almet/dangerzone
1
0
Fork 0
mirror of https://github.com/freedomofpress/dangerzone.git synced 2025-04-29 18:22:37 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 11

CI: Cache the cosign keypair

Browse source
This commit is contained in:
Alexis Métaireau 2025-04-25 18:39:45 +02:00
parent 3589a27398
commit b579a4d0c5
No known key found for this signature in database
GPG key ID: C65C7A89A8FFC56E
1 changed files with 12 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
.github/workflows/build-push-image.yml vendored
View file

@ -25,7 +25,8 @@ on:
key_cache: key_cache:
required: false required: false
type: string type: string
default: "v1-keypair-${{ github.ref_name }}" # unique for the branch / PR # cosign keys are unique for the ref
default: "v1-keypair-${{ github.ref_name }}"
secrets: secrets:
registry_token: registry_token:
required: true required: true
@ -282,7 +283,16 @@ jobs:
cosign-release: 'v2.5.0' cosign-release: 'v2.5.0'
- name: Check install - name: Check install
run: cosign version run: cosign version
- name: Generate keypair - name: Cache keypair
id: cache-keypair
uses: actions/cache@v4
with:
path: "${{ inputs.key_name }}.*"
key: ${{ inputs.key_cache }}
enableCrossOsArchive: true
- if: ${{ steps.cache-keypair.outputs.cache-hit != 'true' }}
continue-on-error: true
name: Generate keypair
run: |- run: |-
cosign generate-key-pair --output-key-prefix="${{ inputs.key_name }}" cosign generate-key-pair --output-key-prefix="${{ inputs.key_name }}"
- name: Cache keypair - name: Cache keypair