Skip to content

Commit

Permalink
refac(back): fluidattacks#1351 adapt cosign
Browse files Browse the repository at this point in the history 
- Adapt cosign command
to avoid storing sensitive data
in disk

Signed-off-by: Daniel Salazar <podany270895@gmail.com>
  • Loading branch information
@dsalaza4
dsalaza4 committed Jul 27, 2024
1 parent 33a9564 commit b127878
Showing 1 changed file with 9 additions and 12 deletions.
21 changes: 9 additions & 12 deletions src/args/deploy-container/entrypoint.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,7 @@ function deploy {
local credentials_user="${4}"
local tag="${5}"

: \
&& info Syncing container image: "${tag}" \
: && info Syncing container image: "${tag}" \
&& command=(
skopeo
--insecure-policy
Expand Down Expand Up @@ -39,13 +38,14 @@ function sign {
local tag="${5}"

if [ "${sign}" = "1" ]; then
: \
&& info "Signing container image: ${tag}" \
&& cosign login "${registry}" -u "${credentials_user}" -p "${credentials_token}" \
&& cosign sign -y "${tag}"
: && info "Signing container image: ${tag}" \
&& cosign sign \
--yes=true \
--registry-username="${credentials_user}" \
--registry-password="${credentials_token}" \
"${tag}"
else
: \
&& info "Skipping signing container ${tag}"
: && info "Skipping signing container ${tag}"
fi
}

Expand All @@ -58,10 +58,7 @@ function main {
local sign="__argSign__"
local tag="__argTag__"

export COSIGN_EXPERIMENTAL="1"

: \
&& deploy \
: && deploy \
"${attempts}" \
"${container_image}" \
"${credentials_token}" \
Expand Down

0 comments on commit b127878

Please sign in to comment.