From 757e7545ecfc969d9b0a512340a98d9eb51fa0a6 Mon Sep 17 00:00:00 2001
From: Lucas Bickel <116588+hairmare@users.noreply.github.com>
Date: Thu, 18 May 2023 14:30:27 +0200
Subject: [PATCH] fix(schedule-trivy): yes and force args for cosign attest
 (#29)

---
 .github/workflows/schedule-trivy.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/schedule-trivy.yaml b/.github/workflows/schedule-trivy.yaml
index 5042935..9cf283b 100644
--- a/.github/workflows/schedule-trivy.yaml
+++ b/.github/workflows/schedule-trivy.yaml
@@ -61,4 +61,4 @@ jobs:
           output: 'vuln.json'
 
       - name: Attach a security attestation to the signed image
-        run: cosign attest --type vuln --predicate vuln.json ${{ inputs.image-ref }}
+        run: cosign attest --yes --force --type vuln --predicate vuln.json ${{ inputs.image-ref }}