From 158083752693a40c1b379ab3695ffdd4eb2eedc9 Mon Sep 17 00:00:00 2001 From: Naman Lakhwani Date: Wed, 19 Jan 2022 04:37:59 +0530 Subject: [PATCH] refactoring github actions to remove duplication and enhancement for versioned sbom's (#2979) * initial commit Signed-off-by: Naman Lakhwani * adding docker-buildx-builder to makefile Signed-off-by: Naman Lakhwani * reverting git describe in makefile Signed-off-by: Naman Lakhwani * uploading sbom for each kyverno image Signed-off-by: Naman Lakhwani * small nits Signed-off-by: Naman Lakhwani * scanning image before pushing and removed cosign.pub Signed-off-by: Naman Lakhwani --- .github/workflows/image.yaml | 172 ++++------------------ .github/workflows/release.yaml | 257 ++++----------------------------- .github/workflows/reuse.yaml | 132 +++++++++++++++++ Makefile | 42 +----- cmd/alpineBase/Dockerfile | 1 - cosign.pub | 4 - 6 files changed, 196 insertions(+), 412 deletions(-) create mode 100644 .github/workflows/reuse.yaml delete mode 100644 cmd/alpineBase/Dockerfile delete mode 100644 cosign.pub diff --git a/.github/workflows/image.yaml b/.github/workflows/image.yaml index 28fcc9bb5f..13f158395f 100644 --- a/.github/workflows/image.yaml +++ b/.github/workflows/image.yaml @@ -8,152 +8,34 @@ permissions: read-all jobs: push-init-kyverno: - runs-on: ubuntu-latest - permissions: - packages: write - id-token: write - steps: - - name: Checkout - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 - - - name: Unshallow - run: git fetch --prune --unshallow - - - name: Set up Go - uses: actions/setup-go@424fc82d43fa5a37540bae62709ddcc23d9520d4 # v2.1.5 - with: - go-version: 1.16 - - - name: Install Cosign - uses: sigstore/cosign-installer@116dc6872c0a067bcb78758f18955414cdbf918f # v1.4.1 - with: - cosign-release: 'v1.4.1' - - - name: login to GitHub Container Registry - run: echo ${{ secrets.CR_PAT }} | docker login ghcr.io -u ${{ github.repository_owner }} --password-stdin - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@94ab11c41e45d028884a99163086648e898eed25 # v1.6.0 - id: buildx - with: - install: true - - - name: docker images publish - run: | - make docker-publish-sigs - make docker-publish-initContainer-dev - - - name: get digest - id: get-step - run: | - echo "::set-output name=digest::$(make docker-get-initContainer-dev-digest)" - - - name: Sign image - env: - COSIGN_EXPERIMENTAL: "true" - run: | - cosign sign \ - -a "repo=${{ github.repository }}" \ - -a "workflow=${{ github.workflow }}" \ - -a "ref=${{ github.sha }}" \ - ghcr.io/kyverno/kyvernopre@sha256:${{ steps.get-step.outputs.digest }} + uses: kyverno/kyverno/.github/workflows/reuse.yaml@main + with: + publish_command: docker-publish-initContainer-dev + digest_command: docker-get-initContainer-dev-digest + image_name: kyvernopre + tag: image + secrets: + registry_username: ${{ github.actor }} + registry_password: ${{ secrets.CR_PAT }} push-kyverno: - runs-on: ubuntu-latest - permissions: - packages: write - id-token: write - steps: - - name: Checkout - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 - - - name: Unshallow - run: git fetch --prune --unshallow - - - name: Set up Go - uses: actions/setup-go@424fc82d43fa5a37540bae62709ddcc23d9520d4 # v2.1.5 - with: - go-version: 1.16 - - - name: Install Cosign - uses: sigstore/cosign-installer@116dc6872c0a067bcb78758f18955414cdbf918f # v1.4.1 - with: - cosign-release: 'v1.4.1' - - - name: login to GitHub Container Registry - run: echo ${{ secrets.CR_PAT }} | docker login ghcr.io -u ${{ github.repository_owner }} --password-stdin - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@94ab11c41e45d028884a99163086648e898eed25 # v1.6.0 - id: buildx - with: - install: true - - - name: docker images publish - run: | - make docker-publish-kyverno-dev - - - name: get digest - id: get-step - run: | - echo "::set-output name=digest::$(make docker-get-kyverno-dev-digest)" - - - name: Sign image - env: - COSIGN_EXPERIMENTAL: "true" - run: | - cosign sign \ - -a "repo=${{ github.repository }}" \ - -a "workflow=${{ github.workflow }}" \ - -a "ref=${{ github.sha }}" \ - ghcr.io/kyverno/kyverno@sha256:${{ steps.get-step.outputs.digest }} + uses: kyverno/kyverno/.github/workflows/reuse.yaml@main + with: + publish_command: docker-publish-kyverno-dev + digest_command: docker-get-kyverno-dev-digest + image_name: kyverno + tag: image + secrets: + registry_username: ${{ github.actor }} + registry_password: ${{ secrets.CR_PAT }} push-kyverno-cli: - runs-on: ubuntu-latest - permissions: - packages: write - id-token: write - steps: - - name: Checkout - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 - - - name: Unshallow - run: git fetch --prune --unshallow - - - name: Set up Go - uses: actions/setup-go@424fc82d43fa5a37540bae62709ddcc23d9520d4 # v2.1.5 - with: - go-version: 1.16 - - - name: Install Cosign - uses: sigstore/cosign-installer@116dc6872c0a067bcb78758f18955414cdbf918f # v1.4.1 - with: - cosign-release: 'v1.4.1' - - - name: login to GitHub Container Registry - run: echo ${{ secrets.CR_PAT }} | docker login ghcr.io -u ${{ github.repository_owner }} --password-stdin - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@94ab11c41e45d028884a99163086648e898eed25 # v1.6.0 - id: buildx - with: - install: true - - - name: docker images publish - run: | - make docker-publish-cli-dev - - - name: get digest - id: get-step - run: | - echo "::set-output name=digest::$(make docker-get-cli-dev-digest)" - - - name: Sign image - env: - COSIGN_EXPERIMENTAL: "true" - run: | - cosign sign \ - -a "repo=${{ github.repository }}" \ - -a "workflow=${{ github.workflow }}" \ - -a "ref=${{ github.sha }}" \ - ghcr.io/kyverno/kyverno-cli@sha256:${{ steps.get-step.outputs.digest }} + uses: kyverno/kyverno/.github/workflows/reuse.yaml@main + with: + publish_command: docker-publish-cli-dev + digest_command: docker-get-cli-dev-digest + image_name: kyverno-cli + tag: image + secrets: + registry_username: ${{ github.actor }} + registry_password: ${{ secrets.CR_PAT }} diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index fde3b612e6..02e2989d21 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -8,230 +8,40 @@ permissions: read-all jobs: release-init-kyverno: - runs-on: ubuntu-latest - permissions: - packages: write - id-token: write - steps: - - name: Checkout - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 - with: - fetch-depth: 0 - - - name: Set up Go - uses: actions/setup-go@424fc82d43fa5a37540bae62709ddcc23d9520d4 # v2.1.5 - with: - go-version: 1.16 - - - name: Install Cosign - uses: sigstore/cosign-installer@116dc6872c0a067bcb78758f18955414cdbf918f # v1.4.1 - with: - cosign-release: 'v1.4.1' - - - name: Cache Go modules - uses: actions/cache@d9747005de0f7240e5d35a68dca96b3f41b8b340 # v1.2.0 - with: - path: ~/go/pkg/mod - key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} - restore-keys: | - ${{ runner.os }}-go- - - - name: Set up Go - uses: actions/setup-go@424fc82d43fa5a37540bae62709ddcc23d9520d4 # v2.1.5 - with: - go-version: 1.16 - - uses: creekorful/goreportcard-action@1f35ced8cdac2cba28c9a2f2288a16aacfd507f9 # v1.0 - - - name: login to GitHub Container Registry - run: echo ${{ secrets.CR_PAT }} | docker login ghcr.io -u ${{ github.repository_owner }} --password-stdin - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@94ab11c41e45d028884a99163086648e898eed25 # v1.6.0 - id: buildx - with: - install: true - - - name: Set version - run: | - echo "KYVERNO_VERSION=$(git describe --match "v[0-9]*")" - - - name : docker images publish - run: | - make docker-publish-sigs - make docker-publish-initContainer - - - name: get digest - id: get-step - run: | - echo "::set-output name=digest::$(make docker-get-initContainer-digest)" - - - name: Sign image - env: - COSIGN_EXPERIMENTAL: "true" - run: | - cosign sign \ - -a "repo=${{ github.repository }}" \ - -a "workflow=${{ github.workflow }}" \ - -a "ref=${{ github.sha }}" \ - ghcr.io/kyverno/kyvernopre@sha256:${{ steps.get-step.outputs.digest }} + uses: kyverno/kyverno/.github/workflows/reuse.yaml@main + with: + publish_command: docker-publish-initContainer + digest_command: docker-get-initContainer-digest + image_name: kyvernopre + tag: release + main: cmd/initContainer + secrets: + registry_username: ${{ github.actor }} + registry_password: ${{ secrets.CR_PAT }} release-kyverno: - runs-on: ubuntu-latest - permissions: - packages: write - id-token: write - steps: - - name: Checkout - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 - with: - fetch-depth: 0 - - - name: Set up Go - uses: actions/setup-go@424fc82d43fa5a37540bae62709ddcc23d9520d4 # v2.1.5 - with: - go-version: 1.16 - - - name: Install Cosign - uses: sigstore/cosign-installer@116dc6872c0a067bcb78758f18955414cdbf918f # v1.4.1 - with: - cosign-release: 'v1.4.1' - - - name: Cache Go modules - uses: actions/cache@d9747005de0f7240e5d35a68dca96b3f41b8b340 # v1.2.0 - with: - path: ~/go/pkg/mod - key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} - restore-keys: | - ${{ runner.os }}-go- - - - name: Set up Go - uses: actions/setup-go@424fc82d43fa5a37540bae62709ddcc23d9520d4 # v2.1.5 - with: - go-version: 1.16 - - uses: creekorful/goreportcard-action@1f35ced8cdac2cba28c9a2f2288a16aacfd507f9 # v1.0 - - - name: login to GitHub Container Registry - run: echo ${{ secrets.CR_PAT }} | docker login ghcr.io -u ${{ github.repository_owner }} --password-stdin - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@94ab11c41e45d028884a99163086648e898eed25 # v1.6.0 - id: buildx - with: - install: true - - - name: Set version - run: | - echo "KYVERNO_VERSION=$(git describe --match "v[0-9]*")" - echo "KYVERNO_VERSION=$(git describe --match "v[0-9]*")" >> $GITHUB_ENV - - - name: Generate SBOM JSON - uses: CycloneDX/gh-gomod-generate-sbom@c18e41a4e3defe6dbf69b594e4d831a89db82ead # v1.0.0 - with: - version: v1 - args: mod -licenses -json -output kyverno-v${{ env.KYVERNO_VERSION }}-bom.cdx.json - - - uses: actions/upload-artifact@82c141cc518b40d92cc801eee768e7aafc9c2fa2 # v2.3.1 - with: - name: kyverno-bom-cdx - path: kyverno-v*-bom.cdx.json - - - name : docker images publish - run: | - make docker-publish-sbom - make docker-publish-kyverno - - - name: get digest - id: get-step - run: | - echo "::set-output name=digest::$(make docker-get-kyverno-digest)" - - - name: Sign image and SBOM - env: - COSIGN_EXPERIMENTAL: "true" - run: | - cosign sign \ - -a "repo=${{ github.repository }}" \ - -a "workflow=${{ github.workflow }}" \ - -a "ref=${{ github.sha }}" \ - ghcr.io/kyverno/kyverno@sha256:${{ steps.get-step.outputs.digest }} - cosign attach sbom -sbom ./*-bom.cdx.json -type cyclonedx ghcr.io/kyverno/sbom:latest - - - name: Trivy Scan Image - uses: aquasecurity/trivy-action@8f4c7160b470bafe4299efdc1c8a1fb495f8325a # v0.2.1 - with: - image-ref: 'ghcr.io/kyverno/kyverno:${{env.KYVERNO_VERSION}}' - format: 'table' - exit-code: '1' - ignore-unfixed: true - vuln-type: 'os,library' - severity: 'CRITICAL,HIGH' + uses: kyverno/kyverno/.github/workflows/reuse.yaml@main + with: + publish_command: docker-publish-kyverno + digest_command: docker-get-kyverno-digest + image_name: kyverno + tag: release + main: cmd/kyverno + secrets: + registry_username: ${{ github.actor }} + registry_password: ${{ secrets.CR_PAT }} release-kyverno-cli: - runs-on: ubuntu-latest - permissions: - packages: write - id-token: write - steps: - - name: Checkout - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 - with: - fetch-depth: 0 - - - name: Set up Go - uses: actions/setup-go@424fc82d43fa5a37540bae62709ddcc23d9520d4 # v2.1.5 - with: - go-version: 1.16 - - - name: Install Cosign - uses: sigstore/cosign-installer@116dc6872c0a067bcb78758f18955414cdbf918f # v1.4.1 - with: - cosign-release: 'v1.4.1' - - - name: Cache Go modules - uses: actions/cache@d9747005de0f7240e5d35a68dca96b3f41b8b340 # v1.2.0 - with: - path: ~/go/pkg/mod - key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} - restore-keys: | - ${{ runner.os }}-go- - - - name: Set up Go - uses: actions/setup-go@424fc82d43fa5a37540bae62709ddcc23d9520d4 # v2.1.5 - with: - go-version: 1.16 - - uses: creekorful/goreportcard-action@1f35ced8cdac2cba28c9a2f2288a16aacfd507f9 # v1.0 - - - name: login to GitHub Container Registry - run: echo ${{ secrets.CR_PAT }} | docker login ghcr.io -u ${{ github.repository_owner }} --password-stdin - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@94ab11c41e45d028884a99163086648e898eed25 # v1.6.0 - id: buildx - with: - install: true - - - name: Set version - run: | - echo "KYVERNO_VERSION=$(git describe --match "v[0-9]*")" - - - name : docker images publish - run: | - make docker-publish-cli - - - name: get digest - id: get-step - run: | - echo "::set-output name=digest::$(make docker-get-cli-digest)" - - - name: Sign image - env: - COSIGN_EXPERIMENTAL: "true" - run: | - cosign sign \ - -a "repo=${{ github.repository }}" \ - -a "workflow=${{ github.workflow }}" \ - -a "ref=${{ github.sha }}" \ - ghcr.io/kyverno/kyverno-cli@sha256:${{ steps.get-step.outputs.digest }} + uses: kyverno/kyverno/.github/workflows/reuse.yaml@main + with: + publish_command: docker-publish-cli + digest_command: docker-get-cli-digest + image_name: kyverno-cli + tag: release + main: cmd/cli/kubectl-kyverno + secrets: + registry_username: ${{ github.actor }} + registry_password: ${{ secrets.CR_PAT }} create-release: runs-on: ubuntu-latest @@ -261,10 +71,7 @@ jobs: key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} restore-keys: | ${{ runner.os }}-go- - - name: Set up Go - uses: actions/setup-go@424fc82d43fa5a37540bae62709ddcc23d9520d4 # v2.1.5 - with: - go-version: 1.16 + - uses: creekorful/goreportcard-action@1f35ced8cdac2cba28c9a2f2288a16aacfd507f9 # v1.0 - name: Make Release @@ -304,4 +111,4 @@ jobs: - name: Update new version in krew-index if: steps.check-tag.outputs.match == 'true' - uses: rajatjindal/krew-release-bot@3320c0b546b5d2320613c46762bd3f73e2801bdc # v0.0.38 + uses: rajatjindal/krew-release-bot@3320c0b546b5d2320613c46762bd3f73e2801bdc # v0.0.38 \ No newline at end of file diff --git a/.github/workflows/reuse.yaml b/.github/workflows/reuse.yaml new file mode 100644 index 0000000000..72b17fecf2 --- /dev/null +++ b/.github/workflows/reuse.yaml @@ -0,0 +1,132 @@ +name: Create Publish and Sign Docker Image + +on: + workflow_call: + inputs: + publish_command: + required: true + type: string + digest_command: + required: true + type: string + image_name: + required: true + type: string + tag: + required: true + type: string + main: + type: string + secrets: + registry_username: + required: true + registry_password: + required: true + +jobs: + build: + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + id-token: write + steps: + - name: Checkout release + if: ${{ inputs.tag == 'release'}} + uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 + with: + fetch-depth: 0 + + - name: Checkout image + if: ${{ inputs.tag == 'image'}} + uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 + + - name: Unshallow + if: ${{ inputs.tag == 'image'}} + run: git fetch --prune --unshallow --tags + + - name: Set up Go + uses: actions/setup-go@424fc82d43fa5a37540bae62709ddcc23d9520d4 # v2.1.5 + with: + go-version: 1.16 + + - name: Install Cosign + uses: sigstore/cosign-installer@116dc6872c0a067bcb78758f18955414cdbf918f # v1.4.1 + with: + cosign-release: 'v1.4.1' + + - name: Cache Go modules + uses: actions/cache@d9747005de0f7240e5d35a68dca96b3f41b8b340 # v1.2.0 + with: + path: ~/go/pkg/mod + key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} + restore-keys: | + ${{ runner.os }}-go- + + - name: Log into ghcr.io + uses: docker/login-action@master + with: + registry: ghcr.io + username: ${{secrets.registry_username}} + password: ${{secrets.registry_password}} + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@4ab11c41e45d028884a99163086648e898eed25 # v1.6.0 + id: buildx + with: + install: true + + - name: Run Trivy vulnerability scanner in repo mode + if: ${{inputs.tag == 'release'}} + uses: aquasecurity/trivy-action@8f4c7160b470bafe4299efdc1c8a1fb495f8325a # v0.2.1 + with: + scan-type: 'fs' + format: 'table' + exit-code: '1' + ignore-unfixed: true + vuln-type: 'os,library' + severity: 'CRITICAL,HIGH' + + - name: Set Version + if: ${{ inputs.tag == 'release'}} + run: | + echo "KYVERNO_VERSION=$(git tag --list --sort=-version:refname "v[0-9]*" | head -n 1)" >> $GITHUB_ENV + + - name: Generate SBOM JSON + if: ${{inputs.tag == 'release'}} + uses: CycloneDX/gh-gomod-generate-sbom@c18e41a4e3defe6dbf69b594e4d831a89db82ead # v1.0.0 + with: + version: v1 + args: app -licenses -json -output ${{inputs.image_name}}-${{ env.KYVERNO_VERSION }}-bom.cdx.json -main ${{inputs.main}} + + - name: Upload SBOM JSON + if: ${{inputs.tag == 'release'}} + uses: actions/upload-artifact@82c141cc518b40d92cc801eee768e7aafc9c2fa2 # v2.3.1 + with: + name: ${{inputs.image_name}}-bom-cdx + path: ${{inputs.image_name}}-v*-bom.cdx.json + + - name : Docker images publish + run: make ${{inputs.publish_command}} + + - name: get digest + id: get-step + run: | + echo "::set-output name=digest::$(make ${{inputs.digest_command}})" + + - name: Sign image + env: + COSIGN_EXPERIMENTAL: "true" + COSIGN_REPOSITORY: "ghcr.io/kyverno/signatures" + run: | + cosign sign \ + -a "repo=${{ github.repository }}" \ + -a "workflow=${{ github.workflow }}" \ + -a "ref=${{ github.sha }}" \ + ghcr.io/kyverno/${{inputs.image_name}}@sha256:${{ steps.get-step.outputs.digest }} + + - name : Attach SBOM + if: ${{inputs.tag == 'release'}} + env: + COSIGN_REPOSITORY: "ghcr.io/kyverno/sbom" + run: cosign attach sbom --sbom ./${{inputs.image_name}}-v*-bom.cdx.json --type cyclonedx ghcr.io/kyverno/${{inputs.image_name}}@sha256:${{ steps.get-step.outputs.digest }} diff --git a/Makefile b/Makefile index 40082fed78..aead93cfcd 100644 --- a/Makefile +++ b/Makefile @@ -49,43 +49,6 @@ KYVERNO_PATH:= cmd/kyverno build: kyverno PWD := $(CURDIR) -################################## -# SIGNATURE CONTAINER -################################## -ALPINE_PATH := cmd/alpineBase -SIG_IMAGE := signatures -.PHONY: docker-build-signature docker-push-signature - -docker-buildx-builder: - if ! docker buildx ls | grep -q kyverno; then\ - docker buildx create --name kyverno --use;\ - fi - -docker-publish-sigs: docker-buildx-builder docker-build-signature docker-push-signature - -docker-build-signature: docker-buildx-builder - @docker buildx build --file $(PWD)/$(ALPINE_PATH)/Dockerfile --tag $(REPO)/$(SIG_IMAGE):$(IMAGE_TAG) . - -docker-push-signature: docker-buildx-builder - @docker buildx build --file $(PWD)/$(ALPINE_PATH)/Dockerfile --push --tag $(REPO)/$(SIG_IMAGE):$(IMAGE_TAG) . - @docker buildx build --file $(PWD)/$(ALPINE_PATH)/Dockerfile --push --tag $(REPO)/$(SIG_IMAGE):latest . - -################################## -# SBOM CONTAINER -################################## -ALPINE_PATH := cmd/alpineBase -SBOM_IMAGE := sbom -.PHONY: docker-build-sbom docker-push-sbom - -docker-publish-sbom: docker-buildx-builder docker-build-sbom docker-push-sbom - -docker-build-sbom: docker-buildx-builder - @docker buildx build --file $(PWD)/$(ALPINE_PATH)/Dockerfile --tag $(REPO)/$(SBOM_IMAGE):$(IMAGE_TAG) . - -docker-push-sbom: docker-buildx-builder - @docker buildx build --file $(PWD)/$(ALPINE_PATH)/Dockerfile --push --tag $(REPO)/$(SBOM_IMAGE):$(IMAGE_TAG) . - @docker buildx build --file $(PWD)/$(ALPINE_PATH)/Dockerfile --push --tag $(REPO)/$(SBOM_IMAGE):latest . - ################################## # INIT CONTAINER ################################## @@ -96,6 +59,11 @@ initContainer: fmt vet .PHONY: docker-build-initContainer docker-push-initContainer +docker-buildx-builder: + if ! docker buildx ls | grep -q kyverno; then\ + docker buildx create --name kyverno --use;\ + fi + docker-publish-initContainer: docker-buildx-builder docker-build-initContainer docker-push-initContainer docker-build-initContainer: docker-buildx-builder diff --git a/cmd/alpineBase/Dockerfile b/cmd/alpineBase/Dockerfile deleted file mode 100644 index 2f179b98db..0000000000 --- a/cmd/alpineBase/Dockerfile +++ /dev/null @@ -1 +0,0 @@ -FROM alpine:3.14 \ No newline at end of file diff --git a/cosign.pub b/cosign.pub deleted file mode 100644 index c7a558d4c7..0000000000 --- a/cosign.pub +++ /dev/null @@ -1,4 +0,0 @@ ------BEGIN PUBLIC KEY----- -MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAExxWHpvn2uMYqg174TmTcnGELOXXM -7/cGqLZW88FFceihl1WA24yKxtMBZqw/s06XqPqujqRzhkaSKa2zkRUWUA== ------END PUBLIC KEY----- \ No newline at end of file