|
@@ -109,13 +109,13 @@ jobs:
|
|
|
# repository is public to avoid leaking data. If you would like to publish
|
|
# repository is public to avoid leaking data. If you would like to publish
|
|
|
# transparency data even for private images, pass --force to cosign below.
|
|
# transparency data even for private images, pass --force to cosign below.
|
|
|
# https://github.com/sigstore/cosign
|
|
# https://github.com/sigstore/cosign
|
|
|
- - name: Sign the published Docker image
|
|
|
|
|
- if: ${{ github.event_name != 'pull_request' }}
|
|
|
|
|
- env:
|
|
|
|
|
- COSIGN_EXPERIMENTAL: "true"
|
|
|
|
|
- # This step uses the identity token to provision an ephemeral certificate
|
|
|
|
|
- # against the sigstore community Fulcio instance.
|
|
|
|
|
- run: echo "${{ steps.meta.outputs.tags }}" | xargs -I {} cosign sign {}@${{ steps.build-and-push.outputs.digest }}
|
|
|
|
|
|
|
+# - name: Sign the published Docker image
|
|
|
|
|
+# if: ${{ github.event_name != 'pull_request' }}
|
|
|
|
|
+# env:
|
|
|
|
|
+# COSIGN_EXPERIMENTAL: "true"
|
|
|
|
|
+# # This step uses the identity token to provision an ephemeral certificate
|
|
|
|
|
+# # against the sigstore community Fulcio instance.
|
|
|
|
|
+# run: echo "${{ steps.meta.outputs.tags }}" | xargs -I {} cosign sign {}@${{ steps.build-and-push.outputs.digest }}
|
|
|
|
|
|
|
|
# Temp fix
|
|
# Temp fix
|
|
|
# https://github.com/docker/build-push-action/issues/252
|
|
# https://github.com/docker/build-push-action/issues/252
|
Ben Phelps