diff options
| -rw-r--r-- | .github/workflows/docker-publish.yml | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index 97666e1..b409319 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -55,3 +55,12 @@ jobs: push: ${{ github.event_name != 'pull_request' }} tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} + + - name: Cosign install + uses: sigstore/cosign-installer@v2.4.0 + + - name: Sign the published container image + env: + COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }} + COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} + run: cosign sign --key env://COSIGN_PRIVATE_KEY ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.run_id }} |