VCI directory snapshot sign action #885

	name: VCI directory snapshot sign action
	on:
	push:
	branches:
	- main
	schedule:
	- cron: '0 12 * * *'
	jobs:
	vci-directory-sign:
	runs-on: ubuntu-latest

	steps:
	- uses: actions/checkout@v2
	- name: sign log
	env:
	PRIVATE_SIG_KEY_PWD: ${{ secrets.PRIVATE_SIG_KEY_PWD }}
	PRIVATE_SIG_KEY: ${{ secrets.PRIVATE_SIG_KEY }}
	run: \|
	echo "$PRIVATE_SIG_KEY" > private.pem
	openssl dgst -sha512 -sign private.pem -out logs/vci_snapshot.sig -passin env:PRIVATE_SIG_KEY_PWD logs/daily_dir_snapshot.json
	rm private.pem
	- name: verify log sig
	run: \|
	openssl dgst -sha512 -verify <(openssl x509 -in vci_snapshot.crt -pubkey -noout) -signature logs/vci_snapshot.sig logs/daily_dir_snapshot.json
	- uses: actions/upload-artifact@v2
	with:
	name: save-sig-file
	path: logs/vci_snapshot.sig

Provide feedback