mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-10-01 01:36:09 -04:00
use release cosign key only when releasing (#331)
Signed-off-by: Fabian Kammel <fk@edgeless.systems>
This commit is contained in:
parent
085f7b1a2a
commit
21436e6592
6
.github/workflows/generate-measurements.yml
vendored
6
.github/workflows/generate-measurements.yml
vendored
@ -58,9 +58,9 @@ jobs:
|
||||
azureResourceGroup: ${{ steps.az_resource_group_gen.outputs.res_group_name }}
|
||||
coreosImage: ${{ github.event.inputs.coreosImage }}
|
||||
isDebugImage: ${{ github.event.inputs.isDebugImage }}
|
||||
cosignPublicKey: ${{ secrets.COSIGN_PUBLIC_KEY }}
|
||||
cosignPrivateKey: ${{ secrets.COSIGN_PRIVATE_KEY }}
|
||||
cosignPassword: ${{ secrets.COSIGN_PASSWORD }}
|
||||
cosignPublicKey: ${{ startsWith(github.ref, 'refs/heads/release/v') && secrets.COSIGN_PUBLIC_KEY || secrets.COSIGN_DEV_PUBLIC_KEY }}
|
||||
cosignPrivateKey: ${{ startsWith(github.ref, 'refs/heads/release/v') && secrets.COSIGN_PRIVATE_KEY || secrets.COSIGN_DEV_PRIVATE_KEY }}
|
||||
cosignPassword: ${{ startsWith(github.ref, 'refs/heads/release/v') && secrets.COSIGN_PASSWORD || secrets.COSIGN_DEV_PASSWORD }}
|
||||
awsAccessKeyID: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
||||
awsSecretAccessKey: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
||||
awsDefaultRegion: ${{ secrets.AWS_DEFAULT_REGION }}
|
||||
|
24
.github/workflows/release-cli.yml
vendored
24
.github/workflows/release-cli.yml
vendored
@ -22,9 +22,9 @@ jobs:
|
||||
targetOS: linux
|
||||
targetArch: amd64
|
||||
enterpriseCLI: true
|
||||
cosignPublicKey: ${{ secrets.COSIGN_PUBLIC_KEY }}
|
||||
cosignPrivateKey: ${{ secrets.COSIGN_PRIVATE_KEY }}
|
||||
cosignPassword: ${{ secrets.COSIGN_PASSWORD }}
|
||||
cosignPublicKey: ${{ startsWith(github.ref, 'refs/tags/v') && secrets.COSIGN_PUBLIC_KEY || secrets.COSIGN_DEV_PUBLIC_KEY }}
|
||||
cosignPrivateKey: ${{ startsWith(github.ref, 'refs/tags/v') && secrets.COSIGN_PRIVATE_KEY || secrets.COSIGN_DEV_PRIVATE_KEY }}
|
||||
cosignPassword: ${{ startsWith(github.ref, 'refs/tags/v') && secrets.COSIGN_PASSWORD || secrets.COSIGN_DEV_PASSWORD }}
|
||||
|
||||
- name: Build cli-linux-arm64
|
||||
uses: ./.github/actions/build_cli
|
||||
@ -32,9 +32,9 @@ jobs:
|
||||
targetOS: linux
|
||||
targetArch: arm64
|
||||
enterpriseCLI: true
|
||||
cosignPublicKey: ${{ secrets.COSIGN_PUBLIC_KEY }}
|
||||
cosignPrivateKey: ${{ secrets.COSIGN_PRIVATE_KEY }}
|
||||
cosignPassword: ${{ secrets.COSIGN_PASSWORD }}
|
||||
cosignPublicKey: ${{ startsWith(github.ref, 'refs/tags/v') && secrets.COSIGN_PUBLIC_KEY || secrets.COSIGN_DEV_PUBLIC_KEY }}
|
||||
cosignPrivateKey: ${{ startsWith(github.ref, 'refs/tags/v') && secrets.COSIGN_PRIVATE_KEY || secrets.COSIGN_DEV_PRIVATE_KEY }}
|
||||
cosignPassword: ${{ startsWith(github.ref, 'refs/tags/v') && secrets.COSIGN_PASSWORD || secrets.COSIGN_DEV_PASSWORD }}
|
||||
|
||||
- name: Build cli-darwin-amd64
|
||||
uses: ./.github/actions/build_cli
|
||||
@ -42,9 +42,9 @@ jobs:
|
||||
targetOS: darwin
|
||||
targetArch: amd64
|
||||
enterpriseCLI: true
|
||||
cosignPublicKey: ${{ secrets.COSIGN_PUBLIC_KEY }}
|
||||
cosignPrivateKey: ${{ secrets.COSIGN_PRIVATE_KEY }}
|
||||
cosignPassword: ${{ secrets.COSIGN_PASSWORD }}
|
||||
cosignPublicKey: ${{ startsWith(github.ref, 'refs/tags/v') && secrets.COSIGN_PUBLIC_KEY || secrets.COSIGN_DEV_PUBLIC_KEY }}
|
||||
cosignPrivateKey: ${{ startsWith(github.ref, 'refs/tags/v') && secrets.COSIGN_PRIVATE_KEY || secrets.COSIGN_DEV_PRIVATE_KEY }}
|
||||
cosignPassword: ${{ startsWith(github.ref, 'refs/tags/v') && secrets.COSIGN_PASSWORD || secrets.COSIGN_DEV_PASSWORD }}
|
||||
|
||||
- name: Build cli-darwin-arm64
|
||||
uses: ./.github/actions/build_cli
|
||||
@ -52,9 +52,9 @@ jobs:
|
||||
targetOS: darwin
|
||||
targetArch: arm64
|
||||
enterpriseCLI: true
|
||||
cosignPublicKey: ${{ secrets.COSIGN_PUBLIC_KEY }}
|
||||
cosignPrivateKey: ${{ secrets.COSIGN_PRIVATE_KEY }}
|
||||
cosignPassword: ${{ secrets.COSIGN_PASSWORD }}
|
||||
cosignPublicKey: ${{ startsWith(github.ref, 'refs/tags/v') && secrets.COSIGN_PUBLIC_KEY || secrets.COSIGN_DEV_PUBLIC_KEY }}
|
||||
cosignPrivateKey: ${{ startsWith(github.ref, 'refs/tags/v') && secrets.COSIGN_PRIVATE_KEY || secrets.COSIGN_DEV_PRIVATE_KEY }}
|
||||
cosignPassword: ${{ startsWith(github.ref, 'refs/tags/v') && secrets.COSIGN_PASSWORD || secrets.COSIGN_DEV_PASSWORD }}
|
||||
|
||||
- name: Login to Azure
|
||||
uses: ./.github/actions/azure_login
|
||||
|
Loading…
Reference in New Issue
Block a user