Skip to content

Commit

Permalink
Bump cosign to 0.0.20 for google cloud / workstation signing
Browse files Browse the repository at this point in the history 
This makes signing and publishing of sboms "just work" on a google
cloud / workstation instance.

So on a workstation, you can just 'make image/busybox' and sboms
will be populated.

See chainguard-dev/terraform-provider-cosign#158
for more information

Signed-off-by: Scott Moser <scott.moser@chainguard.com>
  • Loading branch information
Scott Moser committed Apr 27, 2024
1 parent 732a680 commit 555084f
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 9 deletions.
15 changes: 7 additions & 8 deletions .terraform.lock.hcl
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion tflib/publisher/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ terraform {
required_providers {
cosign = {
source = "chainguard-dev/cosign"
version = "0.0.19"
version = "0.0.20"
}
apko = {
source = "chainguard-dev/apko"
Expand Down

0 comments on commit 555084f

Please sign in to comment.