Add: cosign-tlog-upload = false to container-build-push-3rd-gen (#703)

* Add: input value cosign-tlog-upload in container-build-push-generic * Change: update README.md for cosign-tlog-upload in container-build-push-generic * Add: cosign-tlog-upload = false to container-build-push-3rd-gen * Change: update README
greenbone · Jul 10, 2023 · a300d35 · a300d35
1 parent 249e0f7
commit a300d35
Show file tree

Hide file tree

Showing 3 changed files with 26 additions and 19 deletions.
diff --git a/container-build-push-3rd-gen/action.yaml b/container-build-push-3rd-gen/action.yaml
@@ -54,6 +54,8 @@ runs:
       build-args: ${{ inputs.build-args }}
       cosign-key: ${{ inputs.cosign-key }}
       cosign-key-password: ${{ inputs.cosign-key-password }}
+      # The tlog function does not currently support an ed25519 key.
+      cosign-tlog-upload: "false"
       image-url: ${{ inputs.image-url }}
       image-labels: ${{ inputs.image-labels }}
       image-tags: |

diff --git a/container-build-push-generic/README.md b/container-build-push-generic/README.md
@@ -36,17 +36,18 @@ jobs:
 
 ## Inputs
 
-| Name                | Description                                         |          |
-|---------------------|-----------------------------------------------------|----------|
-| build-context       | Path to image build context. Default "."            | Optional |
-| build-docker-file   | Path to the docker file. Default "./Dockerfile"     | Optional |
-| build-args          | Use these build-args for the docker build process.  | Optional |
-| cosign-key          | cosign key to sign the image.                       | Optional |
-| cosign-key-password | cosign key password.                                | Optional |
-| image-labels        | Image labels.                                       | Required |
-| image-url           | Image url/name without registry.                    | Required |
-| image-platforms     | Image platforms to build for. Default "linux/amd64" | Optional |
-| image-tags          | Image tags.                                         | Required |
-| registry            | Registry url.                                       | Required |
-| registry-username   | Login registry username.                            | Required |
-| registry-password   | Login registry password.                            | Required |
+| Name                | Description                                                                                     |          |
+|---------------------|-------------------------------------------------------------------------------------------------|----------|
+| build-context       | Path to image build context. Default "."                                                        | Optional |
+| build-docker-file   | Path to the docker file. Default "./Dockerfile"                                                 | Optional |
+| build-args          | Use these build-args for the docker build process.                                              | Optional |
+| cosign-key          | cosign key to sign the image.                                                                   | Optional |
+| cosign-key-password | cosign key password.                                                                            | Optional |
+| cosign-tlog-upload  | Turn on or turn off the cosign tlog upload function. Possible options: true/false Default: true | Optional |
+| image-labels        | Image labels.                                                                                   | Required |
+| image-url           | Image url/name without registry.                                                                | Required |
+| image-platforms     | Image platforms to build for. Default "linux/amd64"                                             | Optional |
+| image-tags          | Image tags.                                                                                     | Required |
+| registry            | Registry url.                                                                                   | Required |
+| registry-username   | Login registry username.                                                                        | Required |
+| registry-password   | Login registry password.                                                                        | Required |
diff --git a/container-build-push-generic/action.yaml b/container-build-push-generic/action.yaml
@@ -3,11 +3,11 @@ description: Generic container build and push action.
 
 inputs:
   build-context: 
-    description: "Path to image build context."
+    description: "Path to image build context. Default: ."
     type: string
     default: .
   build-docker-file:
-    description: "Path to the docker file."
+    description: "Path to the docker file. Default: ./Dockerfile"
     type: string
     default: ./Dockerfile
   build-args:
@@ -22,6 +22,9 @@ inputs:
     description: "cosign key password."
     type: string
     default: ''
+  cosign-tlog-upload:
+    description: "Turn on or turn off the cosign tlog upload function. Possible options: true/false Default: true"
+    default: "true"
   image-labels:
     description: "Image labels."
     type: string
@@ -35,7 +38,7 @@ inputs:
     type: string
     required: true
   image-platforms: 
-    description: "Image platforms to build for."
+    description: "Image platforms to build for. Default: linux/amd64"
     type: string
     default: linux/amd64
   registry: 
@@ -96,7 +99,8 @@ runs:
       if: ${{ github.event_name != 'pull_request' }}
       uses: greenbone/actions/container-signing@v2
       with:
-        image-tags: ${{ steps.meta.outputs.tags }}
-        image-digest: ${{ steps.build-and-push.outputs.digest }}
         cosign-key: ${{ inputs.cosign-key }}
         cosign-key-password: ${{ inputs.cosign-key-password }}
+        cosign-tlog-upload: ${{ inputs.cosign-tlog-upload }}
+        image-tags: ${{ steps.meta.outputs.tags }}
+        image-digest: ${{ steps.build-and-push.outputs.digest }}