Closed DiogenesAnalytics closed 2 weeks ago
Suspect the issue is with cosign:
cosign
Run echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST} Generating ephemeral keys... Retrieving signed certificate... Error: signing [ghcr.io/diogenesanalytics/blog_utils:master@sha256:1a29ea4e92e9ed2db6cdcc296b694548e76291e077adcd5e0e97c8449b96e7a7]: getting signer: getting key from Fulcio: getting CTFE public keys: updating local metadata and targets: error updating to TUF remote mirror: invalid key remote status:{ "mirror": "https://tuf-repo-cdn.sigstore.dev/", "metadata": { "root.json": { "version": 9, "len": 6766, "expiration": "12 Sep 24 06:53 UTC", "error": "" }, "snapshot.json": { "version": 155, "len": 2300, "expiration": "17 Sep 24 16:07 UTC", "error": "" }, "targets.json": { "version": 9, "len": 5478, "expiration": "12 Sep 24 06:13 UTC", "error": "" }, "timestamp.json": { "version": 216, "len": 719, "expiration": "06 Sep 24 16:05 UTC", "error": "" } } } main.go:74: error during command execution: signing [ghcr.io/diogenesanalytics/blog_utils:master@sha256:1a29ea4e92e9ed2db6cdcc296b694548e76291e077adcd5e0e97c8449b96e7a7]: getting signer: getting key from Fulcio: getting CTFE public keys: updating local metadata and targets: error updating to TUF remote mirror: invalid key remote status:{ "mirror": "https://tuf-repo-cdn.sigstore.dev/", "metadata": { "root.json": { "version": 9, "len": 6766, "expiration": "12 Sep 24 06:53 UTC", "error": "" }, "snapshot.json": { "version": 155, "len": 2300, "expiration": "17 Sep 24 16:07 UTC", "error": "" }, "targets.json": { "version": 9, "len": 5478, "expiration": "12 Sep 24 06:13 UTC", "error": "" }, "timestamp.json": { "version": 216, "len": 719, "expiration": "06 Sep 24 16:05 UTC", "error": "" } } } Error: Process completed with exit code 123.
Here is ChatGPT's input:
ChatGPT's
Simply updated using the cosign version from here: https://github.com/DiogenesAnalytics/parley/blob/7f59b625893b7aef2ccd5c363471e8757d15dc44/.github/workflows/docker-publish.yml#L38-L44
Problem
Suspect the issue is with
cosign
: