Skip to content

Parse DSSE bundles and Intoto payloads #2190

Parse DSSE bundles and Intoto payloads

Parse DSSE bundles and Intoto payloads #2190

Workflow file for this run

name: Conformance Tests
on:
push:
branches:
- '**'
pull_request:
# TODO: add cron
jobs:
conformance:
strategy:
max-parallel: 1
matrix:
java-version: [11, 17]
sigstore-env: [production, staging]
fail-fast: false
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Set up JDK ${{ matrix.java-version }}
uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0
with:
java-version: ${{ matrix.java-version }}
distribution: 'temurin'
- name: Setup Gradle
uses: gradle/actions/setup-gradle@d156388eb19639ec20ade50009f3d199ce1e2808 # v4.1.0
- name: Build sigstore-java cli
run: ./gradlew :sigstore-cli:build
- name: Unpack sigstore-java distribution
run: tar -xvf ${{ github.workspace }}/sigstore-cli/build/distributions/sigstore-cli-*.tar --strip-components 1
- uses: sigstore/sigstore-conformance@6bd1c54e236c9517da56f7344ad16cc00439fe19 # v0.0.13
with:
entrypoint: ${{ github.workspace }}/bin/sigstore-cli
environment: ${{ matrix.sigstore-env }}
xfail: "test_verify_dsse_bundle_with_trust_root test_verify_in_toto_in_dsse_envelope"