Skip to content

Commit da0a281

Browse files
gilescopegilescope
committed
fix: add escape hatch for when signing service is down.
Signed-off-by: Giles Cope <gilescope@gmail.com>
1 parent 0ea8619 commit da0a281

1 file changed

Lines changed: 11 additions & 0 deletions

File tree

.github/workflows/release-image.yml

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -32,6 +32,11 @@ on:
3232
description: "Force release if it already exists?"
3333
required: true
3434
default: false
35+
skip-attestation:
36+
description: "Skip SBOM attestation (use when Sigstore/Rekor is down)"
37+
required: false
38+
type: boolean
39+
default: false
3540

3641
jobs:
3742
prepare-release:
@@ -426,6 +431,7 @@ jobs:
426431
# GHCR only has arch-specific tags with commit tag (season-retag creates multi-arch release tag only)
427432
image: ghcr.io/midnight-ntwrk/midnight-node:${{ needs.prepare-release.outputs.commit_tag }}-${{ matrix.arch }}
428433
sbom-artifact-name: sbom-midnight-node-ghcr-${{ matrix.arch }}-release
434+
skip-attestation: ${{ inputs.skip-attestation || false }}
429435
secrets: inherit
430436

431437
sbom-scan-ghcr-toolkit:
@@ -439,6 +445,7 @@ jobs:
439445
# GHCR only has arch-specific tags with commit tag (season-retag creates multi-arch release tag only)
440446
image: ghcr.io/midnight-ntwrk/midnight-node-toolkit:${{ needs.prepare-release.outputs.commit_tag }}-${{ matrix.arch }}
441447
sbom-artifact-name: sbom-midnight-node-toolkit-ghcr-${{ matrix.arch }}-release
448+
skip-attestation: ${{ inputs.skip-attestation || false }}
442449
secrets: inherit
443450

444451
sbom-scan-dockerhub-node:
@@ -451,6 +458,7 @@ jobs:
451458
with:
452459
image: midnightntwrk/midnight-node:${{ needs.prepare-release.outputs.release_tag }}-${{ matrix.arch }}
453460
sbom-artifact-name: sbom-midnight-node-dockerhub-${{ matrix.arch }}-release
461+
skip-attestation: ${{ inputs.skip-attestation || false }}
454462
secrets: inherit
455463

456464
sbom-scan-dockerhub-toolkit:
@@ -463,6 +471,7 @@ jobs:
463471
with:
464472
image: midnightntwrk/midnight-node-toolkit:${{ needs.prepare-release.outputs.release_tag }}-${{ matrix.arch }}
465473
sbom-artifact-name: sbom-midnight-node-toolkit-dockerhub-${{ matrix.arch }}-release
474+
skip-attestation: ${{ inputs.skip-attestation || false }}
466475
secrets: inherit
467476

468477
sbom-scan-midnightntwrk-node:
@@ -477,6 +486,7 @@ jobs:
477486
sbom-artifact-name: sbom-midnight-node-midnightntwrk-${{ matrix.arch }}-release
478487
platform: linux/${{ matrix.arch }}
479488
multi-arch-image: ghcr.io/midnightntwrk/midnight-node:${{ needs.prepare-release.outputs.release_tag }}
489+
skip-attestation: ${{ inputs.skip-attestation || false }}
480490
secrets: inherit
481491

482492
sbom-scan-midnightntwrk-toolkit:
@@ -491,4 +501,5 @@ jobs:
491501
sbom-artifact-name: sbom-midnight-node-toolkit-midnightntwrk-${{ matrix.arch }}-release
492502
platform: linux/${{ matrix.arch }}
493503
multi-arch-image: ghcr.io/midnightntwrk/midnight-node-toolkit:${{ needs.prepare-release.outputs.release_tag }}
504+
skip-attestation: ${{ inputs.skip-attestation || false }}
494505
secrets: inherit

0 commit comments

Comments
 (0)