volker.raschek/dcmerge-goreleaser
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 16 Wiki Activity

fix
All checks were successful
Release / Release application (push) Successful in 3m41s
Details

Browse Source
This commit is contained in:
Markus Pesch
2026-02-03 08:51:57 +01:00
parent 77404832ff
commit 30f2586c7c
2 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.gitea/workflows/artifacthub-metadata.yaml
View File

@@ -38,6 +38,7 @@ jobs:
echo "${COSIGN_PUBLIC_KEY}" > cosign.pub
oras push git.cryptic.systems/volker.raschek/dcmerge-goreleaser:cosign.pub \
--artifact-type application/vnd.dev.cosign.public-key.v1 \
--annotation org.opencontainers.image.title=cosign.pub \
cosign.pub:application/vnd.dev.cosign.public-key.v1
# - name: Push artifacthub-repo.yml to docker.io

7
.goreleaser.yaml
View File

@@ -325,11 +325,14 @@ docker_signs:
#
# Default: ["sign", "--key=cosign.key", "${artifact}@${digest}", "--yes"].
# Templates: allowed.
# Note: Using --registry-referrers-mode=legacy ensures signature is stored as sha256-<digest>.sig tag
# which is required by ArtifactHub to display the "Signed" badge
args:
- "sign"
- "--key=env://COSIGN_PRIVATE_KEY"
- "${artifact}@${artifactID}.sig"
- "--yes"
- "--registry-referrers-mode=legacy"
- "${artifact}@${digest}"
# Which artifacts to sign.
#
@@ -354,6 +357,8 @@ docker_signs:
# StdinFile file to be given to the signature command as stdin.
# stdin_file: ./passphrase.key
output: true
gitea_urls:
api: https://git.cryptic.systems/api/v1
download: https://git.cryptic.systems