From da77ae35b919839c34fad2cc817f241d7b3ef488 Mon Sep 17 00:00:00 2001 From: Wayback Archiver <66856220+waybackarchiver@users.noreply.github.com> Date: Sun, 11 Feb 2024 07:00:16 +0000 Subject: [PATCH] Preferred managed version for cosign --- .github/workflows/docker.yml | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index bf28a35c..1a996844 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -78,9 +78,7 @@ jobs: - name: Install Cosign if: github.event_name != 'pull_request' - uses: sigstore/cosign-installer@9becc617647dfa20ae7b1151972e9b3a2c338a2b # v2.8.1 - with: - cosign-release: 'v1.13.1' + uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 # v3.4.0 - name: Prepare id: prep @@ -158,14 +156,14 @@ jobs: *.cache-from=type=local,src=/tmp/.image-cache/image *.cache-to=type=local,dest=/tmp/.image-cache-new/image - - name: Sign image with a key + - name: Siging image if: github.event_name != 'pull_request' env: TAGS: ${{ steps.meta.outputs.tags }} COSIGN_PRIVATE_KEY: ${{secrets.COSIGN_PRIVATE_KEY}} COSIGN_PASSWORD: ${{secrets.COSIGN_PASSPHARSE}} run: | - cosign sign --key env://COSIGN_PRIVATE_KEY ${TAGS} + cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${TAGS} - name: Check manifest if: github.event_name != 'pull_request' @@ -224,9 +222,7 @@ jobs: - name: Install Cosign if: github.event_name != 'pull_request' - uses: sigstore/cosign-installer@9becc617647dfa20ae7b1151972e9b3a2c338a2b # v2.8.1 - with: - cosign-release: 'v1.13.1' + uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 # v3.4.0 - name: Prepare id: prep @@ -304,7 +300,7 @@ jobs: COSIGN_PRIVATE_KEY: ${{secrets.COSIGN_PRIVATE_KEY}} COSIGN_PASSWORD: ${{secrets.COSIGN_PASSPHARSE}} run: | - cosign sign --key env://COSIGN_PRIVATE_KEY ${TAGS} + cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${TAGS} - name: Check manifest if: github.event_name != 'pull_request'