lobo/action-hsm-sign
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

rekor public key urls do not seem to work - download manually

Browse Source
This commit is contained in:
Emil Lerch 2023-03-27 22:50:06 -07:00
parent a75af62f34
commit 51fa6f716f
Signed by: lobo
GPG Key ID: A7B62D657EF764F8
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
entrypoint.sh
View File

@ -31,12 +31,12 @@ while IFS= read -r f; do
docker cp "${container}":/home/user/signature "${dest_sig}"
docker rm "${container}"
if [ -n "${INPUT_PUBLIC_KEY}" ]; then
echo "Public key specified at ${INPUT_PUBLIC_KEY}. Uploading to sigstore public transparency log"
rekor upload --artifact "$f" --signature "${dest_sig}" --pki-format x509 --public-key "${INPUT_PUBLIC_KEY}"
ec=$?
if [ $ec -ne 0 ]; then
exit $ec
fi
echo "Public key url specified. Uploading to sigstore public transparency log"
echo "Fetching key from ${INPUT_PUBLIC_KEY}"
curl -sLo /tmp/public_key "${INPUT_PUBLIC_KEY}"
ec=$?; if [ $ec -ne 0 ]; then exit $ec; fi
rekor upload --artifact "$f" --signature "${dest_sig}" --pki-format x509 --public-key /tmp/public_key
ec=$?; if [ $ec -ne 0 ]; then exit $ec; fi
fi
done <<ALLFILES_INPUT
$all_files