oops, forgot to use test env variables instead of local tests :)

Signed-off-by: Ville Aikas <vaikas@chainguard.dev>
sigstore · Mar 30, 2022 · 42f97af · 42f97af
1 parent e85c9ef
commit 42f97af
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/.github/workflows/kind-verify-attestation.yaml b/.github/workflows/kind-verify-attestation.yaml
@@ -161,7 +161,7 @@ jobs:
     - name: Create attestation for it
       run: |
         echo -n 'foobar e2e test' > ./predicate-file
-        SIGSTORE_TRUST_REKOR_API_PUBLIC_KEY=1  COSIGN_EXPERIMENTAL=1 ./cosign attest --predicate ./predicate-file --fulcio-url=http://fulcio.fulcio-system.svc:8080 --rekor-url=http://rekor.rekor-system.svc:8080 --allow-insecure-registry --force ${{ env.demoimage }} --identity-token ${{ env.OIDC_TOKEN }}
+        SIGSTORE_TRUST_REKOR_API_PUBLIC_KEY=1  COSIGN_EXPERIMENTAL=1 ./cosign attest --predicate ./predicate-file --fulcio-url ${{ env.FULCIO_URL }} --rekor-url ${{ env.REKOR_URL }} --allow-insecure-registry --force ${{ env.demoimage }} --identity-token ${{ env.OIDC_TOKEN }}
 
     - name: Verify with cosign
       run: |
@@ -170,7 +170,7 @@ jobs:
     - name: Verify attestation with cosign, works
       run: |
         echo '::group:: test verify-attestation success'
-        if ! SIGSTORE_TRUST_REKOR_API_PUBLIC_KEY=1  COSIGN_EXPERIMENTAL=1 ./cosign verify-attestation --policy ./test/testdata/policies/cue-works.cue --rekor-url=http://rekor.rekor-system.svc:8080 --allow-insecure-registry  ${{ env.demoimage }} ; then
+        if ! SIGSTORE_TRUST_REKOR_API_PUBLIC_KEY=1  COSIGN_EXPERIMENTAL=1 ./cosign verify-attestation --policy ./test/testdata/policies/cue-works.cue --rekor-url ${{ env.REKOR_URL }} --allow-insecure-registry  ${{ env.demoimage }} ; then
           echo Failed to verify attestation with a valid policy
           exit 1
         else
@@ -181,7 +181,7 @@ jobs:
     - name: Verify attestation with cosign, fails
       run: |
         echo '::group:: test verify-attestation success'
-        if SIGSTORE_TRUST_REKOR_API_PUBLIC_KEY=1  COSIGN_EXPERIMENTAL=1 ./cosign verify-attestation --policy ./test/testdata/policies/cue-fails.cue --rekor-url=http://rekor.rekor-system.svc:8080 --allow-insecure-registry  ${{ env.demoimage }} ; then
+        if SIGSTORE_TRUST_REKOR_API_PUBLIC_KEY=1  COSIGN_EXPERIMENTAL=1 ./cosign verify-attestation --policy ./test/testdata/policies/cue-fails.cue --rekor-url ${{ env.REKOR_URL }} --allow-insecure-registry  ${{ env.demoimage }} ; then
           echo verify-attestation succeeded with cue policy that should not work
           exit 1
         else