drone yaml add cosign login
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
14
.drone.yml
14
.drone.yml
@@ -63,17 +63,25 @@ steps:
|
|||||||
from_secret: COSIGN_KEY
|
from_secret: COSIGN_KEY
|
||||||
COSIGN_PASSWORD:
|
COSIGN_PASSWORD:
|
||||||
from_secret: COSIGN_PASSWORD
|
from_secret: COSIGN_PASSWORD
|
||||||
IMAGE_DIGEST:
|
REGISTRY_URL:
|
||||||
from_secret: IMAGE_DIGEST # Optional – oder aus export-env
|
from_secret: REGISTRY_URL
|
||||||
|
DOCKER_USER:
|
||||||
|
from_secret: DOCKER_USER
|
||||||
|
DOCKER_PASS:
|
||||||
|
from_secret: DOCKER_PASS
|
||||||
commands:
|
commands:
|
||||||
- echo "=== 🔏 Installing Cosign v3.0.2 ==="
|
- echo "=== 🔏 Installing Cosign v3.0.2 ==="
|
||||||
- . build.env
|
- . build.env
|
||||||
- apk add --no-cache curl ca-certificates
|
- apk add --no-cache curl ca-certificates
|
||||||
- curl -sSL -o /usr/local/bin/cosign https://github.com/sigstore/cosign/releases/download/v3.0.2/cosign-linux-amd64
|
- curl -sSL -o /usr/local/bin/cosign https://github.com/sigstore/cosign/releases/download/v3.0.2/cosign-linux-amd64
|
||||||
- chmod +x /usr/local/bin/cosign
|
- chmod +x /usr/local/bin/cosign
|
||||||
|
- cosign version
|
||||||
|
|
||||||
|
- echo "=== 🔐 Logging in to registry for signing ==="
|
||||||
|
- cosign version
|
||||||
|
- echo "$DOCKER_PASS" | cosign login --username "$DOCKER_USER" --password-stdin "$REGISTRY_URL"
|
||||||
|
|
||||||
- echo "=== 🔏 Signing Image ==="
|
- echo "=== 🔏 Signing Image ==="
|
||||||
- cosign version
|
|
||||||
- cosign sign --yes --key env://COSIGN_KEY "$IMAGE_DIGEST"
|
- cosign sign --yes --key env://COSIGN_KEY "$IMAGE_DIGEST"
|
||||||
- echo "✅ Image signed successfully."
|
- echo "✅ Image signed successfully."
|
||||||
depends_on:
|
depends_on:
|
||||||
|
|||||||
Reference in New Issue
Block a user