Skip to content

Commit

Permalink
chore: release signature of sbom (#10969)
Browse files Browse the repository at this point in the history 
Signed-off-by: Justin Marquis <34fathombelow@protonmail.com>

Signed-off-by: Justin Marquis <34fathombelow@protonmail.com>
  • Loading branch information
@34fathombelow @crenshaw-dev
34fathombelow authored and crenshaw-dev committed Oct 18, 2022
1 parent 351cab4 commit 664224f
Showing 1 changed file with 9 additions and 0 deletions.
9 changes: 9 additions & 0 deletions .github/workflows/release.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -286,6 +286,14 @@ jobs:
cd /tmp && tar -zcf sbom.tar.gz *.spdx
if: ${{ env.DRY_RUN != 'true' }}

- name: Sign sbom
run: |
cosign sign-blob --key env://COSIGN_PRIVATE_KEY /tmp/sbom.tar.gz > /tmp/sbom.tar.gz.sig
env:
COSIGN_PRIVATE_KEY: ${{secrets.COSIGN_PRIVATE_KEY}}
COSIGN_PASSWORD: ${{secrets.COSIGN_PASSWORD}}
if: ${{ env.DRY_RUN != 'true' }}

- name: Create GitHub release
uses: softprops/action-gh-release@v1
env:
Expand All @@ -300,6 +308,7 @@ jobs:
files: |
dist/argocd-*
/tmp/sbom.tar.gz
/tmp/sbom.tar.gz.sig
if: ${{ env.DRY_RUN != 'true' }}

- name: Update homebrew formula
Expand Down

0 comments on commit 664224f

Please sign in to comment.