Skip to content

chore(deps): update sigstore package dependencies #130

chore(deps): update sigstore package dependencies

chore(deps): update sigstore package dependencies #130

Workflow file for this run

name: Test
on:
pull_request:
branches: [main]
types: [milestoned, opened, synchronize]
paths-ignore:
- "**.md"
- "**.jpg"
- "**.png"
- "**.gif"
- "**.svg"
- "adr/**"
- "docs/**"
- ".gitignore"
- "renovate.json"
- ".release-please-config.json"
- "release-please-config.json"
- "oscal-component.yaml"
- "CODEOWNERS"
- "LICENSE"
- "CONTRIBUTING.md"
- "SECURITY.md"
# Abort prior jobs in the same workflow / PR
concurrency:
group: test-${{ github.ref }}-${{ inputs.package }}
cancel-in-progress: true
permissions:
contents: read
jobs:
test:
name: ${{ matrix.type }} ${{ matrix.flavor }}
runs-on: ubuntu-latest
timeout-minutes: 25
strategy:
matrix:
flavor: [upstream]
type: [install]
steps:
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0
- name: Install Step CLI
run: |
wget https://github.com/smallstep/cli/releases/download/v0.27.2/step-cli_amd64.deb
sudo dpkg -i step-cli_amd64.deb
- name: Environment setup
uses: defenseunicorns/uds-common/.github/actions/setup@2536a06363d50a160421105b2df86aacf69388c1 # v0.11.1
with:
registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }}
registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }}
ghToken: ${{ secrets.GITHUB_TOKEN }}
# TODO: This is not needed once https://github.com/sigstore/helm-charts/pull/790 is merged
- name: Sigstore Helm Shim
run: |
uds zarf tools helm repo add sigstore https://sigstore.github.io/helm-charts
curl https://raw.githubusercontent.com/sigstore/helm-charts/main/security/pubkey.gpg | gpg --import --batch
gpg --export >~/.gnupg/pubring.gpg
- name: Test
uses: defenseunicorns/uds-common/.github/actions/test@2536a06363d50a160421105b2df86aacf69388c1 # v0.11.1
with:
flavor: ${{ matrix.flavor }}
type: ${{ matrix.type }}
- name: Debug Output
if: ${{ always() }}
uses: defenseunicorns/uds-common/.github/actions/debug-output@2536a06363d50a160421105b2df86aacf69388c1 # v0.11.1
- name: Save logs
if: always()
uses: defenseunicorns/uds-common/.github/actions/save-logs@2536a06363d50a160421105b2df86aacf69388c1 # v0.11.1
with:
suffix: ${{ matrix.type }}-${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }}