sigstore: always set TSA server endpoint to provide trusted timestamping

Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
This commit is contained in:
CrazyMax
2025-10-30 10:35:31 +01:00
parent 36cc95143c
commit 1c0dc52a0e
3 changed files with 43 additions and 10 deletions

View File

@@ -14,7 +14,7 @@
* limitations under the License.
*/
import {describe, expect, it} from '@jest/globals';
import {describe, expect, jest, it} from '@jest/globals';
import fs from 'fs';
import * as path from 'path';
@@ -24,6 +24,9 @@ const fixturesDir = path.join(__dirname, '..', '.fixtures');
const maybe = process.env.GITHUB_ACTIONS && process.env.GITHUB_ACTIONS === 'true' && process.env.ACTIONS_ID_TOKEN_REQUEST_URL && process.env.ImageOS && process.env.ImageOS.startsWith('ubuntu') ? describe : describe.skip;
// needs current GitHub repo info
jest.unmock('@actions/github');
maybe('signProvenanceBlobs', () => {
it('single platform', async () => {
const sigstore = new Sigstore();