Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

update readme #44

Merged
merged 1 commit into from Dec 29, 2021
Merged

update readme #44

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
7 changes: 4 additions & 3 deletions README.md
View file
Open in desktop
Expand Up @@ -96,7 +96,7 @@ jobs:
repository-projects: none
security-events: none
statuses: none
id-token: write # needed for signing the images with GitHub OIDC **not production ready**
id-token: write # needed for signing the images with GitHub OIDC Token **not production ready**

name: Install Cosign and test presence in path
steps:
Expand Down Expand Up @@ -135,8 +135,8 @@ jobs:
COSIGN_KEY: ${{secrets.COSIGN_KEY}}
COSIGN_PASSWORD: ${{secrets.COSIGN_PASSWORD}}

- name: Sign the images with GitHub OIDC **not production ready**
run: cosign sign --oidc-issuer https://token.actions.githubusercontent.com ${TAGS}
- name: Sign the images with GitHub OIDC Token **not production ready**
run: cosign sign ${TAGS}
env:
TAGS: ${{ steps.docker_meta.outputs.tags }}
COSIGN_EXPERIMENTAL: 1
Expand All @@ -148,6 +148,7 @@ The following optional inputs:
| Input | Description |
| --- | --- |
| `cosign-release` | `cosign` version to use instead of the default. |
| `install-dir` | directory to place the `cosign` binary into instead of the default (`$HOME/.cosign`). |

## Security

Expand Down