Sign image with a key
+      run: |
+        echo ${COSIGN_PRIVATE_KEY} > /tmp/my_cosign.key && \
+        cosign sign --key /tmp/my_cosign.key ${TAGS}
+        env:
+          TAGS: |
+            anhefti/seb-server:${{ env.TAG_NAME }}
+          COSIGN_KEY: ${{secrets.COSIGN_PRIVATE_KEY}}
+          COSIGN_PASSWORD: ${{secrets.COSIGN_PASSWORD}}