particle-os/particle-os-modules
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

chore(signing): Fix jq command for modifying policy.json

Browse source
This commit is contained in:
fiftydinar 2024-12-01 21:56:24 +01:00 committed by GitHub
parent c065b145de
commit ab654c9f16
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 12 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

23
modules/signing/signing.sh
View file

@ -34,18 +34,19 @@ fi
POLICY_FILE="$CONTAINER_DIR/policy.json"
yq -i -o=j '.transports.docker |=
{"'"$IMAGE_REGISTRY"'/'"$IMAGE_NAME"'": [
{
"type": "sigstoreSigned",
"keyPath": "/etc/pki/containers/'"$IMAGE_NAME_FILE"'.pub",
"signedIdentity": {
"type": "matchRepository"
}
jq --arg image_registry "$IMAGE_REGISTRY" \
--arg image_name "$IMAGE_NAME" \
--arg image_name_file "$IMAGE_NAME_FILE" \
'.transports.docker |=
{ ($image_registry + "/" + $image_name): [
{
"type": "sigstoreSigned",
"keyPath": ("/etc/pki/containers/" + $image_name_file + ".pub"),
"signedIdentity": {
"type": "matchRepository"
}
]
}
+ .' "$POLICY_FILE"
}
] } + .' "$POLICY_FILE" > /tmp/tmp-policy.json && mv /tmp/tmp-policy.json "$POLICY_FILE"
mv "$MODULE_DIRECTORY/signing/registry-config.yaml" "$CONTAINER_DIR/registries.d/$IMAGE_NAME_FILE.yaml"
sed -i "s ghcr.io/IMAGENAME $IMAGE_REGISTRY g" "$CONTAINER_DIR/registries.d/$IMAGE_NAME_FILE.yaml"