Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Commit

Permalink
fix(cosign): add yes consent
Browse files Browse the repository at this point in the history
  • Loading branch information
@ybelMekk
ybelMekk committed Apr 27, 2023
1 parent f48066a commit d64ae26
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 4 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -149,8 +149,8 @@ jobs:
- name: Sign Docker image
run: |
echo '${{ secrets.COSIGN_PRIVATE_KEY }}' > cosign.key
cosign sign --key cosign.key ${{ env.CLI_IMAGE_TAG }}
cosign sign --key cosign.key ${{ env.ACTION_IMAGE_TAG }}
cosign sign --yes --key cosign.key ${{ env.CLI_IMAGE_TAG }}
cosign sign --yes --key cosign.key ${{ env.ACTION_IMAGE_TAG }}
env:
COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
- name: Verify and attach attestation
Expand Down
4 changes: 2 additions & 2 deletions .goreleaser.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,13 +39,13 @@ signs:
- id: sign archives
cmd: cosign
stdin: '{{ .Env.COSIGN_PASSWORD }}'
args: ["sign-blob", "--key=cosign.key", "--output=${signature}", "${artifact}"]
args: ["sign-blob", "--key=cosign.key", "--output=${signature}", "--yes", "${artifact}"]
signature: "${artifact}.sig"
artifacts: archive
- id: sign checksum.txt
cmd: cosign
stdin: '{{ .Env.COSIGN_PASSWORD }}'
args: ["sign-blob", "--key=cosign.key", "--output=${signature}", "${artifact}"]
args: ["sign-blob", "--key=cosign.key", "--output=${signature}", "--yes", "${artifact}"]
signature: "${artifact}.sig"
artifacts: checksum
changelog:
Expand Down

0 comments on commit d64ae26

Please sign in to comment.