ci: add sigstore e2e test suite#2062
Open
stealthybox wants to merge 2 commits into
Open
Conversation
stealthybox
force-pushed
the
sigstore-testing
branch
from
4abda3f to
5e8d2e6
Compare
stealthybox
force-pushed
the
sigstore-transport
branch
from
295b592 to
211fb0a
Compare
Scripts and testdata for running cosign verification tests against a local sigstore stack on kind. Uses zot (referrers API) and registry:2 (tag fallback) with the scaffold Helm chart. Covers v2/v3 key-pair, v2/v3 keyless with trustedRootSecretRef, tlog, combined refs, wrong key/identity/rekor material, and registry auth. Signed-off-by: leigh capili <leigh@null.net>
stealthybox
force-pushed
the
sigstore-transport
branch
from
211fb0a to
ffa18cc
Compare
New sigstore-linux-amd64 job deploys a local sigstore stack and runs the verification test suite concurrently with kind-linux-amd64. Signed-off-by: leigh capili <leigh@null.net>
stealthybox
force-pushed
the
sigstore-testing
branch
from
5e8d2e6 to
106bf50
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Add a parallel CI job that deploys a local sigstore stack and runs
verification tests against it.
hack infra:
tests:
Runs concurrently with the existing kind-linux-amd64 job -- hopefully i've set this up right