Add verify step

2023-07-23 22:45:18 -04:00
parent 727d1b8b18
commit ee70b7c8ef
1 changed files with 1 additions and 0 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -69,3 +69,4 @@ build:
      done
    - IMAGE_DIGEST=$(skopeo inspect --format='{{.Digest}}' docker://$FULL_IMAGE_NAME:$TAGS)
    - cosign sign $FULL_IMAGE_NAME@$IMAGE_DIGEST
+    - cosign verify $FULL_IMAGE_NAME:$TAGS --certificate-identity "$CI_PROJECT_URL/.gitlab-ci.yml@refs/heads/$CI_DEFAULT_BRANCH" --certificate-oidc-issuer "$CI_SERVER_PROTOCOL://$CI_SERVER_HOST"