From 427cbc0a89ddab71218059fb51ca6d6d582f3eff Mon Sep 17 00:00:00 2001
From: Ron <45816308+rjaegers@users.noreply.github.com>
Date: Tue, 5 Dec 2023 11:29:58 +0100
Subject: [PATCH] ci: recursively sign digest i.s.o. tags (#231)

ci: recursively sign from digest i.s.o. tags
---
 .github/workflows/build-push.yml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml
index 5b70696f..9e0e2eff 100644
--- a/.github/workflows/build-push.yml
+++ b/.github/workflows/build-push.yml
@@ -84,5 +84,4 @@ jobs:
         # against the sigstore community Fulcio instance.
         env:
           DIGEST: ${{ steps.build-and-push.outputs.digest }}
-          TAGS: ${{ steps.meta.outputs.tags }}
-        run: echo "${TAGS}" | xargs -I {} cosign sign --yes "{}@${DIGEST}"
+        run: cosign sign --yes --recursive "${{ env.REGISTRY }}/${{ github.repository }}@${DIGEST}"