From f99f01321a382f15013475cadf7000b019d1813a Mon Sep 17 00:00:00 2001
From: leongross <leon.gross@rub.de>
Date: Mon, 5 Dec 2022 13:14:25 +0100
Subject: [PATCH] add verification service

---
 .../actions/build_micro_service_ko/action.yml |  3 +-
 .../workflows/build-joinservice-image-ko.yml  |  5 +++
 .../build-verification-service-ko.yml         | 42 +++++++++++++++++++
 3 files changed, 49 insertions(+), 1 deletion(-)
 create mode 100644 .github/workflows/build-verification-service-ko.yml

diff --git a/.github/actions/build_micro_service_ko/action.yml b/.github/actions/build_micro_service_ko/action.yml
index 843f4f040..4cbfe171e 100644
--- a/.github/actions/build_micro_service_ko/action.yml
+++ b/.github/actions/build_micro_service_ko/action.yml
@@ -6,7 +6,8 @@ inputs:
     required: true
   koConfig:
     description: "Path to the .ko.yaml config file"
-    required: true
+    default: ".ko.yaml"
+    required: false
   koTarget:
     description: "Go package to build with ko"
     required: true
diff --git a/.github/workflows/build-joinservice-image-ko.yml b/.github/workflows/build-joinservice-image-ko.yml
index 409993fbf..2a8441c96 100644
--- a/.github/workflows/build-joinservice-image-ko.yml
+++ b/.github/workflows/build-joinservice-image-ko.yml
@@ -22,6 +22,11 @@ jobs:
         with:
           ref: ${{ github.head_ref }}
 
+      - name: Setup Go environment
+        uses: actions/setup-go@c4a742cab115ed795e34d4513e2cf7d472deb55f # tag=v3.3.1
+        with:
+          go-version: "1.19.3"
+
       - name: Build and upload join service container image
         id: build-and-upload
         uses: ./.github/actions/build_micro_service_ko
diff --git a/.github/workflows/build-verification-service-ko.yml b/.github/workflows/build-verification-service-ko.yml
new file mode 100644
index 000000000..d3377b6fe
--- /dev/null
+++ b/.github/workflows/build-verification-service-ko.yml
@@ -0,0 +1,42 @@
+name: Build and upload verification-service image (KO)
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - main
+      - "release/**"
+      - "feat/reproducible-builds-ko"
+    #paths:
+    #  - "verify/**"
+    #  - "internal/attestation/**"
+    #  - "internal/constants/**"
+
+jobs:
+  build-verification-service:
+    runs-on: ubuntu-22.04
+    permissions:
+      contents: read
+      packages: write
+    steps:
+      - name: Check out repository
+        id: checkout
+        uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3.1.0
+        with:
+          ref: ${{ github.head_ref }}
+
+      - name: Setup Go environment
+        uses: actions/setup-go@c4a742cab115ed795e34d4513e2cf7d472deb55f # tag=v3.3.1
+        with:
+          go-version: "1.19.3"
+
+      - name: Build and upload verification-service container image (KO)
+        id: build-and-upload
+        uses: ./.github/actions/build_micro_service_ko
+        with:
+          name: verification-service
+          koTarget: ./verify/cmd
+          githubToken: ${{ secrets.GITHUB_TOKEN }}
+          cosignPublicKey: ${{ startsWith(github.ref, 'refs/heads/release/v') && secrets.COSIGN_PUBLIC_KEY || secrets.COSIGN_DEV_PUBLIC_KEY }}
+          cosignPrivateKey: ${{ startsWith(github.ref, 'refs/heads/release/v') && secrets.COSIGN_PRIVATE_KEY || secrets.COSIGN_DEV_PRIVATE_KEY }}
+          cosignPassword: ${{ startsWith(github.ref, 'refs/heads/release/v') && secrets.COSIGN_PASSWORD || secrets.COSIGN_DEV_PASSWORD }}