Skip to content

bump deps

bump deps #52

name: Docker registry v2 tests
# Run on every push, and allow it to be run manually.
on:
workflow_dispatch:
push:
branches: ['main', 'v*']
pull_request:
env:
REGISTRY: localhost:5000
jobs:
docker-registry-v2-tests:
# Skip if running in a fork that might not have secrets configured.
if: ${{ github.repository == 'venafi/sigscan' }}
name: Run tests
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v3.1.0
- uses: actions/setup-go@v3.3.0
with:
go-version: '1.22'
check-latest: true
- name: Install Cosign
uses: sigstore/cosign-installer@main
- name: docker registry v2
run: |
docker run -d -p 5000:5000 --name registry registry:2
docker pull alpine:latest
docker image tag alpine:latest ${{ env.REGISTRY }}/alpine:signed
docker image push ${{ env.REGISTRY }}/alpine:signed
- name: Sign with cosign
run: |
COSIGN_PASSWORD=1234 cosign sign --tlog-upload=false --allow-http-registry --allow-insecure-registry --key test/identities/signer1.key --certificate test/identities/signer1.crt ${{ env.REGISTRY }}/alpine:signed
- name: build sigscan and check
shell: bash
run: |
set -e
make sigscan
./sigscan repo ${{ env.REGISTRY }} --output json --insecure | jq