Skip to content

Commit c61fe93

Browse files
EmmEffEmmEff
committed
fix(ci): cosign fixes
1 parent 4119874 commit c61fe93

File tree

1 file changed

+4
-2
lines changed

1 file changed

+4
-2
lines changed

Diff for: .circleci/config.yml

+4-2
Original file line numberDiff line numberDiff line change
@@ -129,6 +129,9 @@ jobs:
129129
wget -q -O - "https://github.com/sigstore/cosign/releases/download/${COSIGN_VERSION}/cosign_checksums.txt" | grep -w cosign-linux-amd64 | sha256sum -c
130130
install cosign-linux-amd64 /usr/local/bin/cosign
131131
rm cosign-linux-amd64
132+
- run:
133+
name: Get Cosign Key
134+
command: echo $COSIGN_KEY | base64 -d > cosign.key
132135
- run:
133136
name: Attach attestations to image
134137
command: |
@@ -137,7 +140,7 @@ jobs:
137140
do
138141
IMAGE="sylabsio/scs-build:${TAG}-${ARCH}"
139142
syft scan -q -o cyclonedx-json=sbom.cdx.json "${IMAGE}"
140-
AWS_REGION=us-east-1 cosign attest --predicate sbom.cdx.json --type cyclonedx --key "awskms:///${COSIGN_KEY_ID}" "${IMAGE}"
143+
cosign attest --predicate sbom.cdx.json --type cyclonedx --key ./cosign.key "${IMAGE}"
141144
done
142145
143146
workflows:
@@ -170,4 +173,3 @@ workflows:
170173
- dockerhub-release
171174
- github-release
172175
- cosign-release
173-
- scs-production

0 commit comments

Comments
 (0)