Update test-notation-action.yml

Signed-off-by: Feynman Zhou <feynmanzhou@microsoft.com>
kubeconchina2023 · Nov 6, 2023 · d0c9e68 · d0c9e68
1 parent 000b1fb
commit d0c9e68
Showing 1 changed file with 5 additions and 12 deletions.
diff --git a/.github/workflows/test-notation-action.yml b/.github/workflows/test-notation-action.yml
@@ -9,6 +9,7 @@ env:
   AKV_NAME: feynmanakv
   KEY_ID: https://feynman-akv.vault.azure.net/keys/feynmanakv-networks-io/6670ffa5cb694c49b1e0a6bb6bdefadc
   NOTATION_EXPERIMENTAL: 1
+
 
 jobs:
   # build and push the release, setup notation, sign the artifact, and 
@@ -48,15 +49,7 @@ jobs:
           allow-no-subscriptions: true
       - name: setup notation
         uses: notaryproject/notation-action/setup@main
-      - name: sign released artifact using key pair from AKV
-        uses: notaryproject/notation-action/sign@main
-        with:
-          plugin_name: azure-kv
-          plugin_url: https://github.com/Azure/notation-azure-kv/releases/download/v1.0.0/notation-azure-kv_1.0.0_linux_amd64.tar.gz
-          plugin_checksum: 82d4fee34dfe5e9303e4340d8d7f651da0a89fa8ae03195558f83bb6fa8dd263
-          key_id: ${{ env.KEY_ID }}
-          target_artifact_reference: ${{ env.target_artifact_reference }}
-          signature_format: cose
-          plugin_config: |-
-            self_signed=true
-          allow_referrers_api: 'true'
+      - name: sign released artifact with self-signed key
+        run: |
+          notation cert generate-test --default "wabbit-networks.io"
+          notation sign --signature-format cose ghcr.io/kubeconchina2023/sign-action-demo:signed