cd
/
j7s-ci
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixes to get cosign working.

This commit is contained in:
James Pace 2023-08-08 20:29:23 -04:00
parent 6cdf86ec80
commit b4270ae3ff
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
generic-pipelines/simple-ros-pipeline.yaml
View File

@ -43,7 +43,7 @@ spec:
value: ./docker/Dockerfile value: ./docker/Dockerfile
- name: registry-login-secret-name - name: registry-login-secret-name
value: $(params.registry-login-secret-name) value: $(params.registry-login-secret-name)
- names: cosign-secret-name - name: cosign-secret-name
value: container-signing-secret value: container-signing-secret
taskRef: taskRef:
name: j7s-buildah name: j7s-buildah

2
generic-tasks/j7s-buildah.yaml
View File

@ -29,6 +29,7 @@ spec:
# Login # Login
buildah login --tls-verify=false --username=$USERNAME --password=$PASSWORD $(params.registry) buildah login --tls-verify=false --username=$USERNAME --password=$PASSWORD $(params.registry)
# Setup cosign. # Setup cosign.
mkdir -p ~/.sigstore
cp /etc/cosign-credentials/* ~/.sigstore cp /etc/cosign-credentials/* ~/.sigstore
cat <<EOF > ~/.sigstore/param-file.yaml cat <<EOF > ~/.sigstore/param-file.yaml
privateKeyFile: "$HOME/.sigstore/cosign.key" privateKeyFile: "$HOME/.sigstore/cosign.key"
@ -71,7 +72,6 @@ spec:
volumes: volumes:
- name: varlibcontainers - name: varlibcontainers
emptyDir: {} emptyDir: {}
volumes:
- name: cosign-credentials - name: cosign-credentials
secret: secret:
secretName: $(params.cosign-secret-name) secretName: $(params.cosign-secret-name)