Skip to content

Triggering Build

Triggering Build #142

Workflow file for this run

on:
push:
paths:
- '**'
- '!**.md'
- '!doc/**'
- '!**.txt'
- '!images/**'
- '!LICENSE'
- 'test/**'
branches:
- main
- release-*
pull_request:
permissions: read-all
name: Cross
jobs:
build:
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [macos-latest, ubuntu-latest, windows-latest]
include:
- os: macos-latest
COSIGN_TARGET: cosign-darwin-amd64
COSIGN_PASSWORD: COSIGN_PASSWORD
- os: ubuntu-latest
COSIGN_TARGET: cosign-linux-amd64
COSIGN_PASSWORD: COSIGN_PASSWORD
- os: windows-latest
COSIGN_TARGET: cosign-windows-amd64.exe
COSIGN_PASSWORD: COSIGN_PASSWORD
steps:
- name: Install Go
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
with:
go-version: '1.21'
check-latest: true
- name: Checkout code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: build cosign
run: |
make cosign && mv ./cosign ./${{matrix.COSIGN_TARGET}}
- name: Create checksum file
shell: pwsh
run: |
$hash=Get-FileHash -Path ./${{matrix.COSIGN_TARGET}}
Write-Output $($hash.Hash + " " + $(([io.fileinfo]$hash.path).basename)) | Tee-Object -Path ${{matrix.COSIGN_TARGET}}.sha256
- name: sign
shell: bash
env:
COSIGN_PASSWORD: ${{secrets[matrix.COSIGN_PASSWORD]}}
if: github.event_name != 'pull_request'
run: |
./${{matrix.COSIGN_TARGET}} sign-blob --yes --key ./.github/workflows/cosign-test.key ./${{matrix.COSIGN_TARGET}} > ${{matrix.COSIGN_TARGET}}.sig
- name: verify
if: github.event_name != 'pull_request'
run: |
./${{matrix.COSIGN_TARGET}} verify-blob --key ./.github/workflows/cosign-test.pub --signature ${{matrix.COSIGN_TARGET}}.sig ./${{matrix.COSIGN_TARGET}}
- name: Upload artifacts
if: github.event_name != 'pull_request'
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
with:
name: artifacts
path: |
cosign-*
cosign.-*sha256
cosign-*.sig