From 96b0d5ef17e772dffcd5015d583e27f7dda6fdad Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 11 Jan 2024 20:31:37 -0500 Subject: [PATCH] chore(deps): bump EyeCantCU/cosign-action from 0.2.1 to 0.2.2 (#799) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/build-bluefin-toolbox.yml | 2 +- .github/workflows/build-fedora-toolbox.yml | 2 +- .github/workflows/build-ubuntu-toolbox.yml | 2 +- .github/workflows/build-wolfi-toolbox.yml | 2 +- .github/workflows/build.yml | 4 ++-- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/build-bluefin-toolbox.yml b/.github/workflows/build-bluefin-toolbox.yml index 1fb22a0d0bb..ac236b4cc3c 100644 --- a/.github/workflows/build-bluefin-toolbox.yml +++ b/.github/workflows/build-bluefin-toolbox.yml @@ -30,7 +30,7 @@ jobs: uses: actions/checkout@v4 - name: Verify base container - uses: EyeCantCU/cosign-action/verify@v0.2.1 + uses: EyeCantCU/cosign-action/verify@v0.2.2 with: containers: wolfi-base cert-identity: https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main diff --git a/.github/workflows/build-fedora-toolbox.yml b/.github/workflows/build-fedora-toolbox.yml index 47e9c3ad7c8..7e5b7028663 100644 --- a/.github/workflows/build-fedora-toolbox.yml +++ b/.github/workflows/build-fedora-toolbox.yml @@ -30,7 +30,7 @@ jobs: uses: actions/checkout@v4 - name: Verify Fedora distrobox - uses: EyeCantCU/cosign-action/verify@v0.2.1 + uses: EyeCantCU/cosign-action/verify@v0.2.2 with: containers: fedora-distrobox:latest diff --git a/.github/workflows/build-ubuntu-toolbox.yml b/.github/workflows/build-ubuntu-toolbox.yml index 03169fe5117..85c0c79f356 100644 --- a/.github/workflows/build-ubuntu-toolbox.yml +++ b/.github/workflows/build-ubuntu-toolbox.yml @@ -30,7 +30,7 @@ jobs: uses: actions/checkout@v4 - name: Verify Ubuntu toolbox - uses: EyeCantCU/cosign-action/verify@v0.2.1 + uses: EyeCantCU/cosign-action/verify@v0.2.2 with: containers: ubuntu-toolbox:22.04 pubkey: https://raw.githubusercontent.com/toolbx-images/images/main/quay.io-toolbx-images.pub diff --git a/.github/workflows/build-wolfi-toolbox.yml b/.github/workflows/build-wolfi-toolbox.yml index 017145a681c..57ae447c8be 100644 --- a/.github/workflows/build-wolfi-toolbox.yml +++ b/.github/workflows/build-wolfi-toolbox.yml @@ -30,7 +30,7 @@ jobs: uses: actions/checkout@v4 - name: Verify base container - uses: EyeCantCU/cosign-action/verify@v0.2.1 + uses: EyeCantCU/cosign-action/verify@v0.2.2 with: containers: wolfi-base cert-identity: https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f70705fc452..02efc74bdea 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -45,13 +45,13 @@ jobs: uses: actions/checkout@v4 - name: Verify base image - uses: EyeCantCU/cosign-action/verify@v0.2.1 + uses: EyeCantCU/cosign-action/verify@v0.2.2 with: containers: silverblue-${{ matrix.image_flavor }}:${{ matrix.major_version }} - name: Verify Chainguard images if: matrix.base_name != 'bluefin' - uses: EyeCantCU/cosign-action/verify@v0.2.1 + uses: EyeCantCU/cosign-action/verify@v0.2.2 with: containers: dive, flux, helm, ko, minio, kubectl cert-identity: https://github.com/chainguard-images/images/.github/workflows/release.yaml@refs/heads/main