Skip to content

fix: sign docker manifest #25

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
raffis merged 1 commit into from
May 12, 2023
Merged

fix: sign docker manifest #25

raffis merged 1 commit into from
May 12, 2023

Conversation

@raffis
Copy link
Member

@raffis raffis commented May 12, 2023

Current situation

Currently only the docker images are signed but not the manifest. Meaning: cosign verify --certificate-identity-regexp=https://github.com/DoodleScheduling/k8sprom-patch-controller/.github/workflows/release.yaml@refs/tags/v0.2.1 --certificate-oidc-issuer=https://token.actions.githubusercontent.com ghcr.io/doodlescheduling/k8sprom-patch-controller:v0.2.1-amd64
works while cosign verify --certificate-identity-regexp=https://github.com/DoodleScheduling/k8sprom-patch-controller/.github/workflows/release.yaml@refs/tags/v0.2.1 --certificate-oidc-issuer=https://token.actions.githubusercontent.com ghcr.io/doodlescheduling/k8sprom-patch-controller:v0.2.1
does not.

Proposal

Sign both manifest and images.

@raffis raffis requested a review from a team as a code owner May 12, 2023 11:42
@github-actions
Copy link

github-actions bot commented May 12, 2023

Pull Request Test Coverage Report for Build 4958433193

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • 3 unchanged lines in 1 file lost coverage.
  • Overall coverage decreased (-0.4%) to 73.342%
Files with Coverage Reduction New Missed Lines %
controllers/postgresqldatabase_controller.go 3 67.19%
Totals Coverage Status
Change from base Build 4925530837: -0.4%
Covered Lines: 553
Relevant Lines: 754
💛 - Coveralls

@raffis raffis merged commit b14ab54 into master May 12, 2023
@raffis raffis deleted the fix-cosign branch May 12, 2023 12:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@petardoodle petardoodle petardoodle approved these changes

Assignees

No one assigned

Labels

size/XS

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@raffis @petardoodle