From 7d901e80ce84493a92ce5a2009d9b02e7409d9ba Mon Sep 17 00:00:00 2001 From: Emil Lerch Date: Mon, 27 Mar 2023 22:25:01 -0700 Subject: [PATCH] pass url directly rather than downloading through curl --- entrypoint.sh | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index 5dc5b3d..166babb 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -1,9 +1,5 @@ #!/bin/sh -if [ -n "${INPUT_PUBLIC_KEY}" ]; then - curl -sLO "${INPUT_PUBLIC_KEY}" public_key -fi - dir="$(dirname "${INPUT_FILES}")" glob="$(basename "${INPUT_FILES}")" if [ "${glob}" = "**" ]; then @@ -36,7 +32,7 @@ while IFS= read -r f; do docker rm "${container}" if [ -n "${INPUT_PUBLIC_KEY}" ]; then echo "Public key specified. Uploading to sigstore public transparency log" - rekor upload --artifact "$f" --signature "${dest_sig}" --pki-format x509 --public-key public_key + rekor upload --artifact "$f" --signature "${dest_sig}" --pki-format x509 --public-key "${INPUT_PUBLIC_KEY}" ec=$? if [ $ec -ne 0 ]; then exit $ec