Commit Graph

27 Commits

Author SHA1 Message Date
Dan Lorenc c85125e539 Update cosign to 1.9.0
Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>
2022-06-21 07:44:50 -05:00
Sampark Sharma c81b7bc3a4 Merge branch 'main' into support-uppercase-repos 2022-05-02 16:19:20 +05:30
Jesse Glick 2885b083c9 Update docker/build-push-action
https://github.com/docker/build-push-action/commit/ac9327eae2b366085ac7f6a2d02df8aa8ead720a to pick up https://github.com/docker/build-push-action/pull/569
2022-04-18 15:39:08 -04:00
dlorenc 970a7b5255 Update the cosign-install action and default version from 1.4.0 to 1.… (#1452)
* Update the cosign-install action and default version from 1.4.0 to 1.5.1.

Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>

* Update to 1.7.1 and the latest cosign-installer action.

Signed-off-by: Dan Lorenc <lorenc.d@gmail.com>

Co-authored-by: Bishal Prasad <bishal-pdmsft@github.com>
2022-04-10 23:36:23 +05:30
Thomas Boop 1d9d6d7fb0 Update Actions to node16 (#1469)
* update actions

* address merge conflicts

* fix java updates

* update github script

* update cache to v3

Co-authored-by: Bishal Prasad <bishal-pdmsft@github.com>
2022-03-28 22:40:48 +05:30
Matt Moore 002e1a441e Support uppercase repository names with cosign.
My previous PR didn't properly handle uppercase usernames (or repository names) when signing container images with `cosign`.

It seems that the `docker buildx --push` doesn't like this either, but it's passed the output of the `docker/metadata-action` which seems to lowercase things.

Fixes: https://github.com/actions/starter-workflows/issues/1293

Signed-off-by: Matt Moore <mattmoor@chainguard.dev>
2022-03-16 11:48:28 -07:00
Matt Moore 00db25fc1e Enable keyless signing for private repos. (#1295)
Now that cosign 1.4 is out, we can perform keyless signing without panicking on private images (and without `--force` uploading to Rekor).

Signed-off-by: Matt Moore <mattmoor@chainguard.dev>
2021-12-13 15:17:02 -05:00
Matt Moore 60d206d090 Have the starter docker-publish action sign digests. (#1255)
* Have the starter `docker-publish` action sign digests.

This change installs `sigstore/cosign` using the `cosign-installer` action,
and uses sigstore's "keyless" signing process to sign the resulting image
digest using the action's identity token (see: `id-token: write`).

Signed-off-by: Matt Moore <mattomata@gmail.com>

* Fully qualify the digest, add setup-buildx-action as workaround

* Drop --force, add public repo check

* Use built-in 'private' bit
2021-12-06 22:35:19 +05:30
CrazyMax 90ba42df70 Simplify Docker publish workflow (#921)
Co-authored-by: CrazyMax <crazy-max@users.noreply.github.com>
Co-authored-by: Josh Gross <joshmgross@github.com>
2021-06-04 14:23:02 -04:00
Sven Pfleiderer 7b6d03675b Revert "Remove pull request condition"
This reverts commit 9d73235e03.
2021-06-02 15:58:44 -07:00
Sven Pfleiderer 9d73235e03 Remove pull request condition 2021-06-02 15:41:23 -07:00
Sven Pfleiderer 9317366c91 Remove docker tags section to simplify configuration 2021-06-02 14:21:03 -07:00
Sven Pfleiderer 749308b283 Merge branch 'packages-container-registry-workflow' of github.com:pfleidi/starter-workflows into packages-container-registry-workflow 2021-05-26 16:24:12 -07:00
Sven Pfleiderer 6fe53a9ebd Remove context configuration since it's already the default 2021-05-26 15:03:41 -07:00
Sven Pfleiderer aa30f1448e Update ci/docker-publish.yml
Co-authored-by: Bryan Clark <clarkbw@github.com>
2021-05-26 14:07:29 -07:00
Sven Pfleiderer 41a66c656e Use git shas rather than version tags 2021-05-26 13:46:54 -07:00
Sven Pfleiderer b574e6db50 Add notice about third party actions 2021-05-26 10:55:50 -07:00
Sven Pfleiderer 282b038713 Update push docker container to support container registry
Also simplify the existing workflow by replacing shell code with actions
2021-05-26 10:41:53 -07:00
eric sciple 6a69f367db Update starter workflows to specify permissions 2021-04-21 16:32:53 -05:00
Kayla Ngan f75012de65 Revert "Update Publish Docker template to publish to GitHub Container Registry" 2020-11-04 16:32:58 -05:00
Kayla Ngan 01816c2943 Add in account path part 2020-08-31 16:40:03 -04:00
Kayla Ngan b54b703ab1 Update docker-publish.yml 2020-08-31 16:21:54 -04:00
Christopher Schleiden abf7f258d1 Use $default-branch token 2020-07-13 12:12:41 -07:00
Ankit Popli 72408e6c62 fix: use the IMAGE_NAME variable
current behavior:
changing the IMAGE_NAME variable breaks the build

expected behavior:
changing the IMAGE_NAME should not break the build
2020-05-10 13:47:21 +05:30
sineverba 8dc9fb3b3a Fix image name as env var 2020-04-20 08:54:47 +02:00
Jiale Liu efb9b58902 Bug fix : repository name must be lowercase
https://github.com/Licsber/opencv-docker/runs/514244582?check_suite_focus=true
 Push image: 
Error parsing reference: "docker.pkg.github.com/Licsber/opencv-docker/opencv:latest" is not a valid repository/tag: invalid reference format: repository name must be lowercase
My username contains uppercase characters, this make push failed.
So fix the bug by change all uppercase in IMAGE_ID to lowercase.
2020-03-18 12:08:46 +08:00
Konrad Pabjan 2ecb907f13 More updates to starter workflows 2020-02-20 10:01:16 -05:00