Skip to content

Commit

Permalink
chore(verify): Notify the user that their public key may be incorrect
Browse files Browse the repository at this point in the history
  • Loading branch information
@EyeCantCU
EyeCantCU committed Jan 3, 2024
1 parent 67cfa5c commit 7c999d1
Showing 1 changed file with 8 additions and 2 deletions.
10 changes: 8 additions & 2 deletions verify/action.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,11 +32,17 @@ runs:
set -o pipefail
if [[ -n "${{ inputs.cert-identity }}" && -n "${{ inputs.oidc-issuer }}" ]]; then
for CONTAINER in $(echo "${CONTAINERS}" | tr "," "\n"); do
cosign verify $REGISTRY/${CONTAINER} --certificate-identity=${{ inputs.cert-identity }} --certificate-oidc-issuer=${{ inputs.oidc-issuer }} | jq
if ! cosign verify $REGISTRY/${CONTAINER} --certificate-identity=${{ inputs.cert-identity }} --certificate-oidc-issuer=${{ inputs.oidc-issuer }} | jq; then
echo "NOTICE: Verification failed. Please ensure your public key is correct."
exit 1
fi
done
elif [[ -n "${{ inputs.pubkey }}" ]]; then
for CONTAINER in $(echo "${CONTAINERS}" | tr "," "\n"); do
cosign verify --key ${{ inputs.pubkey }} $REGISTRY/${CONTAINER} | jq
if ! cosign verify --key ${{ inputs.pubkey }} $REGISTRY/${CONTAINER} | jq; then
echo "NOTICE: Verification failed. Please ensure your public key is correct."
exit 1
fi
done
else
exit 1
Expand Down

0 comments on commit 7c999d1

Please sign in to comment.