Skip to content

Commit

Permalink
Also add the Rekor transparency log URL
Browse files Browse the repository at this point in the history
  • Loading branch information
mendhak committed Nov 6, 2024
1 parent 2588e51 commit 961da7b
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions .github/workflows/generate-release-apk.yml
Original file line number Diff line number Diff line change
Expand Up @@ -56,8 +56,10 @@ jobs:
id: references
run: |
APK_FILE_NAME=$(find gpslogger/ -maxdepth 1 -name "gpslogger-*.apk" -print -quit | xargs basename)
logIndex=$(jq -r '.verificationMaterial.tlogEntries[0].logIndex' < ${{ steps.attest.outputs.bundle-path }})
echo "APK_FILE_NAME=$APK_FILE_NAME" >> "$GITHUB_OUTPUT"
echo "GITHUB_WORKFLOW_REF=$GITHUB_WORKFLOW_REF" >> "$GITHUB_OUTPUT"
echo "REKOR_LOGINDEX=$logindex" >> "$GITHUB_OUTPUT"
- name: Copy cosign bundle
run: cp ${{ steps.attest.outputs.bundle-path }} gpslogger/${{ steps.references.outputs.APK_FILE_NAME }}.cosign.bundle
- name: Upload
Expand All @@ -81,6 +83,8 @@ jobs:
```
cosign verify-blob ${{ steps.references.outputs.APK_FILE_NAME }} --bundle ${{ steps.references.outputs.APK_FILE_NAME }}.cosign.bundle --new-bundle-format --cert-oidc-issuer https://token.actions.githubusercontent.com --cert-identity https://github.com/${{ steps.references.outputs.GITHUB_WORKFLOW_REF }}
```
[Rekor transparency log](https://search.sigstore.dev?logIndex=${{ steps.references.outputs.REKOR_LOGINDEX }})
files: |
gpslogger/gpslogger-*.apk
gpslogger/gpslogger-*.apk.asc
Expand Down

0 comments on commit 961da7b

Please sign in to comment.