Skip to content

Commit d15207b

Browse files
juanluisvaladasjuanluisvaladas
authored
Merge pull request #5724 from juanluisvaladas/fix-cosign
Upload cosign transparency log
2 parents c8166db + ff63799 commit d15207b

File tree

2 files changed

+5
-5
lines changed

2 files changed

+5
-5
lines changed

.github/workflows/release.yml

+4-4
Original file line numberDiff line numberDiff line change
@@ -103,7 +103,7 @@ jobs:
103103
run: |
104104
curl $CURL_OPTS --output cosign https://github.com/sigstore/cosign/releases/download/v2.4.2/cosign-linux-amd64
105105
chmod +x ./cosign
106-
COSIGN_KEY="$(printf %s "$COSIGN_KEY" | base64 -d)" ./cosign sign-blob --key env://COSIGN_KEY --tlog-upload=false --output-file=k0s.sig k0s
106+
COSIGN_KEY="$(printf %s "$COSIGN_KEY" | base64 -d)" ./cosign sign-blob --key env://COSIGN_KEY --tlog-upload -y --output-file=k0s.sig k0s
107107
cat k0s.sig
108108
109109
- name: Upload Release Assets - Binary
@@ -195,7 +195,7 @@ jobs:
195195
run: |
196196
curl $CURL_OPTS --output cosign https://github.com/sigstore/cosign/releases/download/v2.4.2/cosign-linux-amd64
197197
chmod +x ./cosign
198-
COSIGN_KEY="$(printf %s "$COSIGN_KEY" | base64 -d)" ./cosign sign-blob --key env://COSIGN_KEY --tlog-upload=false --output-file=k0s.exe.sig k0s.exe
198+
COSIGN_KEY="$(printf %s "$COSIGN_KEY" | base64 -d)" ./cosign sign-blob --key env://COSIGN_KEY --tlog-upload -y --output-file=k0s.exe.sig k0s.exe
199199
cat k0s.exe.sig
200200
201201
- name: Clean Docker
@@ -263,7 +263,7 @@ jobs:
263263
run: |
264264
curl $CURL_OPTS --output cosign https://github.com/sigstore/cosign/releases/download/v2.4.2/cosign-linux-arm64
265265
chmod +x ./cosign
266-
COSIGN_KEY="$(printf %s "$COSIGN_KEY" | base64 -d)" ./cosign sign-blob --key env://COSIGN_KEY --tlog-upload=false --output-file=k0s.sig k0s
266+
COSIGN_KEY="$(printf %s "$COSIGN_KEY" | base64 -d)" ./cosign sign-blob --key env://COSIGN_KEY --tlog-upload -y --output-file=k0s.sig k0s
267267
cat k0s.sig
268268
269269
- name: Set up Go for smoke tests
@@ -350,7 +350,7 @@ jobs:
350350
run: |
351351
curl $CURL_OPTS --output cosign https://github.com/sigstore/cosign/releases/download/v2.4.2/cosign-linux-arm
352352
chmod +x ./cosign
353-
COSIGN_KEY="$(printf %s "$COSIGN_KEY" | base64 -d)" ./cosign sign-blob --key env://COSIGN_KEY --tlog-upload=false --output-file=k0s.sig k0s
353+
COSIGN_KEY="$(printf %s "$COSIGN_KEY" | base64 -d)" ./cosign sign-blob --key env://COSIGN_KEY --tlog-upload -y --output-file=k0s.sig k0s
354354
cat k0s.sig
355355
356356
- name: Set up Go for smoke tests

docs/verifying-signs.md

+1-1
Original file line numberDiff line numberDiff line change
@@ -8,5 +8,5 @@ Binaries can be verified using the `cosign` tool, for example:
88
cosign verify-blob \
99
--key https://github.com/k0sproject/k0s/releases/download/v{{{ extra.k8s_version }}}%2Bk0s.0/cosign.pub \
1010
--signature https://github.com/k0sproject/k0s/releases/download/v{{{ extra.k8s_version }}}%2Bk0s.0/k0s-v{{{ extra.k8s_version }}}+k0s.0-amd64.sig \
11-
--payload k0s-v{{{ extra.k8s_version }}}+k0s.0-amd64
11+
k0s-v{{{ extra.k8s_version }}}+k0s.0-amd64
1212
```

0 commit comments

Comments
 (0)