...

Text file src/github.com/sigstore/cosign/v2/.github/workflows/e2e-with-binary.yml

Documentation: github.com/sigstore/cosign/v2/.github/workflows 

     1#
     2# Copyright 2021 The Sigstore Authors.
     3#
     4# Licensed under the Apache License, Version 2.0 (the "License");
     5# you may not use this file except in compliance with the License.
     6# You may obtain a copy of the License at
     7#
     8#     http://www.apache.org/licenses/LICENSE-2.0
     9#
    10# Unless required by applicable law or agreed to in writing, software
    11# distributed under the License is distributed on an "AS IS" BASIS,
    12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13# See the License for the specific language governing permissions and
    14# limitations under the License.
    15
    16name: e2e-with-binary
    17# Run on every push, and allow it to be run manually.
    18on:
    19  push:
    20    paths:
    21      - '**'
    22      - '!**.md'
    23      - '!doc/**'
    24      - '!**.txt'
    25      - '!images/**'
    26      - '!LICENSE'
    27      - 'test/**'
    28    branches: [ 'main' ]
    29  workflow_dispatch:
    30
    31jobs:
    32  e2e-tests-with-binary:
    33    # Skip if running in a fork that might not have secrets configured.
    34    if: ${{ github.repository == 'sigstore/cosign' }}
    35    name: Run tests
    36    runs-on: ${{ matrix.os }}
    37    strategy:
    38      matrix:
    39        os: [macos-latest, ubuntu-latest, windows-latest]
    40
    41    permissions:
    42      id-token: write
    43      contents: read
    44    env:
    45      COSIGN_YES: "true"
    46
    47    steps:
    48      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
    49      - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
    50        with:
    51          go-version: '1.21'
    52          check-latest: true
    53      - name: build cosign and check sign-blob and verify-blob
    54        shell: bash
    55        run: |
    56          set -e
    57          make cosign
    58          ./cosign sign-blob --output-certificate certificate.pem --output-signature README.md.sig README.md
    59
    60          if [ -s certificate.pem ]
    61          then
    62            echo "all good for key.pem"
    63          else
    64            echo "file does not exist, or is empty"
    65            exit 1
    66          fi
    67
    68          if [ -s README.md.sig ]
    69          then
    70            exit 0
    71          else
    72            echo "file does not exist, or is empty"
    73            exit 1
    74          fi
    75
    76          # Verify with sign-blob
    77          ./cosign verify-blob README.md --certificate certificate.pem --signature README.md.sig

View as plain text