Fix typo #17

Workflow file for this run

.github/workflows/build-and-sign-image.yaml at 226d5cf

	---
	name: Build and sign image
	on:
	push:
	tags:
	- v*

	permissions:
	contents: read
	packages: write
	id-token: write

	jobs:
	build_and_sign_image:
	name: Build and sign image
	runs-on: ubuntu-latest

	steps:
	- name: Check out repository code
	uses: actions/checkout@v4

	# - name: Build image
	# shell: bash
	# run: \|
	# cd ${{ github.workspace }}/enclave
	# docker build -t ghcr.io/${{ github.repository }}:${{ github.sha }} .

	- name: Install Cosign
	uses: sigstore/[email protected]

	- name: Check install!
	shell: bash
	run: cosign version

	- name: Log into ghcr.io
	uses: docker/[email protected]
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	# - name: Push image
	# id: push-image
	# shell: bash
	# run: \|
	# docker push ghcr.io/${{ github.repository }}:${{ github.sha }}

	# DIGEST=$(docker inspect ghcr.io/${{ github.repository }}:${{ github.sha }} \| jq -r '.[0].RepoDigests \| .[0]' \| cut -d "@" -f 2)
	# echo "digest=${DIGEST}" >> "${GITHUB_OUTPUT}"

	# - name: Sign image
	# env:
	# DIGEST: ${{ steps.push-image.outputs.digest }}
	# TAGS: ghcr.io/${{ github.repository }}:${{ github.sha }}
	# run: \|
	# images=""
	# for tag in ${TAGS}; do
	# images+="${tag}@${DIGEST} "
	# done
	# cosign sign --yes ${images}


	- name: setup-oras
	uses: oras-project/[email protected]
	with:
	version: 1.1.0

	- name: Sign and upload file
	shell: bash
	run: \|
	echo "Hello World" > test
	oras push --export-manifest manifest.json ghcr.io/${{ github.repository }}:${{ github.sha }} test

	DIGEST=$(sha256sum manifest.json \| cut -d " " -f 1)

	cosign sign --yes ghcr.io/${{ github.repository }}:${{ github.sha }}@sha256:${DIGEST}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix typo #17

Workflow file

Fix typo #17

Jobs

Run details

Workflow file for this run