Unable to find private/public key pair
✅ Solved
Hi there,
I'm trying to build my own image based upon the template for blue build.
Generating the "current" image works just fine, but if I want to do the pull request to rebase to blue-build/github-action from 1.10 to 1.11, it gives me the following error:
[12:20:08 ERROR] => Failed:
× Unable to find private/public key pair
help: Make sure you have a
in the root of your repo and have either COSIGN_PRIVATE_KEY
set in your env variables or a
file in the root of your repo.
See https://blue-build.org/how-to/cosign/ for more information.
If you don't want to sign your image, use the
That said, I do have a cosign.pub in the repository, and in the repository settings I do have the SIGNING_SECRET variable - though, no COSIGN_PRIVATE_KEY env variable; and no COSIGN_PRIVAT_KEY "variable".
Since it requires the private key and I do not intend to upload it to github - what's meant there? Do I have to set a secret with COSIGN_PRIVATE_KEY instead of SIGNING_SECRET? Because for environment secrets I'd have to create an environment first - and I do not find any documentation there.
Can anyone help me with what's needed so I can rebase to the new github-actions?
I'm trying to build my own image based upon the template for blue build.
Generating the "current" image works just fine, but if I want to do the pull request to rebase to blue-build/github-action from 1.10 to 1.11, it gives me the following error:
[12:20:08 ERROR] => Failed:
× Unable to find private/public key pair
help: Make sure you have a
./cosign.pubin the root of your repo and have either COSIGN_PRIVATE_KEY
set in your env variables or a
./cosign.keyfile in the root of your repo.
See https://blue-build.org/how-to/cosign/ for more information.
If you don't want to sign your image, use the
--no-signThat said, I do have a cosign.pub in the repository, and in the repository settings I do have the SIGNING_SECRET variable - though, no COSIGN_PRIVATE_KEY env variable; and no COSIGN_PRIVAT_KEY "variable".
Since it requires the private key and I do not intend to upload it to github - what's meant there? Do I have to set a secret with COSIGN_PRIVATE_KEY instead of SIGNING_SECRET? Because for environment secrets I'd have to create an environment first - and I do not find any documentation there.
Can anyone help me with what's needed so I can rebase to the new github-actions?
Solution
Okay, seems I can force-merge it even if it fails to build. After that the image creation worked well. Not sure why the test failed, but I guess that's fine.
