From b09416424215b746be7453214a78f58090695010 Mon Sep 17 00:00:00 2001
From: Lucas <hairmare@rabe.ch>
Date: Thu, 18 May 2023 15:37:26 +0200
Subject: [PATCH] fix(schedule-trivy): login to ghcr.io before pushing
 attestation

---
 .github/workflows/schedule-trivy.yaml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/.github/workflows/schedule-trivy.yaml b/.github/workflows/schedule-trivy.yaml
index db546e4..05d361d 100644
--- a/.github/workflows/schedule-trivy.yaml
+++ b/.github/workflows/schedule-trivy.yaml
@@ -60,5 +60,12 @@ jobs:
           ignore-unfixed: true
           output: 'vuln.json'
 
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
       - name: Attach a security attestation to the signed image
         run: cosign attest --yes --type vuln --predicate vuln.json ${{ inputs.image-ref }}