Integrate Notation
to sign Ballerina Images
#4637
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Purpose
Publish the Ballerina Image to Github Container Registry and sign the Ballerina Image using
Notary Project's Notation Tool
.There currently is no Official Github Action for
Notation
Tool, therefore I've referred to the prototypeNotation
Action as mentioned here. The details for the official Github Action can be tracked via this issueFixes #4636
Note: Secrets have been added in the workflow, the format of each
secret
is mentioned:Azure Credentials for Resource login -
${{ secrets.AZURE_CREDENTIALS }}
- setup credentials as followsSigning Key Name -
${{ secrets.AZURE_KEY_NAME }}
-<KEY_NAME>
Certificate ID -
${{ secrets.AZURE_KEY_ID }}
-https://<key_vault_name>.vault.azure.net/certificates/xxxxxx/xxxxxxxxxxxxxxxxxxxxxxx