From e35b03808546a685d6fa7cffb3ea0b5c009e5b08 Mon Sep 17 00:00:00 2001
From: anhefti <andreas.hefti@let.ethz.ch>
Date: Mon, 21 Mar 2022 15:29:08 +0100
Subject: [PATCH] try signing seb server docker image

---
 .github/workflows/buildReporting.yml | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/buildReporting.yml b/.github/workflows/buildReporting.yml
index 87151c1e..6063b0cc 100644
--- a/.github/workflows/buildReporting.yml
+++ b/.github/workflows/buildReporting.yml
@@ -111,6 +111,9 @@ jobs:
       run: |
         echo $TAG_NAME
         echo ${{ env.TAG_NAME }}
+    - 
+       name: Install Cosign
+       uses: sigstore/cosign-installer@main
     -
       name: Set up QEMU
       uses: docker/setup-qemu-action@v1
@@ -140,4 +143,14 @@ jobs:
         file: ./docker/Dockerfile
         push: true
         tags: |
-          anhefti/seb-server:${{ env.TAG_NAME }}
\ No newline at end of file
+          anhefti/seb-server:${{ env.TAG_NAME }}
+    -
+      name: Sign image with a key
+      run: |
+        echo ${COSIGN_PRIVATE_KEY} > /tmp/my_cosign.key && \
+        cosign sign --key /tmp/my_cosign.key ${TAGS}
+        env:
+          TAGS: |
+            anhefti/seb-server:${{ env.TAG_NAME }}
+          COSIGN_KEY: ${{secrets.COSIGN_PRIVATE_KEY}}
+          COSIGN_PASSWORD: ${{secrets.COSIGN_PASSWORD}}
\ No newline at end of file