wunker-bunker/wunker-os
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use cosign pri/pub key pairs

Browse Source
This commit is contained in:
Gerald Pinder
2024-03-23 17:05:58 -04:00
parent 2c1dba06f3
commit 9eb0ca25e0
4 changed files with 11 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.gitlab-ci.yml
View File

@@ -33,6 +33,9 @@ build-image:
id_tokens: id_tokens:
SIGSTORE_ID_TOKEN: SIGSTORE_ID_TOKEN:
aud: sigstore aud: sigstore
before_script:
- curl --silent "https://gitlab.com/gitlab-org/incubation-engineering/mobile-devops/download-secure-files/-/raw/main/installer" | bash
- export COSIGN_PRIVATE_KEY=$(cat .securefiles/cosign.key)
script: script:
- sleep 5 - sleep 5
- bluebuild build -v --push ./config/$RECIPE - bluebuild build -v --push ./config/$RECIPE

1
config/recipe-jp-desktop-gaming.yml
View File

@@ -12,3 +12,4 @@ modules:
- from-file: dev-packages.yml - from-file: dev-packages.yml
- type: r2modman - type: r2modman
version: 3.1.47 version: 3.1.47
- type: signing

6
config/recipe-jp-laptop.yml
View File

@@ -9,6 +9,6 @@ modules:
install: install:
- fprintd - fprintd
- fprintd-pam - fprintd-pam
- type: script - type: r2modman
scripts: version: 3.1.47
- setup-openrgb-udev.sh - type: signing

4
cosign.pub Normal file
View File

@@ -0,0 +1,4 @@
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEStKQuMYCH4of+sN/YBYgBn/UWPt+
0QHHJUnl1M4MCARICf5E4QZ4IpmE/Fulg2yCWS9zhcv4FDAJ1EWoYLFedw==
-----END PUBLIC KEY-----