Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build image using ko and goreleaser, add provenance and release job #32

Merged
merged 1 commit into from
Feb 14, 2023
Merged

build image using ko and goreleaser, add provenance and release job #32

merged 1 commit into from
Feb 14, 2023

Conversation

cpanato
Copy link
Member

@cpanato cpanato commented Feb 13, 2023
edited

Summary

  • build image using ko and goreleaser, add provenance
  • create a job to run the release

Fixes: #4

rehearsal:

$ cosign verify ghcr.io/cpanato/cosign-gatekeeper-provider:v99.99.04

Verification for ghcr.io/cpanato/cosign-gatekeeper-provider:v99.99.04 --
The following checks were performed on each of these signatures:
  - The cosign claims were validated
  - Existence of the claims in the transparency log was verified offline
  - Any certificates were verified against the Fulcio roots.

[{"critical":{"identity":{"docker-reference":"ghcr.io/cpanato/cosign-gatekeeper-provider"},"image":{"docker-manifest-digest":"sha256:13922198d52ee1a663c14f896f0c81f9791a9f3adba1f75e07977e16a7d7dd53"},"type":"cosign container image signature"},"optional":{"1.3.6.1.4.1.57264.1.1":"https://token.actions.githubusercontent.com","1.3.6.1.4.1.57264.1.2":"push","1.3.6.1.4.1.57264.1.3":"61b4c2ea8105a535daa0086fb294b7a790ba1069","1.3.6.1.4.1.57264.1.4":"Cut Release","1.3.6.1.4.1.57264.1.5":"cpanato/cosign-gatekeeper-provider","1.3.6.1.4.1.57264.1.6":"refs/tags/v99.99.04","Bundle":{"SignedEntryTimestamp":"MEYCIQCjWF4RS+1Q1gbbRqM7ZrNRWtGg72tL0hxBtXNngbsAdgIhAOg7i9U5rCQxrKwGE8ok/4hg/3kajbsyxdNRYGzwxg1B","Payload":{"body":"eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiaGFzaGVkcmVrb3JkIiwic3BlYyI6eyJkYXRhIjp7Imhhc2giOnsiYWxnb3JpdGhtIjoic2hhMjU2IiwidmFsdWUiOiIyZmQ0OWFhYWQxOWJhZWIxZGJiNDc0YjdjNGVjMTRjYTJkOTY2ODZjNTkzMWE0NmFkMDE2ZjY4MDkyNjFkM2Y3In19LCJzaWduYXR1cmUiOnsiY29udGVudCI6Ik1FWUNJUUNJT2xETXM4dE1Zc1c4bS90cjhjc3NDZ0pMZ2dGdGptNnI1eStMQmRBUytBSWhBSytFaXkvTVlOMGtMNkpVVm9JWjVFWGNoY0llWThPM09JL0x0Z1B4Y1ZjQiIsInB1YmxpY0tleSI6eyJjb250ZW50IjoiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVUjJla05EUVRCaFowRjNTVUpCWjBsVlVVNTNTMU15UVhWTmRsWkRkVmd4TTBKMFFYVnlOV0k1T1ZaRmQwTm5XVWxMYjFwSmVtb3dSVUYzVFhjS1RucEZWazFDVFVkQk1WVkZRMmhOVFdNeWJHNWpNMUoyWTIxVmRWcEhWakpOVWpSM1NFRlpSRlpSVVVSRmVGWjZZVmRrZW1SSE9YbGFVekZ3WW01U2JBcGpiVEZzV2tkc2FHUkhWWGRJYUdOT1RXcE5kMDFxUlhwTlZHZDNUVVJGZUZkb1kwNU5hazEzVFdwRmVrMVVaM2hOUkVWNFYycEJRVTFHYTNkRmQxbElDa3R2V2tsNmFqQkRRVkZaU1V0dldrbDZhakJFUVZGalJGRm5RVVZTVTNZMVlYVTFlVloyVVhwTFUyY3pWamxqTDJOR0sxcHllbmRWTDJGalRUWkpZV3dLWmtkMGVVY3piV1JYYldkdVZHcHNNRU51VVRCVFJrWllZbmxwU21ZcmIwaHNZMnRtVld4RE0yNXROVlZQWldKWmRHRlBRMEZ0VlhkblowcG9UVUUwUndwQk1WVmtSSGRGUWk5M1VVVkJkMGxJWjBSQlZFSm5UbFpJVTFWRlJFUkJTMEpuWjNKQ1owVkdRbEZqUkVGNlFXUkNaMDVXU0ZFMFJVWm5VVlZVWW5NNUNrWXZhRU5pVmpOd2RHTm1PWGd6ZWtKa2FEVXZWM1JCZDBoM1dVUldVakJxUWtKbmQwWnZRVlV6T1ZCd2VqRlphMFZhWWpWeFRtcHdTMFpYYVhocE5Ga0tXa1E0ZDJSUldVUldVakJTUVZGSUwwSkhjM2RoV1ZwdVlVaFNNR05JVFRaTWVUbHVZVmhTYjJSWFNYVlpNamwwVERKT2QxbFhOV2hrUnpoMldUSTVlZ3BoVjJSMVRGZGthR1JIVm5KYVYxWjNXbGhKZEdOSVNuWmtiV3hyV2xoSmRreHRaSEJrUjJneFdXazVNMkl6U25KYWJYaDJaRE5OZG1OdFZuTmFWMFo2Q2xwVE5UVmlWM2hCWTIxV2JXTjVPVEJaVjJSNlRETlpOVTlUTkRWUFV6UjNUa1JCTlVKbmIzSkNaMFZGUVZsUEwwMUJSVUpDUTNSdlpFaFNkMk42YjNZS1RETlNkbUV5Vm5WTWJVWnFaRWRzZG1KdVRYVmFNbXd3WVVoV2FXUllUbXhqYlU1MlltNVNiR0p1VVhWWk1qbDBUVUpKUjBOcGMwZEJVVkZDWnpjNGR3cEJVVWxGUWtoQ01XTXlaM2RPWjFsTFMzZFpRa0pCUjBSMmVrRkNRWGRSYjA1cVJtbE9SMDE1V2xkRk5FMVVRVEZaVkZWNlRsZFNhRmxVUVhkUFJGcHRDbGxxU1RWT1Iwa3pXVlJqTlUxSFNtaE5WRUV5VDFSQldrSm5iM0pDWjBWRlFWbFBMMDFCUlVWQ1FYUkVaRmhSWjFWdFZuTmFWMFo2V2xSQmQwSm5iM0lLUW1kRlJVRlpUeTlOUVVWR1FrTkthbU5IUm5WWldGSjJUREpPZG1NeWJHNWlhVEZ1V1ZoU2JHRXlWbXhqUjFaNVRGaENlV0l6V25CYVIxWjVUVU5GUndwRGFYTkhRVkZSUW1jM09IZEJVVmxGUlROS2JGcHVUWFprUjBadVkzazVNazlVYTNWUFZHdDFUVVJSZDJkWmMwZERhWE5IUVZGUlFqRnVhME5DUVVsRkNtWlJVamRCU0d0QlpIZEVaRkJVUW5GNGMyTlNUVzFOV2tob2VWcGFlbU5EYjJ0d1pYVk9ORGh5Wml0SWFXNUxRVXg1Ym5WcVowRkJRVmxhVERkNWVVa0tRVUZCUlVGM1FrbE5SVmxEU1ZGRE16SlVTV1VyZG5CbU5WaEJWM0ZZWWxWalpHUTJPR2h5V0dwVmVraHJXVEZ4TWs4NVkzRnVXa3BGZDBsb1FVOUhVZ3BxTTA1clFUTlljRXBDUjNKRlN6ZGFTVGxsVG5OdFkzTjJTRWs0Wm5SWWFYUkNWRzF2YWtKRFRVRnZSME5EY1VkVFRUUTVRa0ZOUkVFeVkwRk5SMUZEQ2sxQmNqbE1ibFpCTjJ4MU9YZ3hiRzlGY1ZjdlRuTTBiWE5HWkd4dlNVa3JaRUpEVlhFd1FXNW9ZbGRaYUhWNGRpdEpObkprVjJ4elduTkZVbWg1UzNvS1VsRkpkMEV5ZG1NNFp5dDBUVmhKZUhWRUt6VXJZemxaYlhOMlJDdHZhMmhsVm5GSGFDdHVTVWh2ZG1keVlXbzRVV2xOYXpFeFUwTmtRMVZVYmpBME1ncGFNVmxrQ2kwdExTMHRSVTVFSUVORlVsUkpSa2xEUVZSRkxTMHRMUzBLIn19fX0=","integratedTime":1676311211,"logIndex":13259001,"logID":"c0d23d6ad406973f9559f3ba2d1ca01f84147d8ffc5b8445c224f98b9591801d"}},"Issuer":"https://token.actions.githubusercontent.com","Subject":"https://github.com/cpanato/cosign-gatekeeper-provider/.github/workflows/release.yml@refs/tags/v99.99.04","githubWorkflowName":"Cut Release","githubWorkflowRef":"refs/tags/v99.99.04","githubWorkflowRepository":"cpanato/cosign-gatekeeper-provider","githubWorkflowSha":"61b4c2ea8105a535daa0086fb294b7a790ba1069","githubWorkflowTrigger":"push"}}]

@cpanato cpanato force-pushed the ko-image branch 2 times, most recently from 306dfe6 to a484bb5 Compare February 13, 2023 18:06
@cpanato cpanato changed the title build image using ko and goreleaser build image using ko and goreleaser, add provenance and release job Feb 13, 2023
@cpanato
build image using ko and goreleaser
a376a82 
Signed-off-by: cpanato <ctadeu@gmail.com>
developer-guy
developer-guy approved these changes Feb 13, 2023
View reviewed changes
Copy link
Member

@developer-guy developer-guy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👌💯✅

@cpanato cpanato merged commit 78e98ff into sigstore:main Feb 14, 2023
This was referenced Feb 14, 2023
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Dentrax Dentrax Dentrax approved these changes

@developer-guy developer-guy developer-guy approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Release job process and image push
3 participants
@cpanato @Dentrax @developer-guy