Skip to content

Commit cc82310

Browse files
prabhuprabhu
committed
Sign the generated BOMs
Signed-off-by: Prabhu Subramanian <[email protected]>
1 parent 0fdf47c commit cc82310

File tree

2 files changed

+5
-5
lines changed

2 files changed

+5
-5
lines changed

.github/workflows/image-build.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -88,7 +88,7 @@ jobs:
8888
labels: ${{ steps.cdxgen-metadata.outputs.labels }}
8989
- name: save private key to file
9090
run: |
91-
echo $SBOM_SIGN_PRIVATE_KEY_DATA > $GITHUB_WORKSPACE/private.key
91+
echo "$SBOM_SIGN_PRIVATE_KEY_DATA" > $GITHUB_WORKSPACE/private.key
9292
ls -lh $GITHUB_WORKSPACE/private.key
9393
env:
9494
SBOM_SIGN_PRIVATE_KEY_DATA: ${{ secrets.SBOM_SIGN_PRIVATE_KEY }}

.github/workflows/npm-release.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -126,7 +126,7 @@ jobs:
126126
continue-on-error: true
127127
- name: save private key to file
128128
run: |
129-
echo $SBOM_SIGN_PRIVATE_KEY_DATA > $GITHUB_WORKSPACE/private.key
129+
echo "$SBOM_SIGN_PRIVATE_KEY_DATA" > $GITHUB_WORKSPACE/private.key
130130
env:
131131
SBOM_SIGN_PRIVATE_KEY_DATA: ${{ secrets.SBOM_SIGN_PRIVATE_KEY }}
132132
- name: Attach cdx sbom
@@ -185,7 +185,7 @@ jobs:
185185
labels: ${{ steps.meta2.outputs.labels }}
186186
- name: save private key to file
187187
run: |
188-
echo $SBOM_SIGN_PRIVATE_KEY_DATA > $GITHUB_WORKSPACE/private.key
188+
echo "$SBOM_SIGN_PRIVATE_KEY_DATA" > $GITHUB_WORKSPACE/private.key
189189
env:
190190
SBOM_SIGN_PRIVATE_KEY_DATA: ${{ secrets.SBOM_SIGN_PRIVATE_KEY }}
191191
- name: Attach cdx sbom
@@ -255,7 +255,7 @@ jobs:
255255
labels: ${{ steps.meta2.outputs.labels }}
256256
- name: save private key to file
257257
run: |
258-
echo $SBOM_SIGN_PRIVATE_KEY_DATA > $GITHUB_WORKSPACE/private.key
258+
echo "$SBOM_SIGN_PRIVATE_KEY_DATA" > $GITHUB_WORKSPACE/private.key
259259
env:
260260
SBOM_SIGN_PRIVATE_KEY_DATA: ${{ secrets.SBOM_SIGN_PRIVATE_KEY }}
261261
- name: Attach cdx sbom
@@ -371,7 +371,7 @@ jobs:
371371
labels: ${{ steps.meta5.outputs.labels }}
372372
- name: save private key to file
373373
run: |
374-
echo $SBOM_SIGN_PRIVATE_KEY_DATA > $GITHUB_WORKSPACE/private.key
374+
echo "$SBOM_SIGN_PRIVATE_KEY_DATA" > $GITHUB_WORKSPACE/private.key
375375
env:
376376
SBOM_SIGN_PRIVATE_KEY_DATA: ${{ secrets.SBOM_SIGN_PRIVATE_KEY }}
377377
- name: Attach cdx sbom

0 commit comments

Comments
 (0)