forked from Dynatrace/dynatrace-operator
-
Notifications
You must be signed in to change notification settings - Fork 1
/
action.yaml
31 lines (31 loc) · 921 Bytes
/
action.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
name: Sign Image
description: Signs the operator docker image
inputs:
image:
description: full image tag that will be signed
required: true
signing-key:
description: private signing key
required: true
signing-password:
description: password for private signing key
required: true
runs:
using: "composite"
steps:
- name: Install Cosign
uses: sigstore/cosign-installer@b3413d484cc23cf8778c3d2aa361568d4eb54679 # v2.5.1
- name: Sign image with a key
shell: bash
run: |
cosign sign --key env://COSIGN_PRIVATE_KEY ${TAGS}
env:
TAGS: ${{ inputs.image }}
COSIGN_PRIVATE_KEY: ${{ inputs.signing-key }}
COSIGN_PASSWORD: ${{ inputs.signing-password }}
- name: Sign the images with GitHub OIDC Token
shell: bash
run: cosign sign ${TAGS}
env:
TAGS: ${{ inputs.image }}
COSIGN_EXPERIMENTAL: "true"