Skip to content

feat(ci): sign released containers with sigstore#1022

Merged
erain9 merged 2 commits intomainfrom
feat/cosign-container
Dec 20, 2021
Merged

feat(ci): sign released containers with sigstore#1022
erain9 merged 2 commits intomainfrom
feat/cosign-container

Conversation

@erain9
Copy link
Copy Markdown
Contributor

@erain9 erain9 commented Nov 28, 2021

Description

Todos

  • [NA] Unit tests
  • [] Manual tests
  • [] Documentation
  • [NA] Connect epics/issues
  • [NA ] Tag type of change

Steps to Test

A sample test can be found in https://github.com/erain9/container-playground/blob/main/.github/workflows/build-container.yaml

Expected Behaviour

All released container will be signed and can be verified by cosign from sigstore.

Other Notes

NA

@erain9 erain9 force-pushed the feat/cosign-container branch 2 times, most recently from e3aecd0 to 17623c0 Compare November 28, 2021 21:55
@erain9 erain9 added the enhancement New feature or request label Nov 28, 2021
@erain9 erain9 enabled auto-merge (squash) December 9, 2021 17:34
talalashraf
talalashraf suggested changes Dec 14, 2021
View reviewed changes
feat(ci): sign released containers with sigstore
2911f32 
- Context: sigstore is the latest tool from Linux Foundation for
signing containers: https://www.sigstore.dev/
- Use `cosign` cmd from sigstore to perform signature using Github
OIDC. More details:
  + https://github.com/sigstore/cosign/blob/main/KEYLESS.md
  + https://github.com/marketplace/actions/install-cosign
- The signed container can be verified later using `cosign` cmd.
@erain9 erain9 force-pushed the feat/cosign-container branch from e272dc1 to 2911f32 Compare December 20, 2021 20:34
@erain9 erain9 requested a review from talalashraf December 20, 2021 20:47
@erain9 erain9 merged commit 6d816ef into main Dec 20, 2021
@erain9 erain9 deleted the feat/cosign-container branch December 20, 2021 21:19
erain9 pushed a commit to axelarnetwork/tofnd that referenced this pull request Jan 15, 2022
feat: implement release container/binary signing
050a247 
related:
- axelarnetwork/axelar-core#1210
- axelarnetwork/axelar-core#1022
@erain9 erain9 mentioned this pull request Jan 15, 2022
Merged
erain9 added a commit to axelarnetwork/tofnd that referenced this pull request Jan 26, 2022
@erain9
feat: implement release container/binary signing (#269)
018b60e 
related:
- axelarnetwork/axelar-core#1210
- axelarnetwork/axelar-core#1022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@haiyizxx haiyizxx haiyizxx approved these changes

@jcs47 jcs47 jcs47 approved these changes

@cgorenflo cgorenflo Awaiting requested review from cgorenflo

@fish-sammy fish-sammy Awaiting requested review from fish-sammy

@sergeynog sergeynog Awaiting requested review from sergeynog

+1 more reviewer

@talalashraf talalashraf talalashraf approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@erain9 @haiyizxx @jcs47 @talalashraf