Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: cosign support for release binaries #436

Merged
merged 11 commits into from
Dec 2, 2024
Merged

Conversation

debendraoli
Copy link
Collaborator

@debendraoli debendraoli commented Nov 26, 2024

Introduce a public key for cosigning and apply cosign to the binaries for enhanced security.

Also go version is bumped to 1.23

@debendraoli debendraoli self-assigned this Nov 26, 2024
@github-actions github-actions bot added the cicd label Nov 26, 2024
@debendraoli debendraoli changed the title feat(ci): cosign support for release binaries feat: cosign support for release binaries Nov 26, 2024
@debendraoli debendraoli added the enhancement New feature or request label Nov 26, 2024
@bcsainju
Copy link
Collaborator

can you add related docs for verification along with how it will be integrated in the docker images ?

@bcsainju
Copy link
Collaborator

bcsainju commented Nov 27, 2024

Why does this differ completely from the earlier deployment security docs ? https://github.com/icon-project/ICON-Projects-Planning/pull/513/files

@debendraoli
Copy link
Collaborator Author

Why does this differ completely from the earlier deployment security docs ? https://github.com/icon-project/ICON-Projects-Planning/pull/513/files

That docs refers to the gpg one but the cosign is more robust and built-in support by goreleaser.

I'll work on documentation for cosign.

@bcsainju
Copy link
Collaborator

That is my point. When you create a document for one approach and then implement entirely different approach,both PRs shouldn't co-exist. Delete the one that has become obsolete.

bcsainju
bcsainju previously approved these changes Dec 2, 2024
@debendraoli debendraoli merged commit 3d41676 into main Dec 2, 2024
5 checks passed
@debendraoli debendraoli deleted the feature/cosign-binaries branch December 2, 2024 06:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
cicd enhancement New feature or request
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants