From 283d77db100263323c9179b1ba232303b208c645 Mon Sep 17 00:00:00 2001
From: Stevie Caldwell <4719798+transient1@users.noreply.github.com>
Date: Fri, 3 May 2024 14:50:30 -0400
Subject: [PATCH 1/2] fix(cosign): change tag to digest in image_templates

circleci error "error=signing docker images: failed to publish artifacts: sign: cosign failed: exit status 1: WARNING: Image reference us-docker.pkg.dev/fairwinds-ops/oss/pluto:v5.19.4-arm64v8 uses a tag, not a digest, to identify the image to sign."
---
 .goreleaser.yml | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/.goreleaser.yml b/.goreleaser.yml
index 510b203f..6150d681 100644
--- a/.goreleaser.yml
+++ b/.goreleaser.yml
@@ -57,7 +57,7 @@ docker_signs:
 
 dockers:
 - image_templates:
-  - "us-docker.pkg.dev/fairwinds-ops/oss/pluto:{{ .Tag }}-amd64"
+  - "us-docker.pkg.dev/fairwinds-ops/oss/pluto:{{ .FullCommit }}-amd64"
   - "us-docker.pkg.dev/fairwinds-ops/oss/pluto:v{{ .Major }}-amd64"
   - "us-docker.pkg.dev/fairwinds-ops/oss/pluto:v{{ .Major }}.{{ .Minor }}-amd64"
   use: buildx
@@ -65,7 +65,7 @@ dockers:
   build_flag_templates:
   - "--platform=linux/amd64"
 - image_templates:
-  - "us-docker.pkg.dev/fairwinds-ops/oss/pluto:{{ .Tag }}-arm64v8"
+  - "us-docker.pkg.dev/fairwinds-ops/oss/pluto:{{ .FullCommit }}-arm64v8"
   - "us-docker.pkg.dev/fairwinds-ops/oss/pluto:v{{ .Major }}-arm64v8"
   - "us-docker.pkg.dev/fairwinds-ops/oss/pluto:v{{ .Major }}.{{ .Minor }}-arm64v8"
   use: buildx
@@ -74,7 +74,7 @@ dockers:
   build_flag_templates:
   - "--platform=linux/arm64/v8"
 - image_templates:
-  - "us-docker.pkg.dev/fairwinds-ops/oss/pluto:{{ .Tag }}-armv7"
+  - "us-docker.pkg.dev/fairwinds-ops/oss/pluto:{{ .FullCommit }}-armv7"
   - "us-docker.pkg.dev/fairwinds-ops/oss/pluto:v{{ .Major }}-armv7"
   - "us-docker.pkg.dev/fairwinds-ops/oss/pluto:v{{ .Major }}.{{ .Minor }}-armv7"
   use: buildx
@@ -85,9 +85,9 @@ dockers:
 docker_manifests:
 - name_template: us-docker.pkg.dev/fairwinds-ops/oss/pluto:{{ .Tag }}
   image_templates:
-  - "us-docker.pkg.dev/fairwinds-ops/oss/pluto:{{ .Tag }}-amd64"
-  - "us-docker.pkg.dev/fairwinds-ops/oss/pluto:{{ .Tag }}-arm64v8"
-  - "us-docker.pkg.dev/fairwinds-ops/oss/pluto:{{ .Tag }}-armv7"
+  - "us-docker.pkg.dev/fairwinds-ops/oss/pluto:{{ .FullCommit }}-amd64"
+  - "us-docker.pkg.dev/fairwinds-ops/oss/pluto:{{ .FullCommit }}-arm64v8"
+  - "us-docker.pkg.dev/fairwinds-ops/oss/pluto:{{ .FullCommit }}-armv7"
 - name_template: us-docker.pkg.dev/fairwinds-ops/oss/pluto:v{{ .Major }}
   image_templates:
   - "us-docker.pkg.dev/fairwinds-ops/oss/pluto:v{{ .Major }}-amd64"

From 6433c612f049d9d27ec6fc26b52d9a2c9a01bfe6 Mon Sep 17 00:00:00 2001
From: Stevie Caldwell <4719798+transient1@users.noreply.github.com>
Date: Mon, 6 May 2024 15:16:08 -0400
Subject: [PATCH 2/2] use digest instead of tag

---
 .goreleaser.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.goreleaser.yml b/.goreleaser.yml
index 6150d681..6be75fff 100644
--- a/.goreleaser.yml
+++ b/.goreleaser.yml
@@ -53,7 +53,7 @@ signs:
 
 docker_signs:
 - artifacts: all
-  args: ["sign", "--key=hashivault://cosign", "${artifact}", "-r"]
+  args: ["sign", "--key hashivault://cosign", "${digest}", "-r", "--yes"]
 
 dockers:
 - image_templates: